SLA-Based Continuous Security Assurance in Multi-Cloud DevOps

Multi-cloud applications, i.e. those that are deployed over multiple independent Cloud providers, pose a number of challenges to the security-aware development and operation. Security assurance in such applications is hard due to the lack of insights of security controls ap- plied by Cloud providers and the need of controlling the security levels of all the components and layers at a time. This paper presents the MUSA approach to Service Level Agreement (SLA)-based continuous security assurance in multi-cloud applications. The paper details the proposed model for capturing the security controls in the o ered application Se- curity SLA and the approach to continuously monitor and asses the controls at operation phase. This new approach enables to easily align development security requirements with controls monitored at operation as well as early react at operation to any possible security incident or SLA violation.The MUSA project leading to this paper has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No. 644429

Applying MILS to multicore avionics systems

The implementation of the Multiple Independent Levels of Security (MILS) software architecture on modern microprocessor architectures has become technically feasible in recent years. This allows MILS-based systems to host applications and data of multiple security classifications concurrently on a uniprocessor platform at affordable cost. In this paper, the potential requirements for the implementation of a separation kernel to support MILS systems on multicore processor architectures will be considered, and the design challenges associated with its potential implementation on the NXP (formerly Freescale) QorIQ™ P4080 multicore processor will be discussed. Finally, the potential use of a MILS Multicore separation kernel in two use cases will be presented - a Cross-Domain System (CDS) network gateway, and a Multi-Level Secure (MLS) Integrated Modular Avionics (IMA) platform

Robust device independent quantum key distribution

Quantum cryptography is based on the discovery that the laws of quantum mechanics allow levels of security that are impossible to replicate in a classical world. Can such levels of security be guaranteed even when the quantum devices on which the protocol relies are untrusted? This fundamental question in quantum cryptography dates back to the early nineties when the challenge of achieving device independent quantum key distribution, or DIQKD, was first formulated. We answer this challenge affirmatively by exhibiting a robust protocol for DIQKD and rigorously proving its security. The protocol achieves a linear key rate while tolerating a constant noise rate in the devices. The security proof assumes only that the devices can be modeled by the laws of quantum mechanics and are spatially isolated from each other and any adversary's laboratory. In particular, we emphasize that the devices may have quantum memory. All previous proofs of security relied either on the use of many independent pairs of devices, or on the absence of noise. To prove security for a DIQKD protocol it is necessary to establish at least that the generated key is truly random even in the presence of a quantum adversary. This is already a challenge, one that was recently resolved. DIQKD is substantially harder, since now the protocol must also guarantee that the key is completely secret from the quantum adversary's point of view, and the entire protocol is robust against noise; this in spite of the substantial amounts of classical information leaked to the adversary throughout the protocol, as part of the error estimation and information reconciliation procedures. Our proof of security builds upon a number of techniques, including randomness extractors that are secure against quantum storage as well as ideas originating in the coding strategy used in the proof of the Holevo-Schumacher-Westmoreland theorem which we apply to bound correlations across multiple rounds in a way not unrelated to information-theoretic proofs of the parallel repetition property for multiplayer games. Our main result can be understood as a new bound on monogamy of entanglement in the type of complex scenario that arises in a key distribution protocol

Climate Change Dynamics and Imperatives for Food Security in Nigeria

Decadal variability in African rainfall is projected from General Circulation Models (GCMs) to continue under elevated greenhouse gas scenarios. Effects on rain intensity, spatio-temporal variability of growing seasons, flooding, drought, and land-use change impose feedbacks at regional-local scales. Yet, empirical knowledge of associated impacts on crop yield is limited; thus, we examined the imperatives for food security in Nigeria. Bivariate correlation and multiple regression suggests impending drought in the northern region where livestock farming is predominant. Relative contributions of climate independent variables in determining crop yield by backward selection procedures with stepwise approach indexed the impacts of annual climate variability by a parameter computed as annual yield minus mean annual yield divided by the standard deviation. Results show Z-distribution approximately 5 to + 5, when 3 indicate impacts significant at 95% confidence levels. In conclusion, we established the interwoven relationship between climatic change and food security

An interoperability framework for security policy languages

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophySecurity policies are widely used across the IT industry in order to secure environments. Firewalls, routers, enterprise application or even operating systems like Windows and Unix are all using security policies to some extent in order to secure certain components. In order to automate enforcement of security policies, security policy languages have been introduced. Security policy languages that are classified as computer software, like many other programming languages have been revolutionised during the last decade. A number of security policy languages have been introduced in the industry in order to tackle a specific business requirements. Not to mention each of these security policy languages themselves evolved and enhanced during the last few years. Having said that, a quick research on security policy languages shows that the industry suffers from the lack of a framework for security policy languages. Such a framework would facilitate the management of security policies from an abstract point. In order to achieve that specific goal, the framework utilises an abstract security policy language that is independent of existing security policy languages yet capable of expressing policies written in those languages. Usage of interoperability framework for security policy languages as described above comes with major benefits that are categorised into two levels: short and long-term benefits. In short-term, industry and in particular multi-dimensional organisations that make use of multiple domains for different purposes would lower their security related costs by managing their security policies that are stretched across their environment and often managed locally. In the long term, usage of abstract security policy language that is independent of any existing security policy languages, gradually paves the way for standardising security policy languages. A goal that seems unreachable at this moment of time. Taking the above facts into account, the aim of this research is to introduce and develop a novel framework for security policy languages. Using such a framework would allow multi-dimensional organisations to use an abstract policy language to orchestrate all security policies from a single point, which could then be propagated across their environment. In addition, using such a framework would help security administrators to learn and use only one single, common abstract language to describe and model their environment(s)

Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks

International audiencePhysical fault injections break security functionalities of algorithms by targeting their implementations. Software techniques strengthen such implementations to enhance their robustness against fault attacks. Exhaustively testing physical fault injections is time consuming and requires complex platforms. Simulation solutions are developed for this specific purpose. We chose two independent tools presented in 2014, the Laser Attack Robustness (Lazart) and the Embedded Fault Simulator (EFS) in order to evaluate software implementations against multiple fault injection attacks. Lazart and the EFS share the common goal that consists in detecting vulnerabilities in the code. However, they operate with different techniques , fault models and abstraction levels. This paper aims at exhibiting specific advantages of both approaches and proposes a combining scheme that emphasizes their complementary nature

Stacking tolerance to drought and resistance to a parasitic weed in tropical hybrid maize for enhancing resilience to stress combinations

Open Access JournalMaize is a food security crop cultivated in the African savannas that are vulnerable to the occurrence of drought stress and Striga hermonthica infestation. The co-occurrence of these stresses can severely damage crop growth and productivity of maize. Until recently, maize breeding in International Institute of Tropical Agriculture (IITA) has focused on the development of either drought tolerant or S. hermonthica resistant germplasm using independent screening protocols. The present study was therefore conducted to examine the extent to which maize hybrids simultaneously expressing resistance to S. hermonthica and tolerance to drought (DTSTR) could be developed through sequential selection of parental lines using the two screening protocols. Regional trials involving 77 DTSTR and 22 commercial benchmark hybrids (STR and non-DTSTR) were then conducted under Striga-infested and non-infested conditions, managed drought stress and fully irrigated conditions as well as in multiple rainfed environments for 5 years. The observed yield reductions of 61% under managed drought stress and 23% under Striga-infestation created desirable stress levels leading to the detection of significant differences in grain yield among hybrids at individual stress and non-stress conditions. On average, the DTSTR hybrids out-yielded the STR and non-DTSTR commercial hybrids by 13–19% under managed drought stress and fully irrigated conditions and by −4 to 70% under Striga-infested and non-infested conditions. Among the DTSTR hybrids included in the regional trials, 33 were high yielders with better adaptability across environments under all stressful and non-stressful testing conditions. Twenty-four of the 33 DTSTR hybrids also yielded well across diverse rainfed environments. The genetic correlations of grain yield under managed drought stress with yield under Striga-infestation and multiple rainfed environments were 0.51 and 0.57, respectively. Also, a genetic correlation between yields under Striga-infestation with that recorded in multiple rainfed environments was 0.58. These results suggest that the sequential selection scheme offers an opportunity to accumulate desirable stress-related traits in parents contributing to superior agronomic performance in hybrids across stressful and diverse rainfed field environments that are commonly encountered in the tropical savannas of Africa

Evaluation of MILS and reduced kernel security concepts for SCADA remote terminal units.

The purpose of this project is to study the benefits that the Multiple Independent Levels of Security (MILS) approach can provide to Supervisory Control and Data Acquisition (SCADA) remote terminal units. This is accomplished through a heavy focus on MILS concepts such as resource separation, verification, and kernel minimization and reduction. Two architectures are leveraged to study the application of reduced kernel concepts for a remote terminal unit (RTU). The first is the LynxOS embedded operating system, which is used to create a bootable image of a working RTU. The second is the Pistachio microkernel, the features and development environment of which are analyzed and catalogued to provide the basis for a future RTU. A survey of recent literature is included that focuses on the state of SCADA security, the MILS standard, and microkernel research. The design methodology for a MILS compliant RTU is outlined, including a benefit analysis of applying MILS in an industrial network setting. Also included are analyses of the concepts of MILS which are relevant to the design and how LynxOS and Pistachio can be used to study some of these concepts. A section detailing the prototyping of RTUs on LynxOS and Pistachio is also included, followed by an initial security and performance analysis for both systems