-
Towards Detecting IoT Event Spoofing Attacks Using Time-Series Classification
Authors:
Uzma Maroof,
Gustavo Batista,
Arash Shaghaghi,
Sanjay Jha
Abstract:
Internet of Things (IoT) devices have grown in popularity since they can directly interact with the real world. Home automation systems automate these interactions. IoT events are crucial to these systems' decision-making but are often unreliable. Security vulnerabilities allow attackers to impersonate events. Using statistical machine learning, IoT event fingerprints from deployed sensors have be…
▽ More
Internet of Things (IoT) devices have grown in popularity since they can directly interact with the real world. Home automation systems automate these interactions. IoT events are crucial to these systems' decision-making but are often unreliable. Security vulnerabilities allow attackers to impersonate events. Using statistical machine learning, IoT event fingerprints from deployed sensors have been used to detect spoofed events. Multivariate temporal data from these sensors has structural and temporal properties that statistical machine learning cannot learn. These schemes' accuracy depends on the knowledge base; the larger, the more accurate. However, the lack of huge datasets with enough samples of each IoT event in the nascent field of IoT can be a bottleneck. In this work, we deployed advanced machine learning to detect event-spoofing assaults. The temporal nature of sensor data lets us discover important patterns with fewer events. Our rigorous investigation of a publicly available real-world dataset indicates that our time-series-based solution technique learns temporal features from sensor data faster than earlier work, even with a 100- or 500-fold smaller training sample, making it a realistic IoT solution.
△ Less
Submitted 28 July, 2024;
originally announced July 2024.
-
AuditNet: A Conversational AI-based Security Assistant [DEMO]
Authors:
Shohreh Deldari,
Mohammad Goudarzi,
Aditya Joshi,
Arash Shaghaghi,
Simon Finn,
Flora D. Salim,
Sanjay Jha
Abstract:
In the age of information overload, professionals across various fields face the challenge of navigating vast amounts of documentation and ever-evolving standards. Ensuring compliance with standards, regulations, and contractual obligations is a critical yet complex task across various professional fields. We propose a versatile conversational AI assistant framework designed to facilitate complian…
▽ More
In the age of information overload, professionals across various fields face the challenge of navigating vast amounts of documentation and ever-evolving standards. Ensuring compliance with standards, regulations, and contractual obligations is a critical yet complex task across various professional fields. We propose a versatile conversational AI assistant framework designed to facilitate compliance checking on the go, in diverse domains, including but not limited to network infrastructure, legal contracts, educational standards, environmental regulations, and government policies. By leveraging retrieval-augmented generation using large language models, our framework automates the review, indexing, and retrieval of relevant, context-aware information, streamlining the process of verifying adherence to established guidelines and requirements. This AI assistant not only reduces the manual effort involved in compliance checks but also enhances accuracy and efficiency, supporting professionals in maintaining high standards of practice and ensuring regulatory compliance in their respective fields. We propose and demonstrate AuditNet, the first conversational AI security assistant designed to assist IoT network security experts by providing instant access to security standards, policies, and regulations.
△ Less
Submitted 19 July, 2024;
originally announced July 2024.
-
Multi-MedChain: Multi-Party Multi-Blockchain Medical Supply Chain Management System
Authors:
Akanksha Saini,
Arash Shaghaghi,
Zhibo Huang,
Salil S. Kanhere
Abstract:
The challenges of healthcare supply chain management systems during the COVID-19 pandemic highlighted the need for an innovative and robust medical supply chain. The healthcare supply chain involves various stakeholders who must share information securely and actively. Regulatory and compliance reporting is also another crucial requirement for perishable products (e.g., pharmaceuticals) within a m…
▽ More
The challenges of healthcare supply chain management systems during the COVID-19 pandemic highlighted the need for an innovative and robust medical supply chain. The healthcare supply chain involves various stakeholders who must share information securely and actively. Regulatory and compliance reporting is also another crucial requirement for perishable products (e.g., pharmaceuticals) within a medical supply chain management system. Here, we propose Multi-MedChain as a three-layer multi-party, multi-blockchain (MPMB) framework utilizing smart contracts as a practical solution to address challenges in existing medical supply chain management systems. Multi-MedChain is a scalable supply chain management system for the healthcare domain that addresses end-to-end traceability, transparency, and collaborative access control to restrict access to private data. We have implemented our proposed system and report on our evaluation to highlight the practicality of the solution. The proposed solution is made publicly available.
△ Less
Submitted 1 July, 2024;
originally announced July 2024.
-
Lack of Systematic Approach to Security of IoT Context Sharing Platforms
Authors:
Mohammad Goudarzi,
Arash Shaghaghi,
Simon Finn,
Sanjay Jha
Abstract:
IoT context-sharing platforms are an essential component of today's interconnected IoT deployments with their security affecting the entire deployment and the critical infrastructure adopting IoT. We report on a lack of systematic approach to the security of IoT context-sharing platforms and propose the need for a methodological and systematic alternative to evaluate the existing solutions and dev…
▽ More
IoT context-sharing platforms are an essential component of today's interconnected IoT deployments with their security affecting the entire deployment and the critical infrastructure adopting IoT. We report on a lack of systematic approach to the security of IoT context-sharing platforms and propose the need for a methodological and systematic alternative to evaluate the existing solutions and develop `secure-by-design' solutions. We have identified the key components of a generic IoT context-sharing platform and propose using MITRE ATT&CK for threat modelling of such platforms.
△ Less
Submitted 7 July, 2024;
originally announced July 2024.
-
Data After Death: Australian User Preferences and Future Solutions to Protect Posthumous User Data
Authors:
Andrew Reeves,
Arash Shaghaghi,
Shiri Krebs,
Debi Ashenden
Abstract:
The digital footprints of today's internet-active individuals are a testament to their lives, and have the potential to become digital legacies once they pass on. Future descendants of those alive today will greatly appreciate the unprecedented insight into the lives of their long since deceased ancestors, but this can only occur if today we have a process for data preservation and handover after…
▽ More
The digital footprints of today's internet-active individuals are a testament to their lives, and have the potential to become digital legacies once they pass on. Future descendants of those alive today will greatly appreciate the unprecedented insight into the lives of their long since deceased ancestors, but this can only occur if today we have a process for data preservation and handover after death. Many prominent online platforms offer nebulous or altogether absent policies regarding posthumous data handling, and despite recent advances it is currently unclear who the average Australian would like their data to be managed after their death (i.e., social media platforms, a trusted individual, or another digital executor). While at present the management of deceased accounts is largely performed by the platform (e.g., Facebook), it is conceivable that many Australians may not trust such platforms to do so with integrity. This study aims to further the academic conversation around posthumous data by delving deeper into the preferences of the Australian Public regarding the management of their data after death, ultimately to inform future development of research programs and industry solutions. A survey of 1020 Australians revealed that most desired a level of control over how their data is managed after death. Australians currently prefer to entrust the management of their data to a trusted close individual or third party software that they can administrate themselves. As expected, social media companies ranked low regarding both trust and convenience to manage data after death. Future research focus should be to conceptualise and develop a third-party solution that enables these preferences to be realised. Such a solution could interface with the major online vendors (social media, cloud hosting etc.) to action the deceased's will.
△ Less
Submitted 1 July, 2024;
originally announced July 2024.
-
AI for Next Generation Computing: Emerging Trends and Future Directions
Authors:
Sukhpal Singh Gill,
Minxian Xu,
Carlo Ottaviani,
Panos Patros,
Rami Bahsoon,
Arash Shaghaghi,
Muhammed Golec,
Vlado Stankovski,
Huaming Wu,
Ajith Abraham,
Manmeet Singh,
Harshit Mehta,
Soumya K. Ghosh,
Thar Baker,
Ajith Kumar Parlikad,
Hanan Lutfiyya,
Salil S. Kanhere,
Rizos Sakellariou,
Schahram Dustdar,
Omer Rana,
Ivona Brandic,
Steve Uhlig
Abstract:
Autonomic computing investigates how systems can achieve (user) specified control outcomes on their own, without the intervention of a human operator. Autonomic computing fundamentals have been substantially influenced by those of control theory for closed and open-loop systems. In practice, complex systems may exhibit a number of concurrent and inter-dependent control loops. Despite research into…
▽ More
Autonomic computing investigates how systems can achieve (user) specified control outcomes on their own, without the intervention of a human operator. Autonomic computing fundamentals have been substantially influenced by those of control theory for closed and open-loop systems. In practice, complex systems may exhibit a number of concurrent and inter-dependent control loops. Despite research into autonomic models for managing computer resources, ranging from individual resources (e.g., web servers) to a resource ensemble (e.g., multiple resources within a data center), research into integrating Artificial Intelligence (AI) and Machine Learning (ML) to improve resource autonomy and performance at scale continues to be a fundamental challenge. The integration of AI/ML to achieve such autonomic and self-management of systems can be achieved at different levels of granularity, from full to human-in-the-loop automation. In this article, leading academics, researchers, practitioners, engineers, and scientists in the fields of cloud computing, AI/ML, and quantum computing join to discuss current research and potential future directions for these fields. Further, we discuss challenges and opportunities for leveraging AI and ML in next generation computing for emerging computing paradigms, including cloud, fog, edge, serverless and quantum computing environments.
△ Less
Submitted 5 March, 2022;
originally announced March 2022.
-
Is this IoT Device Likely to be Secure? Risk Score Prediction for IoT Devices Using Gradient Boosting Machines
Authors:
Carlos A. Rivera Alvarez,
Arash Shaghaghi,
David D. Nguyen,
Salil S. Kanhere
Abstract:
Security risk assessment and prediction are critical for organisations deploying Internet of Things (IoT) devices. An absolute minimum requirement for enterprises is to verify the security risk of IoT devices for the reported vulnerabilities in the National Vulnerability Database (NVD). This paper proposes a novel risk prediction for IoT devices based on publicly available information about them.…
▽ More
Security risk assessment and prediction are critical for organisations deploying Internet of Things (IoT) devices. An absolute minimum requirement for enterprises is to verify the security risk of IoT devices for the reported vulnerabilities in the National Vulnerability Database (NVD). This paper proposes a novel risk prediction for IoT devices based on publicly available information about them. Our solution provides an easy and cost-efficient solution for enterprises of all sizes to predict the security risk of deploying new IoT devices. After an extensive analysis of the NVD records over the past eight years, we have created a unique, systematic, and balanced dataset for vulnerable IoT devices, including key technical features complemented with functional and descriptive features available from public resources. We then use machine learning classification models such as Gradient Boosting Decision Trees (GBDT) over this dataset and achieve 71% prediction accuracy in classifying the severity of device vulnerability score.
△ Less
Submitted 23 November, 2021;
originally announced November 2021.
-
Proactive and AoI-aware Failure Recovery for Stateful NFV-enabled Zero-Touch 6G Networks: Model-Free DRL Approach
Authors:
Amirhossein Shaghaghi,
Abolfazl Zakeri,
Nader Mokari,
Mohammad Reza Javan,
Mohammad Behdadfar,
Eduard A Jorswieck
Abstract:
In this paper, we propose a Zero-Touch, deep reinforcement learning (DRL)-based Proactive Failure Recovery framework called ZT-PFR for stateful network function virtualization (NFV)-enabled networks. To this end, we formulate a resource-efficient optimization problem minimizing the network cost function including resource cost and wrong decision penalty. As a solution, we propose state-of-the-art…
▽ More
In this paper, we propose a Zero-Touch, deep reinforcement learning (DRL)-based Proactive Failure Recovery framework called ZT-PFR for stateful network function virtualization (NFV)-enabled networks. To this end, we formulate a resource-efficient optimization problem minimizing the network cost function including resource cost and wrong decision penalty. As a solution, we propose state-of-the-art DRL-based methods such as soft-actor-critic (SAC) and proximal-policy-optimization (PPO). In addition, to train and test our DRL agents, we propose a novel impending-failure model. Moreover, to keep network status information at an acceptable freshness level for appropriate decision-making, we apply the concept of age of information to strike a balance between the event and scheduling based monitoring. Several key systems and DRL algorithm design insights for ZT-PFR are drawn from our analysis and simulation results. For example, we use a hybrid neural network, consisting long short-term memory layers in the DRL agents structure, to capture impending-failures time dependency.
