Evaluating On-line Model Checking in UPPAAL-SMC using a Laser Tracheotomy Case Study

On-line model checking is a variant of model checking that evaluates properties of a system concurrently while deployed, which allows overcoming limitations of inaccurate system models. In this paper we conduct a laser tracheotomy case study to evaluate the feasibility of using the statistical model checker UPPAAL-SMC for on-line model checking in a medical application. Development of automatic on-line model checking relies on the precision of the prediction and real-time capabilities as real-time requirements must be met. We evaluate the case study with regards to these qualities and our results show that using UPPAAL-SMC in an on-line model checking context is practical: relative prediction errors were only 2% on average and guarantees could be established within reasonable time during our experiments

08302 Abstracts Collection -- Countering Insider Threats

From July 20 to July 25, 2008, the Dagstuhl Seminar 08302 ``Countering Insider Threats \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Rescuing Wireless Sensor Networks Security from Science Fiction

Abstract. We critically analyze the state of the art in research on wireless sensor network security. Assumptions about security requirements are not always consistent with the assumptions about the nature of sensor nodes. There are deficiencies in the specification of attacker models. Work on wireless sensor network security often fails to give proper definitions and justifications of what constitutes node misbehaviour. We analyze the merits and limitations of reputation-based routing protocols as a security mechanism, and observe that in wireless sensor networks there is a strong case for using application specific cross-layer optimizations and hence a diminished demand for generic security solutions

A New Blind ECDSA Scheme for Bitcoin Transaction Anonymity

In this paper, we consider a scenario where a bitcoin liquidity provider sells bitcoins to clients. When a client pays for a bitcoin online, the provider is able to link the client\u27s payment information to the bitcoin sold to that client. To address the clients\u27 privacy concern, it is desirable for the provider to perform the bitcoin transaction with blind signatures. However, existing blind signature schemes are incompatible with the Elliptic Curve Digital Signature Algorithm (ECDSA) which is used by most of the existing bitcoin protocol, thus cannot be applied directly in Bitcoin. In this paper, we propose a new blind signature scheme that allows generating a blind signature compatible with the standard ECDSA. Afterwards, we make use of the new scheme to achieve bitcoin transaction anonymity. The new scheme is built on a variant of the Paillier cryptosystem and its homomorphic properties. As long as the modified Paillier cryptosystem is semantically secure, the new blind signature scheme has blindness and unforgeability

10341 Abstracts Collection -- Insider Threats: Strategies for Prevention, Mitigation, and Response

From August 22 to 26, 2010, the Dagstuhl Seminar 10341 ``Insider Threats: Strategies for Prevention, Mitigation, and Response\u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Ancestors protocol for scalable key management

AbstractGroup key management is an important functional building block for secure multicast architecture. Thereby, it has been extensively studied in the literature. The main proposed protocol is Adaptive Clustering for Scalable Group Key Management (ASGK). According to ASGK protocol, the multicast group is divided into clusters, where each cluster consists of areas of members. Each cluster uses its own Traffic Encryption Key (TEK). These clusters are updated periodically depending on the dynamism of the members during the secure session. The modified protocol has been proposed based on ASGK with some modifications to balance the number of affected members and the encryption/decryption overhead with any number of the areas when a member joins or leaves the group. This modified protocol is called Ancestors protocol. According to Ancestors protocol, every area receives the dynamism of the members from its parents. The main objective of the modified protocol is to reduce the number of affected members during the leaving and joining members, then 1 affects n overhead would be reduced. A comparative study has been done between ASGK protocol and the modified protocol. According to the comparative results, it found that the modified protocol is always outperforming the ASGK protocol

Secret sharing with reusable polynomials

Abstract. We present a threshold secret sharing scheme based on poly-nomial interpolation and the Die-Hellman problem. In this scheme shares can be used for the reconstruction of multiple secrets, sharehold-ers can dynamically join or leave without distributing new shares to the existing shareholders, and shares can be individually veried during both share distribution and secret recovery.

SePCAR: A Secure and Privacy-Enhancing Protocol for Car Access Provision

We present an efficient secure and privacy-enhancing protocol for car access provision, named SePCAR. The protocol is fully decentralised and allows users to share their cars conveniently without sacrifising their security and privacy. It provides generation, update, revocation, and distribution mechanisms for access tokens to shared cars, as well as procedures to solve disputes and to deal with law enforcement requests, for instance in the case of car incidents. We prove that SePCAR meets its appropriate security and privacy requirements and that it is efficient: our practical efficiency analysis through a proof-of-concept implementation shows that SePCAR takes only 1.55 s for a car access provision