This dissertation work started with the desire to solve the distributed authorization problems in... more This dissertation work started with the desire to solve the distributed authorization problems in open and large computer networks. During the initial investigation, we learned that by using certificate technologies, authorization localization could be achieved. However, research on these technologies is mostly focused on delegation algorithms. More fundamental issues such as authorization policy generation need to be explored and systematic approaches need to be incorporated with the current technologies in order to establish a complete prevention mechanism for the purpose. During our further research, we noticed that logic programming is a useful tool for implementing authorization policies. The logic system can play dual roles including knowledge representation as well as the high level specification of a secure authorization system. Although logic programming and knowledge representation have been developed for more than twenty years, their logic and languages still cannot fully support our authorization representation and reasoning. Therefore we developed an authorization logic model based on division of authorization domain to explain authorization policy behaviors. In addition, by extending the general software engineering approach, including formal specification, verification, testing, and measurement, we established a policy engineering approach suitable for generating authorization policies with logic programming system. Finally, we have built CBASS as a test bed to experiment on policy separation and integration issues. Solutions to associate authorization policies and credentials with each programs or files, and techniques to build interfaces in the programs to connect the separated policy systems and application or system software was developed. The theory and experiments that have been presented and demonstrated may be used to direct the development of distributed authorization systems, particularly their policies which are the core of the entire distributed and networked computer systems in the future.
Problem statement: As group key management extended into the area of large dynamic networks, comp... more Problem statement: As group key management extended into the area of large dynamic networks, complex issues emerged involving the many operations that run over several network topologies. The issues that occurred due to multiple topologies were also compounded by differing views of the network, taken at different time slices or positions within the network. This was especially complex when figuring in mobile, ad-hoc networks. View synchrony is the current operational technique, or assumption, applied to group key exchange protocols. However, before this analysis view synchrony was just that, an assumption and the literature for group key exchange lacked an inquiry into what could happen when view synchrony was removed. Current group key management protocols rely on view synchrony and yet all protocols vary in requisite operational descriptions and performance measures. In this study, a framework for group key management protocol operations and performance measures was defined and examined how that framework could be used to compare and contrast existing protocols with and, more importantly, without view synchrony. Approach: Current literature lacked categories by which to quantify the performance metric of the protocols. This study first defined the dynamic key operations that all protocols share. By these definitions, group key management protocols were directly compared. Once definitions existed, this study assembled a list of costs that every protocol requires to establish and share keys across the dynamic group. These results provided an understanding of view synchrony's role and whether or not it should be solely relied on in these current protocols. Results: The prior conclusion that view synchrony was an integral part of all group key management protocols was shattered, when seen through the lens of communication costs and assumptions in wireless ad-hoc networks. View synchrony, as an assumed part of all group key management was previously inconsistently portrayed. The ability to see this before did not exist because a framework upon which to evaluate the costs did not exist. Now, literature can proceed with clearly defined understandings of what values exist in group key management protocols. Conclusion/Recommendations: Better communication in group key management will be a benefit to the entire field. Now that costs can be analyzed, procedure and security can be improved and protocols can be implemented for wireless ad-hoc networks. In addition, it led two authors of this study to create a new protocol, DTEGK, to maximize the most efficient communication, as view synchrony was hindering the effectiveness of previous protocols. Without the hindrance of view synchrony and a quantitative list of defined communication costs, protocols can also now be extended into the wireless, ad-hoc realm of group key management.
Using Government drawings, specifications, or other data included in this document for any purpos... more Using Government drawings, specifications, or other data included in this document for any purpose other than Government procurement does not in any way obligate the U.S. Government. The fact that the Government formulated or supplied the drawings, specifications, or other data does not license the holder or any other person or corporation; or convey any rights or permission to manufacture, use, or sell any patented invention that may relate to them. This report was cleared for public release by the 88 th ABW, Wright-Patterson AFB Public Affairs Office and is available to the general public, including foreign nationals. Copies may be obtained from the Defense Technical Information Center (DTIC) (http://www.dtic.mil).
A message in a protocol is said to have a type-flaw if it was created with some intended type, bu... more A message in a protocol is said to have a type-flaw if it was created with some intended type, but is later received and treated as a different type. A type-flaw guessing attack is an attack where a password is guessed and verified by inducing type-flaws in a protocol. Heather et al. [HLS00] prove that attacks that use typeflaws can be prevented if honest agents tag messages with their intended types. However, their tagging scheme can not be used in a password protocol since it allows a guess to be directly verified using the tags inside password encryptions. In this paper we prove that following a modification of Heather et al.'s scheme most type-flaw guessing attacks can still be prevented.
Replay attacks on security protocols have been discussed for quite some time in the literature. H... more Replay attacks on security protocols have been discussed for quite some time in the literature. However, the efforts to address these attacks have been largely incomplete, lacking generality and many times in fact, proven unsuccessful. In this paper we address these issues and prove the efficacy of a simple and general scheme in defending a protocol against these attacks. We believe that our work will be particularly useful in security critical applications and to protocol analyzers that are unable to detect some or all of the attacks in this class.
Using Government drawings, specifications, or other data included in this document for any purpos... more Using Government drawings, specifications, or other data included in this document for any purpose other than Government procurement does not in any way obligate the U.S. Government. The fact that the Government formulated or supplied the drawings, specifications, or other data does not license the holder or any other person or corporation; or convey any rights or permission to manufacture, use, or sell any patented invention that may relate to them. This report is the result of contracted fundamental research deemed exempt from public affairs security and policy review in accordance with SAF/AQR memorandum dated 10 Dec 08 and AFRL/CA policy clarification memorandum dated 16 Jan 09. This report is available to the general public, including foreign nationals. Copies may be obtained from the Defense Technical Information Center (DTIC) (http://www.dtic.mil).
The successful design and implementation of secure systems must include security concerns from th... more The successful design and implementation of secure systems must include security concerns from the beginning. A component that processes data at multiple security levels is critical and must go through additional evaluation to ensure the processing is secure. It is common practice to isolate and separate the processing of data at different levels into different components. In this paper we present policy-based architectural refinement techniques for the design of multi-level secure (MLS) systems. In addition, a policy refinement language is proposed to specify the rules of refinement patterns, and the hierarchy of the refinement patterns is presented. We discuss which security policies must be satisfied through the refinement process, including when separation works and when it does not. The process oriented approach will lead to verified engineering techniques for the design of MLS systems, which should greatly reduce the cost of certification of those systems.
We introduce TG/MC, a Monte-Carlo approach for evaluating the impact of uncertainty about vulnera... more We introduce TG/MC, a Monte-Carlo approach for evaluating the impact of uncertainty about vulnerabilities upon forecasts of security for a real-world system modeled by a protection graph. A TG/MC model defines a vulnerability as a potential change to an otherwise safe initial protection graph that, if exploited, leads to an unauthorized state, a violation of the system's security policy through the application of TG rules. TG/MC captures uncertainties about vulnerabilities as probability distributions and forecasts the probability of a specific security violation. TG/MC extends beyond the rigid yes/no analysis of safety in a TG protection graph to consider uncertainty in questions of security for real-world systems.
... edu Program Committee Jim Alves-Foss (Idaho) Flemming Andersen (TDR) Richard Boulton (Cambrid... more ... edu Program Committee Jim Alves-Foss (Idaho) Flemming Andersen (TDR) Richard Boulton (Cambridge) Albert Camilleri (HP) Shui-Kai Chin ... Black, Michael Butler, Surekha Ghantasala, Jim Grundy, Kelly M. Hall, John Harrison, Mark Heckman, Shahid Ikram, Michael Jones ...
Quantum computing, first introduced in the early 70's, has taken on new life with the development... more Quantum computing, first introduced in the early 70's, has taken on new life with the development of efficient algorithms, experimental quantum communication systems and basic quantum gates. This paper discusses the implications of quantum technologies, including both quantum communication and quantum computing, to the field of computer security. Although classical cryptography and security are still viable technologies, the introduction of quantum technology will force us to reevaluate some of our approaches to security. This paper provides an introduction to those issues that must be reevaluated.
The public-key infrastructure will be utilized to store a nd d isseminate ce rtified copies of us... more The public-key infrastructure will be utilized to store a nd d isseminate ce rtified copies of user's public keys for use in secure transmission and d igital signature verification. This paper presents a class of attacks, multi-protocol attacks, which can be used to break otherwise secure public-key based authentication p rotocols. These a ttacks are possible when the public-key infrastructure
This paper presents a design for a veri able secure distributed system. Based on the secure distr... more This paper presents a design for a veri able secure distributed system. Based on the secure distributed system of Rushby and Randell, the desgin is presented as a hierarchy of levels implementing a set of virtual machines, where each level can be separately veri ed for correctness with respect to the speci cation and security policy. The heart of the system is based on Bevier's veri ed kernel, KIT, which is modi ed to provide a base for a secure distributed computing system. We reason about this kernel in the context of the Rushby{Rnadell secure distributed system.
This dissertation work started with the desire to solve the distributed authorization problems in... more This dissertation work started with the desire to solve the distributed authorization problems in open and large computer networks. During the initial investigation, we learned that by using certificate technologies, authorization localization could be achieved. However, research on these technologies is mostly focused on delegation algorithms. More fundamental issues such as authorization policy generation need to be explored and systematic approaches need to be incorporated with the current technologies in order to establish a complete prevention mechanism for the purpose. During our further research, we noticed that logic programming is a useful tool for implementing authorization policies. The logic system can play dual roles including knowledge representation as well as the high level specification of a secure authorization system. Although logic programming and knowledge representation have been developed for more than twenty years, their logic and languages still cannot fully support our authorization representation and reasoning. Therefore we developed an authorization logic model based on division of authorization domain to explain authorization policy behaviors. In addition, by extending the general software engineering approach, including formal specification, verification, testing, and measurement, we established a policy engineering approach suitable for generating authorization policies with logic programming system. Finally, we have built CBASS as a test bed to experiment on policy separation and integration issues. Solutions to associate authorization policies and credentials with each programs or files, and techniques to build interfaces in the programs to connect the separated policy systems and application or system software was developed. The theory and experiments that have been presented and demonstrated may be used to direct the development of distributed authorization systems, particularly their policies which are the core of the entire distributed and networked computer systems in the future.
Problem statement: As group key management extended into the area of large dynamic networks, comp... more Problem statement: As group key management extended into the area of large dynamic networks, complex issues emerged involving the many operations that run over several network topologies. The issues that occurred due to multiple topologies were also compounded by differing views of the network, taken at different time slices or positions within the network. This was especially complex when figuring in mobile, ad-hoc networks. View synchrony is the current operational technique, or assumption, applied to group key exchange protocols. However, before this analysis view synchrony was just that, an assumption and the literature for group key exchange lacked an inquiry into what could happen when view synchrony was removed. Current group key management protocols rely on view synchrony and yet all protocols vary in requisite operational descriptions and performance measures. In this study, a framework for group key management protocol operations and performance measures was defined and examined how that framework could be used to compare and contrast existing protocols with and, more importantly, without view synchrony. Approach: Current literature lacked categories by which to quantify the performance metric of the protocols. This study first defined the dynamic key operations that all protocols share. By these definitions, group key management protocols were directly compared. Once definitions existed, this study assembled a list of costs that every protocol requires to establish and share keys across the dynamic group. These results provided an understanding of view synchrony's role and whether or not it should be solely relied on in these current protocols. Results: The prior conclusion that view synchrony was an integral part of all group key management protocols was shattered, when seen through the lens of communication costs and assumptions in wireless ad-hoc networks. View synchrony, as an assumed part of all group key management was previously inconsistently portrayed. The ability to see this before did not exist because a framework upon which to evaluate the costs did not exist. Now, literature can proceed with clearly defined understandings of what values exist in group key management protocols. Conclusion/Recommendations: Better communication in group key management will be a benefit to the entire field. Now that costs can be analyzed, procedure and security can be improved and protocols can be implemented for wireless ad-hoc networks. In addition, it led two authors of this study to create a new protocol, DTEGK, to maximize the most efficient communication, as view synchrony was hindering the effectiveness of previous protocols. Without the hindrance of view synchrony and a quantitative list of defined communication costs, protocols can also now be extended into the wireless, ad-hoc realm of group key management.
Using Government drawings, specifications, or other data included in this document for any purpos... more Using Government drawings, specifications, or other data included in this document for any purpose other than Government procurement does not in any way obligate the U.S. Government. The fact that the Government formulated or supplied the drawings, specifications, or other data does not license the holder or any other person or corporation; or convey any rights or permission to manufacture, use, or sell any patented invention that may relate to them. This report was cleared for public release by the 88 th ABW, Wright-Patterson AFB Public Affairs Office and is available to the general public, including foreign nationals. Copies may be obtained from the Defense Technical Information Center (DTIC) (http://www.dtic.mil).
A message in a protocol is said to have a type-flaw if it was created with some intended type, bu... more A message in a protocol is said to have a type-flaw if it was created with some intended type, but is later received and treated as a different type. A type-flaw guessing attack is an attack where a password is guessed and verified by inducing type-flaws in a protocol. Heather et al. [HLS00] prove that attacks that use typeflaws can be prevented if honest agents tag messages with their intended types. However, their tagging scheme can not be used in a password protocol since it allows a guess to be directly verified using the tags inside password encryptions. In this paper we prove that following a modification of Heather et al.'s scheme most type-flaw guessing attacks can still be prevented.
Replay attacks on security protocols have been discussed for quite some time in the literature. H... more Replay attacks on security protocols have been discussed for quite some time in the literature. However, the efforts to address these attacks have been largely incomplete, lacking generality and many times in fact, proven unsuccessful. In this paper we address these issues and prove the efficacy of a simple and general scheme in defending a protocol against these attacks. We believe that our work will be particularly useful in security critical applications and to protocol analyzers that are unable to detect some or all of the attacks in this class.
Using Government drawings, specifications, or other data included in this document for any purpos... more Using Government drawings, specifications, or other data included in this document for any purpose other than Government procurement does not in any way obligate the U.S. Government. The fact that the Government formulated or supplied the drawings, specifications, or other data does not license the holder or any other person or corporation; or convey any rights or permission to manufacture, use, or sell any patented invention that may relate to them. This report is the result of contracted fundamental research deemed exempt from public affairs security and policy review in accordance with SAF/AQR memorandum dated 10 Dec 08 and AFRL/CA policy clarification memorandum dated 16 Jan 09. This report is available to the general public, including foreign nationals. Copies may be obtained from the Defense Technical Information Center (DTIC) (http://www.dtic.mil).
The successful design and implementation of secure systems must include security concerns from th... more The successful design and implementation of secure systems must include security concerns from the beginning. A component that processes data at multiple security levels is critical and must go through additional evaluation to ensure the processing is secure. It is common practice to isolate and separate the processing of data at different levels into different components. In this paper we present policy-based architectural refinement techniques for the design of multi-level secure (MLS) systems. In addition, a policy refinement language is proposed to specify the rules of refinement patterns, and the hierarchy of the refinement patterns is presented. We discuss which security policies must be satisfied through the refinement process, including when separation works and when it does not. The process oriented approach will lead to verified engineering techniques for the design of MLS systems, which should greatly reduce the cost of certification of those systems.
We introduce TG/MC, a Monte-Carlo approach for evaluating the impact of uncertainty about vulnera... more We introduce TG/MC, a Monte-Carlo approach for evaluating the impact of uncertainty about vulnerabilities upon forecasts of security for a real-world system modeled by a protection graph. A TG/MC model defines a vulnerability as a potential change to an otherwise safe initial protection graph that, if exploited, leads to an unauthorized state, a violation of the system's security policy through the application of TG rules. TG/MC captures uncertainties about vulnerabilities as probability distributions and forecasts the probability of a specific security violation. TG/MC extends beyond the rigid yes/no analysis of safety in a TG protection graph to consider uncertainty in questions of security for real-world systems.
... edu Program Committee Jim Alves-Foss (Idaho) Flemming Andersen (TDR) Richard Boulton (Cambrid... more ... edu Program Committee Jim Alves-Foss (Idaho) Flemming Andersen (TDR) Richard Boulton (Cambridge) Albert Camilleri (HP) Shui-Kai Chin ... Black, Michael Butler, Surekha Ghantasala, Jim Grundy, Kelly M. Hall, John Harrison, Mark Heckman, Shahid Ikram, Michael Jones ...
Quantum computing, first introduced in the early 70's, has taken on new life with the development... more Quantum computing, first introduced in the early 70's, has taken on new life with the development of efficient algorithms, experimental quantum communication systems and basic quantum gates. This paper discusses the implications of quantum technologies, including both quantum communication and quantum computing, to the field of computer security. Although classical cryptography and security are still viable technologies, the introduction of quantum technology will force us to reevaluate some of our approaches to security. This paper provides an introduction to those issues that must be reevaluated.
The public-key infrastructure will be utilized to store a nd d isseminate ce rtified copies of us... more The public-key infrastructure will be utilized to store a nd d isseminate ce rtified copies of user's public keys for use in secure transmission and d igital signature verification. This paper presents a class of attacks, multi-protocol attacks, which can be used to break otherwise secure public-key based authentication p rotocols. These a ttacks are possible when the public-key infrastructure
This paper presents a design for a veri able secure distributed system. Based on the secure distr... more This paper presents a design for a veri able secure distributed system. Based on the secure distributed system of Rushby and Randell, the desgin is presented as a hierarchy of levels implementing a set of virtual machines, where each level can be separately veri ed for correctness with respect to the speci cation and security policy. The heart of the system is based on Bevier's veri ed kernel, KIT, which is modi ed to provide a base for a secure distributed computing system. We reason about this kernel in the context of the Rushby{Rnadell secure distributed system.
Uploads
Papers by Jim Alves-Foss