Search For:

Displaying 1-23 out of 23 total
Intrusion-Tolerant Middleware: The Road to Automatic Security
Found in: IEEE Security and Privacy
By Paulo E. Veríssimo, Nuno F. Neves, Christian Cachin, Jonathan Poritz, David Powell, Yves Deswarte, Robert Stroud, Ian Welch
Issue Date:July 2006
pp. 54-62
The pervasive interconnection of systems throughout the world has given computer services a significant socioeconomic value that both accidental faults and malicious activity can affect. The classical approach to security has mostly consisted of trying to ...
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
Found in: IEEE Transactions on Software Engineering
By Rodolphe Ortalo, Yves Deswarte, Mohamed Kaâniche
Issue Date:September 1999
pp. 633-650
<p><b>Abstract</b>—This paper presents the results of an experiment in security evaluation. The system is modeled as a privilege graph that exhibits its security vulnerabilities. Quantitative measures that estimate the effort an attacker ...
Diversity against Accidental and Deliberate Faults
Found in: Computer Security, Dependability, and Assurance
By Yves Deswarte, Karama Kanoun, Jean-Claude Laprie
Issue Date:July 1998
pp. 171
The paper is aimed at examining the relationship between the three topics of the workshops that gave rise to this book: security, fault tolerance, and software assurance. Those three topics can be viewed as different facets of dependability. The paper focu...
Internet Security Despite Untrustworthy Agents and Components
Found in: Future Trends of Distributed Computing Systems, IEEE International Workshop
By Yves Deswarte
Issue Date:October 1997
pp. 218
Despite the increasing role of Internet in the world economy and commerce, its infrastructure is fragile, as can be shown by Morris's worm and the recent DNS collapse. This kind of vulnerability is not addressed by future Internet improvements such as IPv6...
Potential Attacks on Onboard Aerospace Systems
Found in: IEEE Security & Privacy Magazine
By Anthony Dessiatnikoff,Yves Deswarte,&#x00C9;ric Alata,Vincent Nicomette
Issue Date:July 2012
pp. 71-74
Because security is becoming a major concern for aircraft manufacturers and satellite makers, vulnerability discovery and countermeasures should be integrated into onboard computing systems early during their development. Attacks against aerospace computer...
I/O Attacks in Intel PC-based Architectures and Countermeasures
Found in: SysSec Workshop
By Fernand Lone Sang,Vincent Nicomette,Yves Deswarte
Issue Date:July 2011
pp. 19-26
For a few years now, attacks involving I/O controllers have been subject to a growing interest. Unlocking smart phones and game consoles through USB connections, or bypassing authentication through Fire Wire are examples of such attacks. Our study focuses ...
Manipulation of Network Traffic Traces for Security Evaluation
Found in: Advanced Information Networking and Applications Workshops, International Conference on
By Mohamed Gadelrab, Anas Abou El Kalam, Yves Deswarte
Issue Date:May 2009
pp. 1124-1129
Testing network-based security tools such as Intrusion Detection and Prevention Systems (IDS/IPS) differs from testing ordinary network tools (e.g., routers and switches). Basically, in addition to the parameters (such as bandwidth utilization, routing inf...
Execution Patterns in Automatic Malware and Human-Centric Attacks
Found in: Network Computing and Applications, IEEE International Symposium on
By Mohammed Gadelrab, Anas Abou El Kalam, Yves Deswarte
Issue Date:July 2008
pp. 29-36
With the massive surges of new malware, the ‎intuitive detection techniques currently used in most ‎security tools deem ineffective. Consequently, we ‎urgently need better solutions that are established on ‎solid theoretical basis. It becomes, thus, necess...
The Design of a Generic Intrusion-Tolerant Architecture for Web Servers
Found in: IEEE Transactions on Dependable and Secure Computing
By Ayda Saidane, Vincent Nicomette, Yves Deswarte
Issue Date:January 2009
pp. 45-58
Nowadays, more and more information systems are connected to the Internet and offer Web interfaces to the general public or to a restricted set of users. Such openness makes them likely targets for intruders, and conventional protection techniques have bee...
Closed-Circuit Unobservable Voice over IP
Found in: Computer Security Applications Conference, Annual
By Carlos Aguilar Melchor, Yves Deswarte, Julien Iguchi-Cartigny
Issue Date:December 2007
pp. 119-128
Among all the security issues in Voice over IP (VoIP) communications, one of the most difficult to achieve is traf- fic analysis resistance. Indeed, classical approaches pro- vide a reasonable degree of security but induce large round- trip times that are ...
Efficient Remote Data Possession Checking in Critical Information Infrastructures
Found in: IEEE Transactions on Knowledge and Data Engineering
By Francesc Sebé, Josep Domingo-Ferrer, Antoni Martínez-Ballesté, Yves Deswarte, Jean-Jacques Quisquater
Issue Date:August 2008
pp. 1034-1038
Checking data possession in networked information systems such as those related to critical infrastructures (power facilities, airports, data vaults, defense systems, etc.) is a matter of crucial importance. Remote data possession checking protocols permit...
Access Control for Collaborative Systems: A Web Services Based Approach
Found in: Web Services, IEEE International Conference on
By Anas Abou El Kalam, Yves Deswarte, Amine Baïna, Mohamed Kaaniche
Issue Date:July 2007
pp. 1064-1071
Nowadays, systems are more and more open, distributed and collaborative. In this context, access control is an important issue that should be studied, specified and well enforced. This work proposes a new access control model for collaborative systems:
From DC-Nets to pMIXes: Multiple Variants for Anonymous Communications
Found in: Network Computing and Applications, IEEE International Symposium on
By Carlos Aguilar Melchor, Yves Deswarte
Issue Date:July 2006
pp. 163-172
Current systems providing anonymous communication with low latency [15, 13] are based on relay-networks. Since a single relay can betray its users, it is necessary to use several relays for each communication which distributes the trust among them. This in...
Privacy Requirements Implemented with a JavaCard
Found in: Computer Security Applications Conference, Annual
By Anas Abou el Kalam, Yves Deswarte
Issue Date:December 2005
pp. 527-536
<p>Privacy is extremely important in healthcare systems. Unfortunately, most of the solutions already deployed are developed empirically. After discussing some of such existing solutions, this paper describes an analytic and generic approach to prote...
pMIX: Untraceability for Small Hiding Groups.
Found in: Network Computing and Applications, IEEE International Symposium on
By Carlos Aguilar Melchor, Yves Deswarte
Issue Date:July 2005
pp. 29-40
<p>MIXes are routers that accept packets until their buffers are full, and then send them to the recipients hiding the link (usually through reencryption and rearrangement) between incoming and outgoing packets.</p> <p>MIXes and their var...
Dependable Computing System Evaluation Criteria: SQUALE Proposal
Found in: Dependable Computing for Critical Applications
By Yves Deswarte
Issue Date:January 1999
pp. 397
The SQUALE project has developed assessment criteria which aim at providing a justified confidence that an assessed system will achieve, during its operational life and its disposal, the dependability objectives assigned to it.
A Tool to Analyze Potential I/O Attacks Against PCs
Found in: IEEE Security & Privacy
By Fernand Lone Sang,Vincent Nicomette,Yves Deswarte
Issue Date:July 2013
pp. 1
Abstract. This paper presents a multi-purpose FPGA-based tool designed to analyze I/O attacks against PCs. Instead of making the CPU execute malicious software (or malware), I/O attacks use I/O controllers or peripheral devices to run attacks and, as such,...
Intrusion Tolerance for Internet Applications
Found in: Network Computing and Applications, IEEE International Symposium on
By Yves Deswarte, David Powell
Issue Date:September 2004
pp. 35-36
The Internet has become essential to most enterprises and many private individuals. However, both the network and computer systems connected to it are still too vulnerable and attacks are becoming evermore frequent. To face this situation, traditional secu...
Organization based access control
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Anas Abou El Kalam, Salem Benferhat, Alexandre Miège, Rania El Baida, Frédéric Cuppens, Claire Saurel, Philippe Balbiani, Yves Deswarte, Gilles Trouessin
Issue Date:June 2003
pp. 120
None of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligati...
Dependable Intrusion Tolerance: Technology Demo
Found in: DARPA Information Survivability Conference and Exposition,
By Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, Hassen Saïdi, Victoria Stavridou, Tomás E. Uribe
Issue Date:April 2003
pp. 128
The Dependable Intrusion Tolerance (DIT) architecture is a flexible, adaptive, and intrusion-tolerant server design. We briefly discuss its prototype implementation and validation, and demonstrate how it resists sample attacks.
Enhancing dependability in avionics using virtualization
Found in: Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems (VDTS '09)
By David Powell, Eric De Nadai, Jean Arlat, Youssef Laarouchi, Yves Deswarte
Issue Date:March 2009
pp. 13-17
Software in avionics has always been totally separated from open-world software, in order to avoid any interaction that could corrupt critical on-board systems. However, new aircraft generations need more interaction with off-board systems to offer extende...
A generic approach for healthcare data anonymization
Found in: Proceedings of the 2004 ACM workshop on Privacy in the electronic society (WPES '04)
By Anas Abou El Kalam, Emmanuel Cordonnier, Gilles Trouessin, Yves Deswarte
Issue Date:October 2004
pp. 31-32
Nowadays, more and more applications use sensitive and personal information. Subsequently, respecting citizens' privacy is becoming extremely important. Dedicated to this issue, this paper suggests a rigorous approach to define anonymization requirements, ...
An intrusion tolerant architecture for dynamic content internet servers
Found in: Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security (SSRS '03)
By Ayda Saidane, Vincent Nicomette, Yves Deswarte
Issue Date:October 2003
pp. 110-114
This paper describes a generic architecture for intrusion tolerant Internet servers. It aims to build systems that are able to survive attacks in the context of an open network such as the Internet. To do so, the design is based on fault tolerance techniqu...