To see the other types of publications on this topic, follow the link: Software-based attestation.
Journal articles on the topic 'Software-based attestation'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Software-based attestation.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Vieira Steiner, Rodrigo, and Emil Lupu. "Towards more practical software-based attestation." Computer Networks 149 (February 2019): 43–55. http://dx.doi.org/10.1016/j.comnet.2018.11.003.
Full text
2
Heo, Kyung-Soo, Hyun-Woo Choi, Hyun-Su Jang, and Young-Ik Eom. "Mutual Attestation Protocol using Software-based Attestation Scheme in Sensor Network Environments." KIPS Transactions:PartC 15C, no. 1 (2008): 9–18. http://dx.doi.org/10.3745/kipstc.2008.15-c.1.9.
Full text
3
Brandão, Luís T. A. N., Carlos E. C. Galhardo, and René Peralta. "ZKASP: ZKP-based attestation of software possession for measuring instruments." Measurement Science and Technology 33, no. 6 (2022): 064001. http://dx.doi.org/10.1088/1361-6501/ac5438.
Full textAbstract:
Abstract Software-controlled measuring instruments used in commercial transactions, such as fuel dispensers and smart meters, are sometimes subject to ‘memory replacement’ attacks. Cybercriminals replace the approved software by a malicious one that then tampers with measurement results, inflicting a financial loss to customers and companies. To mitigate such attacks, legal metrology systems often require regular device attestation, where an auditor checks that the device possesses (‘knows’) the approved software. However, current attestation methods usually require the software to be known by the auditor, thus increasing the risk of inadvertent leakage or malicious theft of proprietary information, besides facilitating its malicious adulteration. We describe how this issue can be addressed in legal metrology systems by using zero-knowledge proofs of knowledge (ZKPoK). These proofs enable attestation of possession of approved software, while ensuring its confidentiality from the auditor. To further provide publicly verifiable evidence of freshness, each such proof can be related to a fresh random value from a public randomness beacon. This article presents the basic conceptual idea, while also discussing pitfalls that should be avoided.
4
Ho, Jun-Won. "Distributed Software-Attestation Defense against Sensor Worm Propagation." Journal of Sensors 2015 (2015): 1–6. http://dx.doi.org/10.1155/2015/874782.
Full textAbstract:
Wireless sensor networks are vulnerable to sensor worm attacks in which the attacker compromises a few nodes and makes these compromised nodes initiate worm spread over the network, targeting the worm infection of the whole nodes in the network. Several defense mechanisms have been proposed to prevent worm propagation in wireless sensor networks. Although these proposed schemes use software diversity technique for worm propagation prevention under the belief that different software versions do not have common vulnerability, they have fundamental drawback in which it is difficult to realize the aforementioned belief in sensor motes. To resolve this problem, we propose on-demand software-attestation based scheme to defend against worm propagation in sensor network. The main idea of our proposed scheme is to perform software attestations against sensor nodes in on-demand manner and detect the infected nodes by worm, resulting in worm propagation block in the network. Through analysis, we show that our proposed scheme defends against worm propagation in efficient and robust manner. Through simulation, we demonstrate that our proposed scheme stops worm propagation at the reasonable overhead while preventing a majority of sensor nodes from being infected by worm.
5
Li, Hongchao, Tao Shen, Fenhua Bai, and Bei Gong. "Blockchain-Assisted Distributed Fog Computing Control Flow Attestation." Security and Communication Networks 2022 (August 28, 2022): 1–17. http://dx.doi.org/10.1155/2022/6128155.
Full textAbstract:
The control flow hijacking attack poses a serious threat to the integrity of the software. The attacker exploits the loophole to hijack the control flow of the running program to achieve the purpose of the attack. Remote control flow attestation is a method for embedded devices to ensure the integrity of the software. With the continuous development of Internet of Things (IoT) technology, embedded devices have exploded. None of the existing control flow attestation schemes can adapt to the real-time attestation requests of such massive embedded devices. This paper proposes a blockchain-assisted distributed fog computing control flow attestation scheme BDFCFA to deal with this scenario. The scheme uses a simplified control flow representation model, which can effectively represent the control flow of the program and reduce the runtime overhead of the prover in the attestation process. We use SGX technology to protect the integrity and confidentiality of verifier and prover data during the attestation process. Our proposed bidirectional control flow attestation protocol based on the elliptic curve can greatly protect the communication security between verifiers and provers without incurring excessive performance overhead and communication cost. We evaluate the performance of BDFCFA through the SNU real-time benchmark and demonstrate that BDFCFA has better performance. Finally, compared to the existing remote control flow attestation scheme, the results show that BDFCFA has the highest security.
6
Kylänpää, Markku, and Jarno Salonen. "Combining System Integrity Verification with Identity and Access Management." European Conference on Cyber Warfare and Security 21, no. 1 (2022): 140–49. http://dx.doi.org/10.34190/eccws.21.1.202.
Full textAbstract:
Digital transformation and the utilization of Industrial IoT (IIoT) introduces numerous interconnected devices to factories increasing among others the challenge of managing their software versions and giving attackers new possibilities to exploit various software vulnerabilities.
 Factory networks were earlier isolated from the Internet. However, this separation is no longer valid and there can be connections that allow intruders to penetrate into information systems of factories. Another issue is that although factories typically are physically isolated, it is not necessarily safe to assume that physical security is in good shape as the novel supply networks comprise subcontracted activities and temporary work force. Another threat can also arise from unauthorized monitoring of devices and the unauthorized replacement of existing ones.
 Based on the previous, it is crucial that IIoT security should be built into factories of the future (FoF) right from the design phase and even low-end devices need to be supported. Trusted computing concept called remote attestation should be used. Remote attestation allows remote parties to verify the integrity of each system component. System components should include trusted hardware components that can be used to measure executable software. The term measurement means calculating the cryptographic hash of the binary component before passing control to it. Trusted hardware components should also have a mechanism to protect the integrity of the measurement list and cryptographic keys that can be used to sign integrity assertions. The verifier part should have a storage of reference integrity metrics identifying the expected values of these measurements.
 Deploying trusted computing and remote attestation concepts to industrial automation is not straightforward. Even if it is possible to use remote attestation with suitable hardware components, it is not clear how remote attestation should be integrated with various operational technology (OT) industrial automation protocols. Approaches to use remote attestation with existing industrial automation protocols (e.g., OPC UA) is discussed. Advanced identity and access management (e.g., OAuth2, OpenID Connect) can be used to combine integrity measurements with device identity information so that the remote attestation process is triggered by authentication during the first transaction. The focus is on machine-to-machine (M2M) communications with immutable device identities and integrity evidence transfer.
7
Vasileva, Margarita, and Milena Lambeva. "INTELLIGENT METHODS FOR ATTESTATION OF SCIENTIFIC AND TEACHING STAFF. RASCH MODEL." Environment. Technology. Resources. Proceedings of the International Scientific and Practical Conference 2 (June 15, 2017): 171. http://dx.doi.org/10.17770/etr2017vol2.2665.
Full textAbstract:
Introduced in many universities quality management systems suggest the development of appropriate technologies for the assessment of learning results. Unfortunately, some of the real tasks remain outside the scope of the systems due to complexity, non-formalization, unawareness or lack of adequate mathematical models, software and more. Such is the task of attestation of the research and teaching staff, which is being periodically solved in universities. The work proposed model for the formalization of the problem of attestation of scientific and pedagogical staff, based on an adapted version of the one-parameter Rasch model for dichotomic data. The model allows software implementation and help to reduce the subjectivism in evaluating the performance of teachers in universities.
8
Dietrich, Kurt. "On Reliable Platform Configuration Change Reporting Mechanisms for Trusted Computing Enabled Platforms." JUCS - Journal of Universal Computer Science 16, no. (4) (2010): 507–18. https://doi.org/10.3217/jucs-016-04-0507.
Full textAbstract:
One of the most important use-cases of Trusted Computing is Remote Attestation. Itallows platforms to get a trustworthy proof of the loaded software and current configuration of certain remote platforms, thereby enabling them to make decisions about the remote platforms'trust status. Common concepts like Internet Protocol security or Transport Layer Security make these decisions based on shared secrets or certificates issued by third parties. Unlike remote at-testation, these concepts do not take the current configuration or currently loaded software of the platforms into account. Consequently, combining remote attestation and existing secure channelconcepts can solve the long lasting problem of secure channels that have to rely on insecure channel endpoints. Although this gap can now be closed by Trusted Computing, one important prob-lem remains unsolved: A platform's configuration changes everytime new software is loaded. Consequently, a reliable and in-time method to provide a proof for this configuration change -especially on multiprocess machines - is required to signal the platforms involved in the communication that a configuration change of the respectively other platform has taken place. Ourresearch results show that a simple reporting mechanism can be integrated into current Trusted Platform Modules and Transport Layer Security implementations with a few additional TrustedPlatform Modules commands and a few extensions to the TLS protocol.
9
Ankergård, Sigurd Frej Joel Jørgensen, Edlira Dushku, and Nicola Dragoni. "State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things." Sensors 21, no. 5 (2021): 1598. http://dx.doi.org/10.3390/s21051598.
Full textAbstract:
The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.
10
Qin, Yu, Jingbin Liu, Shijun Zhao, Dengguo Feng, and Wei Feng. "RIPTE: Runtime Integrity Protection Based on Trusted Execution for IoT Device." Security and Communication Networks 2020 (September 23, 2020): 1–14. http://dx.doi.org/10.1155/2020/8957641.
Full textAbstract:
Software attacks like worm, botnet, and DDoS are the increasingly serious problems in IoT, which had caused large-scale cyber attack and even breakdown of important information infrastructure. Software measurement and attestation are general methods to detect software integrity and their executing states in IoT. However, they cannot resist TOCTOU attack due to their static features and seldom verify correctness of control flow integrity. In this paper, we propose a novel and practical scheme for software trusted execution based on lightweight trust. Our scheme RIPTE combines dynamic measurement and control flow integrity with PUF device binding key. Through encrypting return address of program function by PUF key, RIPTE can protect software integrity at runtime on IoT device, enabling to prevent the code reuse attacks. The results of our prototype’s experiment show that it only increases a small size TCB and has a tiny overhead in IoT devices under the constraint on function calling. In sum, RIPTE is secure and efficient in IoT device protection at runtime.
11
GOLUBEVA, O., V. CHERTKOV, K. HARYST, and G. PESHKOVA. "SOFTWARE FOR AUTOMATION OF PERSONNEL PROFESSIONAL SELECTION AND EMPLOYEE ATTESTATION OF JSC «NAFTAN» BASED ON THE MODEL OF KEY COMPETENCIES." HERALD OF POLOTSK STATE UNIVERSITY. Series С FUNDAMENTAL SCIENCES, no. 1 (April 24, 2024): 2–7. http://dx.doi.org/10.52928/2070-1624-2024-42-1-2-7.
Full textAbstract:
Formation of a capable and highly efficient team is the main task of personnel work at petrochemical enterprises, which are high-risk facilities. High requirements are imposed on the qualification of engineering and technical personnel of oil refineries. The process of selection of candidates for work in technical or engineering specialties is rather labor-intensive. Development of software for automation of personnel selection and employee attestation processes for JSC «Naftan» based on the model of key professional competencies will improve the procedure of hiring efficiency, will allow processing more applications of applicants and focusing on the best of them already at the initial stages.
12
Marco, De Benedictis, and Lioy Antonio. "Integrity verification of Docker containers for a lightweight cloud environment." Future Generation Computer Systems 97 (July 3, 2019): 236–46. https://doi.org/10.5281/zenodo.3267028.
Full textAbstract:
Virtualisation techniques are growing in popularity and importance, given their application to server consolidation and to cloud computing. Remote Attestation is a well-known technique to assess the software integrity of a node. It works well with physical platforms, but not so well with virtual machines hosted in a full virtualisation environment (such as the Xen hypervisor or Kernel-based Virtual Machine) and it is simply not available for a lightweight virtualisation environment (such as Docker). On the contrary, the latter is increasingly used, especially in lightweight cloud platforms, because of its flexibility and limited overhead as compared to virtual machines. This paper presents a solution for security monitoring of a lightweight cloud infrastructure, which exploits Remote Attestation to verify the software integrity of cloud applications during their whole life-cycle. Our solution leverages mainstream tools and architectures, like the Linux Integrity Measurement Architecture, the OpenAttestation platform and the Docker container engine, making it practical and readily available in a real-world scenario. Compared to a standard Docker deployment, our solution enables run-time verification of container applications at the cost of a limited overhead.
13
Dirin, Amir, Ian Oliver, and Teemu H. Laine. "A Security Framework for Increasing Data and Device Integrity in Internet of Things Systems." Sensors 23, no. 17 (2023): 7532. http://dx.doi.org/10.3390/s23177532.
Full textAbstract:
The trustworthiness of a system is not just about proving the identity or integrity of the hardware but also extends to the data, control, and management planes of communication between devices and the software they are running. This trust in data and device integrity is desirable for Internet of Things (IoT) systems, especially in critical environments. In this study, we developed a security framework, IoTAttest, for building IoT systems that leverage the Trusted Platform Module 2.0 and remote attestation technologies to enable the establishment of IoT devices’ collected data and control plan traffic integrity. After presenting the features and reference architecture of IoTAttest, we evaluated the privacy preservation and validity through the implementation of two proof-of-concept IoT applications that were designed by two teams of university students based on the reference architecture. After the development, the developers answered open questions regarding their experience and perceptions of the framework’s usability, limitations, scalability, extensibility, potential, and security. The results indicate that IoTAttest can be used to develop IoT systems with effective attestation to achieve device and data integrity. The proof-of-concept solutions’ outcomes illustrate the functionalities and performance of the IoT framework. The feedback from the proof-of-concept developers affirms that they perceived the framework as usable, scalable, extensible, and secure.
14
Demidova, Liliya, Maksim Egin, and Yulia Sokolova. "SVM prediction of the attestation success on the base of the poll results." ITM Web of Conferences 18 (2018): 04002. http://dx.doi.org/10.1051/itmconf/20181804002.
Full textAbstract:
The problem of the data analysis in the educational sphere in the context of prediction of the passing's success of the final state attestation by the graduates of the secondary school has been considered. Such data can be imbalanced substantially. To solve this problem it is offered to use the SVM classifiers on the base of the modified PSO algorithm, which allows choosing the kernel function type, the values of the kernel function parameters and the value of the regularization parameter simultaneously. In advance, the different rebalancing strategies, based on the basic SMOTE algorithm, can be applied for rebalance the classes in the experimental datasets. The prediction results with the use of the SVM classifiers on the base of the modified PSO algorithm and the different rebalancing strategies have been presented and compared with the prediction results received on the base of the most known software packages, such as Statistica StatSoft and IBM SPSS Modeler.
15
C, Manjunatha R., Rekha K. R, and Nataraj K. R. "Implementation of Fuzzy Based Simulation for Clone Detection in Wireless Sensor Networks." International Journal of Electrical and Computer Engineering (IJECE) 6, no. 4 (2016): 1570. http://dx.doi.org/10.11591/ijece.v6i4.10017.
Full textAbstract:
<p>Wireless sensor networks are usually left unattended and serve hostile environment, therefore can easily be compromised. With compromised nodes an attacker can conduct several inside and outside attacks. Node replication attack is one of them which can cause severe damage to wireless sensor network if left undetected. This paper presents fuzzy based simulation framework for detection and revocation of compromised nodes in wireless sensor network. Our proposed scheme uses PDR statistics and neighbor reports to determine the probability of a cluster being compromised. Nodes in compromised cluster are then revoked and software attestation is performed.Simulation is carried out on MATLAB 2010a and performance of proposed scheme is compared with conventional algorithms on the basis of communication and storage overhead. Simulation results show that proposed scheme require less communication and storage overhead than conventional algorithms.</p>
16
C, Manjunatha R., Rekha K. R, and Nataraj K. R. "Implementation of Fuzzy Based Simulation for Clone Detection in Wireless Sensor Networks." International Journal of Electrical and Computer Engineering (IJECE) 6, no. 4 (2016): 1570. http://dx.doi.org/10.11591/ijece.v6i4.pp1570-1576.
Full textAbstract:
<p>Wireless sensor networks are usually left unattended and serve hostile environment, therefore can easily be compromised. With compromised nodes an attacker can conduct several inside and outside attacks. Node replication attack is one of them which can cause severe damage to wireless sensor network if left undetected. This paper presents fuzzy based simulation framework for detection and revocation of compromised nodes in wireless sensor network. Our proposed scheme uses PDR statistics and neighbor reports to determine the probability of a cluster being compromised. Nodes in compromised cluster are then revoked and software attestation is performed.Simulation is carried out on MATLAB 2010a and performance of proposed scheme is compared with conventional algorithms on the basis of communication and storage overhead. Simulation results show that proposed scheme require less communication and storage overhead than conventional algorithms.</p>
17
Gaur, Kuntal, Umashankar Rawat, Saket Acharya, Pradeep Kumar, and Anshuman Kalla. "Novel framework for enhancing security of SDN based VPLS architecture." Journal of Discrete Mathematical Sciences and Cryptography 27, no. 4 (2024): 1331–43. http://dx.doi.org/10.47974/jdmsc-1986.
Full textAbstract:
Software-Defined Networking (SDN) is an emerging technology that enables the extension of a single Ethernet broadcast domain over a wide area network. However, there are still several major network security threats that could lead to network and resource unavailability, man-in-the-middle attacks, cryptographic flaws, and other vulnerabilities. This paper presents a method that proposes the use of Trusted Platform Module (TPM)-based SDN Virtual Private LAN Services (VPLS), which is intended to provide a secure solution that can help mitigate various network attacks. Open VSwitch (OVS) is a virtual switch that can be used to implement SDN-based VPLS networks. Direct Anonymous Attestation (DAA) is used to verify the authenticity of hardware devices without revealing any identifying information about the devices. The proposed architecture is implemented in a testbed to analyze the performance. The results show that TPM can be utilized in an SDN network to enhance security by securely storing encryption keys and certificates.
18
Sarker, Arijet, Simeon Wuthier, Jinoh Kim, Jonghyun Kim, and Sang-Yoon Chang. "Blockchain Handshaking with Software Assurance: Version++ Protocol for Bitcoin Cryptocurrency." Electronics 13, no. 19 (2024): 3857. http://dx.doi.org/10.3390/electronics13193857.
Full textAbstract:
Cryptocurrency software implements cryptocurrency operations (including the distributed consensus protocol and peer-to-peer networking) and often involves the open-source community. We design a software assurance scheme for cryptocurrency and advance the cryptocurrency handshaking protocol by providing the verification capability of the Bitcoin software by peers and preventing any potential peer from establishing a connection with modified Bitcoin software. Since we focus on Bitcoin (the most popular cryptocurrency) for implementation and integration, we call our scheme Version++, built on and advancing the current Bitcoin handshaking protocol based on the Version message. Our Version++ protocol providing software assurance is distinguishable from previous research because it is permissionless, distributed, and lightweight for its cryptocurrency application. Our scheme is permissionless since it does not require a centralized trusted authority (unlike the remote software attestation techniques from trusted computing); it is distributed since the peer checks the software assurances of its own peer connections; and it is designed for efficiency/lightweight to support the dynamic nature of the peer connections and large-scale broadcasting in cryptocurrency networking. Utilizing Merkle Tree for the efficiency of the proof verification, we implement and test Version++ on Bitcoin software and conduct experiments in an active Bitcoin node prototype connected to the Bitcoin Mainnet. Our prototype-based performance analyses demonstrate the lightweight design of Version++. The peer-specific verification grows logarithmically with the number of software files in processing time and in storage. Furthermore, the Version++ verification overhead is small compared to the version-verack handshaking process; we measure the overhead to be 0.524% in our local networking environment between virtual machines and between 0.057% and 0.282% (depending on the peer location) in our more realistic cloud-based experiments with remote peer machines.
19
Birnstill, Pascal, Erik Krempel, Paul Wagner, and Jürgen Beyerer. "Identity Management and Protection Motivated by the General Data Protection Regulation of the European Union—A Conceptual Framework Based on State-of-the-Art Software Technologies." Technologies 6, no. 4 (2018): 115. http://dx.doi.org/10.3390/technologies6040115.
Full textAbstract:
In times of strongly (personal) data-driven economy, the inception of the European General Data Protection Regulation (GDPR) recently reinforced the call for transparency and informational self-determination—not only due to the penalties for data protection violations becoming significantly more severe. This paper recaps the GDPR articles that should be noticed by software designers and developers and explains how, from the perspective of computer scientists, the summarized requirements can be implemented based on state-of-the-art technologies, such as data provenance tracking, distributed usage control, and remote attestation protocols. For this, the challenges for data controllers, i.e., the service providers, as well as for the data subjects, i.e., the users whose personal data are being processed by the services, are worked out. As a result, this paper proposes the ideal functionality of a next-generation privacy dashboard interacting with data provenance and usage control infrastructure implemented at the service providers to operationalize the legal rights of the data subject granted by the GDPR. Finally, it briefly outlines the options for establishing trust in data provenance tracking and usage control infrastructures operated by the service providers themselves.
20
Tratter, Valaenthin, Mudassar Aslam, and Shahid Raza. "Shared Mobility for Transport and Its Environmental Impact VeSIPreS: A Vehicular Soft Integrity Preservation Scheme for Shared Mobility." Journal of Advanced Transportation 2021 (June 22, 2021): 1–18. http://dx.doi.org/10.1155/2021/5569331.
Full textAbstract:
Car manufacturers are noticing and encouraging a trend away from individual mobility, where a vehicle is owned and driven by one or only a few other persons, and towards shared-mobility concepts. That means that many different people use and have access to the same vehicle. An attacker disguised as a regular short-time user can use the additional attack vectors (s)he gets by having physical access to tamper the vehicle’s software. The software takes a continuously more crucial role in cars for autonomous driving, and manipulations can have catastrophic consequences for the persons on board. Currently, there is no mechanism available to the vehicle owner to detect such manipulations in the vehicle done by the attacker (short-time user). In this work, a novel vehicle attestation scheme called Vehicular Soft Integrity Preservation Scheme (VeSIPreS) is proposed to detect tampering in the software stack of a vehicle and guarantee the upcoming driver that the previous user has not changed the software of the vehicle. The solution consists of a software module in the vehicle and a mobile-based user application for the vehicle owner to monitor the vehicle’s soft integrity. Inside the vehicle, the software module is implemented in the central gateway, which acts as the primary security component. VeSIPreS uses Trusted Platform Module (TPM) in the central gateway, which anchors trust in our proposed solution. This paper also provides a proof-of-concept implementation with a TPM, demonstrating its application and deployment feasibility and presentig a security analysis to show the security of VeSIPreS.
