Combining ID’s, Attributes, and Policies in Hyperledger Fabric

This work aims to provide a more secure access control in Hyperledger Fabric blockchain by combining multiple ID’s, attributes, and policies with the components that regulate access control. The access control system currently used by Hyperledger Fabric is first completely analyzed. Next, a new implementation is proposed that builds upon the...

ID-Based Self-encryption via Hyperledger Fabric Based Smart Contract

This paper offers a prototype of a Hyperledger Fabric-IPFS based network architecture including a smart contract based encryption scheme that meant to improve the security of user’s data that is being uploaded to the distributed ledger. A new extension to the self-encryption scheme was deployed by integrating data owner’s identity into the...

SmartBugs 2.0: An Execution Framework for Weakness Detection in Ethereum Smart Contracts

Smart contracts are blockchain programs that often handle valuable assets. Writing secure smart contracts is far from trivial, and any vulnerability may lead to significant financial losses. To support developers in identifying and eliminating vulnerabilities, methods and tools for the automated analysis of smart contracts have been proposed....

Threat Sensitive Networking: On the Security of IEEE 802.1CB and (un)Effectiveness of Existing Security Solutions

IEEE 802.1CB provides a standard for reliable packet delivery within Time-Sensitive Networking (TSN). As this standard is envisioned to be used in mission-critical networks in the near future, it has to be protected against security threats. The integrity of the network communication should be the biggest focus as guaranteed delivery is...

DEKS: A Secure Cloud-Based Searchable Service Can Make Attackers Pay

Many practical secure systems have been designed to prevent real-world attacks via maximizing the attacking cost so as to reduce attack intentions. Inspired by this philosophy, we propose a new concept named delay encryption with keyword search (DEKS) to resist the notorious keyword guessing attack (KGA), in the context of secure cloud-based...

Graph Encryption for Shortest Path Queries with k Unsorted Nodes

Shortest distance queries over large-scale graphs bring great benefits to various applications, i.e., save planning time and travelling expenses. To protect the sensitive nodes and edges in the graph, a user outsources an encrypted graph to an untrusted server without losing the query ability. However, no prior work has considered the user...

Combining Bayesian Networks and Fishbone Diagrams to Distinguish between Intentional Attacks and Accidental Technical Failures

Because of modern societies' dependence on industrial control systems, adequate response to system failures is essential. In order to take appropriate measures, it is crucial for operators to be able to distinguish between intentional attacks and accidental technical failures. However, adequate decision support for this matter is lacking. In...

Platforms in Everything: Analyzing Ground-Truth Data on the Anatomy and Economics of Bullet-Proof Hosting

This paper presents the first empirical study based on ground-truth data of a major Bullet-Proof Hosting (BPH) provider, a company called Maxided. BPH allows miscreants to host criminal activities in support of various cybercrime business models such as phishing, botnets, DDoS, spam, and counterfeit pharmaceutical websites. Maxided was legally...

Co-simulation for Cyber Security Analysis: Data Attacks against Energy Management System

It is challenging to assess the vulnerability of a cyber-physical power system to data attacks from an integral perspective. In order to support vulnerability assessment except analytic analysis, suitable platform for security tests needs to be developed. In this paper we analyze the cyber security of energy management system (EMS) against data...

How to improve policy making using open data in Virtual Research Environments? An interactive workshop discussing privacy, security and trust strategies

Governments and publicly-funded research institutions increasingly open up data collected and created through research. One way to share and use data obtained through research is through Virtual Research Environments (VREs). Insights obtained through open data use in VREs can subsequently provide input for policy making. However, this process...

Subscript-Based Geospatial Migration Dynamics

Between 2013 and 2015, over one million migrants entered Europe. Many European countries were unprepared for and overwhelmed by the rapidly unfolding, chaotic situation. To better handle future migration waves, and allow quicker exploration of government policy effects and interactions, a geospatial-based system dynamics model of migration flows...

Wide Field of View Lens-Based Focusing System for Security Imagers at THz frequencies

The aim of the European project CONSORTIS is the development of a walk-by imaging system for concealed object detections working at submillimetre-wave frequencies. This imager will allow to image a full body at two frequency bands with high sensitivity (<;1K) and large frame rate (10Hz). The imager relies on a large focal plane array with...

Designing virus-resistant networks: A game-formation approach

Forming, in a decentralized fashion, an optimal network topology while balancing multiple, possibly conflicting objectives like cost, high performance, security and resiliency to viruses is a challenging endeavor. In this paper, we take a game-formation approach to network design where each player, for instance an autonomous system in the...

Secure Supply Chains: Design Restrictions & Organizational Boundaries

An important issue in the design of secure supply chains is the understanding of the relation between supply chains and the organizational responsibility of specific parts of these supply chains. Organizational boundaries change over time by means of vertical and/or horizontal (des)-integration and so do the related organizational...