Steve J. Chapin scite author profile

A covert channel is a communication path that allows transferring information in a way that violates a system security policy. Because of their concealed nature, detecting and preventing covert channels are obligatory security practices. In this paper, we present an examination of network storage channels in the Internet Protocol version 6 (IPv6). We introduce and analyze 22 different covert channels. In the appendix, we define three types of active wardens, stateless, stateful, and network-aware, who differ in complexity and ability to block the analyzed covert channels.

show abstract

Benchmarks and Standards for the Evaluation of Parallel Job Schedulers

Chapin

Cirne

Feitelson

et al. 1999

121

View full text Add to dashboard Cite

The evaluation of parallel job schedulers hinges on the workloads used. It is suggested that this be standardized, in terms of both format and content, so as to ease the evaluation and comparison of different systems. The question remains whether this can encompass both traditional parallel systems and metacomputing systems. This paper is based on a panel on this subject that was held at the workshop, and the ensuing discussion; its authors are both the panel members and participants from the audience. Naturally, not all of us agree with all the opinions expressed here...

show abstract

The Legion Resource Management System

et al. 1999

View full text Add to dashboard Cite

Automatic error finding in access-control policies

Jayaraman

Ganesh

Tripunitara

et al. 2011

View full text Add to dashboard Cite

Access-control policies are a key infrastructural technology for computer security. However, a significant problem is that system administrators need to be able to automatically verify whether their policies capture the intended security goals. To address this important problem, researchers have proposed many automated verification techniques. Despite considerable progress in verification techniques, scalability is still a significant issue. Hence, in this paper we propose that error finding complements verification, and is a fruitful way of checking whether or not access control policies implement the security intent of system administrators. Error finding is more scalable (at the cost of completeness), and allows for the use of a wider variety of techniques.In this paper, we describe an abstraction-refinement based technique and its implementation, the MOHAWK tool, aimed at finding errors in ARBAC access-control policies. The key insight behind our abstraction-refinement technique is that it is more efficient to look for errors in an abstract policy (with successive refinements, if necessary) than its complete counterpart.MOHAWK accepts as input an access-control policy and a safety question. If MOHAWK finds an error in the input policy, it terminates with a sequence of actions that cause the error. We provide an extensive comparison of MOHAWK with the current state-ofthe-art analysis tools. We show that MOHAWK scales very well as the size and complexity of the input policies increase, and is orders of magnitude faster than competing tools. The MOHAWK tool is open source and available from the Google Code website:

show abstract

Privacy-preserving GWAS analysis on federated genomic datasets

Constable

Tang

Wang

et al. 2015

BMC Med Inform Decis Mak

View full text Add to dashboard Cite

BackgroundThe biomedical community benefits from the increasing availability of genomic data to support meaningful scientific research, e.g., Genome-Wide Association Studies (GWAS). However, high quality GWAS usually requires a large amount of samples, which can grow beyond the capability of a single institution. Federated genomic data analysis holds the promise of enabling cross-institution collaboration for effective GWAS, but it raises concerns about patient privacy and medical information confidentiality (as data are being exchanged across institutional boundaries), which becomes an inhibiting factor for the practical use.MethodsWe present a privacy-preserving GWAS framework on federated genomic datasets. Our method is to layer the GWAS computations on top of secure multi-party computation (MPC) systems. This approach allows two parties in a distributed system to mutually perform secure GWAS computations, but without exposing their private data outside.ResultsWe demonstrate our technique by implementing a framework for minor allele frequency counting and χ2 statistics calculation, one of typical computations used in GWAS. For efficient prototyping, we use a state-of-the-art MPC framework, i.e., Portable Circuit Format (PCF) [1]. Our experimental results show promise in realizing both efficient and secure cross-institution GWAS computations.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Steve J. Chapin

Covert Channels in IPv6

Benchmarks and Standards for the Evaluation of Parallel Job Schedulers

The Legion Resource Management System

Automatic error finding in access-control policies

Privacy-preserving GWAS analysis on federated genomic datasets

Contact Info

Product

Resources

About