Browsing by Author "Zeng, W."
Now showing 1 - 8 of 8
Results Per Page
Sort Options
Item Open Access Analysing Petri Nets in a Calculus of Context-aware Ambients(IEEE, 2020-07-13) Siewe, Francois; Germanos, Vasileios; Zeng, W.This paper proposes an approach to analysing and verifying Petri nets using a Calculus of Context-aware Ambients (CCA). We propose an algorithm that transforms a Petri net into a CCA process. This demonstrates that any system that can be specified in Petri nets can also be specified in CCA. Besides, the system can be analysed and verified using the CCA verification tools. We illustrate the practicality of our approach using a case study of the dining cryptographers problem.Item Open Access A Flow Sensitive Security Model for Cloud Computing Systems(2014-05-13) Zeng, W.; Koutny, M.; Watson, PaulA flow sensitive security model is presented to analyse information flow in federated cloud systems. Each cloud and the entities of the cloud system are classified into different security levels which form a security lattice. Opacity --- a general technique for unifying security properties --- turns out to be a promising analytical technique in the context of cloud computing systems. The proposed approach can help to track and control the secure information flow in federated cloud systems. It can also be used to analyze the impact of different resources allocation strategies.Item Open Access Formal verification of secure information flow in cloud computing(Elsevier, 2016-04-11) Zeng, W.; Koutny, M.; Watson, P.; Germanos, VasileiosFederated cloud systems increase the reliability and reduce the cost of computational support to an organisation. However, the resulting combination of secure private clouds and less secure public clouds impacts on the overall security of the system as applications need to be located within different clouds. In this paper, the entities of a federated cloud system as well as the clouds are assigned security levels of a given security lattice. Then a dynamic flow sensitive security model for a federated cloud system is introduced within which the Bell–LaPadula rules and cloud security rule can be captured. The rest of the paper demonstrates how Petri nets and the associated verification techniques could be used to analyse the security of information flow in federated cloud systems.Item Open Access How Location-Aware Access Control Affects User Privacy and Security in Cloud Computing Systems(EAI, 2020-06-10) Zeng, W.; Bashir, Reem; Wood, Trevor; Siewe, Francois; Janicke, Helge; Wagner, IsabelThe use of cloud computing (CC) is rapidly increasing due to the demand for internet services and communications. The large number of services and data stored in the cloud creates security risks due to the dynamic movement of data, connected devices and users between various cloud environments. In this study, we will develop an innovative prototype for location-aware access control and data privacy for CC systems. We will apply location-aware access control policies to role-based access control of Cloud Foundry, and then analyze the impact on user privacy after implementing these policies. This innovation can be used to address the security risks introduced by inter-cloud use and communication, and will have significant impact in making citizen’s personal data more secure.Item Open Access Mapping of the Security Requirements of GDPR and NISD(EAI, 2020-10-05) Saqib, Najmudin; Germanos, Vasileios; Zeng, W.; Maglaras, LeandrosPrivacy and information security have consistently been a priority for the European Union lawmaker. This paper investigates the security requirements of the General Data Protection Regulation (GDPR) and the Directive on security of network and information systems (NISD). This investigation incorporates what is unique about the NISD; how it overlaps with existing frameworks; and how security requirements in the GDPR influence the NISD. This mapping of requirements can help businesses and organizations to distinguish possible difficulties that may experience while conforming to GDPR and NISD and help them create a consistent cybersecurity framework and structure new security plans.Item Open Access A methodology for cost-benefit analysis of information security technologies(Wiley, 2018-10-01) Zeng, W.Although information security technologies (such as digital rights management products) has been proven effective and successful in protecting the confidentiality of sensitive information by providing access control, these technologies have not been widely adopted and used to their potential. One reason for this could be that cost and benefit of these products have not been analysed in a systematic and quantitative manner to date. As a result, companies do not have an established procedure to evaluate the cost and benefit of implementing these products. In this document, the benefits of implementing a digital rights management product in enterprises are quantified using stochastic Petri nets models and are compared with the security needs of a corporation and potential costs incurred by the implementation process. An evaluating procedure for implementing these products is established. This procedure has the potential to be used to improve the ability of a corporation to make sensible security investment decisions.Item Open Access Opacity in Internet of Things with Cloud Computing(IEEE, 2015-10-19) Zeng, W.; Koutny, M.; Watson, P.Internet of Things (IoT) with Cloud Computing (CC) is a new paradigm incorporating a pervasive presence of a wide range of things/objects which can interact with each other and cooperate, creating new services and reaching common goals. This will lead to more intelligent smart environments in a wide range of applications. In this context, protecting the Internet of Things with Cloud Computing (IoTwCC) against interference, including service attacks and viruses, becomes paramount. In this paper, we introduce a transition system representation to capture the information flow in IoTwCCs, and then investigate the opacity of the information flow model. In addition, we introduce a threat model to describe the actions of the system, and propose entropy as a security metrics to quantify the amount of information related to a service that might be exposed to other users or adversaries. It turns out that the opacity of the system is affected by the availability of the services. As a result, the trade-off between opacity and service availability can be analyzed.Item Open Access Performance Modelling and Evaluation of Enterprise Information Security Technologies(IEEE, 2014-09-11) Zeng, W.; Koutny, M.; van Moorsel, A.By providing effective access control mechanisms, enterprise information security technologies have been proven successful in protecting the confidentiality of sensitive information in business organizations. However, such security mechanisms typically reduce the work productivity of the staff, by making them spend time working on non-project related tasks. Therefore, organizations have to invest a signification amount of capital in the information security technologies, and then to continue incurring additional costs. In this study, we investigate the performance of administrators in an information help desk, and the non-productive time (NPT) in an organization, resulting from the implementation of information security technologies. An approximate analytical solution is discussed first, and the loss of staff member productivity is quantified using non-productive time. Stochastic Petri nets are then used to provide simulation results. The presented study can help information security managers to make investment decisions, and to take actions toward reducing the cost of information security technologies, so that a balance is kept between information security expense, resource drain and effectiveness of security technologies.