Showing papers presented at "International Conference on Emerging Security Information, Systems and Technologies in 2007"

A Survey of User-centric Identity Management Technologies

Abstract: Computing anytime anywhere is more and more the rule. In this ambient intelligent world, the choice of identity mechanisms will have a large impact on its social, cultural, business and political aspects. Privacy is a human need and the whole of society would suffer from its demise. Moreover, people have a hectic life and cannot spend their time administering their digital identities. In this paper, we survey how the requirements for identity management have evolved, and their associated technologies, with emphasis on the federated approaches and user-centricity.

Distributed Identity Management Model for Digital Ecosystems

Abstract: Digital ecosystems is the new paradigm for dynamic IT business integration. A digital ecosystem consists of institutions that compete, collaborate, and form stable or unstable federations. Such a dynamic environment becomes a bottleneck for identity management solutions. Existing solutions are either too restricting and not flexible enough to support the dynamic nature of ecosystems or they are too complex and difficult to adopt by small and medium-size enterprises (SMEs). This paper presents an identity management model for automated processing of identity information between distributed ecosystem partners. The model emphasizes on its practical, clear and easy to deploy framework. The model is based on the new OASIS SAML standard to provide interoperability and convergence between existing identity technologies. The paper presents the basic and extended identity models for single services and service compositions. The aim of this research is to allow SMEs to use and enhance their current identity technology with a practical and easy to implement identity management solution that scales up to the dynamic and distributed nature of digital ecosystems.

Automatic Configuration of Ad-Hoc Networks: Establishing unique IP Link-Local Addresses

Abstract: One of the main problems when configuring ad-hoc networks is that with these networks don't have a central server with all the information of the network. If a new user wants to form part of a network must configure his device firstly. On the one hand, in this article we make an analysis of the different proposals for the configuration of ad-hoc networks presented on the bibliography consulted. On the other hand, we propose a distributed protocol to network data configuration based on the use of diffusion tools (multicast/broadcast) and where the user's intervention isn 't necessary. The protocol proposed focus on IPv4 link-local addresses configuration to let the creation of MANETs (Mobile Ad hoc Networks). What's more, this protocol will be able to be also used to make both IPv6 link-local addresses configuration and other needed ad hoc networks parameters configuration.

Chaos-Based Cryptography: End of the Road?

Abstract: Chaos-based cryptography emerged in the early 1990s as an innovative application of nonlinear dynamics in the chaotic regime. Even if in theory chaotic dynamics was thought to evolve into a new revolution in cryptography, in real-life an efficient and reliable chaos-based cryptosystem didn't emerge. The main but not the only reason is the dynamic degradation of digital chaotic systems, a subject that became very popular in the last few years. This paper presents a new theoretical background related to this issue that proves the inefficiency of chaos-based encryption algorithms. Even more, in one of the two relevant case studies presented, another myth is demolished: the analog encryption base on synchronized chaos.

A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments

Abstract: A man-in-the-middle (MitM) attack is, in the scope of a LAN, a technique where an attacker is able to redirect all traffic between two hosts of that same LAN for packet sniffing or data manipulation, without the end hosts being aware of it. Usually these attacks exploit security flaws in the implementation of the ARP protocol at hosts. Up to now, detecting such attacks required setting up a machine with special-purpose software for this task. As an additional problem, few intrusion detection systems (IDS) are able to prevent MitM attacks. In this work we present a low-cost embedded IDS which, when plugged into a switch or hub, is able to detect and/or prevent MitM attacks automatically and efficiently. Since our system is limited to a micro-controller and a network interface, it can be produced at a very low cost, which is attractive for large scale production and deployment.

Formal Verification of Business Workflows and Role Based Access Control Systems

Abstract: An approach for combined modeling of role-based access control systems (RBAC) together with business workflows is presented. The model allows to model check various security properties. Several techniques to confine the state explosion, which may occur during model checking are presented and experimentally evaluated using the model checker Spin. The techniques allow the verification of the business workflow and associated RBAC for a reasonable number of users of a medium sized company.

Motivation for Behaviour-Based DNS Security: A Taxonomy of DNS-Related Internet Threats

Abstract: The Domain Name System is the largest distributed system in operation today and a critical infrastructure component that can be regarded as one nervous system of the current Internet. Because of its critical role DNS is involved in manifold Internet attacks both against the system itself or other Internet hosts. This paper presents an exhaustive analysis of Internet threats involving the DNS classifying them in three categories: name server vulnerabilities, authenticity and integrity attacks, and consumption attacks. Attacks consuming Internet infrastructure resources are inadequately addressed today and from a network operator perspective they remain the major operational security issue. We show that many consumption attacks cause anomalies in DNS traffic, which implies that behaviour-based security on the name servers is a promising research area against this class of Internet attacks.

