Yong Huang,Xuezeng Pan

DOI: https://doi.org/10.1007/978-3-642-23226-8_21

2011-01-01

Abstract:Aiming at the main problem that the link between the formal definition of multilevel security and security goal is not always clear, we propose a new definition of multilevel security closer to the practical application. Due to the fact that separability property based on the construction of covert channels is not practical, we introduce the concept of trusted domain to the theoretical framework initiated by the characteristics of transitive and intransitive security policy. Following that two intuitive propositions with the corresponding proof are proposed.

黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

Xuezeng Pan

DOI: https://doi.org/10.3785/j.issn.1008-973x.2009.08.005

2009-01-01

Abstract:To resolve the problem that the simple combination of BLP and Biba models will lead to poor availability,a confidentiality and integrity dynamic union model based on multi-level security(MLS) policy was presented.The two dimensions of secure model are composed of confidentiality and integrity,on which the security label is separated into write privilege range and read privilege range respectively,whereupon subject's access range is adjusted dynamically according to the security label of related objects and the history situation of the subject's access,improving the agility and practicability of the model.The formal definition of this model was given,and the security was also analyzed with proof.Finally,examples were illuminated to show the effectiveness and usability of this model.

CHEN Jin,LV Hongbing,PAN Xuezeng

DOI: https://doi.org/10.3778/j.issn.1002-8331.2011.05.021

2011-01-01

Computer Engineering and Applications Journal

Abstract:The BLP can guarantee the security of information by allowing downward information flow from the low security level to high security level.However,under some circumstances,the upward information flow is also necessary.Clark-Wilson model is used to control and audit subject’s state transition and run time adjustment of low-water-mark policy parameters.This paper proposes a model that allows the upward information flow in the control of Clark-Wilson model.The model is proved secure and applicable.

Yao Liu,Min Li,An Liu,Jianmin Lu,Tony Xiao Han

2022-01-01

Abstract: In this paper, we propose a generalized state-dependent channel modeling and present fundamental limits for multiple-access integrated sensing and communication (ISAC) systems. The model proposed extends the latest studies by Kobayashi et al. and Ahmadipour et al., which explicitly accounts for more practical scenarios with correlated sensing and channel states, and imperfect channel state information at receiver (CSIR). For the model considered, we devise an achievable scheme that combines message cooperation and joint compression of past transmitted codeword and echo signals (a form of strictly causal feedback) via distributed Wyner-Ziv coding at each user to realize "simultaneously cooperative communication and sensing". The corresponding achievable rate-distortion region is derived and a numerical example is constructed to illustrate the potential gain of the proposed scheme. It is found that the compressed information sent is not only useful for further enhancing communication (particularly in the case without CSIR), but also helpful in improving the sensing performance of the transmitters.

Kai Zhang,Guoxin Zheng,Hua Wang,Changming Zhang,Xianbin Yu

DOI: https://doi.org/10.3390/s22155776

IF: 3.9

2022-01-01

Sensors

Abstract:Due to the limited space in the tunnel environment, multiple-input multiple-output (MIMO) systems with double-port fed leaky coaxial cables (LCXs) can not only reduce the number of LCXs, but also improve the channel capacity. Based on the geometry based on single bonce (GBSB) and electromagnetic field radiation theory of LCX, a MIMO channel model with double–port fed LCX in a tunnel scenario is proposed in this paper. The channel impulse response (CIR) is derived, and verified with measurement results in terms of channel capacity. The distribution of channel capacity of single double-port fed LCX under different LCX lengths in the tunnel scenarios has also been analyzed in this work, and the distribution of channel capacity for the LCX–MIMO system with long LCX is predicted. The results show that the single double-port fed LCX–MIMO system outperforms the dipole antenna MIMO system with respect to channel capacity in the considered tunnel scenarios.

Zhi-yong TAN,Duo LIU,Tian-ge SI,Yi-qi DAI

DOI: https://doi.org/10.3321/j.issn:0372-2112.2008.08.029

2008-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:A multilevel security (MLS) model with credibility characteristics was proposed to solve the problem of trusted subjects' hidden security flaw and poor system usability in present MLS systems. By introducing credibility labels of subjects and objects and credibility evaluation functions in original BLP model, it can evaluate credibility of access requests as well as corresponding credibility variation of subjects and objects. Since this model establishes restriction mechanism against trusted subjects and assigns limited privileges to all subjects, it is more flexible and practicable than present security-label based MLS models.

Xue Haiwei,Zhang Yunliang,Guo Zhien,Dai Yiqi

IF: 1.019

2014-01-01

Chinese Journal of Electronics

Abstract:Towards data leak caused by misoperation and malicious inside users, we proposed a multilevel security model based on Bell-lapadula（BLP） model. In our model each subject was assigned with a security level. Subjects can read objects only when their security levels are not less than objects’ security levels, and subjects can write objects only when their security levels are not more than objects’ security levels. The current security level in our model can be dynamically changed when users read sensitive data, since users can access data with different security levels in private cloud. Our model use mandatory access control method to control user’s operation and can guarantee that users can not leak sensitive data after they read them. Our model can be proved secure by mathematical method, and we implemented a prototype system of our model and the experimental results show that it is secure.

Zhi Chen,Pingyi Fan,Dapeng Wu,Khaled Ben Letaief

DOI: https://doi.org/10.1109/GLOCOM.2010.5684361

2010-01-01

Abstract:The secure transmission of information over wireless systems in the presence of an eavesdropper has attracted much attention. In this paper, we consider the case that full CSI of the legitimate user but only the average channel gain of the eavesdropper is known at the transmitter. In such setting, some information will be inevitably leaked to the eavesdropper from the information-theoretic view and this was not quantitatively evaluated before. A secrecy transmission framework with leakage threshold is thereby proposed. The secrecy capacity satisfying this leakage probability constraints is derived along with an optimal power allocation strategy. For Rayleigh and Nakagami-m fading channels, numerical results indicate that our framework can work well with transmitter knowledge of only average channel gain of the eavesdropper.

Jinxiao Zhu,Yulong Shen,Xiaohong Jiang,Osamu Takahashi,Norio Shiratori

DOI: https://doi.org/10.1587/transcom.e97.b.396

2014-01-01

IEICE Transactions on Communications

Abstract:The fading channel model is seen as an important approach that can efficiently capture the basic time-varying properties of wireless channels, while physical layer security is a promising approach to providing a strong form of security. This paper focuses on the fundamental performance study of applying physical layer security to achieve secure and reliable information transmission over the fading wire-tap channel. For the practical scenario where the main channel is correlated with the eavesdropper channel but only the real time channel state information (CSI) of the main channel is known at the transmitter, we conduct a comprehensive study on the fundamental performance limits of this system by theoretically modeling its secrecy capacity, transmission outage probability and secrecy outage probability. With the help of these theoretical models, we then explore the inherent performance tradeoffs under fading wire-tap channel and also the potential impact of channel correlation on such tradeoffs.

Zhi Chen,Dapeng Wu,Pingyi Fan,Khaled Ben Letaief

DOI: https://doi.org/10.1002/sec.353

IF: 1.968

2011-01-01

Security and Communication Networks

Abstract:ABSTRACTSecure transmission of information over wireless channels in the presence of an eavesdropper has attracted much attention recently. Previous work assumes that a transmitter has perfect knowledge of the channel side information (CSI) of the legitimate channel and the eavesdropper's channel. To loosen this strong requirement, this paper considers the case where a transmitter has perfect knowledge of the CSI of the legitimate channel and only the average channel gain of the eavesdropper's channel. In this case, some information may be leaked to the eavesdropper because the eavesdropper's channel may have a higher gain than the legitimate channel. Hence, we propose, for the first time, to study leakage‐probability‐constrained secrecy capacity of a fading channel, that is, secrecy capacity under the constraint on leakage probability. We also propose an optimal power allocation strategy that maximizes leakage‐probability‐constrained secrecy capacity under average power constraint. Moreover, we study the impact of the bias of the average gain estimate of the eavesdropper's channel on leakage‐probability‐constrained secrecy capacity. Copyright © 2011 John Wiley & Sons, Ltd.

Zhiyong Tan,Duo Liu,Jie Lin,Yiqi Dai

DOI: https://doi.org/10.1109/NSWCTC.2009.194

2009-01-01

Abstract:A multilevel security (MLS) model with credibility characteristics, the credibility-based Bell-LaPadula (CBLP) security model, has been proposed to resolve the problem of trusted subjectspsila hidden security flaw and poor system usability in present MLS systems in the previous paper of the authors. A sampling statistics method is proposed in this paper to evaluate the availability of the CBLP model by obtaining the variation curve of the subjectspsila credibility and the rejection ratio of access operations. The validity of this method was achieved according to the strong law of large numbers and the central limit theorem. The sampling statistics results of the CBLP model in specific scenarios showed that it is highly consistent with that of the formal analysis method and has lower computational complexity.

Yinchao Yang,Mohammad Shikh-Bahaei,Zhaohui Yang,Chongwen Huang,Wei Xu,Zhaoyang Zhang

DOI: https://doi.org/10.1109/wcnc57260.2024.10570649

2024-01-01

Abstract:This paper investigates the secure resource allocation for a downlink integrated sensing and communication system with multiple legal users and potential eavesdroppers. In the considered model, the base station (BS) simultaneously transmits sensing and communication signals through beamforming design, where the sensing signals can be viewed as artificial noise to enhance the security of communication signals. To further enhance the security in the semantic layer, the semantic information is extracted from the original information before transmission. The user side can only successfully recover the received information with the help of the knowledge base shared with the BS, which is stored in advance. Our aim is to maximize the sum semantic secrecy rate of all users while maintaining the minimum quality of service for each user and guaranteeing overall sensing performance. To solve this sum semantic secrecy rate maximization problem, an iterative algorithm is proposed using the alternating optimization method. The simulation results demonstrate the superiority of the proposed algorithm in terms of secure semantic communication and reliable detection.

Benjamin Wu,Aaron B. Wagner,G. Edward Suh

DOI: https://doi.org/10.48550/arXiv.2004.08035

2020-04-17

Information Theory

Abstract:Side channels represent a broad class of security vulnerabilities that have been demonstrated to exist in many applications. Because completely eliminating side channels often leads to prohibitively high overhead, there is a need for a principled trade-off between cost and leakage. In this paper, we make a case for the use of maximal leakage to analyze such trade-offs. Maximal leakage is an operationally interpretable leakage metric designed for side channels. We present the most useful theoretical properties of maximal leakage from previous work and demonstrate empirically that conventional metrics such as mutual information and channel capacity underestimate the threat posed by side channels whereas maximal leakage does not. We also study the cost-leakage trade-off as an optimization problem using maximal leakage. We demonstrate that not only can this problem be represented as a linear program, but also that optimal protection can be achieved using a combination of at most two deterministic schemes.

SI Tian-ge,ZHANG Yao-xue,DAI Yi-qi

DOI: https://doi.org/10.3321/j.issn:0372-2112.2007.05.039

2009-01-01

Abstract:Information confidentiality in a local area network (LAN) is enforced by an EL-BLP model that removes the securitv and practicability defects of the L-BLP model.The EL-BLP model adds restrictions to objects, modifies and extends the action set of subjects, and defines new state-transition criteria.These three methods extend the types of applicable terminals and improve the descriptions various actions in the LAN.The state-transition criterion in EL-BLP is shown to be safe and tests show that this model is suitable for LAN environments with various terminals, with all the devices in the LAN unchanged to greatly improve information confidentiality in LAN.

Haiwei Xue,Xiong Liu,Dai, Yiqi

DOI: https://doi.org/10.1109/anthology.2013.6784892

2013-01-01

Abstract:Information privacy protection is an essential problem in internal networks. The Bell-LaPadula Model (abbreviated BLP) is a state machine model used for enforcing access control, while it can't be used for networks. L-BLP model is designed for Local Area Networks(LAN) while it can't be proved security. We reveal the security problems in L-BLP and propose a security model based on BLP. We define five new state transition rules, which are designed for LAN with high usability. Our model can be proved to be secure in mathematics, and we implement a prototype system based from it. The experimental results show that our model can effectively prevent leakages of secrets.