△ Less
Submitted 11 September, 2021; v1 submitted 2 February, 2021;
originally announced March 2021.
-
Towards Decentralized IoT Updates Delivery Leveraging Blockchain and Zero-Knowledge Proofs
Authors:
Edoardo Puggioni,
Arash Shaghaghi,
Robin Doss,
Salil S. Kanhere
Abstract:
We propose CrowdPatching, a blockchain-based decentralized protocol, allowing Internet of Things (IoT) manufacturers to delegate the delivery of software updates to self-interested distributors in exchange for cryptocurrency. Manufacturers announce updates by deploying a smart contract (SC), which in turn will issue cryptocurrency payments to any distributor who provides an unforgeable proof-of-de…
▽ More
We propose CrowdPatching, a blockchain-based decentralized protocol, allowing Internet of Things (IoT) manufacturers to delegate the delivery of software updates to self-interested distributors in exchange for cryptocurrency. Manufacturers announce updates by deploying a smart contract (SC), which in turn will issue cryptocurrency payments to any distributor who provides an unforgeable proof-of-delivery. The latter is provided by IoT devices authorizing the SC to issue payment to a distributor when the required conditions are met. These conditions include the requirement for a distributor to generate a zero-knowledge proof, generated with a novel proving system called zk-SNARKs. Compared with related work, CrowdPatching protocol offers three main advantages. First, the number of distributors can scale indefinitely by enabling the addition of new distributors at any time after the initial distribution by manufacturers (i.e., redistribution among the distributor network). The latter is not possible in existing protocols and is not account for. Secondly, we leverage the recent common integration of gateway or Hub in IoT deployments in our protocol to make CrowdPatching feasible even for the more constraint IoT devices. Thirdly, the trustworthiness of distributors is considered in our protocol, rewarding the honest distributors' engagements. We provide both informal and formal security analysis of CrowdPatching using Tamarin Prover.
△ Less
Submitted 22 October, 2020;
originally announced October 2020.
-
Towards a Lightweight Continuous Authentication Protocol for Device-to-Device Communication
Authors:
Syed W. Shah,
Naeem F. Syed,
Arash Shaghaghi,
Adnan Anwar,
Zubair Baig,
Robin Doss
Abstract:
Continuous Authentication (CA) has been proposed as a potential solution to counter complex cybersecurity attacks that exploit conventional static authentication mechanisms that authenticate users only at an ingress point. However, widely researched human user characteristics-based CA mechanisms cannot be extended to continuously authenticate Internet of Things (IoT) devices. The challenges are ex…
▽ More
Continuous Authentication (CA) has been proposed as a potential solution to counter complex cybersecurity attacks that exploit conventional static authentication mechanisms that authenticate users only at an ingress point. However, widely researched human user characteristics-based CA mechanisms cannot be extended to continuously authenticate Internet of Things (IoT) devices. The challenges are exacerbated with increased adoption of device-to-device (d2d) communication in critical infrastructures. Existing d2d authentication protocols proposed in the literature are either prone to subversion or are computationally infeasible to be deployed on constrained IoT devices. In view of these challenges, we propose a novel, lightweight, and secure CA protocol that leverages communication channel properties and a tunable mathematical function to generate dynamically changing session keys. Our preliminary informal protocol analysis suggests that the proposed protocol is resistant to known attack vectors and thus has strong potential for deployment in securing critical and resource-constrained d2d communication.
△ Less
Submitted 10 October, 2020;
originally announced October 2020.
