Team Edit Automata for Testing Security Property

2007 ◽  
Author(s):  
Zhenrong Yang ◽  
Aiman Hanna ◽  
Mourad Debbabi
Keyword(s):  
Edit Automata ◽  
Security Property

scholarly journals Persistent Stochastic Non-Interference

2021 ◽  
Vol 181 (1) ◽  
pp. 1-35
Author(s):  
Jane Hillston ◽  
Andrea Marin ◽  
Carla Piazza ◽  
Sabina Rossi
Keyword(s):  
Process Algebra ◽  
Operational Semantics ◽  
Evaluation Process ◽  
Decision Algorithm ◽  
Secure Systems ◽  
Information Flow Security ◽  
Structural Operational Semantics ◽  
Timing Properties ◽  
Functional Point ◽  
Security Property

In this paper, we study an information flow security property for systems specified as terms of a quantitative Markovian process algebra, namely the Performance Evaluation Process Algebra (PEPA). We propose a quantitative extension of the Non-Interference property used to secure systems from the functional point view by assuming that the observers are able to measure also the timing properties of the system, e.g., the response time of certain actions or its throughput. We introduce the notion of Persistent Stochastic Non-Interference (PSNI) based on the idea that every state reachable by a process satisfies a basic Stochastic Non-Interference (SNI) property. The structural operational semantics of PEPA allows us to give two characterizations of PSNI: one based on a bisimulation-like equivalence relation inducing a lumping on the underlying Markov chain, and another one based on unwinding conditions which demand properties of individual actions. These two different characterizations naturally lead to efficient methods for the verification and construction of secure systems. A decision algorithm for PSNI is presented and an application of PSNI to a queueing system is discussed.

scholarly journals ID-based key-insulated signcryption with equality test in cloud computing

2021 ◽  
Vol 3 (4) ◽  
Author(s):  
Seth Alornyo ◽  
Kingsford Kissi Mireku ◽  
Mustapha Adamu Mohammed ◽  
Daniel Adu-Gyamfi ◽  
Michael Asante
Keyword(s):  
Cloud Computing ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Harsh Environments ◽  
Secret Key ◽  
Secret Keys ◽  
Security Property ◽  
Equality Test ◽  
Chosen Ciphertext Attack ◽  
Chosen Message Attack

AbstractKey-insulated encryption reduces the problem of secret key exposure in hostile setting while signcryption cryptosystem attains the benefits of digitally signing a ciphertext and public key cryptosystem. In this study, we merge the primitives of parallel key-insulation cryptosystem and signcryption with equality test to construct ID-based parallel key-insulated signcryption with a test for equality (ID-PKSET) in cloud computing. The construction prevent data forgery, data re-play attacks and reduces the leakage of secret keys in harsh environments. Our scheme attains the security property of existential unforgeable chosen message attack (EUF-CMA) and indistinquishable identity chosen ciphertext attack (IND-ID-CCA2) using random oracle model.

scholarly journals A Mathematical Problem for Security Analysis of Hash Functions and Pseudorandom Generators

2015 ◽  
Vol 26 (02) ◽  
pp. 169-194 ◽  
Author(s):  
Koji Nuida ◽  
Takuro Abe ◽  
Shizuo Kaji ◽  
Toshiaki Maeno ◽  
Yasuhide Numata
Keyword(s):  
Mathematical Problem ◽  
Security Analysis ◽  
Hash Functions ◽  
Future Research ◽  
Theoretical Frameworks ◽  
Pseudorandom Generators ◽  
Mathematical Problems ◽  
Security Evaluations ◽  
Security Property ◽  
Provably Secure

In this paper, we specify a class of mathematical problems, which we refer to as “Function Density Problems” (FDPs, in short), and point out novel connections of FDPs to the following two cryptographic topics; theoretical security evaluations of keyless hash functions (such as SHA-1), and constructions of provably secure pseudorandom generators (PRGs) with some enhanced security property introduced by Dubrov and Ishai (STOC 2006). Our argument aims at proposing new theoretical frameworks for these topics (especially for the former) based on FDPs, rather than providing some concrete and practical results on the topics. We also give some examples of mathematical discussions on FDPs, which would be of independent interest from mathematical viewpoints. Finally, we discuss possible directions of future research on other crypto-graphic applications of FDPs and on mathematical studies on FDPs themselves.

scholarly journals Efficient and Secure Multicast in WirelessMAN: A Cross-layer Design

2007 ◽  
Vol 3 (3) ◽  
pp. 199 ◽  
Author(s):  
Chin-Tser Huang ◽  
Manton Matthews ◽  
Matthew Ginley ◽  
Xinliang Zheng ◽  
Chuming Chen ◽  
...  
Keyword(s):  
Cross Layer ◽  
Cross Layer Design ◽  
Security Measures ◽  
Application Layer ◽  
Mac Layer ◽  
Forward Secrecy ◽  
Group Management ◽  
Multicast Service ◽  
Secure Protocol ◽  
Security Property

Effectively adding security measures to a multicast service is an intriguing problem, especially when the service isdeployed in a wireless setting. Next generation IEEE 802.16standard WirelessMAN networks are a perfect example of this problem, and the latest draft specification of the standard includes a secure protocol solution called Multicast and Broadcast Rekeying Algorithm (MBRA). In this paper, we expose the security problems of MBRA, including non-scalability and omission of backward and forward secrecy, and propose new approaches, ELAPSE and ELAPSE+, to address these problems. In particular, ELAPSE+ makes use of membership and mobility information gathered in the application layer to augment the adaptive group management in the MAC layer. We analyze the security property of ELAPSE and ELAPSE+, and compare their performances with MBRA by simulating group rekeying scenarios.

Runtime Monitoring of IoT Services to Guarantee Properties

2018 ◽  
pp. 223-275
Keyword(s):  
The Internet ◽  
Runtime Monitoring ◽  
Virtual Channel ◽  
Policy Enforcement ◽  
Safety Properties ◽  
Execution Monitoring ◽  
Mandatory Requirement ◽  
Monitoring Mechanism ◽  
Monitoring Technologies ◽  
Security Property

Ensuring that a critical information infrastructure remains in a safe and secure state is a mandatory requirement. When IoT services related to such an infrastructure are open to the internet, existing execution monitoring technologies do not work well to protect it; internal malware may compromise and subvert the monitoring mechanism itself, and the safety properties will interact with its security property. In this chapter, an isolation-based solution is proposed to enforce property policies for runtime IoT services. First, the issue of isolation-based service trace observation is addressed by establishing and modelling a virtual channel. Then, the issue of isolation-based policy enforcement is discussed, and the incompleteness and inconsistency of trace knowledge observed in the virtual channel is addressed. Finally, physical systems are introduced into the proposed runtime monitors, and the controllability of IoT services is discussed as an example of the enforcement of service properties. Several experiments are carried out to demonstrate this solution.

scholarly journals A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations

2020 ◽  
Vol 10 (15) ◽  
pp. 5208
Author(s):  
Mohammed Nasser Al-Mhiqani ◽  
Rabiah Ahmad ◽  
Z. Zainal Abidin ◽  
Warusia Yassin ◽  
Aslinda Hassan ◽  
...  
Keyword(s):  
Machine Learning ◽  
Conceptual Understanding ◽  
Machine Learning Techniques ◽  
Insider Threat ◽  
Threat Detection ◽  
Insider Threats ◽  
Fast Detection ◽  
Detection Systems ◽  
Learning Techniques ◽  
Security Property

Insider threat has become a widely accepted issue and one of the major challenges in cybersecurity. This phenomenon indicates that threats require special detection systems, methods, and tools, which entail the ability to facilitate accurate and fast detection of a malicious insider. Several studies on insider threat detection and related areas in dealing with this issue have been proposed. Various studies aimed to deepen the conceptual understanding of insider threats. However, there are many limitations, such as a lack of real cases, biases in making conclusions, which are a major concern and remain unclear, and the lack of a study that surveys insider threats from many different perspectives and focuses on the theoretical, technical, and statistical aspects of insider threats. The survey aims to present a taxonomy of contemporary insider types, access, level, motivation, insider profiling, effect security property, and methods used by attackers to conduct attacks and a review of notable recent works on insider threat detection, which covers the analyzed behaviors, machine-learning techniques, dataset, detection methodology, and evaluation metrics. Several real cases of insider threats have been analyzed to provide statistical information about insiders. In addition, this survey highlights the challenges faced by other researchers and provides recommendations to minimize obstacles.

Sign in / Sign up

Export Citation Format

Share Document