Controlling the language of security

September 18, 2009

Korean computer scientists have developed a security policy specification for home networks that could make us more secure from cyber attack in our homes. They report details in the International Journal of Ad Hoc and Ubiquitous Computing.

Companies, banks, and other organizations take internet security very seriously and usually have firewalls and IT departments to protect them from attack as a matter of course. Domestic and small office networks are just as vulnerable to hacking, malicious computer code, worms, viruses, and eavesdropping. An attack can wreak havoc on individuals and small businesses when security it compromised.

With home and small office networks connecting all kinds of devices - personal computers, mobile devices, remote security cameras, gaming consoles, and more - they represent an even more heterogeneous mix than many larger offices.

Now, Geon Woo Kim of the Electronics and Telecommunications Research Institute, in Korea, and colleagues there and at Kyungpook National University, have developed a specification for security policy on home networks that can guarantee reliability and availability. The specification also takes into account authentication, authorization, security policy deployment so that all users in the home are not only protected from malware but also can help ensure everyone can use the network when they need to.

Kim and his team explain that home networks most commonly have only a single gateway from the internet. Every packet of information must pass through this gateway at the border between the home network and the internet. It should act as a core component providing all security. "Whenever a new access to the home network is found, it should be able to authenticate and authorize it and enforce the security policy based on rules set by the home administrator," the team says.

However, to make such an approach effective but simple requires a way to consistently describe and specify the security policy. The computer scientists first turned to a computer markup language, eXtensible Access Control Markup Language (XACML). XACML is a general purpose language and so it lacks the notation for security policies and authorization rules. The team has now developed a related language - Home security Description Language, xHDL - that includes the necessary notation for securing a home network.

The new language consists of seven elements: combining-rule element, authentication element, user element, object element, object-group element, role element, and rule elements. Each of these terms within xHDL could be used to run a browser-based control centre. That program would provide the domestic administrator with simple control options to allow access to the home network only for specific devices and to control the packets of information that can pass through the gateway to and from the internet.
-end-
"Security policy specification for home network" in Int. J. Ad Hoc and Ubiquitous Computing, 2009, 4, 372-378

Inderscience Publishers

Related Internet Articles from Brightsurf:

Towards an unhackable quantum internet
Harvard and MIT researchers have found a way to correct for signal loss with a prototype quantum node that can catch, store and entangle bits of quantum information.

Swimming toward an 'internet of health'?
In recent years, the seemingly inevitable 'internet of things' has attracted considerable attention: the idea that in the future, everything in the physical world -- machines, objects, people -- will be connected to the internet.

Everything will connect to the internet someday, and this biobattery could help
In the future, small paper and plastic devices will be able to connect to the internet for a short duration, providing information on everything from healthcare to consumer products, before they are thrown away.

Your body is your internet -- and now it can't be hacked
Purdue University engineers have tightened security on the 'internet of body.' Now, the network you didn't know you had is only accessible by you and your devices, thanks to technology that keeps communication signals within the body itself.

What's next for smart homes: An 'Internet of Ears?'
A pair of electrical engineering and computer science professors in Cleveland, Ohio, have been experimenting with a new suite of smart-home sensors.

Child-proofing the Internet of Things
As many other current, and potentially future, devices can connect to the Internet researchers are keen to learn more about how so called IoT devices could affect the privacy and security of young people.

Quantum internet goes hybrid
ICFO researchers report the first demonstration of an elementary link of a hybrid quantum information network, using a cold atomic cloud and a doped crystal as quantum nodes as well as single telecom photons as information carriers.

Connecting up the quantum internet
Major leap for practical building blocks of a quantum internet: Published in Nature Physics, new research from an Australian team demonstrates how to dramatically improve the storage time of a telecom-compatible quantum memory, a vital component of a global quantum network.

Internet searches for suicide after '13 Reasons Why'
Internet searches about suicide were higher than expected after the release of the Netflix series '13 Reasons Why' about the suicide of a fictional teen that graphically shows the suicide in its finale, according to a new research letter published by JAMA Internal Medicine.

Weaponizing the internet for terrorism
Writing in the International Journal of Collaborative Intelligence, researchers from Nigeria suggest that botnets and cyber attacks could interfere with infrastructure, healthcare, transportation, and power supply to as devastating an effect as the detonation of explosives of the firing of guns.

Read More: Internet News and Internet Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.