-
Health Access Broker: Secure, Patient-Controlled Management of Personal Health Records in the Cloud
Authors:
Zainab Abaid,
Arash Shaghaghi,
Ravin Gunawardena,
Suranga Seneviratne,
Aruna Seneviratne,
Sanjay Jha
Abstract:
Secure and privacy-preserving management of Personal Health Records (PHRs) has proved to be a major challenge in modern healthcare. Current solutions generally do not offer patients a choice in where the data is actually stored and also rely on at least one fully trusted element that patients must also trust with their data. In this work, we present the Health Access Broker (HAB), a patient-contro…
▽ More
Secure and privacy-preserving management of Personal Health Records (PHRs) has proved to be a major challenge in modern healthcare. Current solutions generally do not offer patients a choice in where the data is actually stored and also rely on at least one fully trusted element that patients must also trust with their data. In this work, we present the Health Access Broker (HAB), a patient-controlled service for secure PHR sharing that (a) does not impose a specific storage location (uniquely for a PHR system), and (b) does not assume any of its components to be fully secure against adversarial threats. Instead, HAB introduces a novel auditing and intrusion-detection mechanism where its workflow is securely logged and continuously inspected to provide auditability of data access and quickly detect any intrusions.
△ Less
Submitted 16 May, 2020;
originally announced May 2020.
-
Attacking with bitcoin: Using Bitcoin to Build Resilient Botnet Armies
Authors:
Dimitri Kamenski,
Arash Shaghaghi,
Matthew Warren,
Salil S. Kanhere
Abstract:
We focus on the problem of botnet orchestration and discuss how attackers can leverage decentralised technologies to dynamically control botnets with the goal of having botnets that are resilient against hostile takeovers. We cover critical elements of the Bitcoin blockchain and its usage for `floating command and control servers'. We further discuss how blockchain-based botnets can be built and i…
▽ More
We focus on the problem of botnet orchestration and discuss how attackers can leverage decentralised technologies to dynamically control botnets with the goal of having botnets that are resilient against hostile takeovers. We cover critical elements of the Bitcoin blockchain and its usage for `floating command and control servers'. We further discuss how blockchain-based botnets can be built and include a detailed discussion of our implementation. We also showcase how specific Bitcoin APIs can be used in order to write extraneous data to the blockchain. Finally, while in this paper, we use Bitcoin to build our resilient botnet proof of concept, the threat is not limited to Bitcoin blockchain and can be generalized.
△ Less
Submitted 2 May, 2020; v1 submitted 4 April, 2020;
originally announced April 2020.
-
Gwardar: Towards Protecting a Software-Defined Network from Malicious Network Operating Systems
Authors:
Arash Shaghaghi,
Salil S. Kanhere,
Mohamed Ali Kaafar,
Sanjay Jha
Abstract:
A Software-Defined Network (SDN) controller (aka. Network Operating System or NOS) is regarded as the brain of the network and is the single most critical element responsible to manage an SDN. Complimentary to existing solutions that aim to protect a NOS, we propose an intrusion protection system designed to protect an SDN against a controller that has been successfully compromised. Gwardar mainta…
▽ More
A Software-Defined Network (SDN) controller (aka. Network Operating System or NOS) is regarded as the brain of the network and is the single most critical element responsible to manage an SDN. Complimentary to existing solutions that aim to protect a NOS, we propose an intrusion protection system designed to protect an SDN against a controller that has been successfully compromised. Gwardar maintains a virtual replica of the data plane by intercepting the OpenFlow messages exchanged between the control and data plane. By observing the long-term flow of the packets, Gwardar learns the normal set of trajectories in the data plane for distinct packet headers. Upon detecting an unexpected packet trajectory, it starts by verifying the data plane forwarding devices by comparing the actual packet trajectories with the expected ones computed over the virtual replica. If the anomalous trajectories match the NOS instructions, Gwardar inspects the NOS itself. For this, it submits policies matching the normal set of trajectories and verifies whether the controller submits matching flow rules to the data plane and whether the network view provided to the application plane reflects the changes. Our evaluation results prove the practicality of Gwardar with a high detection accuracy in a reasonable time-frame.
△ Less
Submitted 18 September, 2018;
originally announced September 2018.
-
Gargoyle: A Network-based Insider Attack Resilient Framework for Organizations
Authors:
Arash Shaghaghi,
Salil S. Kanhere,
Mohamed Ali Kaafar,
Elisa Bertino,
Sanjay Jha
Abstract:
`Anytime, Anywhere' data access model has become a widespread IT policy in organizations making insider attacks even more complicated to model, predict and deter. Here, we propose Gargoyle, a network-based insider attack resilient framework against the most complex insider threats within a pervasive computing context. Compared to existing solutions, Gargoyle evaluates the trustworthiness of an acc…
▽ More
`Anytime, Anywhere' data access model has become a widespread IT policy in organizations making insider attacks even more complicated to model, predict and deter. Here, we propose Gargoyle, a network-based insider attack resilient framework against the most complex insider threats within a pervasive computing context. Compared to existing solutions, Gargoyle evaluates the trustworthiness of an access request context through a new set of contextual attributes called Network Context Attribute (NCA). NCAs are extracted from the network traffic and include information such as the user's device capabilities, security-level, current and prior interactions with other devices, network connection status, and suspicious online activities. Retrieving such information from the user's device and its integrated sensors are challenging in terms of device performance overheads, sensor costs, availability, reliability and trustworthiness. To address these issues, Gargoyle leverages the capabilities of Software-Defined Network (SDN) for both policy enforcement and implementation. In fact, Gargoyle's SDN App can interact with the network controller to create a `defence-in-depth' protection system. For instance, Gargoyle can automatically quarantine a suspicious data requestor in the enterprise network for further investigation or filter out an access request before engaging a data provider. Finally, instead of employing simplistic binary rules in access authorizations, Gargoyle incorporates Function-based Access Control (FBAC) and supports the customization of access policies into a set of functions (e.g., disabling copy, allowing print) depending on the perceived trustworthiness of the context.
△ Less
Submitted 6 July, 2018;
originally announced July 2018.
-
Software-Defined Network (SDN) Data Plane Security: Issues, Solutions and Future Directions
Authors:
Arash Shaghaghi,
Mohamed Ali Kaafar,
Rajkumar Buyya,
Sanjay Jha
Abstract:
Software-Defined Network (SDN) radically changes the network architecture by decoupling the network logic from the underlying forwarding devices. This architectural change rejuvenates the network-layer granting centralized management and re-programmability of the networks. From a security perspective, SDN separates security concerns into control and data plane, and this architectural recomposition…
▽ More
Software-Defined Network (SDN) radically changes the network architecture by decoupling the network logic from the underlying forwarding devices. This architectural change rejuvenates the network-layer granting centralized management and re-programmability of the networks. From a security perspective, SDN separates security concerns into control and data plane, and this architectural recomposition brings up exciting opportunities and challenges. The overall perception is that SDN capabilities will ultimately result in improved security. However, in its raw form, SDN could potentially make networks more vulnerable to attacks and harder to protect. In this paper, we focus on identifying challenges faced in securing the data plane of SDN - one of the least explored but most critical components of this technology. We formalize this problem space, identify potential attack scenarios while highlighting possible vulnerabilities and establish a set of requirements and challenges to protect the data plane of SDNs. Moreover, we undertake a survey of existing solutions with respect to the identified threats, identifying their limitations and offer future research directions.
△ Less
Submitted 1 April, 2018;
originally announced April 2018.
-
WedgeTail: An Intrusion Prevention System for the Data Plane of Software Defined Networks
Authors:
Arash Shaghaghi,
Mohamed Ali Kaafar,
Sanjay Jha
Abstract:
Networks are vulnerable to disruptions caused by malicious forwarding devices. The situation is likely to worsen in Software Defined Networks (SDNs) with the incompatibility of existing solutions, use of programmable soft switches and the potential of bringing down an entire network through compromised forwarding devices. In this paper, we present WedgeTail, an Intrusion Prevention System (IPS) de…
▽ More
Networks are vulnerable to disruptions caused by malicious forwarding devices. The situation is likely to worsen in Software Defined Networks (SDNs) with the incompatibility of existing solutions, use of programmable soft switches and the potential of bringing down an entire network through compromised forwarding devices. In this paper, we present WedgeTail, an Intrusion Prevention System (IPS) designed to secure the SDN data plane. WedgeTail regards forwarding devices as points within a geometric space and stores the path packets take when traversing the network as trajectories. To be efficient, it prioritizes forwarding devices before inspection using an unsupervised trajectory-based sampling mechanism. For each of the forwarding device, WedgeTail computes the expected and actual trajectories of packets and `hunts' for any forwarding device not processing packets as expected. Compared to related work, WedgeTail is also capable of distinguishing between malicious actions such as packet drop and generation. Moreover, WedgeTail employs a radically different methodology that enables detecting threats autonomously. In fact, it has no reliance on pre-defined rules by an administrator and may be easily imported to protect SDN networks with different setups, forwarding devices, and controllers. We have evaluated WedgeTail in simulated environments, and it has been capable of detecting and responding to all implanted malicious forwarding devices within a reasonable time-frame. We report on the design, implementation, and evaluation of WedgeTail in this manuscript.
