2009 Third International Conference on Emerging Security Information, Systems and Technologies最新文献

筛选
英文 中文
A Security Pattern for Untraceable Secret Handshakes 不可追踪秘密握手的安全模式
Ángel Cuevas, P. Khoury, L. Gomez, Annett Laube, A. Sorniotti
{"title":"A Security Pattern for Untraceable Secret Handshakes","authors":"Ángel Cuevas, P. Khoury, L. Gomez, Annett Laube, A. Sorniotti","doi":"10.1109/SECURWARE.2009.9","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.9","url":null,"abstract":"A security pattern describes a particular recurring security problem that arises in specific contexts and presents a well-proven generic solution for it. This paper describes an Untraceable Secret Handshake, a protocol that allows two users to mutually verify another’s properties without revealing their identity. The complex security solution is split into smaller parts which are described in an abstract way. The identified security problems and their solutions are captured as SERENITY security patterns. The structured description together with motivating scenarios makes the security solution better understandable for non-security experts and helps to disseminate the security knowledge to application developers.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133601861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Enforcement of Security Properties for Dynamic MAC Policies 执行动态MAC策略的安全属性
Jérémy Briffaut, Jean-François Lalande, C. Toinard, M. Blanc
{"title":"Enforcement of Security Properties for Dynamic MAC Policies","authors":"Jérémy Briffaut, Jean-François Lalande, C. Toinard, M. Blanc","doi":"10.1109/SECURWARE.2009.25","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.25","url":null,"abstract":"This paper focuses on the enforcement of security properties fitting with dynamic Mandatory Access Control policies. It adds complementary results to previous works of the authors in order to better address dynamic policies. Previous works of the authors provide several advances for enforcing the security of MAC system.An administration language for formalizing a large set of security properties is available to system administrators. That language uses several flow operators and ease the formalization of the required security properties. A solution is also available for computing the possible violations of any security property that can be formalized using our language. That solution computes several flow graphs in order to find all the allowed activities that can violate the requested properties. That paper addresses remaining problems related to the enforcement of the same kind of properties but with dynamic MAC policies. Enforcement is more much complex if we consider dynamic policies since the states of those policies are theoretically infinite. A new approach is proposed for dynamic MAC policies. The major idea is to use a meta-policy language for controlling the allowed evolutions of those dynamic policies. According to those meta-policy constraints, the computation problem becomes easier. The proposed solution adds meta-nodes within the considered flow graphs. A general algorithm is given for computing the required meta-nodes and the associated arcs. The proposed meta-graphs provide an overestimation of the possible flows between the different meta-nodes. The computation of the possible violations within the allowed dynamic policies is thus allowed. Several concrete security properties are considered using regular expressions for identifying the requested meta-contexts. The resulting violations, within the allowed meta-graphs, are computed and real violations are presented.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133831193","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Runtime Protection via Dataflow Flattening 通过数据流扁平化实现运行时保护
Bertrand Anckaert, Mariusz H. Jakubowski, R. Venkatesan, C. Saw
{"title":"Runtime Protection via Dataflow Flattening","authors":"Bertrand Anckaert, Mariusz H. Jakubowski, R. Venkatesan, C. Saw","doi":"10.1109/SECURWARE.2009.44","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.44","url":null,"abstract":"Software running on an open architecture, such as the PC, is vulnerable to inspection and modification. Since software may process valuable or sensitive information, many defenses against data analysis and modification have been proposed. This paper complements existing work and focuses on hiding data location throughout program execution. To achieve this, we combine three techniques: (i) periodic reordering of the heap, (ii) migrating local variables from the stack to the heap and (iii) pointer scrambling. By essentially flattening the dataflow graph of the program, the techniques serve to complicate static dataflow analysis and dynamic data tracking. Our methodology can be viewed as a data-oriented analogue of control-flow flattening techniques. Dataflow flattening is useful in practical scenarios like DRM, information-flow protection, and exploit resistance. Our prototype implementation compiles C programs into a binary for which every access to the heap is redirected through a memory management unit. Stack-based variables may be migrated to the heap, while pointer accesses and arithmetic may be scrambled and redirected. We evaluate our approach experimentally on the SPEC CPU2006 benchmark suite.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129491718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A Two-Step Execution Mechanism for Thin Secure Hypervisors 瘦安全管理程序的两步执行机制
