M-TREE: A high efficiency security architecture for protecting integrity and privacy of software

Secure processor architectures enable new sets of applications such as commercial grid computing, software copy protection and secure mobile agents by providing secure computing environments that are immune to both physical and software attacks. Despite a number of secure processor designs have been proposed, they typically made trade-offs between security and efficiency. This article proposes a new secure processor architecture called M-TREE, which offers a significant performance gain while without compromising security. The M-TREE architecture uses a novel hierarchical Message Authentication Code Tree (MACTree) for protecting applications’ integrity at a minimal performance overhead. M-TREE also introduces a new one-time-pad class encryption mechanism that accelerates security computation over the existing block cipher-based schemes with high security guarantee. Based on the results of our performance simulations the performance overhead of the M-TREE integrity check mechanism is as small as 14% in the worst case, a substantial improvement over the 60% slowdown reported by previously proposed techniques. Meanwhile, the overhead of M-TREE encryption scheme is approximately 30%, compared to 50% of using block cipher encryption. In overall, our M-TREE architecture can provide a tamper-resistant and tamper-evident computing environment with low-performance impact, thereby offering a transparent and practical security computing platform.     

Software-as-a-service （SaaS）： perspectives and challenges

Software-as-a-service （SaaS） has received significant attention recently as one of three principal components of cloud computing, and it often deals with applications that run on top of a platform-as-a-service （PaaS） that in turn runs on top of infrastructure-as-a-service （IaaS）. This paper provides an overview of SaaS including its architecture and major technical issues such as customization, multi-tenancy architecture, redun- dancy and recovery mechanisms, and scalability. Specifically, a SaaS system can have architecture relating to a database-oriented approach, middleware-oriented approach, service-oriented approach, or PaaS-oriented ap- proach. Various SaaS customization strategies can be used from light customization with manual coding to heavy customization where the SaaS system and its underlying PaaS systems are customized together. Multi-tenancy architecture is an important feature of a SaaS and various trade-offs including security isolation, performance, and engineering effort need to be considered. It is important for a SaaS system to have multi-level redundancy and recovery mechanisms, and the SaaS system needs to coordinate these with the underlying PaaS system. Finally, SaaS scalability mechanisms include a multi-level architecture with load balancers, automated data migration, and software design strategies.     

Security-Performance Tradeoffs in a Class of Wireless Network Scenarios

There has been an extensive and widespread deployment of wireless local area networks (WLANs) for information access. The transmission, being of a broadcast nature, is vulnerable to security threats and hence, the aspect of security provisioning in these networks has assumed an important dimension. The security of the transmitted data over a wireless channel aims at protecting the data from unauthorized access. The objective is achieved by providing advanced security mechanisms. Implementing strong security mechanisms however, affects the throughput performance and increases the complexity of the communication system. In this paper, we investigate the security performance of a WLAN based on IEEE 802.11b/g/n standards on an experimental testbed in congested and uncongested networks in a single and multi-client environment. Experimental results are obtained for a layered security model encompassing nine security protocols in terms of throughput, response time, and encryption overhead. The performance impact of transmission control protocol and user datagram protocol traffic streams on secure wireless networks has also been studied. Through numerical results obtained from the testbed, we have presented quantitative and realistic findings for both security mechanisms as well as network performance. The tradeoff between the strength of the security protocol and the associated performance is analyzed through computer simulation results. The present real time analysis enables the network designers to make intelligent choices about the implementation of security features and the perceived network performance for a given application scenario.     

