Cloud computing enables cloud providers to offer computing infrastructure as a service (IaaS) in the form of virtual machines (VMs). Cloud management platforms automate the allocation of VMs to physical machines (PMs). An adaptive VM allocation policy is required to handle changes in the cloud environment and utilize the PMs efficiently In the literature, adaptive VM allocation is typically performed using either reservation-based or demand-based allocation. In this work, we have developed a parameter-based VM consolidation solution that aims to mitigate the issues with the reservation-based and demand-based solutions. This parameter-based VM consolidation exploits the range between demand-based and reservation-based finding VM to PM allocations that strike a delicate balance according to cloud providers' goals. Experiments conducted using CloudSim show how the proposed parameter-based solution gives a cloud provider the flexibility to manage the trade-off between utilization and other requirements.
{"title":"Virtual machine consolidation for cloud data centers using parameter-based adaptive allocation","authors":"A. Mosa, R. Sakellariou","doi":"10.1145/3123779.3123807","DOIUrl":"https://doi.org/10.1145/3123779.3123807","url":null,"abstract":"Cloud computing enables cloud providers to offer computing infrastructure as a service (IaaS) in the form of virtual machines (VMs). Cloud management platforms automate the allocation of VMs to physical machines (PMs). An adaptive VM allocation policy is required to handle changes in the cloud environment and utilize the PMs efficiently In the literature, adaptive VM allocation is typically performed using either reservation-based or demand-based allocation. In this work, we have developed a parameter-based VM consolidation solution that aims to mitigate the issues with the reservation-based and demand-based solutions. This parameter-based VM consolidation exploits the range between demand-based and reservation-based finding VM to PM allocations that strike a delicate balance according to cloud providers' goals. Experiments conducted using CloudSim show how the proposed parameter-based solution gives a cloud provider the flexibility to manage the trade-off between utilization and other requirements.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123714074","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Model driven security (MDS) is a well known approach in the access control domain. It proposes a security-by-design approach intended to link the encoded policy to the security policy modeling. However, this technique does not tie in the specificity and heterogeneity of web applications and hence the proposed model-to-code transformation doesn't fit the needs of web architects. Consequently, web applications are mainly hand-coded, or correspond to legacy code developed before the implementation of security mechanisms. Security concerns are mixed with the application code and hence it is difficult to understand the policy in order to maintain, correct, or evolve it. This work deals with access control mechanisms following the RBAC pattern. Our work proposes a toolset dedicated to modeling and deployment of an acces control engine for a web application assuming that the functional part of the application is developed following a classical process. Our technique tries to reconcile modeling, validation and implementation of role-based security policies, and favours model driven security in the context of web applications. The toolset allows developers to graphically model an MVC web application by making links to its requirements and then generates a security filter from the web application's model. This technique guaranties that the deployed access control policy is conformant to its specification and associated validation activities.
{"title":"Model driven secure web applications: the SeWAT platform","authors":"Akram Idani","doi":"10.1145/3123779.3123800","DOIUrl":"https://doi.org/10.1145/3123779.3123800","url":null,"abstract":"Model driven security (MDS) is a well known approach in the access control domain. It proposes a security-by-design approach intended to link the encoded policy to the security policy modeling. However, this technique does not tie in the specificity and heterogeneity of web applications and hence the proposed model-to-code transformation doesn't fit the needs of web architects. Consequently, web applications are mainly hand-coded, or correspond to legacy code developed before the implementation of security mechanisms. Security concerns are mixed with the application code and hence it is difficult to understand the policy in order to maintain, correct, or evolve it. This work deals with access control mechanisms following the RBAC pattern. Our work proposes a toolset dedicated to modeling and deployment of an acces control engine for a web application assuming that the functional part of the application is developed following a classical process. Our technique tries to reconcile modeling, validation and implementation of role-based security policies, and favours model driven security in the context of web applications. The toolset allows developers to graphically model an MVC web application by making links to its requirements and then generates a security filter from the web application's model. This technique guaranties that the deployed access control policy is conformant to its specification and associated validation activities.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123617086","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Eslam G. AbdAllah, Mohammad Zulkernine, Y. Gu, C. Liem
Connected vehicles utilize various communication types that take place between different entities such as vehicle, infrastructure, cloud, and mobile. Connected vehicles have sensors and Electronic Control Units (ECUs) that perform in-vehicle communications, and they communicate with the other entities using cellular, vehicular, and wireless networks. These communications may be compromised through different attacks including Man-In-The-Middle (MITM) and Man-At-The-End (MATE) attacks. Existing security solutions are not suitable for this complex integration between different technologies. In this paper, we provide a taxonomy of connected vehicle attacks that can be classified into four main categories. We identify the relations between these attacks and connected vehicle attributes and security requirements. We also present a trust model that contains various countermeasures to secure connected vehicles against different attacks. This trust model consists of four components: integrity, access control, availability, and privacy. The proposed trust model will ensure the achievement of the security requirements against common MITM and MATE attacks.
{"title":"Towards defending connected vehicles against attacks","authors":"Eslam G. AbdAllah, Mohammad Zulkernine, Y. Gu, C. Liem","doi":"10.1145/3123779.3123794","DOIUrl":"https://doi.org/10.1145/3123779.3123794","url":null,"abstract":"Connected vehicles utilize various communication types that take place between different entities such as vehicle, infrastructure, cloud, and mobile. Connected vehicles have sensors and Electronic Control Units (ECUs) that perform in-vehicle communications, and they communicate with the other entities using cellular, vehicular, and wireless networks. These communications may be compromised through different attacks including Man-In-The-Middle (MITM) and Man-At-The-End (MATE) attacks. Existing security solutions are not suitable for this complex integration between different technologies. In this paper, we provide a taxonomy of connected vehicle attacks that can be classified into four main categories. We identify the relations between these attacks and connected vehicle attributes and security requirements. We also present a trust model that contains various countermeasures to secure connected vehicles against different attacks. This trust model consists of four components: integrity, access control, availability, and privacy. The proposed trust model will ensure the achievement of the security requirements against common MITM and MATE attacks.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133081083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
As of today, model-based testing is considered as a leading-edge technology in the IT industry. In model-based testing, an implementation under test is tested for compliance with a model that describes the required behaviour of the implementation. Uppaal Tron is a popular tool for online model-based conformance testing of real-time systems; it uses the Uppaal verification engine to generate and convert on-the-fly timed symbolic traces into concrete test sequences. Among the advantages of online testing is the reduction of the symbolic state space needed for computing traces, better addressing non-determinism, as well as the possibility to execute longer-lasting test runs. However, analysing and debugging long test runs can be tedious and time-consuming especially when analysing root causes of failed tests. In game theory, backward-induction is a process to reason backwards in time, from the end of a problem or situation, in order to determine a sequence of optimal actions. In this paper, we propose an approach to reconstruct symbolic traces from test sequences generated by Uppaal Tron using backward-induction. The resulting symbolic traces can be imported in the Uppaal tool and visualised in the Uppaal simulator. The evaluation of the implementation of the approach shows that it has the potential to satisfy the needs of industrial level testing.
{"title":"Reconstructing timed symbolic traces from rtioco-based timed test sequences using backward-induction","authors":"Junaid Iqbal, D. Truscan, J. Vain, Ivan Porres","doi":"10.1145/3123779.3123813","DOIUrl":"https://doi.org/10.1145/3123779.3123813","url":null,"abstract":"As of today, model-based testing is considered as a leading-edge technology in the IT industry. In model-based testing, an implementation under test is tested for compliance with a model that describes the required behaviour of the implementation. Uppaal Tron is a popular tool for online model-based conformance testing of real-time systems; it uses the Uppaal verification engine to generate and convert on-the-fly timed symbolic traces into concrete test sequences. Among the advantages of online testing is the reduction of the symbolic state space needed for computing traces, better addressing non-determinism, as well as the possibility to execute longer-lasting test runs. However, analysing and debugging long test runs can be tedious and time-consuming especially when analysing root causes of failed tests. In game theory, backward-induction is a process to reason backwards in time, from the end of a problem or situation, in order to determine a sequence of optimal actions. In this paper, we propose an approach to reconstruct symbolic traces from test sequences generated by Uppaal Tron using backward-induction. The resulting symbolic traces can be imported in the Uppaal tool and visualised in the Uppaal simulator. The evaluation of the implementation of the approach shows that it has the potential to satisfy the needs of industrial level testing.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117251671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Goldstein, D. Dayan, M. Rabin, D. Berlowitz, O. Berlowitz, R. B. Yehezkael
Parallel programming platforms are heterogeneous and incompatible; a common approach is needed to free programmers from platforms' technical intricacies, allowing flexible execution in which sequential and parallel executions produce identical results. The execution and programming model of an embedded flexible language (EFL), which implement this common approach, are presented. EFL allows embedding of deterministic parallel code blocks into a sequential program, written in any host language. EFL programming model constructs are presented. An EFL implementation of the Reduce Parallel Design Pattern is presented. With EFL we aim to implement safe and efficient parallel execution, in software, hardware, or both. Consequences of Rice's theorem regarding parallel computation are discussed. These consequences severely restrict what can be checked at compile time. An approach is proposed for circumventing these restrictions.
{"title":"Design principles of an embedded language (EFL) enabling well defined order-independent execution","authors":"M. Goldstein, D. Dayan, M. Rabin, D. Berlowitz, O. Berlowitz, R. B. Yehezkael","doi":"10.1145/3123779.3123789","DOIUrl":"https://doi.org/10.1145/3123779.3123789","url":null,"abstract":"Parallel programming platforms are heterogeneous and incompatible; a common approach is needed to free programmers from platforms' technical intricacies, allowing flexible execution in which sequential and parallel executions produce identical results. The execution and programming model of an embedded flexible language (EFL), which implement this common approach, are presented. EFL allows embedding of deterministic parallel code blocks into a sequential program, written in any host language. EFL programming model constructs are presented. An EFL implementation of the Reduce Parallel Design Pattern is presented. With EFL we aim to implement safe and efficient parallel execution, in software, hardware, or both. Consequences of Rice's theorem regarding parallel computation are discussed. These consequences severely restrict what can be checked at compile time. An approach is proposed for circumventing these restrictions.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126672155","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In our previous papers we have focused on problems of model and/or information system evolution. We have dealt with popular technologies and languages for data storage and data management, such as XML, SQL, XPath, REST, BPMN, etc. In this paper we sum up our contributions and present a complex example of evolution process of an information system. We model complex situations that, starting from a single point, influence the whole system. Our solution, however, brings benefits not only for a typical system with the well-known architecture "presentation layer -- business layer -- database layer", but also for the micro-service architecture that becomes more and more popular these days. In this paradigm every service is specialized, it manages a specific logical part of the system, and it communicates with other services mainly via HTTP or (web) sockets. This architecture brings many advantages especially to system scalability, performance, and resource management. On the other hand, separation of the system to micro-services brings drawbacks, such as more demanding change management and version compatibility. For example, a change of the message structure in one part of the system can influence all related services, integration tests are more complex and must detect more edge cases that in case of monolithic systems, etc. A mechanism that can analyze the changes, propagate them, and/or at least inform the developer about possible inconsistency can reduce time needed for updates and troubleshooting.
