TIAN Yu-hong,WANG Ze-bing,FENG Yan

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.24.029

2006-01-01

Abstract:The Java virtual machine(JVM)is used more frequently as the basic engine behind dynamic web services.With the proliferation of network attacks on these network resources,much work are done to provide security for the network environment.Little effort has been placed on securing a Java web server where the attacker has a valid login to the host machine.After describing the vulnerabilities in Java's security mechanisms,an extended security system based on Java 2 security architecture is introduced.It also explains the runtime status of system.The increased assurance of correct system operation and the integrity of Java application server are provided.

Xuegang Lin,Rongsheng Xu,Miaoliang Zhu

DOI: https://doi.org/10.1007/11596981_59

2005-01-01

Abstract:Survivability should be considered beyond security for networked information systems, which emphasizes the ability of continuing providing services timely in malicious environment. As an open complex system, networked information system is presented by a service-oriented hierarchical structure, and fault scenarios are thought of as stimulations that environment impact on systems while changes of system services’ performance as system reaction. Survivability test is done according to a test scheme which is composed of events, atomic missions, fault scenarios and services. Survivability is computed layer by layer based on the result of survivability test through three specifications (resistance, recognition and recovery). This computation method is more practicable than traditional state-based method for it converts direct defining system states and computing state transition into a layered computation process.

Xue-gang Lin,Rong-sheng Xu,Hua Xiong,Miao-liang Zhu

2006-01-01

Abstract:Survivability should be considered beyond security for information system, and quantitative analysis can assess system survivability accurately for improvement. Information system is presented by finite state machine and its state transition map is used to describe analysis process, where the hierarchical structure of system state avoids the problem of enumerating states in Markov chain model. Based on SNA method, a framework of quantitative analysis is introduced: defining system, testing system’s survivability, computing survivability, and giving analysis report finally, which is easily implemented by computer. In the framework, the event database which is based on event classification and grade makes creating test project automatically and objectively, and survivability is computed through resistance, recognition and recovery in a hierarchical process.

Qiang Wu,Ran Wang,Xincheng Yan,Chunming Wu,Rongxing Lu

DOI: https://doi.org/10.1109/MWC.001.2100251

IF: 12.777

2022-01-01

IEEE Wireless Communications

Abstract:Opening-up sharing has prompted the multi-tenancy architecture, whereby different vendors (including outsourcees) work together with network operators to form a vibrant service ecosystem, resulting in several advantages as well as risks. In particular, the static nature of existing architectures in network functions virtualization-based (NFV-based) clouds facilitate hacking. Thus, much attention has been focused on determining how to avoid the uncontrollable cloud security induced by complex production relations and non-trustworthy software/hardware sources when the two sets of security risks intersect. In this article, we investigate latent persistent threats against cloud environments and determine a high degree of complementarity and consistency between the NFV-based cloud environment and the dynamic defense concept. More specifically, new NFV-based cloud features provide an effective implementation for dynamic defense, while the generalized robustness of dynamic defense theory allows for high security gains. Intrinsic cloud security (iCS) is then proposed to align NFV-based clouds, mimicking defense and the moving target defense (MTD) paradigm to implement a seamless integration and symbiosis evolution between security and NFV-based clouds. We quantify the impact on system overhead to account for efficiency and cost issues. The simulation analysis demonstrates that the enhanced mode is able to consistently obtain a more beneficial and stable defense compared with the counterparts.

Xuegang Lin,Miaoliang Zhu,Rongsheng Xu

DOI: https://doi.org/10.1109/ICITA.2005.17

2005-01-01

Abstract:Information system survivability should be analyzed quantitatively for evaluating and grading accurately. A finite state machine whose state is described by a hierarchical structure presents quantification model. To quantify more objectively, a test-based framework is introduced by five key steps based on SNA method, which is achieved by computer's aid mostly for reducing man factor. Survivability is computed through resistance, recognition and recovery in detail by a hierarchical process. This framework is more practicable for system's hierarchical state, which avoids dividing the state space.

jorge cardoso,zongwei luo,john a miller,amit p sheth,krzysztof j kochut

2001-01-01

Abstract:The survivability of critical infrastructure systems has been gaining increasing concern from the industry. The survivability research area addresses the issue of infrastructure systems that continues to provide pre� established service levels to users in the face of disorders and react to changes in the surrounding environment. Workflow management systems need to be survivable since they are used to support critical and sensitive business processes. They require a high level of dependability and should not allow process instances to be interrupted or aborted due to failures. Moreover, due to their sensitivity, business process should reflect any change in the environment. In this paper we describe the work on increasing the survivability of the METEOR workflow management system. We define an architecture describing the main technologies that enable survivability in WfMS. Using the developed architecture we describe two modules that have been implemented: dynamic change and adaptation module.

