Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation

The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and costs. The certification path building algorithm that helps users establish trust on certificates in the distributed network environment is particularly complicated. Neither routing security nor PKI come for free. Prior to this work, the research study on performance issues of these large-scale distributed security systems was minimal. In this thesis, we evaluate the performance of BGP security protocols and PKI systems. We answer the questions about how the performance affects protocol behaviors and how we can improve the efficiency of these distributed protocols to bring them one step closer to reality. The complexity of the Internet makes an analytical approach difficult; and the scale of Internet makes empirical approaches also unworkable. Consequently, we take the approach of simulation. We have built the simulation frameworks to model a number of BGP security protocols and the PKI system. We have identified performance problems of Secure BGP (S-BGP), a primary BGP security protocol, and proposed and evaluated Signature Amortization (S-A) and Aggregated Path Authentication (APA) schemes that significantly improve efficiency of S-BGP without compromising security. We have also built a simulation framework for general PKI systems and evaluated certification path building algorithms, a critical part of establishing trust in Internet-scale PKI, and used this framework to improve algorithm performance

Verification Guided Refinement of Flight Safety Assessment and Management System for Takeoff

Peer Reviewedhttps://deepblue.lib.umich.edu/bitstream/2027.42/140668/1/1.i010408.pd

Compliance of Open Source EHR Applications with HIPAA and ONC Security and Privacy Requirements

Electronic Health Records (EHRs) are digital versions of paper-based patient\u27s health information. EHR applications are increasingly being adopted in many countries. They have resulted in improved quality in healthcare, convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process. EHR applications are guided by measures of the Health Insurance Portability and Accountability Act (HIPAA) to ensure confidentiality, integrity, and availability. However, there have been reported breaches of Protected Health Identifier (PHI) data stored by EHR applications. In many reported breaches, improper use of EHRs has resulted in disclosure of patient’s PHI data. Inefficient application design threatens the integrity of EHRs, which leads to fraud and endangering patient\u27s health. The goal of this paper is to identify HIPAA technical requirements, evaluate an open source EHR application (OpenEMR) for security vulnerabilities using an open-source scanner tool (RIPS), and map identified vulnerabilities to HIPAA technical requirements

