F. Ricciato, P. Svoboda, E. Hasenleithner, Wolfgang Fleischer
The presence of "unwanted" (or background) traffic in the Internet is a well-known fact. In principle any network that has been engineered without taking into account the presence of unwanted traffic might experience troubles during periods of massive exposure to it, e.g. large-scale infections. A concrete example was provided by the spreading of Code-Red-II in 2001, which caused several routers crashes worldwide. Similar events might take place in 3G networks as well, with further potential complications due to the functional complexity and the scarcity of radio resources. In this explorative paper, we show that unwanted traffic is present also in GPRS/UMTS, mainly due to the widespread use of 3G connect cards for laptops. Based on a mixture of real-world measurements and theoretical speculations, we investigate the potential impact of such traffic onto the underlying network. We show that under certain hypothetical network configuration settings unwanted traffic, and specifically scanning traffic from infected mobile stations, can cause large-scale wastage of logical resources, and in extreme cases starvation. We urge the research community and network operators to consider the issue of 3G robustness to unwanted traffic as a prominent research area. The goal of this paper is to trigger interest and at the same time move a first pioneering step in this direction
{"title":"On the impact of unwanted traffic onto a 3G network","authors":"F. Ricciato, P. Svoboda, E. Hasenleithner, Wolfgang Fleischer","doi":"10.1109/SECPERU.2006.13","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.13","url":null,"abstract":"The presence of \"unwanted\" (or background) traffic in the Internet is a well-known fact. In principle any network that has been engineered without taking into account the presence of unwanted traffic might experience troubles during periods of massive exposure to it, e.g. large-scale infections. A concrete example was provided by the spreading of Code-Red-II in 2001, which caused several routers crashes worldwide. Similar events might take place in 3G networks as well, with further potential complications due to the functional complexity and the scarcity of radio resources. In this explorative paper, we show that unwanted traffic is present also in GPRS/UMTS, mainly due to the widespread use of 3G connect cards for laptops. Based on a mixture of real-world measurements and theoretical speculations, we investigate the potential impact of such traffic onto the underlying network. We show that under certain hypothetical network configuration settings unwanted traffic, and specifically scanning traffic from infected mobile stations, can cause large-scale wastage of logical resources, and in extreme cases starvation. We urge the research community and network operators to consider the issue of 3G robustness to unwanted traffic as a prominent research area. The goal of this paper is to trigger interest and at the same time move a first pioneering step in this direction","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129275419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The extraordinary growth of the information society is originating a high dependency on ICT. This provokes that those strongly interrelated technological infrastructures, as well as the information systems that underpin them, become highly critical, since their disruption would lead to high economical, material and, sometimes, human loss. As a consequence, the protection of these critical information infrastructures is becoming a major objective for governments and companies. In this paper, we give an overview of the main challenges and open research issues on critical information infrastructure security, and introduce an on-going research project that, using wireless sensor networks as an underlying technology, is dealing with those problems. Our research project focuses on the development of protection, control, evaluation, maintenance and verification mechanisms, integrated into a secure service-oriented architecture
{"title":"Service-Oriented Security Architecture for CII based on Sensor Networks","authors":"Javier López, J. A. Montenegro, R. Román","doi":"10.1109/SECPERU.2006.19","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.19","url":null,"abstract":"The extraordinary growth of the information society is originating a high dependency on ICT. This provokes that those strongly interrelated technological infrastructures, as well as the information systems that underpin them, become highly critical, since their disruption would lead to high economical, material and, sometimes, human loss. As a consequence, the protection of these critical information infrastructures is becoming a major objective for governments and companies. In this paper, we give an overview of the main challenges and open research issues on critical information infrastructure security, and introduce an on-going research project that, using wireless sensor networks as an underlying technology, is dealing with those problems. Our research project focuses on the development of protection, control, evaluation, maintenance and verification mechanisms, integrated into a secure service-oriented architecture","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"358 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121308687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The objective of this paper is to propose a cryptographic protocol which provides authenticity in the exchange of information between two entities without using any shared secret and by using only one-way chains. Such a protocol may have many applications and may be of interest especially in constrained environments where computational power is limited since one-way chains may be constructed using some of the simplest cryptographic one-way functions. We propose and investigate two approaches based on one-way chains, which we call: delayed message authentication and direct message authentication. Both of them have some shortcomings and a final hybrid approach, which combines their advantages without inheriting their weaknesses, appears to be quite useful and effective
{"title":"Using One-Way Chains to Provide Message Authentication without Shared Secrets","authors":"B. Groza","doi":"10.1109/SECPERU.2006.21","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.21","url":null,"abstract":"The objective of this paper is to propose a cryptographic protocol which provides authenticity in the exchange of information between two entities without using any shared secret and by using only one-way chains. Such a protocol may have many applications and may be of interest especially in constrained environments where computational power is limited since one-way chains may be constructed using some of the simplest cryptographic one-way functions. We propose and investigate two approaches based on one-way chains, which we call: delayed message authentication and direct message authentication. Both of them have some shortcomings and a final hybrid approach, which combines their advantages without inheriting their weaknesses, appears to be quite useful and effective","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128025314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper considers how two parties communicate securely over an adversary-controlled network. We especially focus on the problem of ID protection because of the rapid development of mobile network where any transferred message is easily eavesdropped on. We analyze several existing key exchange protocols and point out their problems: e.g. incompleteness of ID protection and vulnerability to DoS attacks. Then we model the notion of ID protection and construct a protocol with provable security
{"title":"Enhanced privacy in key-exchange protocols by one-time ID","authors":"K. Imamoto, K. Sakurai","doi":"10.1109/SECPERU.2006.9","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.9","url":null,"abstract":"This paper considers how two parties communicate securely over an adversary-controlled network. We especially focus on the problem of ID protection because of the rapid development of mobile network where any transferred message is easily eavesdropped on. We analyze several existing key exchange protocols and point out their problems: e.g. incompleteness of ID protection and vulnerability to DoS attacks. Then we model the notion of ID protection and construct a protocol with provable security","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132130724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
V. Casola, L. Coppolino, A. Mazzeo, N. Mazzocca, M. Rak
Obtaining a measure of the trustability of a system in an open environment is a difficult task since trust concepts involve different quality criteria including non-technological aspects. Quality criteria and, above all, security mechanisms are commonly characterized by means of a set of statements making part of a policy. We are working on an evaluation methodology allowing automatic management for semi-formal policies and in this paper we propose a trust manager architecture (TruMan) enabling our methodology and an implementation of such architecture. We also present a proof-of-concept case study where TruMan is adopted in the context of service oriented architectures
{"title":"Design and implementation of TruMan, a trust manager component for distributed systems","authors":"V. Casola, L. Coppolino, A. Mazzeo, N. Mazzocca, M. Rak","doi":"10.1109/SECPERU.2006.7","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.7","url":null,"abstract":"Obtaining a measure of the trustability of a system in an open environment is a difficult task since trust concepts involve different quality criteria including non-technological aspects. Quality criteria and, above all, security mechanisms are commonly characterized by means of a set of statements making part of a policy. We are working on an evaluation methodology allowing automatic management for semi-formal policies and in this paper we propose a trust manager architecture (TruMan) enabling our methodology and an implementation of such architecture. We also present a proof-of-concept case study where TruMan is adopted in the context of service oriented architectures","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"2015 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128233557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
L. Kazatzopoulos, C. Delakouridis, G. Marias, P. Georgiadis
In the most deployment scenarios of wireless sensor networks (WSNs) the sensors are statically distributed and configured to propagate the captured information towards the sink-sensor. This information might be unclassified, such as environmental data, or private, such as the location of an important asset. In the latter case, security mechanisms might be essential to ensure the confidentiality of the location of the information source. Such mechanisms might exploit light cryptographic systems, such us elliptic curve, to authenticate and cipher the information that is relayed towards the sink. On the other hand, the static configuration of WSNs might simplify the apocalypses of the information source. An eavesdropper might use reverse packet-routing engineering to expose the location of the sensor that captured and reported the phenomenon. To deal with this issue, we have introduced a novel approach, called iHIDE - information hiding in distributing environments, to enable source-location privacy in WSNs. iHIDE adopts a non-geographical, overlay routing method for packet delivery. This paper introduces the architecture, and assesses its performance through simulation experiments, providing comparisons with relative approaches
{"title":"iHIDE: hiding sources of information in WSNs","authors":"L. Kazatzopoulos, C. Delakouridis, G. Marias, P. Georgiadis","doi":"10.1109/SECPERU.2006.11","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.11","url":null,"abstract":"In the most deployment scenarios of wireless sensor networks (WSNs) the sensors are statically distributed and configured to propagate the captured information towards the sink-sensor. This information might be unclassified, such as environmental data, or private, such as the location of an important asset. In the latter case, security mechanisms might be essential to ensure the confidentiality of the location of the information source. Such mechanisms might exploit light cryptographic systems, such us elliptic curve, to authenticate and cipher the information that is relayed towards the sink. On the other hand, the static configuration of WSNs might simplify the apocalypses of the information source. An eavesdropper might use reverse packet-routing engineering to expose the location of the sensor that captured and reported the phenomenon. To deal with this issue, we have introduced a novel approach, called iHIDE - information hiding in distributing environments, to enable source-location privacy in WSNs. iHIDE adopts a non-geographical, overlay routing method for packet delivery. This paper introduces the architecture, and assesses its performance through simulation experiments, providing comparisons with relative approaches","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"283 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116092182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper analyses the role trusted computing can play in a pervasive/ubiquitous environment. Traditionally, the ideology of Weiser (1991) and others when considering the pervasive computing vista, dictated that computers would invisibly integrate themselves into the background environment, providing useful services to users, as well as contextual information as to their surroundings. While mindful of this invisibility property, we examine trusted computing as a component of devices that themselves hold the promise of ubiquity. In this respect, we examine a contrived application scenario in order to abstract a number of useful properties trusted computing can provide in a pervasive setting
{"title":"Pervasive trusted computing","authors":"S. Balfe, Shiqun Li, Jianying Zhou","doi":"10.1109/SECPERU.2006.14","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.14","url":null,"abstract":"This paper analyses the role trusted computing can play in a pervasive/ubiquitous environment. Traditionally, the ideology of Weiser (1991) and others when considering the pervasive computing vista, dictated that computers would invisibly integrate themselves into the background environment, providing useful services to users, as well as contextual information as to their surroundings. While mindful of this invisibility property, we examine trusted computing as a component of devices that themselves hold the promise of ubiquity. In this respect, we examine a contrived application scenario in order to abstract a number of useful properties trusted computing can provide in a pervasive setting","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128872001","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Trust is crucial in mobile communications. How to establish a trusted mobile environment is becoming more and more important for mobile device venders, mobile service providers and mobile networking operators. This paper presents a conceptual architecture towards establishing a trusted mobile environment. The contribution of this paper is a) specifying the architecture of a trusted mobile environment; b) by developing the conceptual architecture, explaining key motivations behind the location of every element in the architecture; and c) evaluating the architecture by applying it into a mobile peer-to-peer system
{"title":"A conceptual architecture of a trusted mobile environment","authors":"Zheng Yan","doi":"10.1109/SECPERU.2006.1","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.1","url":null,"abstract":"Trust is crucial in mobile communications. How to establish a trusted mobile environment is becoming more and more important for mobile device venders, mobile service providers and mobile networking operators. This paper presents a conceptual architecture towards establishing a trusted mobile environment. The contribution of this paper is a) specifying the architecture of a trusted mobile environment; b) by developing the conceptual architecture, explaining key motivations behind the location of every element in the architecture; and c) evaluating the architecture by applying it into a mobile peer-to-peer system","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122434325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vangelis G. Bintzios, Thanasis G. Papaioannou, G. Stamoulis
To assess the trustworthiness of the information published in the World Wide Web referrals are often employed. This is due to the fact that most information sources are visited only occasionally by the same client, and thus, direct own experience rarely suffices. The accuracy of trust inference for unknown information sources may considerably deteriorate due to "noise" or to the intervention of malicious nodes producing and propagating untrustworthy referrals. In this paper, we describe an innovative approach for trust inference in the semantic Web and in trust networks in general, referred to as FACiLE (faith assessment combining last edges). Unlike all other approaches, FACilE infers a trust value for an information source from a proper combination of only the direct trust values of its neighbours. We evaluate the efficiency of our approach by means of a series of simulation experiments run for a wide variety of mixes of sources of untrustworthy information. FACiLE outperforms other trust-inference approach in the most interesting cases of population mixes
{"title":"An effective approach for accurate estimation of trust of distant information sources in the semantic Web","authors":"Vangelis G. Bintzios, Thanasis G. Papaioannou, G. Stamoulis","doi":"10.1109/SECPERU.2006.4","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.4","url":null,"abstract":"To assess the trustworthiness of the information published in the World Wide Web referrals are often employed. This is due to the fact that most information sources are visited only occasionally by the same client, and thus, direct own experience rarely suffices. The accuracy of trust inference for unknown information sources may considerably deteriorate due to \"noise\" or to the intervention of malicious nodes producing and propagating untrustworthy referrals. In this paper, we describe an innovative approach for trust inference in the semantic Web and in trust networks in general, referred to as FACiLE (faith assessment combining last edges). Unlike all other approaches, FACilE infers a trust value for an information source from a proper combination of only the direct trust values of its neighbours. We evaluate the efficiency of our approach by means of a series of simulation experiments run for a wide variety of mixes of sources of untrustworthy information. FACiLE outperforms other trust-inference approach in the most interesting cases of population mixes","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"303 11","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113959044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this work, possible optimization techniques for realization of asymmetrical and symmetrical standard cryptographic algorithms on assembler of Texas Instruments TMS320C54x family of digital signal processors are considered. Optimization of RSA asymmetrical, as well as IDEA and AES (Rijndael) symmetrical algorithms are evaluated. Possible optimization techniques for RSA algorithm are related to multiplication, modular reduction and RSA private key operation procedures. We have modified the original Karatsuba-Offman's algorithm and obtain a less recursive algorithm and use it for possible optimization. A cryptographic throughput and a speed of the signal processor's realization of IDEA and AES symmetrical algorithms in ECB mode are also analyzed. Besides, an optimization procedure in AES algorithm using specific tables is also discussed. Obtained results show that the TMS320C54x family of signal processors is suitable for the standard asymmetrical and symmetrical algorithms' realization
{"title":"On Implementation Aspects of Standard Asymmetric and Symmetric Cryptographic Algorithms on TI Signal Processors","authors":"M. Marković, G. Dordevic","doi":"10.1109/SECPERU.2006.12","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.12","url":null,"abstract":"In this work, possible optimization techniques for realization of asymmetrical and symmetrical standard cryptographic algorithms on assembler of Texas Instruments TMS320C54x family of digital signal processors are considered. Optimization of RSA asymmetrical, as well as IDEA and AES (Rijndael) symmetrical algorithms are evaluated. Possible optimization techniques for RSA algorithm are related to multiplication, modular reduction and RSA private key operation procedures. We have modified the original Karatsuba-Offman's algorithm and obtain a less recursive algorithm and use it for possible optimization. A cryptographic throughput and a speed of the signal processor's realization of IDEA and AES symmetrical algorithms in ECB mode are also analyzed. Besides, an optimization procedure in AES algorithm using specific tables is also discussed. Obtained results show that the TMS320C54x family of signal processors is suitable for the standard asymmetrical and symmetrical algorithms' realization","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128177677","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: