1,721,014 research outputs found
Identifying Critical Components During Information Security Evaluations
No full textElectronic communications devices intended for government or military applications must be rigorously evaluated to ensure that they maintain data confidentiality. High-grade information security evaluations require a detailed analysis of the device’s design, to determine how it achieves necessary security functions. In practice, such evaluations are labour-intensive and costly, so there is a strong incentive to find ways to make the process more efficient. In this paper we show how well-known concepts from graph theory can be applied to a device’s design to optimise information security evaluations. In particular, we use end-to-end graph traversals to eliminate components that do not need to be evaluated at all, and minimal cutsets to identify the smallest group of components that needs to be evaluated in depth
Fault evaluation for security-critical communications devices
No full textComputer communications devices intended for government or military applications must be carefully evaluated to ensure that they maintain data confidentiality even in the presence of component failures. Of particular concern is the need to identify so-called silent and complicit failures. In this article we present a structured technique for evaluating a device's logical design and physical construction to reveal potential fault modes. The approach combines information flow and risk analysis techniques to produce a thorough and transparent security argument
Information flow analysis for fail-secure devices
No full textInformation security devices must preserve security properties even in the presence of faults. This in turn requires a rigorous evaluation of the system behaviours resulting from component failures, especially how such failures affect information flow. We introduce a compositional method of static analysis for fail-secure behaviour. Our method uses reachability matrices to identify potentially undesirable information flows based on the fault modes of the system's components
Reconstruction of falsified computer logs for digital forensics investigations
No full textDigital forensics investigations aim to find evidence that helps confirm or disprove a hypothesis about an alleged computer-based crime. However, the ease with which computer-literate criminals can falsify computer event logs makes the prosecutor's job highly challenging. Given a log which is suspected to have been falsified or tampered with, a prosecutor is obliged to provide a convincing explanation for how the log may have been created. Here we focus on\ud
showing how a suspect computer event log can be transformed into a hypothesised actual sequence of events, consistent with independent, trusted sources of event orderings. We present two algorithms which allow the effort involved in falsifying logs to be quantified, as a function of the number of `moves' required to transform the suspect\ud
log into the hypothesised one, thus allowing a prosecutor to assess the likelihood of a particular falsification scenario. The first algorithm always produces an optimal solution but, for reasons of efficiency, is suitable for short event logs only. To deal with the massive amount of data typically found in computer event logs, we also\ud
present a second heuristic algorithm which is considerably more efficient but may not always generate an optimal outcome
Data flow analysis of embedded program expressions
No full textData flow analysis techniques can be used to help assess threats to data confidentiality and integrity in security critical program code. However, a fundamental weakness of static analysis techniques is that they overestimate the ways in which data may propagate at run time. Discounting large numbers of these false-positive data flow paths wastes an information security evaluator's time and effort. Here we show how to automatically eliminate some false-positive data flow paths by precisely modelling how classified data is blocked by certain expressions in embedded C code. We present a library of detailed data flow models of individual expression elements and an algorithm for introducing these components into conventional data flow graphs. The resulting models can be used to accurately trace byte-level or even bit-level data flow through expressions that are normally treated as atomic. This allows us to identify expressions that safely downgrade their classified inputs and thereby eliminate false-positive data flow paths from the security evaluation process. To validate the approach we have implemented and tested it in an existing data flow analysis toolkit
Tracing secure information flow through mode changes
No full textCommunications devices intended for use in security-critical applications must be rigorously evaluated to ensure they preserve data confidentiality. This process includes tracing the flow of classified information through the device's circuitry. Previous work has shown how this can be done using graph analysis techniques for each of the device's distinct operating modes. However, such analyses overlook potential information flow between modes, via components that store information in one mode and release it in another. Here we show how\ud
graph-based analyses can be extended to allow for information flow through sequences of consecutive modes
QoS-oriented resource allocation and scheduling of multiple composite Web services in a hybrid cloud using a random-key genetic algorithm
No full textIn cloud computing resource allocation and scheduling of multiple composite web services is an important challenge. This is especially so in a hybrid cloud where there may be some free resources available from private clouds but some fee-paying resources from public clouds. Meeting this challenge involves two classical computational problems. One is assigning resources to each of the tasks in the composite web service. The other is scheduling the allocated\ud
resources when each resource may be used by more than one task and may be needed at different points of time. In addition, we must consider Quality-of-Service issues, such as execution time and running costs. Existing approaches to\ud
resource allocation and scheduling in public clouds and grid computing are not applicable to this new problem. This paper presents a random-key genetic algorithm that solves new resource allocation and scheduling problem. Experimental\ud
results demonstrate the effectiveness and scalability of the algorithm
Combining unsupervised and invigilated assessment of introductory programming
No full textWe compared student performance on large-scale take-home assignments and small-scale invigilated tests that require competency with exactly the same programming concepts. The purpose of the tests, which were carried out soon after the take home assignments were submitted, was to validate the students' assignments as individual work.\ud
\ud
We found widespread discrepancies between the marks achieved by students between the two types of tasks. Many students were able to achieve a much higher grade on the take-home assignments than the invigilated tests. We conclude that these paired assessments are an effective way to quickly identify students who are still struggling with programming concepts that we might otherwise assume they understand, given their ability to complete similar, yet more complicated, tasks in their own time. We classify these students as not yet being at the neo-Piagetian stage of concrete operational reasoning
Performance Evaluation of IEEE 802.11 Wireless Networks for Real-time Networked Control Systems
No full textIn real-time networked control systems (NCSs), a controller interacts with sensors and\ud
actuators via a communications network. Wireless networks are being increasingly proposed as a basis for NCS implementation, but they introduce unpredictable transmission latencies\ud
and potential packet dropouts. This paper aims to evaluate the performance of wireless transmissions for real-time applications using the IEEE 802.11b protocol and to propose strategies for reduction of communication time delays. For sensors with the same data rate, our results show that careful choice of transmission intervals and avoiding putting all sensors in one physical layer can improve transmission performance. If sensors have\ud
different data rates our investigation shows that putting the slowest sensors farthest from the controller will minimize the transmission delays and jitter, especially when there is a large number of sensors
- …
