Related papers: Aggregating and Deploying Network Access Control P…
Many companies and organizations use firewalls to control the access to their network infrastructure. Firewalls are network security components which provide means to filter traffic within corporate networks, as well as to police incoming…
Access control mechanisms have been adopted in many real-world systems to control resource sharing for the principals in the system. An error in the access control policy (misconfiguration) can easily cause severe data leakage and system…
During the development of the security subsystem of modern information systems, a problem of the joint implementation of several access control models arises quite often. Traditionally, a request for the user's access to resources is…
This thesis is concerned with distributed control and coordination of networks consisting of multiple, potentially mobile, agents. This is motivated mainly by the emergence of large scale networks characterized by the lack of centralized…
Evolving security vulnerabilities and shifting operational conditions require frequent updates to network security policies. These updates include adjustments to incident response procedures and modifications to access controls, among…
We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally…
The paper addresses aggregation issues for composite (modular) solutions. A systemic view point is suggested for various aggregation problems. Several solution structures are considered: sets, set morphologies, trees, etc. Mainly, the…
Wireless Sensor Networks (WSNs) rely on in-network aggregation for efficiency, however, this comes at a price: A single adversary can severely influence the outcome by contributing an arbitrary partial aggregate value. Secure in-network…
When providing bulk power system services, a third-party aggregator could inadvertently cause operational issues at the distribution level. We propose a coordination architecture in which an aggregator and distribution operator coordinate…
Much of our commerce and traveling depend on the efficient operation of large scale networks. Some of those, such as electric power grids, transportation systems, communication networks, and others, must maintain their efficiency even after…
Access control (AC) is the core of every architectural solution for information security. Indeed, no effective protection scheme can abstract from the careful design of access control policies, and infrastructures underlying modern…
Collaboration between small-scale wireless devices hinges on their ability to infer properties shared across multiple nearby nodes. Wireless-enabled mobile devices in particular create a highly dynamic environment not conducive to…
We consider the problem of steering a multi-agent system to multi-consensus, namely a regime where groups of agents agree on a given value which may be different from group to group. We first address the problem by using distributed…
Traditional products working independently are no longer sufficient, since threats are continually gaining in complexity, diversity and performance; In order to proactively block such threats we need more integrated information security…
Adaptive filters are at the core of many signal processing applications, ranging from acoustic noise supression to echo cancelation, array beamforming, channel equalization, to more recent sensor network applications in surveillance, target…
The use of IP filtering to improve system security is well established, and although limited in what it can achieve has proved to be efficient and effective. In the design of a security policy there is always a trade-off between usability…
Translating security intent into deployable network enforcement rules and maintaining their effectiveness despite evolving cyber threats remains a largely manual process in most Security Operations Centers (SOCs). In large and heterogeneous…
Robust access control is a cornerstone of secure software, systems, and networks. An access control mechanism is as effective as the policy it enforces. However, authoring effective policies that satisfy desired properties such as the…
Various strategies are available to construct iteratively a common fixed point of nonexpansive operators by activating only a block of operators at each iteration. In the more challenging class of composite fixed point problems involving…
In this paper, a simple network management architecture for supporting both QoS requirements and organization network management policies is purposed. By grouping the traffic flows according to the QoS requirements or certain network…