SGXIO: Generic Trusted I/O Path for Intel SGX

Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel introduced SGX, which allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Distrust in (X)AI -- Measurement Artifact or Distinct Construct?

Trust is a key motivation in developing explainable artificial intelligence (XAI). However, researchers attempting to measure trust in AI face numerous challenges, such as different trust conceptualizations, simplified experimental tasks that may not induce uncertainty as a prerequisite for trust, and the lack of validated trust questionnaires in the context of AI. While acknowledging these issues, we have identified a further challenge that currently seems underappreciated - the potential distinction between trust as one construct and \emph{distrust} as a second construct independent of trust. While there has been long-standing academic discourse for this distinction and arguments for both the one-dimensional and two-dimensional conceptualization of trust, distrust seems relatively understudied in XAI. In this position paper, we not only highlight the theoretical arguments for distrust as a distinct construct from trust but also contextualize psychometric evidence that likewise favors a distinction between trust and distrust. It remains to be investigated whether the available psychometric evidence is sufficient for the existence of distrust or whether distrust is merely a measurement artifact. Nevertheless, the XAI community should remain receptive to considering trust and distrust for a more comprehensive understanding of these two relevant constructs in XAI

Analysis of Security Overhead in Broadcast V2V Communications

This paper concerns security issues for broadcast vehicle to vehicle (V2V) messages carrying vehicle status information ((location, heading, speed, etc.). These are often consumed by safety-related applications that e.g. augment situational awareness, issue alerts, recommend courses of action, and even trigger autonomous action. Consequently, the messages need to be both trustworthy and timely. We explore the impact of authenticity and integrity protection mechanisms on message latency using a model based on queuing theory. In conditions of high traffic density such as found in busy city centres, even the latency requirement of 100ms for first generation V2V applications was found to be challenging. Our main objective was to compare the performance overhead of the standard, PKC-based, message authenticity and integrity protection mechanism with that of an alternative scheme, TESLA, which uses symmetric-key cryptography combine with hash chains. This type of scheme has been dismissed in the past due to sup-posed high latency, but we found that in high traffic density conditions it outperformed the PKC-based scheme. without invoking congestion management measures. Perhaps the most significant observation from a security perspective is that denial of service attacks appear very easy to carry out and hard to defend against. This merits attention from the research and practitioner communities and is a topic we intend to address in the future

High Speed Flow Visualisation of an Impinging Jet on a Pelton Turbine Bucket

This paper deals with flow investigations using endoscopes in a single-injector reduced scale Pelton turbine performed with a CMOS high-speed camera. Both onboard and external visualizations techniques of the flow in a bucket are presented. The flow observations evidence the unsteadiness of the successive steps of jet/bucket interaction, free surface flow development and evolution throughout the bucket duty cycle

Design, analysis, and implementation of ARPKI: an attack-resilient public-key infrastructure

The current Transport Layer Security (TLS) Public-Key Infrastructure (PKI) is based on a weakest-link security model that depends on over a thousand trust roots. The recent history of malicious and compromised Certification Authorities has fueled the desire for alternatives. Creating a new, secure infrastructure is, however, a surprisingly challenging task due to the large number of parties involved and the many ways that they can interact. A principled approach to its design is therefore mandatory, as humans cannot feasibly consider all the cases that can occur due to the multitude of interleavings of actions by legitimate parties and attackers, such as private key compromises (e.g., domain, Certification Authority, log server, other trusted entities), key revocations, key updates, etc. We present ARPKI, a PKI architecture that ensures that certificate-related operations, such as certificate issuance, update, revocation, and validation, are transparent and accountable. ARPKI efficiently supports these operations, and gracefully handles catastrophic events such as domain key loss or compromise. Moreover ARPKI is the first PKI architecture that is co-designed with a formal model, and we verify its core security property using the TAMARIN prover. We prove that ARPKI offers extremely strong security guarantees, where compromising even n 1 trusted signing and verifying entities is insufficient to launch a man-in-the-middle attack. Moreover, ARPKI’s use deters misbehavior as all operations are publicly visible. Finally, we present a proof-of-concept implementation that provides all the features required for deployment. Our experiments indicate that ARPKI efficiently handles the certification process with low overhead. It does not incur additional latency to TLS, since no additional round trips are required

Simple Nudges for Better Password Creation

Recent security breaches have highlighted the consequences of reusing passwords across online accounts. Recent guidance on password policies by the UK government recommend an emphasis on password length over an extended character set for generating secure but memorable passwords without cognitive overload. This paper explores the role of three nudges in creating website-specific passwords: financial incentive (present vs absent), length instruction (long password vs no instruction) and stimulus (picture present vs not present). Mechanical Turk workers were asked to create a password in one of these conditions and the resulting passwords were evaluated based on character length, resistance to automated guessing attacks, and time taken to create the password. We found that users created longer passwords when asked to do so or when given a financial incentive and these longer passwords were harder to guess than passwords created with no instruction. Using a picture nudge to support password creation did not lead to passwords that were either longer or more resistant to attacks but did lead to account-specific passwords

More than just meat: Carcass decomposition shapes trophic identities in a terrestrial vertebrate

Most food web models fail to account for the full complexity of interactions within a community, particularly where microbes are involved. Carcasses are microbe-rich resources and may represent a common nexus for the macrobiome and microbiome, effectively uniting autotrophs, consumers, predators and microbiota. We evaluated the role of carcasses as multitrophic resources and explored dietary partitioning for a sexually dimorphic obligate scavenger known for its hierarchical social system. This study was set in a well-studied community of camelids Vicugna, Lama guanicoe, pumas Puma concolor and Andean condors Vultur gryphus in the Andes. We hypothesized that condors, by feeding on trophically distinct dietary substrates within any given carcass, would have highly variable trophic position (TP) values. Furthermore, we expected that the microbial consumers within the carcass would inflate TP values in both, the carrion and the condors. Thus, we expected that the trophic heterogeneity within a carcass could facilitate sex-based dietary partitioning in condors. We used a multifaceted approach to assess the foraging of Andean condors, using regurgitated pellet and bulk isotopic analyses, and also quantified the TP of the entire community of graminoids, camelids, camelid carrion, pumas, and female and male condors employing compound-specific stable isotopes analysis of amino acids. Our analysis of condor pellets and bulk isotopes revealed non-trivial plant consumption, close to 10% of condor diet. Isotope analysis of amino acids revealed that condors had highly variable TPs (2.9 ± 0.3) compared to pumas (3.0 ± 0.0) and camelids (2.0 ± 0.1), likely representing ‘trophic omnivory’, wherein the condors consume plants (TP = 1.0 ± 0.1) and microbe-colonized carrion (2.3 ± 0.1). Female condors exhibited a TP (2.8 ± 0.2) lower than strict carnivory, suggesting that they consume more plant biomass in a carcass, while males (TP = 3.1 ± 0.3) are likely consuming more of the microbe-rich animal tissue. Our study highlights that carcasses represent a trophically heterogeneous resource and that vertebrate scavengers can feed across trophic groups within the carcass, from autotrophs to secondary consumers, and from both the macrobiome and microbiome. Thus, integration of microbes in macroecological contexts can help to resolve trophic identity, and better characterize the importance of microbes in detritivorous and omnivorous species. Read the free Plain Language Summary for this article on the Journal blog.Fil: Barceló, Gonzalo. University of Wisconsin; Estados UnidosFil: Perrig, Paula Leticia. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Patagonia Norte. Instituto de Investigaciones en Biodiversidad y Medioambiente. Universidad Nacional del Comahue. Centro Regional Universidad Bariloche. Instituto de Investigaciones en Biodiversidad y Medioambiente; Argentina. University of Wisconsin; Estados UnidosFil: Dharampal, Prarthana. University of Wisconsin; Estados UnidosFil: Donadio, Emiliano. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Patagonia Norte. Instituto de Investigaciones en Biodiversidad y Medioambiente. Universidad Nacional del Comahue. Centro Regional Universidad Bariloche. Instituto de Investigaciones en Biodiversidad y Medioambiente; Argentina. Fundación Rewilding Argentina; ArgentinaFil: Steffan, Shawn A.. United States Department of Agriculture. Agriculture Research Service; Estados Unidos. University of Wisconsin; Estados UnidosFil: Pauli, Jonathan Nicholas. University of Wisconsin; Estados Unido

What makes a successful relationship? Subjective beliefs of older married, divorced and widowed individuals

Beliefs of a successful partnership influence goals, motivations, and behaviour in romantic relationships. Life transitions could have an influence on the personal templates of an ideal partnership. Every critical life event generates a discrepancy between perceptions and individual standards, which drives emotions and cognitions and motivates behaviour designed to reduce or resolve the discrepancy. We examined the differences between the beliefs of a successful relationship that divorced spouses, widowed persons and long-term married couples (N = 800, age 62–91 years) subscribe to, regarding what constitutes a successful marriage, and how their assumptions relate to various subjective dimensions of well-being. Results revealed that the prioritization given to the key elements of a successful relationship (i.e., mutual respect in long-term married couples, successful communication in divorced spouses and love in widowed persons) varied among the groups. Comparing low and high scores for individual well-being resulted in differences between beliefs of a successful partnership held by divorced and widowed persons but not married couples. These findings provide important considerations for counselling persons after the loss of a partner due to separation, divorce or death. An idealized view of the deceased spouse as a soulmate and emphasis on the shared love could be adaptive for widowed persons, whereas the emphasis on successful communication techniques could be an important step in improving cognitive and emotional well-being for divorced persons