| 1. |
- Alam, Quratulain, et al.
(author)
-
Formal Verification of the xDAuth Protocol
- 2016
-
In: IEEE Transactions on Information Forensics and Security. - 1556-6013 .- 1556-6021. ; 11:9, s. 1956-1969
-
Journal article (peer-reviewed)abstract
- Service Oriented Architecture (SOA) offers a flexible paradigm for information flow among collaborating organizations. As information moves out of an organization boundary, various security concerns may arise, such as confidentiality, integrity, and authenticity that needs to be addressed. Moreover, verifying the correctness of the communication protocol is also an important factor. This paper focuses on the formal verification of the xDAuth protocol, which is one of the prominent protocols for identity management in cross domain scenarios. We have modeled the information flow of xDAuth protocol using High Level Petri Nets (HLPN) to understand protocol information flow in a distributed environment. We analyze the rules of information flow using Z language while Z3 SMT solver is used for verification of the model. Our formal analysis and verification results reveal the fact that the protocol fulfills its intended purpose and provides the security for the defined protocol specific properties, e.g. secure secret key authentication, Chinese wall security policy and secrecy specific properties, e.g. confidentiality, integrity, authenticity.
|
|
| 2. |
- Khan, Tanveer, et al.
(author)
-
Towards augmented proactive cyberthreat intelligence
- 2019
-
In: Journal of Parallel and Distributed Computing. - : Elsevier BV. - 0743-7315 .- 1096-0848. ; 124, s. 47-59
-
Journal article (peer-reviewed)abstract
- In cyber crimes, attackers are becoming more inventive with their exploits and use more sophisticated techniques to bypass the deployed security system. These attacks are targeted and are commonly referred as Advanced Persistent Threats (APTs). The currently available techniques to tackle these attacks are mostly reactive and signature based. Security Information and Event Management (SIEM), a proactive approach is the best solution. However, the major problem with SIEM is tackling huge amount of data in real time that makes it a time consuming and tedious task for security analyst. The use of threat intelligence caters to such issue by prioritizing the level of threat. In this paper, we assign risk score and confidence value to each feed generated at our product “T-Eye platform”. On the basis of these values, we assign a severity score to each feed type. Severity score assigns a level to the threat means prioritize the threat. The results, we achieved for prioritizing the threat is more apparent and accurate. In addition, we optimize the rules of IBM-Q-Radar by using threat feeds generated at T-Eye platform. Furthermore, a huge amount of false positive alarms generated at IBM Q-Radar is reduced to a certain extent.
|
|