{"title":"Information system evolution management: a complex evaluation","authors":"Marek Polák, I. Holubová","doi":"10.1145/3123779.3123809","DOIUrl":"https://doi.org/10.1145/3123779.3123809","url":null,"abstract":"In our previous papers we have focused on problems of model and/or information system evolution. We have dealt with popular technologies and languages for data storage and data management, such as XML, SQL, XPath, REST, BPMN, etc. In this paper we sum up our contributions and present a complex example of evolution process of an information system. We model complex situations that, starting from a single point, influence the whole system. Our solution, however, brings benefits not only for a typical system with the well-known architecture \"presentation layer -- business layer -- database layer\", but also for the micro-service architecture that becomes more and more popular these days. In this paradigm every service is specialized, it manages a specific logical part of the system, and it communicates with other services mainly via HTTP or (web) sockets. This architecture brings many advantages especially to system scalability, performance, and resource management. On the other hand, separation of the system to micro-services brings drawbacks, such as more demanding change management and version compatibility. For example, a change of the message structure in one part of the system can influence all related services, integration tests are more complex and must detect more edge cases that in case of monolithic systems, etc. A mechanism that can analyze the changes, propagate them, and/or at least inform the developer about possible inconsistency can reduce time needed for updates and troubleshooting.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116969188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Use case driven modularization improves code comprehension and maintenance and provides another view on software alongside object-oriented modularization. However, approaches enabling use case driven modularization require to modularize code manually. In this paper, we propose an approach to employing issues and commits for in-code sentence based use case identification and remodularization. The approach aims at providing use case based perspective on the existing code. The sentences of use case steps are compared to sentences of issue descriptions, while the sentences generated from the source code of issue commits are compared to sentences generated from the corresponding methods in source code in order to quantify the similarity between use case steps and methods in source code using different similarity calculation algorithms. The resulting level of similarity is used to remodularize source code according to use cases. We conducted a study on the OpenCart open source e-shop employing 16 use cases. The approach achieved the recall of 3.37% and precision of 75%. The success of the approach strongly depends on issues and commits assigned to them. The results would be better especially for the code that natively employs use case driven modularization.
{"title":"Employing issues and commits for in-code sentence based use case identification and remodularization","authors":"P. Berta, M. Bystrický, M. Krempaský, V. Vranić","doi":"10.1145/3123779.3123792","DOIUrl":"https://doi.org/10.1145/3123779.3123792","url":null,"abstract":"Use case driven modularization improves code comprehension and maintenance and provides another view on software alongside object-oriented modularization. However, approaches enabling use case driven modularization require to modularize code manually. In this paper, we propose an approach to employing issues and commits for in-code sentence based use case identification and remodularization. The approach aims at providing use case based perspective on the existing code. The sentences of use case steps are compared to sentences of issue descriptions, while the sentences generated from the source code of issue commits are compared to sentences generated from the corresponding methods in source code in order to quantify the similarity between use case steps and methods in source code using different similarity calculation algorithms. The resulting level of similarity is used to remodularize source code according to use cases. We conducted a study on the OpenCart open source e-shop employing 16 use cases. The approach achieved the recall of 3.37% and precision of 75%. The success of the approach strongly depends on issues and commits assigned to them. The results would be better especially for the code that natively employs use case driven modularization.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122827486","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Hasan, T. Dean, Fahim T. Imam, F. García, Sylvain P. Leblanc, Mohammad Zulkernine
The expressiveness of constraints has a potential to define network behavior and defend against complex network intrusions. This potential can be an integral part of an Intrusion Detection System (IDS) for defending networks against various attacks. The existing approaches of constraint logic programming have limitations when it comes to solving the network constraints in the presence of the continuous, constantly changing stream of network data. In this paper, we propose two variations of a tree-based constraint satisfaction technique to evaluate network constraints on continuous network data. A Domain Specific Language (DSL) is developed so that the IDS users can specify different intrusions related to their networks. We also present a prototype implementation of these techniques. We evaluate the performance and effectiveness of our approach against the network traffic data generated from an experimental network.
{"title":"A Constraint-based intrusion detection system","authors":"M. Hasan, T. Dean, Fahim T. Imam, F. García, Sylvain P. Leblanc, Mohammad Zulkernine","doi":"10.1145/3123779.3123812","DOIUrl":"https://doi.org/10.1145/3123779.3123812","url":null,"abstract":"The expressiveness of constraints has a potential to define network behavior and defend against complex network intrusions. This potential can be an integral part of an Intrusion Detection System (IDS) for defending networks against various attacks. The existing approaches of constraint logic programming have limitations when it comes to solving the network constraints in the presence of the continuous, constantly changing stream of network data. In this paper, we propose two variations of a tree-based constraint satisfaction technique to evaluate network constraints on continuous network data. A Domain Specific Language (DSL) is developed so that the IDS users can specify different intrusions related to their networks. We also present a prototype implementation of these techniques. We evaluate the performance and effectiveness of our approach against the network traffic data generated from an experimental network.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120950146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The trend of unifying communication by deploying TCP/IP also influenced the domain of tactical networks. Commonly used narrowband waveform tactical radios offer only the low bandwidth data transfer. Because of very restricted resources available in these systems running the unmodified TCP/IP protocol stack is problematic if not impossible. This paper presents a simulation-based approach to a systematic analysis of TCP/IP communication in the narrowband tactical radio networks. The aim is to provide a framework able to analysis the source of problems that avoid deploying TCP/IP in tactical radio communication. The proposed method is demonstrated by providing an analysis of a few Internet protocols and evaluation of the suggested simple improvement to address resolution protocol that reduces the number of the required broadcast messages.
{"title":"Towards analysis of IP communication in a constrained environment of tactical radio networks","authors":"M. Marek, O. Ryšavý, V. Veselý","doi":"10.1145/3123779.3123790","DOIUrl":"https://doi.org/10.1145/3123779.3123790","url":null,"abstract":"The trend of unifying communication by deploying TCP/IP also influenced the domain of tactical networks. Commonly used narrowband waveform tactical radios offer only the low bandwidth data transfer. Because of very restricted resources available in these systems running the unmodified TCP/IP protocol stack is problematic if not impossible. This paper presents a simulation-based approach to a systematic analysis of TCP/IP communication in the narrowband tactical radio networks. The aim is to provide a framework able to analysis the source of problems that avoid deploying TCP/IP in tactical radio communication. The proposed method is demonstrated by providing an analysis of a few Internet protocols and evaluation of the suggested simple improvement to address resolution protocol that reduces the number of the required broadcast messages.","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117097927","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Defying attacks and vulnerabilities has been a challenge since the beginning of modern technology and especially after the gigantic leap of the online market system. Developers tend to aim at protection against theft in a new binary world that opened up a vast field for hacking and breaching personal information. In this study, we propose a dual channel security (DCS) model which is a novel key agreement protocol designed to overcome vulnerabilities and attacks that are arising from well-known protocols. It targets the weaknesses of communication mechanisms commonly used in Diffie-Hellman key exchange (DH), transport layer security (TLS) and near field communication (NFC). Moreover, it eliminates the arduous and costly processes of establishing a secure structure as in public key infrastructure (PKI) and is suitable for two kinds of applications: point of sale terminals (POS) and short-range wireless interconnection of mobile devices (D2D).
{"title":"Dual channel security","authors":"Wissam Al Jurdi, J. B. Abdo","doi":"10.1145/3123779.3123797","DOIUrl":"https://doi.org/10.1145/3123779.3123797","url":null,"abstract":"Defying attacks and vulnerabilities has been a challenge since the beginning of modern technology and especially after the gigantic leap of the online market system. Developers tend to aim at protection against theft in a new binary world that opened up a vast field for hacking and breaching personal information. In this study, we propose a dual channel security (DCS) model which is a novel key agreement protocol designed to overcome vulnerabilities and attacks that are arising from well-known protocols. It targets the weaknesses of communication mechanisms commonly used in Diffie-Hellman key exchange (DH), transport layer security (TLS) and near field communication (NFC). Moreover, it eliminates the arduous and costly processes of establishing a secure structure as in public key infrastructure (PKI) and is suitable for two kinds of applications: point of sale terminals (POS) and short-range wireless interconnection of mobile devices (D2D).","PeriodicalId":405980,"journal":{"name":"Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115389831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: