4,636 research outputs found
Advanced Cloud Privacy Threat Modeling
Privacy-preservation for sensitive data has become a challenging issue in
cloud computing. Threat modeling as a part of requirements engineering in
secure software development provides a structured approach for identifying
attacks and proposing countermeasures against the exploitation of
vulnerabilities in a system . This paper describes an extension of Cloud
Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in
relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to
specify characteristics of a cloud privacy threat modeling methodology,
different steps in the proposed methodology and corresponding products. We
believe that the extended methodology facilitates the application of a
privacy-preserving cloud software development approach from requirements
engineering to design
Systemic Risk and Vulnerability Analysis of Multi-cloud Environments
With the increasing use of multi-cloud environments, security professionals
face challenges in configuration, management, and integration due to uneven
security capabilities and features among providers. As a result, a fragmented
approach toward security has been observed, leading to new attack vectors and
potential vulnerabilities. Other research has focused on single-cloud platforms
or specific applications of multi-cloud environments. Therefore, there is a
need for a holistic security and vulnerability assessment and defense strategy
that applies to multi-cloud platforms. We perform a risk and vulnerability
analysis to identify attack vectors from software, hardware, and the network,
as well as interoperability security issues in multi-cloud environments.
Applying the STRIDE and DREAD threat modeling methods, we present an analysis
of the ecosystem across six attack vectors: cloud architecture, APIs,
authentication, automation, management differences, and cybersecurity
legislation. We quantitatively determine and rank the threats in multi-cloud
environments and suggest mitigation strategies.Comment: 27 pages, 9 figure
Will SDN be part of 5G?
For many, this is no longer a valid question and the case is considered
settled with SDN/NFV (Software Defined Networking/Network Function
Virtualization) providing the inevitable innovation enablers solving many
outstanding management issues regarding 5G. However, given the monumental task
of softwarization of radio access network (RAN) while 5G is just around the
corner and some companies have started unveiling their 5G equipment already,
the concern is very realistic that we may only see some point solutions
involving SDN technology instead of a fully SDN-enabled RAN. This survey paper
identifies all important obstacles in the way and looks at the state of the art
of the relevant solutions. This survey is different from the previous surveys
on SDN-based RAN as it focuses on the salient problems and discusses solutions
proposed within and outside SDN literature. Our main focus is on fronthaul,
backward compatibility, supposedly disruptive nature of SDN deployment,
business cases and monetization of SDN related upgrades, latency of general
purpose processors (GPP), and additional security vulnerabilities,
softwarization brings along to the RAN. We have also provided a summary of the
architectural developments in SDN-based RAN landscape as not all work can be
covered under the focused issues. This paper provides a comprehensive survey on
the state of the art of SDN-based RAN and clearly points out the gaps in the
technology.Comment: 33 pages, 10 figure
Security risk assessment in cloud computing domains
Cyber security is one of the primary concerns persistent across any computing platform. While addressing the apprehensions about security risks, an infinite amount of resources cannot be invested in mitigation measures since organizations operate under budgetary constraints. Therefore the task of performing security risk assessment is imperative to designing optimal mitigation measures, as it provides insight about the strengths and weaknesses of different assets affiliated to a computing platform.
The objective of the research presented in this dissertation is to improve upon existing risk assessment frameworks and guidelines associated to different key assets of Cloud computing domains - infrastructure, applications, and users. The dissertation presents various informal approaches of performing security risk assessment which will help to identify the security risks confronted by the aforementioned assets, and utilize the results to carry out the required cost-benefit tradeoff analyses. This will be beneficial to organizations by aiding them in better comprehending the security risks their assets are exposed to and thereafter secure them by designing cost-optimal mitigation measures --Abstract, page iv
Design, Implementation and Experiments for Moving Target Defense Framework
The traditional defensive security strategy for distributed systems employs well-established defensive techniques such as; redundancy/replications, firewalls, and encryption to prevent attackers from taking control of the system. However, given sufficient time and resources, all these methods can be defeated, especially when dealing with sophisticated attacks from advanced adversaries that leverage zero-day exploits
COUNTER-UXS ENERGY AND OPERATIONAL ANALYSIS
At present, there exists a prioritization of identifying novel and innovative approaches to managing the small Unmanned Aircraft Systems (sUAS) threat. The near-future sUAS threat to U.S. forces and infrastructure indicates that current Counter-UAS (C-UAS) capabilities and tactics, techniques, and procedures (TTPs) need to evolve to pace the threat. An alternative approach utilizes a networked squadron of unmanned aerial vehicles (UAVs) designed for sUAS threat interdiction. This approach leverages high performance and Size, Weight, and Power (SWaP) conformance to create less expensive, but more capable, C-UAS devices to augment existing capabilities.
This capstone report documents efforts to develop C-UAS technologies to reduce energy consumption and collaterally disruptive signal footprint while maintaining operational effectiveness. This project utilized Model Based System Engineering (MBSE) techniques to explore and assess these technologies within a mission context. A Concept of Operations was developed to provide the C-UAS Operational Concept. Operational analysis led to development of operational scenarios to define the System of Systems (SoS) concept, operating conditions, and required system capabilities. Resource architecture was developed to define the functional behaviors and system performance characteristics for C-UAS technologies. Lastly, a modeling and simulation (M&S) tool was developed to evaluate mission scenarios for C-UAS.Outstanding ThesisCivilian, Department of the NavyCivilian, Department of the NavyCivilian, Department of the NavyCivilian, Department of the NavyCivilian, Department of the NavyApproved for public release. Distribution is unlimited
IoT Security Evolution: Challenges and Countermeasures Review
Internet of Things (IoT) architecture, technologies, applications and security have been recently addressed by a number of researchers. Basically, IoT adds internet connectivity to a system of intelligent devices, machines, objects and/or people. Devices are allowed to automatically collect and transmit data over the Internet, which exposes them to serious attacks and threats. This paper provides an intensive review of IoT evolution with primary focusing on security issues together with the proposed countermeasures. Thus, it outlines the IoT security challenges as a future roadmap of research for new researchers in this domain
- …