End User Computing and Information Security: a Retrospective Look at the De-centralisation of Data Processing and Emerging Organisational Information Risk

Information security assured on centralised systems through application of principles previously established for paper-based systems. The advent of personal computing and distributed computing potentially turned that model upside down. It seems that the eagerness of organisations for encouraging technology (Availability part of the CIA acronym) seemed to take precedence over the finer meaning of Confidentiality and Integrity, in spite of (in the UK, at least) changes to legislation. The huge increase in portable data storage capacities ensured that what may have been perceived as a minor irritant in the 1980s became a potential nightmare scenario by 2007, which caused two government reports to report “systemic failure”. This paper looks at the development of end-user computing, and suggests that the problem occurred because of a lack of information risk assessment over many year

A Reliable Data Provenance and Privacy Preservation Architecture for Business-Driven Cyber-Physical Systems Using Blockchain

Cyber-physical systems (CPS) including power systems, transportation, industrial control systems, etc. support both advanced control and communications among system components. Frequent data operations could introduce random failures and malicious attacks or even bring down the whole system. The dependency on a central authority increases the risk of single point of failure. To establish an immutable data provenance scheme for CPS, the authors adopt blockchain and propose a decentralized architecture to assure data integrity. In business-driven CPS, end users are required to share their personal information with multiple third parties. To prevent data leakage and preserve user privacy, the authors isolate and feed different information retrieval requests using tokens specifically generated for each type of request. Providing both traceability of data operations, and unlinkability of end user activities, a robust blockchain-based CPS is prototyped. Evaluation indicates the architecture is capable of assured data provenance validation and user privacy preservation at a low overhead

End User Computing and Information Security: a retrospective look at the de-centralisation of data processing and emerging organisational information risk

Information security assured on centralised systems through application of principles previously established for paper-based systems. The advent of personal computing and distributed computing potentially turned that model upside down. It seems that the eagerness of organisations for encouraging technology (Availability part of the CIA acronym) seemed to take precedence over the finer meaning of Confidentiality and Integrity, in spite of (in the UK, at least) changes to legislation. The huge increase in portable data storage capacities ensured that what may have been perceived as a minor irritant in the 1980s became a potential nightmare scenario by 2007, which caused two government reports to report “systemic failure”. This paper looks at the development of end-user computing, and suggests that the problem occurred because of a lack of information risk assessment over many year

Safe and Optimal Techniques Enabling Recovery, Integrity, and Assurance

There is a trend in the aviation industry to go from federated to integrated computing systems. Combining a number of traditional stand-alone federated systems into an integrated common platform (called Integrated Modular Avionics, IMA) has the benefit of increased power efficiency, reduced support hardware, and reduced cabling. However, changing from federated to integrated has a significant impact on the system architecture and hence the process of how avionic systems are to be analyzed. Traditional approaches to safety analysis become inefficient when functional boundaries can no longer be assumed for failure independence and fault isolation. In this report, we describe a tool that we developed to accelerate the safety engineer's ability to perform safety analysis of IMA systems through modeling, as well as optimize the system engineer's ability to develop a system through architecture synthesis. This work was the result of a three-year research effort called SOTERIA (Safe and Optimal Techniques Enabling Recovery, Integrity, and Assurance). We developed a compositional modeling language that supports rapid development, modification, and evaluation of architectures. The modeling language is structured such that the end-user defines a library of components with information on component reliability, connectivity, and fault propagation logic. The system model is built by instantiating the components from the library, connecting the components, and identifying the top-level faults of interest. Our tool is compositional in that the end-user only needs to define safety aspects at the component level. The tool takes the model and automatically synthesizes both the qualitative and quantitative safety analyses. We go further by allowing users to describe system information such as components to use in an architecture and their connection compatibility and automatically synthesize an architecture that meets the top-level probability target adhering to end-user specified constraints. This capability allows users to rapidly explore a design space.

A Trusted and Privacy-preserving Internet of Mobile Energy

The rapid growth in distributed energy sources on power grids leads to increasingly decentralised energy management systems for the prediction of power supply and demand and the dynamic setting of an energy price signal. Within this emerging smart grid paradigm, electric vehicles can serve as consumers, transporters, and providers of energy through two-way charging stations, which highlights a critical feedback loop between the movement patterns of these vehicles and the state of the energy grid. This paper proposes a vision for an Internet of Mobile Energy (IoME), where energy and information flow seamlessly across the power and transport sectors to enhance the grid stability and end user welfare. We identify the key challenges of trust, scalability, and privacy, particularly location and energy linking privacy for EV owners, for realising the IoME vision. We propose an information architecture for IoME that uses scalable blockchain to provide energy data integrity and authenticity, and introduces one-time keys for public EV transactions and a verifiable anonymous trip extraction method for EV users to share their trip data while protecting their location privacy. We present an example scenario that details the seamless and closed loop information flow across the energy and transport sectors, along with a blockchain design and transaction vocabulary for trusted decentralised transactions. We finally discuss the open challenges presented by IoME that can unlock significant benefits to grid stability, innovation, and end user welfare.Comment: 7 pages, 5 figure

ARIES WP3 – Needs and Requirements Analyses

Information and communication technologies have increasingly influenced and changed our daily life. They allow global connectivity and easy access to distributed applications and digital services over the Internet. This report analysis security requirements on trust establishment and trust evaluation based on two different use case scenarios: "Trusted Communication using COTS" and "Trust Establishment for Cross-organizational Crises Management". A systematic needs analysis is performed on both scenarios which haver resulted in a large and well documented set of requirements. This is the first step in a large effort to define a security architecture for the two use case scenarios.

CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure