References of "Mauw, Sjouke 50002343"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailDesign and formal analysis of a group signature based electronic toll pricing system
Chen, Xihui UL; Lenzini, Gabriele UL; Mauw, Sjouke UL et al

in Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (2013), 4(1), 55-75

Detailed reference viewed: 125 (13 UL)
Full Text
Peer Reviewed
See detailAttack-Defense Trees
Kordy, Barbara UL; Mauw, Sjouke UL; Radomirovic, Sasa UL et al

in Journal of Logic and Computation (2012)

Attack-defense trees are a novel methodology for graphical security modeling and assessment. They extend the well known formalism of attack trees by allowing nodes that represent defensive measures to ... [more ▼]

Attack-defense trees are a novel methodology for graphical security modeling and assessment. They extend the well known formalism of attack trees by allowing nodes that represent defensive measures to appear at any level of the tree. This enlarges the modeling capabilities of attack trees and makes the new formalism suitable for representing interactions between an attacker and a defender. Our formalization supports different semantical approaches for which we provide usage scenarios. We also formalize how to quantitatively analyze attack and defense scenarios using attributes. [less ▲]

Detailed reference viewed: 192 (15 UL)
Full Text
Peer Reviewed
See detailImplementation and Validation of a Localisation Assurance Service Provider
Chen, Xihui UL; Harpes, Carlo; Lenzini, Gabriele UL et al

in Proc. 6th ESA Workshop on Satellite Navigation Technologies (2012)

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with ... [more ▼]

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with the integrity and authenticity of satellite signals: they can delay signals, or re-broadcast signals. Positioning is thus compromised and location-based services are at risk.This paper describes a solution to mitigate this risk. It is a trusted third-party Localisation Assurance service that informs location-based services providers up to which level a location claimed by client can be trusted. It runs several tests over the localisation data of client receivers and certifies the level of assurance of locations. An assurance level expresses the amount of trust the third-party has that a receiver's location is calculated from integral and authentic satellite signals. [less ▲]

Detailed reference viewed: 213 (6 UL)
Full Text
Peer Reviewed
See detailA trust-augmented voting scheme for collaborative privacy management
Sun, Yanjie UL; Zhang, Chenyi UL; Pang, Jun UL et al

in Journal of Computer Security (2012), 20(4), 437-459

Detailed reference viewed: 112 (6 UL)
Full Text
Peer Reviewed
See detailInput online review data and related bias in recommender systems
Piramuthu, Selwyn; Kapoor, Gaurav; Zhou, Wei et al

in Decision Support Systems (2012), 53(3), 418-424

A majority of extant literature on recommender systems assume the input data as a given to generate recommendations. Both implicit and/or explicit data are used as input in these systems. The existence of ... [more ▼]

A majority of extant literature on recommender systems assume the input data as a given to generate recommendations. Both implicit and/or explicit data are used as input in these systems. The existence of various challenges in using such input data including those associated with strategic source manipulations, sparse matrix, state data, among others, are sometimes acknowledged. While such input data are also known to be rife with various forms of bias, to our knowledge no explicit attempt is made to correct or compensate for them in recommender systems. We consider a specific type of bias that is introduced in online product reviews due to the sequence in which these reviews are written. We model several scenarios in this context and study their properties. [less ▲]

Detailed reference viewed: 105 (0 UL)
Full Text
See detailLocation-Based Services: Privacy, Security and Assurance
Jonker, Hugo UL; Mauw, Sjouke UL; Pang, Jun UL

in Digital Enlightenment Yearbook 2012 (2012)

Detailed reference viewed: 91 (5 UL)
Full Text
Peer Reviewed
See detailFairness in Non-repudiation Protocols
Jamroga, Wojciech UL; Mauw, Sjouke UL; Melissen, Matthijs UL

in Proceedings of STM 2011 (2012)

Detailed reference viewed: 107 (2 UL)
Full Text
Peer Reviewed
See detailProbabilistic model checking of the PDGF signaling pathway
Yuan, Qixia UL; Trairatphisan, Panuwat UL; Pang, Jun UL et al

in Transactions on Computational Systems Biology (2012), XIV

Detailed reference viewed: 166 (16 UL)
Full Text
Peer Reviewed
See detailA group signature based electronic toll pricing system
Chen, Xihui UL; Lenzini, Gabriele UL; Mauw, Sjouke UL et al

in Proc. 7th International Conference on Availability, Reliability and Security (2012)

Detailed reference viewed: 158 (2 UL)
Full Text
Peer Reviewed
See detailComparative analysis of clustering protocols with probabilistic model checking
Li, Qian UL; Schaffer, Peter UL; Pang, Jun UL et al

in Proc. 6th International Symposium on Theoretical Aspects of Software Engineering (2012)

Detailed reference viewed: 135 (3 UL)
Full Text
Peer Reviewed
See detailGame-based verification of contract signing protocols with minimal messages
Zhang, Ying UL; Zhang, Chenyi UL; Pang, Jun UL et al

in Innovations in Systems and Software Engineering (2012), 8

Detailed reference viewed: 116 (3 UL)
See detailOperational semantics and verification of security protocols
Cremers, Cas; Mauw, Sjouke UL

