Information security and the protection of space system assets is getting more and more important, also for civilian space missions. Since information security is a system-level concept, the implementation of end-to-end security controls into the command and control infrastructure needs to be validated from a system perspective. In our paper we describe the SpaceSecLab, a fully representative end-to-end test bed environment that has been developed by ESA for this purpose. It is capable to support the validation of space-link security protocols and other system-level security controls. We demonstrate the capabilities of the SapceSecLab using the interoperability testing of the new CCSDS Space Data-Link Layer security protocol and its Extended Procedures as a use case. Other security services such as end-to-end security test automation and penetration testing that can be effectively implemented using the SpaceSecLab as well.
Smart contracts enable users to execute payments depending on complex program logic. Ethereum is the most notable example of a blockchain that supports smart contracts leveraged for countless applications including games, auctions and financial products. Unfortunately, the traditional method of running contract code on-chain is very expensive, for instance, on the Ethereum platform, fees have dramatically increased, rendering the system unsuitable for complex applications. A prominent solution to address this problem is to execute code off-chain and only use the blockchain as a trust anchor. While there has been significant progress in developing off-chain systems over the last years, current off-chain solutions suffer from various drawbacks including costly blockchain interactions, lack of data privacy, huge capital costs from locked collateral, or supporting only a restricted set of applications.In this paper, we present POSE -a practical off-chain protocol for smart contracts that addresses the aforementioned shortcomings of existing solutions. POSE leverages a pool of Trusted Execution Environments (TEEs) to execute the computation efficiently and to swiftly recover from accidental or malicious failures. We show that POSE provides strong security guarantees even if a large subset of parties is corrupted. We evaluate our proof-of-concept implementation with respect to its efficiency and effectiveness.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.