Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards Measurable and Tunable Security
Karlstad University, Faculty of Economic Sciences, Communication and IT.
2007 (English)Licentiate thesis, comprehensive summary (Other scientific)
Abstract [en]

Many security services today only provides one security configuration at run-time, and cannot then utilize the trade-off between performance and security. In order to make use of this trade-off, tunable security services providing several security configurations that can be selected at run-time are needed. To be able to make intelligent choices on which security configuration to use for different situations we need to know how good they are, i.e., we need to order the different security configurations with respect to each security attribute using measures for both security and performance.

However, a key issue with computer security is that it is due to its complex nature hard to measure.

As the title of this thesis indicates, it discusses both security measures and tunable security services. Thus, it can be seen to consist of two parts. In the first part, discussing security measures for tunable security services, an investigation on the security implications of selective encryption by using guesswork as a security measure is made. Built on this an investigation of the relationship between guesswork and entropy. The result shows that guesswork,

after a minor redefinition, is equal to the sum of the entropy and the relative entropy.

The second part contributes to the area of tunable security services, e.g., services that provides several security configurations at run-time. In particular, we present the mobile Crowds (mCrowds) system,

an anonymity technology for the mobile Internet developed at Karlstad University, and a tunable encryption service, that is based on a selective encryption paradigm and designed as a middleware. Finally, an investigation of the tunable features provided by Mix-Nets and Crowds are done, using a conceptual model for tunable security services.

Place, publisher, year, edition, pages
Fakulteten för ekonomi, kommunikation och IT , 2007.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2007:39
Keywords [en]
tunable security, security measures, metrics, entropy, guesswork, privacy, anonymity, selective encryption
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-1200ISBN: 978-91-7063-142-9 (print)OAI: oai:DiVA.org:kau-1200DiVA, id: diva2:5019
Presentation
2007-10-23, Sjöströmsalen, 1B 309, Karlstads universitet, Karlstad, 10:00
Opponent
Supervisors
Available from: 2007-10-09 Created: 2007-10-09 Last updated: 2018-01-12
List of papers
1. Using Guesswork as a Measure for Confidentiality of Selectively Encrypted Messages
Open this publication in new window or tab >>Using Guesswork as a Measure for Confidentiality of Selectively Encrypted Messages
2006 (English)In: Quality of Protection: Security Measurements and Metrics / [ed] Dieter Gollmann, Fabio Massacci and Artsiom Yautsiukhin, Boston: Springer, 2006, p. 173-184Chapter in book (Refereed)
Abstract [en]

n this paper, we start to investigate the security implications of selective encryption. We do this by using the measure guesswork, which gives us the expected number of guesses that an attacker must perform in an optimal brute force attack to reveal an encrypted message. The characteristics of the proposed measure are investigated for zero-order languages. We also introduce the concept of reduction chains to describe how the message (or rather search) space changes for an attacker with different levels of encryption.

Place, publisher, year, edition, pages
Boston: Springer, 2006
Series
Advances in Information Security, ISSN 1568-2633 ; 23-4
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-1915 (URN)10.1007/978-0-387-36584-8_14 (DOI)
Available from: 2007-10-09 Created: 2007-10-09 Last updated: 2018-06-04Bibliographically approved
2. On the Relationship between Confidentiality Measures: Entropy and Guesswork
Open this publication in new window or tab >>On the Relationship between Confidentiality Measures: Entropy and Guesswork
2007 (English)In: WOSIS / [ed] Mariemma Inmaculada Yagüe del Valle and Eduardo Fernández-Medina, INSTICC Press , 2007, p. 135-144Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we investigate in detail the relationship between entropy and guesswork. The aim of the study is to lay the ground for future efficiency comparison of guessing strategies. After a short discussion of the two measures, and the differences between them, the formal definitions are given. Then, a redefinition of guesswork is made, since the measure is not completely accurate. The change is a minor modification in the last term of the sum expressing guesswork. Finally, two theorems are stated. The first states that the redefined guesswork is equal to the concept of cross entropy, and the second states, as a consequence of the first theorem, that the redefined guesswork is equal to the sum of the entropy and the relative entropy.

