Qinghuai Zeng,Changqin Huang,Deren Chen,Hualiang Hu

DOI: https://doi.org/10.1109/CACWD.2004.1349224

2004-01-01

Abstract:In grid environments, the dynamic and multi-institutional nature introduces challenging security issues. In this paper, we propose subtask-based authorization service (SAS) architecture to fully secure a type of application oriented to engineering and scientific computing. We minimize privileges for task by decomposing the parallel task and re-allotting the privileges required for each subtask. Community authorization module describes and applies community policies of resource permission and privilege for resource usage or task management. It separates proxy credentials from identity credentials. We adopt a relevant policy and task management delegation to describe rules for task management. The ultimate privileges are formed by the combination of relevant proxy credential, subtask-level privilege certificate and community policy for this user, as well as they conform to resource policy. To enforce the architecture, we extend the RSL specification and the proxy certificate, modify Globus' gatekeeper, jobmanager and the GASS library to allow authorization callouts, and evaluate the user's job management requests and job's resource request in the context of policies.

Jean Quilbeuf,Georgeta Igna,Denis Bytschkow,Harald Ruess

DOI: https://doi.org/10.48550/arXiv.1310.3723

2013-10-14

Abstract:A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between processes that do not exchange messages directly. We show that implicitly defined security policies in distributed systems are enforced, provided that processes run in separation, and possible process communication on a technical platform is restricted to specified message paths of the system. Furthermore, we propose to further restrict the allowable information flow by adding filter functions for controlling which messages may be transmitted between processes, and we prove that locally checking filter functions is sufficient for ensuring global security policies. Altogether, global intransitive security policies are established by means of local verification conditions for the (trusted) processes of the distributed system. Moreover, security policies may be implemented securely on distributed integration platforms which ensure partitioning. We illustrate our results with a smart grid case study, where we use CTL model checking for discharging local verification conditions for each process under consideration.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Ma Tian-chi,Li Shan-ping

DOI: https://doi.org/10.1631/jzus.2005.a0405

2005-01-01

Journal of Zhejiang University SCIENCE A

Abstract:New challenges are introduced when people try to build a general-purpose mobile agent middleware in Grid environment. In this paper, an instance-oriented security mechanism is proposed to deal with possible security threats in such mobile agent systems. The current security support in Grid Security Infrastructure (GSI) requires the users to delegate their privileges to certain hosts. This host-oriented solution is insecure and inflexible towards mobile agent applications because it cannot prevent delegation abuse and control well the diffusion of damage. Our proposed solution introduces security instance, which is an encapsulation of one set of authorizations and their validity specifications with respect to the agent’s specific code segments, or even the states and requests. Applications can establish and configure their security framework flexibly on the same platform, through defining instances and operations according to their own logic. Mechanisms are provided to allow users delegating their identity to these instances instead of certain hosts. By adopting this instance-oriented security mechanism, a Grid-based general-purpose MA middleware, Everest, is developed to enhance Globus Toolkit’s security support for mobile agent applications.

Tianchi Ma,Shanping Li

DOI: https://doi.org/10.1007/978-3-540-24679-4_153

2004-01-01

Abstract:An instance-oriented security mechanism is proposed to deal with security threats in building a general-purpose mobile agent middleware in Grid environment. The proposed solution imports security instance, which is an encapsulation of one set of authorizations and their validity specifications with respect to the agent's specific code segments, or even the states and requests. Study shows this mechanism can inject large flexibility and scalability into the security framework, and can avoid the inefficiency and potential damages obscuring in a conventional linear delegation model.

Bogdan Aman

DOI: https://doi.org/10.48550/arXiv.1108.0496

2011-08-02

Distributed, Parallel, and Cluster Computing

Abstract:Membrane computing is a well-established and successful research field which belongs to the more general area of molecular computing. Membrane computing aims at defining parallel and non-deterministic computing models, called membrane systems or P Systems, which abstract from the functioning and structure of the cell. A membrane system consists of a spatial structure, a hierarchy of membranes which do not intersect, with a distinguishable membrane called skin surrounding all of them. A membrane without any other membranes inside is elementary, while a non-elementary membrane is a composite membrane. The membranes define demarcations between regions; for each membrane there is a unique associated region. Since we have a one-to-one correspondence, we sometimes use membrane instead of region, and vice-versa. The space outside the skin membrane is called the environment. In this thesis we define and investigate variants of systems of mobile membranes as models for molecular computing and as modelling paradigms for biological systems. On one hand, we follow the standard approach of research in membrane computing: defining a notion of computation for systems of mobile membranes, and investigating the computational power of such computing devices. Specifically, we address issues concerning the power of operations for modifying the membrane structure of a system of mobile membranes by mobility: endocytosis (moving a membrane inside a neighbouring membrane) and endocytosis (moving a membrane outside the membrane where it is placed). On the other hand, we relate systems of mobile membranes to process algebra (mobile ambients, timed mobile ambients, pi-calculus, brane calculus) by providing some encodings and adding some concepts inspired from process algebra in the framework of mobile membrane computing.

William A. Wulf,Chenxi Wang,darrell m kienzle

DOI: https://doi.org/10.1145/304851.304860

1996-01-01

Abstract:With the rapid growth of the information age, electronic activities of many kinds are becoming more common. The need for protection and security in this environment has never been greater. The conventional approach to security has been to enforce a system-wide policy, but this approach will not work for large distributed systems where entirely new security issues and concerns are emerging.We argue that a new model is needed that shifts the emphasis from "system as enforcer" to user-definable policies in which the cost scales with the degree of security required. Users ought to be able to select the level of security they need and pay only the overhead necessary to achieve it. Moreover, ultimately, they must be responsible for their own security. This research is being carried out in the context of the Legion project. We start by describing the objectives and philosophy of the overall project and then present our conceptual model and tentative implementation plan. A set of technical challenges is also addressed.

Nan Sang,Xinyong Wu,GuangZe Xiong

2004-01-01

Journal of Information and Computational Science

Abstract:Resolution of integration of multi security policies plays an important role in secure-critical computer systems which support multi security policies. In this paper, a security state transition model is built by means of formal method, the different effects resulting from security-depended actions of different policies on security states is analyzed and a new approach to solve the integration and consistency of multi-policies is presented.

Yawei Zhang,Xiaojun Ye

DOI: https://doi.org/10.1109/ISPA.2008.28

2008-01-01

Abstract:Inspired by rule-based access control models, this paper proposes a universal policy model and an access protection framework to secure dataspace. The key components and processes for this framework, policy organization, policy indexing and two resource searching strategies with access decision-making, are illustrated and experimented to harmonize the contradiction between security and efficiency.

Cornelius Diekmann,Lars Hupel,Georg Carle

DOI: https://doi.org/10.4204/EPTCS.150.3

2014-05-06

Abstract:Large systems are commonly internetworked. A security policy describes the communication relationship between the networked entities. The security policy defines rules, for example that A can connect to B, which results in a directed graph. However, this policy is often implemented in the network, for example by firewalls, such that A can establish a connection to B and all packets belonging to established connections are allowed. This stateful implementation is usually required for the network's functionality, but it introduces the backflow from B to A, which might contradict the security policy. We derive compliance criteria for a policy and its stateful implementation. In particular, we provide a criterion to verify the lack of side effects in linear time. Algorithms to automatically construct a stateful implementation of security policy rules are presented, which narrows the gap between formalization and real-world implementation. The solution scales to large networks, which is confirmed by a large real-world case study. Its correctness is guaranteed by the Isabelle/HOL theorem prover.

Cryptography and Security,Logic in Computer Science

Joshua Letchford,Yevgeniy Vorobeychik

DOI: https://doi.org/10.48550/arXiv.1210.4873

2012-10-17

Abstract:We introduce a novel framework for computing optimal randomized security policies in networked domains which extends previous approaches in several ways. First, we extend previous linear programming techniques for Stackelberg security games to incorporate benefits and costs of arbitrary security configurations on individual assets. Second, we offer a principled model of failure cascades that allows us to capture both the direct and indirect value of assets, and extend this model to capture uncertainty about the structure of the interdependency network. Third, we extend the linear programming formulation to account for exogenous (random) failures in addition to targeted attacks. The goal of our work is two-fold. First, we aim to develop techniques for computing optimal security strategies in realistic settings involving interdependent security. To this end, we evaluate the value of our technical contributions in comparison with previous approaches, and show that our approach yields much better defense policies and scales to realistic graphs. Second, our computational framework enables us to attain theoretical insights about security on networks. As an example, we study how allowing security to be endogenous impacts the relative resilience of different network topologies.

Computer Science and Game Theory,Cryptography and Security

Wei Jie,Michael Daw,Rob Procter,Alex Voss

2007-01-01

Abstract:The e-Infrastructure for e-Social Sciences project leverages Grid computing technology to provide an integrated platform which enables social science researchers to securely access a variety of e-Science resources. Security underpins the e-Infrastructure and a security framework with authentication and authorization functionality is a core component of the e-Infrastructure for social sciences. To build the security framework, we adopt Shibboleth as the basic authentication and authorization infrastructure and further combine PERMIS advanced authorization technology. As a result, this security framework integrates the advantages of both Shibboleth cross-domain identity federation and PERMIS policy driven role based authorization control, thus presenting a promising security model for secure access to the e-Infrastructure for the social sciences.

Sebastian Eggert,Henning Schnoor,Thomas Wilke

DOI: https://doi.org/10.48550/arXiv.1208.5580

2013-06-14

Abstract:We develop a theory for state-based noninterference in a setting where different security policies---we call them local policies---apply in different parts of a given system. Our theory comprises appropriate security definitions, characterizations of these definitions, for instance in terms of unwindings, algorithms for analyzing the security of systems with local policies, and corresponding complexity results.

Cryptography and Security

Stephen S. Yau,Yisheng Yao

2006-01-01

Abstract:A major advantage of the emerging service-oriented computing technology is its ability to enable rapid formation of large-scale distributed systems by composing massively available services to achieve the system goals, regardless of the programming languages and platforms used to develop and run these services. For these systems which often involve interactions among multiple organizations over various networks, how to manage and enforce security policies is the prime concern in assuring that only authorized users or systems have the access to massively available services. However, with the increasing scalability and flexibility required by the dynamic service-oriented computing environments, manage and enforce security policies in such systems is a very challenging task. Existing research efforts have not sufficiently addressed this challenging task for enabling systematic security policy management and enforcement in service-oriented systems. In this dissertation research, a framework based on formal foundations is developed for dynamically, yet systematically, managing and enforcing security policies in service-oriented systems. This framework includes a security policy meta-model and a runtime security policy execution model for security decision making and enforcement. The security policy meta-model will be used to provide unambiguous security policy specifications and to facilitate sound and complete security policy reasoning, such as consistency checking, redundancy analysis, security policy specification composition, and automated security service synthesis from declarative security policy specifications. Analysis of expressiveness of this security policy meta-model is also provided in this dissertation. The runtime security policy execution model is developed for enforcing the security policies with provable correctness. This framework will also include tools for generating and deploying security services to compute and enforce security decisions based on security policies, credentials and situational information. With this framework, various parties of large-scale service-oriented systems can easily manage and enforce security policies to meet their security requirements under various situations. Examples are provided to show the effectiveness of the framework.

Kun Lan,Jianhua Li,Wenkai Huang,Gaolei Li

DOI: https://doi.org/10.3390/electronics13112001

IF: 2.9

2024-05-22

Electronics

Abstract:The cyberphysical systems of smart cities are facing increasingly severe attack situations, and traditional separate protection methods are difficult to effectively respond to. It is urgent to coordinate public safety and cybersecurity protection. However, the integration of the two faces many challenges and is a very promising research field. The aim of this study is to investigate technical approaches for the synergy between public safety and cybersecurity. This paper proposes a smart city safety protection model inspired by the human immune mechanism. It was found that through a three-line defense architecture similar to the human immune mechanism, and with the help of certain algorithms and functional middleware modules, public safety and cybersecurity protection components can be dynamically combined to achieve collaboration. This work has verified through experiments a valuable path to effectively resist complicated attack threats intertwined with public safety and cybersecurity factors.

engineering, electrical & electronic,computer science, information systems,physics, applied

Giampaolo Bella

DOI: https://doi.org/10.48550/arXiv.2112.12790

2021-12-18

Cryptography and Security

Abstract:Security ceremonies still fail despite decades of efforts by researchers and practitioners. Attacks are often a cunning amalgam of exploits for technical systems and of forms of human behaviour. For example, this is the case with the recent news headline of a large-scale attack against Electrum Bitcoin wallets, which manages to spread a malicious update of the wallet app. I therefore set out to look at things through a different lens. I make the (metaphorical) hypothesis that human ancestors arrived on Earth along with security ceremonies from a very far planet, the Cybersecurity planet. My hypothesis continues, in that studying (by huge telescopes) the surface of Cybersecurity in combination with the logical projection on that surface of what happens on Earth is beneficial for us earthlings. I have spotted four cities so far on the remote planet. Democratic City features security ceremonies that allow inhabitants to follow personal paths of practice and, for example, make errors or be driven by emotions. By contrast, security ceremonies in Dictatorial City compel inhabitants to comply, thus behaving like programmed automata. Security ceremonies in Beautiful City are so beautiful that inhabitants just love to follow them precisely. Invisible City has security ceremonies that are not perceivable, hence inhabitants feel like they never encounter any. Incidentally, we use the words "democratic" and "dictatorial" without any political connotation. A key argument I shall develop is that all cities but Democratic City address the human factor, albeit in different ways. In the light of these findings, I will also discuss security ceremonies of our planet, such as WhatsApp web login and flight boarding, and explore room for improving them based upon the current understanding of Cybersecurity.

Marius Schlegel

DOI: https://doi.org/10.48550/arXiv.2105.01970

2021-05-05

Abstract:While there have been approaches for integrating security policies into operating systems (OSs) for more than two decades, applications often use objects of higher abstraction requiring individual security policies with application-specific semantics. Due to insufficient OS support, current approaches for enforcing application-level policies typically lead to large and complex trusted computing bases rendering tamperproofness and correctness difficult to achieve. To mitigate this problem, we propose the application-level policy enforcement architecture AppSPEAR and a C++ framework for its implementation. The configurable framework enables developers to balance enforcement rigor and costs imposed by different implementation alternatives and thus to easily tailor an AppSPEAR implementation to individual application requirements. We especially argue that hardware-based trusted execution environments offer an optimal balance between effectiveness and efficiency of policy protection and enforcement. This claim is substantiated by a practical evaluation based on an electronic medical record system.

Cryptography and Security

Francesco Buccafurri,Vincenzo De Angelis,Sara Lazzaro,Andrea Pugliese

DOI: https://doi.org/10.1016/j.cose.2024.103771

IF: 5.105

2024-02-25

Computers & Security

Abstract:Security policies of authentication systems are a crucial factor in mitigating the risk of impersonation, which is often the first stage of advanced persistent threats. Online authentication systems may often interact with each other, due to various mechanisms, such as account recovery or federated authentication. This leads to an implicit extension of the security policies of an authentication system with policies over which the system has no control. As a result, an authentication system that adopts very strong security policies can be unexpectedly weak. This paper deals with the above problem, which affects most real-world online authentication systems. The paper proposes a theoretical framework that formalizes authentication policies and interactions among authentication systems, together with a protocol that prevents, whenever an interaction is established or updated, the security issues described above. An SSI-based implementation of the proposed protocol is presented as well.

computer science, information systems

Donies Samet,Farah Barika Ktata,Khaled Ghedira

DOI: https://doi.org/10.1007/s10515-023-00408-7

IF: 1.677

2024-01-11

Automated Software Engineering

Abstract:Security is a very important challenge in mobile agent systems due to the strong dependence of agents on the platform and vice versa. According to recent studies, most current mobile agent platforms suffer from significant limitations in terms of security when they face Denial of Service (DOS) attacks. Current security solutions even provided by the mobile agent platforms or by the literature focus essentially on individual attacks and are mainly based on static models that present a lack of the permissions definition and are not detailed enough to face collaborative DOS attacks executed by multiple agents or users. This paper presents a security framework that adds security defenses to mobile agent platforms. The proposed security framework implements a standard security model described using MA-UML (Mobile Agent-Unified Modeling Language) notations. The framework lets the administrator (of agents' place) define a precise and fine-grained authorization policy to defend against DOS attacks. The authorization enforcement in the proposed framework is dynamic : the authorization decisions executed by the proposed framework are based upon run-time parameters like the amount of activity of an agent. We implement an experiment on a mobile agent system of e-marketplaces. Given that we focus essentially on the availability criterion, the performance of the proposed framework on a place is evaluated against DOS and DDOS attacks and investigated in terms of duration of execution that is the availability of the place.

computer science, software engineering

Nadya Bliss,Lawrence A. Gordon,Daniel Lopresti,Fred Schneider,Suresh Venkatasubramanian

DOI: https://doi.org/10.48550/arXiv.2101.01264

2021-01-04

Computers and Society

Abstract:Computing devices are vital to all areas of modern life and permeate every aspect of our society. The ubiquity of computing and our reliance on it has been accelerated and amplified by the COVID-19 pandemic. From education to work environments to healthcare to defense to entertainment - it is hard to imagine a segment of modern life that is not touched by computing. The security of computers, systems, and applications has been an active area of research in computer science for decades. However, with the confluence of both the scale of interconnected systems and increased adoption of artificial intelligence, there are many research challenges the community must face so that our society can continue to benefit and risks are minimized, not multiplied. Those challenges range from security and trust of the information ecosystem to adversarial artificial intelligence and machine learning. Along with basic research challenges, more often than not, securing a system happens after the design or even deployment, meaning the security community is routinely playing catch-up and attempting to patch vulnerabilities that could be exploited any minute. While security measures such as encryption and authentication have been widely adopted, questions of security tend to be secondary to application capability. There needs to be a sea-change in the way we approach this critically important aspect of the problem: new incentives and education are at the core of this change. Now is the time to refocus research community efforts on developing interconnected technologies with security "baked in by design" and creating an ecosystem that ensures adoption of promising research developments. To realize this vision, two additional elements of the ecosystem are necessary - proper incentive structures for adoption and an educated citizenry that is well versed in vulnerabilities and risks.

Chiara Bodei,Viet Dung Dinh,Gian Luigi Ferrari

DOI: https://doi.org/10.48550/arXiv.1010.5568

2010-10-27

Cryptography and Security

Abstract:We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regulate server's behaviour.