21
Sisinni, Silvia, Davide Margaria, Ignazio Pedone, Antonio Lioy, and Andrea Vesco. "Integrity Verification of Distributed Nodes in Critical Infrastructures." Sensors 22, no. 18 (2022): 6950. http://dx.doi.org/10.3390/s22186950.
Full textAbstract:
The accuracy and reliability of time synchronization and distribution are essential requirements for many critical infrastructures, including telecommunication networks, where 5G technologies place increasingly stringent conditions in terms of maintaining highly accurate time. A lack of synchronization between the clocks causes a malfunction of the 5G network, preventing it from providing a high quality of service; this makes the time distribution network a very viable target for attacks. Various solutions have been analyzed to mitigate attacks on the Global Navigation Satellite System (GNSS) radio-frequency spectrum and the Precision Time Protocol (PTP) used for time distribution over the network. This paper highlights the significance of monitoring the integrity of the software and configurations of the infrastructural nodes of a time distribution network. Moreover, this work proposes an attestation scheme, based on the Trusted Computing principles, capable of detecting both software violations on the nodes and hardware attacks aimed at tampering with the configuration of the GNSS receivers. The proposed solution has been implemented and validated on a testbed representing a typical synchronization distribution network. The results, simulating various types of adversaries, emphasize the effectiveness of the proposed approach in a wide range of typical attacks and the certain limitations that need to be addressed to enhance the security of the current GNSS receivers.
22
Purification, Sourav, Jinoh Kim, Jonghyun Kim, Ikkyun Kim, and Sang-Yoon Chang. "Distributed and Lightweight Software Assurance in Cellular Broadcasting Handshake and Connection Establishment." Electronics 12, no. 18 (2023): 3782. http://dx.doi.org/10.3390/electronics12183782.
Full textAbstract:
With developments in OpenRAN and software-defined radio (SDR), the mobile networking implementations for radio and security control are becoming increasingly software-based. We design and build a lightweight and distributed software assurance scheme, which ensures that a wireless user holds the correct software (version/code) for their wireless networking implementations. Our scheme is distributed (to support the distributed and ad hoc networking that does not utilize the networking-backend infrastructure), lightweight (to support the resource-constrained device operations), modular (to support compatibility with the existing mobile networking protocols), and supports broadcasting (as mobile and wireless networking has broadcasting applications). Our scheme is distinct from the remote code attestation in trusted computing, which requires hardwarebased security and real-time challenge-and-response communications with a centralized trusted server, thus making its deployment prohibitive in the distributed and broadcasting-based mobile networking environments. We design our scheme to be prover-specific and incorporate the Merkle tree for the verification efficiency to make it appropriate for a wireless-broadcasting medium with multiple receivers. In addition to the theoretical design and analysis, we implement our scheme to assure srsRAN (a popular open-source software for cellular technology, including 4G and 5G) and provide a concrete implementation and application instance to highlight our scheme’s modularity, backward compatibility to the existing 4G/5G standardized protocol, and broadcasting support. Our scheme implementation incorporates delivering the proof in the srsRAN-implemented 4G/5G cellular handshake and connection establishment in radio resource control (RRC). We conduct experiments using SDR and various processors to demonstrate the lightweight design and its appropriateness for wireless networking applications. Our results show that the number of hash computations for the proof verification grows logarithmically with the number of software code files being assured and that the verification takes three orders of magnitude less time than the proof generation, while the proof generation overhead itself is negligible compared to the software update period.
23
Bokova, O. I., I. G. Drovnikov, A. D. Popov, and E. A. Rogozin. "MODEL OF THE PROCESS OF FUNCTIONING OF THE INFORMATION PROTECTION SYSTEM FROM UNAUTHORIZED ACCESS CREATED IN THE SOFTWARE ENVIRONMENT OF IMITATION MODELING "CPN TOOLS"." Herald of Dagestan State Technical University. Technical Sciences 46, no. 1 (2019): 90–102. http://dx.doi.org/10.21822/2073-6185-2019-46-1-90-102.
Full textAbstract:
Objectives. At present, conducting a computational experiment on a system for protecting information from unauthorized access operated in an automated system is a time consuming process. The greatest difficulty in this area of research is the determination of probabilistic-temporal characteristics and the formation of reports during the operation of the information protection system. In order to analyze, obtain and study the probabilistic-time characteristics of this system, it is necessary to develop a mathematical model of its operation using an imitational modeling tool.Method. One of the methods for solving this problem is a computational experiment, which is based on the construction of a simulation model. The CPN Tools environment was chosen as a software simulation product, the main advantages of which are: a high level of visualization, the ability to generate various reports on the system operation, fast modifiability of models for solving a different class of problems, as well as integration with other software means for the formation of graphical dependencies.Result. A simulation model of the system for protecting information from unauthorized access in the “CPN Tools” software environment was developed. protected performance.Conclusion. The presented im-model model of protecting information from unauthorized access in the software environment “CPN Tools” can be used as a tool in assessing the security of special bodies for the attestation of informatization objects and structural divisions of authorized departments. It can also be used in the design of such systems in order to prevent logical errors, determine their temporal characteristics and compare with the existing ones in accordance with the technical specifications for the system being developed to protect information from unauthorized access.
24
Garcia, Joe, Russell Shannon, Aaron Jacobson, William Mosca, Michael Burger, and Roberto Maldonado. "Powerful authentication regime applicable to naval OFP integrated development (PARANOID): a vision for non-circumventable code signing and traceability for embedded avionics software." Journal of Defense Analytics and Logistics 5, no. 1 (2021): 46–76. http://dx.doi.org/10.1108/jdal-03-2020-0006.
Full textAbstract:
Purpose This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain. Design/methodology/approach An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed. Findings Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software. Practical implications A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history. Originality/value Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.
25
Avani, Dave, and Dave Krunal. "Survey of attack resilient embedded systems design." Journal of Scientific and Engineering Research 7, no. 12 (2020): 242–49. https://doi.org/10.5281/zenodo.13337765.
Full textAbstract:
The advancement of industrial 4.0 has increased the utilization of resource constrained embedded and IOT devices in application ranging from Internet of Things (<em>IoT</em>) and CyberPhysical Systems (<em>CPS</em>). These systems are often involve in security-critical user data and/or information transfers. This makes them increasingly popular target for attacks to gain access of security-critical user data and/or information. The resiliency of a system is defined by its ability to detect, prevent and recover from the attacks. Crypto primitives such as secure boot, attestation, TPM, control flow and/or data flow integrity verification are wildly used to enhance device security. However, neither of these provides complete solutions for attack resiliency by supporting detection, prevention and recovery all three features. oftentimes these devices contains security critical user data and/or information which adversary can leverage and misuse. These devices are by design resource constraints and do not have onboard complex attack prevention cryptographic security primitives support. The resiliency of the system is defined by its ability to detect, prevent and recover from the attack. To this end, this work provides the survey of twenty-plus state-of-the-art security systems solutions classified based on hardware-based, software-based or hybrid techniques. The paper further provides state-of-the-art comparison of different security techniques, identifies the gaps and provides the foundation for future research direction.
26
Krunal, Dave, and Dave Avani. "Survey of attack resilient embedded systems design." Journal of Scientific and Engineering Research 7, no. 12 (2020): 242–49. https://doi.org/10.5281/zenodo.12772515.
Full textAbstract:
The advancement of industrial 4.0 has increased the utilization of resource constrained embedded and IOT devices in application ranging from Internet of Things (<em>IoT</em>) and CyberPhysical Systems (<em>CPS</em>). These systems are often involve in security-critical user data and/or information transfers. This makes them increasingly popular target for attacks to gain access of security-critical user data and/or information. The resiliency of a system is defined by its ability to detect, prevent and recover from the attacks. Crypto primitives such as secure boot, attestation, TPM, control flow and/or data flow integrity verification are wildly used to enhance device security. However, neither of these provides complete solutions for attack resiliency by supporting detection, prevention and recovery all three features. oftentimes these devices contains security critical user data and/or information which adversary can leverage and misuse. These devices are by design resource constraints and do not have onboard complex attack prevention cryptographic security primitives support. The resiliency of the system is defined by its ability to detect, prevent and recover from the attack. To this end, this work provides the survey of twenty-plus state-of-the-art security systems solutions classified based on hardware-based, software-based or hybrid techniques. The paper further provides state-of-the-art comparison of different security techniques, identifies the gaps and provides the foundation for future research direction.
27
Wang, Juan, Yang Yu, Yi Li, Chengyang Fan, and Shirong Hao. "Design and Implementation of Virtual Security Function Based on Multiple Enclaves." Future Internet 13, no. 1 (2021): 12. http://dx.doi.org/10.3390/fi13010012.
Full textAbstract:
Network function virtualization (NFV) provides flexible and scalable network function for the emerging platform, such as the cloud computing, edge computing, and IoT platforms, while it faces more security challenges, such as tampering with network policies and leaking sensitive processing states, due to running in a shared open environment and lacking the protection of proprietary hardware. Currently, Intel® Software Guard Extensions (SGX) provides a promising way to build a secure and trusted VNF (virtual network function) by isolating VNF or sensitive data into an enclave. However, directly placing multiple VNFs in a single enclave will lose the scalability advantage of NFV. This paper combines SGX and click technology to design the virtual security function architecture based on multiple enclaves. In our design, the sensitive modules of a VNF are put into different enclaves and communicate by local attestation. The system can freely combine these modules according to user requirements, and increase the scalability of the system while protecting its running state security. In addition, we design a new hot-swapping scheme to enable the system to dynamically modify the configuration function at runtime, so that the original VNFs do not need to stop when the function of VNFs is modified. We implement an IDS (intrusion detection system) based on our architecture to verify the feasibility of our system and evaluate its performance. The results show that the overhead introduced by the system architecture is within an acceptable range.
28
Blaginin, Viktor A., and Elizaveta V. Sokolova. "Thematic Analysis of Russian Research in the Field of Digitalization of the Economy." Теория и практика общественного развития, no. 12 (December 27, 2023): 295–302. http://dx.doi.org/10.24158/tipor.2023.12.37.
Full textAbstract:
Digitization of the economy, due to its potential to alter traditional economic paradigms and enhance competi-tiveness in a rapidly changing global landscape, is a sought-after focus within the Russian scientific communi-ty. This study conducts a comprehensive thematic analysis of over 4150 Russian scientific publications on the digitization of the economy, published from 2012 to 2023 in journals recommended by the Higher Attestation Commission (HAC), based on metadata available on the “elibrary.ru” platform. Utilizing bibliographic analysis, network visualization using the “Vosviewer” software, and retrospective analysis, the research aims to identify thematic trends and emerging areas of interest. Key thematic directions have been identified in the study, in-cluding the Fourth Industrial Revolution, cryptocurrencies, robotics, and the consequences of the COVID-19 pandemic. Furthermore, the most relevant directions have been highlighted, such as economic sector devel-opment forecasting, agribusiness, strategic development, customs regulation, changes in the tax system, digital maturity, and the integration of artificial intelligence. A noticeable emphasis in contemporary Russian research is placed on digital inequality, digital competencies, and the broader role of society in the face of changes in-duced by sanctions. The study observes a shift in the focus of research from broad theoretical perspectives to more targeted practical investigations as this field evolves.
29
Shuliak, Andrii. "REQUIREMENTS FOR THE IT TEACHER AS A MODERN INFORMATIZATION SPECIALIST." Academic Notes Series Pedagogical Science 1, no. 190 (2020): 200–206. http://dx.doi.org/10.36550/2415-7988-2020-1-190-200-206.
Full textAbstract:
The article reveals the requirements for an IT teacher as a modern specialist in informatization, which include the ability to: apply various forms of educational activities based on network technologies (Internet learning, educational WEB-services, network universities); to create systems of didactic materials on the basis of WEB-technologies, which contain both educational and control material; actively use network information resources (Internet, educational WEB-resources, network banks and databases, etc.); intensive use of information and educational technologies for the organization of active educational interaction and communication, to conduct an examination of educational resources and teaching methods based on the introduction of WEB-technologies and ICT tools. The types of activity are highlighted, such as performance of control, diagnostic, corrective, educational, upbringing and attestation functions, which realize the same social function, but differ in objects, means and results. The activity model of the IT teacher is proposed by the following components: cognitive-research (study and analysis of WEB-resources, students' activities when using them, correction of teachers and students' activities when using educational informatization tools, etc.), constructive (hypertext construction, determining the optimal learning ratio material broadcast using WEB-technologies and traditional methods, etc.), communicative (use of information superhighways for communication and exchange of educational and methodical information, etc.), design (determining the feasibility of using WEB-resources in the educational process taking into account the purpose of classes, content of research material, age characteristics of students, their knowledge and interests, etc.), organizational (activities to prepare WEB-resources for use in various forms of classes (distance, full-time, home, blended learning, etc.), controlling (analysis and selection of project decisions on creation and modification of information systems; analysis and selection of software and technology platforms and information system services, etc.), expert (implementation of pedagogical and ergonomic expert assessment of the quality of the software product for educational purposes for effective use in the educational process).
30
Rezaee, Zabihollah, Ahmad Sharbatoghlie, Rick Elam, and Peter L. McMickle. "Continuous Auditing: Building Automated Auditing Capability." AUDITING: A Journal of Practice & Theory 21, no. 1 (2002): 147–63. http://dx.doi.org/10.2308/aud.2002.21.1.147.
Full textAbstract:
The digital economy has significantly altered the way business is conducted and financial information is communicated. A rapidly growing number of organizations are conducting business and publishing business and financial reports online and in real-time. Real-time financial reporting is likely to necessitate continuous auditing to provide continuous assurance about the quality and credibility of the information presented. The audit process has, by necessity, evolved from a conventional manual audit to computer-based auditing and is now confronted with creating continuous electronic audits. Rapidly emerging information technology and demands for more timely communication of information to business stakeholders requires auditors to invent new ways to continuously monitor, gather, and analyze audit evidence. Continuous auditing is defined here as “a comprehensive electronic audit process that enables auditors to provide some degree of assurance on continuous information simultaneously with, or shortly after, the disclosure of the information.” This paper is based on a review of related literature, innovative continuous auditing applications, and the experiences of the authors. An approach for building continuous audit capacity is presented and audit data warehouses and data marts are described. Ever improving technology suggests that the real-time exchange of sensitive financial data will place constant pressure on auditors to update audit techniques. Most of the new techniques that will be required will involve creation of new software and audit models. Future research should focus on how continuous auditing could be constantly improved in various auditing domains including assurance, attestation, and audit services.
31
Budnyk, Vitalii, Maksym Mudrenko, Serhii Lukash, and Mykola Budnyk. "Calibrating and Graduating of Multi-Sensor Gas Analyzer." Cybernetics and Computer Technologies, no. 3 (November 29, 2022): 87–97. http://dx.doi.org/10.34229/2707-451x.22.3.9.
Full textAbstract:
Introduction. The article is devoted to the calibration and graduation of the multi-sensor gas analyzer developed at the V.M. Glushkov Institute of Cybernetics of National Academy of Sciences of Ukraine. The modern trend in the development of medical equipment, in particular, containing built-in measuring devices, consists in its miniaturization, intellectualization, the use of information technologies, and the introduction of wireless and network means of data transmission. The purpose of the article is to design, create electronics and software for recording the concentration of three gases (oxygen, carbon dioxide and carbon monoxide), test and calibrate the device. Results. Three prototypes of sensor modules for oxygen, carbon dioxide and carbon monoxide have been created. The structure, scheme of connection of sensor modules, and the principle of operation of the gas analyzer was described. Testing and optimization of these prototypes were performed. Auxiliary pneumatic equipment for checking the performance of devices, their calibration and graduation was manufactured. Measurement technique was developed and test measurements of the specified gases were performed. The calibration technique was developed and the device was calibrated using two test gas samples such as ethanol vapor and air-gas mixture of carbon dioxide. In addition, a special software has been developed, which allow observe a registered input signal from sensor modules and store it to the file. Conclusions. As a result of the work, prototype of the device was created, its testing, calibration and graduation were carried out at the State Enterprise "Ukrmetrteststandart", 4 certificates of metrological attestation were obtained. The gas analyzer can be used for screening of healthy persons based on study of exhalation to predict the risk of diseases. Keywords: multi-sensor gas analyzer, oxygen, carbon dioxide, carbon monoxide, calibration, graduation.
32
Balenović, Katica, and Jakov Proroković. "The lexicographic potential of artificial intelligence." Studia lexicographica 19, no. 36 (2025): 39–64. https://doi.org/10.33604/sl.19.36.3.
Full textAbstract:
The advent of generative artificial intelligence (AI) and large language models (LLMs) has introduced new possibilities in lexicography, particularly in defining dictionary entries with precision, while reducing the time cost compared to more traditional methods or software tools. To test AI’s linguistic capabilities, our study goes beyond monolingual dictionary compilation and investigates the potential of the ChatGPT model in distinguishing between specific senses of loanwords in an L2 context. A corpus-based sampling of target English words was used to assess ChatGPT’s ability to delineate different word senses in which regularly occurring loanwords can be realised in the Croatian language context. The findings indicate that AI demonstrates notable proficiency in providing definitions in general, albeit with observable flaws when responding to prompts that specifically inquire about the possible senses or word classes of targeted loanwords in their L2 setting. Its accuracy diminishes when dealing with less frequently used loanwords, often exhibiting overgeneralisation from English (L1) to Croatian (L2). The AI’s tendency to produce erroneous examples, with suggested usages that lack attestation in language corpora, is discussed in detail, with the results supporting the notion that the model primarily interprets loanwords from an English perspective, regardless of the language used in the prompt. A comparison between AI responses from early 2024 and early 2025 suggests an improvement in the 2025 model, which exhibits a more nuanced handling of ambiguous cases. However, inconsistencies persist, particularly in how frequency of use correlates with the number of senses, much of which is interpreted as ChatGPT’s tendency to sometimes prioritise generating a response at the cost of accuracy.
33
CHEN, Xiao-Feng, and Deng-Guo FENG. "Direct Anonymous Attestation Based on Bilinear Maps." Journal of Software 21, no. 8 (2010): 2070–78. http://dx.doi.org/10.3724/sp.j.1001.2010.03579.
Full text
34
Mondal, Anupam, Shreya Gangopadhyay, Durba Chatterjee, Harishma Boyapally, and Debdeep Mukhopadhyay. "PReFeR : P hysically Re lated F unction bas e d R emote Attestation Protocol." ACM Transactions on Embedded Computing Systems 22, no. 5s (2023): 1–23. http://dx.doi.org/10.1145/3609104.
Full textAbstract:
Remote attestation is a request-response based security service that permits a trusted entity (verifier) to check the current state of an untrusted remote device (prover). The verifier initiates the attestation process by sending an attestation challenge to the prover; the prover responds with its current state, which establishes its trustworthiness. Physically Unclonable Function (PUF) offers an attractive choice for hybrid attestation schemes owing to its low overhead security guarantees. However, this comes with the limitation of secure storage of the PUF model or large challenge-response database on the verifier end. To address these issues, in this work, we propose a hybrid attestation framework, named PReFeR , that leverages a new class of hardware primitive known as Physically Related Function (PReF) to remotely attest low-end devices without the requirement of secure storage or heavy cryptographic operations. It comprises a static attestation scheme that validates the memory state of the remote device prior to code execution, followed by a dynamic run-time attestation scheme that asserts the correct code execution by evaluating the content of special registers present in embedded systems, known as hardware performance counters (HPC). The use of HPCs in the dynamic attestation scheme mitigates the popular class of attack known as the time-of-check-time-of-use (TOCTOU) attack, which has broken several state-of-the-art hybrid attestation schemes. We demonstrate our protocol and present our experimental results using a prototype implementation on Digilent Cora Z7 board, a low-cost embedded platform, specially designed for IoT applications.
35
Alam, Masoom, Mohammad Nauman, Xinwen Zhang, Tamleek Ali, Patrick C. K. Hung, and Quratulain Alam. "Behavioral Attestation for Web Services Based Business Processes." International Journal of Web Services Research 7, no. 3 (2010): 52–72. http://dx.doi.org/10.4018/jwsr.2010070103.
Full textAbstract:
Service Oriented Architecture (SOA) is an architectural paradigm that enables dynamic composition of heterogeneous, independent, multi-vendor business services. A prerequisite for such inter-organizational workflows is the establishment of trustworthiness, which is mostly achieved through non-technical measures, such as legislation, and/or social consent that businesses or organizations pledge themselves to adhere. A business process can only be trustworthy if the behavior of all services in it is trustworthy. Trusted Computing Group (TCG) has defined an open set of specifications for the establishment of trustworthiness through a hardware root-of-trust. This paper has three objectives: firstly, the behavior of individual services in a business process is formally specified. Secondly, to overcome the inherent weaknesses of trust management through software alone, a hardware root of-trust devised by the TCG, is used for the measurement of the behavior of individual services in a business process. Finally, a verification mechanism is detailed through which the trustworthiness of a business process can be verified.
36
Maene, Pieter, Johannes Gotzfried, Ruan de Clercq, Tilo Muller, Felix Freiling, and Ingrid Verbauwhede. "Hardware-Based Trusted Computing Architectures for Isolation and Attestation." IEEE Transactions on Computers 67, no. 3 (2018): 361–74. http://dx.doi.org/10.1109/tc.2017.2647955.
Full text
37
Ling, Zhen, Huaiyu Yan, Xinhui Shao, et al. "Secure boot, trusted boot and remote attestation for ARM TrustZone-based IoT Nodes." Journal of Systems Architecture 119 (October 2021): 102240. http://dx.doi.org/10.1016/j.sysarc.2021.102240.
Full text
38
Рубцова, Н. Е., and Г. И. Ефремова. "Psychological Characteristics of Information Workers." Психолого-педагогический поиск, no. 3(59) (December 7, 2021): 143–63. http://dx.doi.org/10.37724/rsu.2021.59.3.014.