A fast and elastic fingerprint matching algorithm using minutiae-centered circular regions

Abstract: Reliably and fast matching fingerprints is still a challenging problem in a fingerprint verification system. This paper proposes a minutiae matching algorithm that uses minutiae-centered circular regions to help ensure the speed of matching and the robustness to non-linear distortion. In our method, a circular region is constructed around each minutia, which can be regarded as a secondary feature. Using the constructed regions, the proposed algorithm can find matched minutiae more rapidly via regional matching. Since each minutia's region is formed from only a small area of the fingerprint, our algorithm is more tolerant to non-linear distortion when compared to global matching approaches. On the other hand, the area of the constructed region is much larger than that of local neighborhood in local matching approaches, which means that circular region, including a larger subnet of minutiae, is more reliable and distinct feature. Experiment results show our algorithm 's good performance on processing speed and accuracy.

Increasing Detection Rate of User-to-Root Attacks Using Genetic Algorithms

Abstract: An extensive set of machine learning and pattern classification techniques trained and tested on KDD dataset failed in detecting most of the user-to-root attacks. This paper aims to provide an approach for mitigating negative aspects of the mentioned dataset, which led to low detection rates. Genetic algorithm is employed to implement rules for detecting various types of attacks. Rules are formed of the features of the dataset identified as the most important ones for each attack type. In this way we introduce high level of generality and thus achieve high detection rates, but also gain high reduction of the system training time. Thenceforth we re-check the decision of the user-to- root rules with the rules that detect other types of attacks. In this way we decrease the false-positive rate. The model was verified on KDD 99, demonstrating higher detection rates than those reported by the state- of-the-art while maintaining low false-positive rate.

Towards a Comprehensive View of Secure Software Engineering

Abstract: Secure software engineering is a big challenge. This is mainly due to the increasing complexity, openness and extensibility of modern applications, which make a complete analysis of security requirements very hard. The overall problem space is consequently no longer easily comprehensible for developers. This paper is an attempt to explore some of these issues underlying secure software engineering. We propose a secure software engineering framework, which suggests considering secure software engineering along four different, but complementary, views. Each view is capturing a particular relevant aspect of secure software engineering. Our motivations for developing this framework are to: (a) help understand and clarify the secure software engineering domain, (b) guide in classifying and comparing both secure software and securing approaches and (c) help researchers to identify new research axes.

AmTRUE: Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment

Abstract: This paper proposes a hybrid model of an authentication technique and a role based access control (RBAC) based on X.509 public key certificate and attribute certificate. With attribute certificate the user role is bound to an identity of the public key certificate in which the permissions are assigned to the holder. A mapping model of RBAC authorization and authentication is presented. In addition, we also deal with the issue of system service disruption and recovery as well as an activity-based policy. With our proposed model, the full authentication, authorization, and accountability (AAA) are supported. We apply the multi agent system concept to facilitate the authentication and the authorization based on the PKI infrastructure. Finally, the project called AmTRUE (authentication management and trusted role-based authorization in multi-application and multi-user environment) has been developed to implement our research idea.

A Proposal to Improve IKEv2 negotiation

Abstract: IKEv2 is a new key exchange protocol in the IPsec network and IKEv2 includes a method to detect when it is under denial-of-service (DoS) attack. In case IKEv2 is not under DoS attack it can use initial exchange, but when IKEv2 is under DoS attack cookie negotiation may be used. Cookie negotiation adds an extra round trip to the initial exchange, and protection that is easy to pass by. The resistance to DoS attacks is actually weaker in IKEv2 than in JFK or full-SIGMA in different networks. This paper presents improved cookie negotiation to remedy this weakness. The proposed cookie negotiation delays the responder's calculation work to the last second and computational load is kept as low as possible.

Migrating a HoneyDepot to Hardware

Abstract: A honeypot apparatus, as a perspective security technology has proven itself worth deploying by various malicious records made. The next step in deploying the technology can be an independent hardware device with the incorporated honeypot behaviour. Such a solution would bring an ease in deployment together with a high throughput it would be able to support to the area of network auditing and monitoring. Initial investigation and implementation steps have been conducted. A flexible base for a honeypot platform intended to be implemented on a modern field programmable gate array device, as a potential destination technology, has been developed. Correspondent results with a relevant set of details are being presented together with future perspectives and further investigation and deployment potential. No similar attempts have been documented.

Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

Abstract: In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to explicitly link security requirements with the organization's business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance. We validate our approach by way of a focus group session.

Classification of Privacy Enhancing Technologies on Life-cycle of Information

Abstract: Recently, studies on privacy enhancing technologies have been actively carried out, as the importance of enterprise information, as well as privacy information, is becoming increasingly emphasized. Several organizations and enterprises have been conducting researches sporadically on privacy information technology. However, concept of privacy enhancing technology is not defined yet and there is no particular technology but P3P so far. Therefore, this paper provide classification mythology of privacy enhancing technology based on privacy information life-cycle. Privacy enhancing technology are classified into 3 technologies, which are operation technology, common based technology and policy/management technology. This technological classification can be break down more specifically by privacy information life cycle.

