By Topic

High Assurance Systems Engineering Symposium, 2008. HASE 2008. 11th IEEE

Date 3-5 Dec. 2008

Filter Results

Displaying Results 1 - 25 of 68
  • [Front cover]

    Publication Year: 2008 , Page(s): C1
    Save to Project icon | Request Permissions | PDF file iconPDF (370 KB)  
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2008 , Page(s): i
    Save to Project icon | Request Permissions | PDF file iconPDF (33 KB)  
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2008 , Page(s): iii
    Save to Project icon | Request Permissions | PDF file iconPDF (67 KB)  
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2008 , Page(s): iv
    Save to Project icon | Request Permissions | PDF file iconPDF (46 KB)  
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2008 , Page(s): v - ix
    Save to Project icon | Request Permissions | PDF file iconPDF (138 KB)  
    Freely Available from IEEE
  • Message from the Chairs

    Publication Year: 2008 , Page(s): x - xi
    Save to Project icon | Request Permissions | PDF file iconPDF (84 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • Conference organization

    Publication Year: 2008 , Page(s): xii - xiv
    Save to Project icon | Request Permissions | PDF file iconPDF (103 KB)  
    Freely Available from IEEE
  • list-reviewer

    Publication Year: 2008 , Page(s): xv
    Save to Project icon | Request Permissions | PDF file iconPDF (71 KB)  
    Freely Available from IEEE
  • Path Sensitive Analysis for Security Flaws

    Publication Year: 2008 , Page(s): 3
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (33 KB)  

    Despite increasing efforts in detecting and managing software security flaws, the number of security attacks is still rising every year. As software becomes more complex, security flaws are more easily introduced into a software system and more difficult to eliminate. In this talk, I present our research on the development of a framework for detecting and managing security flaws. The key idea is t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Transaction Calculus

    Publication Year: 2008 , Page(s): 4
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (118 KB)  

    Transaction-based services are increasingly being applied in solving many universal interoperability problems. Compensation is one typical feature for long-running transactions. This paper presents a design model for specifying the behaviour of compensable programs. The new model for handling exception and compensation is built as conservative extension of the standard relational model. The paper ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Assurance Technology of System Test Based on Operators' Aspects

    Publication Year: 2008 , Page(s): 5
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (35 KB)  

    As the systems have been integrated through network, they are requested to keep their operation under the coexistence of their respective heterogeneous demands and modes. The heterogeneous requirements have to be achieved and the heterogeneous modes have to coexist under the evolving situation. Then the system management and maintenance cost significantly increase in comparison with its constructi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Goal Indicator Trees: A Model of Software Features that Supports Efficient Security Inspection

    Publication Year: 2008 , Page(s): 9 - 18
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (357 KB) |  | HTML iconHTML  

    We analyze the specific challenges of inspecting software development documents for security: Most security goals are formulated as negative (i.e. avoidance) goals, and security is a non-local property of the whole system. We suggest a new type of model for security relevant features to address these challenges. Our model, named security goal indicator tree (SGIT), maps negative and non-local goal... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Low Cost Secure Computation for the General Client-Server Computation Model

    Publication Year: 2008 , Page(s): 19 - 26
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (325 KB) |  | HTML iconHTML  

    Due to the large number of attacks on open networks, information theft becomes a more and more severe problem. Secure computation can offer highly assured confidentiality protection to critical information and data against external and insider attacks. However, existing secure computation methods are not widely used in practice due to their excessive performance overheads and limited applicability... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evaluating Security Risks following a Compliance Perspective

    Publication Year: 2008 , Page(s): 27 - 36
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (504 KB) |  | HTML iconHTML  

    One of the great challenges of information security area concerns the development of methods for measuring the degree of risk to which information is subject, consequence of the wide gamma of vulnerabilities and potential attacks. The compliance perspective for risk evaluation methodologies can be characterized as the search for turning a information system more aligned with a given security stand... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Comparison of Network Attack Datasets: An Empirical Analysis

    Publication Year: 2008 , Page(s): 39 - 48
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (273 KB) |  | HTML iconHTML  

    Network malicious activity can be collected and reported by various sources using different attack detection solutions. The granularity of these solutions provides either very detailed information (intrusion detection systems, honeypots) or high-level trends (CAIDA, SANS). The problem for network security operators is often to select the sources of information to better protect their network. How ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Use of Security Metrics Based on Intrusion Prevention System Event Data: An Empirical Analysis

    Publication Year: 2008 , Page(s): 49 - 58
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (185 KB) |  | HTML iconHTML  

    With the increasing number of attacks on the Internet, a primary concern for organizations is the protection of their network. To do so, organizations install security devices such as intrusion prevention systems to monitor network traffic. However, data that are collected by these devices are often imperfect. The contribution of this paper is to try to define some practical metrics based on imper... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Deployment of a Darknet on an Organization-Wide Network: An Empirical Analysis

