pub: CSIIRW-Trustworthiness Derived from Object Identity and Behavior Paper (2010)

19 May 2012

Text Size

"One should not assume that stakeholders do not care about their security merely because they do not understand the consequences of certain actions. The perception of risk can vary significantly from actual risk and, in the short term, convenience may lead some early adopters to make hazardous decisions."
SecurIST, “D3.3 – ICT Security & Dependability Research beyond 2010: Final Strategy”, January 2007
Read more...
"Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are sufficiently powerful to implement Shor’s ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.”

Prof Seth Lloyd of MIT, MIT Review 2008

Read more...
“Advances have often been done in steps, and beyond approximately 10 years into the future, the general feeling among ECRYPT partners is that recommendations made today should be assigned a rather small confidence level, perhaps in particular for asymmetric primitives.”

European ECRYPT Network of Excellence, “Yearly Report on Algorithms and Key Lengths (2007-2008)", 2008

Read more...

Home

Written by Owen McCusker, Benjamin Gittins, Joel Glanfield, Scott Brunza, Dr. Stephen Brooks

Saturday, 05 June 2010 15:45

Full Title:	The Need to Consider Both Object Identity and Behavior in Establishing the Trustworthiness of Network Devices within a Smart Grid.
Electronic Publication:	4 Page PDF, Slideshow
Authors:	Owen McCusker (1), Benjamin Gittins (2), Joel Glanfield (3), Scott Brunza (1), Dr. Stephen Brooks (3)
Organisations:	Sonalysts, Inc. Synaptic Laboratories Limited Dalhousie Univesity, Computer Science
Date:	Presented by Owen McCusker and Benjamin Gittins at CSIIRW-6 (2010) in Tennessee, USA.
Keywords:	Behavioral Trust, Cryptographic Key Management, Identity Management, IdM, CKM
Abstract:	Today's distributed computing environments, like Energy Control Systems, lack a common and adaptive notion of trust and are vulnerable to a wide range of attacks from complex threats. These threats on our control systems are distributed, decentralized, dynamic, and operate over multiple timescales. Threats may also result from structural weaknesses in system designs that permit exploitation by insiders working inside globally trusted service providers. Although approaches such as Trusted Computing are part of the solution, we argue that a layered notion of distributed trust is required to effectively address the end-to-end security needs of these systems.
Quote:
Related work:	Benjamin Gittins, "Overview of SLL's proposal in response to NIST's call for new global IdM/CKM designs without public keys." Paper, Slideshow.

Last Updated on Sunday, 06 June 2010 12:23