Manabu Hirano, Takahiro Shinagawa, H. Eiraku, Shoichi Hasegawa, Kazumasa Omote, Kouichi Tanimoto, Takashi Horie, Seiji Mune, Kazuhiko Kato, T. Okuda, Eiji Kawai, S. Yamaguchi
{"title":"A Two-Step Execution Mechanism for Thin Secure Hypervisors","authors":"Manabu Hirano, Takahiro Shinagawa, H. Eiraku, Shoichi Hasegawa, Kazumasa Omote, Kouichi Tanimoto, Takashi Horie, Seiji Mune, Kazuhiko Kato, T. Okuda, Eiji Kawai, S. Yamaguchi","doi":"10.1109/SECURWARE.2009.27","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.27","url":null,"abstract":"Virtual Machine Monitors (VMMs), also called hypervisors, can be used to construct a trusted computing base (TCB) enhancing the security of existing operating systems. The complexity of a VMM-based TCB causes the high risk of security vulnerabilities. Therefore, this paper proposes a two-step execution mechanism to reduce the complexity of a VMM-based TCB. We propose a method to separate a conventional VMM-based TCB into the following two parts: (1) A thin hypervisor with security services and (2) A special guest OS for security preprocessing. A special guest OS performing security tasks can be executed in advance. After shutting down the special guest OS, a hypervisor obtains preprocessing security data and next boots a target guest OS to be protected. Thus, the proposed two-step execution mechanism can reduce run-time codes of a hypervisor. This paper shows a design, a prototype implementation and measurement results of lines of code using BitVisor, a VMM-based TCB we have developed.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130612729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Correlation Based Node Behavior Profiling for Enterprise Network Security 基于关联的企业网络安全节点行为分析
Su-Hua Chang, Thomas E. Daniels
{"title":"Correlation Based Node Behavior Profiling for Enterprise Network Security","authors":"Su-Hua Chang, Thomas E. Daniels","doi":"10.1109/SECURWARE.2009.53","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.53","url":null,"abstract":"Node behavior profiling is a promising tool for many aspects in network security. In our research, our goal is to couple node behavior profiles with statistical tests with a focus on enterprise security. Limited work has been done in the literature. In this paper, we first propose a correlation based node behavior profiling approach to study node behaviors in enterprise network environments. We then propose formal statistical test on the most common behavior profiles which is able to detect worm propagation. In our initial studies, we evaluate our profiling and detection schemes using real enterprise data (LBNL traces). The results show that the correlation based node behavior profiling approach can capture normal behaviors of different types. Consequently, the behavior profiles are promising for anomaly detection when coupled with statistical methods.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128997514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Comparison of Static Code Analysis Tools 静态代码分析工具的比较
Matti Mantere, Ilkka Uusitalo, J. Röning
{"title":"Comparison of Static Code Analysis Tools","authors":"Matti Mantere, Ilkka Uusitalo, J. Röning","doi":"10.1109/SECURWARE.2009.10","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.10","url":null,"abstract":"In this paper we compare three static code analysis tools. The tools represent three different approaches in the field of static analysis: Fortify SCA is a non-annotation based heuristic analyzer, Splint represents an annotation based heuristic analyzer, and Frama-C an annotation based correct analyzer. The tools are compared by analysing their performance when checking a demonstration code with intentionally implemented errors.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128600416","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Survivability and Business Continuity Management System According to BS 25999 生存性和业务连续性管理体系符合BS 25999
W. Boehmer
{"title":"Survivability and Business Continuity Management System According to BS 25999","authors":"W. Boehmer","doi":"10.1109/SECURWARE.2009.29","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.29","url":null,"abstract":"In this paper, a new model is presented for evaluating the performance of a Business Continuity Management System according to BS 25999. This model is able to calculate the survivability emph{ex-ante} if the key performance indicator for the effectiveness exists. Performance is based fundamentally on the system's Business Continuity Plans and Disaster Recovery Plans. Typically, the performance of these plans is evaluated by a number of specific exercises at various intervals and, in many cases, with a variety of targets. Furthermore, these specific exercises are rerun after a longer period ($ge $ a year) and then often only partially. If a company is interested in taking performance measurements over a shorter period, obstacles and financial restrictions are often encountered. Furthermore, it is difficult for companies to give an emph{ex-ante} statement of their survival in the case of a disaster.Two key performance indicators are presented that allow the performance of a Business Continuity Management System to be evaluated according to BS 25999. Using these key performance indicators, the probability of survival can be estimated before extreme events occur.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123668582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Self Protection through Collaboration Using D-CAF: A Distributed Context-Aware Firewall 使用 D-CAF:分布式情境感知防火墙,通过协作提供自我保护
Cristian Varas, T. Hirsch
{"title":"Self Protection through Collaboration Using D-CAF: A Distributed Context-Aware Firewall","authors":"Cristian Varas, T. Hirsch","doi":"10.1109/SECURWARE.2009.35","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.35","url":null,"abstract":"Keeping network services in the Internet available overtime is not an easy task. Sudden changes in usage volumes are common, not least due to Flash Crowds and Denial of Service attacks. Given the difficulty to discern malicious users from regular customers, administrators have little chance to mitigate without compromising availability or security. The presented Distributed Context-Aware Firewall (D-CAF) architecture, avails itself of the specialized knowledge of the protected services to minimize the impact.The protected services participate in in a valuation process,forwarding a per-user value/cost ratio information to the D-CAF. When a traffic overload occurs, the firewall selectively limits the access to resources of the protected system based on the aggregated reports. The semantic simplicity of the report lends itself to propagation and collaboration between several D-CAF instances. In this paper we discuss the approach, architecture and first testing results.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130157393","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
A Credit-Based Incentive Mechanism for Recommendation Acquisition in Multihop Mobile Ad Hoc Networks 多跳移动自组网中基于信用激励的推荐获取机制
Wei Zhou, Zhiqiang Wei, Mijun Kang, P. Nixon, Lang Jia
{"title":"A Credit-Based Incentive Mechanism for Recommendation Acquisition in Multihop Mobile Ad Hoc Networks","authors":"Wei Zhou, Zhiqiang Wei, Mijun Kang, P. Nixon, Lang Jia","doi":"10.1109/SECURWARE.2009.54","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.54","url":null,"abstract":"Trust and reputation systems play an important role in collaborative operations in mobile ad hoc networks. However, the security of trust and reputation system itself is threatened by the existence of selfish nodes. Selfish nodes can make passive attacks on the foundational process of trust and reputation system, the recommendation acquisition, through non cooperation of packet forwarding and recommendation rendering. Existing trust and reputation systems commonly suffer from vulnerability caused by the failure of recommendation acquisition which refers to the unsuccessful recommendation information obtaining from one node to another node. A credit-based mechanism is proposed to address this problem by offering credits as incentives to both intermediate nodes and recommendation render nodes. Furthermore, competition between selfish nodes is explored to prevent selfish nodes being paid excessive credits. Simulation results show that the proposed mechanism can effectively improve the success rate of recommendation acquisition and lower the total paid payoffs.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121813633","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Identification of Basic Measurable Security Components for a Distributed Messaging System 分布式消息传递系统中基本可度量安全组件的识别
R. Savola, H. Abie
{"title":"Identification of Basic Measurable Security Components for a Distributed Messaging System","authors":"R. Savola, H. Abie","doi":"10.1109/SECURWARE.2009.26","DOIUrl":"https://doi.org/10.1109/SECURWARE.2009.26","url":null,"abstract":"The lack of appropriate information security solutions in software-intensive systems can have serious consequences for businesses and the stakeholders. Carefully designed security metrics can be used to offer evidence of the security behavior of the system under development or operation. This study investigates holistic development of security metrics for a distributed messaging system based on threat analysis, security requirements, decomposition and use case information. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms of lower-level measurable components applying a decomposition approach.","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"33 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123537891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信