43,750 research outputs found
A Distributed Security Architecture for Large Scale Systems
This thesis describes the research leading from the conception, through development, to the practical
implementation of a comprehensive security architecture for use within, and as a value-added enhancement
to, the ISO Open Systems Interconnection (OSI) model.
The Comprehensive Security System (CSS) is arranged basically as an Application Layer service but can
allow any of the ISO recommended security facilities to be provided at any layer of the model. It is
suitable as an 'add-on' service to existing arrangements or can be fully integrated into new applications.
For large scale, distributed processing operations, a network of security management centres (SMCs) is
suggested, that can help to ensure that system misuse is minimised, and that flexible operation is provided
in an efficient manner.
The background to the OSI standards are covered in detail, followed by an introduction to security in open
systems. A survey of existing techniques in formal analysis and verification is then presented. The
architecture of the CSS is described in terms of a conceptual model using agents and protocols, followed
by an extension of the CSS concept to a large scale network controlled by SMCs.
A new approach to formal security analysis is described which is based on two main methodologies.
Firstly, every function within the system is built from layers of provably secure sequences of finite state
machines, using a recursive function to monitor and constrain the system to the desired state at all times.
Secondly, the correctness of the protocols generated by the sequences to exchange security information
and control data between agents in a distributed environment, is analysed in terms of a modified temporal
Hoare logic. This is based on ideas concerning the validity of beliefs about the global state of a system
as a result of actions performed by entities within the system, including the notion of timeliness.
The two fundamental problems in number theory upon which the assumptions about the security of the
finite state machine model rest are described, together with a comprehensive survey of the very latest
progress in this area. Having assumed that the two problems will remain computationally intractable in
the foreseeable future, the method is then applied to the formal analysis of some of the components of the
Comprehensive Security System.
A practical implementation of the CSS has been achieved as a demonstration system for a network of IBM
Personal Computers connected via an Ethernet LAN, which fully meets the aims and objectives set out
in Chapter 1. This implementation is described, and finally some comments are made on the possible
future of research into security aspects of distributed systems.IBM (United Kingdom) Laboratories
Hursley Park, Winchester, U
Universally-composable finite-key analysis for efficient four-intensity decoy-state quantum key distribution
We propose an efficient four-intensity decoy-state BB84 protocol and derive
concise security bounds for this protocol with the universally composable
finite-key analysis method. Comparing with the efficient three-intensity
protocol, we find that our efficient four-intensity protocol can increase the
secret key rate by at least . Particularly, this increasing rate of
secret key rate will be raised as the transmission distance increases. At a
large transmission distance, our efficient four-intensity protocol can improve
the performance of quantum key distribution profoundly.Comment: accepted by Eur. Phys. J.
Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols
We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter which allows for rapid prototyping and for checking safety properties of security protocols, and we have applied it for finding error traces and proving correctness of practical examples
Finite-key security analysis for multilevel quantum key distribution
We present a detailed security analysis of a d-dimensional quantum key
distribution protocol based on two and three mutually unbiased bases (MUBs)
both in an asymptotic and finite key length scenario. The finite secret key
rates are calculated as a function of the length of the sifted key by (i)
generalizing the uncertainly relation-based insight from BB84 to any d-level
2-MUB QKD protocol and (ii) by adopting recent advances in the second-order
asymptotics for finite block length quantum coding (for both d-level 2- and
3-MUB QKD protocols). Since the finite and asymptotic secret key rates increase
with d and the number of MUBs (together with the tolerable threshold) such QKD
schemes could in principle offer an important advantage over BB84. We discuss
the possibility of an experimental realization of the 3-MUB QKD protocol with
the orbital angular momentum degrees of freedom of photons.Comment: v4: close to the published versio
Distributing Secret Keys with Quantum Continuous Variables: Principle, Security and Implementations
The ability to distribute secret keys between two parties with
information-theoretic security, that is, regardless of the capacities of a
malevolent eavesdropper, is one of the most celebrated results in the field of
quantum information processing and communication. Indeed, quantum key
distribution illustrates the power of encoding information on the quantum
properties of light and has far reaching implications in high-security
applications. Today, quantum key distribution systems operate in real-world
conditions and are commercially available. As with most quantum information
protocols, quantum key distribution was first designed for qubits, the
individual quanta of information. However, the use of quantum continuous
variables for this task presents important advantages with respect to qubit
based protocols, in particular from a practical point of view, since it allows
for simple implementations that require only standard telecommunication
technology. In this review article, we describe the principle of
continuous-variable quantum key distribution, focusing in particular on
protocols based on coherent states. We discuss the security of these protocols
and report on the state-of-the-art in experimental implementations, including
the issue of side-channel attacks. We conclude with promising perspectives in
this research field.Comment: 21 pages, 2 figures, 1 tabl
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Security Analysis of an Untrusted Source for Quantum Key Distribution: Passive Approach
We present a passive approach to the security analysis of quantum key
distribution (QKD) with an untrusted source. A complete proof of its
unconditional security is also presented. This scheme has significant
advantages in real-life implementations as it does not require fast optical
switching or a quantum random number generator. The essential idea is to use a
beam splitter to split each input pulse. We show that we can characterize the
source using a cross-estimate technique without active routing of each pulse.
We have derived analytical expressions for the passive estimation scheme.
Moreover, using simulations, we have considered four real-life imperfections:
Additional loss introduced by the "plug & play" structure, inefficiency of the
intensity monitor, noise of the intensity monitor, and statistical fluctuation
introduced by finite data size. Our simulation results show that the passive
estimate of an untrusted source remains useful in practice, despite these four
imperfections. Also, we have performed preliminary experiments, confirming the
utility of our proposal in real-life applications. Our proposal makes it
possible to implement the "plug & play" QKD with the security guaranteed, while
keeping the implementation practical.Comment: 35 pages, 19 figures. Published Versio
- …