A cooperative cellular and broadcast conditional access system for Pay-TV systems

This is the author's accepted manuscript. The final published article is available from the link below. Copyright @ 2009 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.The lack of interoperability between Pay-TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay-TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay-TV systems. As a result, this paper presents the Mobile Conditional Access System (MICAS) as an end-to-end access control solution for Pay-TV systems. It incorporates the mobile and broadcasting systems and provides a platform whereby service providers can effectively interact with their customers, personalize their services and adopt appropriate security measurements. This would result in the decrease of operating expenses and increase of customers' satisfaction in the system. The paper provides an overview of state-of-the-art conditional access solutions followed by detailed description of design, reference model implementation and analysis of possible MICAS security architectures.Strategy & Technology (S&T) Lt

A Logic for Constraint-based Security Protocol Analysis

We propose PS-LTL, a pure-past security linear temporal logic that allows the specification of a variety of authentication, secrecy and data freshness properties. Furthermore, we present a sound and complete decision procedure to establish the validity of security properties for symbolic execution traces, and show the integration with constraint-based analysis techniques

Attack analysis of cryptographic protocols using strand spaces

Security protocols make use of cryptographic techniques to achieve goals such as confidentiality, authentication and integrity. However, the fact that strong cryptographic algorithms exist does not guarantee the security of a communications system. In fact, it is recognised that the engineering of security protocols is a challenging task, since protocols that appear secure can contain subtle flaws that attackers can exploit. A number of techniques exist for the analysis of security protocol specifications. Individually they are not capable of detecting every possible flaw or attack against a protocol. However, when combined, these techniques all complement each other, allowing a protocol engineer to obtain a more accurate overview of the security of a protocol that is being designed. This is the rationale for multi-dimensional security protocol engineering, a concept introduced by previous projects of ours over several years. We propose an attack construction approach to security protocol analysis within a multi-dimensional context. This analysis method complements the existing inference construction analysis tools developed earlier in the group. We give a brief overview of the concepts associated with the project, including a summary of existing security protocol analysis techniques, and a description of the strand space model, which is the intended formalism for the analysis