An adaptable security manager for real-time transactions

Son, Seungwoo; Zimmerman, Ray D.; Hansson, J.

doi:10.1109/emrts.2000.853993

Cited by 32 publications

(20 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There have also been other works addressing the security issue [25], [26] in real-time systems. Xie et al [34] have presented challenges and open issues in security-aware real-time scheduling for distributed systems.…”

Section: Related Workmentioning

confidence: 99%

Static Security Optimization for Real-Time Systems

Lin

Yang

et al. 2009

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Abstract-An increasing number of real-time applications like railway signaling control systems and medical electronics systems require high quality of security to assure confidentiality and integrity of information. Therefore, it is desirable and essential to fulfill security requirements in security-critical real-time systems. This paper addresses the issue of optimizing quality of security in real-time systems. To meet the needs of a wide variety of security requirements imposed by real-time systems, a group-based security service model is used in which the security services are partitioned into several groups depending on security types. While services within the same security group provide the identical type of security service, the services in the group can achieve different quality of security. Security services from a number of groups can be combined to deliver better quality of security. In this study, we seamlessly integrate the group-based security model with a traditional real-time scheduling algorithm, namely earliest deadline first (EDF). Moreover, we design and develop a security-aware EDF schedulability test. Given a set of real-time tasks with chosen security services, our scheduling scheme aims at optimizing the combined security value of the selected services while guaranteeing the schedulability of the real-time tasks. We study two approaches to solve the security-aware optimization problem. Experimental results show that the combined security values are substantially higher than those achieved by alternatives for real-time tasks without violating real-time constraints.

show abstract

Section: Related Workmentioning

confidence: 99%

Static Security Optimization for Real-Time Systems

Lin

Yang

et al. 2009

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

show abstract

“…The access control problem in the multilevel security model has been studied in the real-time database literature [1,15,16,4,6]. A majority of these work [1,15,16] temporarily allow a covert channel, which can be used by an adversary to enable an illegal information flow between different security levels, to improve the timeliness under overload conditions.…”

Section: Related Workmentioning

confidence: 99%

“…A majority of these work [1,15,16] temporarily allow a covert channel, which can be used by an adversary to enable an illegal information flow between different security levels, to improve the timeliness under overload conditions. George et al [4] propose a secure real-time concurrency control protocol to avoid a covert channel.…”

Section: Related Workmentioning

confidence: 99%

“…Further, the selection of an encryption key length and QoS levels only occurs at the start of an application, e.g, a video conference, unlike our approach. Son et al [16] developed an adaptive security manager in a real-time database. When the realtime database is overloaded, a weaker encryption algorithm is used to improve the deadline miss ratio.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Towards security and QoS optimization in real-time embedded systems

Kang

Son

2006

SIGBED Rev.

View full text Add to dashboard Cite

A number of real-time embedded systems (RTESs) are used to manage critical infrastructure such as electric grids or C 4 I systems. In these systems, it is essential to meet deadlines, for example, to avoid a power outage or loss of a life. The importance of security support is also increasing, because more RTESs are being networked. To securely transmit sensitive data, e.g., a battle field status, across the network, RTESs need to protect the data via cryptographic techniques. However, security support may cause deadline misses or unacceptable QoS degradation. As an initial effort to address this problem, we formulate the security support in RTESs as a QoS optimization problem. Also, we propose a novel adaptive approach for security support in which a RTES initially uses a relatively short cryptographic key to maximize the QoS, while increasing the key length when the security risk level is raised. In this way, we can make a possible cryptanalysis several orders of magnitude harder by requiring the attacker to search a larger key space, while meeting all deadlines by degrading the QoS in a controlled manner. To minimize the overhead, we derive the appropriate QoS levels for several key lengths via an offline polynomial time algorithm. When the risk level is raised online, a real-time task can use a longer key and adapt to the corresponding QoS level (derived offline) in O(1) time.

show abstract

“…Notably, the deviation of the answer to the query can be bounded, different from a similar approach called quasi serializability [26]. An adaptable security manager is proposed in [119], in which the database security level can be temporarily degraded to enhance timeliness. These performance trade-off schemes lack a systematic QoS management architecture and none of them consider providing guarantees for both miss ratio and data freshness.…”

Section: Earlier Workmentioning

confidence: 99%