International Journal of Critical Computer-Based Systems (8 papers in press)
Iterative integration of TTEthernet network flows
by Sofiene Beji, Sardaouna Hamadou, John Mullins, Abdelouahed Gherbi
Abstract: TTEthernet has been proposed as an improvement of the Ethernet network protocol to ensure communication of critical systems.
Some of these systems, such as avionics systems, are complex and evolving ones. Therefore, they are designed iteratively
by integrating in each iteration some components of the system.
Adding new functionalities may induce substantial additional costs of reconfiguration of the system in order to meet the real-time requirements.
Based on the constraint programming techniques,
we develop in this paper a cost optimization approach that meets the
TTEthernet specification and validates the latencies requirements in an accurate way.
We illustrate our approach on a case study
with the MiniZinc tool (Nethercote et al. , 2007).
Keywords: TTEthernet; Iterative Integration; Scheduling; Real-Time Systems.
A Challenge based Countermeasure against the Spoofed PS-Poll based DoS Attack in IEEE 802.11 Networks
by Souilah Hocine, Baadache Abderrahmane, Bouallouche-Medjkoune Louiza
Abstract: 802.11 network is an emerging wireless broadband technology used to connect client stations to the network via an access point (AP). This network is particularly vulnerable to DoS (Denial of Service) attacks targeting the network availability. In this paper, we focus on the spoofed PS-Poll based DoS attack in 802.11 PSM (Power Save Mode), where the attacker spoofs the polling frame on behalf of the client in order to destruct data buffered at the AP, that are expected to be delivered to asleep client. To cope with this attack, we rely on the prime factorization to authenticate PS-Poll frame needed to retrieve buffered data. The countermeasure we propose, called APSP (Authenticated Power Save Poll), is both detective and preventive one with low communication, computing and storage overheads. It can be integrated in 802.11 standard through firmware upgrade without any required additional hardware. In order to prove the efficiency of the proposed countermeasure and evaluate its performance, extensive experiments are carried out. Simulation results show that the spoofed PS-Poll based DoS attack is successfully prevented and detected by APSP compared to the basic 802.11 PSM.
Keywords: IEEE 802.11; Power Save Mode; PS-Poll; DoS attack; Prime factorization.
Design, Implementation, and Assessment of a Usable Multi-Biometric Continuous Authentication System
by Enrico Schiavone, Andrea Ceccarelli, Ariadne Carvalho, Andrea Bondavalli
Abstract: Authentication mechanisms typically verify the user identity only at login, or with tedious explicit authentication requests that improve security at the expense of usability. However, especially for critical systems, workstations have to be tightly and continuously secured in order to prevent unauthorized interventions. Recent researches envisage multi-biometric systems for continuous authentication, where biometric traits are acquired transparently to the user and authentication is provided without requiring explicit actions. In this work we propose a multi-biometric authentication system that continuously and transparently verifies the user identity through face, fingerprint and keystroke recognition. This paper presents the design, prototype implementation and assessment of our system. We evaluate the system usability and its trade-off with security in an experiment involving 60 users. Our findings show that security enhancements are provided and users i) perform the actions without additional effort, ii) largely accept the authentication system, which only requires minimal training.
Keywords: continuous authentication; biometrics; security; usability; identity verification; multi-biometric; transparent; face; fingerprint; keystroke; prototype; assessment; design; implementation;.
Performability Modeling and Analysis of Server Virtualized Systems subject to Workload-dependent Software Aging
by Escheikh Mohamed, Tayachi Zayneb, Barkaoui Kamel
Abstract: This paper tackles performability modeling and analysis of versatile server virtualized systems subject to workload-dependent software aging, failures, and rejuvenation. We develop a modular modeling approach based on stochastic reward nets to investigate dependencies between several server virtualized system modules including virtual machine monitor, virtual machine, data-intensive applications, and workload-aware power management mechanism. Two case studies are considered, each of them accounts for a specific virtual machine monitor rejuvenation technique (Cold-VM or Migrate-VM).
We show through numerical analysis how steady-state availability and power-performance metric are impacted by workload-dependent software aging and workload burstiness.
Keywords: Virtualisation; SVS; Performability; SRN,rnWorkload-aware Power Management; Power/performance tradeoff.
Soft error sensitivity and vulnerability of languages and their implementations
by Frederico Cerveira, Alcides Fonseca, Raul Barbosa, Henrique Madeira
Abstract: Hardware manufacturing advances along with the popularization of energy saving techniques are predicted to cause an increase in the soft error rate, which in turn will transfer part of the responsibility for tolerating these errors to the software layer. Since the programming language and its supporting implementation have a determinant impact in the produced application, fault injection was used in this paper to evaluate the effect that different programming languages and different implementations (compilers or interpreters) have on the sensitivity and vulnerability to soft errors. The results show that programming language and workload strongly impact these metrics, that programming languages of the same type share similar failure mode distributions, and that the implementation can impact sensitivity and vulnerability in certain scenarios. For these reasons, we suggest that a change in the implementation of the language at a late stage in the project development cycle can be enough to improve the vulnerability and sensitivity without changing the programming language.
Keywords: Programming languages; Soft errors; Dependability; Fault Injection; Vulnerability; Sensitivity; Compilers; Interpreters; Backends.
Extending a re-identification risk-based anonymization framework and evaluating its impact on data mining classifiers
by Tania Basso, Hebert Silva, Regina Moraes
Abstract: Preserving sensitive information in data mining processes is one of the major issues in the context of Big Data. Handling huge volumes of data demands techniques to assure that private data is not accessible to non-authorized users. One of these techniques is data anonymization, which aims to avoid individual identification. However, even when anonymized, data may be subject to re-identification through privacy attacks. This paper presents a two-stage policy-based anonymization framework, which applies anonymization techniques in ETL process and before exporting data analytic results. We extended part of this framework - the k-anonymity-based component - to help minimizing the risk of data re-identification. Experiments evaluated the impact of applying this two-stage anonymization on data mining regarding accuracy, performance, re-identification risk and information loss. Results showed that, when applied carefully, the anonymization barely affect classifier results, improving it in some cases.
Keywords: Privacy; Data Mining; Data Anonymization; Re-identification Risk; k-anonymity.
Timed CTL Checking of Time Critical Cloud Applications using Timed Bigraphs
by FATEH LATRECHE, FAIZA BELALA
Abstract: Controlling cloud resources provisioning for time-critical applications is crucial to meet required Quality of Service (QoS) of modern applications. Both computational resources capabilities and network bandwidth should be considered to accurately serve practical needs while complying relevant constraints. The main objective of this work is to show how to add time constructs to the Bigraphical Reactive Systems (BRSs) formalism, in order to describe and analyse execution of cloud applications having temporal constraints. In particular, we are interested in the cloud resource allocation problem to meet end user requests while considering network deadline as well as service processing time. The proposed time-aware BRS model is then integrated in the Real-Time Maude language and its TCTL model checker in order to obtain an executable and analysable specification of cloud applications having temporal constraints.
Keywords: Time critical cloud applications; Bigraphical Reactive Systems; Real-Time Maude; TCTL model checking.
Securing the Weak Link of Federated Systems via Trusted Execution: a Case Study from the eHealth Domain
by Luigi Coppolino, Salvatore D'Antonio, Giovanni Mazzeo, Luigi Romano, Luigi Sgaglione
Abstract: The interconnection of organizations from distributed, heterogeneous, and autonomous domains having different regulations often requires the brokerage of a trusted third party to translate security means applied in one domain to those of a different domain. At that point, sensitive data is exposed unencrypted on the broker host, thus vulnerable to attacks. In this paper, we provide a solution to this weakness of federated architectures by using hardware-assisted Trusted Execution (TE). We propose an approach where the new Intels CPU extension, namely Software Guard eXtension (SGX), is exploited to guarantee the trustworthiness of the weakest link i.e., the broker in spite of an aggressive attack model. The validation of our work was realized through the European eHealth infrastructure, namely OpenNCP, that enables cross-border health care and establishes shared practices to implement mechanisms and policies allowing patient data exchange between distinct national eHealth systems. In such a scenario, in fact, PKIs of communicating countries cannot be considered mutually trusted and thus a third party acting as a broker is needed. We discuss how attacks performed by super-privileged malicious users, who gain access to broker nodes, can be used to compromise the whole security chain regardless of the security means which are in place. We evaluate the implementation of our proposed approach for OpenNCP by, first, dimensioning the number of parallel nodes using queuing models, and then, evaluate the performance with the specific parallel configurations found.
Keywords: Federated Systems; Heterogeneity; Trusted Execution; eHealth; OpenNCP; Intel SGX.