liu.seSök publikationer i DiVA
Ändra sökning
Avgränsa sökresultatet
1 - 18 av 18
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1. Bonatti, Piero
    et al.
    Antoniu, Grigoris
    Baldoni, Matteo
    Baroglio, Cristina
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    Fuchs, Norbert
    Martelli, Alberto
    Nejdl, Wolfgang
    Olmedilla, Olmedilla
    Patti, Viviana
    Peer, Joachim
    Shahmehri, Nahid
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    The REWERSE View on Policies2005Ingår i: Semantic Web and Policy Workshop,2005, Proceedings of the Semantic Web and Policy Workshop: UMBC eBiquity , 2005, s. 21-Konferensbidrag (Refereegranskat)
  • 2.
    Bonatti, Piero
    et al.
    Naples University.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Fuchs, Norbert
    University of Zurich.
    Olmedilla, Daniel
    L3S Research Center.
    Peer, Joachim
    St. Gallen University.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Semantic Web Policies -- A Discussion of Requirements and Research Issues2006Ingår i: European Semantic Web Conference,2006, Springer: Springer , 2006, s. 712-724Konferensbidrag (Refereegranskat)
    Abstract [en]

    Policies are pervasive in web applications. They play crucial roles in enhancing security, privacy and usability of distributed services. There has been extensive research in the area, including the Semantic Web community, but several aspects still exist that prevent policy frameworks from widespread adoption and real world application. This paper discusses important requirements and open research issues in this context, focusing on policies in general and their integration into trust management frameworks, as well as on approaches to increase system cooperation, usability and user-awareness of policy issues.

  • 3. Bonatti, Piero
    et al.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    Olmedilla, Daniel
    Shahmehri, Nahid
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    An Integration of Reputation-based and Policy-based Trust Management2005Ingår i: Semantic Web and Policy Workshop,2005, Proceedings of the Semantic Web and Policy Workshop: UMBC eBiquity , 2005, s. 136-Konferensbidrag (Refereegranskat)
  • 4.
    Bonatti, Piero
    et al.
    Universit¿a di Napoli.
    Shahmehri, Nahid
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    Olmedilla, Daniel
    Hannover University.
    Nejdl, Wolfgang
    Hannover University.
    Baldoni, Matteo
    Universit`a degli Studi di Torino.
    Baroglio, Cristina
    Universit`a degli Studi di Torino.
    Martelli, Alberto
    Universit`a degli Studi di Torino.
    Patti, Viviana
    Universit`a degli Studi di Torino.
    Coraggio, Paolo
    Universit¿a di Napoli .
    Antoniou, Grigoris
    Institute of Computer Science, FORTH, Greece .
    Peer, Joachim
    University of St. Gallen, Switzerland .
    E. Fuchs, Norbert
    University of Zurich, Switzerland .
    Rule-based Policy Specification: State of the Art and Future Work2004Rapport (Övrigt vetenskapligt)
  • 5.
    Byers, David
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Ardi, Shanai
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Modeling Software Vulnerabilities with Vulnerability Cause Graphs2006Ingår i: International Conference on Software Maintenance,2006, IEEE , 2006, s. 411-422Konferensbidrag (Refereegranskat)
  • 6.
    Duma, Claudiu
    Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem. Linköpings universitet, Tekniska högskolan.
    Security and Efficiency Tradeoffs in Multicast Group Key Management2003Licentiatavhandling, monografi (Övrigt vetenskapligt)
    Abstract [en]

    An ever-increasing number of Internet applications, such as content and software distribution, distance learning, multimedia streaming, teleconferencing, and collaborative workspaces, need efficient and secure multicast communication. However, efficiency and security are competing requirements and balancing them to meet the application needs is still an open issue.

    In this thesis we study the efficiency versus security requirements tradeoffs in group key management for multicast communication. The efficiency is in terms of minimizing the group rekeying cost and the key storage cost, while security is in terms of achieving backward secrecy, forward secrecy, and resistance to collusion.

    We propose two new group key management schemes that balance the efficiency versus resistance to collusion. The first scheme is a flexible category-based scheme, and addresses applications where a user categorization can be done based on the user accessibility to the multicast channel. As shown by the evaluation, this scheme has a low rekeying cost and a low key storage cost for the controller, but, in certain cases, it requires a high key storage cost for the users. In an extension to the basic scheme we alleviate this latter problem.

