In this paper, we propose a privacy-preserving authentication scheme for RFID systems with fast lookup time. Our solution is based on the use of Physically Unclonable Functions (PUFs). Although there are many proposals that addresses the security and privacy issues of RFID, the search efficiency still remains as a challenging issue. A first treebased mutual authentication scheme for RFID systems has been proposed by Molnar and Wagner to solve the search efficiency problem. The large communication overhead of this scheme has been reduced by Dimitriou performing the authentication with one message from the tag to the reader. However, tree-based schemes are vulnerable to tag compromising attack due to lack key-updating mechanism. Therefore, tree-based schemes are weak private in the Vaudenay-Model. In this paper, we present a tree-based authentication protocol for RFID systems that is destructive-private in the Vaudenay-Model. Our proposed scheme provides resistance against tag compromising attack by using PUFs as a secure storage to keep secrets of the tag. Keywords-RFID; Security; Privacy; Authentication; PUF;
{"title":"PUF Based Scalable Private RFID Authentication","authors":"Mete Akgün, M. Çaglayan","doi":"10.1109/ARES.2011.73","DOIUrl":"https://doi.org/10.1109/ARES.2011.73","url":null,"abstract":"In this paper, we propose a privacy-preserving authentication scheme for RFID systems with fast lookup time. Our solution is based on the use of Physically Unclonable Functions (PUFs). Although there are many proposals that addresses the security and privacy issues of RFID, the search efficiency still remains as a challenging issue. A first treebased mutual authentication scheme for RFID systems has been proposed by Molnar and Wagner to solve the search efficiency problem. The large communication overhead of this scheme has been reduced by Dimitriou performing the authentication with one message from the tag to the reader. However, tree-based schemes are vulnerable to tag compromising attack due to lack key-updating mechanism. Therefore, tree-based schemes are weak private in the Vaudenay-Model. In this paper, we present a tree-based authentication protocol for RFID systems that is destructive-private in the Vaudenay-Model. Our proposed scheme provides resistance against tag compromising attack by using PUFs as a secure storage to keep secrets of the tag. Keywords-RFID; Security; Privacy; Authentication; PUF;","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125325598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Unlike functional implementations, it is difficult to analyze the impact software enhancements on security. One of the difficulties is identifying the range of effects by new security threats, and the other is developing proper countermeasures. This paper proposes an analysis process that uses two kinds of security pattern: security requirements patterns (SRP) for identifying threats and security design patterns (SDP) for identifying countermeasures at an action class level. With these two patterns and the conventional traceability methodology, developers can estimate and compare the amounts of modifications needed by multiple security countermeasures.
{"title":"Effective Security Impact Analysis with Patterns for Software Enhancement","authors":"T. Okubo, H. Kaiya, Nobukazu Yoshioka","doi":"10.1109/ARES.2011.79","DOIUrl":"https://doi.org/10.1109/ARES.2011.79","url":null,"abstract":"Unlike functional implementations, it is difficult to analyze the impact software enhancements on security. One of the difficulties is identifying the range of effects by new security threats, and the other is developing proper countermeasures. This paper proposes an analysis process that uses two kinds of security pattern: security requirements patterns (SRP) for identifying threats and security design patterns (SDP) for identifying countermeasures at an action class level. With these two patterns and the conventional traceability methodology, developers can estimate and compare the amounts of modifications needed by multiple security countermeasures.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"37 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117084293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The secret nature of elections is of major importance to guarantee free and democratic elections. Due to it’s importance it has to be enforced even against the voter himself. I.e. every (electronic) voting system has to ensure that the voter does not gain any receipt that enables him to prove his voting decision to others. In this paper we present a formal model addressing the security requirement of receipt-freeness for electronic voting systems. This formal model can bee seen as a step towards a formal security model which enables the Common Criteria evaluation and certification of online voting products according to Evaluation Assurance Level EAL 5 or higher. Thus, it can help to strengthen the trust of the voters in the voting system. Keywords-Electronic Voting, Ballot Secrecy, Receipt-Freeness, Formal Security Model, Common Criteria
{"title":"Formalization of Receipt-Freeness in the Context of Electronic Voting","authors":"Katharina Bräunlich, Rüdiger Grimm","doi":"10.1109/ARES.2011.25","DOIUrl":"https://doi.org/10.1109/ARES.2011.25","url":null,"abstract":"The secret nature of elections is of major importance to guarantee free and democratic elections. Due to it’s importance it has to be enforced even against the voter himself. I.e. every (electronic) voting system has to ensure that the voter does not gain any receipt that enables him to prove his voting decision to others. In this paper we present a formal model addressing the security requirement of receipt-freeness for electronic voting systems. This formal model can bee seen as a step towards a formal security model which enables the Common Criteria evaluation and certification of online voting products according to Evaluation Assurance Level EAL 5 or higher. Thus, it can help to strengthen the trust of the voters in the voting system. Keywords-Electronic Voting, Ballot Secrecy, Receipt-Freeness, Formal Security Model, Common Criteria","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130733351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
IT security is a vital task; user authentication a fundamental part. Yet the policies to implement user authentication often have a poor cost/benefit ratio. This paper (i) analyzes the costs of typical user authentication policies based on interviews with large Austrian IT providers. It (ii) then elaborates on how the policies are chosen, focusing on a lack of real cost accounting, and riskaverse principal agents in the security departments.
{"title":"Hidden Price of User Authentication: Cost Analysis and Stakeholder Motivation","authors":"Ludwig Meyer, M. Auer, M. Klemen, S. Biffl","doi":"10.1109/ARES.2011.54","DOIUrl":"https://doi.org/10.1109/ARES.2011.54","url":null,"abstract":"IT security is a vital task; user authentication a fundamental part. Yet the policies to implement user authentication often have a poor cost/benefit ratio. This paper (i) analyzes the costs of typical user authentication policies based on interviews with large Austrian IT providers. It (ii) then elaborates on how the policies are chosen, focusing on a lack of real cost accounting, and riskaverse principal agents in the security departments.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114605317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Model driven development (MDD) is considered a promising approach for software development. In this paper the results of a systematic survey is reported to identify the state-of-the-art within the topic of security in model driven development, with a special focus on finding empirical studies. We provide an introduction to the major secure MDD initiatives, but our survey shows that there is a lack of empirical work on the topic. We conclude that better standardisation initiatives and more empirical research in the field is necessary before it can be considered mature.
{"title":"Security in Model Driven Development: A Survey","authors":"Jostein Jensen, M. Jaatun","doi":"10.1109/ARES.2011.110","DOIUrl":"https://doi.org/10.1109/ARES.2011.110","url":null,"abstract":"Model driven development (MDD) is considered a promising approach for software development. In this paper the results of a systematic survey is reported to identify the state-of-the-art within the topic of security in model driven development, with a special focus on finding empirical studies. We provide an introduction to the major secure MDD initiatives, but our survey shows that there is a lack of empirical work on the topic. We conclude that better standardisation initiatives and more empirical research in the field is necessary before it can be considered mature.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123738661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Despite the fact that lean and agile software development has become mainstream recently, especially for larger-scale organizations building complex products, the methodology leaves many architectural questions unanswered. For instance, agile methods such as Extreme Programming propose late architectural decisions and frequent refactoring, while others suggest an “architectural runway†as infrastructure for a certain set of upcoming customer features. Software “product lines†consist of a set of software products that share a common, managed set of features. These product lines are developed from reusable core assets incorporating variations in order to derive customer-specific product variants. Hence, this research explores interoperability and complementarity of lean and agile approaches in combination with a software product line engineering approach. With this position paper, we discuss both, (i) complementing architectural issues in large scale lean and agile development and (ii) providing methodological guidance to make product line engineering more agile and efficient. In doing so, we come to the conclusion that this combination enables us to build the right products in time and budget. Our findings are based on observations and experience from a large-scale software company with several thousand developers working on various solution combinations of highly interdependent products.
{"title":"Product Line Engineering in Large-Scale Lean and Agile Software Product Development Environments - Towards a Hybrid Approach to Decentral Control and Managed Reuse","authors":"Benjamin Blau, T. Hildenbrand","doi":"10.1109/ARES.2011.66","DOIUrl":"https://doi.org/10.1109/ARES.2011.66","url":null,"abstract":"Despite the fact that lean and agile software development has become mainstream recently, especially for larger-scale organizations building complex products, the methodology leaves many architectural questions unanswered. For instance, agile methods such as Extreme Programming propose late architectural decisions and frequent refactoring, while others suggest an “architectural runway†as infrastructure for a certain set of upcoming customer features. Software “product lines†consist of a set of software products that share a common, managed set of features. These product lines are developed from reusable core assets incorporating variations in order to derive customer-specific product variants. Hence, this research explores interoperability and complementarity of lean and agile approaches in combination with a software product line engineering approach. With this position paper, we discuss both, (i) complementing architectural issues in large scale lean and agile development and (ii) providing methodological guidance to make product line engineering more agile and efficient. In doing so, we come to the conclusion that this combination enables us to build the right products in time and budget. Our findings are based on observations and experience from a large-scale software company with several thousand developers working on various solution combinations of highly interdependent products.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125857136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
There are many unsolved problems in ad hoc networks; security being one of the major concerns. The wormhole attack is among the most threatening and dangerous attacks on these types of networks. During the attack a malicious node captures packets from one location in the network, and tunnels them to another distant malicious node, which replays them locally. In this paper, we propose a scheme for the wormhole attack prevention. The scheme relies on the idea that usually the wormhole nodes participate in the routing in a repeated way as they attract most of the traffic. Therefore, each node will be assigned a cost depending in its participation in routing. Besides preventing the network from the wormhole attack, the scheme provides a load balance among nodes to avoid exhausting nodes that are always cooperative in routing.
{"title":"Wormhole Attacks Mitigation in Ad Hoc Networks","authors":"Marianne A. Azer","doi":"10.1109/ARES.2011.86","DOIUrl":"https://doi.org/10.1109/ARES.2011.86","url":null,"abstract":"There are many unsolved problems in ad hoc networks; security being one of the major concerns. The wormhole attack is among the most threatening and dangerous attacks on these types of networks. During the attack a malicious node captures packets from one location in the network, and tunnels them to another distant malicious node, which replays them locally. In this paper, we propose a scheme for the wormhole attack prevention. The scheme relies on the idea that usually the wormhole nodes participate in the routing in a repeated way as they attract most of the traffic. Therefore, each node will be assigned a cost depending in its participation in routing. Besides preventing the network from the wormhole attack, the scheme provides a load balance among nodes to avoid exhausting nodes that are always cooperative in routing.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127893762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Organizations that migrate from identity-centric to role-based Identity Management face the initial task of defining a valid set of roles for their employees. Due to its capabilities of automated and fast role detection, role mining as a solution for dealing with this challenge has gathered a rapid increase of interest in the academic community. Research activities throughout the last years resulted in a large number of different approaches, each covering specific aspects of the challenge. In this paper, firstly, a survey of the research area provides insight into the development of the field, underlining the need for a comprehensive perspective on role mining. Consecutively, a generic process model for role mining including pre- and post-processing activities is introduced and existing research activities are classified according to this model. The goal is to provide a basis for evaluating potentially valuable combinations of those approaches in the future.
