166,015 research outputs found

    Security, Privacy and Safety Risk Assessment for Virtual Reality Learning Environment Applications

    Full text link
    Social Virtual Reality based Learning Environments (VRLEs) such as vSocial render instructional content in a three-dimensional immersive computer experience for training youth with learning impediments. There are limited prior works that explored attack vulnerability in VR technology, and hence there is a need for systematic frameworks to quantify risks corresponding to security, privacy, and safety (SPS) threats. The SPS threats can adversely impact the educational user experience and hinder delivery of VRLE content. In this paper, we propose a novel risk assessment framework that utilizes attack trees to calculate a risk score for varied VRLE threats with rate and duration of threats as inputs. We compare the impact of a well-constructed attack tree with an adhoc attack tree to study the trade-offs between overheads in managing attack trees, and the cost of risk mitigation when vulnerabilities are identified. We use a vSocial VRLE testbed in a case study to showcase the effectiveness of our framework and demonstrate how a suitable attack tree formalism can result in a more safer, privacy-preserving and secure VRLE system.Comment: Tp appear in the CCNC 2019 Conferenc

    Identifying attack surfaces in the evolving space industry using reference architectures

    Get PDF
    The space environment is currently undergoing a substantial change and many new entrants to the market are deploying devices, satellites and systems in space; this evolution has been termed as NewSpace. The change is complicated by technological developments such as deploying machine learning based autonomous space systems and the Internet of Space Things (IoST). In the IoST, space systems will rely on satellite-to-x communication and interactions with wider aspects of the ground segment to a greater degree than existing systems. Such developments will inevitably lead to a change in the cyber security threat landscape of space systems. Inevitably, there will be a greater number of attack vectors for adversaries to exploit, and previously infeasible threats can be realised, and thus require mitigation. In this paper, we present a reference architecture (RA) that can be used to abstractly model in situ applications of this new space landscape. The RA specifies high-level system components and their interactions. By instantiating the RA for two scenarios we demonstrate how to analyse the attack surface using attack trees

    On the inability of existing security models to cope with data mobility in dynamic organizations

    Get PDF
    Modeling tools play an important role in identifying threats in traditional\ud IT systems, where the physical infrastructure and roles are assumed\ud to be static. In dynamic organizations, the mobility of data outside the\ud organizational perimeter causes an increased level of threats such as the\ud loss of confidential data and the loss of reputation. We show that current\ud modeling tools are not powerful enough to help the designer identify the\ud emerging threats due to mobility of data and change of roles, because they\ud do not include the mobility of IT systems nor the organizational dynamics\ud in the security model. Researchers have proposed security models that\ud particularly focus on data mobility and the dynamics of modern organizations,\ud such as frequent role changes of a person. We show that none\ud of the current security models simultaneously considers the data mobility\ud and organizational dynamics to a satisfactory extent. As a result, none\ud of the current security models effectively identifies the potential security\ud threats caused by data mobility in a dynamic organization

    What Would Zero Look Like? A Treaty for the Abolition of Nuclear Weapons

    Get PDF
    Nuclear disarmament-the comprehensive, universal, and permanent abolition of all nuclear weapons, pursuant to a verifiable, legally binding international agreement-has long been one of the most ambitious, controversial, and urgent items on the agenda for arms control. To date, however, most of the discussion of getting to zero has highlighted the political, military, technical and diplomatic dimensions of this complex problem, and there has been relatively little attention to the legal requirements for drafting such a novel treaty. This Article fills that gap by offering two proposed agreements. The first, a non-legally-bindingfr amework accord, would be designedf or signature relatively soon (e.g., in 2015) to re-commit states to the goal of nuclear elimination and to energize their concerted individual and collective action on a set of prescribed steps in pursuit of it. The second, a legally-binding document, would be concluded at some point in the more distant future, when states had accomplished great reductions in their current nuclear arsenals and were ready, at last, to plunge forward to true abolition. The Article describes the conditions necessary for the further articulation of these two novel agreements, and the text of each instrument carries numerous annotations that identify competing options, describe the negotiating range, and illuminate the drafter\u27s choices. The hope is that something novel can be gained-fresh insights can be suggested, and new questions can be raised (even if answering them remains elusive)-by advancing the dialogue about nuclear disarmament to the concrete stage of treaty drafting
    • ā€¦
    corecore