Quality of Protection (QoP) An approach that separates the development of security services from the application development partitions security services.

Slides:

Advertisements

Similar presentations

Computer Systems & Architecture Lesson 2 4. Achieving Qualities.

Advertisements

Encrypting Wireless Data with VPN Techniques

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

KMIP 1.3 SP Issues Joseph Brand / Chuck White / Tim Hudson December 12th,

Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.

H. 323 Chapter 4.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Context Awareness System and Service SCENE JS Lee 1 An Energy-Aware Framework for Dynamic Software Management in Mobile Computing Systems.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

ACN: IntServ and DiffServ1 Integrated Service (IntServ) versus Differentiated Service (Diffserv) Information taken from Kurose and Ross textbook “ Computer.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

Data and Computer Communications

Copy Protection for DVD Video Aline Martin ECE 738 Project – Spring 2005 J.Bloom, I.Cox,T.Kalker,J.P.Linnartz,M.Miller, and C.B.S.Traw.

InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

1 RTCWEB interim Remote recording use case / requirements John Elwell.

November 10, 2010 Washington, D.C.. Agenda Secure Component tool Secure Component tool Contacts and Messaging Contacts and Messaging Workspaces Workspaces.

Chapter 17 Networking Dave Bremer Otago Polytechnic, N.Z. ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William Stallings.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

System Architecture.  Windows Phone 7  Mobile Phone Application  User – End Perspective  Google App Engine  Administration Console  Handles authentication,

1. Presenters: Constantine Grantcharov Ryan Burbidge 2.

Web Services Quality Model V2.0 Business Value Quality Group Business Value Quality Cost Suitability Effect Service Measurement Quality Group Service Level.

Week #7 Objectives: Secure Windows 7 Desktop

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Protocols and the TCP/IP Suite

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

An Overview of MPEG-21 Cory McKay. Introduction Built on top of MPEG-4 and MPEG-7 standards Much more than just an audiovisual standard Meant to be a.

Authors: Jiann-Liang Chenz, Szu-Lin Wuy,Yang-Fang Li, Pei-Jia Yang,Yanuarius Teofilus Larosa th International Wireless Communications and Mobile.

SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.

A Security-Aware Routing Protocol for Wireless Ad Hoc Networks

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

© Synergetics Portfolio Security Aspecten.

Rights Expression Languages in Digital Rights Management Xin Wang ContentGuard, Inc. October 19, 2006.

Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications Frank Hartung and Friedhelm Ramme, Ericsson Research, IEEE.

Doc.: IEEE /137r2 Submission June 2000 Tim Godfrey, IntersilSlide 1 TGe Requirements Version r2 8 June 2000.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.

1 Networking Chapter Distributed Capabilities Communications architectures –Software that supports a group of networked computers Network operating.

Distribution of Multimedia Data Over a Wireless Network (DMDoWN): An Introduction Presented By: Rafidah Md Noor Faculty of Computer Science & Information.

New Cryptographic Techniques for Active Networks Sandra Murphy Trusted Information Systems March 16, 1999.

1 ISA&D29-Oct ISA&D29-Oct-13 Systems Analyst: problem solver IT and Strategic Planning.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.

1 Integrating security in a quality aware multimedia delivery platform Paul Koster 21 november 2001.

Wireless communications and mobile computing conference, p.p , July 2011.

A Utility-based Approach to Scheduling Multimedia Streams in P2P Systems Fang Chen Computer Science Dept. University of California, Riverside

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Living in a Network Centric World Network Fundamentals – Chapter 1.

An Application of VoIP and MPLS Advisor: Dr. Kevin Ryan

Wireless and Mobile Security

Secure Scalable Multimedia Streaming Karl Martin Multimedia Lab Dept. of Electrical and Computer Eng. University of Toronto.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

Virtual Machine Abstractions for Nomadic Pervasive Computing (NPC) Environment Presented by: Hen-I Yang, Nov. 29, 2006.

3/10/2016 Subject Name: Computer Networks - II Subject Code: 10CS64 Prepared By: Madhuleena Das Department: Computer Science & Engineering Date :

Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

CCNA Network Fundamentals

Systems Design Chapter 6.

Presentation transcript:

Quality of Protection (QoP) An approach that separates the development of security services from the application development partitions security services into different security levels so that appropriate security services are deployed to best trade of the needs of security and performance preferences. allows application developers to seamlessly integrate tunable security services with their application.

QoP Model Extension of existing QoS models Define security operations that check the access privileges via authentication, authorization and other access control operations ensure the integrity, copyright, confidentiality of data via encryption, watermarking and other security operations at the source and other important security points adjust security levels according to the security requirements.

QoP Model (Authentication Phase) our QoP model considers the user authentication operation during the setup phase a feedback edge to indicate that a proper response from the user is required

QoP Model (Transmission Phase) data encryption operation during the transmission phase example of a VoD application

QoP Model (Transmission Phase) Each pair of security points carries QoP meta-data that represent a set of QoP attributes to determine the needed security services for that segment of data transmission path. Security points act as decision engines that decide the most suitable QoP level of security to be executed and thus forward them to the appropriate security operation tasks

QoP Meta Data Defined in terms of: Security services to be performed (authentication/encryption) QoP parameters for required security levels (keylength, etc) Reward profile for each security specification (low, medium, high)

QoP Architecture I The Application QoS Specifier obtains the desired QoS parameters from the application. The QoP Specifier determines the QoP parameters. The resource manager obtains the specified QoP and QoS parameters and determines the set of values that will be feasible given the available resources.

QoP Architecture II The QoP customizer defines additional application specific rules and limitations, such as requiring QoS to have a higher priority over QoP. The QoP Service Coordinator extracts the security requirements from the QoP meta file and relays the information to the various security points. The QoP-enabling entity is composite component that provides the core set of QoP services such as authentication and encryption to the applications. CryptLib is a cryptographic library to provide key generation, encryption and decryption functions.

QoP Architecture III QoP service components such as the Authenticator and Secure Sockets are built on top of CryptLib. The Authenticator is responsible for authentication services. The SecureSockets simulates security points and is responsible for data encryption services specified in its security attributes. Communications between the QoP-enabling entities are governed by security protocols. The system can be easily upgraded with the latest cryptographic standards by changing CryptLib only.

QoP Component Communication Protocol QoP easily provided by including the QoP- enabling entity as a middleware component in the applications. Middleware components manage all the QoP communications without interfering with other parts of the application.

Implementation on Mobile Multimedia Player Denote security points; colors reflect different QoP requirements for different application component

QoP-enabled Mobile Multimedia Player MPEG Video and audio are streamed to the desktop player. Bitmap video and decoded-MP3 audio are streamed to the handheld device The desktop player selects a “high” level of security that uses signature authentication and AES data encryption with a 256bits key. The handheld player selects a “low” level of security that uses password authentication and no data encryption. This allows the handheld player to maintain the audio and video playback quality. As the data stream is handoff-ed from one device to another, the security level for each device is preserved.