Modular over-the-wire configurable security for long-lived critical infrastructure monitoring systems

Proceedings of the 3rd ACM International Conference on Distributed Event-Based Systems, DEBS 2009

Volumn 2009-January, Issue , 2009, Pages

  Solum, Erik ^a   Hauser, Carl ^a   Chakravarthy, Rasika ^a   Bakken, Dave ^a  

^a WASHINGTON STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

MONITORING; PUBLIC WORKS;

END-TO-END SECURITY; INFRASTRUCTURE MONITORING; LONG LIFETIME; MODULAR SOFTWARES; MODULARS; MONITORING SYSTEM; PERFORMANCE; RUNTIMES; SECURITY ARCHITECTURE; SECURITY MODULES;

CRITICAL INFRASTRUCTURES;

EID: 84863533428     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1619258.1619276     Document Type: Conference Paper

References (24)

1. D. E. Bakken, C. H. Hauser, H. Gjermundrd, and A. Bose. Towards more flexible and robust data delivery for monitoring and control of the electric power grid. Technical Report EECS-GS-009, Washington State University, May 2007.
2. M. Burrows, M. Abadi, and R. Needham. A logic of authentication. ACM Transactions on Computer Systems, 8(1):18-36, 1990.
3. "Microsoft TechNet. Certificate Life Cycle, URL: http://www.microsoft.com/technet/prodtechnol/ windows2000serv/reskit/dist
4. F. Cleveland. IEC TC57 security standards for the power system's information-infrastructure beyond simple encryption. URL: http://xanthus-consulting.com/Publications/, June 2007.
5. T. Dierks and C.Allen. The TLS protocol. RFC 2246, 1999. http://www.ietf.org/rfc/rfc2246.txt.
6. N. Doraswamy and D. Harkins. IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks. Prentice Hall PTR, 2003.
7. National Institute of Standards and Technology (NIST). Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. NIST Special Publication (NIST SP) 800-67, May 2004.
8. National Institute of Standards and Technology (NIST). Advanced Encryption Standard (AES). Federal Information Processing Standards Publication (FIPS PUB) 197, Nov 2001.
9. National Institute of Standards and Technology (NIST). Data Encryption Standard (DES). Federal Information Processing Standards Publication (FIPS PUB) 46-3, October 1999.
10. National Institute of Standards and Technology (NIST). Secure Hash Signature Standard (SHS). Federal Information Processing Standards Publication (FIPS PUB) 180-2, August 2002.
11. K. H. Gjermundrd. Flexible QoS-Managed Status Dissemination Middleware Framwork for the Power Grid. PhD thesis, Washington State University, August 2006.
12. C. H. Hauser, D. E. Bakken, and A. Bose. A failure to communicate: next generation communication requirements, technologies, and architecture for the electric power grid. Power and Energy Magazine, IEEE, 3(2):47-55, April 2005.
13. Sun Microsystems. Java SE Security, Sun Developer Network URL: http://java.sun.com/javase/technologies/security Last checked 05.15.09.
14. H. Khurana. Scalable security and accounting services for content-based publish/subscribe systems. In SAC '05: Proceedings of the 2005 ACM symposium on Applied computing, pages 801-807, New York, NY, USA, 2005. ACM.
15. N. Modadugu and E. Rescorla. The design and implementation of datagram TLS. In 11th Annual Network and Distributed System Security Symposium, San Diego, CA " February 2004. http://crypto.stanford.edu/ nagendra/papers/dtls.pdf, Last checked 05.15.09.
16. L. Opyrchal and A. Prakash. Secure distribution of events in content-based publish subscribe systems. In SSYM'01: Proceedings of the 10th conference on USENIX Security Symposium, pages 21-21, Berkeley, CA, USA, 2001. USENIX Association.
17. L. I. W. Pesonen, D. M. Eyers, and J. Bacon. Encryption-enforced access control in dynamic multi-domain publish/subscribe networks. In DEBS '07: Proceedings of the 2007 inaugural international conference on distributed event-based systems, pages 104-115, New York, NY, USA, 2007. ACM Press.
18. C. Raiciu and D. Rosenblum. Enabling confidentiality in content-based publish/subscribe infrastructures. In Proc. Second IEEE Communications Society/CreateNet Int. Conf. on Security and Privacy in Communication Networks (SecureComm 2006), Aug.-Sep. 2006.
19. R. Rivest. RFC 1321: The MD5 message-digest algorithm, April 1992. MIT Laboratory for Computer Science and RSA Data Security, Inc.
20. B. Schneier. Description of a new variable-length key, 64-bit block cipher (blowfish). In Fast Software Encryption, Cambridge Security Workshop Proceedings, pages 191-204. Springer-Verlag, December 1993.
21. J. G. Steiner, B. C. Neuman, and J. I. Schiller. Kerberos: An authentication service for open network systems. In Winter 1988 Usenix Conference, pages 191-202, Dallas, February 1988.
22. C. Wang, A. Carzaniga, D. Evans, and A. Wolf. Security issues and requirements for internet-scale publish-subscribe systems. In HICSS '02: Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 9, page 303, Washington, DC, USA, 2002. IEEE Computer Society.
23. J. Weiss. Java Cryptography Extensions: Practical Guide for Programmers. Morgan Kaufmann, 1 edition, 2004.
24. ITU Telecommunication Standardization Sector (ITI-T). ITU-T RECOMMENDATION X.509, July 2005, URL: http://www.itu.int/rec/T-REC-X.509-200508-I/en.