Abstract
This work presents a novel methodology for security analysis of computer systems. The suggested approach, called simulated hazard injection, is a variant of simulated fault injection, which has already been employed with success to the design and evaluation of fault-tolerant computer systems. The paper describes the key ideas underlying the proposed methodology, and defines a portfolio of security measures to be extracted from experimental data. These concepts are incorporated in a tool for dependability analysis of Public Key Infrastructure (PKI) based systems. The tool is called SECURE and is currently under development at the University of Naples. The paper describes the architecture of the tool and discusses its potentialities.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ford, W., Baum, M. S.: Secure Electronic Commerce. Prentice Hall Inc., Upper Saddle River (1997)
Atkins, D. et al.: Internet Security Professional Reference. 2nd edn. New Riders Publishing, Indianapolis (1997)
Iyer, R. K., Tang, D.: Experimental Analysis of Computer Systems Dependability. In: Pradhan, D. K.: Fault-Tolerant Computer System Design. Prentice Hall Inc., Upper Saddle River (1996)
Saleh, R.A., Newton, A.R.: Mixed-Mode Simulation. Kluwer Academic Publishers (1990)
Obal II, W. D., Sanders, W. H.: An Environment for Importance Sampling Based on Stochastic Activity Networks. In: Proceedings of the 13th Symposium on Reliable Distributed Systems, Dana Point, CA (1994) 64–73
Kaancihe, M., Romano, L., Kalbarczyk, Z., Iyer, R. K., Karcich, R.: A Hierarchical Approach for Dependability Analysis of a Commercial Cached RAID Storage Architecture. In: Proccedings of The Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (FTCS28), IEEE-CS, Los Alamitos (1998) 6–15
Goswami, K. K., Iyer, R. K., Young L.: DEPEND: A Simulation-Based Environment for System Level Dependability Analysis”. In: IEEE Transactions on Computers, Vol. 46, No. 1 (1997) 60–74
Schwetman, H.: Using CSIM to model complex systems. In: Proceedings of the 1988 Winter Simulation Conference, ed. M. Abrams, P. Haigh, and J. Comfort, San Diego (1988) 246-253
CSIM18 User Guides (C++ version), http://www.mesquite.com/
PKIX Working Group: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework. INTERNET-DRAFT, April 1998
PKIX Working Group: An Internet Attribute Certificate Profile for Authorization. INTERNET-DRAFT, April 1999
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Romano, L., Mazzeo, A., Mazzocca, N. (1999). SECURE: A Simulation Tool for PKI Design. In: Secure Networking — CQRE [Secure] ’ 99. CQRE 1999. Lecture Notes in Computer Science, vol 1740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46701-7_2
Download citation
DOI: https://doi.org/10.1007/3-540-46701-7_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66800-8
Online ISBN: 978-3-540-46701-4
eBook Packages: Springer Book Archive