1,799 research outputs found
Verification and Control of Partially Observable Probabilistic Real-Time Systems
We propose automated techniques for the verification and control of
probabilistic real-time systems that are only partially observable. To formally
model such systems, we define an extension of probabilistic timed automata in
which local states are partially visible to an observer or controller. We give
a probabilistic temporal logic that can express a range of quantitative
properties of these models, relating to the probability of an event's
occurrence or the expected value of a reward measure. We then propose
techniques to either verify that such a property holds or to synthesise a
controller for the model which makes it true. Our approach is based on an
integer discretisation of the model's dense-time behaviour and a grid-based
abstraction of the uncountable belief space induced by partial observability.
The latter is necessarily approximate since the underlying problem is
undecidable, however we show how both lower and upper bounds on numerical
results can be generated. We illustrate the effectiveness of the approach by
implementing it in the PRISM model checker and applying it to several case
studies, from the domains of computer security and task scheduling
Verification and control of partially observable probabilistic systems
We present automated techniques for the verification and control of partially observable, probabilistic systems for both discrete and dense models of time. For the discrete-time case, we formally model these systems using partially observable Markov decision processes; for dense time, we propose an extension of probabilistic timed automata in which local states are partially visible to an observer or controller. We give probabilistic temporal logics that can express a range of quantitative properties of these models, relating to the probability of an event’s occurrence or the expected value of a reward measure. We then propose techniques to either verify that such a property holds or synthesise a controller for the model which makes it true. Our approach is based on a grid-based abstraction of the uncountable belief space induced by partial observability and, for dense-time models, an integer discretisation of real-time behaviour. The former is necessarily approximate since the underlying problem is undecidable, however we show how both lower and upper bounds on numerical results can be generated. We illustrate the effectiveness of the approach by implementing it in the PRISM model checker and applying it to several case studies from the domains of task and network scheduling, computer security and planning
Lime: Data Lineage in the Malicious Environment
Intentional or unintentional leakage of confidential data is undoubtedly one
of the most severe security threats that organizations face in the digital era.
The threat now extends to our personal lives: a plethora of personal
information is available to social networks and smartphone providers and is
indirectly transferred to untrustworthy third party and fourth party
applications.
In this work, we present a generic data lineage framework LIME for data flow
across multiple entities that take two characteristic, principal roles (i.e.,
owner and consumer). We define the exact security guarantees required by such a
data lineage mechanism toward identification of a guilty entity, and identify
the simplifying non repudiation and honesty assumptions. We then develop and
analyze a novel accountable data transfer protocol between two entities within
a malicious environment by building upon oblivious transfer, robust
watermarking, and signature primitives. Finally, we perform an experimental
evaluation to demonstrate the practicality of our protocol
Cryptanalysis of an Efficient Signcryption Scheme with Forward Secrecy Based on Elliptic Curve
The signcryption is a relatively new cryptographic technique that is supposed
to fulfill the functionalities of encryption and digital signature in a single
logical step. Several signcryption schemes are proposed throughout the years,
each of them having its own problems and limitations. In this paper, the
security of a recent signcryption scheme, i.e. Hwang et al.'s scheme is
analyzed, and it is proved that it involves several security flaws and
shortcomings. Several devastating attacks are also introduced to the mentioned
scheme whereby it fails all the desired and essential security attributes of a
signcryption scheme.Comment: 5 Pages, 2 Figure
Analysis of the Security of BB84 by Model Checking
Quantum Cryptography or Quantum key distribution (QKD) is a technique that
allows the secure distribution of a bit string, used as key in cryptographic
protocols. When it was noted that quantum computers could break public key
cryptosystems based on number theory extensive studies have been undertaken on
QKD. Based on quantum mechanics, QKD offers unconditionally secure
communication. Now, the progress of research in this field allows the
anticipation of QKD to be available outside of laboratories within the next few
years. Efforts are made to improve the performance and reliability of the
implemented technologies. But several challenges remain despite this big
progress. The task of how to test the apparatuses of QKD For example did not
yet receive enough attention. These devises become complex and demand a big
verification effort. In this paper we are interested in an approach based on
the technique of probabilistic model checking for studying quantum information.
Precisely, we use the PRISM tool to analyze the security of BB84 protocol and
we are focused on the specific security property of eavesdropping detection. We
show that this property is affected by the parameters of quantum channel and
the power of eavesdropper.Comment: 12 Pages, IJNS
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
Estimating the Maximum Information Leakage
none2noopenAldini, Alessandro; DI PIERRO, A.Aldini, Alessandro; DI PIERRO, A
- …