Trust and Trustworthiness 2015 (Part 2)

 

 
SoS Logo

Trust and Trustworthiness (Part 2)

 

Trust is created in information security through cryptography to assure the identity of external parties. It is essential to cybersecurity and to the Science of Security hard problem of composability. The research work cited here regarding trust and trustworthiness was presented in 2015.




D. Shehada, M. J. Zemerly, C. Y. Yeun, M. A. Qutayri and Y. A. Hammadi, “A Framework for Comparison of Trust Models for Multi Agent Systems,” Information and Communication Technology Research (ICTRC), 2015 International Conference on, Abu Dhabi, 2015, pp. 318-321. doi: 10.1109/ICTRC.2015.7156486

Abstract: Agents technology plays an important role in the development of many major service applications. However, balancing between the flexible features agents provide, and their vulnerability to many security oriented attacks are considered a great challenge. In this paper we review trust models that are proposed in the literature to provide trustworthiness and security to Multi Agent Systems (MAS). We subsequently develop a framework for comparison of the various different trust models. Trust models are first compared and classified according to types of evaluations used, weight assignment, consideration of inaccurate evaluations and architecture. They are also compared according to suitability to MAS.

Keywords: multi-agent systems; trusted computing; MAS; agents technology; flexible features agents; multi agent systems; security oriented attacks; trustworthiness; Adaptation models; Customer relationship management; Fires; Multi-agent systems; Reliability; Security (ID#: 16-11307)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7156486&isnumber=7156393

 

M. Mulla and S. Sambare, “Efficient Analysis of Lightweight Sybil Attack Detection Scheme in Mobile Ad Hoc Networks,” Pervasive Computing (ICPC), 2015 International Conference on, Pune, 2015, pp. 1-6. doi: 10.1109/PERVASIVE.2015.7086988

Abstract: Mobile Ad hoc Networks (MANETs) are vulnerable to different kinds of attacks like Sybil attack. In this paper we are aiming to present practical evaluation of efficient method for detecting lightweight Sybil Attack. In Sybil attack, network attacker disturbs the accuracy count by increasing its trust and decreasing others or takes off the identity of few mobile nodes in MANET. This kind of attack results into major information loss and hence misinterpretation in the network, it also minimizes the trustworthiness among mobile nodes, data routing disturbing with aim of dropping them in network etc. There are many methods previously presented by different researchers with aim of mitigating such attacks from MANET with their own advantage and disadvantages. In this research paper, we are introducing the study of efficient method of detecting the lightweight Sybil attack with aim of identifying the new identities of Sybil attackers and without using any additional resources such as trusted third party or any other hardware. The method which we are investigating in this paper is based on use of RSS (Received Signal Strength) to detect Sybil attacker. This method uses the RSS in order to differentiate between the legitimate and Sybil identities. The practical analysis of this work is done using Network Simulator (NS2) by measuring throughput, end to end delay, and packet delivery ratio under different network conditions.

Keywords: mobile ad hoc networks; MANET; RSS; lightweight Sybil attack detection scheme; major information loss; network simulator; received signal strength; trustworthiness; Delays; Hardware; Mobile ad hoc networks; Mobile computing; Security; Throughput; DCA: Distributed Certificate authority; Mobile Ad hoc Network; Packet Delivery Ratio; Received Signal Strength; Sybil Attack; Threshold; UB: Upper bound (ID#: 16-11308)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7086988&isnumber=7086957

 

G. DAngelo, S. Rampone and F. Palmieri, “An Artificial Intelligence-Based Trust Model for Pervasive Computing,” 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), Krakow, 2015, pp. 701-706. doi: 10.1109/3PGCIC.2015.94

Abstract: Pervasive Computing is one of the latest and more advanced paradigms currently available in the computers arena. Its ability to provide the distribution of computational services within environments where people live, work or socialize leads to make issues such as privacy, trust and identity more challenging compared to traditional computing environments. In this work we review these general issues and propose a Pervasive Computing architecture based on a simple but effective trust model that is better able to cope with them. The proposed architecture combines some Artificial Intelligence techniques to achieve close resemblance with human-like decision making. Accordingly, Apriori algorithm is first used in order to extract the behavioral patterns adopted from the users during their network interactions. Naïve Bayes classifier is then used for final decision making expressed in term of probability of user trustworthiness. To validate our approach we applied it to some typical ubiquitous computing scenarios. The obtained results demonstrated the usefulness of such approach and the competitiveness against other existing ones.

Keywords: Bayes methods; artificial intelligence; pattern classification; trusted computing; ubiquitous computing; artificial intelligence-based trust model; behavioral patterns; computational services distribution; computers arena; effective trust model; human-like decision making; naïve Bayes classifier; network interactions; pervasive computing; ubiquitous computing scenarios; user trustworthiness; Classification algorithms; Computational modeling; Data mining; Decision making; Itemsets; Pervasive computing; Security; Apriori algorithm; Artificial Intelligence; Naive Bayes Classifier; Pervasive Computing; Trust Model (ID#: 16-11309)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7424653&isnumber=7424499

 

S. Hazra and S. K. Setua, “Privacy Preservation in Ubiquitous Network,” Future Internet of Things and Cloud (FiCloud), 2015 3rd International Conference on, Rome, 2015, pp. 811-816. doi: 10.1109/FiCloud.2015.18

Abstract: Ubiquitous network deals with wireless communication between service stations and users along with their mobility, invisibility and evolved smart space. In ubiquitous network, users get their services from available service stations invisibly. In such an open environment, an outsider malicious entity can disrupt the service communication by compromising the privacy of communicating users and (or) service stations. On the other hand, a malevolent service station can compromise the privacy of a user, as well as a malevolent user can compromise the privacy of a legitimate service station. To maintain the privacy of communicating users and service stations, we have introduced a trust based security approach. We have proposed “Privacy Preservation with Trust level” (PPT) in ubiquitous network to secure the privacy of entity's identity. With our PPT mechanism, a malevolent service station or user or an external malicious entity can be isolated from service communication process depending on trustworthiness level. The efficiency of our proposed PPT protocol is shown with simulation results.

Keywords: data privacy; radiocommunication; transport protocols; trusted computing; ubiquitous computing; PPT protocol; entity identity privacy; external malicious entity; legitimate service station privacy; malevolent service station; open environment; outsider malicious entity; privacy preservation; privacy preservation with trust level; service communication; service communication process; smart space; trust based security approach; trustworthiness level; ubiquitous network; user privacy; wireless communication; Communication system security; Computer science; Context; Generators; Jamming; Privacy; Servers; direct trust; indirect trust; privacy; trust (ID#: 16-11310)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7300910&isnumber=7300539

 

Z. Duan, Y. Hui, C. Tian, N. Zhang and B. Huang, “A Self-ORganizing Trust Model Based on HP2P,” 2015 11th International Conference on Mobile Ad-hoc and Sensor Networks (MSN), Shenzhen, 2015, pp. 96-101. doi: 10.1109/MSN.2015.34

Abstract: Peer-to-Peer(P2P) reputation systems are essential to evaluate the trustworthiness of the nodes in a P2P system. This paper presents a distributed algorithm HP2PSORT based on SORT that enables a node to estimate the trustworthiness of other nodes based on the past interactions and recommendations. In an HP2P network, by using the filtering mechanism, the calculation method of the service trust and the dynamic calculation of the threshold value, we show that HP2PSORT outperforms SORT.

Keywords: computer network security; distributed algorithms; peer-to-peer computing; trusted computing; P2P system; Peer-to-Peer reputation systems; calculation method; distributed algorithm HP2PSORT; dynamic calculation; filtering mechanism; self-organizing trust model; service trust; trustworthiness; Context; Cost accounting; Estimation; Mathematical model; Measurement; Peer-to-peer computing; Servers; Chord; File System; P2P; Reputation System; Security (ID#: 16-11311)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7420930&isnumber=7420907

 

Z. Ning, Z. Chen and X. Kong, “A Trust-Based User Assignment Scheme in Ad Hoc Social Networks,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 1774-1778. doi: 10.1109/HPCC-CSS-ICESS.2015.106

Abstract: Although cooperation among individuals plays a key factor in the commercial development of wireless networks, trust is an important factor due to the uncertainty and uncontrollability caused by the self-organizing character of different entities. In this paper, we present a trust-based user assignment scheme by considering node sociality, the reason behind is that effective user assignment should not only build a reliable system basing on the behavior of network individuals, but also encourage selfish nodes to forward packets for one another. At first, a model for trustworthiness management is built up by considering social relationship. Then, user assignment for each transmission is decided by a double auction-based mechanism. Simulation result demonstrates that our scheme is able to obtain better network performance than the existing method in link connectivity and social welfare.

Keywords: ad hoc networks; social networking (online); trusted computing; ad hoc social network; double auction-based mechanism; link connectivity; node sociality; self-organizing character; selfish nodes; social relationship; trust-based user assignment scheme; trustworthiness management; wireless network; Ad hoc networks; Bandwidth; Interference; Measurement; Relays; Signal to noise ratio; Social network services; Social relationship; double auction; node trust (ID#: 16-11312)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336428&isnumber=7336120

 

K. Kalaivani and C. Suguna, “Efficient Botnet Detection Based on Reputation Model and Content Auditing in P2P Networks,” Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, Coimbatore, 2015, pp. 1-4. doi: 10.1109/ISCO.2015.7282358

Abstract: Botnet is a number of computers connected through internet that can send malicious content such as spam and virus to other computers without the knowledge of the owners. In peer-to-peer (p2p) architecture, it is very difficult to identify the botnets because it does not have any centralized control. In this paper, we are going to use a security principle called data provenance integrity. It can verify the origin of the data. For this, the certificate of the peers can be exchanged. A reputation based trust model is used for identifying the authenticated peer during file transmission. Here the reputation value of each peer can be calculated and a hash table is used for efficient file searching. The proposed system can also verify the trustworthiness of transmitted data by using content auditing. In this, the data can be checked against trained data set and can identify the malicious content.

Keywords: authorisation; computer network security; data integrity; information retrieval; invasive software; peer-to-peer computing; trusted computing; P2P networks; authenticated peer; botnet detection; content auditing; data provenance integrity; file searching; file transmission; hash table; malicious content; peer-to-peer architecture; reputation based trust model; reputation model; reputation value; security principle; spam; transmitted data trustworthiness; virus; Computational modeling; Cryptography; Measurement; Peer-to-peer computing; Privacy; Superluminescent diodes; Data provenance integrity; trained data set (ID#: 16-11313)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282358&isnumber=7282219

 

M. G. Pérez, F. G. Mármol and G. M. Pérez, “Improving Attack Detection in Self-Organizing Networks: A Trust-Based Approach Toward Alert Satisfaction,” Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, Kochi, 2015, pp. 1945-1951. doi: 10.1109/ICACCI.2015.7275903

Abstract: Cyber security has become a major challenge when detecting and preventing attacks on any self-organizing network. Defining a trust and reputation mechanism is a required feature in these networks to assess whether the alerts shared by their Intrusion Detection Systems (IDS) actually report a true incident. This paper presents a way of measuring the trustworthiness of the alerts issued by the IDSs of a collaborative intrusion detection network, considering the detection skills configured in each IDS to calculate the satisfaction on each interaction (alert sharing) and, consequently, to update the reputation of the alert issuer. Without alert satisfaction, collaborative attack detection cannot be a reality in front of ill-intended IDSs. Conducted experiments demonstrate a better accuracy when detecting attacks.

Keywords: security of data; self-organising feature maps; trusted computing; IDS; alert satisfaction; collaborative attack detection; collaborative intrusion detection network; cybersecurity; intrusion detection systems; reputation mechanism; self-organizing networks; trust-based approach; Collaboration; Intrusion detection; Optical wavelength conversion; Resource management; Self-organizing networks; Support vector machines; Attack detection; cyber security; trust assessment (ID#: 16-11314)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7275903&isnumber=7275573

 

Xiaolong Guo, R. G. Dutta, Yier Jin, F. Farahmandi and P. Mishra, “Pre-Silicon Security Verification and Validation: A Formal Perspective,” 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), San Francisco, CA, 2015, pp. 1-6. doi: 10.1145/2744769.2747939

Abstract: Reusable hardware Intellectual Property (IP) based System-on-Chip (SoC) design has emerged as a pervasive design practice in the industry today. The possibility of hardware Trojans and/or design backdoors hiding in the IP cores has raised security concerns. As existing functional testing methods fall short in detecting unspecified (often malicious) logic, formal methods have emerged as an alternative for validation of trustworthiness of IP cores. Toward this direction, we discuss two main categories of formal methods used in hardware trust evaluation: theorem proving and equivalence checking. Specifically, proof-carrying hardware (PCH) and its applications are introduced in detail, in which we demonstrate the use of theorem proving methods for providing high-level protection of IP cores. We also outline the use of symbolic algebra in equivalence checking, to ensure that the hardware implementation is equivalent to its design specification, thus leaving little space for malicious logic insertion.

Keywords: electronic engineering computing; industrial property; integrated circuit design; integrated circuit testing; security of data; system-on-chip; theorem proving; IP cores protection; PCH; SoC design; equivalence checking; formal methods; functional testing methods; hardware Trojans; hardware trust evaluation; logic insertion; pervasive design; presilicon security validation; presilicon security verification; proof-carrying hardware; reusable hardware intellectual property; system-on-chip design; theorem proving methods; Hardware; IP networks; Logic gates; Polynomials; Sensitivity; Trojan horses (ID#: 16-11315)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7167331&isnumber=7167177

 

M. Asplund, “Model-Based Membership Verification in Vehicular Platoons,” 2015 IEEE International Conference on Dependable Systems and Networks Workshops, Rio de Janeiro, 2015, pp. 125-132. doi: 10.1109/DSN-W.2015.21

Abstract: Cooperative vehicular systems have the potential to significantly increase traffic efficiency and safety. However, they also raise the question of to what extent information that is received from other vehicles can be trusted. In this paper we present a novel approach for increasing the trustworthiness of cooperative driving through a model-based approach for verifying membership views in vehicular platoons. We define a formal model for platoon membership, cooperative awareness claims, and membership verification mechanisms. With the help of a satisfiability solver, we are able to quantitatively analyse the impact of different system parameters on the verifiability of received information. Our results demonstrate the importance of cross validating received messages, as well as the surprising difficulty in establishing correct membership views despite powerful verification mechanisms.

Keywords: computability; formal verification; road safety; road traffic; road vehicles; cooperative awareness claim; cooperative driving; cooperative vehicular system; cross validating received message; formal model; membership verification mechanism; model-based approach; model-based membership verification; platoon membership; received information; satisfiability solver; system parameter; traffic efficiency; traffic safety; vehicular platoon; Conferences; Knowledge based systems; Measurement; Security; Sensors; Software; Vehicles (ID#: 16-11316)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7272565&isnumber=7272533

 

S. Burleigh, “Critical Multicast,” Wireless Communications & Signal Processing (WCSP), 2015 International Conference on, Nanjing, 2015, pp. 1-5. doi: 10.1109/WCSP.2015.7341151

Abstract: While the importance of protecting the confidentiality of sensitive cybernetic communications is widely recognized, the importance of ensuring the trustworthiness of information that is public yet critical is perhaps less obvious. Critical non-confidential messages must be issued by a trusted authoritative source in order to serve as the basis for operational decisions, but while existing authentication mechanisms can guard against tampering with the messages from such a source they cannot defend against compromise of the source itself. A public key infrastructure developed for Delay-Tolerant Networking addresses this problem. Its design might serve as the basis for a general “Critical Multicast” technology, ensuring that vital yet non-confidential information received via the network is genuine.

Keywords: cryptographic protocols; delay tolerant networks; message authentication; multicast protocols; public key cryptography; telecommunication security; authentication mechanisms; bundle security protocol; confidentiality protection; critical multicast technology; critical nonconfidential messages; delay-tolerant networking; operational decisions; sensitive cybernetic communications; Internet; Protocols; Public key; Receivers; Reliability; bundle protocol; delay-tolerant networking; multicast; public key infrastructure (ID#: 16-11317)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7341151&isnumber=7340966

 

E. Bertino, “Big Data - Security and Privacy,” 2015 IEEE International Congress on Big Data (BigData Congress), New York, NY, 2015, pp. 757-761. doi: 10.1109/BigDataCongress.2015.126

Abstract: The paper introduces a research agenda for security and privacy in big data. The paper discusses research challenges and directions concerning data confidentiality, privacy, and trustworthiness in the context of big data. Key research issues discussed in the paper include how to reconcile security with privacy, the notion of data ownership, and how to enforce access control in big data stores.

Keywords: Big Data; data privacy; security of data; trusted computing; data confidentiality; data ownership; data security; trustworthiness; Access control; Big data; Cryptography; Data privacy; Privacy; data trustworthiness; privacy (ID#: 16-11318)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7207310&isnumber=7207183

 

S. Ristov and M. Gusev, “A Methodology to Evaluate the Trustworthiness of Cloud Service Providers’ Availability,” EUROCON 2015 - International Conference on Computer as a Tool (EUROCON), IEEE, Salamanca, 2015, pp. 1-6. doi: 10.1109/EUROCON.2015.7313734

Abstract: Cloud service providers (CSPs) compete among each other to guarantee very high availability of their services. The most common CSPs guarantee the availability of at least 99.9% (some even 100%) in their service level agreements (SLAs), i.e., they guarantee maximum 8.77 hours of downtime per year for their services. However, this high guarantee does not imply that they comply with their SLAs. Many reports addressed that CSPs' downtime is much greater and usually the cloud consumer's costs cannot be covered by CSP's indemnification. On the other hand, the service availability is not a decisive factor for many cloud consumers. That is, many cloud consumers are interested in lower cost for an acceptable level of availability. In this paper, we define a new methodology to evaluate the CSPs according to the cloud consumers' needs. We introduce a very important factor, i.e., trustworthiness beside the availability. With our methodology, the cloud consumers can quantify the trustworthiness and the security of their potential CSPs, in order to migrate their services to the most appropriate CSP. Our evaluation shows that Google is the best choice of the evaluated CSPs in trustworthiness, although it offers the worst availability in its SLA, compared to other most common CSPs.

Keywords: cloud computing; contracts; customer satisfaction; trusted computing; CSP indemnification; Google; SLA; cloud consumer costs; cloud service provider availability; service level agreements; trustworthiness evaluation; Cloud computing; Computational modeling; Google; ISO Standards; Reliability; Security; Virtual machining; Availability; evaluation; reliability; trustworthiness

(ID#: 16-11319)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7313734&isnumber=7313653

 

H. Boyes, “Best Practices in an ICS Environment,” Cyber Security for Industrial Control Systems, London, 2015, pp. 1-36. doi: 10.1049/ic.2015.0006

Abstract: Presents a collection of slides covering the following topics: software trustworthiness; insecure building control system; prison system glitch; cyber security; ICS; vulnerability assessment; dynamic risks handling; situational awareness; human factor; industrial control systems and system connectivity.

Keywords: control engineering computing; human factors; industrial control; security of data; trusted computing; ICS; cybersecurity; dynamic risks handling; human factor; industrial control systems; insecure building control system; prison system glitch; situational awareness; software trustworthiness; system connectivity; vulnerability assessment (ID#: 16-11320)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7332808&isnumber=7137498

 

J. Miguel, S. Caballé and F. Xhafa, “A MapReduce Approach for Processing Student Data Activity in a Peer-to-Peer Networked Setting,” 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), Krakow, 2015, pp. 9-16. doi: 10.1109/3PGCIC.2015.27

Abstract: Collaborative and peer-to-peer networked based models generate a large amount of data from students' learning tasks. We have proposed the analysis of these data to tackle information security in e-Learning breaches with trustworthiness models as a functional requirement. In this context, the computational complexity of extracting and structuring students' activity data is a computationally costly process as the amount of data tends to be very large and needs computational power beyond of a single processor. For this reason, in this paper, we propose a complete MapReduce and Hadoop application for processing learning management systems log file data.

Keywords: data handling; learning management systems; parallel programming; trusted computing; Hadoop application; MapReduce approach; computational complexity; e-learning breaches; information security; learning management systems log file data; peer-to-peer networked based models; student data activity; trustworthiness models; Computational modeling; Computer architecture; Data models; Parallel processing; Peer-to-peer computing; Programming; Software; Hadoop; MapReduce; log files; parallel processing; student activity data (ID#: 16-11321)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7424535&isnumber=7424499

 

C. Pasquini, C. Brunetta, A. F. Vinci, V. Conotter and G. Boato, “Towards the Verification of Image Integrity in Online News,” Multimedia & Expo Workshops (ICMEW), 2015 IEEE International Conference on, Turin, 2015, pp. 1-6. doi: 10.1109/ICMEW.2015.7169801

Abstract: The widespread of social networking services allows users to share and quickly spread an enormous amount of digital contents. Currently, a low level of security and trustworthiness is applied to such information, whose reliability cannot be taken for granted due to the large availability of image editing software which allow any user to easily manipulate digital contents. This has a huge impact on the deception of users, whose opinion can be seriously influenced by altered media. In this work, we face the challenge of verifying online news by analyzing the images related to the particular news article. Our goal is to create an empirical system which helps in verifying the consistency of visually and semantically similar images used within different news articles on the same topic. Given a certain news online, our system identifies a set of images connected to the same topic and presenting common visual elements, which can be successively compared with the original ones and analyzed in order to discover possible inconsistencies also by means of multimedia forensics tools.

Keywords: digital forensics; image processing; multimedia computing; social networking (online); trusted computing; image editing software; image integrity verification; multimedia forensics tools; online news verification; security; social networking services; trustworthiness; visual elements; Correlation; Face; Manganese; Media; Metadata; Tin; Visualization; Media Verification; news

(ID#: 16-11322)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7169801&isnumber=7169738

 

Y. Ma, Y. Chen and B. Gu, “An Attributes-Based Allocation Approach of Software Trustworthy Degrees,” Software Quality, Reliability and Security - Companion (QRS-C), 2015 IEEE International Conference on, Vancouver, BC, 2015, pp. 89-94. doi: 10.1109/QRS-C.2015.24

Abstract: Trustworthiness measurement and evaluation of softwares is an important research topic in the field of trustworthy softwares. The existing metric model for software trustworthiness can determine trustworthy degree of a software with given trustworthy degrees of attributes. In this paper, we focus on the reverse of measurement approach, which determines trustworthy degrees of attributes with given trustworthy degree of a software. We introduce an approach to describe the allocation of trustworthy degrees of softwares, and present an allocation model and an attributes-based allocation algorithm. The allocation approach are applied to high-speed reentry aircraft softwares. With the allocation results, it is shown that our approach is effective and practical in guiding and controlling software trustworthiness.

Keywords: aerospace computing; resource allocation; software quality; trusted computing; attributes-based allocation algorithm; high-speed reentry aircraft software; software trustworthy degree; Resource management; Software; Software algorithms; Software measurement; Space vehicles; Standards; Allocation for Software Trustworthiness; Trustworthy Attributes; Trustworthy Software (ID#: 16-11323)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7322129&isnumber=7322103

 

A. Ray, J. Åkerberg, M. Björkman and M. Gidlund, “Towards Trustworthiness Assessment of Industrial Heterogeneous Networks,” 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA), Luxembourg, 2015, pp. 1-6. doi: 10.1109/ETFA.2015.7301548

Abstract: In industrial plants, there is a mix of devices with different security features and capabilities. If there is a mix of devices with various degree of security levels, then this will create independent islands in a network with similar levels of security features. However, the industrial plant is interconnected for the purpose of reducing cost of monitoring with a centralized control center. Therefore, the different islands also need to communicate with each other to improve the asset management efficiency in a plant. In this work we aim to focus on the trustworthiness assessment of devices in industrial plant networks in term of node value. We study the behavior of industrial plant networks when devices with various degrees of security features communicate. We aim to identify network properties which influence the overall network behavior. From the study, we have found that the communication path, the order of different communication paths and the number of specific types of nodes affect the final trustworthiness of devices in the network.

Keywords: industrial plants; security of data; trusted computing; asset management efficiency; centralized control center; communication path; industrial heterogeneous networks; industrial plant networks; monitoring cost reduction; security features; trustworthiness assessment; Analytical models; Centralized control; Industrial plants; Monitoring; Receivers; Security; Yttrium; Device Trust; Industrial Communication Security; Network Analysis; Security Modeling (ID#: 16-11324)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7301548&isnumber=7301399

 

J. Miguel, S. Caballé and F. Xhafa, “A Knowledge Management Process to Enhance Trustworthiness-based Security in On-line Learning Teams,” Intelligent Networking and Collaborative Systems (INCOS), 2015 International Conference on, Taipei, 2015, pp. 272-279. doi: 10.1109/INCoS.2015.70

Abstract: Both information and communication technologies and computer-supported collaborative learning have been widely adopted in many educational institutions. Likewise, general e-assessment processes offer enormous opportunities to enhance student's learning experience. In this context, e-Learning stakeholders are increasingly demanding new requirements and, among them, information security in e-Learning stands out as a key factor. One of the key strategies in information security is that security drawbacks cannot be solved with technology solutions alone. Thus we have proposed a functional approach based on trustworthiness, namely, a trustworthiness security methodology. Since this methodology proposes processes and methods, which are closely related to knowledge management, in this paper, we will endow our methodology with current knowledge management processes. For this reason, we analyse the current models and techniques used for general knowledge management to be applied to trustworthy data from e-Learning systems. Moreover, we discuss several issues that arise when managing large data sets that span a rather long period of time. Hence, the main goal of this paper is to analyse existing knowledge management processes to endow our trustworthiness security methodology with a suitable set of knowledge management techniques and models. Finally, we exemplify the approach with trustworthy data of the on-line activity of virtual classrooms in our Virtual Campus of Open University of Catalonia.

Keywords: computer aided instruction; groupware; knowledge management; trusted computing; computer-supported collaborative learning; e-assessment process; e-learning; educational institutions; electronic learning; information and communication technology; information security; knowledge management; knowledge management process; online learning teams; student learning experience; trustworthiness security methodology; trustworthiness-based security; Collaboration; Data collection; Data mining; Data visualization; Electronic learning; Knowledge management; Security; Information security; trustworthiness (ID#: 16-11325)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7312084&isnumber=7312007

 

J. Miguel, S. Caballé, F. Xhafa and V. Snasel, A Data Visualization Approach for Trustworthiness in Social Networks for On-line Learning, 2015 IEEE 29th International Conference on Advanced Information Networking and Applications, Gwangiu, 2015,

pp. 490-497. doi: 10.1109/AINA.2015.226

Abstract: Up to now, the problem of ensuring collaborative activities in e-Learning against dishonest students' behaviour has been mainly tackled with technological security solutions. Over the last years, technological security solutions have evolved from isolated security approaches based on specific properties, such as privacy, to holistic models based on technological security comprehensive solutions, such as public key infrastructures, biometric models and multidisciplinary approaches from different research areas. Current technological security solutions are feasible in many e-Learning scenarios but on-line assessment involves certain requirements that usually bear specific security challenges related to e-Learning design. In this context, even the most advanced and comprehensive technological security solutions cannot cope with the whole scope of e-Learning vulnerabilities. To overcome these deficiencies, our previous research aimed at incorporating information security properties and services into on-line collaborative e-Learning by a functional approach based on trustworthiness assessment and prediction. In this paper, we present a peer-to-peer on-line assessment approach carried out in a real on-line course developed in our real e-Learning context of the Open University of Catalonia. The design presented in this paper is conducted by our trustworthiness security methodology with the aim of building peer-to-peer collaborative activities, which enhances security e-Learning requirements. Eventually, peer-to-peer visualizations methods are proposed to manage security e-Learning events, as well as on-line visualization through peer-to-peer tools, intended to analyse collaborative relationship.

Keywords: computer aided instruction; data visualisation; social networking (online); trusted computing; Open University of Catalonia; biometric models; data visualization approach; e-learning; holistic models; information security properties; information security services; multidisciplinary approaches; online learning; peer-to-peer collaborative activities; peer-to-peer on-line assessment; public key infrastructures; social networks; student behaviour; technological security; technological security comprehensive solutions; trustworthiness assessment; trustworthiness security methodology; Collaboration; Context; Electronic learning; Peer-to-peer computing; Security; Social network services; Visualization; Information security; computer-supported collaborative learning; on-line assessment; peer-to-peer analysis; trustworthiness (ID#: 16-11326)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7098011&isnumber=7097928

 

K. Xiao, D. Forte and M. M. Tehranipoor, “Efficient and Secure Split Manufacturing via Obfuscated Built-in Self-Authentication,” Hardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on, Washington, DC, 2015, pp. 14-19. doi: 10.1109/HST.2015.7140229

Abstract: The threats of reverse-engineering, IP piracy, and hardware Trojan insertion in the semiconductor supply chain are greater today than ever before. Split manufacturing has emerged as a viable approach to protect integrated circuits (ICs) fabricated in untrusted foundries, but has high cost and/or high performance overhead. Furthermore, split manufacturing cannot fully prevent untargeted hardware Trojan insertions. In this paper, we propose to insert additional functional circuitry called obfuscated built-in self-authentication (OBISA) in the chip layout with split manufacturing process, in order to prevent reverse-engineering and further prevent hardware Trojan insertion. Self-tests are performed to authenticate the trustworthiness of the OBISA circuitry. The OBISA circuit is connected to original design in order to increase the strength of obfuscation, thereby allowing a higher layer split and lower overall cost. Additional fan-outs are created in OBISA circuitry to improve obfuscation without losing testability. Our proposed gating mechanism and net selection method can ensure negligible overhead in terms of area, timing, and dynamic power. Experimental results demonstrate the effectiveness of the proposed technique in several benchmark circuits.

Keywords: foundries; integrated circuit manufacture; integrated circuit reliability; invasive software; reverse engineering; supply chains; IP piracy; OBISA circuit; chip layout; hardware Trojan insertion; integrated circuits; obfuscated built-in self-authentication; semiconductor supply chain; split manufacturing; trustworthiness; untrusted foundries; Delays; Fabrication; Foundries; Layout; Logic gates (ID#: 16-11327)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7140229&isnumber=7140225

 

M. H. Jalalzai, W. B. Shahid and M. M. W. Iqbal, “DNS Security Challenges and Best Practices to Deploy Secure DNS with Digital Signatures,” 2015 12th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, 2015, pp. 280-285. doi: 10.1109/IBCAST.2015.7058517

Abstract: This paper is meant to discuss the DNS security vulnerabilities and best practices to address DNS security challenges. The Domain Name System (DNS) is the foundation of internet which translates user friendly domains, named based Resource Records (RR) into corresponding IP addresses and vice-versa. Nowadays usage of DNS services are not merely for translating domain names, but it is also used to block spam, email authentication like DKIM and the latest DMARC, the TXT records found in DNS are mainly about improving the security of services. So, virtually almost every internet application is using DNS. If not works properly then whole internet communication will collapse. Therefore security of DNS infrastructures is one of the core requirements for any organization in current cyber security arena. DNS are favorite place for attackers due to huge loss of its outcome. So breach in DNS security will in resultant affects the trust worthiness of whole internet. Therefore security of DNS is paramount, in case DNS infrastructure is vulnerable and compromised, organizations lose their revenue, they face downtime, customer dissatisfaction, privacy loss, confront legal challenges and many more. As we know that DNS is now become the largest distributed database, but initially at the time of DNS design the only goal was to provide scalable and available name resolution service but its security perspectives were not focused and overlooked at that time. So there are number of security flaws exist and there is an urgent requirement to provide some additional mechanism for addressing known vulnerabilities. From these security challenges, most important one is DNS data integrity and availability. For this purpose we introduced cryptographic framework that is configured on open source platform by incorporating DNSSEC with Bind DNS software which addresses integrity and availability issues of DNS by establishing DNS chain of trust using digitally signed DNS data.

Keywords: Internet; computer network security; cryptography; data integrity; data privacy; digital signatures; distributed databases; public domain software; Bind DNS software; DKIM; DMARC; DNS availability issues; DNS chain; DNS data integrity; DNS design; DNS infrastructures; DNS security; DNS security vulnerabilities; DNS services; DNSSEC; IP addresses; Internet application; Internet communication; Internet trustworthiness; cryptographic framework; customer dissatisfaction; cyber security arena; digital signatures; digitally signed DNS data; distributed database; domain name system; email authentication; index TXT services; named based resource records; open source platform; privacy loss; secure DNS; security flaws; user friendly domains; Best practices; Computer crime; Cryptography; Servers; Software; DNS Security; NS Vulnerabilities; Digital Signatures; Network and Computer Security; PKI

(ID#: 16-11328)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058517&isnumber=7058466

 

T. O. Mayayise and I. O. Osunmakinde, “Robustness of Computational Intelligent Assurance Models when Assessing E-Commerce Sites,” Information Security for South Africa (ISSA), 2015, Johannesburg, 2015, pp. 1-8. doi: 10.1109/ISSA.2015.7335067

Abstract: E-commerce assurance platforms continue to emerge in order to facilitate trustworthy transactional relationships between buyers and sellers. However, as the sophistication of the e-commerce environments increase, the risks associated with transacting online also increase which pose a challenge to consumers to freely transact online. Although traditional assurance models are still used by various e-commerce sites, some of these models are not robust enough to provide adequate assurance on key areas of customer concerns in the cyber space. This research proposes a robust intelligent PRAHP framework built on Analytical Hierarchy Process complemented with an evidential reasoning from page ranking. PRAHP algorithms are modularised to run concurrently whose consensus decision takes place in a decision table. PRAHP objectively extracts real-life data directly from each of the 10 e-commerce websites comparatively using assurance attributes: Advanced Security, Policy, Advanced ISO, Advanced legislation and Availability. The assurance of e-commerce sites using PRAHP was experimented on small and large e-Commerce enterprises and validated by determining the effects of varied damping factor d on PRAHP, and comparing with customer's site perceptions. The experimental results demonstrate that the proposed framework is sufficiently robust for current site assurance applications and shows the trustworthiness aspect of the framework in instances of uncertainty.

Keywords: ISO standards; Web sites; analytic hierarchy process; electronic commerce; legislation; transaction processing; trusted computing; PRAHP algorithms; advanced ISO; advanced legislation; advanced security; analytical hierarchy process; computational intelligent assurance model; customer concerns; customer site perceptions; cyber space; e-commerce assurance platform; e-commerce environments; e-commerce websites; online transaction; page ranking; robust intelligent PRAHP framework; trustworthy transactional relationships; Legislation; Mathematical model; Robustness; Seals; Security; Standards; AHP; Assessment; Assurance; DT; E-commerce; Legislation; PR; Policy (ID#: 16-11329)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7335067&isnumber=7335039

 

Y. Liu, S. Sakamoto, L. Barolli, M. Ikeda and F. Xhafa, “Evaluation of Peers Trustworthiness for JXTA-overlay Considering Data Download Speed, Local Score and Security Parameters,” Network-Based Information Systems (NBiS), 2015 18th International Conference on, Taipei, 2015, pp. 658-664. doi: 10.1109/NBiS.2015.98

Abstract: In P2P systems, each peer has to obtain information of other peers and propagate the information to other peers through neighboring peers. Thus, it is important for each peer to have some number of neighbor peers. Moreover, it is more significant to discuss if each peer has trustworthy neighbor peers. In reality, each peer might be faulty or might send obsolete, even incorrect information to the other peers. We have implemented a P2P platform called JXTA-Orverlay, which defines a set of protocols that standardize how different devices may communicate and collaborate among them. JXTA-Overlay provides a set of basic functionalities, primitives, intended to be as complete as possible to satisfy the needs of most JXTA-based applications. In this paper, we consider three input parameters: Data Download Speed (DDS), Local Score (LS) and Security (S) to decide the Peer Trustworthiness (PT). We evaluate the proposed system by computer simulations. The simulation results have shown that the proposed system has a good performance and can choose trustworthy peers to connect in JXTA-Overlay platform.

Keywords: peer-to-peer computing; security of data; trusted computing; DDS; JXTA-overlay; LS; P2P systems; computer simulations; data download speed; local score; peers trustworthiness; security parameters; Fuzzy logic; Fuzzy sets; Peer-to-peer computing; Pragmatics; Process control; Protocols; Security; Fuzzy Logic; Intelligent Algorithm; JXTA-Overlay; P2P Systems; Trust-worthiness (ID#: 16-11330)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7350697&isnumber=7350553

 

N. G. Mohammadi, T. Bandyszak, C. Kalogiros, M. Kanakakis and T. Weyer, “A Framework for Evaluating the End-to-End Trustworthiness,” Trustcom/BigDataSE/ISPA, 2015 IEEE, Helsinki, 2015, pp. 638-645. doi: 10.1109/Trustcom.2015.429

Abstract: Trustworthiness of software and services is a key concern for their use and adoption by organizations and end users. Trustworthiness evaluation is an important task to support both providers and consumers in making informed decisions, i.e., for selecting components from a software marketplace. Most of the literature evaluates trustworthiness by focusing on a single dimension (e.g., from the security perspective) while there are limited contributions towards multifaceted and end-to-end trustworthiness evaluation. Our analysis reveals that there is a lack of a comprehensive framework for comparative, multifaceted end-to-end trustworthiness evaluation, which takes into account different layers of abstractions of both the system topology and its trustworthiness. In this paper, we provide a framework for end-to-end trustworthiness evaluation using computational approaches, which is based on aggregating certified trustworthiness values for individual components. The resulting output supports in defining trustworthiness requirements for a software component to be developed and eventually integrated within a system, as well as obtaining trustworthiness evidences for a composite system before the actual deployment. Thereby it supports the designer in analyzing the end-to-end trustworthiness. An application example illustrates the application of the framework.

Keywords: trusted computing; multifaceted end-to-end trustworthiness evaluation; services trustworthiness; software trustworthiness; system topology abstraction; trustworthiness abstraction; trustworthiness evidence; Business; Measurement; Quality of service; Reliability; Security; Web services; Computational Evaluation; End-to-End Evaluation; Metrics; Socio-Technical-System; Trustworthiness (ID#: 16-11331)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7345337&isnumber=7345233

 

S. Lins, S. Thiebes, S. Schneider and A. Sunyaev, “What is Really Going On at Your Cloud Service Provider? Creating Trustworthy Certifications by Continuous Auditing,” System Sciences (HICSS), 2015 48th Hawaii International Conference on, Kauai, HI, 2015, pp. 5352-5361. doi: 10.1109/HICSS.2015.629

Abstract: Cloud service certifications attempt to assure a high level of security and compliance. However, considering that cloud services are part of an ever-changing environment, multi-year validity periods may put in doubt the reliability of such certifications. We argue that continuous auditing of selected certification criteria is required to assure continuously reliable and secure cloud services and thereby increase the trustworthiness of certifications. Continuous auditing of cloud services is still in its infancy, thus, we performed a systematic literature review to identify automated auditing methods that are applicable in the context of cloud computing. Our study yields a set of automated methods for continuous auditing in six clusters. We discuss the identified methods in terms of their applicability to address major concerns about cloud computing and how the methods can aid to continuously audit cloud environments. We thereby provide paths for future research to implement continuous auditing in cloud service contexts.

Keywords: auditing; certification; cloud computing; security of data; trusted computing; certification criteria; cloud service certifications; cloud service provider; compliance; continuous auditing; multiyear validity periods; reliable cloud services; secure cloud services; security; trustworthy certifications; Certification; Computer architecture; Context; Inspection; Monitoring; Reliability; Security; Cloud Computing; Cloud Service Certification; Continuous Auditing; Dynamic Certification; Monitoring (ID#: 16-11332)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7070458&isnumber=7069647

 

P. Stephanow, C. Banse and J. Schütte, “Generating Threat Profiles for Cloud Service Certification Systems,” 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE), Orlando, FL, 2016, pp. 260-267. doi: 10.1109/HASE.2016.43

Abstract: Cloud service certification aims at automatically validating whether a cloud service satisfies a predefined set of requirements. To that end, certification systems collect and evaluate sensitive data from various sources of a cloud service. At the same time, the certification system itself has to be resilient to attacks to generate trustworthy statements about the cloud service. Thus system architects are faced with the task of assessing the trustworthiness of different certification system designs. To cope with that challenge, we propose a method to model different architecture variants of cloud service certification systems and analyze threats these systems face. By applying our method to a specific cloud service certification system, we show how threats to such systems can be derived in a standardized way that allows us to evaluate different architecture configurations.

Keywords: certification; cloud computing; security of data; trusted computing; architecture configurations; automatic cloud service validation; cloud service certification system design; cloud service sources; sensitive data collection; sensitive data evaluation; threat analysis; threat profile generation; trustworthiness assessment; trustworthy statement generation; Cloud computing; Engines; Monitoring; Security; Time measurement; Virtual machining; cloud services (ID#: 16-11333)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7423164&isnumber=7423114

 

M. Goldenbaum, R. F. Schaefer and H. V. Poor, “The Multiple-Access Channel with an External Eavesdropper: Trusted vs. Untrusted Users,” 2015 49th Asilomar Conference on Signals, Systems and Computers, Pacific Grove, CA, 2015, pp. 564-568. doi: 10.1109/ACSSC.2015.7421192

Abstract: In this paper, the multiple-access channel with an external eavesdropper is considered. From the perspective of the trustworthiness of users, an overview of existing secrecy criteria is given and their impact on the achievable secrecy rate region is discussed. For instance, under the assumption the eavesdropper has full a priori knowledge of the other users' transmit signals, the mixed secrecy criterion requires the information leakage from all transmitted messages individually as well as jointly to be small. This is a conservative criterion useful for scenarios in which users might be compromised. If some of the users are trustworthy, however, the secrecy criterion can be relaxed to joint secrecy resulting in a significantly increased rate region. As this indicates there is a trade-off between the choice of the secrecy criterion and achievable rates, the question is posed as to whether the criterion can further be weakened to individual secrecy, which would be desirable for scenarios where users are guaranteed trustworthy.

Keywords: multi-access systems; multiuser channels; radiocommunication; telecommunication security; external eavesdropper; information leakage; mixed secrecy criterion; multiple-access channel; user transmit signals; Probability distribution; Production facilities; Receivers; Reliability; Security; Smart grids; Zinc (ID#: 16-11334)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7421192&isnumber=7421038

 

M. Sugino, S. Nakamura, T. Enokido and M. Takizawa, “Trustworthiness-Based Broadcast Protocols in Wireless Networks,” Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on, Blumenau, 2015, pp  125-132. doi: 10.1109/IMIS.2015.85

Abstract: It is significant to deliver messages to every node in a group to realize the cooperation of the nodes in wireless networks. A node sends a message to the neighbour nodes, each of which forwards the message to the neighbour nodes in flooding protocols. Here, a huge number of messages are transmitted in a network. In multi-point relay (MPR) protocols, only a relay node forwards messages and the other leaf nodes do not forward messages in order to reduce the number of messages transmitted in networks. In this paper, we newly discuss trustworthiness concepts of a neighbour node to broadcast messages. The more trustworthy the node is, the more reliably and efficiently the node can forward messages. Trustworthy neighbour nodes are selected as relay nodes. We propose novel types of trustworthiness-based broadcast (TBR) protocols, TBR1 and TBR2 protocols. In the TBR1 protocol, trustworthy first-neighbour nodes are selected as relay nodes. In the TBR2 protocol, each second-neighbour node is connected to a trustworthy first-neighbour node. In the evaluation, electric energy consumed by a node to send messages from a node to the neighbour nodes is considered as trustworthiness of the neighbour node. We evaluate the TBR1 and TBR2 protocols and show the total electric energy consumed by nodes can be more reduced than the MPR protocol.

Keywords: protocols; radio networks; telecommunication security; trusted computing; MPR protocols; TBR protocols; broadcast messages; broadcast protocols; first neighbour nodes; flooding protocols; forward messages; leaf nodes; multipoint relay; relay node forwards messages; trustworthiness based broadcast; trustworthiness concepts; wireless networks; Energy consumption; Protocols; Relays; Reliability; Time factors; Wireless networks; Broadcast protocols; Energy-efficient broadcast protocol; Trustworthiness; Wireless network (ID#: 16-11335)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7284937&isnumber=7284886

 

M. Schölzel, E. Eren and K. O. Detken, “A Viable SIEM Approach for Android,” Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2015 IEEE 8th International Conference on, Warsaw, 2015, pp. 803-807. doi: 10.1109/IDAACS.2015.7341414

Abstract: Mobile devices such as smartphones and tablet PCs are increasingly used for business purposes. However, the trustworthiness of operating systems and apps is controversial. They can constitute a threat to corporate networks and infrastructures, if they are not audited or monitored. The concept of port-based authentication using IEEE 802.1x restricts access and may provide statistical data about users entering or leaving a network, but it does not consider the threat that devices can pose when already authenticated and used. Mobile devices gather and publish information. This information is incorporated into Security Information and Event Management (SIEM) software so that a threat is recognized while the device is being used.

Keywords: message authentication; mobile computing; smart phones; telecommunication security; trusted computing; Android; IEEE 802.1x; SIEM approach; SIEM software; apps; business purposes; corporate networks threat; infrastructures threat; mobile devices; operating systems; port-based authentication; security information and event management; smartphones; statistical data; tablet PC; trustworthiness; Androids; Humanoid robots; Metadata; Mobile handsets; Monitoring; Security; Servers; IEEE 802.1X; IF-MAP; SIEM; TNC; event detection; information security; network monitoring; trusted network connect (ID#: 16-11336)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7341414&isnumber=7341341

 

M. M. Bidmeshki and Y. Makris, “Toward Automatic Proof Generation for Information Flow Policies in Third-Party Hardware IP,” Hardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on, Washington, DC, 2015, pp. 163-168. doi: 10.1109/HST.2015.7140256

Abstract: The proof carrying hardware intellectual property (PCHIP) framework ensures trustworthiness by developing proofs for security properties designed to prevent introduction of malicious behaviors via third-party hardware IP. However, converting a design to a formal representation and developing proofs for the desired security properties is a cumbersome task for IP developers and requires extra knowledge of formal reasoning methods, proof development and proof checking. While security properties are generally specific to each design, information flow policies are a set of policies which ensure that no secret information is leaked through untrusted channels, and are mainly applicable to the designs which manipulate secret and sensitive data. In this work, we introduce the VeriCoq-IFT framework which aims to (i) automate the process of converting designs from HDL to the Coq formal language, (ii) generate security property theorems ensuring information flow policies, (iii) construct proofs for such theorems, and (iv) check their validity for the design, with minimal user intervention. We take advantage of Coq proof automation facilities in proving the generated theorems for enforcing these policies and we demonstrate the applicability of our automated framework on two DES encryption circuits. By providing essential information, the trustworthiness of these circuits in terms of information flow policies is verified automatically. Any alteration of the circuit description against information flow policies causes proofs to fail. Our methodology is the first but essential step in the adoption of PCHIP as a valuable method to authenticate the trustworthiness of third party hardware IP with minimal extra effort.

Keywords: formal languages; industrial property; theorem proving; trusted computing; Coq formal language; DES encryption circuits; HDL; PCHIP framework; VeriCoq-IFT framework; automatic proof generation; formal reasoning methods; information flow policies; malicious behaviors; proof carrying hardware intellectual property framework; proof checking; proof development; third-party hardware; Hardware; Hardware design languages; IP networks; Sensitivity; Trojan horses; Wires (ID#: 16-11337)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7140256&isnumber=7140225

 

M. Chibba and A. Cavoukian, “Privacy, Consumer Trust and Big Data: Privacy by Design and the 3 C’S,” ITU Kaleidoscope: Trust in the Information Society (K-2015), 2015, Barcelona, 2015, pp. 1-5. doi: 10.1109/Kaleidoscope.2015.7383624

Abstract: The growth of ICTs and the resulting data explosion could pave the way for the surveillance of our lives and diminish our democratic freedoms, at an unimaginable scale. Consumer mistrust of an organization's ability to safeguard their data is at an all time high and this has negative implications for Big Data. The timing is right to be proactive about designing privacy into technologies, business processes and networked infrastructures. Inclusiveness of all objectives can be achieved through consultation, co-operation, and collaboration (3 C's). If privacy is the default, without diminishing functionality or other legitimate interests, then trust will be preserved and innovation will flourish.

Keywords: Big Data; consumer protection; data privacy; trusted computing; ICT; big data; consumer trust; data explosion; privacy; Big data; Business; Collaboration; Data protection; Privacy; Security; Information and communication technologies (ICTs); Privacy by Design; information society; internet of things; privacy; security; technological innovation; trustworthiness (ID#: 16-11338)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7383624&isnumber=7383613


Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.