scholarly journals Automated Proof of Bell–LaPadula Security Properties

2020 ◽  
Author(s):  
Maximiliano Cristiá ◽  
Gianfranco Rossi
Keyword(s):  
Security Properties ◽  
Automated Proof

Data Integrity

2017 ◽  
Author(s):  
Keith M. Martin
Keyword(s):  
Hash Function ◽  
Hash Functions ◽  
Data Integrity ◽  
Message Authentication ◽  
Authenticated Encryption ◽  
Authentication Codes ◽  
Basic Model ◽  
Function Design ◽  
Security Properties ◽  
Different Levels

This chapter discusses cryptographic mechanisms for providing data integrity. We begin by identifying different levels of data integrity that can be provided. We then look in detail at hash functions, explaining the different security properties that they have, as well as presenting several different applications of a hash function. We then look at hash function design and illustrate this by discussing the hash function SHA-3. Next, we discuss message authentication codes (MACs), presenting a basic model and discussing basic properties. We compare two different MAC constructions, CBC-MAC and HMAC. Finally, we consider different ways of using MACs together with encryption. We focus on authenticated encryption modes, and illustrate these by describing Galois Counter mode.

Hardware Information Flow Tracking

2021 ◽  
Vol 54 (4) ◽  
pp. 1-39
Author(s):  
Wei Hu ◽  
Armaiti Ardeshiricham ◽  
Ryan Kastner
Keyword(s):  
Access Control ◽  
Computer Security ◽  
Information Flow ◽  
Hardware Security ◽  
Computing System ◽  
Security Vulnerabilities ◽  
Information Flow Tracking ◽  
Side Channels ◽  
Security Properties ◽  
Tools And Techniques

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Publicly auditable conditional blind signatures

2021 ◽  
Vol 29 (2) ◽  
pp. 229-271
Author(s):  
Panagiotis Grontas ◽  
Aris Pagourtzis ◽  
Alexandros Zacharakis ◽  
Bingsheng Zhang
Keyword(s):  
Proof Of Concept ◽  
Equivalence Test ◽  
Zero Knowledge ◽  
Private Key ◽  
Blind Signatures ◽  
Cryptographic Primitive ◽  
Security Properties ◽  
Designated Verifier

This work formalizes Publicly Auditable Conditional Blind Signatures (PACBS), a new cryptographic primitive that allows the verifiable issuance of blind signatures, the validity of which is contingent upon a predicate and decided by a designated verifier. In particular, when a user requests the signing of a message, blinded to protect her privacy, the signer embeds data in the signature that makes it valid if and only if a condition holds. A verifier, identified by a private key, can check the signature and learn the value of the predicate. Auditability mechanisms in the form of non-interactive zero-knowledge proofs are provided, so that a cheating signer cannot issue arbitrary signatures and a cheating verifier cannot ignore the embedded condition. The security properties of this new primitive are defined using cryptographic games. A proof-of-concept construction, based on the Okamoto–Schnorr blind signatures infused with a plaintext equivalence test is presented and its security is analyzed.

scholarly journals Blockchain-Based Solutions for UAV-Assisted Connected Vehicle Networks in Smart Cities: A Review, Open Issues, and Future Perspectives

Telecom ◽  
2021 ◽  
Vol 2 (1) ◽  
pp. 108-140
Author(s):  
Paulo Álvares ◽  
Lion Silva ◽  
Naercio Magaia
Keyword(s):  
Traffic Congestion ◽  
Resource Constraints ◽  
Smart Cities ◽  
The Internet ◽  
Connected Vehicle ◽  
Sensitive Data ◽  
Internet Of Vehicles ◽  
Smart Vehicles ◽  
Security Properties ◽  
Vehicle Networks

It had been predicted that by 2020, nearly 26 billion devices would be connected to the Internet, with a big percentage being vehicles. The Internet of Vehicles (IoVa) is a concept that refers to the connection and cooperation of smart vehicles and devices in a network through the generation, transmission, and processing of data that aims at improving traffic congestion, travel time, and comfort, all the while reducing pollution and accidents. However, this transmission of sensitive data (e.g., location) needs to occur with defined security properties to safeguard vehicles and their drivers since attackers could use this data. Blockchain is a fairly recent technology that guarantees trust between nodes through cryptography mechanisms and consensus protocols in distributed, untrustful environments, like IoV networks. Much research has been done in implementing the former in the latter to impressive results, as Blockchain can cover and offer solutions to many IoV problems. However, these implementations have to deal with the challenge of IoV node’s resource constraints since they do not suffice for the computational and energy requirements of traditional Blockchain systems, which is one of the biggest limitations of Blockchain implementations in IoV. Finally, these two technologies can be used to build the foundations for smart cities, enabling new application models and better results for end-users.

scholarly journals Security assurance cases—state of the art of an emerging approach

2021 ◽  
Vol 26 (4) ◽  
Author(s):  
Mazen Mohamad ◽  
Jan-Philipp Steghöfer ◽  
Riccardo Scandariato
Keyword(s):  
State Of The Art ◽  
Tool Support ◽  
Security Assurance ◽  
The Past ◽  
Depth Analysis ◽  
Structured Argumentation ◽  
Security Properties ◽  
Standards And Regulations ◽  
Assurance Cases ◽  
Security Standards

AbstractSecurity Assurance Cases (SAC) are a form of structured argumentation used to reason about the security properties of a system. After the successful adoption of assurance cases for safety, SAC are getting significant traction in recent years, especially in safety-critical industries (e.g., automotive), where there is an increasing pressure to be compliant with several security standards and regulations. Accordingly, research in the field of SAC has flourished in the past decade, with different approaches being investigated. In an effort to systematize this active field of research, we conducted a systematic literature review (SLR) of the existing academic studies on SAC. Our review resulted in an in-depth analysis and comparison of 51 papers. Our results indicate that, while there are numerous papers discussing the importance of SAC and their usage scenarios, the literature is still immature with respect to concrete support for practitioners on how to build and maintain a SAC. More importantly, even though some methodologies are available, their validation and tool support is still lacking.

scholarly journals Security Properties of Gait for Mobile Device Pairing

2020 ◽  
Vol 19 (3) ◽  
pp. 697-710 ◽  
Author(s):  
Arne Brusch ◽  
Ngu Nguyen ◽  
Dominik Schurmann ◽  
Stephan Sigg ◽  
Lars Wolf
Keyword(s):  
Mobile Device ◽  
Security Properties ◽  
Device Pairing

scholarly journals A Classification of Time and/or Probability Dependent Security Properties

2006 ◽  
Vol 153 (2) ◽  
pp. 177-193 ◽  
Author(s):  
Ruggero Lanotte ◽  
Andrea Maggiolo-Schettini ◽  
Angelo Troina
Keyword(s):  
Security Properties
Sign in / Sign up

Export Citation Format

Share Document