Full textAbstract:
В статье выявляется психологическая специфика труда информационного типа, отличающая его от объектного и субъектного типов структурно-функциональной организацией деятельности. Актуальность исследования обусловлена противоречием между наличием класса специфических форм профессиональной деятельности, основанных на применении различного рода программных продуктов и телекоммуникационных технологий, включающим специальности информационного типа (программист, IT-специалист, специалист по анализу больших данных, специалист по облачным сервисам, разработчик интеллектуальных систем, оператор банковской сферы, бизнес-аналитик, экономист-кибернетик и др.), и фрагментарностью исследований особенностей психических процессов, свойств, состояний субъектов труда в данных профессиях. Исследования конкретной психологической специфики субъектов труда в профессиях информационного типа до настоящего времени встречаются относительно редко, а их результаты остаются разрозненными. Цель исследования состояла в систематизации и обобщении психологических особенностей субъектов труда в указанных профессиях. Ключевым методом исследования являлся анализ научной литературы по рассмотрению теоретического и эмпирического изучения психических процессов, состояний и свойств субъектов труда в профессиях информационного типа. Доказательную базу исследования составили научные публикации, размещенные в таких русскоязычных базах данных, как Elibrary, электронные ресурсы Российской государственной библиотеки, сайт Высшей аттестационной комиссии, сайты ведущих российских вузов. В результате сравнения, систематизации и обобщения разнородных психологических характеристик представителей профессий информационного типа была описана структурно-функциональная организация деятельности информационного характера и выделены обобщенные психологические особенности субъектов труда в профессиях информационного типа, проявляющиеся в различных сферах психики: когнитивной, потребностно-мотивационной и ценностно-смысловой, коммуникативной, эмоционально-волевой и отвечающей за социальное взаимодействие. Полученные и представленные в статье результаты определяют перспективы и необходимость более широких психологических исследований специфики субъектов труда профессий информационного типа, сфокусированных на выявленных проблемных зонах. The article analyzes unique psychological characterises of information work which make it different from objective and subjective dimensions of work. The relevance of the research is accounted for by the fact that even though there are specific forms of professional activities which involve the application of software products and telecommunication technologies (programmer, IT-specialist, data analyst, cloud infrastructure specialist, intelligent system developer, proof operator, business analyst, cyber economist, etc.), the psychological processes underlying information workers’ performance characteristics are underinvestigated. There is a paucity of research dedicated to the investigation of psychological processes that impact the performance of information workers. Moreover, there is a rather inconsistent set of results. The aim of the article is to systematize and generalize the psychological peculiarities of information workers. The key method of investigation is research analysis, theoretical and empirical investigation of psychological processes underlying information workers’ performance. The article is based on research published in Russian full-text databases, such as eLibrary, electronic resources of the Russian State Library, the site of the Higher Attestation Commission, sites of leading Russian universities. The authors compare, systematize and generalize various psychological characteristics of information workers, they describe the structure and functions of information work, they single out general psychological processes underlying information workers’ cognitive, value-related, motivational, volitional, communicative performance and social interaction. The results of the research open up diverse avenues for further research and underline the necessity to scrutinize the problems related to information workers’ performance.
39
Landert, Daniela, Tanja Säily, and Mika Hämäläinen. "TV series as disseminators of emerging vocabulary: Non-codified expressions in the TV Corpus." ICAME Journal 47, no. 1 (2023): 63–79. http://dx.doi.org/10.2478/icame-2023-0004.
Full textAbstract:
Abstract This study presents a method for identifying words that appear in corpus data earlier than their first date of attestation in dictionaries. We demonstrate the application of this method based on a large diachronic corpus, the TV Corpus, and the Oxford English Dictionary (OED). Combining automatic extraction of candidate terms from the TV Corpus with comprehensive manual analysis and verification, the method identifies 32 words that were used in TV series before their first attestation in the OED. We present a detailed discussion of these words, analysing their distribution across decades and genres of the TV Corpus, their origins, semantic domains and word-formation processes. We also present extracts with their first uses in the TV Corpus and analyse how the words were presented to the large and anonymous mass audience. Our study shows that the method we present is suitable for identifying early attestations of words in large corpora, even though in the case of the TV Corpus, a great deal of manual analysis and verification is needed. In addition, we argue that TV series and other types of fictional texts are an important resource for studying the coinage and spread of terms, due to their function and the fact that they address a mass audience.
40
Shah, Syed Luqman, Irshad Ahmed Abbasi, Alwalid Bashier Gism Elseed, et al. "TAMEC: Trusted Augmented Mobile Execution on Cloud." Scientific Programming 2021 (March 8, 2021): 1–8. http://dx.doi.org/10.1155/2021/5542852.
Full textAbstract:
Cloud computing has emerged as an attractive platform for individuals and businesses to augment their basic processing capabilities. Mobile devices with access to Internet are also turning towards clouds for resource-intensive tasks by working out a trade-off between resources required for performing computation on-device against those required for off-loading task to the cloud. However, as with desktop clients, mobile clients face significant concerns related to confidentiality and integrity of data and applications moved to and from the cloud. Cloud-related security solutions proposed for desktop clients could not be readily ported to mobile clients owing to the obvious limitation in their processing capabilities and restrained battery life. We address this problem by proposing architecture for secure exchange and trusted execution between mobile devices and cloud hosts. We establish a symmetric-key-based secure communication channel between mobile and cloud, backed by a trusted coordinator. We also employee a Trusted Platform Module- (TPM-) based attestation of the cloud nodes on which the data and applications of mobile device will be hosted. This gives a comprehensive solution for end-to-end secure and trusted interaction of the mobile device with cloud hosts.
41
Naboka, Olga, Alla Kotvitska, Nataliia Filimonova, Alla Glushchenko, Olga Filiptsova, and Alina Volkova. "Investigation of the influence of dry extracts of bupleurum aureum and Salsola collina L. on the antimicrobial effect of co-trimoxazole." ScienceRise: Biological Science, no. 1(34) (March 31, 2023): 4–11. http://dx.doi.org/10.15587/2519-8025.2023.275942.
Full textAbstract:
Scientific data on the pharmacodynamics of dry extracts of Bupleurum aureum and Salsola collina L. based on the results of studying the antimicrobial effect and the similar effect of co-trimoxazole when they are used together have been supplemented. The investigated phytoextracts do not show antimicrobial properties, but they do not change the antimicrobial effect of co-trimoxazole when they are used in combination.
 The aim of the study was to experimentally investigate the antimicrobial effect of extracts of Bupleurum aureum and Salsola collina L. and establish the possible antagonistic effect of these extracts on the antimicrobial drug co-trimoxazole when used together.
 Materials and methods. The research was conducted in May 2016. Screening of the antimicrobial effect of extracts of Bupleurum aureum and Salsola collina L. and establishing of the possible antagonistic effect of these extracts on the antimicrobial drug co-trimoxazole when they are used together was carried out in the laboratory of the Department of Microbiology of the National Pharmaceutical University, which has a certificate of attestation 045/14 dated 28.10.2014. For determination of antimicrobial activity, the agar diffusion method ("well" method), which is based on the ability of medicinal substances to penetrate the agar layer, was used. A set of reference strains of microorganisms was used: S. aureus ATCC 6538, E. coli ATCC 8739, P. aeruginosa ATCC 9027, B. subtilis ATCC 6633, C. albicans ATCC 10231. Petri dishes were filled with two layers of solid nutrient medium. The lower layer - 10 ml of melted "cold" AGV agar (medium No. 3), the upper layer - nutrient medium for the corresponding test strain. After cooling the lower layer of agar, three thin-walled steel cylinders (inner diameter - 6.0±0.1 mm, height - 10.0±0.1 mm) were placed on it at an equal distance from each other and from the edge of the cup. The top layer was poured around the cylinders - 13.5 ml of agar, melted and cooled to 45-48°С, mixed with the seed dose of the test microorganism (1.5 ml of microbial suspension, the concentration corresponding to the type of microorganism). After cooling the upper layer of agar, the cylinders were removed with sterile tweezers and 0.25-0.3 ml of the studied drug was added to the resulting wells. The results were recorded after 24 h by measuring the zone of growth inhibition, including the diameter of the wells. Measurements were made with an accuracy of 1 mm, while focusing on the complete absence of visible growth.
 The obtained data were analyzed using the methods of variational statistics. The significance level is p<0.05. The studied plant extracts of Bupleurum aureum (aqueous and alcoholic) and Salsola collina L. (aqueous and alcoholic) were used in doses of 0.005 mg/ml and 0.01 mg/ml, which corresponded to doses of 5 mg/kg and 10 mg/kg. Experimental data were also processed by parametric (Newman-Keuls) and non-parametric (Mann-Whitney) methods of variational statistics, using the Statistica 6.0 statistical software package; differences were considered statistically significant at p<0.05.
 Results. At the final stage, the determination of the antimicrobial effect of water and alcohol extracts of Bupleurum aureum and Salsola collina L. at doses of 1 mg/ml and 5 mg/ml was carried out, and the effect of BAS of these extracts on the antimicrobial effect of co-trimoxazole when used together was determined. In the course of the study, it has been established, that the addition of the above-mentioned extracts to the co-trimoxazole formulation does not affect its initial antimicrobial properties.
 Conclusion. Today, drug-induced liver injury remains one of the most important problems of hepatology and pediatrics, pharmacological science pays a lot of attention to the search for new effective and harmless drugs with a hepatoprotective effect, and the improvement of existing drugs is primarily aimed at increasing their specificity and reducing side effects related to the pharmacological properties of the drug. Currently, there is increasing interest in medicinal plants as a source of various biologically active substances (BAS), which provide a wide spectrum of pharmacological action of the agent, which allows to immediately affect various links of the pathogenesis of liver diseases. The analysis of scientific sources made it possible to establish that medicinal products of plant origin, thanks to BAS, possess polymodality of effects and reveal a versatile complex effect on the course of pathological processes in the body. Most drugs are characterized by good tolerability, absence of withdrawal syndrome and toxicity to parenchymal organs. Medicinal plants are used not only as monopreparations, but also in combination with synthetic drugs and as raw materials for obtaining BAS
42
Kumar, Seema, Patrick Eugster, and Silvia Santini. "Software-based Remote Network Attestation." IEEE Transactions on Dependable and Secure Computing, 2021, 1. http://dx.doi.org/10.1109/tdsc.2021.3077993.
Full text
43
Brandão, Luís T. A. N., Carlos Eduardo Cardoso Galhardo, and Rene Peralta. "ZKASP: ZKP-based Attestation of Software Possession for Measuring Instruments." Measurement Science and Technology, February 10, 2022. http://dx.doi.org/10.1088/1361-6501/ac53d2.
Full textAbstract:
Abstract Software-controlled measuring instruments used in commercial transactions, such as fuel dispensers and smart meters, are sometimes subject to “memory replacement” attacks. Cybercriminals replace the approved software by a malicious one that then tampers with measurement results, inflicting a financial loss to customers and companies. To mitigate such attacks, legal metrology systems often require regular device attestation, where an auditor checks that the device possesses (“knows”) the approved software. However, current attestation methods usually require the software to be known by the auditor, thus increasing the risk of inadvertent leakage or malicious theft of proprietary information, besides facilitating its malicious adulteration. We describe how this issue can be addressed in legal metrology systems by using zero-knowledge proofs of knowledge (ZKPoK). These proofs enable attestation of possession of approved software, while ensuring its confidentiality from the auditor. To further provide publicly verifiable evidence of freshness, each such proof can be related to a fresh random value from a public randomness beacon. This article presents the basic conceptual idea, while also discussing pitfalls that should be avoided.
44
Chen, Peiqiang. "Software Behavior Based Trustworthiness Attestation For Computing Platform." Journal of Software 7, no. 1 (2012). http://dx.doi.org/10.4304/jsw.7.1.55-60.
Full text
45
Laeuchli, Jesse, and Rolando Trujillo-Rasua. "Software-based remote memory attestation using quantum entanglement." Quantum Information Processing 23, no. 6 (2024). http://dx.doi.org/10.1007/s11128-024-04421-x.
Full textAbstract:
AbstractSoftware-based remote memory attestation is a method for determining the state of a remote device without relying on secure hardware. In classical computing devices, the method is vulnerable to proxy and authentication attacks, because an infected device has no means of preventing the leak of its cryptographic secrets. In this paper, we demonstrate how these attacks can be mitigated by making use of quantum effects, while remaining within the class of software-based methods. In particular, we make use of entanglement and the inability of an attacker to clone qubits. Our proposed protocol is lightweight and can be implemented by near-term Quantum Computing techniques. The resulting protocol has the unique feature of resisting collusion between two dishonest devices, one of which has unbounded computational resources.
46
Zhang, Zheng, Jingfeng Xue, Tianshi Mu, et al. "Bypassing software-based remote attestation using debug registers." Connection Science 36, no. 1 (2024). http://dx.doi.org/10.1080/09540091.2024.2306965.
Full text
47
Dall, Fergus, Gabrielle De Micheli, Thomas Eisenbarth, et al. "CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks." IACR Transactions on Cryptographic Hardware and Embedded Systems, May 8, 2018, 171–91. http://dx.doi.org/10.46586/tches.v2018.i2.171-191.
Full textAbstract:
Intel Software Guard Extensions (SGX) allows users to perform secure computation on platforms that run untrusted software. To validate that the computation is correctly initialized and that it executes on trusted hardware, SGX supports attestation providers that can vouch for the user’s computation. Communication with these attestation providers is based on the Extended Privacy ID (EPID) protocol, which not only validates the computation but is also designed to maintain the user’s privacy. In particular, EPID is designed to ensure that the attestation provider is unable to identify the host on which the computation executes. In this work we investigate the security of the Intel implementation of the EPID protocol. We identify an implementation weakness that leaks information via a cache side channel. We show that a malicious attestation provider can use the leaked information to break the unlinkability guarantees of EPID. We analyze the leaked information using a lattice-based approach for solving the hidden number problem, which we adapt to the zero-knowledge proof in the EPID scheme, extending prior attacks on signature schemes.
48
Cao, Jin, Tong Zhu, Ruhui Ma, Zhenyang Guo, Yinghui Zhang, and Hui Li. "A Software-based Remote Attestation Scheme for Internet of Things Devices." IEEE Transactions on Dependable and Secure Computing, 2022, 1. http://dx.doi.org/10.1109/tdsc.2022.3154887.
Full text
49
Sigurd, Frej Joel Jørgensen Ankergård, Dushku Edlira, and Dragoni Nicola. "State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things." Sensors 2021 Volume 21, Issue 5 (2021). https://doi.org/10.3390/s21051598.
Full textAbstract:
The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internetconnected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing softwarebased RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.
50
De, Benedictis Marco, Ludovic Jacquin, Ignazio Pedone, Andrea Atzeni, and Antonio Lioy. "A novel architecture to virtualise a hardware-bound trusted platform module." August 12, 2023. https://doi.org/10.1016/j.future.2023.08.012.
Full textAbstract:
Security and trust are particularly relevant in modern softwarised infrastructures, such as cloud environments, as applications are deployed on platforms owned by third parties, are publicly accessible on the Internet and can share the hardware with other tenants. Traditionally, operating systems and applications have leveraged hardware tamper-proof chips, such as the <i>Trusted Platform Modules</i> (TPMs) to implement security workflows, such as remote attestation, and to protect sensitive data against software attacks. This approach does not easily translate to the cloud environment, wherein the isolation provided by the hypervisor makes it impractical to leverage the hardware root of trust in the virtual domains. Moreover, the scalability needs of the cloud often collide with the scarce hardware resources and inherent limitations of TPMs. For this reason, existing implementations of <i>virtual TPMs</i> (vTPMs) are based on TPM emulators. Although more flexible and scalable, this approach is less secure. In fact, each vTPM is vulnerable to software attacks both at the virtualised and hypervisor levels. In this work, we propose a novel design for vTPMs that provides a binding to an underlying physical TPM; the new design, akin to a virtualisation extension for TPMs, extends the latest TPM 2.0 specification. We minimise the number of required additions to the TPM data structures and commands so that they do not require a new, non-backwards compatible version of the specification. Moreover, we support migration of vTPMs among TPM-equipped hosts, as this is considered a key feature in a highly virtualised environment. Finally, we propose a flexible approach to vTPM object creation that protects vTPM secrets either in hardware or software, depending on the required level of assurance.