    For applications where the user categorization is not feasible, we devise a cluster-based group key management. In this scheme the resistance to collusion is measured by an integer parameter. The communication and the storage requirements for the controller depend on this parameter too, and they decrease as the resistance to collusion is relaxed. The results of the analytical evaluation show that our scheme allows a fine-tuning of security versus efficiency requirements at runtime, which is not possible with the previous group key management schemes.

  • 7.
    Duma, Claudiu
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Security and trust mechanisms for groups in distributed services2005Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
    Abstract [en]

    Group communication is a fundamental paradigm in modem distributed services, with applications in domains such as content distribution, distributed games, and collaborative workspaces. Despite the increasing interest in group-based services and the latest developments in efficient and reliable multi cast, the secure management of groups remains a major challenge for group communication.

    In this thesis we propose security and trust mechanisms for supporting secure management of groups within the contexts of controlled and of self-organizing settings.

    Controlled groups occur in services, such as multi cast software delivery, where an authority exists that enforces a group membership policy. In this context we propose a secure group key management approach which assures that only authorized users can access protected group resources. In order to scale to large and dynamic groups, the key management scheme must also be efficient. However, security and efficiency are competing requirements. We address this issue by proposing two flexible group key management schemes which can be configured to best meet the security and efficiency requirements of applications and services. One of the schemes can also be dynamically tuned, at system runtime, to adapt to possible requirement changes.

    Self-organizing groups occur in services, such as those enabled by peer-to-peer (P2P) and wireless technologies, which adopt a decentralized architecture. In the context of self-organizing groups, with no authority to dictate and control the group members' interactions, group members might behave maliciously and attempt to subvert other members in the group. We address this problem by proposing a reputation-based trust management approach that enables group members to distinguish between well-behaving and malicious members.

    We have evaluated our group key management and trust mechanisms analytically and through simulation. The evaluation of the group key management schemes shows cost advantages for rekeying and key storage. The evaluation of the reputation-based trust management shows that our trust metric is resilient to group members maliciously changing their behavior and flexible in that it supports different types of trust dynamics. As a proof of concept, we have incorporated our trust mechanism into a P2P-based intrusion detection system. The test results show an increase in system resiliency to attacks.

    Delarbeten
    1. A flexible category-based collusion-resistant key management scheme for multicast
    Öppna denna publikation i ny flik eller fönster >>A flexible category-based collusion-resistant key management scheme for multicast
    2003 (Engelska)Ingår i: Security and privacy in the age of uncertainty: IFIP TC11 18th International Conference on Information Security (SEC2003) May 26-28, 2003, Athens, Greece / [ed] Dimitris Gritzalis; Sabrina De Capitani di Vimercati; Pierangela Samarati; Sokratis Katsikas, Kluwer Academic Publishers, 2003, s. 133-144Konferensbidrag, Publicerat paper (Refereegranskat)
    Abstract [en]

    Current key management schemes for multicast provide either no resistance to collusion or perfect resistance to collusion. However, resistance to collusion is achieved at the expense of efficiency in terms of the number of transmissions and the number of keys that are used. We argue that applications may have certain assumptions regarding the users and their access to the multicast channel that may be used to provide a broader range of choices for balancing efficiency against resistance to collusion.

    We formalize the collusion requirement based upon the users' access to the multicast channel. Different user categorizations give different degrees of collusion resistance and we show that the existing work has focused on special cases of user categorizations. Further, we go on to propose and evaluate a flexible key management strategy for the general case where the accessibility relation defines the order of exclusion of the categories. The theoretical and experimental results show that our scheme has good performance regarding transmissions and keys per controller.

