Visible to the public Biblio

Filters: Keyword is trust boundaries  [Clear All Filters]
2020-11-20
Moghaddam, F. F., Wieder, P., Yahyapour, R., Khodadadi, T..  2018.  A Reliable Ring Analysis Engine for Establishment of Multi-Level Security Management in Clouds. 2018 41st International Conference on Telecommunications and Signal Processing (TSP). :1—5.
Security and Privacy challenges are the most obstacles for the advancement of cloud computing and the erosion of trust boundaries already happening in organizations is amplified and accelerated by this emerging technology. Policy Management Frameworks are the most proper solutions to create dedicated security levels based on the sensitivity of resources and according to the mapping process between requirements cloud customers and capabilities of service providers. The most concerning issue in these frameworks is the rate of perfect matches between capabilities and requirements. In this paper, a reliable ring analysis engine has been introduced to efficiently map the security requirements of cloud customers to the capabilities of service provider and to enhance the rate of perfect matches between them for establishment of different security levels in clouds. In the suggested model a structural index has been introduced to receive the requirement and efficiently map them to the most proper security mechanism of the service provider. Our results show that this index-based engine enhances the rate of perfect matches considerably and decreases the detected conflicts in syntactic and semantic analysis.
2015-04-30
Goldman, A.D., Uluagac, A.S., Copeland, J.A..  2014.  Cryptographically-Curated File System (CCFS): Secure, inter-operable, and easily implementable Information-Centric Networking. Local Computer Networks (LCN), 2014 IEEE 39th Conference on. :142-149.

Cryptographically-Curated File System (CCFS) proposed in this work supports the adoption of Information-Centric Networking. CCFS utilizes content names that span trust boundaries, verify integrity, tolerate disruption, authenticate content, and provide non-repudiation. Irrespective of the ability to reach an authoritative host, CCFS provides secure access by binding a chain of trust into the content name itself. Curators cryptographically bind content to a name, which is a path through a series of objects that map human meaningful names to cryptographically strong content identifiers. CCFS serves as a network layer for storage systems unifying currently disparate storage technologies. The power of CCFS derives from file hashes and public keys used as a name with which to retrieve content and as a method of verifying that content. We present results from our prototype implementation. Our results show that the overhead associated with CCFS is not negligible, but also is not prohibitive.