Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Trust Management (TM) systems for authentication are vital to the security of online interactions, which are ubiquitous in our everyday lives. Various systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage trust in this setting. In recent years, blockchain technology has been introduced as a panacea to our security problems, including that of authentication, without sufficient reasoning, as to its merits.In this work, we investigate the merits of using open distributed ledgers (ODLs), such as the one implemented by blockchain technology, for securing TM systems for authentication. We formally model such systems, and explore how blockchain can help mitigate attacks against them. After formal argumentation, we conclude that in the context of Trust Management for authentication, blockchain technology, and ODLs in general, can offer considerable advantages compared to previous approaches. Our analysis is, to the best of our knowledge, the first to formally model and argue about the security of TM systems for authentication, based on blockchain technology. To achieve this result, we first provide an abstract model for TM systems for authentication. Then, we show how this model can be conceptually encoded in a blockchain, by expressing it as a series of state transitions. As a next step, we examine five prevalent attacks on TM systems, and provide evidence that blockchain-based solutions can be beneficial to the security of such systems, by mitigating, or completely negating such attacks.Comment: A version of this paper was published in IEEE Trustcom. http://ieeexplore.ieee.org/document/8029486

Quantum key distribution for data center security -- a feasibility study

Data centers are nowadays referred to as the digital world's cornerstone. Quantum key distribution (QKD) is a method that solves the problem of distributing cryptographic keys between two entities, with the security rooted in the laws of quantum physics. This document provides an assessment of the need and opportunity for ushering QKD in data centers. Together with technical examples and inputs on how QKD has and could be integrated into data-center like environments, the document also discusses the creation of value through future-proof data security as well as the market potential that QKD brings on the table through e.g., crypto-agility. While primarily addressed to data center owners/operators, the document also offers a knowledge base to QKD vendors planning to diversify to the data center market segment.Comment: 23 pages, 7 figures, study initiated and supported by Copenhagen Fintech (see https://www.copenhagenfintech.dk/projects/using-qkd-for-data-center-security

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

Big data analytics in computational biology and bioinformatics

Big data analytics in computational biology and bioinformatics refers to an array of operations including biological pattern discovery, classification, prediction, inference, clustering as well as data mining in the cloud, among others. This dissertation addresses big data analytics by investigating two important operations, namely pattern discovery and network inference. The dissertation starts by focusing on biological pattern discovery at a genomic scale. Research reveals that the secondary structure in non-coding RNA (ncRNA) is more conserved during evolution than its primary nucleotide sequence. Using a covariance model approach, the stems and loops of an ncRNA secondary structure are represented as a statistical image against which an entire genome can be efficiently scanned for matching patterns. The covariance model approach is then further extended, in combination with a structural clustering algorithm and a random forests classifier, to perform genome-wide search for similarities in ncRNA tertiary structures. The dissertation then presents methods for gene network inference. Vast bodies of genomic data containing gene and protein expression patterns are now available for analysis. One challenge is to apply efficient methodologies to uncover more knowledge about the cellular functions. Very little is known concerning how genes regulate cellular activities. A gene regulatory network (GRN) can be represented by a directed graph in which each node is a gene and each edge or link is a regulatory effect that one gene has on another gene. By evaluating gene expression patterns, researchers perform in silico data analyses in systems biology, in particular GRN inference, where the “reverse engineering” is involved in predicting how a system works by looking at the system output alone. Many algorithmic and statistical approaches have been developed to computationally reverse engineer biological systems. However, there are no known bioin-formatics tools capable of performing perfect GRN inference. Here, extensive experiments are conducted to evaluate and compare recent bioinformatics tools for inferring GRNs from time-series gene expression data. Standard performance metrics for these tools based on both simulated and real data sets are generally low, suggesting that further efforts are needed to develop more reliable GRN inference tools. It is also observed that using multiple tools together can help identify true regulatory interactions between genes, a finding consistent with those reported in the literature. Finally, the dissertation discusses and presents a framework for parallelizing GRN inference methods using Apache Hadoop in a cloud environment

Cross-layer Approach for Designing Resilient (Sociotechnical, Cyber-Physical, Software-intensive and Systems of) Systems

Our society’s critical infrastructures are sociotechnical cyber-physical systems (CPS) increasingly using open networks for operation. The vulnerabilities of the software deployed in the new control system infrastructure will expose the control system to many potential risks and threats from attackers. This paper starts to develop an information systems design theory for resilient software-intensive systems (DT4RS) so that communities developing and operating different security technologies can share knowledge and best practices using a common frame of reference. By a sound design theory, the outputs of these communities will combine to create more resilient systems, with fewer vulnerabilities and an improved stakeholder sense of security and welfare. The main element of DT4RS is a multi-layered reference architecture of the human, software (cyber) and platform (physical) layers of a cyber-physical system. The layered architecture can facilitate the understanding of the cross-layer interactions between the layers. Cyber security properties are leveraged to help analyzing the interactions between these layers

Development of Professional Competencies of Information Technology University Teachers: Motivation and Content

The article sets out to analyze the professional competencies on the standard European e-Competence Framework. The survey of information technology teachers of Ukrainian universities concerning the necessity of forming and development of European e-Competence Framework competencies allowed defining the priority areas for training and forming the content component of a model of professional competencies development of information technology university teachers. The proposed model distinguishes stages, factors, and resources for training teachers. Teachers’ attitude to motivation, time and money allocation for professional development was researched. The content component of the development of professional competences of teachers of information technologies is offered. Recommendations for training and advanced training of teachers of information technologies, assessment of the level of development of professional competence, was proposed