Hugo BOURREAU (PhD Student)
Contact
You can reach me at hugo.bourreau@imt-atlantique.fr.
My research
PhD Student at IMT Atlantique
I'm a PhD Student working on digital twins and AI for cybersecurity.
Latest posts by Hugo Bourreau (see all)
My publications
2021
Delcombel, Nicolas; Kabil, Alexandre; Duval, Thierry; Pahl, Marc-Oliver
CyberCopter: a 3D helical visualisation for periodic signals of cyber attacks Workshop
2021.
Abstract | BibTeX | Tags: Cybersecurity, Security, Virtual reality, Visual analytics, Visualization, Visualization application domains
@workshop{Delcombel2021,
title = {CyberCopter: a 3D helical visualisation for periodic signals of cyber attacks},
author = {Nicolas Delcombel and Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-08-06},
urldate = {2021-08-06},
abstract = {this paper aims to asses the usefulness of 3D interactive interfaces to display periodic signals in a network. Past research has shown that 2D data visualization simplifies alerts classification. Including those drawn by periodicity based Intrusion Detection Systems. However, 2D visualisations have limitations such as screen space availability. This is why we created CyberCopter, a prototype that uses a 3D helical representation
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability},
howpublished = {VR4Sec: 1st International Workshop on Security for XR and XR for Security},
keywords = {Cybersecurity, Security, Virtual reality, Visual analytics, Visualization, Visualization application domains},
pubstate = {published},
tppubtype = {workshop}
}
this paper aims to asses the usefulness of 3D interactive interfaces to display periodic signals in a network. Past research has shown that 2D data visualization simplifies alerts classification. Including those drawn by periodicity based Intrusion Detection Systems. However, 2D visualisations have limitations such as screen space availability. This is why we created CyberCopter, a prototype that uses a 3D helical representation
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability
2020
Bourget, Edwin; Cuppens, Frédéric; Cuppens-Boulahia, Nora
PROS2E, a Probabilistic Representation of Safety and Security Events for Diagnosis Proceedings Article
In: Proceedings of the 6th ACM on Cyber-Physical System Security Workshop, pp. 30–41, ACM, New York, NY, USA, 2020, ISBN: 9781450376082.
Abstract | Links | BibTeX | Tags: countermeasures, Cyber-Physical Systems, diagnosis, event model, industrial systems, safety, Security
@inproceedings{Bourget2020b,
title = {PROS2E, a Probabilistic Representation of Safety and Security Events for Diagnosis},
author = {Edwin Bourget and Fr\'{e}d\'{e}ric Cuppens and Nora Cuppens-Boulahia},
url = {https://dl.acm.org/doi/10.1145/3384941.3409590},
doi = {10.1145/3384941.3409590},
isbn = {9781450376082},
year = {2020},
date = {2020-10-01},
booktitle = {Proceedings of the 6th ACM on Cyber-Physical System Security Workshop},
pages = {30--41},
publisher = {ACM},
address = {New York, NY, USA},
abstract = {The recent and increasing interconnection of industrial systems with information technologies creates a new paradigm in which new challenges arise. Being able to provide an explanation when accidents and attacks strike the system is one of them. This article presents an event model designed to provide useful and relevant information for diagnosis of safety and security events. We provide a means for system experts to model elementary events that are automatically recombined in complex and complete scenarios. We specifically focus on the ability to represent countermeasures and sequences of events, recurrent problems in the literature. We also introduce a means to precisely measure the wear of components, an important feature for the model to obtain accurate values. We showcase the use of our model for diagnosis purposes on a cyber-physical system testbed.},
keywords = {countermeasures, Cyber-Physical Systems, diagnosis, event model, industrial systems, safety, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
The recent and increasing interconnection of industrial systems with information technologies creates a new paradigm in which new challenges arise. Being able to provide an explanation when accidents and attacks strike the system is one of them. This article presents an event model designed to provide useful and relevant information for diagnosis of safety and security events. We provide a means for system experts to model elementary events that are automatically recombined in complex and complete scenarios. We specifically focus on the ability to represent countermeasures and sequences of events, recurrent problems in the literature. We also introduce a means to precisely measure the wear of components, an important feature for the model to obtain accurate values. We showcase the use of our model for diagnosis purposes on a cyber-physical system testbed.
Mühlbauer, Nikolas; Kirdan, Erkin; Pahl, Marc Oliver; Carle, Georg
Open-Source OPC UA Security and Scalability Journal Article
In: IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, vol. 2020-Septe, pp. 262–269, 2020, ISSN: 19460759.
Abstract | Links | BibTeX | Tags: OPC UA, open-source, scalability, Security
@article{Muhlbauer2020,
title = {Open-Source OPC UA Security and Scalability},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc Oliver Pahl and Georg Carle},
doi = {10.1109/ETFA46521.2020.9212091},
issn = {19460759},
year = {2020},
date = {2020-01-01},
journal = {IEEE International Conference on Emerging Technologies and Factory Automation, ETFA},
volume = {2020-Septe},
pages = {262--269},
abstract = {OPC UA is widely adopted for remote-control in industrial environments. It has a central role for industrial control systems as it enables remote management. Compromising OPC UA can lead to compromising entire production facilities. Consequently, OPC UA requires a high level of security. Major commercial OPC UA implementations have compliance certificates ensuring that their security models obey the specification. However, open-source OPC UA implementations that have wide deployment mostly lack these certificates. In this work, we investigate the security models of the four most commonly used open-source implementations: open62541, node-opcua, UA-.NETStandard, and python-opcua. Furthermore, their scalabilities for the number of clients and OPC UA nodes are also analyzed.},
keywords = {OPC UA, open-source, scalability, Security},
pubstate = {published},
tppubtype = {article}
}
OPC UA is widely adopted for remote-control in industrial environments. It has a central role for industrial control systems as it enables remote management. Compromising OPC UA can lead to compromising entire production facilities. Consequently, OPC UA requires a high level of security. Major commercial OPC UA implementations have compliance certificates ensuring that their security models obey the specification. However, open-source OPC UA implementations that have wide deployment mostly lack these certificates. In this work, we investigate the security models of the four most commonly used open-source implementations: open62541, node-opcua, UA-.NETStandard, and python-opcua. Furthermore, their scalabilities for the number of clients and OPC UA nodes are also analyzed.
Navas, Renzo E; Sandaker, Håkon; Cuppens, Frédéric; Cuppens, Nora; Toutain, Laurent; Papadopoulos, Georgios Z
IANVS: A Moving Target Defense Framework for a Resilient Internet of Things Journal Article
In: Proceedings - IEEE Symposium on Computers and Communications, vol. 2020-July, 2020, ISSN: 15301346.
Abstract | Links | BibTeX | Tags: attack, ChaCha20, CoAP, design, framework, hping3, IoT, LoPy4, Moving Target Defense, MTD, port-hopping, reconnaissance, Security, stream-cipher
@article{Navas2020,
title = {IANVS: A Moving Target Defense Framework for a Resilient Internet of Things},
author = {Renzo E Navas and Hr{a}kon Sandaker and Fr\'{e}d\'{e}ric Cuppens and Nora Cuppens and Laurent Toutain and Georgios Z Papadopoulos},
doi = {10.1109/ISCC50000.2020.9219728},
issn = {15301346},
year = {2020},
date = {2020-01-01},
journal = {Proceedings - IEEE Symposium on Computers and Communications},
volume = {2020-July},
abstract = {The Internet of Things (IoT) is more and more present in fundamental aspects of our societies and personal life. Billions of objects now have access to the Internet. This networking capability allows for new beneficial services and applications. However, it is also the entry-point for a wide variety of cyber-attacks that target these devices. The security measures present in real IoT systems lag behind those of the standard Internet. Security is sometimes completely absent. Moving Target Defense (MTD) is a 10-year-old cyber-defense paradigm. It proposes to randomize components of a system. Reasonably, an attacker will have a higher cost attacking an MTD-version of a system compared with a static-version of it. Even if MTD has been successfully applied to standard systems, its deployment for IoT is still lacking. In this paper, we propose a generic MTD framework suitable for IoT systems: IANVS (pronounced Janus). Our framework has a modular design. Its components can be adapted according to the specific constraints and requirements of a particular IoT system. We use it to instantiate two concrete MTD strategies. One that targets the UDP port numbers (port-hopping), and another a CoAP resource URI. We implement our proposal on real hardware using Pycom LoPy4 nodes. We expose the nodes to a remote Denial-of-Service attack and evaluate the effectiveness of the IANVS-based port-hopping MTD proposal.},