    Ort, förlag, år, upplaga, sidor
    Kluwer Academic Publishers, 2003
    Serie
    IFIP - International Federation for Information Processing, ISSN 1571-5736 ; 122
    Nationell ämneskategori
    Datavetenskap (datalogi)
    Identifikatorer
    urn:nbn:se:liu:diva-59903 (URN)10.1007/978-0-387-35691-4_12 (DOI)000184323200012 ()978-1-4757-6489-5 (ISBN)978-0-387-35691-4 (ISBN)
    Konferens
    18th IFIP International Information Security Conference, 26-28 May 2003, Athens, Greece
    Tillgänglig från: 2010-09-29 Skapad: 2010-09-29 Senast uppdaterad: 2018-01-12Bibliografiskt granskad
    2. Efficient storage for category-based group key management
    Öppna denna publikation i ny flik eller fönster >>Efficient storage for category-based group key management
    2004 (Engelska)Ingår i: Proceedings of the 5th Conference on Computer Science and Systems Engineering in Linköping, 2004, s. 139-146Konferensbidrag, Publicerat paper (Refereegranskat)
    Abstract [en]

    In multicast group communication, efficiency- and security are competing requirements and balancing them is an acknowledged challenge. In particular, the collusion resistance has an impact on the efficiency of any scheme. In this context, the category-based group key management (category-based GKM) scheme balances the collusion resistance constraints against the communication cost and the group controller storage. However, this scheme increases the storage requirements for users. In this paper we address this problem by introducing a novel technique based on spanning hash key tree (SKT). In the worst case, using our t echnique, the storage requirement remains the same as in the original category-based GKM scheme. However, the experimentalresults show that, in general, the SKT technique greatly reduces the key storage for the users as well as for the controller.

    Nyckelord
    group communication, security, efficiency, tradeoffs
    Nationell ämneskategori
    Datavetenskap (datalogi)
    Identifikatorer
    urn:nbn:se:liu:diva-22782 (URN)2114 (Lokalt ID)2114 (Arkivnummer)2114 (OAI)
    Konferens
    5th Conference on Computer Science and Systems Engineering in Linköping, Norrköping, Sweden, October, 2004
    Tillgänglig från: 2009-10-07 Skapad: 2009-10-07 Senast uppdaterad: 2018-01-13
    3. A hybrid key tree scheme for multicast to balance security and efficiency requirement
    Öppna denna publikation i ny flik eller fönster >>A hybrid key tree scheme for multicast to balance security and efficiency requirement
    2003 (Engelska)Ingår i: Proceedings of the Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE '03), Institute of Electrical and Electronics Engineers (IEEE), 2003, s. 208-213Konferensbidrag, Publicerat paper (Refereegranskat)
    Abstract [en]

    Security and efficiency of rekeying are crucial requirements for multicast key management. However, the two requirements pull in different directions and balancing them to meet the application needs is still an open issue. In this paper we introduce a hybrid key tree scheme to balance security, namely the resistance to collusion, and the efficiency. The resistance to collusion is measured by an integer parameter. The communication and the storage requirements for the controller depend on this parameter too, and they decrease as the resistance to collusion is relaxed. We analytically evaluate the efficiency of our scheme and compare with the previous work. The results show that our scheme allows a fine-tuning of security requirements versus efficiency requirements at run-time, which is not possible with the previous key management schemes.

    Ort, förlag, år, upplaga, sidor
    Institute of Electrical and Electronics Engineers (IEEE), 2003
    Nationell ämneskategori
    Teknik och teknologier
    Identifikatorer
    urn:nbn:se:liu:diva-59904 (URN)10.1109/ENABL.2003.1231409 (DOI)000186183900037 ()0769519636 (ISBN)
    Konferens
    Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 9-11 June, Linz, Austria, 2003
    Tillgänglig från: 2010-09-29 Skapad: 2010-09-29 Senast uppdaterad: 2016-12-06Bibliografiskt granskad
    4. Resilient trust for peer-to-peer based critical information infrastructures
    Öppna denna publikation i ny flik eller fönster >>Resilient trust for peer-to-peer based critical information infrastructures
    2004 (Engelska)Ingår i: Proceedings of the 2nd International Conference on Critical Infrastructures (CRIS 2004), Grenoble, France: International Institute for Critical Infrastructure , 2004Konferensbidrag, Publicerat paper (Refereegranskat)
    Abstract [en]

    Critical information infrastructures (CII) include the information technologies, telecommunication, and the Internet. The protection of CII is a paramount task, as other critical infrastructures (e.g. power grids, banking, and finance) become increasingly dependent on information services. Fault tolerance, scalability, self management, and self healing are some of the main requirements for the information-based critical services. These requirements can be addressed by the emerging peer-to-peer (P2P) technologies. The P2P architectural paradigm distributes the functionality, previously centralized into servers, to all the peers into the network. This approach has the advantage of avoiding bottlenecks and single point of failure making P2P networks robust and resilient to attacks. However, decentralization and distribution of P2P systems raise t he question of trust: how to distinguish the trustworthy peers from malicious ones. In this paper we analyze the resiliency of the existing reputation-based trust management mechanisms and identify the open problems to be addressed in order to provide the degree of resiliency necessary to critical information infrastructures.

    Ort, förlag, år, upplaga, sidor
    Grenoble, France: International Institute for Critical Infrastructure, 2004
    Nyckelord
    security, trust, critical information infrastructure, peer-to-peer
    Nationell ämneskategori
    Datavetenskap (datalogi)
    Identifikatorer
    urn:nbn:se:liu:diva-22754 (URN)2072 (Lokalt ID)2072 (Arkivnummer)2072 (OAI)
    Konferens
    2nd International Conference on Critical Infrastructures (CRIS 2004), Grenoble, France, October, 2004
    Tillgänglig från: 2009-10-07 Skapad: 2009-10-07 Senast uppdaterad: 2018-01-13
    5. Dynamic trust metrics for peer-to-peer systems
    Öppna denna publikation i ny flik eller fönster >>Dynamic trust metrics for peer-to-peer systems
    2005 (Engelska)Ingår i: Proceedings of the Sixteenth International Workshop on Database and Expert Systems Applications, 2005, Los Alamitos, CA, USA: IEEE Computer Society, 2005, s. 776-781Konferensbidrag, Publicerat paper (Refereegranskat)
    Abstract [en]

    One of the fundamental challenges for peer-to-peer (P2P) systems is the ability to manage risks involved in interacting and collaborating with priorly unknown and potentially malicious parties. Reputation-based trust management can mitigate this risk by deriving the trustworthiness of a certain peer from that peer's behavior history. However, the existing reputation systems do not provide an adequate reaction to quick changes in peers' behavior, raising serious concerns regarding their effectiveness in coping with dynamic malicious peers.

    In this paper we investigate the requirements on the dynamics of trust in P2P systems and propose a versatile trust metric which satisfies these requirements. In particular, our proposed metric is able to detect and penalize both the sudden changes in peers' behavior and their potential oscillatory malicious behavior. Moreover, our metric is flexible and allows the implementation of different types of trust dynamics. We evaluate our metric through simulation and show its unique features and advantages over the existing metrics.

    Ort, förlag, år, upplaga, sidor
    Los Alamitos, CA, USA: IEEE Computer Society, 2005
    Nationell ämneskategori
    Datavetenskap (datalogi)
    Identifikatorer
    urn:nbn:se:liu:diva-30649 (URN)16244 (Lokalt ID)0-7695-2424-9 (ISBN)16244 (Arkivnummer)16244 (OAI)
    Konferens
    Sixteenth International Workshop on Database and Expert Systems Applications, 22-26 August, 2005, Copenhagen, Denmark
    Tillgänglig från: 2009-10-09 Skapad: 2009-10-09 Senast uppdaterad: 2018-01-13
    6. A trust aware peer-to-peer based overlay architecture for intrusion detection
    Öppna denna publikation i ny flik eller fönster >>A trust aware peer-to-peer based overlay architecture for intrusion detection
    Visa övriga...
    (Engelska)Manuskript (preprint) (Övrigt vetenskapligt)
    Abstract [en]

    Traditional intrusion detection systems (IDS) are centralized and focused on protecting well bounded network regions. In contrast, current Internet attacks are highly distributed, spanning very large and dispersed regions of the Internet. This renders the deployed intrusion detection approaches inferior and limited in comparison to the attackers' capabilities. In this paper we propose a novel trust-aware peer-to-peer (P2P) based Overlay IDS architecture which is able tocoordinate and concert the detection capabilities of individual and formerly isolated IDSs, thereby increasing the overall effectiveness againstcurrent Internet attacks. The Overlay lDS is fully decentralized, thus avoiding the single point of failure problem characteristic to many other distributed lDS solutions. Moreover, we design an adaptive trust management mechanism which makes the Overlay IDS resilient to possible malicious peers infiltrating the overlay network. We have implemented our proposed Overlay lDS using JXTA P2P framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. As indicated by the evaluationresults, the use of our Overlay IDS significantly increases the overall survival rate of the network.

