secure systems
Recently Published Documents


TOTAL DOCUMENTS

304
(FIVE YEARS 54)

H-INDEX

18
(FIVE YEARS 1)

2022 ◽  
Vol 6 (POPL) ◽  
pp. 1-30
Author(s):  
Matthew Kolosick ◽  
Shravan Narayan ◽  
Evan Johnson ◽  
Conrad Watt ◽  
Michael LeMay ◽  
...  

Software sandboxing or software-based fault isolation (SFI) is a lightweight approach to building secure systems out of untrusted components. Mozilla, for example, uses SFI to harden the Firefox browser by sandboxing third-party libraries, and companies like Fastly and Cloudflare use SFI to safely co-locate untrusted tenants on their edge clouds. While there have been significant efforts to optimize and verify SFI enforcement, context switching in SFI systems remains largely unexplored: almost all SFI systems use heavyweight transitions that are not only error-prone but incur significant performance overhead from saving, clearing, and restoring registers when context switching. We identify a set of zero-cost conditions that characterize when sandboxed code has sufficient structured to guarantee security via lightweight zero-cost transitions (simple function calls). We modify the Lucet Wasm compiler and its runtime to use zero-cost transitions, eliminating the undue performance tax on systems that rely on Lucet for sandboxing (e.g., we speed up image and font rendering in Firefox by up to 29.7% and 10% respectively). To remove the Lucet compiler and its correct implementation of the Wasm specification from the trusted computing base, we (1) develop a static binary verifier , VeriZero, which (in seconds) checks that binaries produced by Lucet satisfy our zero-cost conditions, and (2) prove the soundness of VeriZero by developing a logical relation that captures when a compiled Wasm function is semantically well-behaved with respect to our zero-cost conditions. Finally, we show that our model is useful beyond Wasm by describing a new, purpose-built SFI system, SegmentZero32, that uses x86 segmentation and LLVM with mostly off-the-shelf passes to enforce our zero-cost conditions; our prototype performs on-par with the state-of-the-art Native Client SFI system.


2021 ◽  
Vol 3 (2) ◽  
pp. 295-305
Author(s):  
Laksana Budiwiyono Lie ◽  
Prio Utomo ◽  
P.M. Winarno

As technology and digital applications increase in volume and complexity, organization is facing greater security risks in cyberspace more than ever before. However, organizational cybersecurity requires more than just the latest technology. All the technology available to secure systems will not keep an organization secure if the people in the organization make bad or unexpected decisions that open up the system to attackers. To secure an organization, all employees of the organization must act positively to reduce company risks from cyberattacks. All leaders have a main responsibility to understand and align with the entire organization with cybersecurity objectives. Leaders need to keep continue to invest in security technologies and also need practical solutions for dealing with the human error of cybersecurity. The conceptual paper presented in this paper describes cybersecurity culture, external influencing factors, and organizational mechanisms, the elements that contribute to each employee of the organization that having protection behaviour from cyberattacks.


Healthcare ◽  
2021 ◽  
Vol 9 (11) ◽  
pp. 1504
Author(s):  
Thiago Poleto ◽  
Victor Diogho Heuer de Carvalho ◽  
Ayara Letícia Bentes da Silva ◽  
Thárcylla Rebecca Negreiros Clemente ◽  
Maísa Mendonça Silva ◽  
...  

Hospital organizations have adopted telehealth systems to expand their services to a portion of the Brazilian population with limited access to healthcare, mainly due to the geographical distance between their communities and hospitals. The importance and usage of those services have recently increased due to the COVID-19 state-level mobility interventions. These services work with sensitive and confidential data that contain medical records, medication prescriptions, and results of diagnostic processes. Understanding how cybersecurity impacts the development of telehealth strategies is crucial for creating secure systems for daily operations. In the application reported in this article, the Fuzzy Cognitive Maps (FCMs) translated the complexity of cybersecurity in telehealth services into intelligible and objective results in an expert-based cognitive map. The tool also allowed the construction of scenarios simulating the possible implications caused by common factors that affect telehealth systems. FCMs provide a better understanding of cybersecurity strategies using expert knowledge and scenario analysis, enabling the maturation of cybersecurity in telehealth services.


Author(s):  
Chibuzor Udokwu ◽  
Patrick Brandtner ◽  
Alex Norta ◽  
Alexandr Kormiltsyn ◽  
Raimundas Matulevičius

AbstractInter-organizational collaboration is an important aspect of organizational operations. Traditional systems that support organizations in executing these collaborations are inefficient, not inter-operable and insecure. Novel functions provided by blockchain technology yields the potential for addressing problems that affect organizational collaborations by enabling tamper-proof, transparent, and secure systems for the exchange of information between organizations. Still, a proper approach for building blockchain-decentralized applications (DApps) that support inter-organizational collaborations is missing. The DAOM framework addresses this gap by providing a model-driven design approach for building DApps. This paper shows the development of the semantics of the DAOM framework, implementation of the support tool, and the evaluation of the DAOM framework and support tool. We conducted an evaluation to understand the usefulness of the DAOM framework in developing blockchain DApps and the effectiveness of the support tool in producing DAOM diagram models. The evaluation result shows that the framework is useful and applicable for developing DApps for inter-organizational collaborations. Furthermore, evaluation of the tool support shows that DApps can be modelled efficiently and correctly with the implemented enterprise-modelling software.


2021 ◽  
Author(s):  
Jose David Vega Sanchez ◽  
Luis Urquiza-Aguiar ◽  
Martha Cecilia Paredes Paredes ◽  
F. Javier Lopez-Martinez

Energies ◽  
2021 ◽  
Vol 14 (20) ◽  
pp. 6497
Author(s):  
Lizhen Ou ◽  
Peipei Chen ◽  
Xueshan Luo ◽  
Shuping Dang ◽  
Yuchen Sun

In this paper, the object of study is secure transmission and green energy transfer in full-duplex (FD) wireless-powered relay (WPR) secure systems, where an FD relay collects the power from radio-frequency signs and transmits the information in the face of multiple eavesdroppers. In order to improve the efficiency and safety of the contemporaneous wireless energy and information delivery, we propose a joint energy-signal- (ES-) aided secure beamforming and time-switch scheme under the self-power circulation protocol at the relay. The question formulated in this paper is to maximize the confidentiality rate according to energy restrictions at both the relay and energy receiver. As the question is non-salient and hard to resolve directly, we transform it into two sub-problems. For the first sub-problem, a two-level optimization technique is suggested to separately gain the optimal beamforming as well as the ES covariance. The extrinsic rank is a single-variable majorization question, which can be solved by single-dimensional (1D) examination. We attain an optimal solution to the inner level by a semi-definite relaxation (SDR) technique. For the second sub-problem, we again use 1D search to solve this problem. Moreover, we prove that SDR always exists as a level-1 optimal resolution. Mathematical outcomes show that the suggested plan can achieve a considerable gain of confidentiality rate by comparison with other benchmark plans.


Sensors ◽  
2021 ◽  
Vol 21 (17) ◽  
pp. 5898
Author(s):  
Patrícia R. Sousa ◽  
Luís Magalhães ◽  
João S. Resende ◽  
Rolando Martins ◽  
Luís Antunes

The increasing pervasiveness of the Internet of Things is resulting in a steady increase of cyberattacks in all of its facets. One of the most predominant attack vectors is related to its identity management, as it grants the ability to impersonate and circumvent current trust mechanisms. Given that identity is paramount to every security mechanism, such as authentication and access control, any vulnerable identity management mechanism undermines any attempt to build secure systems. While digital certificates are one of the most prevalent ways to establish identity and perform authentication, their provision at scale remains open. This provisioning process is usually an arduous task that encompasses device configuration, including identity and key provisioning. Human configuration errors are often the source of many security and privacy issues, so this task should be semi-autonomous to minimize erroneous configurations during this process. In this paper, we propose an identity management (IdM) and authentication method called YubiAuthIoT. The overall provisioning has an average runtime of 1137.8 ms ±65.11+δ. We integrate this method with the FIWARE platform, as a way to provision and authenticate IoT devices.


2021 ◽  
Vol 27 (8) ◽  
pp. 830-849
Author(s):  
Jürgen Dobaj ◽  
Damjan Ekert ◽  
Jakub Stolfa ◽  
Svatopluk Stolfa ◽  
Georg Macher ◽  
...  

Cybersecurity has become a crucial challenge in the automotive sector. At the current stage, the framework described by the ISO/SAE 21434 is insufficient to derive concrete methods for the design of secure automotive networked embedded systems on the supplier level. This article describes a case study with actionable steps for designing secure systems and systematically eliciting traceable cybersecurity requirements to address this gap. The case study is aligned with the ISO/SAE 21434 standard and can provide the basis for integrating cybersecurity engineering into company-specific processes and practice specifications.


2021 ◽  
Author(s):  
Michael Melone
Keyword(s):  

Sign in / Sign up

Export Citation Format

Share Document