| 1. |
|
|
| 2. |
|
|
| 3. |
- Bonatti, Piero, et al.
(author)
-
Semantic Web Policies -- A Discussion of Requirements and Research Issues
- 2006
-
In: European Semantic Web Conference,2006. - Springer : Springer. ; , s. 712-724
-
Conference paper (peer-reviewed)abstract
- Policies are pervasive in web applications. They play crucial roles in enhancing security, privacy and usability of distributed services. There has been extensive research in the area, including the Semantic Web community, but several aspects still exist that prevent policy frameworks from widespread adoption and real world application. This paper discusses important requirements and open research issues in this context, focusing on policies in general and their integration into trust management frameworks, as well as on approaches to increase system cooperation, usability and user-awareness of policy issues.
|
|
| 4. |
- Bonatti, Piero, et al.
(author)
-
The REWERSE View on Policies
- 2005
-
In: Semantic Web and Policy Workshop,2005. - Proceedings of the Semantic Web and Policy Workshop : UMBC eBiquity. ; , s. 21-
-
Conference paper (peer-reviewed)
|
|
| 5. |
- Byers, David, 1971-, et al.
(author)
-
Modeling Software Vulnerabilities with Vulnerability Cause Graphs
- 2006
-
In: 2006 22nd IEEE International Conference on Software Maintenance. - : IEEE. - 0769523544 ; , s. 411-422
-
Conference paper (peer-reviewed)abstract
- When vulnerabilities are discovered in software, which often happens after deployment, they must be addressed as part of ongoing software maintenance. A mature software development organization should analyze vulnerabilities in order to determine how they, and similar vulnerabilities, can be prevented in the future. In this paper we present a structured method for analyzing and documenting the causes of software vulnerabilities. Applied during software maintenance, the method generates the information needed for improving the software development process, to prevent similar vulnerabilities in future releases. Our approach is based on vulnerability cause graphs, a structured representation of causes of software vulnerabilities
|
|
| 6. |
- Duma, Claudiu, et al.
(author)
-
A flexible category-based collusion-resistant key management scheme for multicast
- 2003
-
In: Security and privacy in the age of uncertainty. - Boston, MA : Kluwer Academic Publishers. - 9781475764895 - 9780387356914 ; , s. 133-144
-
Conference paper (peer-reviewed)abstract
- Current key management schemes for multicast provide either no resistance to collusion or perfect resistance to collusion. However, resistance to collusion is achieved at the expense of efficiency in terms of the number of transmissions and the number of keys that are used. We argue that applications may have certain assumptions regarding the users and their access to the multicast channel that may be used to provide a broader range of choices for balancing efficiency against resistance to collusion.We formalize the collusion requirement based upon the users' access to the multicast channel. Different user categorizations give different degrees of collusion resistance and we show that the existing work has focused on special cases of user categorizations. Further, we go on to propose and evaluate a flexible key management strategy for the general case where the accessibility relation defines the order of exclusion of the categories. The theoretical and experimental results show that our scheme has good performance regarding transmissions and keys per controller.
|
|
| 7. |
- Duma, Claudiu, et al.
(author)
-
A hybrid key tree scheme for multicast to balance security and efficiency requirement
- 2003
-
In: Proceedings of the Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE '03). - : Institute of Electrical and Electronics Engineers (IEEE). - 0769519636 ; , s. 208-213
-
Conference paper (peer-reviewed)abstract
- Security and efficiency of rekeying are crucial requirements for multicast key management. However, the two requirements pull in different directions and balancing them to meet the application needs is still an open issue. In this paper we introduce a hybrid key tree scheme to balance security, namely the resistance to collusion, and the efficiency. The resistance to collusion is measured by an integer parameter. The communication and the storage requirements for the controller depend on this parameter too, and they decrease as the resistance to collusion is relaxed. We analytically evaluate the efficiency of our scheme and compare with the previous work. The results show that our scheme allows a fine-tuning of security requirements versus efficiency requirements at run-time, which is not possible with the previous key management schemes.
|
|
| 8. |
|
|
| 9. |
- Duma, Claudiu, et al.
(author)
-
A trust aware peer-to-peer based overlay architecture for intrusion detection
-
Other publication (other academic/artistic)abstract
- Traditional intrusion detection systems (IDS) are centralized and focused on protecting well bounded network regions. In contrast, current Internet attacks are highly distributed, spanning very large and dispersed regions of the Internet. This renders the deployed intrusion detection approaches inferior and limited in comparison to the attackers' capabilities. In this paper we propose a novel trust-aware peer-to-peer (P2P) based Overlay IDS architecture which is able tocoordinate and concert the detection capabilities of individual and formerly isolated IDSs, thereby increasing the overall effectiveness againstcurrent Internet attacks. The Overlay lDS is fully decentralized, thus avoiding the single point of failure problem characteristic to many other distributed lDS solutions. Moreover, we design an adaptive trust management mechanism which makes the Overlay IDS resilient to possible malicious peers infiltrating the overlay network. We have implemented our proposed Overlay lDS using JXTA P2P framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. As indicated by the evaluationresults, the use of our Overlay IDS significantly increases the overall survival rate of the network.
|
|
| 10. |
- Duma, Claudiu, 1973-, et al.
(author)
-
Dynamic trust metrics for peer-to-peer systems
- 2005
-
In: Proceedings of the Sixteenth International Workshop on Database and Expert Systems Applications, 2005. - Los Alamitos, CA, USA : IEEE Computer Society. - 0769524249 ; , s. 776-781
-
Conference paper (peer-reviewed)abstract
- One of the fundamental challenges for peer-to-peer (P2P) systems is the ability to manage risks involved in interacting and collaborating with priorly unknown and potentially malicious parties. Reputation-based trust management can mitigate this risk by deriving the trustworthiness of a certain peer from that peer's behavior history. However, the existing reputation systems do not provide an adequate reaction to quick changes in peers' behavior, raising serious concerns regarding their effectiveness in coping with dynamic malicious peers.In this paper we investigate the requirements on the dynamics of trust in P2P systems and propose a versatile trust metric which satisfies these requirements. In particular, our proposed metric is able to detect and penalize both the sudden changes in peers' behavior and their potential oscillatory malicious behavior. Moreover, our metric is flexible and allows the implementation of different types of trust dynamics. We evaluate our metric through simulation and show its unique features and advantages over the existing metrics.
|
|
