发布求助
文献互助 智能选刊 最新文献

2013 International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
The Trusted Attribute Aggregation Service (TAAS) - Providing an Attribute Aggregation Layer for Federated Identity Management 可信属性聚合服务(TAAS)——为联邦身份管理提供属性聚合层
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.38
D. Chadwick, G. Inman
{"title":"The Trusted Attribute Aggregation Service (TAAS) - Providing an Attribute Aggregation Layer for Federated Identity Management","authors":"D. Chadwick, G. Inman","doi":"10.1109/ARES.2013.38","DOIUrl":"https://doi.org/10.1109/ARES.2013.38","url":null,"abstract":"We describe a web based federated identity management system loosely based on the user centric Windows Card Space model. Unlike Card Space that relies on a fat desktop client (the identity selector) in which the user can only select a single card per session, our model uses a standard web browser with a simple plugin that connects to a trusted attribute aggregation web service (TAAS). TAAS supports the aggregation of attributes from multiple identity providers (IdPs) and allows the user to select multiple single attribute \"cards\" in a session, which more accurately reflects real life in which users may present several plastic cards and self-asserted attributes in a single session. Privacy protection, user consent, and ease of use are critical success factors. Consequently TAAS does not know who the user is, the user consents by selecting the attributes she wants to release, and she only needs to authenticate to a single IdP even though attributes may be aggregated from multiple IdPs. The system does not limit the authentication mechanisms that can be used, and it protects the user from phishing attacks by malicious SPs.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"131 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126709622","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
A Usability Evaluation of the NESSoS Common Body of Knowledge NESSoS共同知识体系的可用性评估
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.74
Kristian Beckers, M. Heisel
{"title":"A Usability Evaluation of the NESSoS Common Body of Knowledge","authors":"Kristian Beckers, M. Heisel","doi":"10.1109/ARES.2013.74","DOIUrl":"https://doi.org/10.1109/ARES.2013.74","url":null,"abstract":"The common body of knowledge (CBK) of the Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) is a ontology that contains knowledge objects (methods, tools, notations, etc.) for secure systems engineering. The CBK is intended to support one of the main goals of the NESSoS NoE, namely to create a long-lasting research community on engineering secure software services and systems and to bring together researchers and practitioners from security engineering, service computing, and software engineering. Hence, the usability of the CBK is of utmost importance to stimulate participations in the effort of collecting and distributing knowledge about secure systems engineering. This paper is devoted to identifying and ameliorating usability deficiencies in the initial version of the CBK and its current implementation in the SMW+ framework. We report on usability tests that we performed on the initial version of the CBK and the suggestions for improvement that resulted from the usability tests. We also show some exemplary solutions, which we already implemented. We discuss our experiences so that other researchers can benefit from them.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115201333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Collaboratively Exchanging Warning Messages between Peers While under Attack 当受到攻击时,在对等体之间协作交换警告消息
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.95
Mirko Haustein, Herbert Sighart, Dennis Titze, P. Schoo
{"title":"Collaboratively Exchanging Warning Messages between Peers While under Attack","authors":"Mirko Haustein, Herbert Sighart, Dennis Titze, P. Schoo","doi":"10.1109/ARES.2013.95","DOIUrl":"https://doi.org/10.1109/ARES.2013.95","url":null,"abstract":"Secure Multi-party Computation (MPC) allows a secure joint cooperation within a distributed group of peers. In this paper we investigate an extended Secure MPC solution that allows mutual information exchange and distribution of warnings among a group of participating peers within an information sharing network. The implementation of this MPC solution is deployed in a peer-to-peer network. This paper evaluates the performance of the implementation based on two scenarios that stress the network load and thus simulate the implementation under attack. Using a network simulation provides a connection between a simulated network model and real systems by use of System-in-the-loop (SITL) technology for the validation of the considered MPC implementation.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128437434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
ARGUS 3D: Security Enhancements through Innovative Radar Technologies ARGUS 3D:通过创新雷达技术增强安全性
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.101
R. Cardinali, Enrico Anniballi, C. Bongioanni, A. Macera, F. Colone, P. Lombardo
{"title":"ARGUS 3D: Security Enhancements through Innovative Radar Technologies","authors":"R. Cardinali, Enrico Anniballi, C. Bongioanni, A. Macera, F. Colone, P. Lombardo","doi":"10.1109/ARES.2013.101","DOIUrl":"https://doi.org/10.1109/ARES.2013.101","url":null,"abstract":"This electronic document is a \"live\" template. The various Conventional civil Air Traffic Control (ATC) systems are able to detect targets and identify collaborative aircrafts in the air space but they don't assure full coverage at low altitudes, in presence of non cooperative targets (NCTs) and aircraft (A/C) with a low value of radar cross section (RCS). This paper describes a new architecture that aims at addressing these limitations, developed in the frame of the ARGUS 3D (AiR GUidance and Surveillance 3D) project funded by the European Union (FP7). This project intends to improve the current ATC systems for civil applications, extending their coverage and making them able to detect, recognize and track NCTs, by means of innovative sensors, such as a new enhanced Primary Surveillance Radar (PSR), passive and bistatic radar network. In this paper a description of the proposed architecture is reported together with the details of the analysis made on simulated and real data and the opinion of the final users summarized.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"118 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122073386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
On the Practicability of Cold Boot Attacks 论冷启动攻击的实用性
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.52
M. Gruhn, Tilo Müller
{"title":"On the Practicability of Cold Boot Attacks","authors":"M. Gruhn, Tilo Müller","doi":"10.1109/ARES.2013.52","DOIUrl":"https://doi.org/10.1109/ARES.2013.52","url":null,"abstract":"Even though a target machine uses full disk encryption, cold boot attacks can retrieve unencrypted data from RAM. Cold boot attacks are based on the remanence effect of RAM which says that memory contents do not disappear immediately after power is cut, but that they fade gradually over time. This effect can be exploited by rebooting a running machine, or by transplanting its RAM chips into an analysis machine that reads out what is left in memory. In theory, this kind of attack is known since the 1990s. However, only in 2008, Halderman et al. have shown that cold boot attacks can be well deployed in practical scenarios. In the work in hand, we investigate the practicability of cold boot attacks. We verify the claims by Halderman et al. independently in a systematic fashion. For DDR1 and DDR2, we provide results from our experimental measurements that in large part agree with the original results. However, we also point out that we could not reproduce cold boot attacks against modern DDR3 chips. Our test set comprises 17 systems and system configurations, from which 5 are based on DDR3.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123973015","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 86
The Common Limes Security Model for Asset Flow Control in Decentralized, Insecure Systems 分散、不安全系统中资产流控制的通用极限安全模型
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.28
Eckehard Hermann, Rüdiger Grimm
{"title":"The Common Limes Security Model for Asset Flow Control in Decentralized, Insecure Systems","authors":"Eckehard Hermann, Rüdiger Grimm","doi":"10.1109/ARES.2013.28","DOIUrl":"https://doi.org/10.1109/ARES.2013.28","url":null,"abstract":"Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"122 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122891574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Organizational Security Architecture for Critical Infrastructure 关键基础设施的组织安全架构
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.43
Jonathan Blangenois, G. Guemkam, C. Feltus, D. Khadraoui
{"title":"Organizational Security Architecture for Critical Infrastructure","authors":"Jonathan Blangenois, G. Guemkam, C. Feltus, D. Khadraoui","doi":"10.1109/ARES.2013.43","DOIUrl":"https://doi.org/10.1109/ARES.2013.43","url":null,"abstract":"The governance of critical infrastructures requires a fail-safe dedicated security management organization. This organization must provide the structure and mechanisms necessary for supporting the business processes execution, including: decision-making support and the alignment of this latter with the application functions and the network components. Most research in this field focuses on elaborating the SCADA system which embraces components for data acquisition, alert correlation and policy instantiation. At the application layer, one of the most exploited approaches for supporting SCADA is built up on multi-agent system technology. Notwithstanding the extent of existing work, no model allows to represent these systems in an integrated manner and to consider different layers of the organization. Therefore, we propose an innovative version of ArchiMate® for multi-agent purpose with the objective to enrich the agent society collaboration and, more particularly, the description of the agent's behavior. Our work is has been illustrated in the context of a critical infrastructure in the field of a financial acquiring/issuing mechanism for card payments.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124171138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Secure Profile Provisioning Architecture for Embedded UICC 嵌入式UICC的安全配置文件配置体系结构