A Scheme for Protecting the Information Leakage Via Portable Devices

Abstract: Information leakage from corporate computer systems is a big social problem in terms of the protection of corporate assets and customers' privacy. Digital assets are usually brought out of companies with the portable devices such as USB memory sticks, PDAs, and laptop PCs. This paper proposes a scheme that protects the information leakage via portable devices so that the access to sensitive files on a storage device attached to a computing device is allowed only when the latter is located inside the company and is connected to the company's network. To detect this, we use the IP addresses of the company and the computing device, but also a challenge-response authentication protocol to prevent such attacks that simulate the company's system to camouflage the computing device's location.

Trustworthily Forwarding Sensor Networks Information to the Internet

Abstract: The Internet is soon going to be extended with the information collected from sensor networks deployed in wild remote regions of the world. For example, sensors may be dispersed in the jungle and forward information about the sensed states of the natural ecosystem, such as, humidity, fire detection... However, it is still quite easy for attackers to disconnect the sensors network from the Internet. For example, the sensors usually forward their messages to a base station, the Internet gateway, in a hop-by-hop fashion because they are resource-constrained in terms of energy, the spending of energy dramatically increases with the range of transmission and the attackers may capture intermediate sensors and drop messages rather than forwarding them. In this paper we study how computational trust can be used to mitigate the issue of sinkhole attacks and evaluate our approach on top of the MIX protocol.

A Software Architecture for Automatic Security Policy Enforcement in Distributed Systems

Abstract: Policies, which are widely deployed in networking services (e.g., management, QoS, mobility, etc.), are a promising solution for securing wide distributed systems. However, the adoption of a policy-based approach for security requires an appropriate policy specification and enforcement tools. In fact, A long-standing problem in distributed systems security is how to specify and enforce correctly security policies. In this paper, we mainly focus on how to systematically specify correct policies instead of manually configuring them and how to automatically enforce security policies in distributed systems. A software engineering approach is presented to overcome these issues. This approach is based on design and developpement of a software architecture to automating definition and enforcing policies. I. Introduction

Data Preparation for User Profiling from Traffic Log

Abstract: This paper presents our current work on traffic log processing. Our goal is to find an approach to modeling user behaviour based on their behavioural patterns. Since the amount of input data we have is really large, effective preprocessing is crucial for the profiling to provide significant results. This paper presents our approach to restricting the input data with respect to its relevance. We use histogram clustering to identify sets of users with similar frequencies of communication; entropy and TF-IDF (term frequency - inverse document frequency) help to select destinations that are relevant for a given set of users. The main profiling is done with preprocessed data and our experiments show that this approach to restricting the input has a positive impact on the significance of results.

Identity-Based Cryptosystems for Enhanced Deployment of OSGi Bundles

Abstract: The OSGi platform is designed to make Java software extensible at runtime. This undeniably presents a great interest in several domains like embedded platforms or enterprise application servers. However, securing the deployment of the OSGi components, or bundles, proves to be a major challenge. The current approach consists in digitally signing the bundles and certifying the signature through a public key infrastructure (PKI). We propose to replace this technology with an identity-based cryptosystem, which provides both better performances and simplified key management. We present an infrastructure for initialization and use of identity-based cryptography, and define the digital signature of bundles using such a cryptographic scheme. Based on our implementation, we provide a comparison between classical PKI management and identity-based PKI management. The proposed approach proves to support radical improvement in the key management process, especially in strongly asymmetric system such as OSGi-based home gateway, where a few providers publish services for millions of potential users.

Semantically supported Authentication and Privacy in Social Networks

Abstract: Service access in a ubiquitous computing and pervasive Internet environment has reached a new dimension. It is not longer a question of enabling services for customers, but to design a convenient and trusted service usage. While semantic services open for a description of user preferences, profiles and social groups, privacy handling is not addressed so far. Social communities based on friend of a friend (foaf) principles, Linkedln, or Facebook are open for all registered users, thus data about yourself are spread all-around. This paper presents an architecture to enable social networks to enable privacy, based on the identity of the user. Focus is on the semantic description of user's role in social networks and on securing the access through appropriate authentication mechanisms. Depending on the security requirements of the user, Internet trust mechanisms or mobile-based key exchange mechanisms can be applied. The user-centric approach will enable the user to select an identity provider for the trusted management. A prototype using semantically defined social relationships demonstrates the capabilities of the suggested approach.

A Formal Approach to prevent Attacks on Mobile Agent Systems

Abstract: One of the most important issues in mobile agent systems is the security aspect. For the purpose of ensuring security, we provide in this paper a formal model for secure mobile agent system. This model supports the specification of numerous security policy types which control the behaviour of system entities and protect them, as far as possible, from attacks that may occur. In order to verify whether a security policy could overcome a given kind of attack, we present a formal approach to this end. Thus, we propose a precise and formal representation of possible attacks that may occur in a mobile agent systems. According to this representation, we define a set of proved theorems which describe under what conditions a policy succeeds to prevent those attacks. The proposed specifications have been formalized using Z notation and checked using the Z-EVES tool.

Temporal Verification in Secure Group Communication System Design

Abstract: The paper discusses an experience in using a realtime UML/SysML profile and a formal verification toolkit to check a secure group communication system against temporal requirements. A generic framework is proposed and specialized for hierarchical groups.

Robust sensor self-initialization: Whispering to avoid intruders

Abstract: Wireless sensor networks (WSN) are becoming bigger and with this growth comes the need for new automatic mechanisms for initializations done by hand. One of those mechanisms is the assignment of addresses to nodes. Several solutions were already proposed for mobile ad-hoc networks but they either: i) do not scale well for WSM; ii) have no energy constraints; iii) have no security considerations; iv) or have no mechanisms to handle fusion of network partitions. We proposed a self-stabilizing address self-assignment protocol which: uses an improved version of a flood control mechanism to minimize the energy spent; and uses a technique named whispering to achieve robustness against malicious nodes.

Dynamic environment evaluation for reliable AmI applications based on untrusted sensor

Abstract: This paper evaluates the cost of encrypted communications for wireless sensor networks with tight resource constraints. We demonstrate that software encryption (3DES, AES, and Blowfish are evaluated) is not generally affordable, and therefore the whole system architecture should take into account that sensor data is not to be trusted. We propose a dynamic environment evaluation strategy for decision making in Ami applications, based on dynamic trusting levels of the sensor objects and documented decision chains.

Long-term storage and management of encrypted biomedical data in real scenarios

Abstract: This paper emphasizes the development and application of technologies to effective guarantying the confidentiality and integrity of patient data in Grid-enabled biomedical applications. By strongly focusing on the interaction between security technologies and the human environment, this paper relates the experience of developing a model for the storage and management of encrypted medical data in the Grid. The ideas and concepts behind the proposed solution are briefly explained, as well as the components implementing the model in an OGSA compliant architecture. TRENCADIS, a project for managing DICOM structured reporting objects for use in a Valencian cyberinfrastructure for medical imaging in oncology (CVIMO), is currently adopting the architecture as a core component.

Route Investigation for Secure Routing in Mobile Ad-hoc Networks

Abstract: Secure routing protocols in mobile ad-hoc networks (MANET) have been extensively studied in recent years. Most routing protocol, however, are based on authentication, cryptographic schemes, security association and key distribution and so on. In this paper, we propose an enhanced MANET routing protocol, which prevents security threats, especially by employing route investigation. When an intermediate node that is on a path between source and destination receives two types of control messages (RREP and RERR), the intermediate node sends them to the source in pure AODV. However, in our method, the node which receives the control messages confirms it using route investigation request (IREQ) and route investigation reply (IREP). Through this investigation procedure, we can gain reliability of path for transmitting data packets in MANET. Simulation results show considerable improvement in the packet delivery ratio and the end-to-end latency at the expense of the moderate increase of control message overhead.

Four security certification levels for IT Managers and Staff in the Public Sector

Abstract: The iSCAN (Improving Skills, Competencies, and Professional Qualifications in the area of Network Information Security for IT Managers and Staff in the Public Sector) project's main objective is to address the current and anticipated skills shortage in the ICT industry in Europe and promote the transferability and recognition of competences and qualifications in the IT security field in Europe by developing new standards and measures. To this end, iSCAN will develop a certification standard with a view to enhance skills and competencies in latest IT security issues of IT managers in public organizations.

SemID: Combining Semantics with Identity Management

Abstract: The need for information security and privacy in today's connected systems is overwhelming. In this paper, we focus on the identity management in corporate environment to access various project resources. Capabilities of semantic web technology facilitate the development of proposed SemID ontology that formally represents the identity management domain. It contains roles, policies and rules to control access to resources and to ensure privacy. A use case scenario of project oriented corporate working environment is introduced and then modeled using Protege ontology editor platform.

Security made easy: Achieving user-friendly communication protection in ad-hoc situations

Abstract: Mobile applications dealing with ad-hoc situations do have their own challenges such as a reasonable short time for interaction and limitations of available technology. A secure yet user-friendly solution for protecting wireless communication therefore is a service enabler for mobile business. This paper discusses the drawbacks of existing security concepts and proposes a framework on application level to help developers improving user acceptance. Additionally, we present the evaluation results of the prototype which leverages the user's common spatial context by integrating him into the device authentication process.