Visible to the public Biblio

Filters: Author is Ngamsuriyaroj, Sudsanguan  [Clear All Filters]
PONGSRISOMCHAI, Sutthinee, Ngamsuriyaroj, Sudsanguan.  2019.  Automated IT Audit of Windows Server Access Control. 2019 21st International Conference on Advanced Communication Technology (ICACT). :539–544.

To protect sensitive information of an organization, we need to have proper access controls since several data breach incidents were happened because of broken access controls. Normally, the IT auditing process would be used to identify security weaknesses and should be able to detect any potential access control violations in advance. However, most auditing processes are done manually and not performed consistently since lots of resources are required; thus, the auditing is performed for quality assurance purposes only. This paper proposes an automated process to audit the access controls on the Windows server operating system. We define the audit checklist and use the controls defined in ISO/IEC 27002:2013 as a guideline for identifying audit objectives. In addition, an automated audit tool is developed for checking security controls against defined security policies. The results of auditing are the list of automatically generated passed and failed policies. If the auditing is done consistently and automatically, the intrusion incidents could be detected earlier and essential damages could be prevented. Eventually, it would help increase the reliability of the system.

Chaiphet, Chiraphat, Ngamsuriyaroj, Sudsanguan, Awad, Ahmed, Jacob, Betran, Gakos, Ioannis, Grajkowski, Wiktor.  2017.  Secure Enclave for TLS Web Server on Untrusted Environment. Proceedings of the 2017 the 7th International Conference on Communication and Network Security. :27–31.
Web servers use SSL/TLS to establish secure communication between clients and servers. The mechanism of SSL/TLS relies on a key pair to validate the server and to protect the confidentiality of the data. However, many websites are running on third-party servers or on cloud environments where website owners have no control over the physical servers or the software including the operating systems but still need to trust and store the private key on the servers. While it is common to store the encrypted key on the disk, the web server still need a decrypted key inside the memory during the operation. Thus, an adversary could obtain the private key residing on the web server's memory. In this paper, we propose a secure enclave for a web server running the high privilege code that handles the secret keys inside an encrypted memory area by utilizing Intel Software Guard Extension (SGX) whereas other components of the web server outside the trusted computing base are left intact. The experimental results show 19% to 38% implementation overhead depending on which cipher suite is used and how a session key is handled.