SPOT: Optimization Tool for Network Adaptable Security

  • Bogdan Ksiezopolski
  • Pawel Szalachowski
  • Zbigniew Kotulski
Part of the Communications in Computer and Information Science book series (CCIS, volume 79)

Abstract

Recently we have observed the growth of the intelligent application especially with its mobile character, called e-anything. The implementation of these applications provides guarantee of security requirements of the cryptographic protocols which are used in the application. Traditionally the protocols have been configured with the strongest possible security mechanisms. Unfortunately, when the application is used by means of the mobile devices, the strongest protection can lead to the denial of services for them. The solution of this problem is introducing the quality of protection models which will scale the protection level depending on the actual threat level. In this article we would like to introduce the application which manages the protection level of the processes in the mobile environment. The Security Protocol Optimizing Tool (SPOT) optimizes the cryptographic protocol and defines the protocol version appropriate to the actual threat level. In this article the architecture of the SPOT is presented with a detailed description of the included modules.

Keywords

security tools security metrics quality of protection adaptable security security models security architecture cryptographic protocols 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Merabti, M., Shi, Q., Oppliger, R.: Advanced security techniques for network protection. Computer Communications 23, 151–158 (2000)CrossRefGoogle Scholar
  2. 2.
    Lambrinoudakis, C., Gritzalis, S., Dridi, F., Pernul, G.: Security requirements for e-government services: a methodological approach for developing a common PKI-based security policy. Computers & Security 26, 1873–1883 (2003)Google Scholar
  3. 3.
    Ksiezopolski, B., Kotulski, Z., Szalachowski, P.: Adaptive approach to network security. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) 16th Conference of Computer Networks, CN 2009, Wisła, Poland. CCIS, vol. 39, pp. 233–241. Springer, Heidelberg (2009)Google Scholar
  4. 4.
    Szalachowski, P., Ksiezopolski, B., Kotulski, Z.: CMAC, CCM and GCM/GMAC: advanced modes of operation of symmetric block ciphers in the Wireless Sensor Networks. In: Elsevier: Information Processing Letters (accepted paper) (2010)Google Scholar
  5. 5.
    Ksiezopolski, B., Kotulski, Z.: Adaptable security mechanism for the dynamic environments. Computers & Security 26, 246–255 (2007)CrossRefGoogle Scholar
  6. 6.
    Lindskog, S.: Modeling and Tuning Security from a Quality of Service Perspective. PhD dissertation, Department of Computer Science and Engineering, Chalmers University of Technology, Goteborg, Sweden (2005)Google Scholar
  7. 7.
    Schneck, P., Schwan, K.: Authenticast: An Adaptive Protocol for High-Performance, Secure Network Applications, Technical Report GIT-CC-97-22 (1997)Google Scholar
  8. 8.
    Ong, C.S., Nahrstedt, K., Yuan, W.: Quality of protection for mobile applications. In: IEEE International Conference on Multimedia & Expo., pp. 137–140 (2003)Google Scholar
  9. 9.
    Sun, Y., Kumar, A.: Quality od Protection(QoP): A quantitative methodology to grade security services. In: 28th Confrence on Distributed Computing Systems Workshop, pp. 394–399 (2008)Google Scholar
  10. 10.
    Blanco, V., Gonzalez, P., Cabaleiro, J.C., Heras, D.B., Pena, T.F., Pombo, J.J., Rivera, F.F.: AVISPA: visualizing the performance prediction of parallel iterative solvers. Future Generation Computer Systems 19, 721–733 (2003)CrossRefGoogle Scholar
  11. 11.
    Vigano, L.: Automated Security Protocol Analysis With the AVISPA Tool. Electronic Notes in Theoretical Computer Science 115, 61–86 (2006)CrossRefGoogle Scholar
  12. 12.
    Blanchet, B., Chaudhuri, A.: Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage. In: Proceedings of the 29th IEEE Symposium on Security and Privacy, pp. 417–431 (2008)Google Scholar
  13. 13.
    Stankovic, J.A.: Real-Time Computing, University of Massachusetts (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Bogdan Ksiezopolski
    • 1
  • Pawel Szalachowski
    • 1
  • Zbigniew Kotulski
    • 2
    • 3
  1. 1.Institute of Computer ScienceMaria Curie-Sklodowska UniversityLublinPoland
  2. 2.Institute of Fundamental Technological Research of PASWarsawPoland
  3. 3.Institute of Telecommunications of WUTWarsawPoland

Personalised recommendations