    Nationell ämneskategori
    Teknik och teknologier
    Identifikatorer
    urn:nbn:se:liu:diva-86193 (URN)
    Anmärkning

    This manuscript will not be published.

    Tillgänglig från: 2012-12-10 Skapad: 2012-12-10 Senast uppdaterad: 2017-01-17
  • 8.
    Duma, Claudiu
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Herzog, Almut
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Privacy in the Semantic Web: What Policy Languages Have to Offer2007Ingår i: IEEE Workshop on Policies for Distributed Systems and Networks,2007, Bologna, Italy: IEEE , 2007, s. 109-Konferensbidrag (Refereegranskat)
  • 9.
    Duma, Claudiu
    et al.
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Karresand, Martin
    Swedish Defence Research Agency, Sweden.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Caronni, Germani
    Sun Microsystems Laboratories, USA.
    Turcan, Eduard
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    A trust aware peer-to-peer based overlay architecture for intrusion detectionManuskript (preprint) (Övrigt vetenskapligt)
    Abstract [en]

    Traditional intrusion detection systems (IDS) are centralized and focused on protecting well bounded network regions. In contrast, current Internet attacks are highly distributed, spanning very large and dispersed regions of the Internet. This renders the deployed intrusion detection approaches inferior and limited in comparison to the attackers' capabilities. In this paper we propose a novel trust-aware peer-to-peer (P2P) based Overlay IDS architecture which is able tocoordinate and concert the detection capabilities of individual and formerly isolated IDSs, thereby increasing the overall effectiveness againstcurrent Internet attacks. The Overlay lDS is fully decentralized, thus avoiding the single point of failure problem characteristic to many other distributed lDS solutions. Moreover, we design an adaptive trust management mechanism which makes the Overlay IDS resilient to possible malicious peers infiltrating the overlay network. We have implemented our proposed Overlay lDS using JXTA P2P framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. As indicated by the evaluationresults, the use of our Overlay IDS significantly increases the overall survival rate of the network.

  • 10.
    Duma, Claudiu
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Karresand, Martin
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan. IDA Linköpings universitet.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Caronni, Germano
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    A Trust-Aware, P2P-Based Overlay for Intrusion Detection2006Ingår i: International Workshop on Database and Expert Systems Applications DEXA06,2006, IEEE , 2006, s. 692-Konferensbidrag (Refereegranskat)
  • 11.
    Duma, Claudiu
    et al.
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Caronni, Germano
    Sun Microsystems Laboratories, USA.
    Dynamic trust metrics for peer-to-peer systems2005Ingår i: Proceedings of the Sixteenth International Workshop on Database and Expert Systems Applications, 2005, Los Alamitos, CA, USA: IEEE Computer Society, 2005, s. 776-781Konferensbidrag (Refereegranskat)
    Abstract [en]

    One of the fundamental challenges for peer-to-peer (P2P) systems is the ability to manage risks involved in interacting and collaborating with priorly unknown and potentially malicious parties. Reputation-based trust management can mitigate this risk by deriving the trustworthiness of a certain peer from that peer's behavior history. However, the existing reputation systems do not provide an adequate reaction to quick changes in peers' behavior, raising serious concerns regarding their effectiveness in coping with dynamic malicious peers.

    In this paper we investigate the requirements on the dynamics of trust in P2P systems and propose a versatile trust metric which satisfies these requirements. In particular, our proposed metric is able to detect and penalize both the sudden changes in peers' behavior and their potential oscillatory malicious behavior. Moreover, our metric is flexible and allows the implementation of different types of trust dynamics. We evaluate our metric through simulation and show its unique features and advantages over the existing metrics.

  • 12.
    Duma, Claudiu
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Lambrix, Patrick
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    A flexible category-based collusion-resistant key management scheme for multicast2003Ingår i: Security and privacy in the age of uncertainty: IFIP TC11 18th International Conference on Information Security (SEC2003) May 26-28, 2003, Athens, Greece / [ed] Dimitris Gritzalis; Sabrina De Capitani di Vimercati; Pierangela Samarati; Sokratis Katsikas, Kluwer Academic Publishers, 2003, s. 133-144Konferensbidrag (Refereegranskat)
    Abstract [en]

    Current key management schemes for multicast provide either no resistance to collusion or perfect resistance to collusion. However, resistance to collusion is achieved at the expense of efficiency in terms of the number of transmissions and the number of keys that are used. We argue that applications may have certain assumptions regarding the users and their access to the multicast channel that may be used to provide a broader range of choices for balancing efficiency against resistance to collusion.

    We formalize the collusion requirement based upon the users' access to the multicast channel. Different user categorizations give different degrees of collusion resistance and we show that the existing work has focused on special cases of user categorizations. Further, we go on to propose and evaluate a flexible key management strategy for the general case where the accessibility relation defines the order of exclusion of the categories. The theoretical and experimental results show that our scheme has good performance regarding transmissions and keys per controller.

  • 13.
    Duma, Claudiu
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Lambrix, Patrick
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    A hybrid key tree scheme for multicast to balance security and efficiency requirement2003Ingår i: Proceedings of the Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE '03), Institute of Electrical and Electronics Engineers (IEEE), 2003, s. 208-213Konferensbidrag (Refereegranskat)
    Abstract [en]

    Security and efficiency of rekeying are crucial requirements for multicast key management. However, the two requirements pull in different directions and balancing them to meet the application needs is still an open issue. In this paper we introduce a hybrid key tree scheme to balance security, namely the resistance to collusion, and the efficiency. The resistance to collusion is measured by an integer parameter. The communication and the storage requirements for the controller depend on this parameter too, and they decrease as the resistance to collusion is relaxed. We analytically evaluate the efficiency of our scheme and compare with the previous work. The results show that our scheme allows a fine-tuning of security requirements versus efficiency requirements at run-time, which is not possible with the previous key management schemes.

  • 14.
    Duma, Claudiu
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Lambrix, Patrick
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Efficient storage for category-based group key management2004Ingår i: Proceedings of the 5th Conference on Computer Science and Systems Engineering in Linköping, 2004, s. 139-146Konferensbidrag (Refereegranskat)
    Abstract [en]

    In multicast group communication, efficiency- and security are competing requirements and balancing them is an acknowledged challenge. In particular, the collusion resistance has an impact on the efficiency of any scheme. In this context, the category-based group key management (category-based GKM) scheme balances the collusion resistance constraints against the communication cost and the group controller storage. However, this scheme increases the storage requirements for users. In this paper we address this problem by introducing a novel technique based on spanning hash key tree (SKT). In the worst case, using our t echnique, the storage requirement remains the same as in the original category-based GKM scheme. However, the experimentalresults show that, in general, the SKT technique greatly reduces the key storage for the users as well as for the controller.

  • 15.
    Duma, Claudiu
    et al.
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Turcan, Eduard
    Linköpings universitet, Institutionen för datavetenskap. Linköpings universitet, Tekniska högskolan.
    Resilient trust for peer-to-peer based critical information infrastructures2004Ingår i: Proceedings of the 2nd International Conference on Critical Infrastructures (CRIS 2004), Grenoble, France: International Institute for Critical Infrastructure , 2004Konferensbidrag (Refereegranskat)
    Abstract [en]

    Critical information infrastructures (CII) include the information technologies, telecommunication, and the Internet. The protection of CII is a paramount task, as other critical infrastructures (e.g. power grids, banking, and finance) become increasingly dependent on information services. Fault tolerance, scalability, self management, and self healing are some of the main requirements for the information-based critical services. These requirements can be addressed by the emerging peer-to-peer (P2P) technologies. The P2P architectural paradigm distributes the functionality, previously centralized into servers, to all the peers into the network. This approach has the advantage of avoiding bottlenecks and single point of failure making P2P networks robust and resilient to attacks. However, decentralization and distribution of P2P systems raise t he question of trust: how to distinguish the trustworthy peers from malicious ones. In this paper we analyze the resiliency of the existing reputation-based trust management mechanisms and identify the open problems to be addressed in order to provide the degree of resiliency necessary to critical information infrastructures.

