SPOT: Optimization Tool for Network Adaptable Security
Recently we have observed the growth of the intelligent application especially with its mobile character, called e-anything. The implementation of these applications provides guarantee of security requirements of the cryptographic protocols which are used in the application. Traditionally the protocols have been configured with the strongest possible security mechanisms. Unfortunately, when the application is used by means of the mobile devices, the strongest protection can lead to the denial of services for them. The solution of this problem is introducing the quality of protection models which will scale the protection level depending on the actual threat level. In this article we would like to introduce the application which manages the protection level of the processes in the mobile environment. The Security Protocol Optimizing Tool (SPOT) optimizes the cryptographic protocol and defines the protocol version appropriate to the actual threat level. In this article the architecture of the SPOT is presented with a detailed description of the included modules.
Keywordssecurity tools security metrics quality of protection adaptable security security models security architecture cryptographic protocols
Unable to display preview. Download preview PDF.
- 2.Lambrinoudakis, C., Gritzalis, S., Dridi, F., Pernul, G.: Security requirements for e-government services: a methodological approach for developing a common PKI-based security policy. Computers & Security 26, 1873–1883 (2003)Google Scholar
- 3.Ksiezopolski, B., Kotulski, Z., Szalachowski, P.: Adaptive approach to network security. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) 16th Conference of Computer Networks, CN 2009, Wisła, Poland. CCIS, vol. 39, pp. 233–241. Springer, Heidelberg (2009)Google Scholar
- 4.Szalachowski, P., Ksiezopolski, B., Kotulski, Z.: CMAC, CCM and GCM/GMAC: advanced modes of operation of symmetric block ciphers in the Wireless Sensor Networks. In: Elsevier: Information Processing Letters (accepted paper) (2010)Google Scholar
- 6.Lindskog, S.: Modeling and Tuning Security from a Quality of Service Perspective. PhD dissertation, Department of Computer Science and Engineering, Chalmers University of Technology, Goteborg, Sweden (2005)Google Scholar
- 7.Schneck, P., Schwan, K.: Authenticast: An Adaptive Protocol for High-Performance, Secure Network Applications, Technical Report GIT-CC-97-22 (1997)Google Scholar
- 8.Ong, C.S., Nahrstedt, K., Yuan, W.: Quality of protection for mobile applications. In: IEEE International Conference on Multimedia & Expo., pp. 137–140 (2003)Google Scholar
- 9.Sun, Y., Kumar, A.: Quality od Protection(QoP): A quantitative methodology to grade security services. In: 28th Confrence on Distributed Computing Systems Workshop, pp. 394–399 (2008)Google Scholar
- 12.Blanchet, B., Chaudhuri, A.: Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage. In: Proceedings of the 29th IEEE Symposium on Security and Privacy, pp. 417–431 (2008)Google Scholar
- 13.Stankovic, J.A.: Real-Time Computing, University of Massachusetts (1992)Google Scholar