The threat of invasion of privacy and of the illegal appropriation of information both increase with the expansion of the biometrics service environment to open systems. However, while certificates or smart cards can easily be cancelled and reissued if found to be missing, there is no way to recover the unique biometric information of an individual following a security breach. For this reason, confidence among service bodies must be guaranteed. In this paper, we suggest nine bio-authentication models that differ according to template storage location, and define the threats and resolutions of these threats for each model. The suggested models can enhance web-based biometric security by providing security from the stage of transmission, and give stable performance by supplying standards-based encryptions. By designing and realizing biometric handshake protocols and biometric transfer protocols through the extension of TLS (transport layer security), and applying them to each model, these models can be applied to elements of the national infrastructure, such as electronic passports and immigration control systems.
{"title":"Biometric Handshake Protocol on Telebiometric System Mechanism for National Infrastructure","authors":"YongNyuo Shin, YongJun Lee, Woochang Shin, Jinyoung Choi","doi":"10.1109/ISA.2008.24","DOIUrl":"https://doi.org/10.1109/ISA.2008.24","url":null,"abstract":"The threat of invasion of privacy and of the illegal appropriation of information both increase with the expansion of the biometrics service environment to open systems. However, while certificates or smart cards can easily be cancelled and reissued if found to be missing, there is no way to recover the unique biometric information of an individual following a security breach. For this reason, confidence among service bodies must be guaranteed. In this paper, we suggest nine bio-authentication models that differ according to template storage location, and define the threats and resolutions of these threats for each model. The suggested models can enhance web-based biometric security by providing security from the stage of transmission, and give stable performance by supplying standards-based encryptions. By designing and realizing biometric handshake protocols and biometric transfer protocols through the extension of TLS (transport layer security), and applying them to each model, these models can be applied to elements of the national infrastructure, such as electronic passports and immigration control systems.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120960643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays, security policy evaluation becomes a very hot topic since high QoP(quality of protection) is required by more and more people. Most of the researchers focus on the security policy evaluation after they have been enforced into real application systems via some real attacks. However, before security policy enforcement, the policy themselves may also contain some anomalies which shouldn't be ignored. In this paper, we pointed out the importance of security policy pre-evaluation which focuses on security policy evaluation before policy enforcement. In addition we propose a framework for it towards risk analysis. As a concrete example, we show how to apply our framework to firewall security policies. Finally we discuss about the difficulty of our proposal and show future work interests.
{"title":"Security Policy Pre-evaluation towards Risk Analysis","authors":"Yiran Han, Y. Hori, K. Sakurai","doi":"10.1109/ISA.2008.114","DOIUrl":"https://doi.org/10.1109/ISA.2008.114","url":null,"abstract":"Nowadays, security policy evaluation becomes a very hot topic since high QoP(quality of protection) is required by more and more people. Most of the researchers focus on the security policy evaluation after they have been enforced into real application systems via some real attacks. However, before security policy enforcement, the policy themselves may also contain some anomalies which shouldn't be ignored. In this paper, we pointed out the importance of security policy pre-evaluation which focuses on security policy evaluation before policy enforcement. In addition we propose a framework for it towards risk analysis. As a concrete example, we show how to apply our framework to firewall security policies. Finally we discuss about the difficulty of our proposal and show future work interests.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"283 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116855161","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.
{"title":"Fine Granularity Access Rights for Information Flow Control in Object Oriented Systems","authors":"A. Maamir, A. Fellah, L.A. Salem","doi":"10.1109/ISA.2008.98","DOIUrl":"https://doi.org/10.1109/ISA.2008.98","url":null,"abstract":"One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116869794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In real life, one requires signatures from people who satisfy certain criteria like that they should possess some specific attributes. For example, Alice wants a document to be signed by some employee in Bob's company. This employee must have certain attributes such as being part of the IT staff and at least a junior manager in the cryptography team or a senior manager in the biometrics team. In order to satisfy these kinds of needs, we defined a common attribute-based signature scheme where the signing member has to have certain attributes or belong to a certain group, and we also proved our scheme to be secure.
{"title":"Attribute-based Signature Scheme","authors":"Guo Shaniqng, Z. Yingpei","doi":"10.1109/ISA.2008.111","DOIUrl":"https://doi.org/10.1109/ISA.2008.111","url":null,"abstract":"In real life, one requires signatures from people who satisfy certain criteria like that they should possess some specific attributes. For example, Alice wants a document to be signed by some employee in Bob's company. This employee must have certain attributes such as being part of the IT staff and at least a junior manager in the cryptography team or a senior manager in the biometrics team. In order to satisfy these kinds of needs, we defined a common attribute-based signature scheme where the signing member has to have certain attributes or belong to a certain group, and we also proved our scheme to be secure.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125884783","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the context of computer systems, an intrusion is generally considered to be a harmful endeavor to prevent others from legitimate use of that system, to obtain data which is not normally available to the intruder, or to plant data or disrupt data already existent on the machines. Traditionally intrusion detection has relied on two data sources: various log files which record user's activity, and network traffic which contains potential threats. This research presents a system which we call IDEA; the Intrusion DEtection Automata system. We utilize a third source of data for intrusion detection in the form of an instrumented process. Open source software is recompiled using a modified compiler we have created, and the resulting executable program generates the data as it runs. An external monitoring facility then checks the behavior of the program against known good execution paths. These paths are specified either using a domain specific language and hand-written rules, or by running the software in a learning mode and capturing the normal behavior for later comparison.
{"title":"IDEA: A New Intrusion Detection Data Source","authors":"W. Mahoney, W. Sousan","doi":"10.1109/ISA.2008.32","DOIUrl":"https://doi.org/10.1109/ISA.2008.32","url":null,"abstract":"In the context of computer systems, an intrusion is generally considered to be a harmful endeavor to prevent others from legitimate use of that system, to obtain data which is not normally available to the intruder, or to plant data or disrupt data already existent on the machines. Traditionally intrusion detection has relied on two data sources: various log files which record user's activity, and network traffic which contains potential threats. This research presents a system which we call IDEA; the Intrusion DEtection Automata system. We utilize a third source of data for intrusion detection in the form of an instrumented process. Open source software is recompiled using a modified compiler we have created, and the resulting executable program generates the data as it runs. An external monitoring facility then checks the behavior of the program against known good execution paths. These paths are specified either using a domain specific language and hand-written rules, or by running the software in a learning mode and capturing the normal behavior for later comparison.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130583278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we propose the integrated solution for detection and counterattack the rogue access points. Classification of rogue access point and related risk assessment is analyzed. Rogue detection algorithm is also proposed. Our proposed solution is effective and low cost. It is designed to utilize the existing wireless LAN infrastructure. There is no need to acquire the new RF devices or dedicated wireless detection sensors. The experiments in the real system are demonstrated.
{"title":"Integrated Wireless Rogue Access Point Detection and Counterattack System","authors":"S. Srilasak, K. Wongthavarawat, A. Phonphoem","doi":"10.1109/ISA.2008.103","DOIUrl":"https://doi.org/10.1109/ISA.2008.103","url":null,"abstract":"In this paper we propose the integrated solution for detection and counterattack the rogue access points. Classification of rogue access point and related risk assessment is analyzed. Rogue detection algorithm is also proposed. Our proposed solution is effective and low cost. It is designed to utilize the existing wireless LAN infrastructure. There is no need to acquire the new RF devices or dedicated wireless detection sensors. The experiments in the real system are demonstrated.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128711735","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Role based trust management uses distributed role hierarchies (DRH) to provide flexible and scalable authorization in multi-domain environments, but DRH are inherently transitive and may easily lead to unexpected or even illegal authorization. In this paper, we propose TS-DRH, a generalized extension of DRH based on a novel trust scope model of distributed roles. TS-DRH introduces the notion of scoped roles with four kinds of structural trust scopes, and uses scoped roles to control the member scopes of senior roles and the permission scopes of junior roles, and thus helps to control the propagation of role memberships and permissions in DRH. This paper also designs rule based semantics and a compliance checking algorithm to compute authorization decisions for TS-DRH.
{"title":"Towards Reliable Trust Management based on Structural Trust Scopes of Distributed Roles","authors":"Gang Yin, Ning Zhou, Huaimin Wang","doi":"10.1109/ISA.2008.94","DOIUrl":"https://doi.org/10.1109/ISA.2008.94","url":null,"abstract":"Role based trust management uses distributed role hierarchies (DRH) to provide flexible and scalable authorization in multi-domain environments, but DRH are inherently transitive and may easily lead to unexpected or even illegal authorization. In this paper, we propose TS-DRH, a generalized extension of DRH based on a novel trust scope model of distributed roles. TS-DRH introduces the notion of scoped roles with four kinds of structural trust scopes, and uses scoped roles to control the member scopes of senior roles and the permission scopes of junior roles, and thus helps to control the propagation of role memberships and permissions in DRH. This paper also designs rule based semantics and a compliance checking algorithm to compute authorization decisions for TS-DRH.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128984720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Building systems that are guaranteed to be secure or to remain secure over time is still an unachievable goal. The need for a security cockpit that helps to determine security assurance level of a system in a near real time manner is therefore vital in order to maintain and improve overall security. This paper discusses different steps in the whole security assurance assessment process in order to build such cockpit. To test and evaluate the applicability of our approach, we introduce then a system capable of assessing the security assurance level of a network system. Currently, this assessment system focuses on the availability aspect of the security.
{"title":"Towards a Security Cockpit","authors":"N. Pham, L. Baud, Patrick Bellot, Michel Riguidel","doi":"10.1109/ISA.2008.95","DOIUrl":"https://doi.org/10.1109/ISA.2008.95","url":null,"abstract":"Building systems that are guaranteed to be secure or to remain secure over time is still an unachievable goal. The need for a security cockpit that helps to determine security assurance level of a system in a near real time manner is therefore vital in order to maintain and improve overall security. This paper discusses different steps in the whole security assurance assessment process in order to build such cockpit. To test and evaluate the applicability of our approach, we introduce then a system capable of assessing the security assurance level of a network system. Currently, this assessment system focuses on the availability aspect of the security.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129174619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Memory forensics is growing concern. For effective evidence retrieval, it is important to take snapshot timely. With proper modification of guest OS, VMM is powerful tool for timely snapshot. In this paper, we propose an incident-driven memory snapshot for full-virtualized OS using interruptive debugging techniques. We modify debug register handler to invoke snapshot facility of VMM. Software interrupt or signal are generated in register handler. Then, we can take snapshot asynchronously when debug register is changed. On guest OS, we apply three kinds of interruptive debugging techniques: driver supplied callback function, DLL injection. IDT (interruption descriptor table) is modified by driver supplied callback function, which makes it possible to cope with vulnerability exploitation. DLL injection is applied to insert security check function into a resource access function. Proposed system is implemented XEN virtual machine monitor and KVM (Kernel Virtual machine).
{"title":"Incident-Driven Memory Snapshot for Full-Virtualized OS Using Interruptive Debugging Techniques","authors":"Ruo Ando, Y. Kadobayashi, Youichi Shinoda","doi":"10.1109/ISA.2008.27","DOIUrl":"https://doi.org/10.1109/ISA.2008.27","url":null,"abstract":"Memory forensics is growing concern. For effective evidence retrieval, it is important to take snapshot timely. With proper modification of guest OS, VMM is powerful tool for timely snapshot. In this paper, we propose an incident-driven memory snapshot for full-virtualized OS using interruptive debugging techniques. We modify debug register handler to invoke snapshot facility of VMM. Software interrupt or signal are generated in register handler. Then, we can take snapshot asynchronously when debug register is changed. On guest OS, we apply three kinds of interruptive debugging techniques: driver supplied callback function, DLL injection. IDT (interruption descriptor table) is modified by driver supplied callback function, which makes it possible to cope with vulnerability exploitation. DLL injection is applied to insert security check function into a resource access function. Proposed system is implemented XEN virtual machine monitor and KVM (Kernel Virtual machine).","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131157750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In 2003, Boyd et al. have proposed two deniable authenticated key establishment protocols for Internet key exchange (IKE). However, both schemes have been broken by Chou et al. in 2005 due to their susceptibility to key-compromise impersonation (KCI) attack. In this paper, we put forward the improved variants of both Boyd et al.'s schemes in order to defeat the KCI attack. On top of justifying our improvements, we further present a detailed security analysis to ensure that the desired security attributes: deniability and authenticity remain preserved.
{"title":"Secure Deniable Authenticated Key Establishment for Internet Protocols","authors":"Meng-Hui Lim, Sanggon Lee, Youngho Park, S. Moon","doi":"10.1109/ISA.2008.9","DOIUrl":"https://doi.org/10.1109/ISA.2008.9","url":null,"abstract":"In 2003, Boyd et al. have proposed two deniable authenticated key establishment protocols for Internet key exchange (IKE). However, both schemes have been broken by Chou et al. in 2005 due to their susceptibility to key-compromise impersonation (KCI) attack. In this paper, we put forward the improved variants of both Boyd et al.'s schemes in order to defeat the KCI attack. On top of justifying our improvements, we further present a detailed security analysis to ensure that the desired security attributes: deniability and authenticity remain preserved.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131432289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: