A model of distributed key generation for industrial control systems

11th International Workshop on Discrete Event Systems, WODES 2012; Guadalajara, Jalisco; Mexico; 3 October 2012 through 5 October 2012The cyber-security of industrial control systems (ICS) is gaining high relevance due to the impact of industrial system failures on the citizen life. There is an urgent need for the consideration of security in their design, and for the analysis of the related vulnerabilities and potential threats. The high exposure of industrial critical infrastructure to cyber-threats is mainly due to the intrinsic weakness of the communication protocols used to control the process network. The peculiarities of the industrial protocols (low computational power, large geographical distribution, near to real-time constraints) make hard the effective use of traditional cryptographic schemes and in particular the implementation of an effective key management infrastructure supporting a cryptographic layer. In this paper, we describe a "model of distributed key generation for industrial control systems" we have recently implemented. The model is based on a known Distributed Key Generator protocol we have adapted to an industrial control system environment and to the related communication protocol (Modbus). To validate in a formal way selected security properties of the model, we introduced a Petri Nets representation. This representation allows for modeling attacks against the protocol and understanding some potential weaknesses of its implementation in the industrial control system environment

An information geometrical evaluation of Shannon information metrics on a discrete n-dimensional digital manifold

The definition and nature of information have perplexed scientists due to its dual nature in measurements. The information is discrete and continuous when evaluated on a metric scale, and the Laplace-Beltrami operator and Gauss-Bonnet Theorem can map one to another. On the other hand, defining the information as a discrete entity on the surface area of an n-dimensional discrete digital manifold provides a unique way of calculating the entropy of a manifold. The software simulation shows that the surface area of the discrete n-dimensional digital manifold is an effectively computable function. Moreover, it also provides the information-geometrical evaluation of Shannon information metrics

Satellite Networks for Key Management

3rd International Conference on Recent Advances in Space Technologies, RAST 2007; Istanbul; Turkey; 14 June 2007 through 16 June 2007The cryptographic key management center is the place where all the cryptographical protocols and related keys are in action. Traditionally the key management centers operate on the ground. However; with the satellites, it is possible to conceive a space based key management center. This paper underlines the pros and cons of having a satellite networks key management center

Simetrik kriptosistemler için Türkiye Türkçesinin kriptanalitik öiçüleri. 2 cilt

Bu tezin, veri tabanı üzerinden yayınlanma izni bulunmamaktadır. Yayınlanma izni olmayan tezlerin basılı kopyalarına Üniversite kütüphaneniz aracılığıyla (TÜBESS üzerinden) erişebilirsiniz.[Abstarct Not Available

Intelligence Analysis Modeling

2006 International Conference on Hybrid Information Technology, ICHIT 2006; Cheju Island; South Korea; 9 November 2006 through 11 November 2006Intelligence is the process of supporting the policymakers in making their decisions by providing them with the specific information they need. Intelligence analysis is the effort of extracting the nature of intelligence issue with the policy goal in mind. It is performed by intelligence analysts who form judgments that add value to the collected material. With the increased open source collection capabilities, there has emerged a need for a model of intelligence analysis that covers the basic elements of valuable information: relevancy, accuracy, and timeliness. There exist models such as vector space model of information retrieval which only addresses the relevancy aspect of information and cannot cope with nonlinear document spaces. In this paper, we discuss the requirements of an integrated model of intelligence analysis along with its peculiar characteristics

Software Development for Transitions of Graphs from Discrete State into the Continuous State

Manifolds are suitable differentiable mathematical objects for information to be defined on. By their very definition they are non-Euclidean in the global view but in local scales they resemble Euclidean spaces. This property provides that the contemporary information models can also be defined within the previsioned new models of information models. One of the most basic representations of information is through graphs. They are discrete and highly computable mathematical objects. In this research, the main aim is to investigate methods of embedding this simple piece of information onto manifolds. This research shows that the very fundamental data structures of computer science can be transformed into the continuous spaces and wide area of applications can be engineered such as pattern recognition or anomaly detection. The visualizations of the inspected methods are the evidence of that the graph data can carry new characteristics other than classical properties of graphs such as curvature, locality or multi-dimensionality

Utilization of Timed Automata as a Verification Tool for Security Protocols

4th IEEE International Conference on Secure Software Integration and Reliability Improvement Companion, SSIRI-C 2010; Singapore; Singapore; 9 June 2010 through 11 June 2010Timed Automata is an extension to the automata-theoretic approach for the modeling of real time systems that introduces time into the classical automata. It has become an important research area in both the context of formal languages and modeling and verification of real time systems since it was proposed by Alur and Dill in the early nineties. Timed automata proposes an efficient model checking method for verification real time systems having mature and efficient automatic verification tools. One of the application areas of timed automata is the verification of security protocols which are known to be time sensitive. This study aims to make use of timed automata as a verification tool for security protocols and gives a case study on the initial part of the Neuman- Stubblebine Repeated Authentication Protocol. © 2010 IEEE

Modeling Efficient Multi-chained Stream Signature Protocol Using Communicating Sequential Processes

4th IEEE International Conference on Secure Software Integration and Reliability Improvement Companion, SSIRI-C 2010; Singapore; Singapore; 9 June 2010 through 11 June 2010Communicating Sequential Processes (CSP) is a process algebra, designed for modeling and analyzing the behavior of concurrent systems. Several security protocols are modeled with CSP and verified using model-checking or theorem proving techniques successfully. Unlike other authentication protocols modeled using CSP, each of the Efficient Multi-chained Stream Signature (EMSS) protocol messages are linked to the previous messages, forming hash chains, which introduces difficulties for modeling and verification. In this paper; we model the EMSS stream authentication protocol using CSP and verify its authentication properties with model checking, by building an infinite state model of the protocol which is reduced into a finite state model. © 2010 IEEE

Proceedings of the first JRC-Turkey workshop on ICT security

The first JRC-Turkey workshop on ICT security was held on the 1st and 2nd of December 2009 in YASAR University, Selçuk Yasar Campus. It was focused on research areas related to Information and Communication Technologies and Security. The importance of these themes at the national and European dimensions is both for the protection of Critical Infrastructures and Public Safety applications. The aim of the workshop was at defining synergies between JRC and Turkish scientific organizations and researchers in the context of the implementation of the EC Framework Program VII (FP7) and of the mission of the JRC on critical information infrastructure protection (CIIP). The workshop was also an opportunity for the discussion of a potential collaboration between the JRC and Yasar University on experimental security involving the SCADA and Internet laboratories of the JRC and the Izmir group on Internet security based at Yasar University.JRC.DG.G.6-Security technology assessmen