211 research outputs found
SGXIO: Generic Trusted I/O Path for Intel SGX
Application security traditionally strongly relies upon security of the
underlying operating system. However, operating systems often fall victim to
software attacks, compromising security of applications as well. To overcome
this dependency, Intel introduced SGX, which allows to protect application code
against a subverted or malicious OS by running it in a hardware-protected
enclave. However, SGX lacks support for generic trusted I/O paths to protect
user input and output between enclaves and I/O devices.
This work presents SGXIO, a generic trusted path architecture for SGX,
allowing user applications to run securely on top of an untrusted OS, while at
the same time supporting trusted paths to generic I/O devices. To achieve this,
SGXIO combines the benefits of SGX's easy programming model with traditional
hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure
debug enclaves to behave like secure production enclaves. SGXIO surpasses
traditional use cases in cloud computing and makes SGX technology usable for
protecting user-centric, local applications against kernel-level keyloggers and
likewise. It is compatible to unmodified operating systems and works on a
modern commodity notebook out of the box. Hence, SGXIO is particularly
promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1
Simulation des écoulements à surface libre dans les turbines Pelton par une méthode hybride SPH-ALE
International audienceAn Arbitrary Lagrange Euler (ALE) description of fluid flows is used together with the meshless numerical method Smoothed Particle Hydrodynamics (SPH) to simulate free surface flows. The ALE description leads to an hybrid method that can be closely connected to the finite volume approach. It is then possible to adapt some common techniques like upwind schemes and preconditioning to remedy some of the well known drawbacks of SPH like stability and accuracy. An efficient boundary treatment based on a proper upwinding of fluid information at the boundary surface is settled. The resulting SPH-ALE numerical method is applied to simulate free surface flows encountered in Pelton turbines.La méthode numérique sans maillage Smoothed Particle Hydrodynamics (SPH) est modifiée par l'adoption d'une description Arbitrary Lagrange Euler (ALE) des écoulements fluides, dans le but de simuler des écoulements à surface libre. Le formalisme ALE conduit à une méthode numérique hybride s'apparentant sur de nombreux points à une approche volumes finis. Il est alors possible d'adapter des techniques numériques courantes comme les schémas décentrés et le préconditionnement pour résoudre certains défauts majeurs de la méthode SPH, comme la stabilité numérique ou le manque de précision. Par ailleurs, le traitement des conditions limites est réalisé par un décentrement approprié des informations fluides sur les surfaces frontières. La méthode numérique SPH-ALE résultante est appliquée à la simulation d'écoulements à surface libre tels que ceux rencontrés dans les turbines Pelton
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Actigraphy in Human African Trypanosomiasis as a Tool for Objective Clinical Evaluation and Monitoring: A Pilot Study
The clinical picture of the parasitic disease human African trypanosomiasis (HAT, also called sleeping sickness) is dominated by sleep alterations. We here used actigraphy to evaluate patients affected by the Gambiense form of HAT. Actigraphy is based on the use of battery-run, wrist-worn devices similar to watches, widely used in middle-high income countries for ambulatory monitoring of sleep disturbances. This pilot study was motivated by the fact that the use of polysomnography, which is the gold standard technology for the evaluation of sleep disorders and has greatly contributed to the objective identification of signs of disease in HAT, faces tangible challenges in resource-limited countries where the disease is endemic. We here show that actigraphy provides objective data on the severity of sleep-wake disturbances that characterize HAT. This technique, which does not disturb the patient's routine activities and can be applied at home, could therefore represent an interesting, non-invasive tool for objective HAT clinical assessment and long-term monitoring under field conditions. The use of this method could provide an adjunct marker of HAT severity and for treatment follow-up, or be evaluated in combination with other disease biomarkers in body fluids that are currently under investigation in many laboratories
Simple Nudges for Better Password Creation
Recent security breaches have highlighted the consequences of reusing passwords across online accounts. Recent guidance on password policies by the UK government recommend an emphasis on password length over an extended character set for generating secure but memorable passwords without cognitive overload. This paper explores the role of three nudges in creating website-specific passwords: financial incentive (present vs absent), length instruction (long password vs no instruction) and stimulus (picture present vs not present). Mechanical Turk workers were asked to create a password in one of these conditions and the resulting passwords were evaluated based on character length, resistance to automated guessing attacks, and time taken to create the password. We found that users created longer passwords when asked to do so or when given a financial incentive and these longer passwords were harder to guess than passwords created with no instruction. Using a picture nudge to support password creation did not lead to passwords that were either longer or more resistant to attacks but did lead to account-specific passwords
A Blockchain-Assisted Hash-Based Signature Scheme
We present a server-supported, hash-based digital signature scheme. To achieve greater efficiency than current state of the art, we relax the security model somewhat. We postulate a set of design requirements, discuss some approaches and their practicality, and finally reach a forward-secure scheme with only modest trust assumptions, achieved by employing the concepts of authenticated data structures and blockchains. The concepts of blockchain authenticated data structures and the presented blockchain design could have independent value and are worth further research
- …