Place, publisher, year, edition, pages
INSTICC Press, 2007
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-1916 (URN)978-972-8865-96-2 (ISBN)
Conference
Proceedings of the 5th International Workshop on Security in Information Systems (WOSIS 2007), In conjunction with ICEIS 2007, Funchal, Madeira, Portugal, June 2007
Available from: 2007-10-09 Created: 2007-10-09 Last updated: 2018-01-12Bibliographically approved
3. Privacy-Enhanced WAP Browsing with mCrowds: Anonymity Properties and Performance Evaluation of the mCrowds System
Open this publication in new window or tab >>Privacy-Enhanced WAP Browsing with mCrowds: Anonymity Properties and Performance Evaluation of the mCrowds System
2004 (English)Conference paper, Published paper (Refereed)
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-1950 (URN)
Conference
The 4th Annual Information Security South Africa Conference (ISSA 2004)
Available from: 2007-12-19 Created: 2007-12-19 Last updated: 2018-06-04Bibliographically approved
4. Analysis of Anonymity Services from a Tunable Perspective
Open this publication in new window or tab >>Analysis of Anonymity Services from a Tunable Perspective
2007 (English)In: The Future of Identity in the Information Society: Proceedings of the Third IFIP WG 9.2, 9.6/ 11.6, 11.7/FIDIS International Summer School on The Future of Identity in the Information Society, Karlstad University, Sweden / [ed] Simone Fischer-Huebner, Penny Duquenoy, Albin Zuccato, Leonardo Martucci, Boston: IFIP , 2007Conference paper, Oral presentation only (Refereed)
Abstract [en]

In this paper, we investigate the tunable features provided by Mix-Nets and Crowds using a conceptual model for tunable secu- rity services. A tunable security service is deflned as a service that has been explicitly designed to ofier various security levels that can be se- lected at run-time. Normally, Mix-Nets and Crowds are considered to be static anonymity services, since they were not explicitly designed to provide tunability. However, as discussed in this paper, they both con- tain dynamic elements that can be used to achieve a tradeofi between anonymity and performance

Place, publisher, year, edition, pages
Boston: IFIP, 2007
Series
International Federation for Information Processing, ISSN 1571-5736 ; 262
Keywords
Conceptual Model
National Category
Computer Sciences
Identifiers
urn:nbn:se:kau:diva-1918 (URN)978-0-387-79026-8 (ISBN)
Conference
Proceedings of the IFIP WG 9.2, 9.6/11.7, 11.6/FIDIS Summer School on The Future of Identity in the Information Society, Karlstad University, Sweden, August 2007
Available from: 2007-10-09 Created: 2007-10-09 Last updated: 2018-06-04Bibliographically approved
5. Middleware Support for Tunable Encryption
Open this publication in new window or tab >>Middleware Support for Tunable Encryption
2006 (English)In: Wireless Information Systems: Proceedings of the 5th International Workshop on Wireless Information Systems / [ed] Qusay H. Mahmoud, Hans Weghorn, Setubal , Portugal: INSTICC Press , 2006, p. 36-46Conference paper, Oral presentation only (Refereed)
Abstract [en]

To achieve an appropriate tradeoff between security and performance for wireless applications, a tunable and differential treatment of security is required.

In this paper, we present a tunable encryption service designed as a middleware that is based on a selective encryption paradigm. The core component of the middleware provides block-based selective encryption. Although the selection of which data to encrypt is made by the sending application and is typically content-dependent, the representation used by the core component is application and content-independent. This frees the selective decryption module at the receiver from the need for application or content-specific knowledge. The sending application specifies the data to encrypt either directly or through a set of highlevel application interfaces. A prototype implementation of the middleware isdescribed along with an initial performance evaluation. The experimental results demonstrate that the generic middleware service offers a high degree of security adaptiveness at a low cost.

 

Place, publisher, year, edition, pages
Setubal , Portugal: INSTICC Press, 2006
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-1919 (URN)978-972-8865-48-1 (ISBN)
Conference
The 5th International Workshop on Wireless Information Systems, WIS 2006, in conjunction with ICEIS 2006, Paphos, Cyprus, May 2006
Available from: 2007-10-09 Created: 2007-10-09 Last updated: 2018-06-04Bibliographically approved

Open Access in DiVA

fulltext(220 kB)586 downloads
File information
File name FULLTEXT01.pdfFile size 220 kBChecksum SHA-1
34192dfd240bb303bf8d3f868f871a92237ced8027f4daa36717ac7062116d9e7b33288e
Type fulltextMimetype application/pdf

By organisation
Faculty of Economic Sciences, Communication and IT
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 586 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 360 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf