English
Related papers

Related papers: Security policies for distributed systems

200 papers

We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security…

Cryptography and Security · Computer Science 2014-03-06 Michael Hanspach , Jörg Keller

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus…

Software Engineering · Computer Science 2015-08-18 Andrea Margheri , Rosario Pugliese , Francesco Tiezzi

We may enforce an information flow policy by encrypting a protected resource and ensuring that only users authorized by the policy are able to decrypt the resource. In most schemes in the literature that use symmetric cryptographic…

Cryptography and Security · Computer Science 2016-08-31 Jason Crampton , Naomi Farley , Gregory Gutin , Mark Jones , Bertram Poettering

In workflows and business processes, there are often security requirements on both the data, i.e. confidentiality and integrity, and the process, e.g. separation of duty. Graphical notations exist for specifying both workflows and…

Cryptography and Security · Computer Science 2014-04-09 Thomas Bauereiss , Dieter Hutter

In this paper, we study a security problem of protecting secrets in distributed systems. Specifically, we employ discrete-event systems to describe the structure and behaviour of distributed systems, in which global secret information is…

Systems and Control · Electrical Eng. & Systems 2024-02-15 Shoma Matsui , Kai Cai , Karen Rudie

Hybrid systems are integrations of discrete computation and continuous physical evolution. The physical components of such systems introduce safety requirements, the achievement of which asks for the correct monitoring and control from the…

Logic in Computer Science · Computer Science 2014-03-28 Shuling Wang , Flemming Nielson , Hanne Riis Nielson

Distributed intrustion detection systems detect attacks on computer systems by analyzing data aggregated from distributed sources. The distributed nature of the data sources allows patterns in the data to be seen that might not be…

Cryptography and Security · Computer Science 2007-05-23 Michael Treaster

We introduce a class of distributed control policies for networks of discrete-time linear systems with polytopic additive disturbances. The objective is to restrict the network-level state and controls to user-specified polyhedral sets for…

Systems and Control · Computer Science 2017-09-29 Sadra Sadraddini , Calin Belta

Cyber Threat Intelligence (CTI) sharing is an important activity to reduce information asymmetries between attackers and defenders. However, this activity presents challenges due to the tension between data sharing and confidentiality, that…

A new logic for verification of security policies is proposed. The logic, HyperLTL, extends linear-time temporal logic (LTL) with connectives for explicit and simultaneous quantification over multiple execution paths, thereby enabling…

Logic in Computer Science · Computer Science 2013-07-10 Masoud Koleini , Michael R. Clarkson , Kristopher K. Micinski

Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared…

Cryptography and Security · Computer Science 2022-08-09 Tanmaya Mishra , Thidapat Chantem , Ryan Gerdes

Ensuring that information flowing through a network is secure from manipulation and eavesdropping by unauthorized parties is an important task for network administrators. Many cyber attacks rely on a lack of network-level information flow…

Networking and Internet Architecture · Computer Science 2020-09-22 Stefan Achleitner , Quinn Burke , Patrick McDaniel , Trent Jaeger , Thomas La Porta , Srikanth Krishnamurthy

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…

The simple security property in an information flow policy can be enforced by encrypting data objects and distributing an appropriate secret to each user. A user derives a suitable decryption key from the secret and publicly available…

Cryptography and Security · Computer Science 2015-05-01 Jason Crampton , Naomi Farley , Gregory Gutin , Mark Jones

As networks expand in size and complexity, they pose greater administrative and management challenges. Software Defined Networks (SDN) offer a promising approach to meeting some of these challenges. In this paper, we propose a policy driven…

Cryptography and Security · Computer Science 2018-06-07 Vijay Varadharajan , Kallol Karmakar , Uday Tupakula , Michael Hitchens

Noninterference offers a rigorous end-to-end guarantee for secure propagation of information. However, real-world systems almost always involve security requirements that change during program execution, making noninterference inapplicable.…

Cryptography and Security · Computer Science 2021-09-17 Peixuan Li , Danfeng Zhang

Information flow control type systems statically restrict the propagation of sensitive data to ensure end-to-end confidentiality. The property to be shown is noninterference, asserting that an attacker cannot infer any secrets from made…

Programming Languages · Computer Science 2021-04-30 Farzaneh Derakhshan , Stephanie Balzer , Limin Jia

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

This work presents insights gained by investigating the relationship between algorithmic fairness and the concept of secure information flow. The problem of enforcing secure information flow is well-studied in the context of information…

Cryptography and Security · Computer Science 2025-09-03 Samuel Teuber , Bernhard Beckert

Improvements in software defined networking allow for policy to be informed and modified by data-driven applications that can adjust policy to accommodate fluctuating requirements at line speed. However, there is some concern that…

Cryptography and Security · Computer Science 2026-01-27 Yi Lyu , Shichun Yu , Joe Catudal