The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cyber-physical systems represent an engineering challenge due to their safety and security concerns, particularly those systems involved in critical infrastructure which require some of the highest standards of safety, availability, integrity and security. The complexity of these systems makes the identification and analysis of safety and security requirements challenging. In this paper, we present...
The adoption of cloud computing is increasing and its use is becoming widespread in many sectors. As the proportion of services provided using cloud computing increases, legal and regulatory issues are becoming more significant. In this paper we explore how an Information Flow Audit (IFA) mechanism, that provides key data regarding provenance, can be used to verify compliance with regulatory and contractual...
The purpose of this paper is to describe the complexity of an Automated Border Control (ABC) context and the factors influencing the experience passengers and border guards have when interacting with ABC systems. Automated border control is expected to make border checks quicker and more efficient as well reducing the cost. At the same time, the purpose is to enhance the level of border security....
Industrial Control Systems (ICS) are used for operating and monitoring industrial processes. Recent reports state that current ICS infrastructures are not sufficiently protected against cyber threats. Unfortunately, due to the specific nature of these systems, the application of common security counter-measures is often not effective. This paper summarizes experiences over a series of research efforts...
Perception of one's environment is the first level in Endsley's three-part situational awareness (SA) development process critical for effective decision making. However, technological advances allow decision makers removed from the environment upon which they base their decisions to be increasing dependent upon indirect observations, or cues, provided by complex system of systems. One aspect of indirect...
Enabling cross-organizational cooperation in ubiquitous computing environments poses new security challenges that concern particularly the interoperability of security management systems and the security policies of each organization. In this paper, we present a semantic framework for cooperative security management processes design in a cross-organizational context. Our framework is based on a hybrid...
We address the detection of process-related threats in control systems used in critical infrastructures. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the industrial process. We use logs to detect anomalous patterns of user actions on process control application. A preliminary case study suggests...
The support for non-functional concerns (NFC) is essential for the success and adoption of web services. However, state of the art works offer only a limited support for these concerns especially when it comes to the composition of multiple non-functional concerns with composite web services. In this paper, we focus on the composition of non-functional actions (NFA) with composite web services whose...
In this paper, we investigate the security challenges and issues of cyber-physical systems. (1)We abstract the general workflow of cyber physical systems, (2)identify the possible vulnerabilities, attack issues, adversaries characteristics and a set of challenges that need to be addressed, (3)then we also propose a context-aware security framework for general cyber-physical systems and suggest some...
Interface automata (IA) introduce a framework to model stateful interfaces. Interface structures for security (ISS) extend IA to cope with security properties. In this article, we argue that bisimulation-based non interference is not quite appropriate to characterize security on ISS. We instead introduce refinement-based variants of non-interference that fit better in this context. Moreover, we show...
In this period of grave economic uncertainty, organizations have to manage increasingly complicated situations in an environment that is subject to massive and rapid evolution. A solely intuitive approach to risk management is no longer sufficient when considering the need to optimize investments in relation to security. It is necessary to find the often difficult balance between the cost of risks...
ITIL (IT Infrastructure Library) provides a framework of best practice guidance for IT service management based on process, and has grown to become the most widely accepted approach to IT service management in the world. ITIL processes are implemented so that they underpin the organization business, and play the core role in the framework. The paper presents ITIL process integration architecture in...
We propose a method for dynamic security domain scaling on SMPs that offers both highly scalable performance and high security for future high-end embedded systems. Its most important feature is its highly efficient use of processor resources, accomplished by dynamically changing the number of processors within a security domain in response to application load requirements. Two new technologies make...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.