keywords = {attack, ChaCha20, CoAP, design, framework, hping3, IoT, LoPy4, Moving Target Defense, MTD, port-hopping, reconnaissance, Security, stream-cipher},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) is more and more present in fundamental aspects of our societies and personal life. Billions of objects now have access to the Internet. This networking capability allows for new beneficial services and applications. However, it is also the entry-point for a wide variety of cyber-attacks that target these devices. The security measures present in real IoT systems lag behind those of the standard Internet. Security is sometimes completely absent. Moving Target Defense (MTD) is a 10-year-old cyber-defense paradigm. It proposes to randomize components of a system. Reasonably, an attacker will have a higher cost attacking an MTD-version of a system compared with a static-version of it. Even if MTD has been successfully applied to standard systems, its deployment for IoT is still lacking. In this paper, we propose a generic MTD framework suitable for IoT systems: IANVS (pronounced Janus). Our framework has a modular design. Its components can be adapted according to the specific constraints and requirements of a particular IoT system. We use it to instantiate two concrete MTD strategies. One that targets the UDP port numbers (port-hopping), and another a CoAP resource URI. We implement our proposal on real hardware using Pycom LoPy4 nodes. We expose the nodes to a remote Denial-of-Service attack and evaluate the effectiveness of the IANVS-based port-hopping MTD proposal.
Piccoli, A; Pahl, M-O; Wüstrich, L
Group Key Management in constrained IoT Settings Proceedings Article
In: Proceedings - IEEE Symposium on Computers and Communications, 2020, ISSN: 15301346.
Abstract | Links | BibTeX | Tags: autonomous management, constrained nodes, group key management, IoT, reliability, Security
@inproceedings{Piccoli2020,
title = {Group Key Management in constrained IoT Settings},
author = {A Piccoli and M-O Pahl and L W\"{u}strich},
doi = {10.1109/ISCC50000.2020.9219619},
issn = {15301346},
year = {2020},
date = {2020-01-01},
booktitle = {Proceedings - IEEE Symposium on Computers and Communications},
volume = {2020-July},
abstract = {textcopyright 2020 IEEE. The Internet of Things (IoT) enables software to orchestrate physical spaces. Due to the increased impact, IoT communication in factories, households, or critical infrastructures has to be highly secured. Besides point-to-point communication, group communication is frequently used in the IoT. Securing it typically requires the exchange of cryptographic keys. Several protocols have been proposed for such Group Key Management (GKM). They vary in their targeted settings, in their Key Distribution Model, Architecture Model, Reliability Properties, and Protocol Overhead. This paper surveys existing GKM mechanisms, analyzes their suitability for constrained IoT settings, and identifies open issues that require further research.},
keywords = {autonomous management, constrained nodes, group key management, IoT, reliability, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
textcopyright 2020 IEEE. The Internet of Things (IoT) enables software to orchestrate physical spaces. Due to the increased impact, IoT communication in factories, households, or critical infrastructures has to be highly secured. Besides point-to-point communication, group communication is frequently used in the IoT. Securing it typically requires the exchange of cryptographic keys. Several protocols have been proposed for such Group Key Management (GKM). They vary in their targeted settings, in their Key Distribution Model, Architecture Model, Reliability Properties, and Protocol Overhead. This paper surveys existing GKM mechanisms, analyzes their suitability for constrained IoT settings, and identifies open issues that require further research.
2019
Pahl, Marc Oliver; Donini, Lorenzo
Giving IoT services an identity and changeable attributes Journal Article
In: 2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019, no. section II, pp. 455–461, 2019, ISBN: 9783903176157.
Abstract | BibTeX | Tags: Autonomous service management, Certificates, IoT, Metadata, Microservices, Security, Unattended nodes, X.509
@article{Pahl2019,
title = {Giving IoT services an identity and changeable attributes},
author = {Marc Oliver Pahl and Lorenzo Donini},
isbn = {9783903176157},
year = {2019},
date = {2019-01-01},
journal = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019},
number = {section II},
pages = {455--461},
abstract = {The Internet of Things (IoT) pervades our surroundings. It softwarizes our physical environments. Software controls devices that interface their physical environments. The IoT is often privacy, safety, and security critical. Consequently, it requires adequate mechanisms for securing its services. For reasons such as heterogeneity, complexity, and lack of deployment there is little research on IoT service security.Our work creates a base for IoT service security. We give IoT services secure identities and attributes. Using site-local X.509v3 certificates with short lifetimes, we show how service attributes can securely be changed at runtime. This enables enforcing security policies even on distributed, loosely coupled IoT nodes. Our central mechanisms are pinning certificates to service executables, and autonomously managing the short certificate lifetimes. We assess the resulting renewal traffic and power consumption. textcopyright 2019 IFIP.},
keywords = {Autonomous service management, Certificates, IoT, Metadata, Microservices, Security, Unattended nodes, X.509},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) pervades our surroundings. It softwarizes our physical environments. Software controls devices that interface their physical environments. The IoT is often privacy, safety, and security critical. Consequently, it requires adequate mechanisms for securing its services. For reasons such as heterogeneity, complexity, and lack of deployment there is little research on IoT service security.Our work creates a base for IoT service security. We give IoT services secure identities and attributes. Using site-local X.509v3 certificates with short lifetimes, we show how service attributes can securely be changed at runtime. This enables enforcing security policies even on distributed, loosely coupled IoT nodes. Our central mechanisms are pinning certificates to service executables, and autonomously managing the short certificate lifetimes. We assess the resulting renewal traffic and power consumption. textcopyright 2019 IFIP.
2018
Kome, Marco Lobe; Cuppens, Frederic; Cuppens-Boulahia, Nora; Frey, Vincent
CoAP Enhancement for a better IoT centric protocol: CoAP 2.0 Journal Article
In: 2018 5th International Conference on Internet of Things: Systems, Management and Security, IoTSMS 2018, pp. 139–146, 2018, ISBN: 9781538695852.
Abstract | Links | BibTeX | Tags: CoAP, Discovery, IoT, Publish/Subscribe, Security
@article{Kome2018,
title = {CoAP Enhancement for a better IoT centric protocol: CoAP 2.0},
author = {Marco Lobe Kome and Frederic Cuppens and Nora Cuppens-Boulahia and Vincent Frey},
doi = {10.1109/IoTSMS.2018.8554494},
isbn = {9781538695852},
year = {2018},
date = {2018-01-01},
journal = {2018 5th International Conference on Internet of Things: Systems, Management and Security, IoTSMS 2018},
pages = {139--146},
publisher = {IEEE},
abstract = {The need to connect things is skyrocketing and the Internet of Things is drawing a clear pattern of the need for smarter things. We are proposing an upgrade of Constrained Application Protocol (CoAP) built upon the 3 main networking needs of a connecting thing: The discovery, the synchronous and asynchronous communications and the publish/subscribe. CoAP 2.0 as we call it, will allow building smart things independently of the use-case, with a single protocol, fewer lines of codes and with less impact on the memory.},
keywords = {CoAP, Discovery, IoT, Publish/Subscribe, Security},
pubstate = {published},
tppubtype = {article}
}
The need to connect things is skyrocketing and the Internet of Things is drawing a clear pattern of the need for smarter things. We are proposing an upgrade of Constrained Application Protocol (CoAP) built upon the 3 main networking needs of a connecting thing: The discovery, the synchronous and asynchronous communications and the publish/subscribe. CoAP 2.0 as we call it, will allow building smart things independently of the use-case, with a single protocol, fewer lines of codes and with less impact on the memory.
Rooney, Vivien M; Foley, Simon N
What You Can Change and What You Can't: Human Experience in Computer Network Defenses Journal Article
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11252 LNCS, pp. 219–235, 2018, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: CSIRT Human experience, psychology, Security, SOC
@article{Rooney2018b,
title = {What You Can Change and What You Can't: Human Experience in Computer Network Defenses},
author = {Vivien M Rooney and Simon N Foley},
doi = {10.1007/978-3-030-03638-6_14},
issn = {16113349},
year = {2018},
date = {2018-01-01},
journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
volume = {11252 LNCS},
pages = {219--235},
abstract = {The work of Computer Network Defense conducted, for instance, in Security Operations Centers and by Computer Security Incident Teams, is dependent not alone on technology, but also on people. Understanding how people experience these environments is an essential component toward achieving optimal functioning. This paper describes a qualitative research study on the human experience of working in these environments. Using Grounded Theory, a psychological understanding of the experience is developed. Results suggest that positive and negative aspects of the work are either amenable or not amenable to change. Areas of tension are identified, and posited as the focus for improving experience. For this purpose, psychological theories of Social Identity Theory, Relational Dialectics, and Cognitive Dissonance, provide a way of understanding and interpreting these components of Computer Network Defence work, and can be used to assess the experience of staff.},
keywords = {CSIRT Human experience, psychology, Security, SOC},
pubstate = {published},
tppubtype = {article}
}
The work of Computer Network Defense conducted, for instance, in Security Operations Centers and by Computer Security Incident Teams, is dependent not alone on technology, but also on people. Understanding how people experience these environments is an essential component toward achieving optimal functioning. This paper describes a qualitative research study on the human experience of working in these environments. Using Grounded Theory, a psychological understanding of the experience is developed. Results suggest that positive and negative aspects of the work are either amenable or not amenable to change. Areas of tension are identified, and posited as the focus for improving experience. For this purpose, psychological theories of Social Identity Theory, Relational Dialectics, and Cognitive Dissonance, provide a way of understanding and interpreting these components of Computer Network Defence work, and can be used to assess the experience of staff.
Pahl, Marc Oliver; Donini, Lorenzo
Securing IoT microservices with certificates Journal Article
In: IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018, pp. 1–5, 2018, ISBN: 9781538634165.
Abstract | Links | BibTeX | Tags: Autonomous certificate management, Certificates, IoT, Microservices, Security, Unattended nodes, X.509
@article{Pahl2018c,
title = {Securing IoT microservices with certificates},
author = {Marc Oliver Pahl and Lorenzo Donini},
doi = {10.1109/NOMS.2018.8406189},
isbn = {9781538634165},
year = {2018},
date = {2018-01-01},
journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},
pages = {1--5},
abstract = {The Internet of Things (IoT) consists of distributed computing nodes. With increasing processor power such nodes can be used as hosts for microservices. IoT services routinely processes security critical data that affects the privacy, safety, and security of users. However, suitable security mechanisms remain missing. Fundamental open challenges are the authentication of services, securing the metadata of services, and validating the correct functioning of security mechanisms on distributed entities under different authorities. In this paper we present a certificate- based methodology for authenticating services, securely adding information to their executables, and validating the correct functioning of distributed entities of our design. We add X.509 certificates with extended attributes to the service executables. By introducing different trust anchors, services and their metadata are protected through their entire life cycle from developers to the computing nodes running them. Our solution enables distributed nodes to verify the security properties locally. It enables reliably changing certificate properties across the distributed IoT nodes. It features autonomous certificate management. We evaluate the traffic caused by our autonomous certificate management process quantitatively. The presented solution is churn tolerant and applicable to diverse distributed systems.},
keywords = {Autonomous certificate management, Certificates, IoT, Microservices, Security, Unattended nodes, X.509},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) consists of distributed computing nodes. With increasing processor power such nodes can be used as hosts for microservices. IoT services routinely processes security critical data that affects the privacy, safety, and security of users. However, suitable security mechanisms remain missing. Fundamental open challenges are the authentication of services, securing the metadata of services, and validating the correct functioning of security mechanisms on distributed entities under different authorities. In this paper we present a certificate- based methodology for authenticating services, securely adding information to their executables, and validating the correct functioning of distributed entities of our design. We add X.509 certificates with extended attributes to the service executables. By introducing different trust anchors, services and their metadata are protected through their entire life cycle from developers to the computing nodes running them. Our solution enables distributed nodes to verify the security properties locally. It enables reliably changing certificate properties across the distributed IoT nodes. It features autonomous certificate management. We evaluate the traffic caused by our autonomous certificate management process quantitatively. The presented solution is churn tolerant and applicable to diverse distributed systems.
Pahl, Marc Oliver; Aubet, François Xavier; Liebald, Stefan
Graph-based IoT microservice security Journal Article
In: IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018, pp. 1–3, 2018, ISBN: 9781538634165.
Abstract | Links | BibTeX | Tags: Autonomous service management, firewall, IoT, Mi-croservices, Passive monitoring, Security, Unattended nodes
@article{Pahl2018b,
title = {Graph-based IoT microservice security},
author = {Marc Oliver Pahl and Fran\c{c}ois Xavier Aubet and Stefan Liebald},
doi = {10.1109/NOMS.2018.8406118},
isbn = {9781538634165},
year = {2018},
date = {2018-01-01},
journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},
pages = {1--3},
abstract = {The Internet of Things (IoT) can be considered as Service Oriented Architecture (SOA) of Microservices ($mu$S). The $mu$Ss inherently process data that affects the privacy, safety, and security of its users. IoT service security is a key challenge. Most state of the art providing IoT system security is policy based. We showcase a graph-based access control that runs as module on IoT nodes, or in the network. Our solution intercepts and firewalls inter-service communication. It automatically creates a model of legitimate communication relationships. The model is interactively updated via a simple-to-understand interface. Our solution adds inevitable IoT security to existing IoT systems .},
keywords = {Autonomous service management, firewall, IoT, Mi-croservices, Passive monitoring, Security, Unattended nodes},
pubstate = {published},
tppubtype = {article}
}
The Internet of Things (IoT) can be considered as Service Oriented Architecture (SOA) of Microservices ($mu$S). The $mu$Ss inherently process data that affects the privacy, safety, and security of its users. IoT service security is a key challenge. Most state of the art providing IoT system security is policy based. We showcase a graph-based access control that runs as module on IoT nodes, or in the network. Our solution intercepts and firewalls inter-service communication. It automatically creates a model of legitimate communication relationships. The model is interactively updated via a simple-to-understand interface. Our solution adds inevitable IoT security to existing IoT systems .
2017
Foley, Simon N
Getting security objectives wrong: A cautionary tale of an industrial control system Journal Article
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10476 LNCS, pp. 18–29, 2017, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: cyber physical system, firewall, ind, SCADA, Security
@article{Foley2017,
title = {Getting security objectives wrong: A cautionary tale of an industrial control system},
author = {Simon N Foley},
doi = {10.1007/978-3-319-71075-4_3},
issn = {16113349},
year = {2017},
date = {2017-01-01},
journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
volume = {10476 LNCS},
pages = {18--29},
abstract = {We relate a story about an Industrial Control System in order to illustrate that simple security objectives can be deceptive: there are many things that can and do go wrong when deploying the system. Rather than trying to define security explicitly, this paper takes the position that one should consider the security of a system by comparing it against others whose security we consider to be acceptable: Alice is satisfied if her system is no less secure than Bob's system.},
keywords = {cyber physical system, firewall, ind, SCADA, Security},
pubstate = {published},
tppubtype = {article}
}
We relate a story about an Industrial Control System in order to illustrate that simple security objectives can be deceptive: there are many things that can and do go wrong when deploying the system. Rather than trying to define security explicitly, this paper takes the position that one should consider the security of a system by comparing it against others whose security we consider to be acceptable: Alice is satisfied if her system is no less secure than Bob's system.
Foley, Simon N
Getting security objectives wrong: A cautionary tale of an industrial control system Journal Article
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10476 LNCS, pp. 18–29, 2017, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: cyber physical system, firewall, ind, SCADA, Security
@article{Foley2017a,
title = {Getting security objectives wrong: A cautionary tale of an industrial control system},
author = {Simon N Foley},
doi = {10.1007/978-3-319-71075-4_3},
issn = {16113349},
year = {2017},
date = {2017-01-01},
journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
volume = {10476 LNCS},
pages = {18--29},
abstract = {We relate a story about an Industrial Control System in order to illustrate that simple security objectives can be deceptive: there are many things that can and do go wrong when deploying the system. Rather than trying to define security explicitly, this paper takes the position that one should consider the security of a system by comparing it against others whose security we consider to be acceptable: Alice is satisfied if her system is no less secure than Bob's system.},
keywords = {cyber physical system, firewall, ind, SCADA, Security},
pubstate = {published},
tppubtype = {article}
}
We relate a story about an Industrial Control System in order to illustrate that simple security objectives can be deceptive: there are many things that can and do go wrong when deploying the system. Rather than trying to define security explicitly, this paper takes the position that one should consider the security of a system by comparing it against others whose security we consider to be acceptable: Alice is satisfied if her system is no less secure than Bob's system.
Kome, Marco Lobe; Graa, Mariem; Cuppens-Boulahia, Nora; Cuppens, Frédéric; Frey, Vincent
DIscovery and registration protocol: For device and person identity management in IoT Journal Article
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10717 LNCS, pp. 243–262, 2017, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: Identity management, IoT, MQTT, OAuth, Security
@article{Kome2017,
title = {DIscovery and registration protocol: For device and person identity management in IoT},
author = {Marco Lobe Kome and Mariem Graa and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Vincent Frey},
doi = {10.1007/978-3-319-72598-7_15},
issn = {16113349},
year = {2017},
date = {2017-01-01},
journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
volume = {10717 LNCS},
pages = {243--262},
abstract = {With connected things, one service can be used with more than one device, all sharing the same user identity. In this context, the need to figure out whether the service is being used through a desktop computer, a smartphone, or a more constrained device is essential in order to better manage user identity. Given that constrained devices are less tamper resistant, they are more vulnerable to attacks than other appliances. We identified two challenges which make it difficult to apply robusts security mechanisms: the limited resources available on devices and the sharing of a user's identity with the device. To address these challenges, we propose, a DIscovery and REgistration (DIRE) protocol that ensures secure device and person identities management. Our protocol has been formally proven and implemented. The runtime of the whole protocol is short and the code the device must embed is lightweight. As a result of our experiment, we produced a command line client for a user, a device firmware and a server handling the filiation of a user and its devices.},
keywords = {Identity management, IoT, MQTT, OAuth, Security},
pubstate = {published},
tppubtype = {article}
}
With connected things, one service can be used with more than one device, all sharing the same user identity. In this context, the need to figure out whether the service is being used through a desktop computer, a smartphone, or a more constrained device is essential in order to better manage user identity. Given that constrained devices are less tamper resistant, they are more vulnerable to attacks than other appliances. We identified two challenges which make it difficult to apply robusts security mechanisms: the limited resources available on devices and the sharing of a user's identity with the device. To address these challenges, we propose, a DIscovery and REgistration (DIRE) protocol that ensures secure device and person identities management. Our protocol has been formally proven and implemented. The runtime of the whole protocol is short and the code the device must embed is lightweight. As a result of our experiment, we produced a command line client for a user, a device firmware and a server handling the filiation of a user and its devices.