△ Less
Submitted 6 July, 2018; v1 submitted 17 August, 2017;
originally announced August 2017.
-
Towards Policy Enforcement Point as a Service (PEPS)
Authors:
Arash Shaghaghi,
Mohamed Ali,
Kaafar,
Sandra Scott-Hayward,
Salil S. Kanhere,
Sanjay Jha
Abstract:
In this paper, we coin the term Policy Enforcement as a Service (PEPS), which enables the provision of innovative inter-layer and inter-domain Access Control. We leverage the architecture of Software-Defined-Network (SDN) to introduce a common network-level enforcement point, which is made available to a range of access control systems. With our PEPS model, it is possible to have a `defense in dep…
▽ More
In this paper, we coin the term Policy Enforcement as a Service (PEPS), which enables the provision of innovative inter-layer and inter-domain Access Control. We leverage the architecture of Software-Defined-Network (SDN) to introduce a common network-level enforcement point, which is made available to a range of access control systems. With our PEPS model, it is possible to have a `defense in depth' protection model and drop unsuccessful access requests before engaging the data provider (e.g. a database system). Moreover, the current implementation of access control within the `trusted' perimeter of an organization is no longer a restriction so that the potential for novel, distributed and cooperative security services can be realized. We conduct an analysis of the security requirements and technical challenges for implementing Policy Enforcement as a Service. To illustrate the benefits of our proposal in practice, we include a report on our prototype PEPS-enabled location-based access control.
△ Less
Submitted 8 October, 2016;
originally announced October 2016.
-
Function-Based Access Control (FBAC): From Access Control Matrix to Access Control Tensor
Authors:
Yvo Desmedt,
Arash Shaghaghi
Abstract:
Security researchers have stated that the core concept behind current implementations of access control predates the Internet. These assertions are made to pinpoint that there is a foundational gap in this field, and one should consider revisiting the concepts from the ground up. Moreover, Insider threats, which are an increasing threat vector against organizations are also associated with the fai…
▽ More
Security researchers have stated that the core concept behind current implementations of access control predates the Internet. These assertions are made to pinpoint that there is a foundational gap in this field, and one should consider revisiting the concepts from the ground up. Moreover, Insider threats, which are an increasing threat vector against organizations are also associated with the failure of access control. Access control models derived from access control matrix encompass three sets of entities, Subjects, Objects and Operations. Typically, objects are considered to be files and operations are regarded as Read, Write, and Execute. This implies an `open sesame' approach when granting access to data, i.e. once access is granted, there is no restriction on command executions. Inspired by Functional Encryption, we propose applying access authorizations at a much finer granularity, but instead of an ad-hoc or computationally hard cryptographic approach, we postulate a foundational transformation to access control. From an abstract viewpoint, we suggest storing access authorizations as a three-dimensional tensor, which we call Access Control Tensor (ACT). In Function-based Access Control (FBAC), applications do not give blind folded execution right and can only invoke commands that have been authorized for data segments. In other words, one might be authorized to use a certain command on one object, while being forbidden to use exactly the same command on another object. The theoretical foundations of FBAC are presented along with Policy, Enforcement and Implementation (PEI) requirements of it. A critical analysis of the advantages of deploying FBAC, how it will result in developing a new generation of applications, and compatibility with existing models and systems is also included. Finally, a proof of concept implementation of FBAC is presented.
△ Less
Submitted 15 September, 2016;
originally announced September 2016.