  • 16.
    Herzog, Almut
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    An ontology for information security2009Ingår i: Techniques and applications for advanced information privacy and security: emerging organizational, ethical and human issues / [ed] Nemadi H, Information Science Reference , 2009, 1, s. 278-301Kapitel i bok, del av antologi (Övrigt vetenskapligt)
    Abstract [en]

    Advances in technology are causing new privacy concerns as an increasing number of citizens are engaging in online activities.

    Techniques and Applications for Advanced Information Privacy and Security: Emerging Organizational, Ethical, and Human Issues provides a thorough understanding of issues and concerns in information technology security. An advanced reference source covering topics such as security management, privacy preservation, and authentication, this book outlines the field and provides a basic understanding of the most salient issues in privacy concerns for researchers and practitioners.

    Show more Show less

  • 17.
    Herzog, Almut
    et al.
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    Shahmehri, Nahid
    Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
    An ontology of information security2007Ingår i: International Journal of Information Security and Privacy, ISSN 1930-1650, Vol. 1, nr 4, s. 1-23Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    We present a publicly available, OWL-based ontology of information security which models assets, threats, vulnerabilities, countermeasures and their relations. The ontology can be used as a general vocabulary, roadmap, and extensible dictionary of the domain of information security. With its help, users can agree on a common language and definition of terms and relationships. In addition to browsing for information, the ontology is also useful for reasoning about relationships between its entities, for example, threats and countermeasures. The ontology helps answer questions like: Which countermeasures detect or prevent the violation of integrity of data? Which assets are protected by SSH? Which countermeasures thwart buffer overflow attacks? At the moment, the ontology comprises 88 threat classes, 79 asset classes, 133 countermeasure classes and 34 relations between those classes. We provide the means for extending the ontology, and provide examples of the extendibility with the countermeasure classes ‘memory protection’ and ‘source code analysis’. This article describes the content of the ontology as well as its usages, potential for extension, technical implementation and tools for working with it.

  • 18.
    Madria, S.K.
    et al.
    University of Missouri-Rolla, United States.
    Mondal, A.
    University of Tokyo, Japan.
    Mohania, M.K.
    IBM India Research Lab., India.
    Bhargava, B.
    Purdue University, United States.
    Bressan, S.
    National University of Singapore, Singapore, Singapore.
    Iwaihara, M.
    Kyoto University, Japan.
    Hameurlain, A.
    IRIT, Paul Sabatier University, France.
    Hara, T.
    Osaka University, Japan.
    Lilien, L.
    Western Michigan University, United States.
    Gupta, S.K.
    IIT, Delhi.
    Bhowmick, S.S.
    Nanyang Technological University, Singapore, Singapore.
    Chatvichienchai, S.
    Siebold University of Nagasaki, Japan.
    Bin, C.
    Peking University, China.
    Bellatreche, L.
    Poitiers University, France.
    Ibrahim, I.K.
    Johannes Kepler University Linz, Austria.
    Saito, K.
    Keio University, Japan.
    Cong, G.
    University of Edinburgh, United Kingdom.
    Shen, J.
    University of New South Wales, Australia.
    Dutta, D.
    CISCO, United States.
    Garg, P.
    Intel Technology Group, Japan.
    Boncz, P.
    CWI, Netherlands.
    Duma, Claudiu
    Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, IISLAB - Laboratoriet för intelligenta informationssystem.
    Kacimi, M.
    Max-Planck-Institute, Germany.
    Le, G.
    University of Oklahoma, United States.
    Lee, Y.
    University of Missouri-Kansas City, United States.
    Mani, M.
    WPI, United States.
    Palomar, E.
    Carlos III University, Spain.
    Pitoura, E.
    University of Ioannina, Greece.
    Tan, K.-L.
    National University of Singapore, Singapore, Singapore.
    Tomarchio, O.
    Università di Catania, Italy.
    Trajcevski, G.
    Northwestern University, United States.
    Di, Vimercati S.D.C.
    Di Vimercati, S.D.C., Universita' degli Studi di Milano, Italy.
    Yolum, P.
    Bogazici University, Turkey.
    W18 - PDMST '07 & GRep '07: 4th international workshop on P2P Data Management, Security, and Trust2007Ingår i: Database and Expert Systems Applications, ISSN 1529-4188, , s. 775-776Övrigt (Övrigt vetenskapligt)
    Abstract [en]

    [No abstract available]

1 - 18 av 18
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf