Innovating from the War Economy: Formal, Informal, and Illicit Economic Activities of the Military in Colombia

Over the last decade, the Colombian military has successfully rolled back insurgent groups, cleared and secured conflict zones, and enabled the extraction of oil and other key commodity exports. As a result, official policies of both the Uribe and Santos governments have promoted the armed forces to participate to an unprecedented extent in economic activities intended to consolidate the gains of the 2000s. These include formal involvement in the economy, streamlined in a consortium of military enterprises and social foundations that are intended to put the Colombian defense sector “on the map” nationally and internationally, and informal involvement expanded mainly through new civic action development projects intended to consolidate the security gains of the 2000s. However, failure to roll back paramilitary groups other than through the voluntary amnesty program of 2005 has facilitated the persistence of illicit collusion by military forces with reconstituted “neoparamilitary” drug trafficking groups. It is therefore crucially important to enhance oversight mechanisms and create substantial penalties for collusion with illegal armed groups. This is particularly important if Colombia intends to continue its new practice of exporting its security model to other countries in the region. The Santos government has initiated several promising reforms to enhance state capacity, institutional transparence, and accountability of public officials to the rule of law, which are crucial to locking in security gains and revitalizing democratic politics. Efforts to diminish opportunities for illicit association between the armed forces and criminal groups should complement that agenda, including the following: Champion breaking existing ties between the military and paramilitary successor groups through creative policies involving a mixture of punishments and rewards directed at the military; Investigation and extradition proceedings of drug traffickers, probe all possible ties, including as a matter of course the possibility of Colombian military collaboration. Doing so rigorously may have an important effect deterring military collusion with criminal groups. Establish and enforce zero-tolerance policies at all military ranks regarding collusion with criminal groups; Reward military units that are effective and also avoid corruption and criminal ties by providing them with enhanced resources and recognition; Rely on the military for civic action and development assistance as minimally as possible in order to build long-term civilian public sector capacity and to reduce opportunities for routine exposure of military forces to criminal groups circulating in local populations.

Towards a threat assessment framework for apps collusion

App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) for Android does not address this threat, as it is rather limited to mitigating risks due to individual apps. This paper presents a technique for assessing the threat of collusion for apps, which is a first step towards quantifying collusion risk, and allows us to narrow down to candidate apps for collusion, which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel Security.

Efficient and secure attribute-based signature for monotone predicates

Attribute-based signature (ABS) is a novel cryptographic primitive, which can make the signing party sign a message with fine-grained control over identifying information. ABS only reveals the fact that the verified message must be signed by a user with a set of attributes satisfying a predicate. Thus, ABS can hide any identifying information and make fine-grained control on signing. Presently, many attribute-based signature schemes have been proposed, but most of them are not very efficient. Maji et al. recently presented a complete definition and construction about ABS for monotone predicates and showed three instantiations under their framework for ABS. Although the most practical one of their instantiations is efficient, the instantiation is constructed in the generic group model and has been proved to be insecure. Then, Okamoto et al. proposed an attribute-based signature scheme in the standard model, which can support generalized non-monotone predicates over access structure. However, their scheme is not efficient in practice. In this paper, we present a framework for ABS and show a detailed security model for ABS. Under our framework, we present an attribute-based signature scheme for monotone predicates in the standard model, where we choose the Waters’ signature scheme as the prototype of our attribute-based signature scheme. Compared with the Maji’s scheme in the generic group model, the proposed scheme is constructed in the standard model. Furthermore, compared with the Okamoto’s scheme, the proposed scheme is more efficient by decreasing the computation cost.

A hierarchical security assessment model for object-oriented programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.

NTRUCCA : how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model

NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE, which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k − 1)-of-k-correlated input distributions.

Security analysis of the non-aggressive challenge response of the DNP3 Protocol using a CPN Model

Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.

Scalable model-based configuration management of security services in complex enterprise networks

Security administrators face the challenge of designing, deploying and maintaining a variety of configuration files related to security systems, especially in large-scale networks. These files have heterogeneous syntaxes and follow differing semantic concepts. Nevertheless, they are interdependent due to security services having to cooperate and their configuration to be consistent with each other, so that global security policies are completely and correctly enforced. To tackle this problem, our approach supports a comfortable definition of an abstract high-level security policy and provides an automated derivation of the desired configuration files. It is an extension of policy-based management and policy hierarchies, combining model-based management (MBM) with system modularization. MBM employs an object-oriented model of the managed system to obtain the details needed for automated policy refinement. The modularization into abstract subsystems (ASs) segment the system-and the model-into units which more closely encapsulate related system components and provide focused abstract views. As a result, scalability is achieved and even comprehensive IT systems can be modelled in a unified manner. The associated tool MoBaSeC (Model-Based-Service-Configuration) supports interactive graphical modelling, automated model analysis and policy refinement with the derivation of configuration files. We describe the MBM and AS approaches, outline the tool functions and exemplify their applications and results obtained. Copyright (C) 2010 John Wiley & Sons, Ltd.

A risk analysis model to reduce computer security risks among healthcare organizations

The paper describes the on-going development of a new computer-based security risk analysis methodology that may be used to determine the computer security requirements of medical computer systems. The methodology has been developed for use within healthcare, with particular emphasis placed upon protecting medical information systems. The paper goes on to describe some of the problems with existing automated risk analysis systems, and how the ODESSA system may overcome the majority of these problems. Examples of security scenarios are also presented.

Three strategic dimensions of information security in ecommerce : a literature review based conceptual model

Important eCommerce requirements are a robust and secure technical infrastructure, and the ability to ensuring the security of information, and to satisfying certain related legal requirements. In this paper, based on a literature review, we present a high-level conceptual model of information security in eCommerce, consisting of three strategic dimensions: protecting organizations' information, satisfying certain legal requirements, and enabling trusted and secure electronic transactions. Our conceptual model can be used by eCommerce managers as a tool in the strategic planning and management process, to better understand and communicate the inter-dependencies between business and legal requirements. The model can also be used for devising the goals and objectives relevant to their specific organization, for designing the policies that are needed, and deciding how technology will be managed and what training is required.