Book published by Springer-Verlag (2012)

Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or ... [more ▼]

Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or modifying the messages. However, using cryptography is not enough to ensure their correctness. Combined with their typical small size, which suggests that one could easily assess their correctness, this often results in incorrectly designed protocols. The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, their execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions of correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model they have developed a tool set called Scyther that can automatically find attacks on security protocols or prove their correctness. In case studies they show the application of the methodology as well as the effectiveness of the analysis tool. The methodology’s strong mathematical basis, the strong separation of concerns in the model, and the accompanying tool set make it ideally suited both for researchers and graduate students of information security or formal methods and for advanced professionals designing critical security protocols. [less ▲]

Detailed reference viewed: 119 (3 UL)
Full Text
Peer Reviewed
See detailDetecting meaconing attacks by analysing the clock bias of GNSS receivers
Marnach, Daniel; Mauw, Sjouke UL; Martins, Miguel et al

in European Navigation Conference (ENC 2012) (2012)

Existing Global Navigation Satellite Systems offer no authentication of their satellite signals towards their civilian users. As a consequence, several types of GNSS-related attacks, including meaconing ... [more ▼]

Existing Global Navigation Satellite Systems offer no authentication of their satellite signals towards their civilian users. As a consequence, several types of GNSS-related attacks, including meaconing, may be performed and remain undetected. In the scope of the project “Developing a prototype of Localisation Assurance Service Provider”, which is funded by ESA and realised by the company itrust consulting and the University of Luxembourg, a methodology to visualise the beginnings and the ends of meaconing attacks by monitoring the clock bias of an attacked receiver over time was developed. This paper presents an algorithm that is based on this attack visualisation technique and is capable of detecting meaconing attacks automatically. Experiments in a controlled environment confirmed that the chosen methodology works properly. In one of these tests, for example, six meaconing attacks were simulated by using a GNSS signal repeater. The algorithm was able to detect the beginnings and the ends of all six attacks, while resulting in no more than two false positives, even though the average delay introduced by the meaconing stations (repeater) was just 80 nanoseconds. [less ▲]

Detailed reference viewed: 183 (1 UL)
Full Text
See detailQuantitative Questions on Attack-Defense Trees
Kordy, Barbara UL; Mauw, Sjouke UL; Schweitzer, Patrick UL

Report (2012)

Detailed reference viewed: 101 (1 UL)
Full Text
Peer Reviewed
See detailQuantitative Questions on Attack-Defense Trees
Kordy, Barbara UL; Mauw, Sjouke UL; Schweitzer, Patrick UL

in Information Security and Cryptology - ICISC 2012 - 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers (2012)

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes intuitive and formal components that can be used for quantitative analysis of attack ... [more ▼]

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes intuitive and formal components that can be used for quantitative analysis of attack-defense scenarios. In practice, we use intuitive questions to ask about aspects of scenarios we are interested in. Formally, a computational procedure, using a bottom-up algorithm, is applied to derive the corresponding numerical values. This paper bridges the gap between the intuitive and the formal way of quantitatively assessing attack-defense scenarios. We discuss how to properly specify a question, so that it can be answered unambiguously. Given a well-specified question, we then show how to derive an appropriate attribute domain which constitutes the corresponding formal model. [less ▲]

Detailed reference viewed: 118 (3 UL)
Full Text
Peer Reviewed
See detailSelective location blinding using hash chains
Lenzini, Gabriele UL; Mauw, Sjouke UL; Pang, Jun UL

in Proc. 19th International Workshop on Security Protocols (2011)

Detailed reference viewed: 171 (7 UL)
Full Text
Peer Reviewed
See detailmCarve: Carving attributed dump sets
van Deursen, Ton UL; Mauw, Sjouke UL; Radomirovic, Sasa UL

in Abstract book of 20th USENIX Security Symposium (2011)

Detailed reference viewed: 35 (1 UL)
Full Text
Peer Reviewed
See detailSelective location blinding using hash chains (transcript of discussion)
Mauw, Sjouke UL

in Proceedings of 19th Security Protocols Workshop (2011), 7114

Detailed reference viewed: 98 (1 UL)
Full Text
Peer Reviewed
See detailA study of the PDGF signaling pathway with PRISM
Yuan, Qixia UL; Pang, Jun UL; Mauw, Sjouke UL et al

in Proceedings of the 3rd Workshop on Computational Models for Cell Processes (2011), EPTCS 67

Detailed reference viewed: 159 (13 UL)
Full Text
Peer Reviewed
See detailA trust-augmented voting scheme for collaborative privacy management
Sun, Yanjie UL; Zhang, Chenyi UL; Pang, Jun UL et al

in Proc. 6th International Workshop on Security and Trust Management (2011)

Detailed reference viewed: 132 (1 UL)