447,892 research outputs found
Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions
As computation spreads from computers to networks of computers, and migrates
into cyberspace, it ceases to be globally programmable, but it remains
programmable indirectly: network computations cannot be controlled, but they
can be steered by local constraints on network nodes. The tasks of
"programming" global behaviors through local constraints belong to the area of
security. The "program particles" that assure that a system of local
interactions leads towards some desired global goals are called security
protocols. As computation spreads beyond cyberspace, into physical and social
spaces, new security tasks and problems arise. As networks are extended by
physical sensors and controllers, including the humans, and interlaced with
social networks, the engineering concepts and techniques of computer security
blend with the social processes of security. These new connectors for
computational and social software require a new "discipline of programming" of
global behaviors through local constraints. Since the new discipline seems to
be emerging from a combination of established models of security protocols with
older methods of procedural programming, we use the name procedures for these
new connectors, that generalize protocols. In the present paper we propose
actor-networks as a formal model of computation in heterogenous networks of
computers, humans and their devices; and we introduce Procedure Derivation
Logic (PDL) as a framework for reasoning about security in actor-networks. On
the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL)
that evolved through our work in security in last 10 years. Both formalisms are
geared towards graphic reasoning and tool support. We illustrate their workings
by analysing a popular form of two-factor authentication, and a multi-channel
device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended
references, added discussio
Securing the Elderly: A Developmental Approach to Hypermedia-Based Online Information Security for Senior Novice Computer Users
Whilst security threats to the general public continue to evolve, elderly computer users with limited skill and knowledge are left playing catch-up in an ever-widening gap in fundamental cyber-related comprehension. As a definable cohort, the elderly generally lack awareness of current security threats, and remain under-educated in terms of applying appropriate controls and safeguards to their computers and networking devices. This paper identifies that web-based computer security information sources do not adequately provide helpful information to senior citizen end-users in terms of both design and content
BitWhisper: Covert Signaling Channel between Air-Gapped Computers using Thermal Manipulations
It has been assumed that the physical separation (air-gap) of computers
provides a reliable level of security, such that should two adjacent computers
become compromised, the covert exchange of data between them would be
impossible. In this paper, we demonstrate BitWhisper, a method of bridging the
air-gap between adjacent compromised computers by using their heat emissions
and built-in thermal sensors to create a covert communication channel. Our
method is unique in two respects: it supports bidirectional communication, and
it requires no additional dedicated peripheral hardware. We provide
experimental results based on implementation of BitWhisper prototype, and
examine the channel properties and limitations. Our experiments included
different layouts, with computers positioned at varying distances from one
another, and several sensor types and CPU configurations (e.g., Virtual
Machines). We also discuss signal modulation and communication protocols,
showing how BitWhisper can be used for the exchange of data between two
computers in a close proximity (at distance of 0-40cm) at an effective rate of
1-8 bits per hour, a rate which makes it possible to infiltrate brief commands
and exfiltrate small amount of data (e.g., passwords) over the covert channel
- …