865 resultados para Privacy Based Access Control
Resumo:
Modern software systems are often large and complicated. To better understand, develop, and manage large software systems, researchers have studied software architectures that provide the top level overall structural design of software systems for the last decade. One major research focus on software architectures is formal architecture description languages, but most existing research focuses primarily on the descriptive capability and puts less emphasis on software architecture design methods and formal analysis techniques, which are necessary to develop correct software architecture design. ^ Refinement is a general approach of adding details to a software design. A formal refinement method can further ensure certain design properties. This dissertation proposes refinement methods, including a set of formal refinement patterns and complementary verification techniques, for software architecture design using Software Architecture Model (SAM), which was developed at Florida International University. First, a general guideline for software architecture design in SAM is proposed. Second, specification construction through property-preserving refinement patterns is discussed. The refinement patterns are categorized into connector refinement, component refinement and high-level Petri nets refinement. These three levels of refinement patterns are applicable to overall system interaction, architectural components, and underlying formal language, respectively. Third, verification after modeling as a complementary technique to specification refinement is discussed. Two formal verification tools, the Stanford Temporal Prover (STeP) and the Simple Promela Interpreter (SPIN), are adopted into SAM to develop the initial models. Fourth, formalization and refinement of security issues are studied. A method for security enforcement in SAM is proposed. The Role-Based Access Control model is formalized using predicate transition nets and Z notation. The patterns of enforcing access control and auditing are proposed. Finally, modeling and refining a life insurance system is used to demonstrate how to apply the refinement patterns for software architecture design using SAM and how to integrate the access control model. ^ The results of this dissertation demonstrate that a refinement method is an effective way to develop a high assurance system. The method developed in this dissertation extends existing work on modeling software architectures using SAM and makes SAM a more usable and valuable formal tool for software architecture design. ^
Resumo:
Secure Access For Everyone (SAFE), is an integrated system for managing trust
using a logic-based declarative language. Logical trust systems authorize each
request by constructing a proof from a context---a set of authenticated logic
statements representing credentials and policies issued by various principals
in a networked system. A key barrier to practical use of logical trust systems
is the problem of managing proof contexts: identifying, validating, and
assembling the credentials and policies that are relevant to each trust
decision.
SAFE addresses this challenge by (i) proposing a distributed authenticated data
repository for storing the credentials and policies; (ii) introducing a
programmable credential discovery and assembly layer that generates the
appropriate tailored context for a given request. The authenticated data
repository is built upon a scalable key-value store with its contents named by
secure identifiers and certified by the issuing principal. The SAFE language
provides scripting primitives to generate and organize logic sets representing
credentials and policies, materialize the logic sets as certificates, and link
them to reflect delegation patterns in the application. The authorizer fetches
the logic sets on demand, then validates and caches them locally for further
use. Upon each request, the authorizer constructs the tailored proof context
and provides it to the SAFE inference for certified validation.
Delegation-driven credential linking with certified data distribution provides
flexible and dynamic policy control enabling security and trust infrastructure
to be agile, while addressing the perennial problems related to today's
certificate infrastructure: automated credential discovery, scalable
revocation, and issuing credentials without relying on centralized authority.
We envision SAFE as a new foundation for building secure network systems. We
used SAFE to build secure services based on case studies drawn from practice:
(i) a secure name service resolver similar to DNS that resolves a name across
multi-domain federated systems; (ii) a secure proxy shim to delegate access
control decisions in a key-value store; (iii) an authorization module for a
networked infrastructure-as-a-service system with a federated trust structure
(NSF GENI initiative); and (iv) a secure cooperative data analytics service
that adheres to individual secrecy constraints while disclosing the data. We
present empirical evaluation based on these case studies and demonstrate that
SAFE supports a wide range of applications with low overhead.
Resumo:
The availability of small inexpensive sensor elements enables the employment of large wired or wireless sensor networks for feeding control systems. Unfortunately, the need to transmit a large number of sensor measurements over a network negatively affects the timing parameters of the control loop. This paper presents a solution to this problem by representing sensor measurements with an approximate representation-an interpolation of sensor measurements as a function of space coordinates. A priority-based medium access control (MAC) protocol is used to select the sensor messages with high information content. Thus, the information from a large number of sensor measurements is conveyed within a few messages. This approach greatly reduces the time for obtaining a snapshot of the environment state and therefore supports the real-time requirements of feedback control loops.
Resumo:
Digital services and communications in vehicular scenarios provide the essential assets to improve road transport in several ways like reducing accidents, improving traffic efficiency and optimizing the transport of goods and people. Vehicular communications typically rely on VANET (Vehicular Ad hoc Networks). In these networks vehicles communicate with each other without the need of infrastructure. VANET are mainly oriented to disseminate information to the vehicles in certain geographic area for time critical services like safety warnings but present very challenging requirements that have not been successfully fulfilled nowadays. Some of these challenges are; channel saturation due to simultaneous radio access of many vehicles, routing protocols in topologies that vary rapidly, minimum quality of service assurance and security mechanisms to efficiently detect and neutralize malicious attacks. Vehicular services can be classified in four important groups: Safety, Efficiency, Sustainability and Infotainment. The benefits of these services for the transport sector are clear but many technological and business challenges need to be faced before a real mass market deployment. Service delivery platforms are not prepared for fulfilling the needs of this complex environment with restrictive requirements due to the criticism of some services To overcome this situation, we propose a solution called VISIONS “Vehicular communication Improvement: Solution based on IMS Operational Nodes and Services”. VISIONS leverages on IMS subsystem and NGN enablers, and follows the CALM reference Architecture standardized by ISO. It also avoids the use of Road Side Units (RSUs), reducing complexity and high costs in terms of deployment and maintenance. We demonstrate the benefits in the following areas: 1. VANET networks efficiency. VISIONS provide a mechanism for the vehicles to access valuable information from IMS and its capabilities through a cellular channel. This efficiency improvement will occur in two relevant areas: a. Routing mechanisms. These protocols are responsible of carrying information from a vehicle to another (or a group of vehicles) using multihop mechanisms. We do not propose a new algorithm but the use of VANET topology information provided through our solution to enrich the performance of these protocols. b. Security. Many aspects of security (privacy, key, authentication, access control, revocation mechanisms, etc) are not resolved in vehicular communications. Our solution efficiently disseminates revocation information to neutralize malicious nodes in the VANET. 2. Service delivery platform. It is based on extended enablers, reference architectures, standard protocols and open APIs. By following this approach, we reduce costs and resources for service development, deployment and maintenance. To quantify these benefits in VANET networks, we provide an analytical model of the system and simulate our solution in realistic scenarios. The simulations results demonstrate how VISIONS improves the performance of relevant routing protocols and is more efficient neutralizing security attacks than the widely proposed solutions based on RSUs. Finally, we design an innovative Social Network service based in our platform, explaining how VISIONS facilitate the deployment and usage of complex capabilities. RESUMEN Los servicios digitales y comunicaciones en entornos vehiculares proporcionan herramientas esenciales para mejorar el transporte por carretera; reduciendo el número de accidentes, mejorando la eficiencia del tráfico y optimizando el transporte de mercancías y personas. Las comunicaciones vehiculares generalmente están basadas en redes VANET (Vehicular Ad hoc Networks). En dichas redes, los vehículos se comunican entre sí sin necesidad de infraestructura. Las redes VANET están principalmente orientadas a difundir información (por ejemplo advertencias de seguridad) a los vehículos en determinadas zonas geográficas, pero presentan unos requisitos muy exigentes que no se han resuelto con éxito hasta la fecha. Algunos de estos retos son; saturación del canal de acceso de radio debido al acceso simultáneo de múltiples vehículos, la eficiencia de protocolos de encaminamiento en topologías que varían rápidamente, la calidad de servicio (QoS) y los mecanismos de seguridad para detectar y neutralizar los ataques maliciosos de manera eficiente. Los servicios vehiculares pueden clasificarse en cuatro grupos: Seguridad, Eficiencia del tráfico, Sostenibilidad, e Infotainment (información y entretenimiento). Los beneficios de estos servicios para el sector son claros, pero es necesario resolver muchos desafíos tecnológicos y de negocio antes de una implementación real. Las actuales plataformas de despliegue de servicios no están preparadas para satisfacer las necesidades de este complejo entorno con requisitos muy restrictivos debido a la criticidad de algunas aplicaciones. Con el objetivo de mejorar esta situación, proponemos una solución llamada VISIONS “Vehicular communication Improvement: Solution based on IMS Operational Nodes and Services”. VISIONS se basa en el subsistema IMS, las capacidades NGN y es compatible con la arquitectura de referencia CALM estandarizado por ISO para sistemas de transporte. También evita el uso de elementos en las carreteras, conocidos como Road Side Units (RSU), reduciendo la complejidad y los altos costes de despliegue y mantenimiento. A lo largo de la tesis, demostramos los beneficios en las siguientes áreas: 1. Eficiencia en redes VANET. VISIONS proporciona un mecanismo para que los vehículos accedan a información valiosa proporcionada por IMS y sus capacidades a través de un canal de celular. Dicho mecanismo contribuye a la mejora de dos áreas importantes: a. Mecanismos de encaminamiento. Estos protocolos son responsables de llevar información de un vehículo a otro (o a un grupo de vehículos) utilizando múltiples saltos. No proponemos un nuevo algoritmo de encaminamiento, sino el uso de información topológica de la red VANET a través de nuestra solución para enriquecer el funcionamiento de los protocolos más relevantes. b. Seguridad. Muchos aspectos de la seguridad (privacidad, gestión de claves, autenticación, control de acceso, mecanismos de revocación, etc) no están resueltos en las comunicaciones vehiculares. Nuestra solución difunde de manera eficiente la información de revocación para neutralizar los nodos maliciosos en la red. 2. Plataforma de despliegue de servicios. Está basada en capacidades NGN, arquitecturas de referencia, protocolos estándar y APIs abiertos. Siguiendo este enfoque, reducimos costes y optimizamos procesos para el desarrollo, despliegue y mantenimiento de servicios vehiculares. Para cuantificar estos beneficios en las redes VANET, ofrecemos un modelo de analítico del sistema y simulamos nuestra solución en escenarios realistas. Los resultados de las simulaciones muestran cómo VISIONS mejora el rendimiento de los protocolos de encaminamiento relevantes y neutraliza los ataques a la seguridad de forma más eficientes que las soluciones basadas en RSU. Por último, diseñamos un innovador servicio de red social basado en nuestra plataforma, explicando cómo VISIONS facilita el despliegue y el uso de las capacidades NGN.
Resumo:
The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Specifically, the paper addresses reconnaissance, DDoS, man-in-the-middle and replay/reflection attacks on IEEE C37.118 and IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.
Resumo:
Recent years have witnessed an increasing evolution of wireless mobile networks, with an intensive research work aimed at developing new efficient techniques for the future 6G standards. In the framework of massive machine-type communication (mMTC), emerging Internet of Things (IoT) applications, in which sensor nodes and smart devices transmit unpredictably and sporadically short data packets without coordination, are gaining an increasing interest. In this work, new medium access control (MAC) protocols for massive IoT, capable of supporting a non-instantaneous feedback from the receiver, are studied. These schemes guarantee an high time for the acknowledgment (ACK) messages to the base station (BS), without a significant performance loss. Then, an error floor analysis of the considered protocols is performed in order to obtain useful guidelines for the system design. Furthermore, non-orthogonal multiple access (NOMA) coded random access (CRA) schemes based on power domain are here developed. The introduction of power diversity permits to solve more packet collision at the physical (PHY) layer, with an important reduction of the packet loss rate (PLR) in comparison to the number of active users in the system. The proposed solutions aim to improve the actual grant-free protocols, respecting the stringent constraints of scalability, reliability and latency requested by 6G networks.
Resumo:
We describe remarkable success in controlling dengue vectors, Aedes aegypti (L.) and Aedes albopictus (Skuse), in 6 communes with 11,675 households and 49,647 people in the northern provinces of Haiphong, Hung Yen, and Nam Dinh in Vietnam. The communes were selected for high-frequency use of large outdoor concrete tanks and wells. These were found to be the source of 49.6-98.4% of Ae. aegypti larvae, which were amenable to treatment with local Mesocyclops, mainly M. woutersi Van der Velde, M. aspericornis (Daday) and M. thermocyclopoides Harada. Knowledge, attitude, and practice surveys were performed to determine whether the communities viewed dengue and dengue hemorrhagic fever as a serious health threat; to determine their knowledge of the etiology, attitudes, and practices regarding control methods including Mesocyclops; and to determine their receptivity to various information methods. On the basis of the knowledge, attitude, and practice data, the community-based dengue control program comprised a system of local leaders, health volunteer teachers, and schoolchildren, supported by health professionals. Recycling of discards for economic gain was enhanced, where appropriate, and this, plus 37 clean-up campaigns, removed small containers unsuitable for Mesocyclops treatment. A previously successful eradication at Phan Boi village (Hung Yen province) was extended to 7 other villages forming Di Su commune (1,750 households) in the current study. Complete control was also achieved in Nghia Hiep (Hung Yen province) and in Xuan Phong (Nam Dinh province); control efficacy was greater than or equal to 99.7% in the other 3 communes (Lac Vien in Haiphong, Nghia Dong, and Xuan Kien in Nam Dinh). Although tanks and wells were the key container types of Ae. aegypti productivity, discarded materials were the source of 51% of the standing crop of Ae. albopictus. Aedes albopictus larvae were eliminated from the 3 Nam Dinh communes, and 86-98% control was achieved in the other 3 communes. Variable dengue attack rates made the clinical and serological comparison of control and untreated communes problematic, but these data indicate that clinical surveillance by itself is inadequate to monitor dengue transmission.
Resumo:
In this paper we address the real-time capabilities of P-NET, which is a multi-master fieldbus standard based on a virtual token passing scheme. We show how P-NET’s medium access control (MAC) protocol is able to guarantee a bounded access time to message requests. We then propose a model for implementing fixed prioritybased dispatching mechanisms at each master’s application level. In this way, we diminish the impact of the first-come-first-served (FCFS) policy that P-NET uses at the data link layer. The proposed model rises several issues well known within the real-time systems community: message release jitter; pre-run-time schedulability analysis in non pre-emptive contexts; non-independence of tasks at the application level. We identify these issues in the proposed model and show how results available for priority-based task dispatching can be adapted to encompass priority-based message dispatching in P-NET networks.
Resumo:
IEEE 802.11 is one of the most well-established and widely used standard for wireless LAN. Its Medium Access control (MAC) layer assumes that the devices adhere to the standard’s rules and timers to assure fair access and sharing of the medium. However, wireless cards driver flexibility and configurability make it possible for selfish misbehaving nodes to take advantages over the other well-behaving nodes. The existence of selfish nodes degrades the QoS for the other devices in the network and may increase their energy consumption. In this paper we propose a green solution for selfish misbehavior detection in IEEE 802.11-based wireless networks. The proposed scheme works in two phases: Global phase which detects whether the network contains selfish nodes or not, and Local phase which identifies which node or nodes within the network are selfish. Usually, the network must be frequently examined for selfish nodes during its operation since any node may act selfishly. Our solution is green in the sense that it saves the network resources as it avoids wasting the nodes energy by examining all the individual nodes of being selfish when it is not necessary. The proposed detection algorithm is evaluated using extensive OPNET simulations. The results show that the Global network metric clearly indicates the existence of a selfish node while the Local nodes metric successfully identified the selfish node(s). We also provide mathematical analysis for the selfish misbehaving and derived formulas for the successful channel access probability.
Resumo:
O mercado de smartphones tem vindo a crescer massivamente nos últimos anos, bem como a diversi cação das suas funcionalidades no dia-a-dia de cada pessoa. O mercado aberto de aplicações para estes equipamentos também tem sofrido uma forte evolução o que permite uma maior qualidade e competitividade pela apresentação de produtos. O conceito de casas inteligentes está cada vez mais presente e é algo que as pessoas se estão a acomodar de forma gradual. Para acompanhar tal feito, é necessário desenvolver as capacidades dos equipamentos que estas pessoas mais usam para que estes possam dar resposta a estas necessidades. Para o caso atual irão ser estudadas as fechaduras inteligentes. Os sistemas comercializados atualmente, são tipicamente sistemas proprietários e apresentam algumas limitações ou faltas (ex: ao nível da segurança, incapacidade de abranger um largo número de dispositivos móveis ou mesmo ao nível do preço). Neste contexto, e com base na caracterização das soluções de controlo de acesso atuais, foi estudada a viabilidade de, usando uma abordagem assente em tecnologias não proprietárias (i.e., abertas), desenvolver soluções de controlo de acesso com características comparáveis com os sistemas proprietários actuais e, eventualmente, ultrapassando os limites e falhas identi cados. Dadas estas premissas o sistema de controlo de acesso móvel pensado envolve um computador BeagleBone Black e a tecnologia sem os Bluetooth. Este sistema permite a fácil integração do computador com qualquer smartphone atual e é dotado de fortes características de segurança e privacidade. O sistema foi concebido inicialmente para ser implementado em fechaduras de portas mas com possibilidade de expansão para outros equipamentos. Além disso, o sistema permitirá também o acesso a terceiros após a devida autorização do dono.
Energy-efficient diversity combining for different access schemes in a multi-path dispersive channel
Resumo:
Dissertação para obtenção do Grau de Doutor em Engenharia Electrotécnica e Computadores
Resumo:
Tässä diplomityössä käsitellään henkilökohtaisen tiedon saannin kontrollointia ja tiedon kuvaamista. Työn käytännön osuudessa suunniteltiin XML –malli henkilökohtaisen tiedon kuvaamiseen. Henkilökohtaisten tietojen käyttäminen mahdollistaa henkilökohtaisen palvelun tarjoamisen ja myös palvelun automatisoinnin käyttäjälle. Henkilökohtaisen tiedon kuvaaminen on hyvin oleellista, jotta palvelut voivat kysellä ja ymmärtää tietoja. Henkilökohtaiseen tietoon vaikuttaa erilaisia tekijöitä, jotka on myös otettava huomioon tietoa kuvattaessa. Henkilökohtaisen tiedon leviäminen eri palveluiden tarjoajille tuo mukanaan myös riskejä. Henkilökohtaisen tiedon joutuminen väärän henkilön käsiin saattaa aiheuttaa vakaviakin ongelmia tiedon omistajalle. Henkilökohtaisen tiedon turvallisen ja luotettavan käytettävyyden kannalta onkin hyvin oleellista, että käyttäjällä on mahdollisuus kontrolloida kenelle hän haluaa luovuttaa mitäkin tietoa.
Resumo:
We expose the ubiquitous interaction between an information screen and its’ viewers mobile devices, highlights the communication vulnerabilities, suggest mitigation strategies and finally implement these strategies to secure the communication. The screen infers information preferences’ of viewers within its vicinity transparently from their mobile devices over Bluetooth. Backend processing then retrieves up-to-date versions of preferred information from content providers. Retrieved content such as sporting news, weather forecasts, advertisements, stock markets and aviation schedules, are systematically displayed on the screen. To maximise users’ benefit, experience and acceptance, the service is provided with no user interaction at the screen and securely upholding preferences privacy and viewers anonymity. Compelled by the personal nature of mobile devices, their contents privacy, preferences confidentiality, and vulnerabilities imposed by screen, the service’s security is fortified. Fortification is predominantly through efficient cryptographic algorithms inspired by elliptic curves cryptosystems, access control and anonymity mechanisms. These mechanisms are demonstrated to attain set objectives within reasonable performance.
Resumo:
L’avénement des réseaux sociaux, tel que Facebook, MySpace et LinkedIn, a fourni une plateforme permettant aux individus de rester facilement connectés avec leurs amis, leurs familles ou encore leurs collègues tout en les encourageant activement à partager leurs données personnelles à travers le réseau. Avec la richesse des activités disponibles sur un réseau social, la quantité et la variété des informations personnelles partagées sont considérables. De plus, de part leur nature numérique, ces informations peuvent être facilement copiées, modifiées ou divulguées sans le consentement explicite de leur propriétaire. Ainsi, l’information personnelle révélée par les réseaux sociaux peut affecter de manière concrète la vie de leurs utilisateurs avec des risques pour leur vie privée allant d’un simple embarras à la ruine complète de leur réputation, en passant par l’usurpation d’identité. Malheureusement, la plupart des utilisateurs ne sont pas conscients de ces risques et les outils mis en place par les réseaux sociaux actuels ne sont pas suffisants pour protéger efficacement la vie privée de leurs utilisateurs. En outre, même si un utilisateur peut contrôler l’accès à son propre profil, il ne peut pas contrôler ce que les autres révèlent à son sujet. En effet, les “amis” d’un utilisateur sur un réseau social peuvent parfois révéler plus d’information à son propos que celui-ci ne le souhaiterait. Le respect de la vie privée est un droit fondamental pour chaque individu. Nous pré- sentons dans cette thèse une approche qui vise à accroître la prise de conscience des utilisateurs des risques par rapport à leur vie privée et à maintenir la souveraineté sur leurs données lorsqu’ils utilisent un réseau social. La première contribution de cette thèse réside dans la classification des risques multiples ainsi que les atteintes à la vie privée des utilisateurs d’un réseau social. Nous introduisons ensuite un cadre formel pour le respect de la vie privée dans les réseaux sociaux ainsi que le concept de politique de vie privée (UPP). Celle-ci définie par l’utilisateur offre une manière simple et flexible de spécifier et communiquer leur attentes en terme de respect de la vie privée à d’autres utilisateurs, tiers parties ainsi qu’au fournisseur du réseau social. Par ailleurs, nous dé- finissons une taxonomie (possiblement non-exhaustive) des critères qu’un réseau social peut intégrer dans sa conception pour améliorer le respect de la vie privée. En introduisant le concept de réseau social respectueux de la vie privée (PSNS), nous proposons Privacy Watch, un réseau social respectueux de la vie privée qui combine les concepts de provenance et d’imputabilité afin d’aider les utilisateurs à maintenir la souveraineté sur leurs données personnelles. Finalement, nous décrivons et comparons les différentes propositions de réseaux sociaux respectueux de la vie privée qui ont émergé récemment. Nous classifions aussi ces différentes approches au regard des critères de respect de la vie privée introduits dans cette thèse.
