Página 10 dos resultados de 8247 itens digitais encontrados em 0.020 segundos
Resultados filtrados por Publicador: Universidade Cornell

IT Security Plan for Flight Simulation Program

Hood, David; Rahman, Syed Shawon
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 07/11/2011 Português
Relevância na Pesquisa
37.320012%
Information security is one of the most important aspects of technology, we cannot protect the best interests of our organizations' assets (be that personnel, data, or other resources), without ensuring that these assetsare protected to the best of their ability. Within the Defense Department, this is vital to the security of not just those assets but also the national security of the United States. Compromise insecurity could lead severe consequences. However, technology changes so rapidly that change has to be made to reflect these changes with security in mind. This article outlines a growing technological change (virtualization and cloud computing), and how to properly address IT security concerns within an operating environment. By leveraging a series of encrypted physical and virtual systems, andnetwork isolation measures, this paper delivered a secured high performance computing environment that efficiently utilized computing resources, reduced overall computer processing costs, and ensures confidentiality, integrity, and availability of systems within the operating environment.; Comment: 24 pages

From Qualitative to Quantitative Proofs of Security Properties Using First-Order Conditional Logic

Halpern, Joseph Y.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 14/04/2008 Português
Relevância na Pesquisa
37.307283%
A first-order conditional logic is considered, with semantics given by a variant of epsilon-semantics, where p -> q means that Pr(q | p) approaches 1 super-polynomially --faster than any inverse polynomial. This type of convergence is needed for reasoning about security protocols. A complete axiomatization is provided for this semantics, and it is shown how a qualitative proof of the correctness of a security protocol can be automatically converted to a quantitative proof appropriate for reasoning about concrete security.

Chaotic iterations versus Spread-spectrum: topological-security and stego-security

Guyeux, Christophe; Friot, Nicolas; Bahi, Jacques M.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 16/12/2011 Português
Relevância na Pesquisa
37.292031%
A new framework for information hiding security, called topological-security, has been proposed in a previous study. It is based on the evaluation of unpredictability of the scheme, whereas existing notions of security, as stego-security, are more linked to information leaks. It has been proven that spread-spectrum techniques, a well-known stego-secure scheme, are topologically-secure too. In this paper, the links between the two notions of security is deepened and the usability of topological-security is clarified, by presenting a novel data hiding scheme that is twice stego and topological-secure. This last scheme has better scores than spread-spectrum when evaluating qualitative and quantitative topological-security properties. Incidentally, this result shows that the new framework for security tends to improve the ability to compare data hiding scheme.; Comment: 2 figures; 10 pages; IIH-MSP 2010: The Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, October 15-17, 2010 Darmstadt, Germany

Security Formalizations and Their Relationships for Encryption and Key Agreement in Information-Theoretic Cryptography

Iwamoto, Mitsugu; Ohta, Kazuo; Shikata, Junji
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 05/10/2014 Português
Relevância na Pesquisa
37.292031%
This paper revisits formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols which are very fundamental primitives in cryptography. In general, we can formalize information-theoretic security in various ways: some of them can be formalized as stand-alone security by extending (or relaxing) Shannon's perfect secrecy or by other ways such as semantic security; some of them can be done based on composable security. Then, a natural question about this is: what is the gap between the formalizations? To answer the question, we investigate relationships between several formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols. Specifically, for symmetric-key encryption protocols in a general setting including the case where there exist decryption-errors, we deal with the following formalizations of security: formalizations extended (or relaxed) from Shannon's perfect secrecy by using mutual information and statistical distance; information-theoretic analogues of indistinguishability and semantic security by Goldwasser and Micali; and composable security by Maurer et al. and Canetti. Then, we explicitly show the equivalence and non-equivalence between those formalizations. Under the model...

Multidefender Security Games

Lou, Jian; Smith, Andrew M.; Vorobeychik, Yevgeniy
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 28/05/2015 Português
Relevância na Pesquisa
37.320012%
Stackelberg security game models and associated computational tools have seen deployment in a number of high-consequence security settings, such as LAX canine patrols and Federal Air Marshal Service. These models focus on isolated systems with only one defender, despite being part of a more complex system with multiple players. Furthermore, many real systems such as transportation networks and the power grid exhibit interdependencies between targets and, consequently, between decision makers jointly charged with protecting them. To understand such multidefender strategic interactions present in security, we investigate game theoretic models of security games with multiple defenders. Unlike most prior analysis, we focus on the situations in which each defender must protect multiple targets, so that even a single defender's best response decision is, in general, highly non-trivial. We start with an analytical investigation of multidefender security games with independent targets, offering an equilibrium and price-of-anarchy analysis of three models with increasing generality. In all models, we find that defenders have the incentive to over-protect targets, at times significantly. Additionally, in the simpler models, we find that the price of anarchy is unbounded...

Predictive Cyber-security Analytics Framework: A non-homogenous Markov model for Security Quantification

Abraham, Subil; Nair, Suku
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 08/01/2015 Português
Relevância na Pesquisa
37.304653%
Numerous security metrics have been proposed in the past for protecting computer networks. However we still lack effective techniques to accurately measure the predictive security risk of an enterprise taking into account the dynamic attributes associated with vulnerabilities that can change over time. In this paper we present a stochastic security framework for obtaining quantitative measures of security using attack graphs. Our model is novel as existing research in attack graph analysis do not consider the temporal aspects associated with the vulnerabilities, such as the availability of exploits and patches which can affect the overall network security based on how the vulnerabilities are interconnected and leveraged to compromise the system. Gaining a better understanding of the relationship between vulnerabilities and their lifecycle events can provide security practitioners a better understanding of their state of security. In order to have a more realistic representation of how the security state of the network would vary over time, a nonhomogeneous model is developed which incorporates a time dependent covariate, namely the vulnerability age. The daily transition-probability matrices are estimated using Frei's Vulnerability Lifecycle model. We also leverage the trusted CVSS metric domain to analyze how the total exploitability and impact measures evolve over a time period for a given network.; Comment: 16 pages...

A Supervisory Control Approach to Dynamic Cyber-Security

Rasouli, Mohammad; Miehling, Erik; Teneketzis, Demosthenis
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
37.307283%
An analytical approach for a dynamic cyber-security problem that captures progressive attacks to a computer network is presented. We formulate the dynamic security problem from the defender's point of view as a supervisory control problem with imperfect information, modeling the computer network's operation by a discrete event system. We consider a min-max performance criterion and use dynamic programming to determine, within a restricted set of policies, an optimal policy for the defender. We study and interpret the behavior of this optimal policy as we vary certain parameters of the supervisory control problem.; Comment: 19 pages, 4 figures, GameSec 2014 (Conference on Decision and Game Theory for Security)

Picking vs. Guessing Secrets: A Game-Theoretic Analysis (Technical Report)

Khouzani, MHR; Mardziel, Piotr; Cid, Carlos; Srivatsa, Mudhakar
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 09/05/2015 Português
Relevância na Pesquisa
37.307283%
Choosing a hard-to-guess secret is a prerequisite in many security applications. Whether it is a password for user authentication or a secret key for a cryptographic primitive, picking it requires the user to trade-off usability costs with resistance against an adversary: a simple password is easier to remember but is also easier to guess; likewise, a shorter cryptographic key may require fewer computational and storage resources but it is also easier to attack. A fundamental question is how one can optimally resolve this trade-off. A big challenge is the fact that an adversary can also utilize the knowledge of such usability vs. security trade-offs to strengthen its attack. In this paper, we propose a game-theoretic framework for analyzing the optimal trade-offs in the face of strategic adversaries. We consider two types of adversaries: those limited in their number of tries, and those that are ruled by the cost of making individual guesses. For each type, we derive the mutually-optimal decisions as Nash Equilibria, the strategically pessimistic decisions as maximin, and optimal commitments as Strong Stackelberg Equilibria of the game. We establish that when the adversaries are faced with a capped number of guesses, the user's optimal trade-off is a uniform randomization over a subset of the secret domain. On the other hand...

