Role-based access control for xml enabled management gateways

Abstract. While security is often supported in standard management frameworks, it has been insufficiently approached in most deployment and research initiatives. In this paper we address the provisioning of a security "continuum" for management frameworks based on XML/SNMP gateways. We provide an in depth security extension of such a gateway using the Role Based Access Control paradigm and show how to integrate our approach within a broader XML-based management framework

Machine-assisted Cyber Threat Analysis using Conceptual Knowledge Discovery

Over the last years, computer networks have evolved into highly dynamic and interconnected environments, involving multiple heterogeneous devices and providing a myriad of services on top of them. This complex landscape has made it extremely difficult for security administrators to keep accurate and be effective in protecting their systems against cyber threats. In this paper, we describe our vision and scientific posture on how artificial intelligence techniques and a smart use of security knowledge may assist system administrators in better defending their networks. To that end, we put forward a research roadmap involving three complimentary axes, namely, (I) the use of FCA-based mechanisms for managing configuration vulnerabilities, (II) the exploitation of knowledge representation techniques for automated security reasoning, and (III) the design of a cyber threat intelligence mechanism as a CKDD process. Then, we describe a machine-assisted process for cyber threat analysis which provides a holistic perspective of how these three research axes are integrated together

Internet services: management beyond the element: proceedings DSOM'2001

Proceedings of the 12th International Workshop on Distributed Systems - Operations & Managemen

A Trust-based Strategy for Addressing Residual Attacks in the RELOAD Architecture

Abstract—Telephony over IP has undergone a large-scale deployment thanks to the development of high-speed broadband access and the standardization of signalling protocols. A particular attention is currently given to P2PSIP networks which are exposed to many security threats. The RELOAD protocol defines a peer-to-peer signalling overlay designed to support these networks. It introduces a security framework based on certification mechanisms, but P2PSIP networks are still exposed to residual attacks, such as refusals of service. We propose in this work to address these residual attacks by integrating into the RELOAD architecture a dedicated trust model coupled with prevention countermeasures. We mathematically defines this trust-based strategy, and describe the considered prevention mechanisms implemented by safeguards and watchmen. We quantify the benefits and limits of our solution through an extensive set of experiments. I

Risk Management in VoIP Infrastructures using Support Vector Machines

Telephony over IP is exposed to multiple security threats. Conventional protection mechanisms do not fit into the highly dynamic, open and large-scale settings of VoIP infrastructures, and may significantly impact on the performance of such a critical service. We propose in this paper a runtime risk management strategy based on anomaly detection techniques for continuously adapting the VoIP service exposure. This solution relies on support vector machines (SVM) and exploits dynamic security safeguards to reduce risks in a progressive manner. We describe how SVM parameters can be integrated into a runtime risk model, and show how this framework can be deployed into an Asterisk VoIP server. We evaluate the benefits and limits of our solution through a prototype and an extensive set of experimental results

Proceedings of the 9th IFIP/IEEE International Symposium on Integrated Network Management

Proceedings edito

Energy-based routing metric for RPL

Abstract: Saving power while ensuring acceptable service levels is a major concern in wireless sensor networks, since nodes are usually deployed and not replaced in case of breakdown. Several efforts have recently led to the standardization of a routing protocol for low power and lossy network. The standard provides various metrics, which can be used to guide the routing. Most protocol implementations use expected transmission count as the routing metric, thus focus on the link reliability. To our knowledge, there is no protocol implementation that uses the nodes remaining energy for next hop selection. This document discusses about the usage of the latter as the routing metric for RPL, the new standard for routing for Low power and Lossy Network (LLN). We design an objective function for that metric and compared experiments result with the most popular expected transmission count scheme