Visible to the public Biblio

Found 1728 results

Filters: Keyword is resilience  [Clear All Filters]
2019-09-11
Ren, Yidan, Zhu, Zhengzhou, Chen, Xiangzhou, Ding, Huixia, Zhang, Geng.  2018.  Research on Defect Detection Technology of Trusted Behavior Decision Tree Based on Intelligent Data Semantic Analysis of Massive Data. Proceedings of the 10th International Conference on Computer Modeling and Simulation. :168–175.

With the rapid development of information technology, software systems' scales and complexity are showing a trend of expansion. The users' needs for the software security, software security reliability and software stability are growing increasingly. At present, the industry has applied machine learning methods to the fields of defect detection to repair and improve software defects through the massive data intelligent semantic analysis or code scanning. The model in machine learning is faced with big difficulty of model building, understanding, and the poor visualization in the field of traditional software defect detection. In view of the above problems, we present a point of view that intelligent semantic analysis technology based on massive data, and using the trusted behavior decision tree model to analyze the soft behavior by layered detection technology. At the same time, it is equipped related test environment to compare the tested software. The result shows that the defect detection technology based on intelligent semantic analysis of massive data is superior to other techniques at the cost of building time and error reported ratio.

Khuchit, Uyangaa, Bai, Yonghong, Wu, Liji, Zhang, Xiangmin.  2018.  An Improved Cross-Coupled NAND Gates PUF for Bank IC Card. Proceedings of the 2Nd International Conference on Cryptography, Security and Privacy. :150–153.

This paper presents some verifications and improved considerations of NAND PUF, which was introduced recently [1]. For embedded system such as IC cards, the secret data in memory is vulnerable, so it has to be encrypted and secured. PUF circuit is sensitive to environmental condition, especially in the temperature range influences and variations of current and voltages. This proposed bank IC card would be operated in AB class standard, i.e. voltage would be constant except for power mode changing. Nevertheless, operational temperatures may vary such as the situation of outdoor ATM. Thus, this paper presented some results of our PUF work in Cadence, also on FPGA board. Around 5ns is spent for stabilization of our PUF output that is under variance temperature when power mode changes. Inter Hamming distances is 48.9%, very near to uniqueness and robustness value, that our PUF is feasible to use in bankcard. The maximum error rates are HDintra(0$^\circ$C) = 3.9961 and HDintra(80$^\circ$C) = 3.9916 where at antipoles, while the minimum error rate is HDintra(20$^\circ$C) = 2.9 at room temperature. For improvement, Repetition, LDPC and SEC-DED codes are considered that would eliminate error rates.

Wang, L., Wang, D., Gao, J., Huo, C., Bai, H., Yuan, J..  2019.  Research on Multi-Source Data Security Protection of Smart Grid Based on Quantum Key Combination. 2019 IEEE 4th International Conference on Cloud Computing and Big Data Analysis (ICCCBDA). :449–453.

Power communication network is an important infrastructure of power system. For a large number of widely distributed business terminals and communication terminals. The data protection is related to the safe and stable operation of the whole power grid. How to solve the problem that lots of nodes need a large number of keys and avoid the situation that these nodes cannot exchange information safely because of the lack of keys. In order to solve the problem, this paper proposed a segmentation and combination technology based on quantum key to extend the limited key. The basic idea was to obtain a division scheme according to different conditions, and divide a key into several different sub-keys, and then combine these key segments to generate new keys and distribute them to different terminals in the system. Sufficient keys were beneficial to key updating, and could effectively enhance the ability of communication system to resist damage and intrusion. Through the analysis and calculation, the validity of this method in the use of limited quantum keys to achieve the business data secure transmission of a large number of terminal was further verified.

Xi, W., Suo, S., Cai, T., Jian, G., Yao, H., Fan, L..  2019.  A Design and Implementation Method of IPSec Security Chip for Power Distribution Network System Based on National Cryptographic Algorithms. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :2307–2310.

The target of security protection of the power distribution automation system (the distribution system for short) is to ensure the security of communication between the distribution terminal (terminal for short) and the distribution master station (master system for short). The encryption and authentication gateway (VPN gateway for short) for distribution system enhances the network layer communication security between the terminal and the VPN gateway. The distribution application layer encryption authentication device (master cipher machine for short) ensures the confidentiality and integrity of data transmission in application layer, and realizes the identity authentication between the master station and the terminal. All these measures are used to prevent malicious damage and attack to the master system by forging terminal identity, replay attack and other illegal operations, in order to prevent the resulting distribution network system accidents. Based on the security protection scheme of the power distribution automation system, this paper carries out the development of multi-chip encapsulation, develops IPSec Protocols software within the security chip, and realizes dual encryption and authentication function in IP layer and application layer supporting the national cryptographic algorithm.

Duncan, A., Jiang, L., Swany, M..  2018.  Repurposing SoC Analog Circuitry for Additional COTS Hardware Security. 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :201–204.

This paper introduces a new methodology to generate additional hardware security in commercial off-the-shelf (COTS) system-on-a-chip (SoC) integrated circuits (ICs) that have already been fabricated and packaged. On-chip analog hardware blocks such as analog to digital converters (ADCs), digital to analog converters (DACs) and comparators residing within an SoC are repurposed and connected to one another to generate unique physically unclonable function (PUF) responses. The PUF responses are digitized and processed on-chip to create keys for use in encryption and device authentication activities. Key generation and processing algorithms are presented that minimize the effects of voltage and temperature fluctuations to maximize the repeatability of a key within a device. Experimental results utilizing multiple on-chip analog blocks inside a common COTS microcontroller show reliable key generation with minimal overhead.

Yin, Z., Dou, S., Bai, H., Hou, Y..  2019.  Light-Weighted Security Access Scheme of Broadband Power Line Communications for Multi-Source Information Collection. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1087–1090.

With the continuously development of smart meter-reading technologies for decades, remote information collection of electricity, water, gas and heat meters have been realized. Due to the difference of electrical interfaces and communication protocols among various types of meters, communication modes of meter terminals are not so compatible, it is difficult to realize communication optimization of electricity, water, gas and heat meters information collection services. In addition, with the development of power consumption information acquisition system, the number of acquisition terminals soars greatly and the data of terminal access is highly concurrent. Therefore, the risk of security access is increasing. This paper presents a light-weighted security access scheme of power line communication based on multi-source data acquisition of electricity, water, gas and heat meters, which separates multi-source data acquisition services and achieve services security isolation and channel security isolation. The communication reliability and security of the meter-reading service of "electricity, water, gas and heat" will be improved and the integrated meter service will be realized reliably.

Wang, D., Ma, Y., Du, J., Ji, Y., Song, Y..  2018.  Security-Enhanced Signaling Scheme in Software Defined Optical Network. 2018 10th International Conference on Communication Software and Networks (ICCSN). :286–289.

The communication security issue is of great importance and should not be ignored in backbone optical networks which is undergoing the evolution toward software defined networks (SDN). With the aim to solve this problem, this paper conducts deep analysis into the security challenge of software defined optical networks (SDON) and proposes a so-called security-enhanced signaling scheme of SDON. The proposed scheme makes full advantage of current OpenFIow protocol with some necessary extensions and security improvement, by combining digital signatures and message feedback with efficient PKI (Public Key Infrastructure) in signaling procedure of OpenFIow interaction. Thus, this security-enhanced signaling procedure is also designed in details to make sure the end-to-end trusted service connection. Simulation results show that this proposed approach can greatly improve the security level of large-scale optical network for Energy Internet services with better performance in term of connection success rate performance.

Mbiriki, A., Katar, C., Badreddine, A..  2018.  Improvement of Security System Level in the Cyber-Physical Systems (CPS) Architecture. 2018 30th International Conference on Microelectronics (ICM). :40–43.

Industry 4.0 is based on the CPS architecture since it is the next generation in the industry. The CPS architecture is a system based on Cloud Computing technology and Internet of Things where computer elements collaborate for the control of physical entities. The security framework in this architecture is necessary for the protection of two parts (physical and information) so basically, security in CPS is classified into two main parts: information security (data) and security of control. In this work, we propose two models to solve the two problems detected in the security framework. The first proposal SCCAF (Smart Cloud Computing Adoption Framework) treats the nature of information that serves for the detection and the blocking of the threats our basic architecture CPS. The second model is a modeled detector related to the physical nature for detecting node information.

Moyne, J., Mashiro, S., Gross, D..  2018.  Determining a Security Roadmap for the Microelectronics Industry. 2018 29th Annual SEMI Advanced Semiconductor Manufacturing Conference (ASMC). :291–294.

The evolution of the microelectronics manufacturing industry is characterized by increased complexity, analysis, integration, distribution, data sharing and collaboration, all of which is enabled by the big data explosion. This evolution affords a number of opportunities in improved productivity and quality, and reduced cost, however it also brings with it a number of risks associated with maintaining security of data systems. The International Roadmap for Devices and System Factory Integration International Focus Team (IRDS FI IFT) determined that a security technology roadmap for the industry is needed to better understand the needs, challenges and potential solutions for security in the microelectronics industry and its supply chain. As a first step in providing this roadmap, the IFT conducted a security survey, soliciting input from users, suppliers and OEMs. Preliminary results indicate that data partitioning with IP protection is the number one topic of concern, with the need for industry-wide standards as the second most important topic. Further, the "fear" of security breach is considered to be a significant hindrance to Advanced Process Control efforts as well as use of cloud-based solutions. The IRDS FI IFT will endeavor to provide components of a security roadmap for the industry in the 2018 FI chapter, leveraging the output of the survey effort combined with follow-up discussions with users and consultations with experts.

2019-09-09
Jim, L. E., Gregory, M. A..  2018.  AIS Reputation Mechanism in MANET. 2018 28th International Telecommunication Networks and Applications Conference (ITNAC). :1-6.

In Mobile Ad hoc Networks (MANET) the nodes act as a host as well as a router thereby forming a self-organizing network that does not rely upon fixed infrastructure, other than gateways to other networks. MANET provides a quick to deploy flexible networking capability with a dynamic topology due to node mobility. MANET nodes transmit, relay and receive traffic from neighbor nodes as the network topology changes. Security is important for MANET and trust computation is used to improve collaboration between nodes. MANET trust frameworks utilize real-time trust computations to maintain the trust state for nodes in the network. If the trust computation is not resilient against attack, the trust values computed could be unreliable. This paper proposes an Artificial Immune System based approach to compute trust and thereby provide a resilient reputation mechanism.

Karlsson, J., Dooley, L. S., Pulkkis, G..  2018.  Secure Routing for MANET Connected Internet of Things Systems. 2018 IEEE 6th International Conference on Future Internet of Things and Cloud (FiCloud). :114-119.

This paper presents a contemporary review of communication architectures and topographies for MANET-connected Internet-of-Things (IoT) systems. Routing protocols for multi-hop MANETs are analyzed with a focus on the standardized Routing Protocol for Low-power and Lossy Networks. Various security threats and vulnerabilities in current MANET routing are described and security enhanced routing protocols and trust models presented as methodologies for supporting secure routing. Finally, the paper identifies some key research challenges in the emerging domain of MANET-IoT connectivity.

Rathi, P. S., Rao, C. M..  2018.  An Enhanced Threshold Based Cryptography with Secrete Sharing and Particle Swarm Optimization for Data Sending in MANET. 2018 3rd Asia-Pacific Conference on Intelligent Robot Systems (ACIRS). :87-91.

There are two types of network architectures are presents those are wired network and wireless network. MANETs is one of the examples of wireless network. Each and every network has their own features which make them different from other types of network. Some of the features of MANETs are; infrastructure less network, mobility, dynamic network topology which make it different and more popular from wired network but these features also generate different problems for achieving security due to the absence of centralized authority inside network as well as sending of data due to its mobility features. Achieving security in wired network is little-bit easy compare to MANETs because in wired network user need to just protect main centralized authority for achieving security whereas in MANETs there is no centralized authority available so protecting server in MANETs is difficult compare to wired network. Data sending and receiving process is also easy in wired network but mobility features makes this data sending and receiving process difficult in MANETs. Protecting server or central repository without making use of secrete sharing in wired network will create so many challenges and problem in terms of security. The proposed system makes use of Secrete sharing method to protect server from malicious nodes and `A New particle Swarm Optimization Method for MANETs' (NPSOM) for performing data sending and receiving operation in optimization way. NPSOM technique get equated with the steady particle swarm optimizer (PSO) technique. PSO was essentially designed by Kennedy, Eberhart in 1995. These methods are based upon 4 dissimilar types of parameters. These techniques were encouraged by common performance of animals, some of them are bird assembling and fish tuition, ant colony. The proposed system converts this PSO in the form of MANETs where Particle is nothing but the nodes in the network, Swarm means collection of multiple nodes and Optimization means finding the best and nearer root to reach to destination. Each and every element study about their own previous best solution which they are having with them for the given optimization problem, likewise they see for the groups previous best solution which they got for the same problem and finally they correct its solution depending on these values. This same process gets repeated for finding of the best and optimal solutions value. NPSOM technique, used in proposed system there every element changes its location according to the solution which they got previously and which is poorest as well as their collection's earlier poorest solution for finding best, optimal value. In this proposed system we are concentrating on, sidestepping element's and collections poorest solution which they got before.

Tonane, P., Deshpande, S..  2018.  Trust Based Certificate Revocation and Attacks in MANETs. 2018 Second International Conference on Inventive Communication and Computational Technologies (ICICCT). :1089-1093.

Due to the changing nature of Mobile Ad-Hoc Network (MANET) security is an important concern and hence in this paper, we carryout vector-based trust mechanism, which is established on the behavior of nodes in forwarding and dropping the data packets determines the trust on each node and we are using the Enhanced Certificate Revocation scheme (ECR), which avoid the attacker by blacklisting the blackhole attacker. To enhance more security for node and network, we assign a unique key for every individual node which can avoid most of the attacks in MANET

Dholey, M. K., Saha, M. K..  2018.  A Security Mechanism in DSR Routing for MANET. 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI). :921-925.

Mobile Ad-hoc Network (MANET) is an autonomous collection of mobile nodes and communicate among them in their radio range. It is an infrastructure less, bandwidth constraint multi-hop wireless network. A various routing protocol is being evolved for MANET routing and also provide security mechanism to avoid security threads. Dynamic Source Routing (DSR), one of the popular reactive routing protocols for MANET, establishes path between source to destination before data communication take place using route request (RREQ) and route reply (RREP) control messages. Although in [1] authors propose to prevent route diversion due to a malicious node in the network using group Diffie-Hellman (GDH) key management applied over source address, but if any intermediate trusted node start to misbehave then there is no prevention mechanism. Here in this paper, we applied Hash function scheme over destination address to identify the misbehaving intermediate node that can provide wrong destination address. The path information towards the destination sent by the intermediate node through RREP is exactly for the intended required destination or not, here we can identified according to our proposed algorithm and pretend for further data transmission. Our proposed algorithm proves the authenticity of the destination and also prevent from misbehaving intermediate nodes.

Abdel-Fattah, F., Farhan, K. A., Al-Tarawneh, F. H., AlTamimi, F..  2019.  Security Challenges and Attacks in Dynamic Mobile Ad Hoc Networks MANETs. 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). :28-33.

Mobile Ad hoc Network (MANET for short) is a new art of wireless technology that connect a group of mobile nodes in a dynamically decentralized fashion without the need of a base station, or a centralized administration, whereas each mobile node can work as a router. MANET topology changes frequently, because of the MANET dynamically formation nature, and freely to move randomly. MANET can function as standalone or can be connected to external networks. Mobile nodes are characterized with minimal human interaction, weight, less memory, and power. Despite all the pros of MANET and the widely spreading in many and critical industries, MANET has some cons and suffers from severe security issues. In this survey we emphasize on the different types of attacks at MANET protocol stack, and show how MANET is vulnerable to those attacks.

Kumar, M., Bhandari, R., Rupani, A., Ansari, J. H..  2018.  Trust-Based Performance Evaluation of Routing Protocol Design with Security and QoS over MANET. 2018 International Conference on Advances in Computing and Communication Engineering (ICACCE). :139-142.

Nowadays, The incorporation of different function of the network, as well as routing, administration, and security, is basic to the effective operation of a mobile circumstantial network these days, in MANET thought researchers manages the problems of QoS and security severally. Currently, each the aspects of security and QoS influence negatively on the general performance of the network once thought-about in isolation. In fact, it will influence the exceptionally operating of QoS and security algorithms and should influence the important and essential services needed within the MANET. Our paper outlines 2 accomplishments via; the accomplishment of security and accomplishment of quality. The direction towards achieving these accomplishments is to style and implement a protocol to suite answer for policy-based network administration, and methodologies for key administration and causing of IPsec in a very MANET.

Achichi, Boubakeur, Semchedine, Fouzi, Derdouri, Lakhdar.  2018.  Hybrid Approach for Congestion Control in VANETs. Proceedings of the 7th International Conference on Software Engineering and New Technologies. :4:1-4:4.

Vehicular Ad-Hoc Network, or VANETs, is a form of MANET, through which cars will exchange messages to detect dangerous situations and announce them to drivers. In VANETs, vehicles (nodes) are characterized by a high dynamics and high mobility, in addition to the high rate of topology change and density variability. Quality of service in VANETs represents a major challenge, not yet solved, due to the characteristics and strict constraints of VANETs. In order to improve the performance and reliability of message dissemination on VANETs, congestion control must be taken into account. Many studies asserted that proper congestion control algorithms are essential to ensure an efficient network operation. However, most of the existing congestion control solutions have limitations. In this paper, we propose congestion control algorithm as solution to avoid congestion in VANETs environment. The proposed solution is based on a combination of two approaches: the event-oriented and the measurement-based, with message scheduling. The proposed solution is to reduce congestion and increase reliability to VANETs by assigning higher priority to critical security message.

Yadav, Parul, Gaur, Manish.  2018.  A Behavioural Theory for Intrusion Detection System in Mobile Ad-Hoc Networks. Proceedings of the 2Nd International Conference on High Performance Compilation, Computing and Communications. :51-60.

We propose a Calculi in process algebraic framework to formally model Intrusion Detection System (IDS) for secure routing in Mobile Ad-hoc Networks. The proposed calculi, named as dRi, is basically an extension of Distributed pi calculus (Dpi). The calculi models unicast, multicast & broadcast communication, node mobility, energy conservation at node and detection of malicious node(s) in Mobile Ad-hoc Networks. The Calculi has two syntactic categories: one for describing nodes and another for processes which reside in nodes. We also present two views of semantic reductions; one as reduction on configurations whereas another as LTSs (Labelled Transition Systems), behavioural semantics, where reduction on configurations are described on various actions. We present an example described using LTSs to show the capability of the proposed calculi. We define a bisimulation based equivalence between configurations. Further we define a touch-stone equivalence on its reduction semantics & also present prove outline for bisimulation based equivalence that can be recovered from its touch-stone equivalence and vice-versa.

2019-09-05
Panfili, M., Giuseppi, A., Fiaschetti, A., Al-Jibreen, H. B., Pietrabissa, A., Priscoli, F. Delli.  2018.  A Game-Theoretical Approach to Cyber-Security of Critical Infrastructures Based on Multi-Agent Reinforcement Learning. 2018 26th Mediterranean Conference on Control and Automation (MED). :460-465.

This paper presents a control strategy for Cyber-Physical System defense developed in the framework of the European Project ATENA, that concerns Critical Infrastructure (CI) protection. The aim of the controller is to find the optimal security configuration, in terms of countermeasures to implement, in order to address the system vulnerabilities. The attack/defense problem is modeled as a multi-agent general sum game, where the aim of the defender is to prevent the most damage possible by finding an optimal trade-off between prevention actions and their costs. The problem is solved utilizing Reinforcement Learning and simulation results provide a proof of the proposed concept, showing how the defender of the protected CI is able to minimize the damage caused by his her opponents by finding the Nash equilibrium of the game in the zero-sum variant, and, in a more general scenario, by driving the attacker in the position where the damage she/he can cause to the infrastructure is lower than the cost it has to sustain to enforce her/his attack strategy.

Gryzunov, V. V., Bondarenko, I. Y..  2018.  A Social Engineer in Terms of Control Theory. 2018 Third International Conference on Human Factors in Complex Technical Systems and Environments (ERGO)s and Environments (ERGO). :202-204.

Problem: Today, many methods of influencing on personnel in the communication process are available to social engineers and information security specialists, but in practice it is difficult to say which method and why it is appropriate to use one. Criteria and indicators of effective communication are not formalized. Purpose: to formalize the concept of effective communication, to offer a tool for combining existing methods and means of communication, to formalize the purpose of communication. Methods: Use of the terminal model of a control system for a non-stochastic communication object. Results. Two examples demonstrating the possibility of using the terminal model of the communication control system, which allows you to connect tools and methods of communication, justify the requirements for the structure and feedback of communication, select the necessary communication algorithms depending on the observed response of the communication object. Practical significance: the results of the research can be used in planning and conducting effective communication in the process of information protection, in business, in private relationships and in other areas of human activity.

Deshotels, Luke, Deaconescu, Razvan, Carabas, Costin, Manda, Iulia, Enck, William, Chiroiu, Mihai, Li, Ninghui, Sadeghi, Ahmad-Reza.  2018.  iOracle: Automated Evaluation of Access Control Policies in iOS. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. :117-131.

Modern operating systems, such as iOS, use multiple access control policies to define an overall protection system. However, the complexity of these policies and their interactions can hide policy flaws that compromise the security of the protection system. We propose iOracle, a framework that logically models the iOS protection system such that queries can be made to automatically detect policy flaws. iOracle models policies and runtime context extracted from iOS firmware images, developer resources, and jailbroken devices, and iOracle significantly reduces the complexity of queries by modeling policy semantics. We evaluate iOracle by using it to successfully triage executables likely to have policy flaws and comparing our results to the executables exploited in four recent jailbreaks. When applied to iOS 10, iOracle identifies previously unknown policy flaws that allow attackers to modify or bypass access control policies. For compromised system processes, consequences of these policy flaws include sandbox escapes (with respect to read/write file access) and changing the ownership of arbitrary files. By automating the evaluation of iOS access control policies, iOracle provides a practical approach to hardening iOS security by identifying policy flaws before they are exploited.

Qiu, Yanbin, Liu, Yanhua, Li, Shijin.  2018.  A Method of Cyber Risk Control Node Selection Based on Game Theory. Proceedings of the 8th International Conference on Communication and Network Security. :32-36.

For the occurrence of network attacks, the most important thing for network security managers is how to conduct attack security defenses under low-risk control. And in the attack risk control, the first and most important step is to choose the defense node of risk control. In this paper, aiming to solve the problem of network attack security risk control under complex networks, we propose a game attack risk control node selection method based on game theory. The method utilizes the relationship between the vulnerabilities and analyzes the vulnerability intent information of the complex network to construct an attack risk diffusion network. In order to truly reflect the different meanings of each node in the attack risk diffusion network for attack and defense, this paper uses the host vulnerability attack and defense income evaluation calculation to give each node in the network its offensive and defensive income. According to the above-mentioned attack risk spread network of offensive and defensive gains, this paper combines game theory and maximum benefit ideas to select the best Top defense node information. In this paper, The method proposed in this paper can be used to select network security risk control nodes on complex networks, which can help network security managers to play a good auxiliary role in cyber attack defense.

Monteuuis, Jean-Philippe, Boudguiga, Aymen, Zhang, Jun, Labiod, Houda, Servel, Alain, Urien, Pascal.  2018.  SARA: Security Automotive Risk Analysis Method. Proceedings of the 4th ACM Workshop on Cyber-Physical System Security. :3-14.

Connected and automated vehicles aim to improve the comfort and the safety of the driver and passengers. To this end, car manufacturers continually improve actual standardized methods to ensure their customers safety, privacy, and vehicles security. However, these methods do not support fully autonomous vehicles, linkability and confusion threats. To address such gaps, we propose a systematic threat analysis and risk assessment framework, SARA, which comprises an improved threat model, a new attack method/asset map, the involvement of the attacker in the attack tree, and a new driving system observation metric. Finally, we demonstrate its feasibility in assessing risk with two use cases: Vehicle Tracking and Comfortable Emergency Brake Failure.

Ferraiuolo, Andrew, Zhao, Mark, Myers, Andrew C., Suh, G. Edward.  2018.  HyperFlow: A Processor Architecture for Nonmalleable, Timing-Safe Information Flow Security. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1583-1600.

This paper presents HyperFlow, a processor that enforces secure information flow, including control over timing channels. The design and implementation of HyperFlow offer security assurance because it is implemented using a security-typed hardware description language that enforces secure information flow. Unlike prior processors that aim to enforce simple information-flow policies such as noninterference, HyperFlow allows complex information flow policies that can be configured at run time. Its fine-grained, decentralized information flow mechanisms allow controlled communication among mutually distrusting processes and system calls into different security domains. We address the significant challenges in designing such a processor architecture with contributions in both the hardware architecture and the security type system. The paper discusses the architecture decisions that make the processor secure and describes ChiselFlow, a new secure hardware description language supporting lightweight information-flow enforcement. The HyperFlow architecture is prototyped on a full-featured processor that offers a complete RISC-V instruction set, and is shown to add moderate overhead to area and performance.

Bertolissi, Clara, dos Santos, Daniel R., Ranise, Silvio.  2018.  Solving Multi-Objective Workflow Satisfiability Problems with Optimization Modulo Theories Techniques. Proceedings of the 23Nd ACM on Symposium on Access Control Models and Technologies. :117-128.

Security-sensitive workflows impose constraints on the control-flow and authorization policies that may lead to unsatisfiable instances. In these cases, it is still possible to find "least bad" executions where costs associated to authorization violations are minimized, solving the so-called Multi-Objective Workflow Satisfiability Problem (MO-WSP). The MO-WSP is inspired by the Valued WSP and its generalization, the Bi-Objective WSP, but our work considers quantitative solutions to the WSP without abstracting control-flow constraints. In this paper, we define variations of the MO-WSP and solve them using bounded model checking and optimization modulo theories solving. We validate our solutions on real-world workflows and show their scalability on synthetic instances.