|
Abstracts
Employing an extended transaction model in multilevel secure transaction
processing
MSIS Department and CIMIC
Rutgers University
Newark, NJ 07012
atluri@andromeda.rutgers.edu
Ravi Mukkamala
Department of Computer Science
Old Dominion University
Norfolk, VA 23529
mukka@cs.odu.edu
Keywords: Multilevel Security, Transaction Processing, Advanced Transaction Model
Multilevel secure transaction processing has been well explored in the past decade. Despite this research,
the proposed secure concurrency control protocols are not completely satisfactory because of the stringent
constraints imposed by multilevel security. In this paper, we argue that modeling a transaction as an
extended transaction model could significantly reduce the performance penalty. We accomplish this by
minimizing (1) the probability of restarting a high security level transaction; and (2) the portion of the
transaction to be reexecuted, when a restart becomes inevitable. In particular, we exploit the non-flat nature
of transactions by identifying dependencies among various components of a transaction and portraying
a transaction as an advanced transaction model. We demonstrate, via formal proofs, that our approach
preserves the semantics of the transaction, and our concurrency control algorithm guarantees
serializability.
Maintaining Integrity within Mobile Self Protecting Objects
Wesley Brandi and Martin Olivier
Department of Computer Science, Rand Afrikaans University
PO Box 524, Auckland Park, Johannesburg, 2006 South Africa
wb@eclab.rau.ac.za, molivier@rkw.rau.ac.za
Keywords: Mobile self protecting object, federated database, integrity, security
Combining World Wide Web and wireless security
This paper examines the integrity issues involved when a Self Protecting Object (SPO) is moved to a site
in a federated database which will eventually disconnect and become unreachable for some time. The
SPO model guarantees that the custom security policy of a site participating in a federated database will
be implemented and respected when the object it shares is accessed by others in the federated database,
regardless of the object’s location. We introduce the Mobile Self Protecting Object (MSPO) and propose an architecture within which it
will operate. Having looked at integrity issues which may arise we propose a way in which to maintain
integrity within Mobile Self Protecting Objects. In particular, we propose a way in which to deal with
mobile transactions which require authorisation. We discuss how MPSOs can be updated whilst in a
mobile environment as well as how to ensure an MSPO has maintained its integrity upon re-entering the
federated database from a mobile site.
Joris Claessens, Bart Preneel and Joos Vandewalle
COmputer Security and Industrial Cryptography (COSIC)
Dept. of Electrical Engineering – ESAT, Katholieke Universiteit Leuven, Belgium
http://www.esat.kuleuven.ac.be/cosic/
joris.claessens@esat.kuleuven.ac.be
Keywords: WWW security, wireless security, m-commerce
XML access control systems: a component-based approach
In current electronic commerce systems, customers have an on-line interaction with merchants via a
browser on their personal computer. Also payment is done electronically via the Internet, mostly with
a credit card. In parallel to this, e-services via wireless-only systems are emerging. This paper identifies
security and functionality weaknesses in both of these current approaches. The paper discusses why and
how general-purpose mobile devices could be used as an extension to PC based systems, to provide more
security and functionality. General-purpose mobile devices are shown to be an alternative to costly
special-purpose hardware. This combined approach has in many cases more interesting properties than when using
mobile devices only. As an example of the combined approach, a GSM based electronic payment system
is proposed and investigated. The system enables users to order goods through the World Wide Web and
pay by using their mobile phone.
Ernesto Damiani and Pierangela Samarati
Universita di Milano,
Dipartimento di Tecnologie dell’Informazione, 26013 Crema - Italy
Sabrina De Capitani di Vimercati
Universita di Brescia,
Dipartimento di Elettronica per l’Automazione, 25123 Brescia - Italy
Stefano Paraboschi
Politecnico di Milano,
Dipartimento di Elettronica e Informazione, 20133 Milano - Italy
Keywords: component-based system, XML, access control
We recently proposed an access control model for XML information that permits the definition of
au-thorizations at a fine granularity. We here describe the design and implementation of an Access Control
Processor based on the above-mentioned model. We also present the major issues arising when integrating
it into the framework of a component-based Web server system.
How aspect-oriented programming can help to build secure software
Bart De Win, Bart Vanhaute and Bart De Decker
Departement of Computerscience, K.U.Leuven
Celestijnenlaan 200A, B-3001 Leuven, Belgium
{bartd,bartvh,bart}@cs.kuleuven.ac.be
Keywords: aspect-oriented programming, security, separation of concerns
Problems in practical use of electronic signatures
Since many applications are too complex to be designed in a straightforward way, mechanisms are being
developed to deal with different concerns separately. An interesting case of this separation is security. The
implementation of security mechanisms often interacts or even interferes with the core functionality of the
application. This results in tangled, unmanageable code with a higher risk of security bugs.
Aspect-oriented programming promises to tackle this problem by offering several abstractions that help
to reason about and specify the concerns one at a time. In this paper we make use of this approach to
introduce security into an application. By means of the example of access control, we investigate how
well the state of the art in aspect-oriented programming can deal with separating security concerns from
an application. We also discuss the benefits and drawbacks of this approach, and how it relates to similar
techniques.
Jaroslav Janácek and Richard Ostertág
Department of Computer Science,
Faculty of Mathematics, Physics and Informatics, Comenius University,
Mlynská dolina, 842 48 Bratislava, Slovak Republic
{janacek,ostertag}@dcs.fmph.uniba.sk
Keywords: electronic signature, digital signature, key management, price vs. security
The boom of electronic commerce requires existence and use of reliable means of authentication of
com-municating parties. We need an analogy of hand–written signature that can be applied to electronic
doc-uments. We shall call such a concept an electronic signature. There is a current trend to make electronic
signatures meeting some requirements equal to hand-written signatures. This makes it a very powerful
tool but, on the other hand, there are some sensitive security issues that have to be discussed and that the
potential users should be aware of. In this article we would like to point out some of these issues and especially those that all electronic
signature users are affected by. We have to say, it is very unwise to use a software only implementation
on a non-dedicated hardware to create electronic signatures if the responsibility for such signature is not
limited. Using a hardware cryptographic module that is incapable of displaying the data to be signed may
still be unsatisfactory. Using a module without an independent input for authorization data does not help
much, a module with an independent input is significantly better but the danger is still far from negligible.
Using a dedicated system to create electronic signatures can solve many of the problems. On the other
hand, it is the most expensive solution considered. We will describe a solution that is both relatively cheap
and reasonably secure. We also suggest some affordable key management solutions.
An active networks security architecture
Arso Savanovi c, Dušan Gabrijelcic, and Borka Jerman Blažic
Jozef Stefan Institute, Jamova 39, 1000 Ljubljana, Slovenia
(arsojdusanjborka)@e5.ijs.si
AND Stamatis Karnouskos
Frauenhofer FOKUS, Kaiserin-Augusta-Alee 31, 10589 Berlin, Germany
karnouskos@fokus.fhg.de
Keywords: active networks, security architecture, FAIN
Active networks allow user-controlled network programmability. A security framework has to assure that
our infrastructure will behave as expected and will efficiently deal with malicious attacks, unathorized
attempts to execute active code etc. We present here a security architecture that is designed within the
FAIN project and aims at supporting multiple heterogeneous execution environments. We argue for the
pros and cons as well as why we have selected the specific components and also take a look at their
interworking in order to provide the security services to the execution environments our active network
node hosts.
Software engineering: configuration languages
Ayaz Isazadeh
Department of Computer Science, Tabriz University, Tabriz, Iran
Phone: +98 411 334 4015, Fax: +98 411 334 2102
E-mail: isazadeh@tabrizu.ac.ir
Keywords: Configurable distributed systems, Configuration languages, Software architecture, Software configuration,Software integration
Distributed software systems are playing increasingly important roles in the world of software
engineer-ing. Software systems are becoming larger and large-scale systems are naturally distributed. In the spirit
of software "re-use" and software "evolution", "configurable distributed systems" are becoming the center
of attention. A number of researchers have developed "configuration management systems" and
"config-uration languages" for describing, constructing, and managing configurable distributed systems. I believe
that a pause is in order, at this point, to analyze and review the current state of the research in this area.
Data protection for outsourced data mining
This paper presents a set of features and requirements expected from a configuration language and reviews
some of the existing configuration languages. Specifically, the configuration languages of Conic and its
successors, Polylith, LOTOS as a configuration language, Raven, MetaH, Durra, and Argus are reviewed.
The paper establishes a basis for the review by proposing a list of requirements, reviews the languages on
the basis of these requirements, and concludes with a summary and some final remarks.
Boštjan Brumen, Izidor Golob, Tatjana Welzer and Ivan Rozman
University of Maribor, Faculty of Electrical Engineering and Computer Science
Smetanova 17, Si-2000 Maribor, Slovenia
{bostjan.brumen | izidor.golob | welzer | i.rozman}@uni-mb.si
AND
Marjan Družovec
University of Maribor, Faculty of Mechanical Engineering
Smetanova 17, Si-2000 Maribor, Slovenia
marjan.druzovec@uni-mb.si
AND
Hannu Jaakkola
Tampere University of Technology, Pori School of Technology and Economics
PO BOX 300, Fi-28101 Pori, Finland
hj@pori.tut.fi
Keywords: data protection, data mining, outsourcing
In the paper, we present data mining from the data protection point of view. In many cases, the companies have a lack of expertise in data mining and are required to get help from outside. In this case the data leave the organization and need to be protected
against misuse, both legally and technically. In the paper a formal framework for protecting the data that leave the organization’s boundary is presented. The data and the data structure are modified so that data modeling process can still take place and the
results can be obtained, but the data content itself is hard to reveal. Once the data mining results are returned, the inverse process discloses the meaning of the model to the data owners. The approach is especially useful for model-based data mining.
Trojan horse attacks on software for electronic signatures
Adrian Spalka, Armin B. Cremers and Hanno Langweg
Department of Computer Science III, University of Bonn
Roemerstrasse 164, D-53117 Bonn, Germany
Fax: +49-228-734 382, Email: adrian@cs.uni-bonn.de
Keywords: Trojan Horses, Electronic Signatures, Security of COTS Software
Electronic signatures are introduced by more and more countries as legally binding means for signing electronic documents with the primary hope of boosting e-commerce and e-government. Given that the underlying cryptographic methods are sufficiently strong, attacks by Trojan horse programs on electronic signatures are becoming increasingly popular. Most of the current systems either employ costly or inflexible – yet still inadequate – defence mechanisms or simply ignore the threat. A signatory has to trust the manufacturer of the software that it will work in the intended way. In the past, Trojan horse programs have shown to be of growing concern for end-user computers. Software for electronic signatures must provide protection against Trojan horses attacking the legally relevant signing process. In a survey of commercial of the shelf signature software programs we found severe vulnerabilities that can easily be exploited by an attacker. In this work we propose a secure electronic paper as a counter-measure. It is a collection of preventive and restorative methods that provides, in parallel to traditional signatures on paper, a high degree of protection of the system against untrustworthy programs. We focus our attention on Microsoft Windows NT and Windows 98, two operating systems most likely to be found on the customers' computers. The resulting system is an assembly of a small number of inexpensive building blocks that offers reliable protection against Trojan horse programs attempting to forge electronic signatures.
Efficient methods for checking integrity: a structured spreadsheet engineering
methodology
.
Kamalasen Rajalingham, David Chadwick
and Brian Knight
University of Greenwich
School of Computing and Mathematical Sciences
30 Park Row, Greenwich, London SE10 9LS, United Kingdom
K.Rajalingham@wmin.ac.uk
http://www.kamalasen.com/spreadsheets.html
Keywords: Configurable distributed systems, Configuration languages, Software architecture, Software configuration,Software integration
This paper describes an approach to the provision of a
Structured Spreadsheet Engineering Methodology. The proposed methodology is
mainly based on the classical systems development life cycle, structured methods
and software engineering principles. It addresses the widespread problem of
spreadsheet errors and is an extension to published work by Chadwick-97,
Rajalingham-98, Rajalingham-99, Rajalingham-99a, Rajalingham-00,
Rajalingham-00a, Rajalingham-00b and Rajalingham-01. This methodology also helps
in training users in the process of spreadsheet building. Although there are
variations of the life cycle for systems development, they are fundamentally
similar to each other. The proposed Structured Spreadsheet Engineering
Methodology is primarily based on the systems development life cycle described
by Aktas-85, Jackson structures (Jackson-75) and approaches recommended by other
authors. Numerous approaches are incorporated into this framework, making it a
highly integrated and structured methodology for spreadsheet design and
development. Apart from the concepts and principles borrowed from the above
methods, the methodology also contains new developments in the research into
integrity control of spreadsheet models.
Implementing information integrity technology – a feedback
control system approach
Vijay V. Mandke
Center for Information Integrity Research
Unitech Systems (I) Pvt. Ltd.,
B-64 (First Floor), Gulmohar Park , New Delhi-110049, INDIA
E-mail: vijaymandke@satyam.net.in
AND
Madhavan K. Nayar
Unitech Systems, Inc.
1240 E. Diehl Road, Suite 300, Naperville, Illinois 60563, USA.
E-mail: mnayar@unitechsys.com
Keywords: integrity technology, feedback approach, control system, usefulness-usability-integrity paradigm, cost- benefit analysis, decision process, integrity attributes, integrity quantifiers, integrity profile, integrity index
The paper begins with the question of a structure for integrity objective based on information Usefulness-Usability-Integrity paradigm suggesting criticality of Information Integrity for competitive advantage. If integrity researchers find it difficult to convince business managers of this criticality, it is because of want of a construct of an economic framework for Information Integrity. Thus the paper outlines an approach to cost-benefit analysis of Information Integrity to decide analytically on investing for improved, optimal integrity. This calls for quantifying intrinsic integrity attributes of accuracy, consistency and reliability. Towards this, the paper discusses the choice of information model for integrity improvement, followed by alternatives for quantification of integrity attributes and development of integrity profile and cumulative information integrity index as a means for demonstrating integrity improvement. This is followed by presentation of information integrity technology implementation steps within the framework of feedback control system approach. Finally, the paper details components of a platform to facilitate developing thus emerging information integrity technology as a software product.
Securing Web-based Information Systems: A Model and Implementation Guidelines
C. Margaritis, N. Kolokotronis, P. Papadopoulou and D. Martakos
Department of Informatics and Telecommunications,
National and Kapodistrian University of Athens,
University Campus, 157 71 Athens, Greece
Tel: +3017275225, Fax: +3017275214
h_margar@cc.uoa.gr, {nkolok,peggy,martakos@di.uoa.gr}
AND
P. Kanellis Andersen
377 Syngrou Ave., 175 64 Athens, Greece
Tel: +3019470275, Fax: +3019425681
panagiotis.kanellis@gr.andersen.com
Keywords: Information Security Strategy, Security Semantics, Web, Systems Development
The decentralised nature of web-based information systems demands a careful evaluation of the pantheon of security issues in order to avoid the potential occurrence of business risks that could not be easily mitigated. This paper presents an integrated approach based on a rigorous multi-level and multi-dimensional model based on the realization that information security is not merely a technical solution implemented at each one of the endpoints of the inter-organizational application. Through synthesis and aiming to contribute towards implementing the most effective security strategy possible, the approach has as a starting point the overall business goals and objectives. Based on those it aids the development of a strategy from the lower levels of securing data in storage and transition to the higher levels of business processes. Its use and applicability is demonstrated over `Billing Mall' – a system for Electronic Bill Presentment and Payment.