References of "Mauw, Sjouke 50002343"
     in
Bookmark and Share    
See detailProceedings of the 10th International Workshop on Security and Trust Management (STM 2014)
Mauw, Sjouke UL; Jensen, Christian Damsgaard

Book published by Springer (2014)

Detailed reference viewed: 51 (1 UL)
Full Text
Peer Reviewed
See detailDEMO: Demonstrating a Trust Framework for Evaluating GNSS Signal Integrity
Chen, Xihui UL; Harpes, Carlo; Lenzini, Gabriele UL et al

in Proceedings of 20th ACM Conference on Computer and Communications Security (CCS'13) (2013, November)

Through real-life experiments, it has been proved that spoofing is a practical threat to applications using the free civil service provided by Global Navigation Satellite Systems (GNSS). In this paper, we ... [more ▼]

Through real-life experiments, it has been proved that spoofing is a practical threat to applications using the free civil service provided by Global Navigation Satellite Systems (GNSS). In this paper, we demonstrate a prototype that can verify the integrity of GNSS civil signals. By integrity we intuitively mean that civil signals originate from a GNSS satellite without having been artificially interfered with. Our prototype provides interfaces that can incorporate existing spoofing detection methods whose results are then combined into an overall evaluation of the signal’s integrity, which we call integrity level. Considering the various security requirements from different applications, integrity levels can be calculated in many ways determined by their users. We also present an application scenario that deploys our prototype and offers a public central service – localisation assurance certification. Through experiments, we successfully show that our prototype is not only effective but also efficient in practice. [less ▲]

Detailed reference viewed: 335 (14 UL)
Full Text
Peer Reviewed
See detailDesign and formal analysis of a group signature based electronic toll pricing system
Chen, Xihui UL; Lenzini, Gabriele UL; Mauw, Sjouke UL et al

in Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (2013), 4(1), 55-75

Detailed reference viewed: 128 (13 UL)
Full Text
See detailMessage from ESSS 2013 Workshop Co-chairs
Pang, Jun UL; Liu, Yang; Mauw, Sjouke UL

in 6th IEEE International Conference on Software Testing, Verification and Validation Workshops Proceedings (2013)

Detailed reference viewed: 129 (1 UL)
Full Text
Peer Reviewed
See detailA trust framework for evaluating GNSS signal integrity
Chen, Xihui UL; Lenzini, Gabriele UL; Martins, Miguel et al

in Proceedings of 26th IEEE Computer Security Foundations Symposium (CSF'13) (2013)

Detailed reference viewed: 322 (6 UL)
Full Text
Peer Reviewed
See detailPrivacy and verifiability in voting systems: Methods, developments and trends
Jonker, Hugo UL; Mauw, Sjouke UL; Pang, Jun UL

in Computer Science Review (2013)

Detailed reference viewed: 174 (0 UL)
Full Text
Peer Reviewed
See detailADTool: Security Analysis with Attack-Defense Trees (Tool Demonstration Paper)
Kordy, Barbara UL; Kordy, Piotr UL; Mauw, Sjouke UL et al

in 10th International Conference on Quantitative Evaluation of SysTems (2013)

The ADTool is free, open source software assisting graphical modeling and quantitative analysis of security, using attack-defense trees. The main features of the ADTool are easy creation, efficient ... [more ▼]

The ADTool is free, open source software assisting graphical modeling and quantitative analysis of security, using attack-defense trees. The main features of the ADTool are easy creation, efficient editing, and automated bottom-up evaluation of security-relevant measures. The tool also supports the usage of attack trees, protection trees and defense trees, which are all particular instances of attack-defense trees. [less ▲]

Detailed reference viewed: 106 (8 UL)
Full Text
Peer Reviewed
See detailLocation Assurance and Privacy in GNSS Navigation
Chen, Xihui; Harpes, Carlo; Lenzini, Gabriele UL et al

in ERCIM News (2013), 2013(94),

The growing popularity of location-based services such as GNSS (Global Navigation Satellite System) navigation requires confidence in the reliability of the calculated locations. The exploration of a ... [more ▼]