Secure Concurrency Control in Firm Real-Time Database Systems

Many real-time database applications arise in electronic financial services, safety-critical installations and military systems where enforcing security is crucial to the success of the enterprise. For real-time database systems supporting applications with firm deadlines, we investigate here the performance implications, in terms of killed transactions, of guaranteeing multilevel secrecy. In particular, we focus on the concurrency control (CC) aspects of this issue.Our main contributions are the following: First, we identify which among the previously proposed real-time CC protocols are capable of providing covert-channel-free security. Second, using a detailed simulation model, we profile the real-time performance of a representative set of these secure CC protocols for a variety of security-classified workloads and system configurations. Our experiments show that a prioritized optimistic CC protocol, OPT-WAIT, provides the best overall performance. Third, we propose and evaluate a novel dual-CC approach that allows the real-time database system to simultaneously use different CC mechanisms for guaranteeing security and for improving real-time performance. By appropriately choosing these different mechanisms, concurrency control protocols that provide even better performance than OPT-WAIT are designed. Finally, we propose and evaluate GUARD, an adaptive admission-control policy designed to provide fairness with respect to the distribution of killed transactions across security levels. Our experiments show that GUARD efficiently provides close to ideal fairness for real-time applications that can tolerate covert channel bandwidths of upto one bit per second.     

Secured Cloud Communication Using Lightweight Hash Authentication with PUF

Internet-of-Things (IoT) is an awaited technology in real-world applications to process daily tasks using intelligent techniques. The main process of data in IoT involves communication, integration, and coordination with other real-world applications. The security of transferred, stored, and processed data in IoT is not ensured in many constraints. Internet-enabled smart devices are widely used among populations for all types of applications, thus increasing the popularity of IoT among widely used server technologies. Smart grid is used in this article with IoT to manage large data. A smart grid is a collection of numerous users in the network with the fastest response time. This article aims to provide high authentication to the smart grid, which constitutes secure communication in cloud-based IoT. Many IoT devices are deployed openly in all places. This open-access is vulnerable toward cloning attacks. Authentication is a significant process that provides strength while attacking. The security of the cloud and IoT must be computationally high. A lightweight authentication using hashing technique is proposed considering the aforementioned condition. The main factor of the authentication involves physically unclonable functions, which are utilized in improving the performance of the authentication. The proposed approach is evaluated with the existing techniques. Results show that the performance of the proposed algorithm provides high robust security.     

Content-based image authentication: current status, issues, and challenges

With today’s global digital environment, the Internet is readily accessible anytime from everywhere, so does the digital image manipulation software; thus, digital data is easy to be tampered without notice. Under this circumstance, integrity verification has become an important issue in the digital world. The aim of this paper is to present an in-depth review and analysis on the methods of detecting image tampering. We introduce the notion of content-based image authentication and the features required to design an effective authentication scheme. We review major algorithms and frequently used security mechanisms found in the open literature. We also analyze and discuss the performance trade-offs and related security issues among existing technologies.     

Adaptive versus Reservation-Based Synchronization Protocols—Analysis and Comparison

With the expansion of distributed multimedia applications, such as video-phone, video-conference, and video-on-demand, synchronization among various media (time-dependent, time-independent) becomes an integral part of various protocols, mechanisms and services in the underlying computing and communication systems. The current systems allow and provide two different resource management environments where synchronization will be considered: (1) best effort resource management, and (2) reservation-based resource management with differentiation of service classes. Under these two resource management environments, our goal is to analyze and compare the design, implementation, and performance of synchronization protocols and services. Our approach to accomplish this complex analysis is inductive, because we select a representative protocol from each group, and consider an adaptive synchronization protocol on top of the best effort resource management and a reservation-based synchronization protocol on top of the reservation-based resource management. We believe that both protocols include a rich set of known synchronization algorithms and mechanisms, hence our resulting analysis and comparison show: (1) trade-offs/difference in design complexity of the synchronization protocols (space and time), (2) trade-offs/difference in implementation complexity of the synchronization protocols (space and time), and (3) magnitude of performance changes.     

Correctness criteria for multilevel secure transactions

The benefits of distributed systems and shared database resources are widely recognized, but they often cannot be exploited by users who must protect their data by using label-based access controls. In particular, users of label-based data need to read and write data at different security levels within a single database transaction, which is not currently possible without violating multilevel security constraints. The paper presents a formal model of multilevel transactions which provide this capability. We define four ACIS (atomicity, consistency, isolation, and security) correctness properties of multilevel transactions. While atomicity, consistency and isolation are mutually achievable in standard single-site and distributed transactions, we show that the security requirements of multilevel transactions conflict with some of these goals. This forces trade-offs to be made among the ACIS correctness properties, and we define appropriate partial correctness properties. Due to such trade-offs, an important problem is to design multilevel transaction execution protocols which achieve the greatest possible degree of correctness. These protocols must provide a variety of approaches to making trade-offs according to the differing priorities of various users. We present three transaction execution protocols which achieve a high degree of correctness. These protocols exemplify the correctness trade-offs proven in the paper, and offer realistic implementation options     

Compartmental modelling with artificial neural networks

In this paper, we introduce an abbreviated compartmental modelling scheme which may be of interest to those in neuron- based adaptive systems because of the additional scope it provides for studying biologically-inspired learning mechanisms. The scheme, although not as flexible and precise as the general compartmental approach, allows one to design Hodgkin-Huxley style cells, and passive dendritic trees with an arbitrary number of synaptic connections. The trade-offs made for computational performance, may make the modelling scheme more appropriate for practical applications. The modelling scheme is based upon artificial neural networks, which we have used to represent cylindrical compartments (both passive and active) of different lengths, two types of voltage-dependent channels, and basic chemical synapses with variable time constants.     

On Composing Stream Applications in Peer-to-Peer Environments

Stream processing has become increasingly important as many emerging applications call for continuous real-time processing over data streams, such as voice-over-IP telephony, security surveillance, and sensor data analysis. In this paper, we propose a composable stream processing system for cooperative peer-to-peer environments. The system can dynamically select and compose stream processing elements located on different peers into user desired applications. We investigate multiple alternative approaches to composing stream applications: 1) global-state-based centralized versus local-state-based distributed algorithms for initially composing stream applications at setup phase. The centralized algorithm performs periodical global state maintenance while the distributed algorithm performs on-demand state collection. 2) Reactive versus proactive failure recovery schemes for maintaining composed stream applications during runtime. The reactive failure recovery algorithm dynamically recomposes a new stream application upon failures while the proactive approach maintains a number of backup compositions for failure recovery. We conduct both theoretical analysis and experimental evaluations to study the properties of different approaches. Our study illustrates the performance and overhead trade-offs among different design alternatives, which can provide important guidance for selecting proper algorithms to compose stream applications in cooperative peer-to-peer environments.     

基于区块链的网络安全体系结构与关键技术研究进展

随着互联网技术的不断演进与用户数量的“爆炸式”增长,网络作为一项基础设施渗透于人们生存、生活的各个方面,其安全问题也逐渐成为人们日益关注的重点.然而,随着网络规模的扩大以及攻击者恶意行为的多样化、复杂化,传统网络安全体系架构及其关键技术已经暴露出单点信任、部署困难等诸多问题,而具备去中心化、不可篡改等特性的区块链技术为网络安全所面临的挑战提供了新的解决思路.本文从网络层安全、应用层安全以及PKI安全三方面对近几年基于区块链的网络安全体系结构与关键技术研究进行梳理,并将区块链的作用归类为真实存储、真实计算、真实激励三种情形.针对区块链的具体应用领域,本文首先介绍了该领域的安全现状,然后对区块链的具体应用研究进行了介绍,并分析了区块链技术在该领域所存在的优势.本文最后结合现有的解决思路对未来区块链应用中所需要注意的隐私问题、可扩展性问题、安全问题以及区块链结构演进的方向进行了分析,并对未来基于区块链的网络安全体系结构与关键技术研究进行了展望.     

