Automated Formal Methods for Security Protocol Engineering

Formal methods use mathematical models for analysis and verification at any part of the program life-cycle. The use of formal methods is admitted, recommended, and sometimes prescribed in safety-and security-related standards dealing, e.g., with avionics, railways, nuclear energy, and secure information systems. This paper describes the state of the art in the industrial use of formal methods ininformation security with a focus on verification of security protocols. Given the vast scope of available solutions, attention has been focused just on the most popular and most representative ones, without exhaustiveness claims. We describe some of the highlights of our survey by presenting a series of industrial projects, and we draw some observations from these surveys and records of experience. Based on this, we discuss issues surrounding the industrial adoption of formal methods in security protocol engineering.

Download Full-text

Continuous Verification of Network Security Compliance

10.36227/techrxiv.15029811.v1 ◽

2021 ◽

Author(s):

Claas Lorenz ◽

Vera Clemens ◽

Max Schrötter ◽

Bettina Schnor

Keyword(s):

Network Security ◽

Complex Networks ◽

Formal Methods ◽

Formal Language ◽

State Of The Art ◽

Rule Sets ◽

Compliance Verification ◽

Security Compliance ◽

High Level

Continuous verification of network security compliance is an accepted need. Especially, the analysis of stateful packet filters plays a central role for network security in practice. But the few existing tools which support the analysis of stateful packet filters show runtimes in the order of minutes to hours making them unsuitable for continuous compliance verification.<br>In this work, we address these challenges and present a solution which is based on the application of formal methods. First, we introduce the formal language FPL that enables a high-level human-understandable specification of the desired state of network security. Second, we demonstrate the instantiation of a compliance process using a verification framework that analyzes the configuration of complex networks and devices - including stateful firewalls - for compliance with FPL policies. Our evaluation results show the scalability of the presented approach for the well known Internet2 and Stanford benchmarks as well as for large firewall rule sets where it outscales state-of-the-art tools by a factor of over 41.

Download Full-text

Recent Advances in Injectable Hydrogels for Biomedical Applications

Journal of the Indonesian Chemical Society ◽

10.34311/jics.2019.02.1.1 ◽

2019 ◽

Vol 2 (1) ◽

pp. 1 ◽

Cited By ~ 1

Author(s):

Eko Adi Prasetyanto

Keyword(s):

Tissue Engineering ◽

Biomedical Applications ◽

State Of The Art ◽

Research Progress ◽

Hybrid Hydrogel ◽

Injectable Hydrogels ◽

Injectable Hydrogel ◽

Different Types ◽

And Cartilage ◽

Recent Research Progress

Injectable hydrogels, a class of hydrogel, have received a lot of attention in biomedical applications due to its versatility. It is reported that injectable hydrogel can be applied in various biomedical procedures for example as submucosal fluid cushion, periodontal implant, and cartilage and bone tissue engineering. In addition to its easy delivery (implantation), this class of hydrogel can be tailored to match specific applications. The customization of this hydrogel can be easily executed by changing polymeric backbone of hydrogel, choosing different types of crosslinking or by adding nanoparticles to form hybrid hydrogel systems. Physical properties, compatibility and biodegradability of the resulted materials are important factors for designing injectable hydrogels. In this Recent Research Progress, we highlight the state-of-the-art injectable hydrogels and note the general requirements of an ideal injectable hydrogel for biomedical applications.

Download Full-text

A Formal Verification Centred Development Process for Security Protocols

Handbook of Research on Information Security and Assurance ◽

10.4018/978-1-59904-855-0.ch014 ◽

2009 ◽

pp. 165-178 ◽

Cited By ~ 1

Author(s):

Tom Coffey

Keyword(s):

Formal Verification ◽

Communication Systems ◽

Development Process ◽

State Of The Art ◽

Security Protocols ◽

Security Protocol ◽

Current State ◽

Reliable Design

This chapter concerns the correct and reliable design of modern security protocols. It discusses the importance of formal verification of security protocols prior to their release by publication or implementation. A discussion on logic-based verification of security protocols and its automation provides the reader with an overview of the current state-of-the-art of formal verification of security protocols. The authors propose a formal verification centred development process for security protocols. This process provides strong confidence in the correctness and reliability of the designed protocols. Thus, the usage of weak security protocols in communication systems is prevented. A case-study on the development of a security protocol demonstrates the advantages of the proposed approach. The case-study concludes with remarks on the performance of automated logic-based verification and presents an overview of formal verification results of a range of modern security protocols.

Download Full-text

Continuous Verification of Network Security Compliance

10.36227/techrxiv.15029811 ◽

2021 ◽

Author(s):

Claas Lorenz ◽

Vera Clemens ◽

Max Schrötter ◽

Bettina Schnor

Keyword(s):

Network Security ◽

Complex Networks ◽

Formal Methods ◽

Formal Language ◽

State Of The Art ◽

Rule Sets ◽

Compliance Verification ◽

Security Compliance ◽

High Level

Continuous verification of network security compliance is an accepted need. Especially, the analysis of stateful packet filters plays a central role for network security in practice. But the few existing tools which support the analysis of stateful packet filters show runtimes in the order of minutes to hours making them unsuitable for continuous compliance verification.<br>In this work, we address these challenges and present a solution which is based on the application of formal methods. First, we introduce the formal language FPL that enables a high-level human-understandable specification of the desired state of network security. Second, we demonstrate the instantiation of a compliance process using a verification framework that analyzes the configuration of complex networks and devices - including stateful firewalls - for compliance with FPL policies. Our evaluation results show the scalability of the presented approach for the well known Internet2 and Stanford benchmarks as well as for large firewall rule sets where it outscales state-of-the-art tools by a factor of over 41.

Download Full-text

Modeling and design of role engineering in development of access control for dynamic information systems

Bulletin of the Polish Academy of Sciences Technical Sciences ◽

10.2478/bpasts-2013-0058 ◽

2013 ◽

Vol 61 (3) ◽

pp. 569-579 ◽

Cited By ~ 2

Author(s):

A. Poniszewska-Marańda

Keyword(s):

Information Systems ◽

Dynamic Information ◽

Minimal Set ◽

Distributed Information ◽

Heterogeneous Information ◽

System Protection ◽

Level Model ◽

Model Independent ◽

Role Concept ◽

High Level

Abstract Nowadays, the growth and complexity of functionalities of current information systems, especially dynamic, distributed and heterogeneous information systems, makes the design and creation of such systems a difficult task and at the same time, strategic for businesses. A very important stage of data protection in an information system is the creation of a high level model, independent of the software, satisfying the needs of system protection and security. The process of role engineering, i.e. the identification of roles and setting up in an organization is a complex task. The paper presents the modeling and design stages in the process of role engineering in the aspect of security schema development for information systems, in particular for dynamic, distributed information systems, based on the role concept and the usage concept. Such a schema is created first of all during the design phase of a system. Two actors should cooperate with each other in this creation process, the application developer and the security administrator, to determine the minimal set of user’s roles in agreement with the security constraints that guarantee the global security coherence of the system.

Download Full-text

A review on the properties, reinforcing effects, and commercialization of nanomaterials for cement-based materials

Nanotechnology Reviews ◽

10.1515/ntrev-2020-0023 ◽

2020 ◽

Vol 9 (1) ◽

pp. 303-322 ◽

Cited By ~ 3

Author(s):

Zhifang Zhao ◽

Tianqi Qi ◽

Wei Zhou ◽

David Hui ◽

Cong Xiao ◽

...

Keyword(s):

Cement Hydration ◽

State Of The Art ◽

Research Progress ◽

Market Survey ◽

Future Perspectives ◽

Nano Silica ◽

Physical Processes ◽

Existing Problems ◽

Cement Based Materials ◽

The Cost

AbstractThe behavior of cement-based materials is manipulated by chemical and physical processes at the nanolevel. Therefore, the application of nanomaterials in civil engineering to develop nano-modified cement-based materials is a promising research. In recent decades, a large number of researchers have tried to improve the properties of cement-based materials by employing various nanomaterials and to characterize the mechanism of nano-strengthening. In this study, the state of the art progress of nano-modified cement-based materials is systematically reviewed and summarized. First, this study reviews the basic properties and dispersion methods of nanomaterials commonly used in cement-based materials, including carbon nanotubes, carbon nanofibers, graphene, graphene oxide, nano-silica, nano-calcium carbonate, nano-calcium silicate hydrate, etc. Then the research progress on nano-engineered cementitious composites is reviewed from the view of accelerating cement hydration, reinforcing mechanical properties, and improving durability. In addition, the market and applications of nanomaterials for cement-based materials are briefly discussed, and the cost is creatively summarized through market survey. Finally, this study also summarizes the existing problems in current research and provides future perspectives accordingly.

Download Full-text

Efficient End-to-End Sentence-Level Lipreading with Temporal Convolutional Networks

Applied Sciences ◽

10.3390/app11156975 ◽

2021 ◽

Vol 11 (15) ◽

pp. 6975

Author(s):

Tao Zhang ◽

Lun He ◽

Xudong Li ◽

Guoqing Feng

Keyword(s):

Performance Improvement ◽

State Of The Art ◽

Error Rates ◽

Convolutional Network ◽

Convolutional Networks ◽

Sentence Level ◽

End To End ◽

High Level ◽

Improved Accuracy ◽

Talking Face

Lipreading aims to recognize sentences being spoken by a talking face. In recent years, the lipreading method has achieved a high level of accuracy on large datasets and made breakthrough progress. However, lipreading is still far from being solved, and existing methods tend to have high error rates on the wild data and have the defects of disappearing training gradient and slow convergence. To overcome these problems, we proposed an efficient end-to-end sentence-level lipreading model, using an encoder based on a 3D convolutional network, ResNet50, Temporal Convolutional Network (TCN), and a CTC objective function as the decoder. More importantly, the proposed architecture incorporates TCN as a feature learner to decode feature. It can partly eliminate the defects of RNN (LSTM, GRU) gradient disappearance and insufficient performance, and this yields notable performance improvement as well as faster convergence. Experiments show that the training and convergence speed are 50% faster than the state-of-the-art method, and improved accuracy by 2.4% on the GRID dataset.

Download Full-text

Analysis of Lipid Peroxidation by UPLC-MS/MS and Retinoprotective Effects of the Natural Polyphenol Pterostilbene

Antioxidants ◽

10.3390/antiox10020168 ◽

2021 ◽

Vol 10 (2) ◽

pp. 168

Author(s):

Isabel Torres-Cuevas ◽

Iván Millán ◽

Miguel Asensi ◽

Máximo Vento ◽

Camille Oger ◽

...

Keyword(s):

Lipid Peroxidation ◽

Diabetic Retinopathy ◽

Redox Homeostasis ◽

Ultra Performance Liquid Chromatography ◽

Protective Effects ◽

Diabetic Retina ◽

Key Factor ◽

Adrenic Acid ◽

Diabetic Rabbits ◽

High Level

The loss of redox homeostasis induced by hyperglycemia is an early sign and key factor in the development of diabetic retinopathy. Due to the high level of long-chain polyunsaturated fatty acids, diabetic retina is highly susceptible to lipid peroxidation, source of pathophysiological alterations in diabetic retinopathy. Previous studies have shown that pterostilbene, a natural antioxidant polyphenol, is an effective therapy against diabetic retinopathy development, although its protective effects on lipid peroxidation are not well known. Plasma, urine and retinas from diabetic rabbits, control and diabetic rabbits treated daily with pterostilbene were analyzed. Lipid peroxidation was evaluated through the determination of derivatives from arachidonic, adrenic and docosahexaenoic acids by ultra-performance liquid chromatography coupled with tandem mass spectrometry. Diabetes increased lipid peroxidation in retina, plasma and urine samples and pterostilbene treatment restored control values, showing its ability to prevent early and main alterations in the development of diabetic retinopathy. Through our study, we are able to propose the use of a derivative of adrenic acid, 17(RS)-10-epi-SC-Δ15-11-dihomo-IsoF, for the first time, as a suitable biomarker of diabetic retinopathy in plasmas or urine.

Download Full-text

Caged-electron States and Split-electron States in Endohedral Alkali C60

Physical Chemistry Chemical Physics ◽

10.1039/d1cp01341f ◽

2021 ◽

Author(s):

yifan yang ◽

Lorenz S Cederbaum

Keyword(s):

State Of The Art ◽

Electronic States ◽

Electron States ◽

The Common ◽

High Level

The low-lying electronic states of neutral X@C60(X=Li, Na, K, Rb) have been computed and analyzed by employing state-of-the-art high level many-electron methods. Apart from the common charge-separated states, well known...

Download Full-text