The growing popularity of location-based services such as GNSS (Global Navigation Satellite System) navigation requires confidence in the reliability of the calculated locations. The exploration of a user’s location also gives rise to severe privacy concerns. Within an ESA (European Space Agency) funded project, we have developed a service that not only verifies the correctness of users’ locations but also enables users to control the accuracy of their revealed locations. [less ▲]

Detailed reference viewed: 122 (7 UL)
Full Text
Peer Reviewed
See detailAttack-Defense Trees
Kordy, Barbara UL; Mauw, Sjouke UL; Radomirovic, Sasa UL et al

in Journal of Logic and Computation (2012)

Attack-defense trees are a novel methodology for graphical security modeling and assessment. They extend the well known formalism of attack trees by allowing nodes that represent defensive measures to ... [more ▼]

Attack-defense trees are a novel methodology for graphical security modeling and assessment. They extend the well known formalism of attack trees by allowing nodes that represent defensive measures to appear at any level of the tree. This enlarges the modeling capabilities of attack trees and makes the new formalism suitable for representing interactions between an attacker and a defender. Our formalization supports different semantical approaches for which we provide usage scenarios. We also formalize how to quantitatively analyze attack and defense scenarios using attributes. [less ▲]

Detailed reference viewed: 196 (15 UL)
Full Text
See detailQuantitative Questions on Attack-Defense Trees
Kordy, Barbara UL; Mauw, Sjouke UL; Schweitzer, Patrick UL

Report (2012)

Detailed reference viewed: 105 (1 UL)
Full Text
Peer Reviewed
See detailProbabilistic model checking of the PDGF signaling pathway
Yuan, Qixia UL; Trairatphisan, Panuwat UL; Pang, Jun UL et al

in Transactions on Computational Systems Biology (2012), XIV

Detailed reference viewed: 173 (16 UL)
Full Text
Peer Reviewed
See detailFairness in Non-repudiation Protocols
Jamroga, Wojciech UL; Mauw, Sjouke UL; Melissen, Matthijs UL

in Proceedings of STM 2011 (2012)

Detailed reference viewed: 113 (2 UL)
Full Text
See detailLocation-Based Services: Privacy, Security and Assurance
Jonker, Hugo UL; Mauw, Sjouke UL; Pang, Jun UL

in Digital Enlightenment Yearbook 2012 (2012)

Detailed reference viewed: 94 (5 UL)
Full Text
Peer Reviewed
See detailQuantitative Questions on Attack-Defense Trees
Kordy, Barbara UL; Mauw, Sjouke UL; Schweitzer, Patrick UL

in Information Security and Cryptology - ICISC 2012 - 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers (2012)

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes intuitive and formal components that can be used for quantitative analysis of attack ... [more ▼]

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes intuitive and formal components that can be used for quantitative analysis of attack-defense scenarios. In practice, we use intuitive questions to ask about aspects of scenarios we are interested in. Formally, a computational procedure, using a bottom-up algorithm, is applied to derive the corresponding numerical values. This paper bridges the gap between the intuitive and the formal way of quantitatively assessing attack-defense scenarios. We discuss how to properly specify a question, so that it can be answered unambiguously. Given a well-specified question, we then show how to derive an appropriate attribute domain which constitutes the corresponding formal model. [less ▲]

Detailed reference viewed: 121 (3 UL)
Full Text
Peer Reviewed
See detailInput online review data and related bias in recommender systems
Piramuthu, Selwyn; Kapoor, Gaurav; Zhou, Wei et al

in Decision Support Systems (2012), 53(3), 418-424

A majority of extant literature on recommender systems assume the input data as a given to generate recommendations. Both implicit and/or explicit data are used as input in these systems. The existence of ... [more ▼]

