CPS以用户为中心的安全保障特刊简介

IF 2 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS ACM Transactions on Cyber-Physical Systems Pub Date : 2020-05-18 DOI:10.1145/3392715
N. Saxena, A. Cárdenas, R. Beyah, R. Lu, K. Choo, Yiran Chen
{"title":"CPS以用户为中心的安全保障特刊简介","authors":"N. Saxena, A. Cárdenas, R. Beyah, R. Lu, K. Choo, Yiran Chen","doi":"10.1145/3392715","DOIUrl":null,"url":null,"abstract":"The recent spate of cyber security attacks has reinforced the importance of cyber security. Cyber security is no longer just a technical issue requiring the proficiency and capabilities of technical experts, it is a global phenomenon requiring the attention of stakeholders across different information domains. We organize this special issue on user-centric security and safety aspects of cyber-physical systems (CPS) with the aim of filling gaps between user behaviour and the design of complex CPS. These include different stakeholders’ roles and responsibilities, user-centric decision-making capabilities and situational awareness, user experience design, mitigation of user errors and analysing their impact, adaptive risk management, user or operator’s trust, security and safety in the device’s or system’s authentication, access control, and configuration management, hence, the relation to the development of the system’s security and safety in the cyber-physical world. It is presumed that alignment of user-oriented processes, standards, and guidelines for security and safety are required to cope with the complexities and interoperability of cyber-physical systems. In other words, this special issue aims to publish the latest advancements in user-centric security and safety techniques and controls for CPS and related components. The following seven contributed articles are included in this special issue: The first article, entitled “Efficient Multi-factor User Authentication Protocol with Forward Secrecy for Real-time Data Access in WSNs,” proposes a robust multi-factor authentication scheme that makes use of the imbalanced computational nature of the RSA cryptosystem, particularly suitable for scenarios where sensor nodes (but not the user’s device) are the main energy bottleneck. This work is the first one that can satisfy all 12 criteria of the state-of-the-art evaluation metric under the harshest adversary model so far. The second article, entitled “A Multi-label Fuzzy Relevance Clustering System for Malware Attack Attribution in the Edge Layer of Cyber Physical Networks,” proposes a novel multi-label fuzzy clustering system for malware attack attribution. The authors first observed that a multilabel classifier does not classify a part of the samples when classifying malware families. To overcome this problem, the authors developed an ensemble-based multi-label fuzzy classification method to suggest the relevance of a malware instance to the stricken families. The third article, entitled “A User-centric Security Solution for Internet of Things and Edge Convergence,” proposes a user-centric security solution to ensure the trustworthiness of the data for emergency evaluation in Edge datacenters (EDCs). A user centric security approach by authenticating users and devices before any communications is established. The fourth article, entitled “MobileTrust: Secure Knowledge Integration in VANETs,” is about the security of Vehicular Ad hoc NETworks (VANET). The authors propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal utilizes cloud","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":"4 1","pages":"1 - 2"},"PeriodicalIF":2.0000,"publicationDate":"2020-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3392715","citationCount":"2","resultStr":"{\"title\":\"Introduction to the Special Issue on User-Centric Security and Safety for CPS\",\"authors\":\"N. Saxena, A. Cárdenas, R. Beyah, R. Lu, K. Choo, Yiran Chen\",\"doi\":\"10.1145/3392715\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The recent spate of cyber security attacks has reinforced the importance of cyber security. Cyber security is no longer just a technical issue requiring the proficiency and capabilities of technical experts, it is a global phenomenon requiring the attention of stakeholders across different information domains. We organize this special issue on user-centric security and safety aspects of cyber-physical systems (CPS) with the aim of filling gaps between user behaviour and the design of complex CPS. These include different stakeholders’ roles and responsibilities, user-centric decision-making capabilities and situational awareness, user experience design, mitigation of user errors and analysing their impact, adaptive risk management, user or operator’s trust, security and safety in the device’s or system’s authentication, access control, and configuration management, hence, the relation to the development of the system’s security and safety in the cyber-physical world. It is presumed that alignment of user-oriented processes, standards, and guidelines for security and safety are required to cope with the complexities and interoperability of cyber-physical systems. In other words, this special issue aims to publish the latest advancements in user-centric security and safety techniques and controls for CPS and related components. The following seven contributed articles are included in this special issue: The first article, entitled “Efficient Multi-factor User Authentication Protocol with Forward Secrecy for Real-time Data Access in WSNs,” proposes a robust multi-factor authentication scheme that makes use of the imbalanced computational nature of the RSA cryptosystem, particularly suitable for scenarios where sensor nodes (but not the user’s device) are the main energy bottleneck. This work is the first one that can satisfy all 12 criteria of the state-of-the-art evaluation metric under the harshest adversary model so far. The second article, entitled “A Multi-label Fuzzy Relevance Clustering System for Malware Attack Attribution in the Edge Layer of Cyber Physical Networks,” proposes a novel multi-label fuzzy clustering system for malware attack attribution. The authors first observed that a multilabel classifier does not classify a part of the samples when classifying malware families. To overcome this problem, the authors developed an ensemble-based multi-label fuzzy classification method to suggest the relevance of a malware instance to the stricken families. The third article, entitled “A User-centric Security Solution for Internet of Things and Edge Convergence,” proposes a user-centric security solution to ensure the trustworthiness of the data for emergency evaluation in Edge datacenters (EDCs). A user centric security approach by authenticating users and devices before any communications is established. The fourth article, entitled “MobileTrust: Secure Knowledge Integration in VANETs,” is about the security of Vehicular Ad hoc NETworks (VANET). The authors propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal utilizes cloud\",\"PeriodicalId\":7055,\"journal\":{\"name\":\"ACM Transactions on Cyber-Physical Systems\",\"volume\":\"4 1\",\"pages\":\"1 - 2\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2020-05-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1145/3392715\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Cyber-Physical Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3392715\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3392715","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
引用次数: 2

摘要

最近一连串的网络安全攻击强化了网络安全的重要性。网络安全不再仅仅是一个需要技术专家熟练掌握和能力的技术问题,它是一个全球性现象,需要不同信息领域的利益相关者关注。我们组织了这期关于网络物理系统(CPS)以用户为中心的安全和安全方面的特刊,目的是填补用户行为和复杂CPS设计之间的空白。其中包括不同利益相关者的角色和责任、以用户为中心的决策能力和态势感知、用户体验设计、减轻用户错误并分析其影响、自适应风险管理、用户或运营商的信任、设备或系统认证、访问控制和配置管理中的安全性,网络物理世界中与系统安全性发展的关系。据推测,为了应对网络物理系统的复杂性和互操作性,需要协调面向用户的流程、标准和安全指南。换言之,本期特刊旨在发布以用户为中心的CPS和相关组件的安全技术和控制的最新进展。本期特刊收录了以下七篇文章:第一篇题为“用于WSN中实时数据访问的具有前向保密性的高效多因素用户认证协议”,提出了一种利用RSA密码系统的不平衡计算特性的鲁棒多因素认证方案,特别适用于传感器节点(但不是用户的设备)是主要能量瓶颈的场景。这项工作是迄今为止第一项能够在最苛刻的对手模型下满足最先进评估指标的所有12个标准的工作。第二篇文章题为“网络物理网络边缘层恶意软件攻击归因的多标签模糊相关聚类系统”,提出了一种新的恶意软件攻击归属的多标签Fuzzy聚类系统。作者首先观察到,在对恶意软件家族进行分类时,多标签分类器不会对部分样本进行分类。为了克服这个问题,作者开发了一种基于集合的多标签模糊分类方法,以表明恶意软件实例与受害家庭的相关性。第三篇文章题为“物联网和边缘融合的以用户为中心的安全解决方案”,提出了一种以用户为核心的安全解决解决方案,以确保边缘数据中心(EDC)应急评估数据的可信度。一种以用户为中心的安全方法,在建立任何通信之前对用户和设备进行身份验证。第四篇文章题为“MobileTrust:VANET中的安全知识集成”,是关于车载自组织网络(VANET)的安全性。作者提出了MobileTrust——一种基于混合信任的VANET安全资源共享系统。该方案利用云
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Introduction to the Special Issue on User-Centric Security and Safety for CPS
The recent spate of cyber security attacks has reinforced the importance of cyber security. Cyber security is no longer just a technical issue requiring the proficiency and capabilities of technical experts, it is a global phenomenon requiring the attention of stakeholders across different information domains. We organize this special issue on user-centric security and safety aspects of cyber-physical systems (CPS) with the aim of filling gaps between user behaviour and the design of complex CPS. These include different stakeholders’ roles and responsibilities, user-centric decision-making capabilities and situational awareness, user experience design, mitigation of user errors and analysing their impact, adaptive risk management, user or operator’s trust, security and safety in the device’s or system’s authentication, access control, and configuration management, hence, the relation to the development of the system’s security and safety in the cyber-physical world. It is presumed that alignment of user-oriented processes, standards, and guidelines for security and safety are required to cope with the complexities and interoperability of cyber-physical systems. In other words, this special issue aims to publish the latest advancements in user-centric security and safety techniques and controls for CPS and related components. The following seven contributed articles are included in this special issue: The first article, entitled “Efficient Multi-factor User Authentication Protocol with Forward Secrecy for Real-time Data Access in WSNs,” proposes a robust multi-factor authentication scheme that makes use of the imbalanced computational nature of the RSA cryptosystem, particularly suitable for scenarios where sensor nodes (but not the user’s device) are the main energy bottleneck. This work is the first one that can satisfy all 12 criteria of the state-of-the-art evaluation metric under the harshest adversary model so far. The second article, entitled “A Multi-label Fuzzy Relevance Clustering System for Malware Attack Attribution in the Edge Layer of Cyber Physical Networks,” proposes a novel multi-label fuzzy clustering system for malware attack attribution. The authors first observed that a multilabel classifier does not classify a part of the samples when classifying malware families. To overcome this problem, the authors developed an ensemble-based multi-label fuzzy classification method to suggest the relevance of a malware instance to the stricken families. The third article, entitled “A User-centric Security Solution for Internet of Things and Edge Convergence,” proposes a user-centric security solution to ensure the trustworthiness of the data for emergency evaluation in Edge datacenters (EDCs). A user centric security approach by authenticating users and devices before any communications is established. The fourth article, entitled “MobileTrust: Secure Knowledge Integration in VANETs,” is about the security of Vehicular Ad hoc NETworks (VANET). The authors propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal utilizes cloud
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
ACM Transactions on Cyber-Physical Systems
ACM Transactions on Cyber-Physical Systems COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-
CiteScore
5.70
自引率
4.30%
发文量
40
期刊最新文献
On Cyber-Physical Fault Resilience in Data Communication: A Case From A LoRaWAN Network Systems Design DistressNet-NG: A Resilient Data Storage and Sharing Framework for Mobile Edge Computing in Cyber-Physical Systems A Blockchain Architecture to Increase the Resilience of Industrial Control Systems from the Effects of a Ransomware Attack: A Proposal and Initial Results A Combinatorial Optimization Analysis Method for Detecting Malicious Industrial Internet Attack Behaviors Statistical Verification using Surrogate Models and Conformal Inference and a Comparison with Risk-aware Verification
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1