    Publication Year: 2008 , Page(s): 59 - 68
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (296 KB) |  | HTML iconHTML  

    Darknet sensors have the interesting property of collecting only suspicious traffic, including misconfiguration, backscatter and malicious traffic. The type of traffic collected highly depends on two parameters: the size and the location of the darknet sensor. The goals of this paper are to study empirically the relationship between these two parameters and to try to increase the volume of attacke... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Scalable Checkpoint Encoding Algorithm for Diskless Checkpointing

    Publication Year: 2008 , Page(s): 71 - 79
    Cited by:  Papers (4)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (220 KB) |  | HTML iconHTML  

    Diskless checkpointing is an efficient technique to save the state of a long running application in a distributed environment without relying on stable storage. In this paper, we introduce several scalable encoding strategies into diskless checkpointing and reduce the overhead to survive k failures in p processes from 2[logp].k((beta + 2gamma)m + alpha) to (1 + O(1/radic(m))).k(beta + 2gamma)m, wh... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • HyperMIP: Hypervisor Controlled Mobile IP for Virtual Machine Live Migration across Networks

    Publication Year: 2008 , Page(s): 80 - 88
    Cited by:  Papers (11)  |  Patents (3)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (346 KB) |  | HTML iconHTML  

    Live migration provides transparent load-balancing and fault-tolerant mechanism for applications. When a Virtual Machine migrates among hosts residing in two networks, the network attachment point of the Virtual Machine is also changed, thus the Virtual Machine will suffer from IP mobility problem after migration. This paper proposes an approach called Hypervisor controlled Mobile IP to support li... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards Secure Trust Bootstrapping in Pervasive Computing Environment

    Publication Year: 2008 , Page(s): 89 - 96
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (1426 KB) |  | HTML iconHTML  

    The deployment of small handheld devices in a pervasive environment inevitably raises security concerns while sharing services. Trust models play a major role in guarding against privacy violations and security breaches. Though assignment of initial trust is an important issue, little work has been done in this area. Most of the prior research on trust models assume a constant level of the initial... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Small Logs for Transactional Services: Distinction is Much More Accurate than (Positive) Discrimination

    Publication Year: 2008 , Page(s): 97 - 106
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (298 KB) |  | HTML iconHTML  

    For complex services, logging is an integral part of many middleware aspects, especially, transactions and monitoring. In the event of a failure, the log allows us to deduce the cause of failure (diagnosis), recover by compensating the logged actions (atomicity), etc. However, for heterogeneous services, logging all the actions is often impracticable due to privacy/security constraints. Also, logg... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Low Energy Soft Error-Tolerant Register File Architecture for Embedded Processors

    Publication Year: 2008 , Page(s): 109 - 116
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (366 KB) |  | HTML iconHTML  

    This paper presents a soft error-tolerant architecture to protect embedded processors register files. The proposed architecture is based on selectively duplication of the most vulnerable registers values in a cache memory embedded beside the processor register file so called register cache. To do this, two parity bits are added to each register of the processor to detect up to three contiguous err... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Randomization Based Probabilistic Approach to Detect Trojan Circuits

    Publication Year: 2008 , Page(s): 117 - 124
    Cited by:  Papers (18)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (176 KB) |  | HTML iconHTML  

    In this paper, we propose a randomization based technique to verify whether a manufactured chip conforms to its design or is infected by any trojan circuit. A trojan circuit can be inserted into the design or fabrication mask by a malicious manufacturer such that it monitors for a specific rare trigger condition, and then it produces a payload error in the circuit which alters the functionality of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Integrity of Lightweight Checkpoints

    Publication Year: 2008 , Page(s): 125 - 134
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (202 KB) |  | HTML iconHTML  

    This paper proposes a lightweight checkpointing scheme for real-time embedded systems. The goal is to separate concerns by allowing applications to take checkpoints independently while providing them with an operating system service to assure the integrity of checkpoints. The scheme takes error detection latency into account and assumes a broad class of application failure modes. In this paper we ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Fast Performance Analysis Tool for Multicore, Multithreaded Communication Processors

    Publication Year: 2008 , Page(s): 135 - 144
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandAbstract | PDF file iconPDF (343 KB) |  | HTML iconHTML  

    To allow fast communication processor (CP) performance testing of task-to-CP-topology mapping, we propose a fast CP simulation tool with a few novel ideas that make it generic, fast, and accurate. Our major goal is to focus on modeling features common to a wide variety of CP architectures and incorporate relevant CP specific features as plug-ins. This tool not only allows user-defined packet arriv... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.