Printer-friendly version

Browse the glossary using this index

Special | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | ALL

Page: (Previous)   1  ...  3  4  5  6  7  8
  ALL

S

Picture of Yee Wei Law

Stream ciphers

by Yee Wei Law - Sunday, 18 August 2024, 5:30 PM
 
See 👇 attachment.
PDF document l_sciphers.pdf
Tags:
Picture of Yee Wei Law

Systems Security Engineering

by Yee Wei Law - Tuesday, 7 March 2023, 3:21 PM
 

NIST provides guidelines on engineering trustworthy (see Definition 1) and cyber-resilient (see Definition 2) systems through NIST SP 800-160 volumes 1 and 2 [RWM22, RPG+21], to be used in conjunction with

  • ISO/IEC/IEEEE International Standard 15288:2015 [ISO15],
  • NIST SP 800-37 [Joi18] and
  • NIST SP 800-53 [Joi20].
Definition 1: Trustworthy [RWM22, p. 1]

Worthy of being trusted to fulfill whatever critical requirements may be needed for a particular component, subsystem, system, network, application, mission, enterprise or other entity.

Definition 2: Cyber-resilient [RPG+21, p. 1]

Able to anticipate, withstand, recover from, and adapt to adverse conditions, including stresses, attacks, and compromises on systems that use or are enabled by cyber resources.

đź“ť A cyber resource is an information resource which creates, stores, processes, manages, transmits, or disposes of information in electronic form and that can be accessed via a network or using networking methods; for example, a file or database.

A primary objective of NIST SP 800-160 volume 1 is to provide a basis for establishing a discipline for systems security engineering as part of systems engineering in terms of its principles, concepts, activities and tasks.

  • Systems engineering is a transdisciplinary and integrative approach to enabling the successful realisation, use, and retirement of engineered systems [RWM22, Sec. 2.2].
  • Systems security engineering is meant to provide complementary engineering capabilities that extend the concept of trustworthiness to deliver trustworthy systems [RWM22, p. 2].
  • Without going into details, Fig. 1 captures the workflow in the prescribed Systems Security Engineering Framework [RWM22, Sec. 4].
Fig. 1: The Systems Security Engineering Framework provides guidenlines on how to define the problem and how to develop a solution to achieve trustworthiness [RWM22, Fig. 10]. See [RWM22, Sec. 4] for details.

A primary objective of NIST SP 800-160 volume 2 is to provide guidance on how to apply cyber resilience concepts, constructs and engineering practices to systems security engineering and risk management for systems (e.g., enterprise IT, industrial control systems, Internet of Things) and organisations.

References

[ISO15] ISO, IEC and IEEE, ISO/IEC/IEEE International Standard 15288: Systems and software engineering – System life cycle processes, 2015. https://doi.org/10.1109/IEEESTD.2015.7106435.
[Joi18] Joint Task Force, Risk management framework for information systems and organizations: A system life cycle approach for security and privacy, NIST Special Publication 800-37 Revision 2, December 2018. https://doi.org/10.6028/NIST.SP.800-37r2.
[Joi20] Joint Task Force, Security and privacy controls for information systems and organizations, NIST Special Publication 800-53 Revision 5, September 2020. https://doi.org/10.6028/NIST.SP.800-53r5.
[RPG+21] R. Ross, V. Pillitteri, R. Graubart, D. Bodeau, and R. McQuaid, Developing cyberresilient systems: A systems security engineering approach, NIST Special Publication 800-160 Volume 2 Revision 1, December 2021. https://doi.org/10.6028/NIST.SP.800-160v2r1.
[RWM22] R. Ross, M. Winstead, and M. McEvilley, Engineering trustworthy secure systems, NIST Special Publication 800-160v1r1, November 2022. https://doi.org/10.6028/NIST.SP.800-160v1r1.

T

Picture of Yee Wei Law

Transport Layer Security

by Yee Wei Law - Sunday, 12 February 2023, 10:35 AM
 

TODO

Picture of Yee Wei Law

Trusted autonomy

by Yee Wei Law - Saturday, 28 June 2025, 4:02 PM
 

Trusted Autonomy (TA) is a field of research that focuses on understanding and designing the interaction space between two entities each of which exhibits a level of autonomy [APM+16].

References

[APM+16] H. A. Abbass, E. Petraki, K. Merrick, J. Harvey, and M. Barlow, Trusted autonomy and cognitive cyber symbiosis: Open challenges, Cognitive Computation 8 no. 3 (2016), 385–408. https://doi.org/10.1007/s12559-015-9365-5.
Picture of Yee Wei Law

Type checking

by Yee Wei Law - Saturday, 28 June 2025, 4:02 PM
 

Type checking checks that program statements are well-formed with respect to a typing logic [vJ11, p. 1255].

For example, integers can be added and functions can be called, but integers cannot be called and functions cannot be added.

Type checking can be used to ensure programs are type-safe, meaning that at every step of the execution, all values have well-defined and appropriate types, and that there is a valid next step of execution.

References

[vJ11] H. C. van Tilborg and S. Jajodia (eds.), Encyclopedia of Cryptography and Security, Springer, Boston, MA, 2011. https://doi.org/10.1007/978-1-4419-5906-5.

U

Picture of Yee Wei Law

Unified Threat Management

by Yee Wei Law - Friday, 7 March 2025, 10:45 AM
 

See attachment.

PDF document t_utm.pdf
Picture of Yee Wei Law

Universally composable security

by Yee Wei Law - Monday, 13 March 2023, 1:19 PM
 

First proposed by Canetti [Can01], the paradigm of universally composable security guarantees security even when a secure protocol is composed with an arbitrary set of protocols, or more generally when the protocol is used as a component of an arbitrary system.

  • It guarantees security even when an unbounded number of protocol instances are executed concurrently in an adversarially controlled manner.
  • It is an essential property for maintaining security of cryptographic protocols in complex and unpredictable environments such as the Internet.

References

[Can01] R. Canetti, Universally composable security: a new paradigm for cryptographic protocols, in Proceedings 42nd IEEE Symposium on Foundations of Computer Science, 2001, pp. 136–145. https://doi.org/10.1109/SFCS.2001.959888.
Picture of Yee Wei Law

USRP SDRs

by Yee Wei Law - Tuesday, 11 July 2023, 10:47 PM
 
Work in progress

Ettus’s wiki for B210.

Ettus’ wiki for X300/X310

Setting up UHD through Anaconda and GNU Radio.

Verifying operation.

PySDR: A Guide to SDR and DSP using Python, set up UHD following Ch. 6 (original instructions). Note highest Python version supported is 3.9. Use conda to save trouble.

Stuck at ldconfig:

/sbin/ldconfig.real: Can't link /usr/lib/wsl/lib/libnvoptix_loader.so.1 to libnvoptix.so.1
/sbin/ldconfig.real: /usr/lib/wsl/lib/libcuda.so.1 is not a symbolic link

UHD Python API

>>> x310 = uhd.usrp.MultiUSRP("type=x300")
[INFO] [X300] X300 initialization sequence...
Traceback (most recent call last):
  File "stdin", line 1, in module
  File "C:\Users\lawyw\Miniconda3\envs\gnuradio\Lib\site-packages\uhd\usrp\multi_usrp.py", line 30, in __init__
    super(MultiUSRP, self).__init__(args)
RuntimeError: RuntimeError: Expected FPGA compatibility number 39.0, but got 13.0:
The FPGA image on your device is not compatible with this host code build.
Download the appropriate FPGA images for this version of UHD.
As an Administrator, please run:

"C:\Users\lawyw\Miniconda3\envs\gnuradio\Library\bin\uhd\utils\uhd_images_downloader.py"

Then burn a new image to the on-board flash storage of your
USRP X3xx device using the image loader utility. Use this command:

"C:\Users\lawyw\Miniconda3\envs\gnuradio\Library\bin\uhd_image_loader" --args="type=x300,addr=192.168.10.2"

For more information, refer to the UHD manual:

 http://files.ettus.com/manual/page_usrp_x3x0.html#x3x0_flash

References

[] .

Page: (Previous)   1  ...  3  4  5  6  7  8
  ALL