GENG Ji,SONG Xu,CHEN Wei,QIN Zhi-guang

DOI: https://doi.org/10.3969/j.issn.1001-0548.2014.01.017

2014-01-01

Abstract:The security problems of software become more and more serious,and software survivability is an extension of software security researches. However, the survivability models can rarely bring out a practical method by now. In this paper, we consider the effect of different system structures and runtime environments on system survivability. Firstly, we construct a service survivability model by considering the effect of environment;secondly, we consider the relationship between the system structure and services and construct a model based on service survivability to reflect the system survivability. Finally, based on this model, a recovery approach is illustrated when parts of or all the system’s services are failed.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yaobin Xie,Zhongyong Lu

DOI: https://doi.org/10.23919/tst.2017.8030534

2017-01-01

Tsinghua Science & Technology

Abstract:The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.

LI Dong,GUO Jin,ZHANG JIZHENG,JIA Huibo

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.11.066

2005-01-01

Abstract:Security mechanisms for survivability used in current storage systems are divided into two classes, including distributed data copies on wide scale and self-security storage devices. The data center now this paper deploys employs the method resembling the latter, which sets up access patterns database to identify possible attacks. The paper predicts as storage device becomes more intelligent self-security storage device and combination of different security mechanisms will direct the development of survivable storage system.

Xue-hai Peng,Chuang Lin

DOI: https://doi.org/10.1109/DASC.2006.20

2006-01-01

Abstract:Existing isolated and add-on secure systems are rarely robust under attack, misoperation and internal faults. Secure communication only offers little protection if one ore more components are compromised, and are not sufficient for holistic and systemic security. This paper proposes the concept of trustworthy networks, which makes advances along these traditional researches on network security in combination. We outline the key challenges in constructing trustworthy networks, and define three properties, namely security, survivability and controllability. Consulting human interactions, the abstract architecture for trustworthy networks is proposed, depicting protocols layers, topology structure, entities and components, and protocol steps

Chao Chen,Ke Wang,Shuren Liao,Qiuyan Zhang,Yiqi Dai

DOI: https://doi.org/10.1109/CSE.2009.319

2009-01-01

Abstract:The trustworthiness of application plays a key role in the overall trustworthiness of computer systems. However, the current uncontrolled way of application execution brings difficulties in providing sufficient application trustworthiness. In this paper we present a server-based application execution architecture to reinforce the application-level trustworthiness, with reference to trusted computing and the software identification scheme. A system agent is introduced in the architecture to employ the TPM to implement integrity measurement, and communicate with the server to determine whether executions of applications are permitted based on their identification(indicating application trustworthiness), and therefore improves the trustworthiness and security of the system. To further enable necessary executions of untrusted applications, the concept of multi-level security is adopted to design a configurable strategy to maintain a balance between system security and usability. Experimental results show that with acceptable system cost, trustworthiness of application is guaranteed and appropriate execution flexibility can be achieved.

Guixu Zhang

2008-01-01

Abstract:This paper mainly analyzed survivability in unbounded networks and systems in pervasive computing.Then it introduced two methods of survivability system design.Finally it analyzed the differences between the two methods.

Haifeng Zhou,Chunming Wu,Ming Jiang,Boyang Zhou,Wen Gao,Tingting Pan,Min Huang

DOI: https://doi.org/10.1109/mcom.2015.7081074

IF: 9.03

2015-01-01

IEEE Communications Magazine

Abstract:The past few years have witnessed revolutionary advances in network technology. Along with new techniques such as SDN come lots of new network security challenges. Conventional network security mechanisms are incompetent to overcome these challenges, since they are built on a static network configuration that facilitates attackers in finding the weaknesses of a network. In this article, we conceive a novel conceptual network security mechanism, the evolving defense mechanism (EDM), to resolve current and future security problems. EDM is based on a bio-inspired idea of network configuration variations. According to the security requirements of the system, the user, and the network security state, EDM selects an efficient network configuration variation strategy to prevent corresponding security threats. Combined with SDN implementation, EDM resolves security problems from a new angle and is capable of evolving with new network security technology. We sketch a way to implement EDM and present its reference framework, which serves as an ecosystem and coexisting environment for various kinds of network configuration variations. The proposed mechanism avoids the deficiency of conventional mechanisms and has potential to cope with emerging security threats.

