Automated trust negotiation (ATN) is a new means to establish trust relationship through the mutual exchange of access control policy and credentials in the open and distributed environments. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.
{"title":"A New Approach for Hiding Policy and Checking Policy Consistency","authors":"Deqing Zou, Zhensong Liao","doi":"10.1109/ISA.2008.39","DOIUrl":"https://doi.org/10.1109/ISA.2008.39","url":null,"abstract":"Automated trust negotiation (ATN) is a new means to establish trust relationship through the mutual exchange of access control policy and credentials in the open and distributed environments. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125278748","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Most cyber-attacks are not single attack actions. They are multi-step attacks composed by a set of attack actions. Although techniques used by attackers can be diverse, attack patterns are generally finite. So we need to find attack steps that are correlated in an attack scenario. By studying the patterns of multi-step cyber attacks, an algorithm is presented for correlating multi-step cyber attacks and constructing attack scenario system based on modeling multi-step cyber attacks. When alerts appear, the algorithm turns them into corresponding attack models based on the knowledge base and correlates them, whether alert or not is based on the weighted cost in the attack path graph and the attack degree of the corresponding host. And attack scenarios can be constructed by correlating the attack path graphs. Moreover, the model can detect intrusion alerts in real time and revise the attack scenarios. Experiments on the DARPA IDS test dataset show the validity of the algorithm.
{"title":"Correlating Multi-Step Attack and Constructing Attack Scenarios Based on Attack Pattern Modeling","authors":"Zhijie Liu, C. Wang, Shifu Chen","doi":"10.1109/ISA.2008.11","DOIUrl":"https://doi.org/10.1109/ISA.2008.11","url":null,"abstract":"Most cyber-attacks are not single attack actions. They are multi-step attacks composed by a set of attack actions. Although techniques used by attackers can be diverse, attack patterns are generally finite. So we need to find attack steps that are correlated in an attack scenario. By studying the patterns of multi-step cyber attacks, an algorithm is presented for correlating multi-step cyber attacks and constructing attack scenario system based on modeling multi-step cyber attacks. When alerts appear, the algorithm turns them into corresponding attack models based on the knowledge base and correlates them, whether alert or not is based on the weighted cost in the attack path graph and the attack degree of the corresponding host. And attack scenarios can be constructed by correlating the attack path graphs. Moreover, the model can detect intrusion alerts in real time and revise the attack scenarios. Experiments on the DARPA IDS test dataset show the validity of the algorithm.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125473064","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Bin-Hui Chou, K. Tatara, T. Sakuraba, Y. Hori, K. Sakurai
Digital forensics encompasses the process of identifying the perpetrator and the criminal method by analyzing the logs generated in the computer. Log files record the activities of the computer and by reading them one can know what kind of event happened at a certain time. Therefore, secure logs with the integrity property are essential. In this paper, we discuss two approaches to achieve the integrity of logs- the kernel module and virtualization, and compare them. Although virtualization is more inefficient in performance than the kernel module, it provides more security properties for logs. Thus, we then focus on the virtualization approach with a detailed proposal, which describes ways to preserve logs without tampering and deletion.
{"title":"A Secure Virtualized Logging Scheme for Digital Forensics in Comparison with Kernel Module Approach","authors":"Bin-Hui Chou, K. Tatara, T. Sakuraba, Y. Hori, K. Sakurai","doi":"10.1109/ISA.2008.96","DOIUrl":"https://doi.org/10.1109/ISA.2008.96","url":null,"abstract":"Digital forensics encompasses the process of identifying the perpetrator and the criminal method by analyzing the logs generated in the computer. Log files record the activities of the computer and by reading them one can know what kind of event happened at a certain time. Therefore, secure logs with the integrity property are essential. In this paper, we discuss two approaches to achieve the integrity of logs- the kernel module and virtualization, and compare them. Although virtualization is more inefficient in performance than the kernel module, it provides more security properties for logs. Thus, we then focus on the virtualization approach with a detailed proposal, which describes ways to preserve logs without tampering and deletion.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117334354","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dealing with risk is critical to the success of any information security and assurance endeavor. With society's ever-increasing dependence on large-scale information systems, dealing with security risk is a topic of considerable importance and attention. It is generally infeasible to provide "total security" for any information system. As a result, successful risk management must be strategically planned with regard to desired assurance levels and costs. In this paper we define the practices associated with strategic planning for managing information security and assurance. We provide a concrete and practical approach for generating such strategic plans that is provably optimal and robust.
{"title":"Strategic Planning for Information Security and Assurance","authors":"D. Port, R. Kazman, Ann Takenaka","doi":"10.1109/ISA.2008.88","DOIUrl":"https://doi.org/10.1109/ISA.2008.88","url":null,"abstract":"Dealing with risk is critical to the success of any information security and assurance endeavor. With society's ever-increasing dependence on large-scale information systems, dealing with security risk is a topic of considerable importance and attention. It is generally infeasible to provide \"total security\" for any information system. As a result, successful risk management must be strategically planned with regard to desired assurance levels and costs. In this paper we define the practices associated with strategic planning for managing information security and assurance. We provide a concrete and practical approach for generating such strategic plans that is provably optimal and robust.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115853868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This study proposes a pre-deployment key management scheme that requires a few memory capacities and CPU computations to address secure data transmissions in wireless sensor networks (WSNs). The proposed scheme exploits threshold key management mechanisms by Lagrange interpolation polynomial generating a key set for sensor nodes, and uses symmetric and irreversible cryptography schemes to encrypt transmitted data by the generated keys with message authentication code (MAC). The sensor nodes merely have to aggregate and encrypt received data without complicated cryptography operations. The proposed approach can achieve rapid and efficient secure data transmissions with low communications, and is proper to be implemented on large-scale sensor networks.
{"title":"A Rapid and Efficient Pre-deployment Key Scheme for Secure Data Transmissions in Sensor Networks Using Lagrange Interpolation Polynomial","authors":"Hua-Yi Lin, De-Jun Pan, Xin Zhao, Zhi-Ren Qiu","doi":"10.1109/ISA.2008.100","DOIUrl":"https://doi.org/10.1109/ISA.2008.100","url":null,"abstract":"This study proposes a pre-deployment key management scheme that requires a few memory capacities and CPU computations to address secure data transmissions in wireless sensor networks (WSNs). The proposed scheme exploits threshold key management mechanisms by Lagrange interpolation polynomial generating a key set for sensor nodes, and uses symmetric and irreversible cryptography schemes to encrypt transmitted data by the generated keys with message authentication code (MAC). The sensor nodes merely have to aggregate and encrypt received data without complicated cryptography operations. The proposed approach can achieve rapid and efficient secure data transmissions with low communications, and is proper to be implemented on large-scale sensor networks.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129466294","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
There are a number of techniques and pieces of hardware and software aimed at promoting information security. In the present paper it is presented a security system dynamically reconfigurable in FPGAs. SSDR presents a robust architecture, which enables the implementation of specific and general security policies in order to guarantee services such as confidentiality, authenticity, integrity, availability, access control, and information audit. The main purposes of SSDR include guaranteeing a great security level by reaching time performance acceptable to a conventional computer network, besides a greater flexibility in relation to a configuration of functionalities and to the security policies. In this paper it will be presented the reconfigurable firewall module, highlighting its architecture, functionalities and performance, as well as focusing on the impact on the reconfigurable time according the model of project adopted.
{"title":"SSDR - Reconfigurable Firewall: Reconfiguration Model Impact","authors":"F. D. Pereira, E.D.M. Ordonez","doi":"10.1109/ISA.2008.51","DOIUrl":"https://doi.org/10.1109/ISA.2008.51","url":null,"abstract":"There are a number of techniques and pieces of hardware and software aimed at promoting information security. In the present paper it is presented a security system dynamically reconfigurable in FPGAs. SSDR presents a robust architecture, which enables the implementation of specific and general security policies in order to guarantee services such as confidentiality, authenticity, integrity, availability, access control, and information audit. The main purposes of SSDR include guaranteeing a great security level by reaching time performance acceptable to a conventional computer network, besides a greater flexibility in relation to a configuration of functionalities and to the security policies. In this paper it will be presented the reconfigurable firewall module, highlighting its architecture, functionalities and performance, as well as focusing on the impact on the reconfigurable time according the model of project adopted.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127395751","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we will study on features of the future wireless network generation such as the antenna schemes and the modulation systems. We also observe on the direction of the next generation of wireless network system. Since MIMO, the smart antenna technique, is known by its quality of data transmission there are many researchers who pay more attention to study on this antenna scheme in the purpose to improve performance of transmission at uplink and downlink. In the same time the only improving on the antenna schemes alone can not fulfill the requirement of the next wireless network generation, known as 4G, we also need the modulation system which can bring the performance of the current wireless network to another level, there for we will take a close look on the specifications of OFDM modulation scheme. Finally we will see what can the MIMO-OFDM promises for the 4G communication system.
{"title":"MIMO-OFDM for the Better Quality Link of Wireless Network","authors":"Long Bora, Heau-Jo Kang, Y. Kim","doi":"10.1109/ISA.2008.110","DOIUrl":"https://doi.org/10.1109/ISA.2008.110","url":null,"abstract":"In this paper we will study on features of the future wireless network generation such as the antenna schemes and the modulation systems. We also observe on the direction of the next generation of wireless network system. Since MIMO, the smart antenna technique, is known by its quality of data transmission there are many researchers who pay more attention to study on this antenna scheme in the purpose to improve performance of transmission at uplink and downlink. In the same time the only improving on the antenna schemes alone can not fulfill the requirement of the next wireless network generation, known as 4G, we also need the modulation system which can bring the performance of the current wireless network to another level, there for we will take a close look on the specifications of OFDM modulation scheme. Finally we will see what can the MIMO-OFDM promises for the 4G communication system.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128603746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper, we present a dynamic evolution system and build up a model to trace the transition of the system state. This new model differs from the previous methods, such as Bayesian network, artificial neural network, in two aspects: it can adapt the changes of the environment automatically, and it does not need a special training phase to build up a model. Theoretical analysis shows that it is applicable and practical, and furthermore, experimental results show that it has good performance especially in dynamic environment.
{"title":"Dynamic Evolution Systems and Applications in Intrusion Detection Systems","authors":"Xian-Ming Xu, J. Zhan","doi":"10.1109/ISA.2008.82","DOIUrl":"https://doi.org/10.1109/ISA.2008.82","url":null,"abstract":"In this paper, we present a dynamic evolution system and build up a model to trace the transition of the system state. This new model differs from the previous methods, such as Bayesian network, artificial neural network, in two aspects: it can adapt the changes of the environment automatically, and it does not need a special training phase to build up a model. Theoretical analysis shows that it is applicable and practical, and furthermore, experimental results show that it has good performance especially in dynamic environment.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125602657","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The existing researchers on security for sensor networks have mostly concerned about only reconfiguration or only rejuvenation or both mechanisms for adaptation of sensor networks. In this paper we employ self-regenerative software components in order to perform optimal software rejuvenation in wireless sensor network with a view to increase the availability of sensor nodes in sensor networks. Here, the model uses self-regenerative capabilities for detecting misbehaving in node level and apply software rejuvenation in optimal time scheduling in order to extend the availability of sensor networks. In this paper we propose a general framework for optimal self-regenerative rejuvenation Scheduling. The security analysis shows the feasibility of our approach.
{"title":"Towards Optimal Software Rejuvenation in Wireless Sensor Networks using Self-Regenerative Components","authors":"S. Parvin, Dong Seong Kim, Jong Sou Park","doi":"10.1109/ISA.2008.87","DOIUrl":"https://doi.org/10.1109/ISA.2008.87","url":null,"abstract":"The existing researchers on security for sensor networks have mostly concerned about only reconfiguration or only rejuvenation or both mechanisms for adaptation of sensor networks. In this paper we employ self-regenerative software components in order to perform optimal software rejuvenation in wireless sensor network with a view to increase the availability of sensor nodes in sensor networks. Here, the model uses self-regenerative capabilities for detecting misbehaving in node level and apply software rejuvenation in optimal time scheduling in order to extend the availability of sensor networks. In this paper we propose a general framework for optimal self-regenerative rejuvenation Scheduling. The security analysis shows the feasibility of our approach.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121464115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Eungyeong Kim, Hyogun Yoon, Yupeng Zhang, Min Sang Lee, Jaewan Lee
This paper proposes a u-Healthcare system that can perceive emergency situations in chronic hypertension patients and initiate emergency action. The proposed system considers patient mobility and integrates a medical recommendations knowledge base and communication protocols between system agents in an RFID and Cell phone architecture. A comparison and analysis of the proposed system and the operational characteristics of an implemented system is provided. The proposed system can supply information to assist patients in normal health management as well as emergency situations.
{"title":"A Hypertension Management System with Emergency Monitoring","authors":"Eungyeong Kim, Hyogun Yoon, Yupeng Zhang, Min Sang Lee, Jaewan Lee","doi":"10.1109/ISA.2008.69","DOIUrl":"https://doi.org/10.1109/ISA.2008.69","url":null,"abstract":"This paper proposes a u-Healthcare system that can perceive emergency situations in chronic hypertension patients and initiate emergency action. The proposed system considers patient mobility and integrates a medical recommendations knowledge base and communication protocols between system agents in an RFID and Cell phone architecture. A comparison and analysis of the proposed system and the operational characteristics of an implemented system is provided. The proposed system can supply information to assist patients in normal health management as well as emergency situations.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131224673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: