Publications

Refine Results

(Filters Applied) Clear All

Mission resilience experimentation and evaluation testbed

Published in:
IEEE Military Communications Conf., MILCOM, 28 November - 2 December 2022.

Summary

As the complexity of DoD systems increases exponentially, the DoD continues to struggle with understanding and improving the resilience of its mission software. The Applied Resilience for Mission Systems (ARMS) Testbed is an environment that enables resilience improvement by experimentation and assessment of different mission system architectures and approaches. This Testbed consists of components for deploying mission system software for testing, capturing system performance, generating traffic, introducing disruptions into the mission system, orchestrating controlled experiments, and assessing and comparing the performance of mission systems. This paper covers the implementation of this Testbed, analysis for mission resilience comparisons, and their application to an operational terrestrial network architecture. Additionally, we introduce the Distance to Failure metric for comparing the resilience of arbitrary mission systems variations.
READ LESS

Summary

As the complexity of DoD systems increases exponentially, the DoD continues to struggle with understanding and improving the resilience of its mission software. The Applied Resilience for Mission Systems (ARMS) Testbed is an environment that enables resilience improvement by experimentation and assessment of different mission system architectures and approaches. This...

READ MORE

Don't even ask: database access control through query control

Summary

This paper presents a vision and description for query control, which is a paradigm for database access control. In this model, individual queries are examined before being executed and are either allowed or denied by a pre-defined policy. Traditional view-based database access control requires the enforcer to view the query, the records, or both. That may present difficulty when the enforcer is not allowed to view database contents or the query itself. This discussion of query control arises from our experience with privacy-preserving encrypted databases, in which no single entity learns both the query and the database contents. Query control is also a good fit for enforcing rules and regulations that are not well-addressed by view-based access control. With the rise of federated database management systems, we believe that new approaches to access control will be increasingly important.
READ LESS

Summary

This paper presents a vision and description for query control, which is a paradigm for database access control. In this model, individual queries are examined before being executed and are either allowed or denied by a pre-defined policy. Traditional view-based database access control requires the enforcer to view the query...

READ MORE

SoK: cryptographically protected database search

Summary

Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly, systems are offered by academia, start-ups, and established companies. However, there is no best protected search system or set of techniques. Design of such systems is a balancing act between security, functionality, performance, and usability. This challenge is made more difficult by ongoing database specialization, as some users will want the functionality of SQL, NoSQL, or NewSQL databases. This database evolution will continue, and the protected search community should be able to quickly provide functionality consistent with newly invented databases. At the same time, the community must accurately and clearly characterize the tradeoffs between different approaches. To address these challenges, we provide the following contributions:(1) An identification of the important primitive operations across database paradigms. We find there are a small number of base operations that can be used and combined to support a large number of database paradigms.(2) An evaluation of the current state of protected search systems in implementing these base operations. This evaluation describes the main approaches and tradeoffs for each base operation. Furthermore, it puts protected search in the context of unprotected search, identifying key gaps in functionality.(3) An analysis of attacks against protected search for different base queries.(4) A roadmap and tools for transforming a protected search system into a protected database, including an open-source performance evaluation platform and initial user opinions of protected search.
READ LESS

Summary

Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly, systems are offered by academia, start-ups...

READ MORE

Showing Results

1-3 of 3