A majority of extant literature on recommender systems assume the input data as a given to generate recommendations. Both implicit and/or explicit data are used as input in these systems. The existence of various challenges in using such input data including those associated with strategic source manipulations, sparse matrix, state data, among others, are sometimes acknowledged. While such input data are also known to be rife with various forms of bias, to our knowledge no explicit attempt is made to correct or compensate for them in recommender systems. We consider a specific type of bias that is introduced in online product reviews due to the sequence in which these reviews are written. We model several scenarios in this context and study their properties. [less ▲]

Detailed reference viewed: 110 (0 UL)
Full Text
Peer Reviewed
See detailDetecting meaconing attacks by analysing the clock bias of GNSS receivers
Marnach, Daniel; Mauw, Sjouke UL; Martins, Miguel et al

in European Navigation Conference (ENC 2012) (2012)

Existing Global Navigation Satellite Systems offer no authentication of their satellite signals towards their civilian users. As a consequence, several types of GNSS-related attacks, including meaconing ... [more ▼]

Existing Global Navigation Satellite Systems offer no authentication of their satellite signals towards their civilian users. As a consequence, several types of GNSS-related attacks, including meaconing, may be performed and remain undetected. In the scope of the project “Developing a prototype of Localisation Assurance Service Provider”, which is funded by ESA and realised by the company itrust consulting and the University of Luxembourg, a methodology to visualise the beginnings and the ends of meaconing attacks by monitoring the clock bias of an attacked receiver over time was developed. This paper presents an algorithm that is based on this attack visualisation technique and is capable of detecting meaconing attacks automatically. Experiments in a controlled environment confirmed that the chosen methodology works properly. In one of these tests, for example, six meaconing attacks were simulated by using a GNSS signal repeater. The algorithm was able to detect the beginnings and the ends of all six attacks, while resulting in no more than two false positives, even though the average delay introduced by the meaconing stations (repeater) was just 80 nanoseconds. [less ▲]

Detailed reference viewed: 198 (1 UL)
See detailOperational semantics and verification of security protocols
Cremers, Cas; Mauw, Sjouke UL

Book published by Springer-Verlag (2012)

Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or ... [more ▼]

Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or modifying the messages. However, using cryptography is not enough to ensure their correctness. Combined with their typical small size, which suggests that one could easily assess their correctness, this often results in incorrectly designed protocols. The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, their execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions of correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model they have developed a tool set called Scyther that can automatically find attacks on security protocols or prove their correctness. In case studies they show the application of the methodology as well as the effectiveness of the analysis tool. The methodology’s strong mathematical basis, the strong separation of concerns in the model, and the accompanying tool set make it ideally suited both for researchers and graduate students of information security or formal methods and for advanced professionals designing critical security protocols. [less ▲]

Detailed reference viewed: 131 (3 UL)
Full Text
Peer Reviewed
See detailA trust-augmented voting scheme for collaborative privacy management
Sun, Yanjie UL; Zhang, Chenyi UL; Pang, Jun UL et al

in Journal of Computer Security (2012), 20(4), 437-459

Detailed reference viewed: 116 (6 UL)
Full Text
Peer Reviewed
See detailImplementation and Validation of a Localisation Assurance Service Provider
Chen, Xihui UL; Harpes, Carlo; Lenzini, Gabriele UL et al

in Proc. 6th ESA Workshop on Satellite Navigation Technologies (2012)

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with ... [more ▼]

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with the integrity and authenticity of satellite signals: they can delay signals, or re-broadcast signals. Positioning is thus compromised and location-based services are at risk.This paper describes a solution to mitigate this risk. It is a trusted third-party Localisation Assurance service that informs location-based services providers up to which level a location claimed by client can be trusted. It runs several tests over the localisation data of client receivers and certifies the level of assurance of locations. An assurance level expresses the amount of trust the third-party has that a receiver's location is calculated from integral and authentic satellite signals. [less ▲]

Detailed reference viewed: 221 (6 UL)
Full Text
Peer Reviewed
See detailGame-based verification of contract signing protocols with minimal messages
Zhang, Ying UL; Zhang, Chenyi UL; Pang, Jun UL et al

in Innovations in Systems and Software Engineering (2012), 8

Detailed reference viewed: 122 (3 UL)