13,186 research outputs found
Configuration Management of Distributed Systems over Unreliable and Hostile Networks
Economic incentives of large criminal profits and the threat of legal consequences have pushed criminals to continuously improve their malware, especially command and control channels. This thesis applied concepts from successful malware command and control to explore the survivability and resilience of benign configuration management systems.
This work expands on existing stage models of malware life cycle to contribute a new model for identifying malware concepts applicable to benign configuration management. The Hidden Master architecture is a contribution to master-agent network communication. In the Hidden Master architecture, communication between master and agent is asynchronous and can operate trough intermediate nodes. This protects the master secret key, which gives full control of all computers participating in configuration management. Multiple improvements to idempotent configuration were proposed, including the definition of the minimal base resource dependency model, simplified resource revalidation and the use of imperative general purpose language for defining idempotent configuration.
Following the constructive research approach, the improvements to configuration management were designed into two prototypes. This allowed validation in laboratory testing, in two case studies and in expert interviews. In laboratory testing, the Hidden Master prototype was more resilient than leading configuration management tools in high load and low memory conditions, and against packet loss and corruption. Only the research prototype was adaptable to a network without stable topology due to the asynchronous nature of the Hidden Master architecture.
The main case study used the research prototype in a complex environment to deploy a multi-room, authenticated audiovisual system for a client of an organization deploying the configuration. The case studies indicated that imperative general purpose language can be used for idempotent configuration in real life, for defining new configurations in unexpected situations using the base resources, and abstracting those using standard language features; and that such a system seems easy to learn.
Potential business benefits were identified and evaluated using individual semistructured expert interviews. Respondents agreed that the models and the Hidden Master architecture could reduce costs and risks, improve developer productivity and allow faster time-to-market. Protection of master secret keys and the reduced need for incident response were seen as key drivers for improved security. Low-cost geographic scaling and leveraging file serving capabilities of commodity servers were seen to improve scaling and resiliency. Respondents identified jurisdictional legal limitations to encryption and requirements for cloud operator auditing as factors potentially limiting the full use of some concepts
A Holistic Analysis of Internet of Things (IoT) Security : Principles, Practices, and New Perspectives
Peer reviewedPublisher PD
UMSL Bulletin 2023-2024
The 2023-2024 Bulletin and Course Catalog for the University of Missouri St. Louis.https://irl.umsl.edu/bulletin/1088/thumbnail.jp
Evaluation Methodologies in Software Protection Research
Man-at-the-end (MATE) attackers have full control over the system on which
the attacked software runs, and try to break the confidentiality or integrity
of assets embedded in the software. Both companies and malware authors want to
prevent such attacks. This has driven an arms race between attackers and
defenders, resulting in a plethora of different protection and analysis
methods. However, it remains difficult to measure the strength of protections
because MATE attackers can reach their goals in many different ways and a
universally accepted evaluation methodology does not exist. This survey
systematically reviews the evaluation methodologies of papers on obfuscation, a
major class of protections against MATE attacks. For 572 papers, we collected
113 aspects of their evaluation methodologies, ranging from sample set types
and sizes, over sample treatment, to performed measurements. We provide
detailed insights into how the academic state of the art evaluates both the
protections and analyses thereon. In summary, there is a clear need for better
evaluation methodologies. We identify nine challenges for software protection
evaluations, which represent threats to the validity, reproducibility, and
interpretation of research results in the context of MATE attacks
Distributed Sensing, Computing, Communication, and Control Fabric: A Unified Service-Level Architecture for 6G
With the advent of the multimodal immersive communication system, people can
interact with each other using multiple devices for sensing, communication
and/or control either onsite or remotely. As a breakthrough concept, a
distributed sensing, computing, communications, and control (DS3C) fabric is
introduced in this paper for provisioning 6G services in multi-tenant
environments in a unified manner. The DS3C fabric can be further enhanced by
natively incorporating intelligent algorithms for network automation and
managing networking, computing, and sensing resources efficiently to serve
vertical use cases with extreme and/or conflicting requirements. As such, the
paper proposes a novel end-to-end 6G system architecture with enhanced
intelligence spanning across different network, computing, and business
domains, identifies vertical use cases and presents an overview of the relevant
standardization and pre-standardization landscape
LATEST ADVANCES ON SECURITY ARCHITECTURE FOR 5G TECHNOLOGY AND SERVICES
The roll out of the deployment of the 5G technology has been ongoing globally. The
deployment of the technologies associated with 5G has seen mixed reaction as regards its
prospects to improve communication services in all spares of life amid its security concerns. The
security concerns of 5G network lies in its architecture and other technologies that optimize the
performance of its architecture. There are many fractions of 5G security architecture in the
literature, a holistic security architectural structure will go a long way in tackling the security
challenges. In this paper, the review of the security challenges of the 5G technology based on its
architecture is presented along with their proposed solutions. This review was carried out with
some keywords relating to 5G securities and architecture; this was used to retrieve appropriate
literature for fitness of purpose. The 5G security architectures are mojorly centered around the
seven network security layers; thereby making each of the layers a source of security concern on
the 5G network. Many of the 5G security challenges are related to authentication and authorization
such as denial-of-service attacks, man in the middle attack and eavesdropping. Different methods
both hardware (Unmanned Aerial Vehicles, field programmable logic arrays) and software (Artificial
intelligence, Machine learning, Blockchain, Statistical Process Control) has been proposed for
mitigating the threats. Other technologies applicable to 5G security concerns includes: Multi-radio
access technology, smart-grid network and light fidelity. The implementation of these solutions
should be reviewed on a timely basis because of the dynamic nature of threats which will greatly
reduce the occurrence of security attacks on the 5G network
Innovation in Energy Security and Long-Term Energy Efficiency Ⅱ
The sustainable development of our planet depends on the use of energy. The increasing world population inevitably causes an increase in the demand for energy, which, on the one hand, threatens us with the potential to encounter a shortage of energy supply, and, on the other hand, causes the deterioration of the environment. Therefore, our task is to reduce this demand through different innovative solutions (i.e., both technological and social). Social marketing and economic policies can also play their role by affecting the behavior of households and companies and by causing behavioral change oriented to energy stewardship, with an overall switch to renewable energy resources. This reprint provides a platform for the exchange of a wide range of ideas, which, ultimately, would facilitate driving societies toward long-term energy efficiency
The regulation of digital platforms: the case of pagoPA
How can EU regulation affect innovation. Digital revolution: How big data have changed the world and the legal landscape. The regulation of digital platforms in Europe. Digital revolution: How distributed ledger technologies are changing the world and the legal landscape. Regulation of digital payments: the case of pagopa
- …