{"title":"The Role Mining Process Model - Underlining the Need for a Comprehensive Research Perspective","authors":"L. Fuchs, S. Meier","doi":"10.1109/ARES.2011.12","DOIUrl":"https://doi.org/10.1109/ARES.2011.12","url":null,"abstract":"Organizations that migrate from identity-centric to role-based Identity Management face the initial task of defining a valid set of roles for their employees. Due to its capabilities of automated and fast role detection, role mining as a solution for dealing with this challenge has gathered a rapid increase of interest in the academic community. Research activities throughout the last years resulted in a large number of different approaches, each covering specific aspects of the challenge. In this paper, firstly, a survey of the research area provides insight into the development of the field, underlining the need for a comprehensive perspective on role mining. Consecutively, a generic process model for role mining including pre- and post-processing activities is introduced and existing research activities are classified according to this model. The goal is to provide a basis for evaluating potentially valuable combinations of those approaches in the future.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126785102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Privacy and security are relevant topics in both -- research and practice. Although they are often used together, implicitly assuming that they represent the same concept, they actually represent different concepts that are closely related. First, this paper presents a way to differentiate between these two topics from a conceptual point of view. Furthermore, it depicts some commonly accepted privacy regulations that exist in the OECD, EU and US. Second, we show how privacy and security are defined and implemented in practice, based on three interviews, conducted in different Austrian companies. The interviews picture the specific situation in the companies. Similarities and differences between the three interviews as well as between the interviews as a whole and the conceptual considerations were found and are described. To explain the maturity of these companies in terms of their understanding of privacy and security, we analyzed and visualized the interviews.
{"title":"Security and Privacy in Companies: State-of-the-art and Qualitative Analysis","authors":"B. Krumay, M. Oetzel","doi":"10.1109/ARES.2011.53","DOIUrl":"https://doi.org/10.1109/ARES.2011.53","url":null,"abstract":"Privacy and security are relevant topics in both -- research and practice. Although they are often used together, implicitly assuming that they represent the same concept, they actually represent different concepts that are closely related. First, this paper presents a way to differentiate between these two topics from a conceptual point of view. Furthermore, it depicts some commonly accepted privacy regulations that exist in the OECD, EU and US. Second, we show how privacy and security are defined and implemented in practice, based on three interviews, conducted in different Austrian companies. The interviews picture the specific situation in the companies. Similarities and differences between the three interviews as well as between the interviews as a whole and the conceptual considerations were found and are described. To explain the maturity of these companies in terms of their understanding of privacy and security, we analyzed and visualized the interviews.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126377488","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We discuss some security weaknesses of Scalance wireless access points and clients. These devices, developed by Siemens, are commonly used for wireless communication in network control systems. After the identification of the Stuxnet worm, which targeted PLCs from uranium enrichment facilities in Iran, these devices become of increased interest to the security community. Here we analyze them both in a static environment, at the configuration level, as well as in a dynamic environment where they are used for a remote control scenario. We show some vulnerabilities in both situations, in particular some weaknesses in the authentication protocol from their web-based configuration interface and an attack which halts the communication by using deauthentication packets. As proof-of-concept we simulate the evolution of a process which is controlled over the wireless network and could be seriously affected by an adversary unless a local controller is present for redundancy in case of communication failures.
{"title":"Some Security Issues in SCALANCE Wireless Industrial Networks","authors":"Marius Cristea, B. Groza, Mihai Iacob","doi":"10.1109/ARES.2011.74","DOIUrl":"https://doi.org/10.1109/ARES.2011.74","url":null,"abstract":"We discuss some security weaknesses of Scalance wireless access points and clients. These devices, developed by Siemens, are commonly used for wireless communication in network control systems. After the identification of the Stuxnet worm, which targeted PLCs from uranium enrichment facilities in Iran, these devices become of increased interest to the security community. Here we analyze them both in a static environment, at the configuration level, as well as in a dynamic environment where they are used for a remote control scenario. We show some vulnerabilities in both situations, in particular some weaknesses in the authentication protocol from their web-based configuration interface and an attack which halts the communication by using deauthentication packets. As proof-of-concept we simulate the evolution of a process which is controlled over the wireless network and could be seriously affected by an adversary unless a local controller is present for redundancy in case of communication failures.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115806283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: