287 research outputs found
Trust and reputation policy-based mechanisms for self-protection in autonomic communications
Currently, there is an increasing tendency to migrate the management of communications and information systems onto the Web. This is making many traditional service support models obsolete. In addition, current security mechanisms are not sufficiently robust to protect each management system and/or subsystem from web-based intrusions, malware, and hacking attacks. This paper presents research challenges in autonomic management to provide self-protection mechanisms and tools by using trust and reputation concepts based on policy-based management to decentralize management decisions. This work also uses user-based reputation mechanisms to help enforce trust management in pervasive and communications services. The scope of this research is founded in social models, where the application of trust and reputation applied in communication systems helps detect potential users as well as hackers attempting to corrupt management operations and services. These so-called “cheating services” act as “attacks”, altering the performance and the security in communication systems by consumption of computing or network resources unnecessarily
Attack trees in Isabelle
In this paper, we present a proof theory for attack trees. Attack trees are a well established and useful model for the construction of attacks on systems since they allow a stepwise exploration of high level attacks in application scenarios. Using the expressiveness of Higher Order Logic in Isabelle, we succeed in developing a generic theory of attack trees with a state-based semantics based on Kripke structures and CTL. The resulting framework allows mechanically supported logic analysis of the meta-theory of the proof calculus of attack trees and at the same time the developed proof theory enables application to case studies. A central correctness and completeness result proved in Isabelle establishes a connection between the notion of attack tree validity and CTL. The application is illustrated on the example of a healthcare IoT system and GDPR compliance verification
Efficient Attack Graph Analysis through Approximate Inference
Attack graphs provide compact representations of the attack paths that an
attacker can follow to compromise network resources by analysing network
vulnerabilities and topology. These representations are a powerful tool for
security risk assessment. Bayesian inference on attack graphs enables the
estimation of the risk of compromise to the system's components given their
vulnerabilities and interconnections, and accounts for multi-step attacks
spreading through the system. Whilst static analysis considers the risk posture
at rest, dynamic analysis also accounts for evidence of compromise, e.g. from
SIEM software or forensic investigation. However, in this context, exact
Bayesian inference techniques do not scale well. In this paper we show how
Loopy Belief Propagation - an approximate inference technique - can be applied
to attack graphs, and that it scales linearly in the number of nodes for both
static and dynamic analysis, making such analyses viable for larger networks.
We experiment with different topologies and network clustering on synthetic
Bayesian attack graphs with thousands of nodes to show that the algorithm's
accuracy is acceptable and converge to a stable solution. We compare sequential
and parallel versions of Loopy Belief Propagation with exact inference
techniques for both static and dynamic analysis, showing the advantages of
approximate inference techniques to scale to larger attack graphs.Comment: 30 pages, 14 figure
Some Directions beyond Traditional Quantum Secret Sharing
We investigate two directions beyond the traditional quantum secret sharing
(QSS). First, a restriction on QSS that comes from the no-cloning theorem is
that any pair of authorized sets in an access structure should overlap. From
the viewpoint of application, this places an unnatural constraint on secret
sharing. We present a generalization, called assisted QSS (AQSS), where access
structures without pairwise overlap of authorized sets is permissible, provided
some shares are withheld by the share dealer. We show that no more than
withheld shares are required, where is the minimum number
of {\em partially linked classes} among the authorized sets for the QSS. Our
result means that such applications of QSS need not be thwarted by the
no-cloning theorem. Secondly, we point out a way of combining the features of
QSS and quantum key distribution (QKD) for applications where a classical
information is shared by quantum means. We observe that in such case, it is
often possible to reduce the security proof of QSS to that of QKD.Comment: To appear in Physica Scripta, 7 pages, 1 figure, subsumes
arXiv:quant-ph/040720
Quantum Cryptography
Quantum cryptography is a new method for secret communications offering the
ultimate security assurance of the inviolability of a Law of Nature. In this
paper we shall describe the theory of quantum cryptography, its potential
relevance and the development of a prototype system at Los Alamos, which
utilises the phenomenon of single-photon interference to perform quantum
cryptography over an optical fiber communications link.Comment: 36 pages in compressed PostScript format, 10 PostScript figures
compressed tar fil
Cognitive-Behavioral Group Therapy versus Phenelzine in Social Phobia: Long-Term Outcome
To evaluate the effects of maintenance treatment and durability of gains after treatment discontinuation, responders to either phenelzine (PZ) or cognitive-behavioral group therapy (CBGT) from an acute trial comparing these two treatments as well as pill placebo and a psychotherapy control (educational supportive group therapy) were enrolled into maintenance and treatment-free follow-up phases. Experimental design: Responders to an acute trial contrasting PZ and CBGT entered a six-month maintenance phase. Patients who continued to respond through the maintenance phase entered a six-month treatment-free phase. Patients receiving pill placebo or educational supportive group therapy in the acute trial did not enter the long-term study. Principal observations: PZ patients entered maintenance more improved than CBGT patients, and nonrelapsing PZ patients maintained their superior gains throughout the study. Relapse during maintenance did not differ between treatments. However, PZ patients showed a trend toward greater relapse during treatment-free follow-up. There was a greater relapse among patients with generalized social phobia with phenelzine. Conclusions: PZ and cognitive-behavioral group therapy may differ in their long-term effects. The superiority seen with PZ on some measures in the acute study persisted in patients who maintained their gains over the course of maintenance and treatment-free follow-up. However, CBGT may lead to a greater likelihood of maintaining response after treatment has terminated. Replication with larger samples is needed, as is a study of the acute and long-term efficacy of combined PZ and CBGT
Quantum asymmetric cryptography with symmetric keys
Based on quantum encryption, we present a new idea for quantum public-key
cryptography (QPKC) and construct a whole theoretical framework of a QPKC
system. We show that the quantum-mechanical nature renders it feasible and
reasonable to use symmetric keys in such a scheme, which is quite different
from that in conventional public-key cryptography. The security of our scheme
is analyzed and some features are discussed. Furthermore, the state-estimation
attack to a prior QPKC scheme is demonstrated.Comment: 8 pages, 1 figure, Revtex
Gaussian Quantum Information
The science of quantum information has arisen over the last two decades
centered on the manipulation of individual quanta of information, known as
quantum bits or qubits. Quantum computers, quantum cryptography and quantum
teleportation are among the most celebrated ideas that have emerged from this
new field. It was realized later on that using continuous-variable quantum
information carriers, instead of qubits, constitutes an extremely powerful
alternative approach to quantum information processing. This review focuses on
continuous-variable quantum information processes that rely on any combination
of Gaussian states, Gaussian operations, and Gaussian measurements.
Interestingly, such a restriction to the Gaussian realm comes with various
benefits, since on the theoretical side, simple analytical tools are available
and, on the experimental side, optical components effecting Gaussian processes
are readily available in the laboratory. Yet, Gaussian quantum information
processing opens the way to a wide variety of tasks and applications, including
quantum communication, quantum cryptography, quantum computation, quantum
teleportation, and quantum state and channel discrimination. This review
reports on the state of the art in this field, ranging from the basic
theoretical tools and landmark experimental realizations to the most recent
successful developments.Comment: 51 pages, 7 figures, submitted to Reviews of Modern Physic
The ‘uberization of policing’? How police negotiate and operationalise predictive policing technology
Predictive policing generally refers to police work that utilises strategies, algorithmic technologies, and big data to generate near-future predictions about the people and places deemed likely to be involved in or experience crime. Claimed benefits of predictive policing centre on the technology’s ability to enable pre-emptive police work by automating police decisions. The goal is that officers will rely on computer software and smartphone applications to instruct them about where and who to police just as Uber drivers rely on similar technologies to instruct them about where to pick up passengers. Unfortunately, little is known about the experiences of the in-field users of predictive technologies. This article helps fill this gap by addressing the under researched area of how police officers engage with predictive technologies. As such, data is presented that outlines the findings of a qualitative study with UK police organisations involved in designing and trialing predictive policing software. Research findings show that many police officers have a detailed awareness of the limitations of predictive technologies, specifically those brought about by errors and biases in input data. This awareness has led many officers to develop a sceptical attitude towards predictive technologies and, in a few cases, these officers have expressed a reluctance to use predictive technologies. Based on these findings, this paper argues that claims about predictive software’s ability to neutralise the subjectivity of police work overlooks the ongoing struggles of the police officer to assert their agency and mediate the extent to which predictions will be trusted and utilised
- …