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.40
Jaemin Park, Kiyoung Baek, Cheoloh Kang
{"title":"Secure Profile Provisioning Architecture for Embedded UICC","authors":"Jaemin Park, Kiyoung Baek, Cheoloh Kang","doi":"10.1109/ARES.2013.40","DOIUrl":"https://doi.org/10.1109/ARES.2013.40","url":null,"abstract":"Embedded UICC (eUICC) is a new form of UICC, soldered into a device during manufacturing. On the contrary to the traditional UICC, the eUICC is not fully controlled by one specific MNO (Mobile Network Operator) since not removable physically from the device and not issued by the MNO. Thus, the profiles necessary for its operations should be provisioned remotely into the eUICC by new entity. For this remote provisioning, SM (Subscription Manager) is newly introduced by the standardization organization. However, this new ecosystem around eUICCs can cause tremendous security issues unless thorough consideration of security is accompanied during the standardization because the profiles usually include the security-sensitive information. In this paper, a novel secure profile provisioning architecture for eUICCs is proposed. Our architecture mainly defines the overall architecture of the secure profile provisioning for eUICCs.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128186168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Requirements Management in a Combined Process for Safety and Security Assessments 安全与保安评估组合过程中的需求管理
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.104
Vikash Katta, Christian Raspotnig, P. Kárpáti, T. Stålhane
{"title":"Requirements Management in a Combined Process for Safety and Security Assessments","authors":"Vikash Katta, Christian Raspotnig, P. Kárpáti, T. Stålhane","doi":"10.1109/ARES.2013.104","DOIUrl":"https://doi.org/10.1109/ARES.2013.104","url":null,"abstract":"Combined Harm Assessment of Safety and Security for Information Systems (CHASSIS) method defines a unified process for safety and security assessments to address both the safety and security aspects during system development process. CHASSIS applies techniques from safety and security fields-e.g. misuse case and HAZOP-to identify and model hazards, threats and mitigations to a system. These mitigations, which are generally specified as safety and security requirements, are interrelated. Defining and maintaining the interdependencies between these requirements are vital to, among other things, estimate how a requirement impacts other requirements and artefacts. In this paper, we present our approach for providing trace ability to CHASSIS in order to capture the interdependencies between the safety and security requirements and to demonstrate the history and rational behind their elicitation. The approach, called Satrap, constitutes a process model defining what type of artefacts are generated during development and assessment activities, what type of relations between the artefacts should be captured, and how to extract traces. The trace ability approach together with its supporting prototype tool was applied on an Air Traffic Management remote tower example which was assessed for safety and security risks using CHASSIS.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131707153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
A PEP-PDP Architecture to Monitor and Enforce Security Policies in Java Applications 在Java应用程序中监视和执行安全策略的PEP-PDP体系结构
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.49
Yehia Elrakaiby, Yves Le Traon
{"title":"A PEP-PDP Architecture to Monitor and Enforce Security Policies in Java Applications","authors":"Yehia Elrakaiby, Yves Le Traon","doi":"10.1109/ARES.2013.49","DOIUrl":"https://doi.org/10.1109/ARES.2013.49","url":null,"abstract":"Security of Java-based applications is crucial to many businesses today. In this paper, we propose an approach to completely automate the generation of a security architecture inside of a target Java application where advanced security policies can be enforced. Our approach combines the use of Aspect-Oriented Programming with the Policy Enforcement Point (PEP) - Policy Decision Point (PDP) paradigm and allows the runtime update of policies.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125207234","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信