Other affiliations: FH Joanneum, Austrian Institute of Technology, Johannes Kepler University of Linz ...read more
Bio: Stefan Rass is an academic researcher from Alpen-Adria-Universität Klagenfurt. The author has contributed to research in topics: Game theory & Quantum cryptography. The author has an hindex of 18, co-authored 172 publications receiving 1319 citations. Previous affiliations of Stefan Rass include FH Joanneum & Austrian Institute of Technology.
Papers published on a yearly basis
TL;DR: This paper shows how to secure ROS on an application level and describes a solution which is integrated directly into the ROS core, and adds security to all communication channels without being invasive to the system kernel itself.
TL;DR: Data quality frameworks are surveyed in a comparative way regarding the definition, assessment, and improvement of data quality with a focus on methodologies that are applicable in a wide range of business environments to aid the decision process concerning the suitability of these methods.
Abstract: Nowadays, the importance of achieving and maintaining a high standard of data quality is widely recognized by both practitioners and researchers. Based on its impact on businesses, the quality of data is commonly viewed as a valuable asset. The literature comprises various techniques for defining, assessing, and improving data quality. However, requirements for data and their quality vary between organizations. Due to this variety, choosing suitable methods that are advantageous for the data quality of an organization or in a particular context can be challenging. This paper surveys data quality frameworks in a comparative way regarding the definition, assessment, and improvement of data quality with a focus on methodologies that are applicable in a wide range of business environments. To aid the decision process concerning the suitability of these methods, we further provide a decision guide to data quality frameworks. This guidance aims to help narrow down possible choices for data quality methodologies based on a number of specified criteria.
TL;DR: This work investigates a generalized class of matrix games as a risk mitigation tool for an advanced persistent threat (APT) defense, and develops game-theoretic APT models that come with different properties than classical game theoretic models.
Abstract: Advanced persistent threats (APT) combine a variety of different attack forms ranging from social engineering to technical exploits. The diversity and usual stealthiness of APT turns them into a central problem of contemporary practical system security, since information on attacks, the current system status or the attacker's incentives is often vague, uncertain and in many cases even unavailable. Game theory is a natural approach to model the conflict between the attacker and the defender, and this work investigates a generalized class of matrix games as a risk mitigation tool for an advanced persistent threat (APT) defense. Unlike standard game and decision theory, our model is tailored to capture and handle the full uncertainty that is immanent to APTs, such as disagreement among qualitative expert risk assessments, unknown adversarial incentives and uncertainty about the current system state (in terms of how deeply the attacker may have penetrated into the system's protective shells already). Practically, game-theoretic APT models can be derived straightforwardly from topological vulnerability analysis, together with risk assessments as they are done in common risk management standards like the ISO 31000 family. Theoretically, these models come with different properties than classical game theoretic models, whose technical solution presented in this work may be of independent interest.
••01 Oct 2016
TL;DR: This paper proposes a security architecture intended for use on top of ROS on the application level that uses a dedicated authorization server to ensure that only valid nodes are part of the application.
Abstract: While the topic of security in industrial applications has gained some momentum in recent years, there are still severe security vulnerabilities which are actively exploited for attacks. The robot operating system (ROS) is expected to further grow in usage and to be used in many industrial applications. Analysis, however, shows that it lacks several security enhancements in order to make it suitable for industrial use. In its current state, false data and commands can be injected posing a possible safety risk for the resulting product and humans in the production. In addition, data may be eavesdropped and used by outsiders to gain insight into the production process. In this paper we propose a security architecture intended for use on top of ROS on the application level. We use a dedicated authorization server to ensure that only valid nodes are part of the application. Cryptographic methods ensure data confidentiality and integrity. We show in a demonstration with a collaborative robot how our architecture can be used to secure a ROS-based application.
TL;DR: This article surveys previously applied methods, showing techniques for deploying QKD networks and current challenges of QKKD networking, and focuses on the network aspect by considering network organization, routing and signaling protocols, simulation techniques, and a software-defined QkD networking approach.
Abstract: The convergence of quantum cryptography with applications used in everyday life is a topic drawing attention from the industrial and academic worlds. The development of quantum electronics has led to the practical achievement of quantum devices that are already available on the market and waiting for their first application on a broader scale. A major aspect of quantum cryptography is the methodology of Quantum Key Distribution (QKD), which is used to generate and distribute symmetric cryptographic keys between two geographically separate users using the principles of quantum physics. In previous years, several successful QKD networks have been created to test the implementation and interoperability of different practical solutions. This article surveys previously applied methods, showing techniques for deploying QKD networks and current challenges of QKD networking. Unlike studies focusing on optical channels and optical equipment, this survey focuses on the network aspect by considering network organization, routing and signaling protocols, simulation techniques, and a software-defined QKD networking approach.
••04 Oct 2019
TL;DR: Permission to copy without fee all or part of this material is granted provided that the copies arc not made or distributed for direct commercial advantage.
Abstract: Usually, a proof of a theorem contains more knowledge than the mere fact that the theorem is true. For instance, to prove that a graph is Hamiltonian it suffices to exhibit a Hamiltonian tour in it; however, this seems to contain more knowledge than the single bit Hamiltonian/non-Hamiltonian.In this paper a computational complexity theory of the “knowledge” contained in a proof is developed. Zero-knowledge proofs are defined as those proofs that convey no additional knowledge other than the correctness of the proposition in question. Examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity. These are the first examples of zero-knowledge proofs for languages not known to be efficiently recognizable.
TL;DR: It is shown that the full set of hydromagnetic equations admit five more integrals, besides the energy integral, if dissipative processes are absent, which made it possible to formulate a variational principle for the force-free magnetic fields.
Abstract: where A represents the magnetic vector potential, is an integral of the hydromagnetic equations. This -integral made it possible to formulate a variational principle for the force-free magnetic fields. The integral expresses the fact that motions cannot transform a given field in an entirely arbitrary different field, if the conductivity of the medium isconsidered infinite. In this paper we shall show that the full set of hydromagnetic equations admit five more integrals, besides the energy integral, if dissipative processes are absent. These integrals, as we shall presently verify, are I2 =fbHvdV, (2)
TL;DR: This paper defines and explores proofs of retrievability (PORs), a POR scheme that enables an archive or back-up service to produce a concise proof that a user can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.
Abstract: In this paper, we define and explore proofs of retrievability (PORs). A POR scheme enables an archive or back-up service (prover) to produce a concise proof that a user (verifier) can retrieve a target file F, that is, that the archive retains and reliably transmits file data sufficient for the user to recover F in its entirety.A POR may be viewed as a kind of cryptographic proof of knowledge (POK), but one specially designed to handle a large file (or bitstring) F. We explore POR protocols here in which the communication costs, number of memory accesses for the prover, and storage requirements of the user (verifier) are small parameters essentially independent of the length of F. In addition to proposing new, practical POR constructions, we explore implementation considerations and optimizations that bear on previously explored, related schemes.In a POR, unlike a POK, neither the prover nor the verifier need actually have knowledge of F. PORs give rise to a new and unusual security definition whose formulation is another contribution of our work.We view PORs as an important tool for semi-trusted online archives. Existing cryptographic techniques help users ensure the privacy and integrity of files they retrieve. It is also natural, however, for users to want to verify that archives do not delete or modify files prior to retrieval. The goal of a POR is to accomplish these checks without users having to download the files themselves. A POR can also provide quality-of-service guarantees, i.e., show that a file is retrievable within a certain time bound.
01 Jan 1996
01 Jan 2009