Matthieu R. Bloch,J. Nicholas Laneman

DOI: https://doi.org/10.1109/tit.2013.2283722

IF: 2.5

2013-12-01

IEEE Transactions on Information Theory

Abstract:We analyze physical-layer security based on the premise that the coding mechanism for secrecy over noisy channels is tied to the notion of channel resolvability. Instead of considering capacity-based constructions, which associate to each message a subcode that operates just below the capacity of the eavesdropper's channel, we consider channel-resolvability-based constructions, which associate to each message a subcode that operates just above the resolvability of the eavesdropper's channel. Building upon the work of Csiszár and Hayashi, we provide further evidence that channel resolvability is a powerful and versatile coding mechanism for secrecy by developing results that hold for strong secrecy metrics and arbitrary channels. Specifically, we show that at least for symmetric wiretap channels, random capacity-based constructions fail to achieve the strong secrecy capacity, while channel-resolvability-based constructions achieve it. We then leverage channel resolvability to establish the secrecy-capacity region of arbitrary broadcast channels with confidential messages and a cost constraint for strong secrecy metrics. Finally, we specialize our results to study the secrecy capacity of wireless channels with perfect channel state information (CSI), mixed channels, and compound channels with receiver CSI, as well as the secret-key capacity of source models for secret-key agreement. By tying secrecy to channel resolvability, we obtain achievable rates for strong secrecy metrics with simple proofs.

computer science, information systems,engineering, electrical & electronic

刘雄,谭智勇,刘铎,戴一奇

DOI: https://doi.org/10.16511/j.cnki.qhdxxb.2010.01.028

2010-01-01

Abstract:The BLP (Bell-LaPadula) model and its derivatives are normally used to implement secure policies in multilevel security systems. The derivatives improved the flexibility but also introduce risks which have not been analyzed in detail. This paper investigates the multilevel security model with credibility characteristics to analyze the security of actions using the quantitative risk analysis method to compute the expected damage resulting from an action. The analysis result can be used to evaluate system security and as a criterion to judge the validity of the action. The system can then control the damage and improve flexibility.

Tan Zhiyong,Liu Duo,Dai Yiqi

DOI: https://doi.org/10.23919/cje.2010.10159181

IF: 1.019

2010-01-01

Chinese Journal of Electronics

Abstract:To evaluate and choose proper credibility evaluation functions and credibility threshold parameters in the Multilevel security (MLS) system based on the CBLP model which was proposed in the authors' previous paper, we devised a sampling statistics method to evaluate the availability of the MLS system, by obtaining the change curve of the subjects' credibility and the rejection ratio of access operations. The validity of this method was evaluated according to the strong law of large numbers and the central limit theorem. The analysis of specific scenarios showed that the result of the sampling statistics method is highly consistent with that of the formal analysis methods. Then an implementation framework based on the availability evaluation method is proposed. Since it is hard to evaluate the availability of the system completely by formalization analysis, the sampling statistics analysis method can provide an important reference for the effective implementation of the CBLP system.

Mark Brown

DOI: https://doi.org/10.1007/s13389-013-0058-2

2013-04-06

Journal of Cryptographic Engineering

Abstract:Formal specifications, models and their accompanying proofs have long been promoted as setting the highest standard for program verification. But computer security remains threatened by covert channels, subliminal channels, side channels, fault injections, bypass, protocol attacks, and subversion despite rigorous application of formal methods. We advance the thesis that there exist several hierarchically ordered and adjacent sciences, notations, and security requirements analyses which must each be addressed to achieve comprehensive security. We support this thesis from a survey of relevant models of communications security. We argue that a taxonomy of security concerns consisting of levels called “Epochs” provides a comprehensive framework for identifying, locating, and analyzing security requirements and assumptions and gives sense to the effective use of formal methods.

computer science, theory & methods