A Survey on Cloud Security Issues and Techniques

Sharma, Shubhanjali; Gupta, Garima; Laxmi, P. R.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 22/03/2014 Português
Relevância na Pesquisa
37.320012%
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of resources and services that are offered by the network or internet. Cloud computing extends various computing techniques like grid computing, distributed computing. Today cloud computing is used in both industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As the field of cloud computing is spreading the new techniques are developing. This increase in cloud computing environment also increases security challenges for cloud developers. Users of cloud save their data in the cloud hence the lack of security in cloud can lose the users trust. In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy, elasticity, availability etc. The paper also discuss existing security techniques and approaches for a secure cloud. This paper will enable researchers and professionals to know about different security threats and models and tools proposed.; Comment: 8 pages, 5 figures, SCNDS Ajmer

Security Through Entertainment: Experiences Using a Memory Game for Secure Device Pairing

Gallego, Alexander; Saxena, Nitesh; Voris, Jonathan
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
37.307283%
The secure "pairing" of wireless devices based on auxiliary or out-of-band (OOB) communication, such as audio, visual, or tactile channels, is a well-established research direction. However, prior work shows that this approach to pairing can be prone to human errors of different forms that may directly or indirectly translate into man-in-the-middle attacks. To address this problem, we propose a general direction of the use of computer games for pairing. Since games are a popular means of entertainment, our hypothesis is that they may serve as an incentive to users and make the pairing process enjoyable for them, thus improving the usability, as well as the security, of the pairing process. We consider an emerging use case of pairing whereby two different users are involved, each in possession of his or her own device (e.g., Alice and Bob pairing their smartphones for social interactions). We develop "Alice Says," a pairing game based on a popular memory game called Simon (Says), and discuss the underlying design challenges. We also present a preliminary evaluation of Alice Says via a usability study and demonstrate its feasibility in terms of usability and security. Our results indicate that overall Alice Says was deemed as a fun and an enjoyable way to pair devices...

Stochastic Games for Security in Networks with Interdependent Nodes

Nguyen, Kien C.; Alpcan, Tansu; Basar, Tamer
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 11/03/2010 Português
Relevância na Pesquisa
37.307283%
This paper studies a stochastic game theoretic approach to security and intrusion detection in communication and computer networks. Specifically, an Attacker and a Defender take part in a two-player game over a network of nodes whose security assets and vulnerabilities are correlated. Such a network can be modeled using weighted directed graphs with the edges representing the influence among the nodes. The game can be formulated as a non-cooperative zero-sum or nonzero-sum stochastic game. However, due to correlation among the nodes, if some nodes are compromised, the effective security assets and vulnerabilities of the remaining ones will not stay the same in general, which leads to complex system dynamics. We examine existence, uniqueness, and structure of the solution and also provide numerical examples to illustrate our model.

Security in Monitoring Schemes: A Survey

Vaibhav, Atul
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 19/11/2014 Português
Relevância na Pesquisa
37.320012%
With our growing reliability on distributed networks, the security aspect of such networks becomes of prime importance. In large scale distributed networks it becomes cardinal to have an efficient and effective monitoring scheme. The monitoring schemes supervise the node behaviour in the network and look out for any discrepancy. Monitoring schemes comprise of monitoring components that work together to help schemes in meeting various security requirement parameters for the networks. These security parameters are breached via various attacks by manipulation of monitoring components of particular monitoring schemes to produce faulty results and thereby reducing efficiency of networks, reliability and security. In this paper we have discussed these components of monitoring, multiple monitoring schemes, their security parameters and various types of attacks possible on these monitoring components by manipulating assumptions of monitoring schemes.; Comment: Attacks, Monitoring Schemes, Aggregation, Analysis, Dissemination, Gossip, Tree, Hybrid, Distributed Networks

Semantic Matching of Security Policies to Support Security Experts

Benammar, Othman; Elasri, Hicham; Sekkaki, Abderrahim
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 28/03/2013 Português
Relevância na Pesquisa
37.304653%
Management of security policies has become increasingly difficult given the number of domains to manage, taken into consideration their extent and their complexity. Security experts has to deal with a variety of frameworks and specification languages used in different domains that may belong to any Cloud Computing or Distributed Systems. This wealth of frameworks and languages make the management task and the interpretation of the security policies so difficult. Each approach provides its own conflict management method or tool, the security expert will be forced to manage all these tools, which makes the field maintenance and time consuming expensive. In order to hide this complexity and to facilitate some security experts tasks and automate the others, we propose a security policies aligning based on ontologies process; this process enables to detect and resolve security policies conflicts and to support security experts in managing tasks.; Comment: SECURWARE 2012 : The Sixth International Conference on Emerging Security Information, Systems and Technologies