Supply chain cyber security: A Russian outlook
Development of information and communication technologies (ICT) is a key aspect of modernising the Russian economy. Russia is gradually approaching developed countries in terms of ICT infrastructure and Internet access. Along with opportunities opened by the rapid development and proliferation of ICT, systemic threats to security of critical components of public and private infrastructures are becoming increasingly more serious. Accordingly, achieving an acceptable level of supply chains’ cyber security, and managing relevant risks, are turning into top priorities of the national policy.
This volume contains the papers selected for presentation at the 18th European Symposium on Research in Computer Security (ESORICS 2013), held during September 9–13, 2013, in Egham, UK. In response to the symposium’s call for papers, 242 papers were submitted to the conference from 38 countries. These papers were evaluated on the basis of their significance, novelty, technical quality, as well as on their practical impact and/or their level of advancement of the field’s foundations. The Program Committee’s work was carri ed out electronically, yielding in- tensive discussions over a period of a few weeks. Of the papers submitted, 43 were selected for presentation at the conf erence (resulting in an acceptance rate of 18%). We note that many top-quality submissions were not selected for pre- sentation because of the high technical level of the overall submissions, and we are certain that many of these submissions will, nevertheless, be published at other competitive forums in the future.
In a collaborative system, the agents collaborate to achieve a common goal, but they are not willing to share some sensitive private information.
The question is how much damage can be done by a malicious participant sitting inside the system.
We assume that all the participants (including internal adversaries) have bounded memory – at any moment, they can store only a fixed number of messages of a fixed size. The Dolev–Yao adversaries can compose, decompose, eavesdrop, and intercept messages, and create fresh values (nonces), but within their bounded memory.
We prove that the secrecy problem is PSPACE-complete in the bounded memory model where all actions are balanced and a potentially infinite number of the nonce updates is allowed.
We also show that the well-known security protocol anomalies (starting from the Lowe attack to the Needham–Schroeder protocol) can be rephrased within the bounded memory paradigm with the explicit memory bounds.
The article reviews the main events of the Third International Summer School on Cyber Law, organized by the Laboratory of information law (National Research University Higher School of Economics, Russia).
This year applications for participation in the summer school were submitted from the UK, Italy, Germany, Slovakia, Armenia, India, Belarus, Kyrgyzstan and from different cities of the Russian Federation. In the framework of the summer school the most current research trends in the field of information law and intellectual property law were touched, new problems and new issues were raised, and solutions were suggested. Among the guests of the summer school were representatives of IBM, Yandex, Google, MegaFon, Wargaming.net, Kaspersky lab, as well as professors of foreign universities.
Intense program of the summer school included a discussions on legal aspects of development and introduction of cognitive systems, legal regulation in the field of computer games, novelties of the Russian information legislation, relevant issues of telecommunication law and copyright, legal aspects of cyber security, as well as other important legal issues in IT/IP sphere.
Large attention of participants was paid to the problems of enforcing the new Russian legislation on the requirements to the information dissemination organizers on the Internet and popular bloggers. In light of enacting this legislation the questions of websites blocking were raised again. In the field of telecommunications law the issues of legal regulation of OTT-services were the most disputable. The legal aspects of the computer games industry which were discussed in the summer school include the issues of legal protection of computer games as objects of intellectual property, as well as the issues of e-commerce in the area of online computer games.
A special event in the framework of the summer school program was the master-class of foreign professors on how to write articles in English to international peer-reviewed journals.
It is well-known that the Dolev-Yao adversary is a powerful adversary. Besides acting as the network, intercepting, sending, and composing messages, he can remember as much information as he needs. That is, his memory is unbounded.
We recently proposed a weaker Dolev-Yao like adversary, which also acts as the network, but whose memory is bounded. We showed that this Bounded Memory Dolev-Yao adversary, when given enough memory, can carry out many existing protocol anomalies. In particular, the known anomalies arise for bounded memory protocols, where there is only a bounded number of concurrent sessions and the honest participants of the protocol cannot remember an unbounded number of facts nor an unbounded number of nonces at a time. This led us to the question of whether it is possible to infer an upper-bound on the memory required by the Dolev-Yao adversary to carry out an anomaly from the memory restrictions of the bounded protocol. This paper answers this question negatively (Theorem 2).
The second contribution of this paper is the formalization of Progressing Collaborative Systems that may create fresh values, such as nonces. In this setting there is no unbounded adversary, although bounded memory adversaries may be present. We prove the NP-completeness of the reachability problem for Progressing Collaborative Systems that may create fresh values.
Recent work on structure-preserving signatures studies optimality of these schemes in terms of the number of group elements needed in the verification key and the signature, and the number of pairing-product equations in the verification algorithm. While the size of keys and signatures is crucial for many applications, another important aspect to consider for performance is the time it takes to verify a given signature. By far, the most expensive operation during verification is the computation of pairings. However, the concrete number of pairings that one needs to compute is not captured by the number of pairing-product equations considered in earlier work. To fill this gap, we consider the question of what is the minimal number of pairings that one needs to compute in the verification of structure-preserving signatures. First, we prove lower bounds for schemes in the Type II setting that are secure under chosen message attacks in the generic group model, and we show that three pairings are necessary and that at most one of these pairings can be precomputed. We also extend our lower bound proof to schemes secure under random message attacks and show that in this case two pairings are still necessary. Second, we build an automated tool to search for schemes matching our lower bounds. The tool can generate automatically and exhaustively all valid structure-preserving signatures within a user-specified search space, and analyze their (bounded) security in the generic group model. Interestingly, using this tool, we find a new randomizable structure-preserving signature scheme in the Type II setting that is optimal with respect to the lower bound on the number of pairings, and also minimal with respect to the number of group operations that have to be computed during verification.
Many security protocols rely on the assumptions on the physical properties in which its protocol sessions will be carried out. For instance, Distance Bounding Protocols take into account the round trip time of messages and the transmission velocity to infer an upper bound of the distance between two agents. We classify such security protocols as Cyber-Physical. Time plays a key role in design and analysis of many of these protocols. This paper investigates the foundational differences and the impacts on the analysis when using models with discrete time and models with dense time. We show that there are attacks that can be found by models using dense time, but not when using discrete time. We illustrate this with a novel attack that can be carried out on most distance bounding protocols. In this attack, one exploits the execution delay of instructions during one clock cycle to convince a verifier that he is in a location different from his actual position. We propose a Multiset Rewriting model with dense time suitable for specifying cyber-physical security protocols. We introduce Circle-Configurations and show that they can be used to symbolically solve the reachability problem for our model. Finally, we show that for the important class of balanced theories the reachability problem is PSPACE-complete.
Activities such as clinical investigations (CIs) or financial processes are subject to regulations to ensure quality of results and avoid negative consequences. Regulations may be imposed by multiple governmental agencies as well as by institutional policies and protocols. Due to the complexity of both regulations and activities, there is great potential for violation due to human error, misunderstanding, or even intent. Executable formal models of regulations, protocols and activities can form the foundation for automated assistants to aid planning, monitoring and compliance checking. We propose a model based on multiset rewriting where time is discrete and is specified by timestamps attached to facts. Actions, as well as initial, goal and critical states may be constrained by means of relative time constraints. Moreover, actions may have non-deterministic effects, i.e. they may have different outcomes whenever applied. We present a formal semantics of our model based on focused proofs of linear logic with definitions. We also determine the computational complexity of various planning problems. Plan compliance problem, for example, is the problem of finding a plan that leads from an initial state to a desired goal state without reaching any undesired critical state. We consider all actions to be balanced, i.e. their pre- and post-conditions have the same number of facts. Under this assumption on actions, we show that the plan compliance problem is PSPACE-complete when all actions have only deterministic effects and is EXPTIME-complete when actions may have non-deterministic effects. Finally, we show that the restrictions on the form of actions and time constraints taken in the specification of our model are necessary for decidability of the planning problems.
In this paper we consider choice problems under the assumption that the preferences of the decision maker are expressed in the form of a parametric partial weak order without assuming the existence of any value function. We investigate both the sensitivity (stability) of each non-dominated solution with respect to the changes of parameters of this order, and the sensitivity of the set of non-dominated solutions as a whole to similar changes. We show that this type of sensitivity analysis can be performed by employing techniques of linear programming.
The paper examines the structure, governance, and balance sheets of state-controlled banks in Russia, which accounted for over 55 percent of the total assets in the country's banking system in early 2012. The author offers a credible estimate of the size of the country's state banking sector by including banks that are indirectly owned by public organizations. Contrary to some predictions based on the theoretical literature on economic transition, he explains the relatively high profitability and efficiency of Russian state-controlled banks by pointing to their competitive position in such functions as acquisition and disposal of assets on behalf of the government. Also suggested in the paper is a different way of looking at market concentration in Russia (by consolidating the market shares of core state-controlled banks), which produces a picture of a more concentrated market than officially reported. Lastly, one of the author's interesting conclusions is that China provides a better benchmark than the formerly centrally planned economies of Central and Eastern Europe by which to assess the viability of state ownership of banks in Russia and to evaluate the country's banking sector.
This work looks at a model of spatial election competition with two candidates who can spend effort in order to increase their popularity through advertisement. It is shown that under certain condition the political programs of the candidates will be different. The work derives the comparative statics of equilibrium policy platform and campaign spending with respect the distribution of voter policy preferences and the proportionality of the electoral system. In particular, it is whown that the equilibrium does not exist if the policy preferences are distributed over too narrow an interval.
The article examines "regulatory requirements" as a subject of state control over business in Russia. The author deliberately does not use the term "the rule of law". The article states that a set of requirements for business is wider than the legislative regulation.
First, the article analyzes the regulatory nature of the requirements, especially in the technical field. The requirements are considered in relation to the rule of law. The article explores approaches to the definition of regulatory requirements in Russian legal science. The author analyzes legislation definitions for a set of requirements for business. The author concludes that regulatory requirements are not always identical to the rule of law. Regulatory requirements are a set of obligatory requirements for entrepreneurs’ economic activity. Validation failure leads to negative consequences.
Second, the article analyzes the problems of the regulatory requirements in practice. Lack of information about the requirements, their irrelevance and inconsistency are problems of the regulatory requirements in Russia.
Many requirements regulating economic activity are not compatible with the current development level of science and technology. The problems are analyzed on the basis of the Russian judicial practice and annual monitoring reports by Higher School of Economics.
Finally, the author provides an approach to the possible solution of the regulatory requirements’ problem. The author proposes to create a nationwide Internet portal about regulatory requirements. The portal should contain full information about all regulatory requirements. The author recommends extending moratorium on the use of the requirements adopted by the bodies and organizations of the former USSR government.