On the Evolution of Adversary Models for Security Protocols - from the Beginning to Sensor Networks
Virgil D. Gligor - University of Maryland
Apr 26, 2006Size: 175.7MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractInvariably, new technologies introduce new vulnerabilities which, in principle,
enable new attacks by increasingly potent adversaries. Yet new systems are more
adept at handling well-known attacks by old adversaries than anticipating
new ones. Our adversary models seem to be perpetually out of date: often they
do not capture adversary attacks enabled by new vulnerabilities and sometimes
address attacks rendered impractical by new technologies.
In this talk, I provide a brief overview of adversary models beginning with
those required by program and data sharing technologies, continuing with those
required by computer communication and networking technologies, and ending with
those required by mobile ad-hoc and sensor network technologies. I argue that
mobile ad-hoc and sensor networks require new adversary models (e.g., different
from those of Dolev-Yao and Byzantine adversaries). I illustrate this with
adversaries that attack perfectly sensible and otherwise correct protocols of
mobile ad-hoc and sensor networks. These attacks cannot be countered with
traditional security protocols as they require emergent security properties.
About the SpeakerVirgil D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees
from the University of California at Berkeley. He has been at
the University of Maryland since 1976, and is currently a
Professor of Electrical and Computer Engineering. He is an
Editorial Board member of the ACM Transactions on Information System
Security, IEEE Transactions on Dependable and Secure Computing, and
IEEE Transactions on Computers. Over the past three decades, his
research interests ranged from access control mechanisms, penetration
analysis, and denial-of-service protection to cryptographic protocols
and applied cryptography.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.