Certificate status information distribution and validation in vehicular networks

Vehicular ad hoc networks (VANETs) are emerging as an functional technology for providing a wide range of applications to vehicles and passengers. Ensuring secure functioning is one of the prerequisites for deploying reliable VANETs. The basic solution envisioned to achieve these requirements is to use digital certificates linked to a user by a trusted third party. These certificates can then be used to sign information. Most of the existing solutions manage these certificates by means of a central Certification Authority (CA). According to IEEE 1609.2 standard, vehicular networks will rely on the public key infrastructure (PKI). In PKI, a CA issues an authentic digital certificate for each node in the network. Therefore, an efficient certificate management is crucial for the robust and reliable operation of any PKI. A critical part of any certificate-management scheme is the revocation of certificates. The distribution of certificate status information process, as well as the revocation process itself, is an open research problem for VANETs.In this thesis, firstly we analyze the revocation process itself and develop an accurate and rigorous model for certificate revocation. One of the key findings of our analysis is that the certificate revocation process is statistically self-similar. As none of the currently common formal models for revocation is able to capture the self-similar nature of real revocation data, we develop an ARFIMA model that recreates this pattern. We show that traditional mechanisms that aim to scale could benefit from this model to improve their updating strategies.Secondly, we analyze how to deploy a certificate status checking service for mobile networks and we propose a new criterion based on a risk metric to evaluate cached status data. With this metric, the PKI is able to code information about the revocation process in the standard certificate revocation lists. Thus, users can evaluate a risk function in order to estimate whether a certificate has been revoked while there is no connection to a status checking server. Moreover, we also propose a systematic methodology to build a fuzzy system that assists users in the decision making process related to certificate status checking.Thirdly, we propose two novel mechanisms for distributing and validating certificate status information (CSI) in VANET. This first mechanism is a collaborative certificate status checking mechanism based on the use based on an extended-CRL. The main advantage of this extended-CRL is that the road-side units and repository vehicles can build an efficient structure based on an authenticated hash tree to respond to status checking requests inside the VANET, saving time and bandwidth. The second mechanism aims to optimize the trade- off between the bandwidth necessary to download the CSI and the freshness of the CSI. This mechanism is based on the use of a hybrid delta-CRL scheme and Merkle hash trees, so that the risk of operating with unknown revoked certificates remains below a threshold during the validity interval of the base-CRL, and CAs have the ability to manage this risk by setting the size of the delta-CRLs. Finally, we also analyze the impact of the revocation service in the certificate prices. We model the behavior of the oligopoly of risk-averse certificate providers that issue digital certificates to clients facing iden- tical independent risks. We found the equilibrium in the Bertrand game. In this equilibrium, we proof that certificate providers that offer better revocation information are able to impose higher prices to their certificates without sacrificing market share in favor of the other oligarchs.Las redes vehiculares ad hoc (VANETs) se están convirtiendo en una tecnología funcional para proporcionar una amplia gama de aplicaciones para vehículos y pasajeros. Garantizar un funcionamiento seguro es uno de los requisitos para el despliegue de las VANETs. Sin seguridad, los usuarios podrían ser potencialmente vulnerables a la mala conducta de los servicios prestados por la VANET. La solución básica prevista para lograr estos requisitos es el uso de certificados digitales gestionados a través de una autoridad de certificación (CA). De acuerdo con la norma IEEE 1609.2, las redes vehiculares dependerán de la infraestructura de clave pública (PKI). Sin embargo, el proceso de distribución del estado de los certificados, así como el propio proceso de revocación, es un problema abierto para VANETs.En esta tesis, en primer lugar se analiza el proceso de revocación y se desarrolla un modelo preciso y riguroso que modela este proceso conluyendo que el proceso de revocación de certificados es estadísticamente auto-similar. Como ninguno de los modelos formales actuales para la revocación es capaz de capturar la naturaleza auto-similar de los datos de revocación, desarrollamos un modelo ARFIMA que recrea este patrón. Mostramos que ignorar la auto-similitud del proceso de revocación lleva a estrategias de emisión de datos de revocación ineficientes. El modelo propuesto permite generar trazas de revocación sintéticas con las cuales los esquemas de revocación actuales pueden ser mejorados mediante la definición de políticas de emisión de datos de revocación más precisas. En segundo lugar, se analiza la forma de implementar un mecanismo de emisión de datos de estado de los certificados para redes móviles y se propone un nuevo criterio basado en una medida del riesgo para evaluar los datos de revocación almacenados en la caché. Con esta medida, la PKI es capaz de codificar la información sobre el proceso de revocación en las listas de revocación. Así, los usuarios pueden estimar en función del riesgo si un certificado se ha revocado mientras no hay conexión a un servidor de control de estado. Por otra parte, también se propone una metodología sistemática para construir un sistema difuso que ayuda a los usuarios en el proceso de toma de decisiones relacionado con la comprobación de estado de certificados.En tercer lugar, se proponen dos nuevos mecanismos para la distribución y validación de datos de estado de certificados en VANETs. El primer mecanismo está basado en el uso en una extensión de las listas estandares de revocación. La principal ventaja de esta extensión es que las unidades al borde de la carretera y los vehículos repositorio pueden construir una estructura eficiente sobre la base de un árbol de hash autenticado para responder a las peticiones de estado de certificados. El segundo mecanismo tiene como objetivo optimizar el equilibrio entre el ancho de banda necesario para descargar los datos de revocación y la frescura de los mismos. Este mecanismo se basa en el uso de un esquema híbrido de árboles de Merkle y delta-CRLs, de modo que el riesgo de operar con certificados revocados desconocidos permanece por debajo de un umbral durante el intervalo de validez de la CRL base, y la CA tiene la capacidad de gestionar este riesgo mediante el ajuste del tamaño de las delta-CRL. Para cada uno de estos mecanismos, llevamos a cabo el análisis de la seguridad y la evaluación del desempeño para demostrar la seguridad y eficiencia de las acciones que se emprenden

Aeronautical engineering: A continuing bibliography with indexes (supplement 255)

This bibliography lists 529 reports, articles, and other documents introduced into the NASA scientific and technical information system in June 1990. Subject coverage includes: design, construction and testing of aircraft and aircraft engines; aircraft components, equipment and systems; ground support systems; and theoretical and applied aspects of aerodynamics and general fluid dynamics

Aircraft Noise

Noise generated by aircraft continues to be a pressing issue for society, as an increasing number of people residing in close proximity to airports make noise complaints on a regular basis. The reduction in aircraft noise is therefore a very important engineering task that would require the careful identification of different acoustic sources around the airplane, the understanding of noise source behavior and ranking along flight trajectories, sophisticated measurement techniques, and robust and accurate numerical tools aimed at predicting the generation of noise, the propagation through the atmosphere, and the resulting noise impact along approach and departure flights. For an overall assessment of the situation, it has to be assessed along entire flight trajectories rather than assessing limited operating conditions only. Furthermore, it is highly recommended to apply multiple acoustic metrics and account for different and widespread observer locations along the flight. Only then can the overall situation be adequately captured. Obviously, this is a highly multidisciplinary effort and no single discipline can address this problem. This reprint includes selected research studies with that multidisciplinary context that deal with numerical or experimental investigations that range from the investigation of specific noise sources to the assessment of noise generated by the overall aircraft in operation. Both basic and applied research studies involving the modelling and simulation of aircraft noise are included

Technical Workshop: Advanced Helicopter Cockpit Design

Information processing demands on both civilian and military aircrews have increased enormously as rotorcraft have come to be used for adverse weather, day/night, and remote area missions. Applied psychology, engineering, or operational research for future helicopter cockpit design criteria were identified. Three areas were addressed: (1) operational requirements, (2) advanced avionics, and (3) man-system integration

Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning

The secret keys of critical network authorities - such as time, name, certificate, and software update services - represent high-value targets for hackers, criminals, and spy agencies wishing to use these keys secretly to compromise other hosts. To protect authorities and their clients proactively from undetected exploits and misuse, we introduce CoSi, a scalable witness cosigning protocol ensuring that every authoritative statement is validated and publicly logged by a diverse group of witnesses before any client will accept it. A statement S collectively signed by W witnesses assures clients that S has been seen, and not immediately found erroneous, by those W observers. Even if S is compromised in a fashion not readily detectable by the witnesses, CoSi still guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to risk that the compromise will soon be detected by one of the W witnesses. Because clients can verify collective signatures efficiently without communication, CoSi protects clients' privacy, and offers the first transparency mechanism effective against persistent man-in-the-middle attackers who control a victim's Internet access, the authority's secret key, and several witnesses' secret keys. CoSi builds on existing cryptographic multisignature methods, scaling them to support thousands of witnesses via signature aggregation over efficient communication trees. A working prototype demonstrates CoSi in the context of timestamping and logging authorities, enabling groups of over 8,000 distributed witnesses to cosign authoritative statements in under two seconds.Comment: 20 pages, 7 figure

Airborne Wind Shear Detection and Warning Systems: First Combined Manufacturers' and Technologists' Conference

The purpose of the meeting was to transfer significant, ongoing results gained during the first year of the joint NASA/FAA Airborne Wind Shear Program to the technical industry and to pose problems of current concern to the combined group. It also provided a forum for manufacturers to review forward-looking technology concepts and for technologists to gain an understanding of FAA certification requirements and the problems encountered by the manufacturers during the development of airborne equipment

Stability of secure routing protocol in ad hoc wireless network.

The contributions of this research are threefold. First, it offers a new routing approach to ad hoc wireless network protocols: the Enhanced Heading-direction Angle Routing Protocol (EHARP), which is an enhancement of HARP based on an on-demand routing scheme. We have added important features to overcome its disadvantages and improve its performance, providing the stability and availability required to guarantee the selection of the best path. Each node in the network is able to classify its neighbouring nodes according to their heading directions into four different zone-direction group. The second contribution is to present a new Secure Enhanced Heading-direction Angle Routing Protocol (SEHARP) for ad hoc networks based on the integration of security mechanisms that could be applied to the EHARP routing protocol. Thirdly, we present a new approach to security of access in hostile environments based on the history and relationships among the nodes and on digital operation certificates. We also propose an access activity diagram which explains the steps taken by a node. Security depends on access to the history of each unit, which is used to calculate the cooperative values of each node in the environment