发布求助
文献互助 智能选刊 最新文献

Proceedings. International Conference on Dependable Systems and Networks最新文献

筛选
英文 中文
Practical and Efficient in-Enclave Verification of Privacy Compliance. 实用和有效的飞地内隐私合规性验证。
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2021-06-01 Epub Date: 2021-08-06 DOI: 10.1109/dsn48987.2021.00052
Weijie Liu, Wenhao Wang, Hongbo Chen, XiaoFeng Wang, Yaosong Lu, Kai Chen, Xinyu Wang, Qintao Shen, Yi Chen, Haixu Tang
{"title":"Practical and Efficient in-Enclave Verification of Privacy Compliance.","authors":"Weijie Liu, Wenhao Wang, Hongbo Chen, XiaoFeng Wang, Yaosong Lu, Kai Chen, Xinyu Wang, Qintao Shen, Yi Chen, Haixu Tang","doi":"10.1109/dsn48987.2021.00052","DOIUrl":"https://doi.org/10.1109/dsn48987.2021.00052","url":null,"abstract":"A trusted execution environment (TEE) such as Intel Software Guard Extension (SGX) runs attestation to prove to a data owner the integrity of the initial state of an enclave, including the program to operate on her data. For this purpose, the data-processing program is supposed to be open to the owner or a trusted third party, so its functionality can be evaluated before trust being established. In the real world, however, increasingly there are application scenarios in which the program itself needs to be protected (e.g., proprietary algorithm). So its compliance with privacy policies as expected by the data owner should be verified without exposing its code.To this end, this paper presents DEFLECTION, a new model for TEE-based delegated and flexible in-enclave code verification. Given that the conventional solutions do not work well under the resource-limited and TCB-frugal TEE, we come up with a new design inspired by Proof-Carrying Code. Our design strategically moves most of the workload to the code generator, which is responsible for producing easy-to-check code, while keeping the consumer simple. Also, the whole consumer can be made public and verified through a conventional attestation. We implemented this model on Intel SGX and demonstrate that it introduces a very small part of TCB. We also thoroughly evaluated its performance on micro-and macro-benchmarks and real-world applications, showing that the design only incurs a small overhead when enforcing several categories of security policies.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"2021 ","pages":"413-425"},"PeriodicalIF":0.0,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9343090/pdf/nihms-1823058.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"40687407","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Evaluating the security threat of firewall data corruption caused by instruction transient errors 评估指令瞬态错误导致防火墙数据损坏的安全威胁
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-12-10 DOI: 10.1109/DSN.2002.1028938
Shuo Chen, Jun Xu, R. Iyer, K. Whisnant
{"title":"Evaluating the security threat of firewall data corruption caused by instruction transient errors","authors":"Shuo Chen, Jun Xu, R. Iyer, K. Whisnant","doi":"10.1109/DSN.2002.1028938","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028938","url":null,"abstract":"This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a SAN (Stochastic Activity Network) model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"17 1","pages":"495-504"},"PeriodicalIF":0.0,"publicationDate":"2002-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89196216","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Application performance assurance using end-to-end user level monitoring 使用端到端用户级监控来保证应用程序性能
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-12-10 DOI: 10.1109/DSN.2002.1029015
S. Dalal, Y. Ho, Ashish Jain, A. McIntosh
{"title":"Application performance assurance using end-to-end user level monitoring","authors":"S. Dalal, Y. Ho, Ashish Jain, A. McIntosh","doi":"10.1109/DSN.2002.1029015","DOIUrl":"https://doi.org/10.1109/DSN.2002.1029015","url":null,"abstract":"A new measure of performance, which uses both application integrity and traditional network response time, is proposed. Modern networked application services rely on a stack of network protocols and a host of other services many of which cross-organizational and corporate boundaries. We point out that traditional software quality assurance techniques don't scale up for post-deployment integrity checks for such applications and services. A new methodology to do non-stop post-production monitoring of networked application services for transactional integrity and time delay measurement is proposed. Specifically we describe the Telcordia/spl trade/ Application Assurance System, which we have created for measuring real-time performance of web-based applications used in commercial settings. The system measures both post-production application integrity and time delay. The measurements are carried out by sending synthetic end-user transactions and analyzing the responses. Statistical models for analyzing the data using single monitoring site as well as multiple monitoring sites are described. Creating synthetic end-user transactions is crucial for our method. The paper presents a method for generation of 'highly efficient' end-user transactions from a graphical model of the functionality of the system. Highly efficient transactions are generated using combinatorial designs. The graphical model is incrementally created using a recorder. We give several empirical examples of efficacy of this system and uses for finding performance problems.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"14 1","pages":"694-703"},"PeriodicalIF":0.0,"publicationDate":"2002-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91104085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Mr. Fusion: a programmable data fusion middleware subsystem with a tunable statistical profiling service Mr. Fusion:一个可编程的数据融合中间件子系统,具有可调的统计分析服务
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1028910
Andy A. Franz, Radek Mista, D. Bakken, C. Dyreson, M. Medidi
{"title":"Mr. Fusion: a programmable data fusion middleware subsystem with a tunable statistical profiling service","authors":"Andy A. Franz, Radek Mista, D. Bakken, C. Dyreson, M. Medidi","doi":"10.1109/DSN.2002.1028910","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028910","url":null,"abstract":"Voting is the process of combining multiple replies from replicated servers into a single reply. Data fusion is similar to but more general than voting. In data fusion, the input sources are not necessarily replicated servers, hence the inputs exhibit greater variance. Data fusion is a fundamental building block in distributed systems. It occurs in diverse contexts such as consensus, sensor networks, intrusion detection, and hierarchical resource monitoring, among others. This paper describes Mr. Fusion, a framework that provides data fusion in middleware. The heart of Mr. Fusion is a Fusion Core module that provides mechanisms for programming a wide variety of data fusion algorithms. Another part is a Fusion Status Service that monitors low-level outputs from the Fusion Core and alerts subscribers to divergent values or timings. The implementation borrows techniques from data warehousing and data mining.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"36 1","pages":"273-278"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75179035","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Time-constrained failure diagnosis in distributed embedded systems 分布式嵌入式系统的时间约束故障诊断
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1028930
Nagarajan Kandasamy, J. Hayes, B. Murray
{"title":"Time-constrained failure diagnosis in distributed embedded systems","authors":"Nagarajan Kandasamy, J. Hayes, B. Murray","doi":"10.1109/DSN.2002.1028930","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028930","url":null,"abstract":"Advanced automotive control applications such as steer and brake-by-wire are typically implemented as distributed systems comprising many embedded processors, sensors, and actuators interconnected via a communication bus. They have severe cost constraints but demand a high level of safety and performance. Motivated by the need for timely diagnosis of faulty actuators in such systems, we present a general method to implement failure diagnosis under deadline and resource constraints. Actuators are diagnosed in distributed fashion by processors to provide a global view of their fault status. The diagnostic tests are implemented in software using analytical redundancy and execute concurrently with the control tasks. The proposed method solves the test scheduling problem using a static list-based approach which guarantees actuator diagnosis within designer-specified deadlines while meeting control performance goals. As a secondary objective, it also minimizes the number of required processors. We present simulation results evaluating the effectiveness of the proposed method under various design constraints.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"12 1","pages":"449-458"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74532374","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
On the placement of software mechanisms for detection of data errors 关于数据错误检测软件机制的放置
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1028894
M. Hiller, A. Jhumka, N. Suri
{"title":"On the placement of software mechanisms for detection of data errors","authors":"M. Hiller, A. Jhumka, N. Suri","doi":"10.1109/DSN.2002.1028894","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028894","url":null,"abstract":"An important aspect in the development of dependable software is to decide where to locate mechanisms for efficient error detection and recovery. We present a comparison between two methods for selecting locations for error detection mechanisms, in this case executable assertions (EAs), in black-box, modular software. Our results show that by placing EAs based on error propagation analysis one may reduce the memory and execution time requirements as compared to experience- and heuristic-based placement while maintaining the obtained detection coverage. Further, we show the sensitivity of the EA-provided coverage estimation on the choice of the underlying error model. Subsequently, we extend the analysis framework such that error-model effects are also addressed and introduce measures for classifying signals according to their effect on system output when errors are present. The extended framework facilitates profiling of software systems from varied dependability perspectives and is also less susceptible to the effects of having different error models for estimating detection coverage.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"33 1","pages":"135-144"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87992324","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 65
A versatile and modular consensus protocol 一个通用和模块化的共识协议
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1028921
A. Mostéfaoui, S. Rajsbaum, M. Raynal
{"title":"A versatile and modular consensus protocol","authors":"A. Mostéfaoui, S. Rajsbaum, M. Raynal","doi":"10.1109/DSN.2002.1028921","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028921","url":null,"abstract":"Investigates a modular and versatile approach to solve the consensus problem in asynchronous distributed systems in which up to f processes may crash (f<n/2), but equipped with appropriate oracles. It presents a generic protocol that proceeds by consecutive asynchronous rounds. Each round follows a \"two-phase\" pattern. The modularity and the versatility of the protocol appear at each phase of a round. The first phase is a selection phase that allows to use any combination merging random oracle, leader oracle and condition. Its aim is to ensure termination by allowing the processes to start the second phase with the same value. The aim of the second phase is to ensure that the agreement property cannot be violated. Its cost depends on the value of f: two communication steps when f<n/2, that reduce to a single communication step when f<n/3. Hence, the behavior of the first phase is mainly ruled by the system additional equipment, while the behavior of the second phase depends on the value of f. It follows that the proposed protocol can be instantiated in different ways according to the oracles the system is equipped with and the actual value of f.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"36 1","pages":"364-373"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83813956","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
SMART: stochastic model-checking analyzer for reliability and timing SMART:随机模型检查分析仪的可靠性和定时
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1028976
G. Ciardo, R. L. Jones, Robert M. Marmorstein, A. Miner, Radu I. Siminiceanu
{"title":"SMART: stochastic model-checking analyzer for reliability and timing","authors":"G. Ciardo, R. L. Jones, Robert M. Marmorstein, A. Miner, Radu I. Siminiceanu","doi":"10.1109/DSN.2002.1028976","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028976","url":null,"abstract":"SMART is a software package integrating logic and stochastic modeling formalisms into a single environment. Models expressed in different formalisms can be combined in the same study. To study logical behavior, both explicit and symbolic state-space generation techniques, as well as CTL model-checking algorithms, are available. To study stochastic and timing behavior, both explicit and Kronecker-based numerical solution approaches are available. Since SMART is intended as an industry and research tool, it is written in a modular way that allows for easy integration of new formalisms and solution algorithms.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"28 1","pages":"545-"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83098459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
An experimental evaluation of the REE SIFT environment for spaceborne applications 星载应用REE SIFT环境的实验评估
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1029004
K. Whisnant, R. Iyer, P. Jones, R. Some, D. Rennels
{"title":"An experimental evaluation of the REE SIFT environment for spaceborne applications","authors":"K. Whisnant, R. Iyer, P. Jones, R. Some, D. Rennels","doi":"10.1109/DSN.2002.1029004","DOIUrl":"https://doi.org/10.1109/DSN.2002.1029004","url":null,"abstract":"Presents an experimental evaluation of a software-implemented fault tolerance (SIFT) environment built around a set of self-checking processes called ARMORs running on different machines that provide error detection and recovery services to themselves and to spaceborne scientific applications. The experiments are split into three groups of error injections, with each group successively stressing the SIFT error detection and recovery more than the previous group. The results show that the SIFT environment adds negligible overhead to the application during failure-free runs. Only 11 cases were observed in which either the application failed to start or the SIFT environment failed to recognize that the application had completed. Further investigations showed that assertions within the SIFT processes-coupled with object-based incremental checkpointing-were effective in preventing system failures by protecting dynamic data within the SIFT processes.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"6 1","pages":"585-594"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90076217","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Soft error sensitivity characterization for microprocessor dependability enhancement strategy 微处理器可靠性增强策略的软误差灵敏度表征
Proceedings. International Conference on Dependable Systems and Networks Pub Date : 2002-06-23 DOI: 10.1109/DSN.2002.1028927
Seongwoo Kim, Arun Kumar Somani
{"title":"Soft error sensitivity characterization for microprocessor dependability enhancement strategy","authors":"Seongwoo Kim, Arun Kumar Somani","doi":"10.1109/DSN.2002.1028927","DOIUrl":"https://doi.org/10.1109/DSN.2002.1028927","url":null,"abstract":"This paper presents an empirical investigation on the soft error sensitivity (SES) of microprocessors, using the picoJava-II as an example, through software simulated fault injections in its RTL model. Soft errors are generated under a realistic fault model during program run-time. The SES of a processor logic block is defined as the probability that a soft error in the block causes the processor to behave erroneously or enter into an incorrect architectural state. The SES is measured at the functional block level. We have found that highly error-sensitive blocks are common for various workloads. At the same time soft errors in many other logic blocks rarely affect the computation integrity. Our results show that a reasonable prediction of the SES is possible by deduction from the processor's microarchitecture. We also demonstrate that the sensitivity-based integrity checking strategy can be an efficient way to improve fault coverage per unit redundancy.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"68 1","pages":"416-425"},"PeriodicalIF":0.0,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90372743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 106
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信