WANG Sheng,YU Hong-fang,XU Du

DOI: https://doi.org/10.3969/j.issn.1009-6868.2008.01.008

2008-01-01

Abstract:The Internet plays increasingly important roles in everyone's life, but the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is also becoming more and more obvious. Although the Internet community came up with a consensus that the future network should be trustworthy, the concept of networks and the ways leading us to a trustworthy network are not yet clear. This research insists that the security, controllability, manageability, and survivability should be basic properties of a trustworthy network. The key ideas and techniques involved in these properties are studied, and recent developments and progresses are surveyed. At the same time, the technical trends and challenges are briefly discussed.

Sibin Mohan,Stanley Bak,Emiliano Betti,Heechul Yun,Lui Sha,Marco Caccamo

DOI: https://doi.org/10.48550/arXiv.1202.5722

2012-02-26

Cryptography and Security

Abstract:Until recently, cyber-physical systems, especially those with safety-critical properties that manage critical infrastructure (e.g. power generation plants, water treatment facilities, etc.) were considered to be invulnerable against software security breaches. The recently discovered 'W32.Stuxnet' worm has drastically changed this perception by demonstrating that such systems are susceptible to external attacks. Here we present an architecture that enhances the security of safety-critical cyber-physical systems despite the presence of such malware. Our architecture uses the property that control systems have deterministic execution behavior, to detect an intrusion within 0.6 {\mu}s while still guaranteeing the safety of the plant. We also show that even if an attack is successful, the overall state of the physical system will still remain safe. Even if the operating system's administrative privileges have been compromised, our architecture will still be able to protect the physical system from coming to harm.

WANG Shu-peng,YUN Xiao-chun,YU Xiang-zhan

DOI: https://doi.org/10.3321/j.issn:0367-6234.2007.03.030

2007-01-01

Abstract:System survivability is a new security theory,which has become an important issue in the area of network security.Survivability enhancement is a significant issue in the research field of system survivability. In this paper methods and principal underlying techniques to enhance system survivability are analyzed,the current research situation and open problems of them are discussed,two typical survivable systems are given,and finally research trends in this area are addressed.

Ling Xiao,Zhitang Li,Yunhe Zhang,Meizhen Wang

DOI: https://doi.org/10.1109/etcs.2009.471

2009-01-01

Abstract:Society has become so dependent on information systems that provide the information underpinnings for critical infrastructure applications. With the development of network technology, these systems continue to emerge and grow, and have become unbounded networked systems that are highly distributed. But traditional security technology is not sufficient to deal with the protection and survivability of highly distributed information systems operating in unbounded networks 。Survivability research is the key to resolve the problem. This paper organizes and summarizes the current literatures and presents an overview of survivability research by discussing the definition, the various techniques and the estimate models of survivability, and finally, presents a conclusion and future work.

HE Wei,SUN Yuhai,SHA Xuejun,MENG Lirong

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.08.064

2006-01-01

Abstract:This paper adopts multi-layer security model,integrates redundancy and variety architectures,makes use of integral security strategy and server-oriented intrusion tolerance architecture,realizes the survive and availability of database and the integrity and confidentiality of sensitive data.It can effectively resist malicious attacks with legal identity,and reduce the cost of security.

Lu Yiwen,Zhang Guixu

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.01.016

2009-01-01

Abstract:Different from the traditional firewall and intrusion detection techniques,intrusion tolerance focuses on the survivability of system on condition that intrusion is somehow inevitable,thus preferably meeting the design requirements of the survivable system.A scheme based on intrusion tolerance for system design is proposed,which guarantees the continuity of key services by fault-tolerant techniques,and meanwhile,obtains the tradeoff between confidentiality and availability of key data by proactive secret sharing,so that the system can process high survivability under attacks and faults.

QIN Zhiguang,SONG Xu,GENG Ji,CHEN Wei

DOI: https://doi.org/10.3724/sp.j.1087.2013.00400

2013-01-01

Journal of Computer Applications

Abstract:Current survivability models can hardly bring up a practical solution,nor reflect the properties of Web applications.Firstly,the properties of Web applications were analyzed,especially the differences between atomic Web applications and composite Web applications.Secondly,the mathematical model reflecting the invoking relationship of the atomic Web applications for the development of composite Web application was constructed.Lastly,a survivability model for atomic Web applications and a Markov-based survivability model for composite Web applications with regard to runtime environment were proposed.And on the basis of these models,a recovery approach for Web applications was given,when part or all of the functions failed in adverse environment.Besides,a case was analyzed using these models,and its recovery procedures were given,in which the high survivability was guaranteed.