Robust and secure routing scheme for wireless multihop network

Mobile ad hoc network (MANET) is an appealing technology that has attracted lots of research efforts. On-demand routing protocol such as AODV may suffer from frequent topological changes. Due to frequent communication failures, multipath MANET is preferred than single-path MANET in many applications as former is used for achieving robustness and load balancing and improving reliability. Although multipath MANET is attractive solution, there are still some major flaws that prevent commercial growth. Security is one of these main barriers; MANETs are known to be particularly vulnerable to security attack. The paper presents a design of robust and secure framework for multipath MANET. In this paper, we propose not only a robust multipath routing protocol but also an extended security scheme. We discuss security analysis for proposed security scheme. And we also conduct simulation to evaluate such a framework through different performance metrics. Results show that the proposed routing protocol achieves better performance in terms of various metrics than other protocols.     

基于.NET平台的WEB解决方案的安全机制

安全是Web应用的核心。许多Web应用基于Windows的IIS服务，其安全控制全面集成于Windows安全体系，提供了包括多种措施在内的安全机制。然而，IIS安全机制过于简单，因此，NET平台对基于其ASP.NET环境开发的Web应用引入了更多的安全措施。ASP.NET安全机制与IIS安全机制协同工作，大大提高了IIS的安全性，更好地解决了Web应用的安全问题。开发人员可以根据不同的安全需求，按需定制，构造多层次的安全解决方案。     

Multiversion locking protocol with freezing for secure real-time database systems

Database systems for real-time applications must satisfy timing constraints associated with transactions. Typically, a timing constraint is expressed in the form of a deadline and is represented as a priority to be used by schedulers. Recently, security has become another important issue in many real-time applications. In many systems, sensitive information is shared by multiple users with different levels of security clearance. As more advanced database systems are being used in applications that need to support timeliness while managing sensitive information, there is an urgent need to develop protocols for concurrency control in transaction management that satisfy both timing and security requirements. In this paper, we propose a new multiversion concurrency control protocol that ensures that both security and real-time requirements are met. The proposed protocol is primarily based on locking. However, in order to satisfy timing constraints and security requirements, a new method, called the freezing method, is proposed. In order to show that our protocol provides a higher degree of concurrency than existing multiversion protocols, we define a new serializability for multiversion concurrency control, called FR-serializability, which is more general than traditional serializability. We present several examples to illustrate the behavior of our protocol, along with performance comparisons with other protocols. The simulation results show significant performance improvement of the new protocol.     

A QoS-driven approach for cloud computing addressing attributes of performance and security

In recent years, cloud computing has been one of the most widely discussed topics in the field of Information Technology. Owing to the popularity of services offered by cloud environments, several critical aspects of security have aroused interest in the academic and industrial world, where there is a concern to provide efficient mechanisms to combat a wide range of threats. As is well known, the application of security techniques and methodologies has a direct influence on the performance of the system, since security and performance are two quantities that are inversely proportional. This means that if the service providers fail to manage their computing infrastructure efficiently, the demand for services may not be met with the quality required by clients, including security and performance requirements, and the computational resources may be used inefficiently. The aim of this paper was to define QoS-driven approaches for cloud environments on the basis of the results of a performance evaluation of a service in which different security mechanisms are employed. These mechanisms impose additional overhead on the performance of the service, and to counter this, an attempt was made to change computational resources dynamically and on-the-fly. On the basis of the results, it could be shown that in a cloud environment, it is possible to maintain the performance of the service even with the overhead imposed by the security mechanisms, through an alteration in the virtualized computational resources. However, this change in the amount of resources had a direct effect on the response variables.     

A comparative evaluation of hardware-only and software-only directory protocols in shared-memory multiprocessors

The hardware complexity of hardware-only directory protocols in shared-memory multiprocessors has motivated many researchers to emulate directory management by software handlers executed on the compute processors, called software-only directory protocols.In this paper, we evaluate the performance and design trade-offs between these two approaches in the same architectural simulation framework driven by eight applications from the SPLASH-2 suite. Our evaluation reveals some common case operations that can be supported by simple hardware mechanisms and can make the performance of software-only directory protocols competitive with that of hardware-only protocols. These mechanisms aim at either reducing the software handler latency or hiding it by overlapping it with the message latencies associated with inter-node memory transactions. Further, we evaluate the effects of cache block sizes between 16 and 256 bytes as well as two different page placement policies. Overall, we find that a software-only directory protocol enhanced with these mechanisms can reach between 63% and 97% of the baseline hardware-only protocol performance at a lower design complexity.     

On the Characterization and Risk Assessment of AI-Powered Mobile Cloud Applications

Ultra-reliable low-latency communication supports powerful mission-critical applications such as artificial intelligence-enabled mobile cloud applications designed to deliver the quality of service and quality of experience to their users. However, whether existing security mechanisms are ready to address the risks emerging from these applications operating over ultra-fast 5G and 6G infrastructures is an open question. The complexity of finding answers to this question is partly due to the lack of means to measure software applications’ intelligence levels and partly due to the limitations of existing risk assessment approaches. In this paper, first, we propose an ability-based scale to characterize intelligent software applications. After that, we propose a semi-quantitative approach for threat modeling and risk analysis of intelligent software applications. Focusing on Android, we define three intelligent mobile cloud applications’ scenarios and demonstrate the feasibility of the proposed scale and approach. We perform their risk analyses for assessing the readiness of Android security mechanisms to mitigate their risks and identify open problems. We propose to rethink intelligent mobile cloud computing applications’ characterization and warn security experts to redesign their security mechanisms to serve evolving privacy, security, and trust requirements.     

MobileTrust: a trust enhanced security architecture for mobile agent systems

While offering many practical benefits for distributed applications, mobile agent systems pose some fundamental security challenges. In this paper, we present a new approach to mobile agent security which helps to address some of these challenges. We present a new technique, which we refer to as trust enhanced security, and apply it to mobile agent-based systems; this new technique advocates a shift in security solutions from security-centric to trust-centric. This extends the traditional security mechanisms by enabling trust decisions through explicit specification and management of security-related trust relationships. The integration of the trust decisions into security decision-making process leads to our trust enhanced security performance. A formal trust model is proposed and is incorporated into the development of a novel trust management architecture—MobileTrust for mobile agent-based applications. We have conducted detailed practical investigations to evaluate and validate the emergent properties of the trust enhanced security technique. We present and discuss the key results in this paper.     

Demystifying Cluster-Based Fault-Tolerant Firewalls

Firewalls are perimeter security solutions that are useful for addressing the unwanted traffic issue. However, designers must also appropriately address the network performance, availability, and complexity problems that firewalls introduce. The authors survey existing cluster-based fault-tolerant firewall architectures and discuss their trade-offs in these three areas. They present a preliminary evaluation of these architectures and discuss the need for state replication in stateful firewall clusters. They also discuss the difficulties of providing a simple, performance, and fault-tolerant cluster-based firewall solution.     

Security at the Internet layer

The Internet Engineering Task Force is standardizing security protocols (IPsec protocols) that are compatible with IPv6 and can be retrofitted into IPv4. The protocols are transparent to both applications and users and can be implemented without modifying application programs. The current protocol versions were published as Internet drafts in March 1998. The article overviews the proposed security architecture and the two main protocols-the IP Security Protocol and the Internet Key Management Protocol-describes the risks they address, and touches on some implementation requirements. IPsec's major advantage is that it can provide security services transparently to both applications and users. Also, the application programs using IPsec need not be modified in any way. This is particularly important when securing application programs that are not available in source code, which is common today. This transparency sets IPsec apart from security protocols that operate above the Internet layer. At present, IPsec is likely to be used in conjunction with and complemented by other security technologies, mechanisms, and protocols. Examples include firewalls and strong authentication mechanisms for access control, and higher layer security protocols for end-to-end communication security. In the near future, however, as virtual private networking and corporate intranets and extranets mature, IPsec is likely to be deployed on a larger scale