Security In Distributed Systems Research Articles

Time Protection in Operating Systems and Speaker Legitimacy Detection

Timing-based side-channel attacks are a particularly tricky class of attacks to deal with because the very thing you’re often striving for can give you away. There are always more creative new instances of attacks to be found, so you need a principled way of thinking about defenses that address the class, not just a particular instantiation. That’s what Ge et al. give us in "Time Protection, the Missing OS Abstraction." Just as operating systems prevent spatial inference through memory protection, so future operating systems will need to prevent temporal inference through time protection. It’s going to be a long road to get there. The second paper chosen for this edition comes from NDSS’19 (Network and Distributed System Security Symposium) and studies the physiological and social implications of the ever-improving abilities of voice-imitation software. It seems people may be especially vulnerable to being fooled by fake voices. "The crux of voice (in)security: a brain study of speaker legitimacy detection," by Neupane et al., is a fascinating study with implications far beyond just the technology.

Mathematical Base and Deduction of Security Region for Distribution Systems With DER

This paper presents the mathematical definition and deduction for distribution system security region (DSSR), which lays a foundation for the DSSR theory. The DSSR is the set of all the N-1 secure operating points in the state space of a distribution system. First, this paper proposes the strict mathematical definition of DSSR, which defines that a set can be called a “region” only if three mathematical conditions are satisfied. Then, the N-1 security is deducted, based on which DSSR is proved existing and is mathematically deducted. As a basic feature of the future smart distribution system with distributed energy resources, the bidirectional power flow is fully considered in the deduction. In the conclusion, the observation and mathematical deduction both show the existence of security region for any distribution system.

Distribution Network Security Situation Awareness Method Based on Security Distance

Situation awareness (SA) refers to the process of perception, comprehension, and state projection of the system, elements, and environmental factors within a volume of time and space. The security assessment is an important part of SA for distribution networks. In this paper, the distribution system security region (DSSR) is used for SA for the first time, and a security SA method based on security distance (SD) is proposed. First, based on the existing DSSR, which is defined as the set of all operating points (OPs) satisfying N - 1 security criterion, this paper supplements the N - 0 DSSR satisfying normal operating constraints. Second, calculate SDs between the OP and security boundaries to determine whether an OP is secure. If one is secure, its SDs can give the security margin; while if one is insecure, its SDs can give the degree of insecurity and the fault, or the overload components can be recognized via the cross security boundary analysis. The situation comprehension for the distribution network security is realized through the above-mentioned information. Third, the security level of distribution networks in the future can be predicted by the trends of SDs. Finally, the feasibility and effectiveness of the proposed method are verified by an actual distribution network case.

Securing electronic health system using crystographic technique

Telemedicine application mostly takes place in advance settlements, where important medical information is to be effectively secured and transmitted on public networks. Whilst the data is accessed by an illegitimate individual, it may lead to malicious attack or any modification of medical image can result in misdiagnosis. The notion of medical information storage in automated form arose immediate concerns about healthcare data security and privacy. The need to design a secure distributed system to provide adequate authentication of patient data and confidentiality of patient medical record becomes imminent. This paper addresses confidentiality issues of electronic health record (EHR) in clinic tele-diagnostic system using crystographic technique. The developed crystographic algorithm embraces discrete wavelet transform (DWT) steganography technique instead of the traditional least significant bit (LSB) technique thereby providing required data robustness, payload capacity and imperceptibility of patient data over tele-consultation in Tele-clinic diagnostic scenario. Results of quantitative performance evaluation of host medical image of the EHR system showed an encrypted imperceptible and robust stego image of peak signal to noise ratio (PSNR) greater than 40 db. Results of evaluation portray a system capable of providing countermeasures against eavesdropping attack in data communication networks in clinic tele-consultations.

Polarization attack on continuous-variable quantum key distribution

The shot-noise unit (SNU) is a crucial factor for the practical security of a continuous-variable quantum key distribution system. In the most widely used experimental scheme, the SNU should be calibrated first and acts as a constant during the key distribution. However, the SNU of a practical system is dependent on the various parameters of the local oscillator (LO), which can be controlled by the eavesdropper in the open channel. In this paper, we report a quantum hacking method to control the practical SNU by using the limited compensation rate of the polarization compensation. Since the compensation is only based on of the polarization measurement results of part of LO pulses, the polarization of other unmeasured pulses may not be compensated correctly, which can be utilized by the eavesdropper to control the practical SNU. The simulation and experiment results indicate that the practical SNU can be controlled by the eavesdropper. Thus, the eavesdropper can use the fact that the practical SNU is no longer equals to the calibrated one to control the excess noise and final key rate.

India 2025: the public distribution system and National Food Security Act 2013

ABSTRACTThe Government of India introduced the National Food Security Act (NFSA) 2013 to strengthen the public distribution system (PDS) in India. Extending the PDS service network is a contentious issue, especially for India’s rural regions. This article aims to estimate the level of expansion of the PDS network, additional food grain requirement, and increased storage facilities required to serve the growing population of India up to 2025. The statistical analysis highlights the need for significant changes in the PDS to meet NFSA, and the findings can aid policy-makers to design a more robust PDS.

Monitoring the intercept-resend attack with the weak measurement model

Unconditional security of the quantum key distribution protocol has been proved, but the practical quantum key distribution system may be attacked by utilizing imperfect state preparation and measurement devices. To improve security of the practical quantum key distribution system, we propose the weak measurement model to monitor the intercept-resend eavesdropping strategy in the quantum channel, where the detector-blinding attack and the wavelength attack can be observed through the quantum bit error rate value in the weak measurement model.

Island operation capability in the Colombian electrical market: a promising ancillary service of distributed energy resources

Nowadays most distributed generators are not designed to operate under islanded conditions. The ancillary service of islanded operation capability is proposed as a technical support service with the ability to increase the reliability, security and flexibility of an electrical distribution system. Nevertheless, island operation entails technical, economic and social issues that must be discussed and analyzed during the planning stage.This article compares an intentional island project to a preplanned island and describes the main issues and benefits of islanded operation. Additionally, the reliability of the service to implement the islanded operation capability as an ancillary service is economically assessed, which shows that island-based operation has the potential to minimize non-supplied energy up to 50%. Also, a technical analysis of implementing island operation capability ancillary service is presented. Subsequently, an existing electrical distribution system with small hydropower plants is considered as a study case in order to identify the technical requirements set out for both, the distribution system and the generation source. Finally, taking into account the current Law and regulations, a proposal is outlined for the implementation of the island operation capability ancillary service in the Colombian electrical system.

Management and coordination of LTC, SVR, shunt capacitor and energy storage with high PV penetration in power distribution system for voltage regulation and power loss minimization

The optimal coordination of load tap changers (LTCs), step voltage regulators (SVRs), switched shunt capacitors (SCs) and energy storages (ESs) with high penetration of photovoltaic (PV) energy sources for simultaneously minimizing energy loss and improving voltage profile are performed using genetic algorithm (GA). The GA is developed to find out the optimal settings of the LTCs, SVRs and SCs, including the dispatch of energy storages. The influence of the PV penetration level on voltage profile and tap movement is to be analyzed. Five scenarios are involved in this case study. In the first scenario, regulator devices are disabled and voltage profile is monitored and recorded. When the LTC is enabled in the second scenario, the voltage profile is propped up yet still below the voltage limits. The voltage is regulated within the limits, when the SVRs are enabled in the third scenario. In the fourth scenario, switching ‘on’ the capacitor banks increases the voltage profile. This maintains the distribution system security as the voltage profile gets flattened off. Finally, the integration of the ES warrants voltage profile improvement, particularly when the voltage is low at night. The voltage deviation is substantially lowered as well from a 0.063 pu without the ES to a 0.018 pu with the ES. The proposed method is applied to the IEEE 123 test feeder, using time series analysis over a diurnal 24-h simulation period. Test results clearly show that the close coordination among the VAR control devices and energy storage scales back system energy losses and upholds voltage at customer terminals within statutory limits, under high penetration levels of solar-fueled generation. Comparison between proposed method with evolutionary algorithm (EA) and particle swarm optimization (PSO) are investigated that shows the proposed algorithm has better results than the other approaches.

Asynchronous Arbitrary Pattern Formation: the effects of a rigorous approach

Given any multiset F of points in the Euclidean plane and a set R of robots such that $$|R|=|F|$$ , the Arbitrary Pattern Formation (APF) problem asks for a distributed algorithm that moves robots so as to reach a configuration similar to F. Similarity means that robots must be disposed as F regardless of translations, rotations, reflections, uniform scalings. Initially, each robot occupies a distinct position. When active, a robot operates in standard Look–Compute–Move cycles. Robots are asynchronous, oblivious, anonymous, silent and execute the same distributed algorithm. So far, the problem has been mainly addressed by assuming chirality, that is robots share a common left–right orientation. We are interested in removing such a restriction. While working on the subject, we faced several issues that required close attention. We deeply investigated how such difficulties were overcome in the literature, revealing that crucial arguments for the correctness proof of the existing algorithms have been neglected. The systematic lack of rigorous arguments with respect to necessary conditions required for providing correctness proofs deeply affects the validity as well as the relevance of strategies proposed in the literature. Here we design a new deterministic distributed algorithm that fully characterizes APF showing its equivalence with the well-known Leader Election problem in the asynchronous model without chirality. Our approach is characterized by the use of logical predicates in order to formally describe our algorithm as well as its correctness. In addition to the relevance of our achievements, our techniques might help in revising previous results. In fact, it comes out that well-established results like (Fujinaga et al. in SIAM J Comput 44(3):740–785, 2015), more recent approaches like (Bramas and Tixeuil, in: Proceedings of the 35th ACM SIGACT-SIGOPS symposium on principles of distributed computing (PODC), 2016; Bramas and Tixeuil, in: Proceedings of the 18th international symposium on stabilization, safety, and security of distributed systems (SSS), 2016) and ‘unofficial’ results like (Dieudonne et al., in: CoRR arXiv:0902.2851 , 2009) revealed to be not correct.

Distribution network reconfiguration comprehensively considering N −1 security and network loss

Efficiency pursuit of the distribution system operation should be on the premise of security. This study proposes the network reconfiguration (NR) approach comprehensively considering N -1 security and network loss. A new approach called distribution system security region (DSSR) is first applied in NR problem. The DSSR is the feasible operation space of a system within N -1 security criterion and can quantify the N -1 security margin. Then, the NR is formulated by using the minimum network loss as objective function and the N -1 security margin, which is provided by the DSSR, as constraints. Moreover, the security margin constraints can be customised for each feeder individually, yielding proper compromises between security-related and efficient concerns. Different NR results for multiple security and efficiency requirements are presented on an extended IEEE-RBTS test system. Compared with the traditional minimum-loss NR, the proposed approach reduces the network loss as much as possible with desired security margin, well balancing the security and efficiency of NR.

Advanced unambiguous state discrimination attack and countermeasure strategy in a practical B92 QKD system

Even though unconditional security of B92 quantum key distribution (QKD) system is based on the assumption of perfect positive-operator-valued measures, practical B92 systems only utilize two projective measurements. Unfortunately, such implementation may degrade the security of the B92 QKD system due to Eve’s potential attack exploiting the imperfection of system. In this paper, we propose an advanced attack strategy with an unambiguous state discrimination (USD) measurement which makes practical B92 QKD systems insecure even under a lossless channel. In addition, we propose an effective countermeasure against the advanced USD attack model by monitoring double-click events. We further address a fundamental approach to make the B92 QKD system tolerable to attack strategies with USD measurements using a multi-qubit scheme.

Progress on Protection Strategies to Mitigate the Impact of Renewable Distributed Generation on Distribution Systems

The benefits of distributed generation (DG) based on renewable energy sources leads to its high integration in the distribution network (DN). Despite its well-known benefits, mainly in improving the distribution system reliability and security, there are challenges encountered from a protection system perspective. Traditionally, the design and operation of the protection system are based on a unidirectional power flow in the distribution network. However, the integration of distributed generation causes multidirectional power flows in the system. Therefore, the existing protection systems require some improvement or modification to address this new feature. Various protection strategies for distribution system have been proposed so that the benefits of distributed generation can be fully utilized. This paper reviews the current progress in protection strategies to mitigate the impact of distributed generation in the distribution network. In general, the reviewed strategies in this paper are divided into: (1) conventional protection systems and (2) modifications of the protection systems. A comparative study is presented in terms of the respective benefits, shortcomings and implementation cost. Future directions for research in this area are also presented.

Monitoring of continuous-variable quantum key distribution system in real environment.

How to guarantee the practical security of continuous-variable quantum key distribution (CVQKD) system has been an important issue in the quantum cryptography applications. In contrast to the previous practical security strategies, which focus on the intercept-resend attack or the Gaussian attack, we investigate the practical security strategy based on a general attack, i.e., an arbitrated individual attack or collective attack on the system by Eve in this paper. The low bound of intensity disturbance of the local oscillator signal for eavesdropper successfully concealing herself is obtained, considering all noises can be used by Eve in the practical environment. Furthermore, we obtain an optimal monitoring condition for the practical CVQKD system so that legitimate communicators can monitor the general attack in real-time. As examples, practical security of two special systems, i.e., the Gaussian modulated coherent state CVQKD system and the middle-based CVQKD system, are investigated under the intercept-resend attacks.

Observation of Security Region Boundary for Smart Distribution Grid

This paper observes the boundary of distribution system security region (DSSR). DSSR is defined as a set of all the operating points satisfying N-1 security constraints. First, the basic concepts of N-1 security are introduced for distribution system under smart grid background. Then, the dividing phenomenon of operating points security is reported, which indicates that DSSR boundary of a given distribution network exists. Moreover, an approximation method based on N-1 simulation is proposed in order to find DSSR boundary. Then, the observation results of the DSSR boundary are presented for the expanded reliability Busbar test system BUS4 case. The topological characteristics of DSSR boundary are further summarized, which show that the DSSR is a dense set and its boundary is approximately linear. This paper indicates the existence of DSSR and gives a method to observe it. Finally, the benefit of DSSR is illustrated by its typical applications.

Scaled Multiobjective Optimization of an Intensive Early Warning System for Water Distribution System Security

AbstractPerformance of an early warning system composed of online monitoring sensors for protecting municipal water supply is dependent on the number of sensors deployed. The inherent trade-off of ...

Awareness of Beneficiaries Regarding Public Distribution System/Food Security Bill

The study was conducted to assess awareness and utilization of various provisions under Public Distribution System (PDS) and Food Security Bill (FSB) in Hisar district of Haryana state. Three urban...

Incorporating Operational Uncertainty in Early Warning System Design Optimization for Water Distribution System Security

Incorporating a system of monitoring stations to insure high quality water is being delivered to consumers has been acknowledged a crucial component required by any public water distribution system (WDS). Extensive studies have acknowledged the risk posed to large populations by an accidental or intentional contamination intrusion within a WDS; failure of an early warning system (EWS) to report a contamination event carries profound economic and public health consequences. Dynamic, stochastic conditions exist in municipal WDSs and a monitoring system needs to be designed according to a robust protocol that incorporates the inherent uncertainty in WDS operation, including: demand variability, and contamination event characteristic variability. This work composes the problem of locating the best junctions within a WDS to place fixed monitoring stations, and the best junctions to input innovative inline mobile sensors, in a multi-objective framework that incorporates uncertainty in the network's demands and EWS operation. Mobile sensors are carried by flow within pipes sampling and monitoring water quality in real time, and wirelessly uploading data to fixed transceiver beacons, providing an implicit preference towards demand dense regions. A multi-objective noisy messy genetic algorithm is structured to the problem at hand and employed on a small, medium, and large-scale model WDS to calculate near-optimal solutions from the large solutions space. This multi-objective framework provides high performing trade off (Pareto) sets comparing an EWS's system cost to numerous performance objectives incorporating non-deterministic objective functions to provide a high performing and resilient EWS. Results show a large trade off surface between the cost and the respective system's performance, with large diminishing returns. Although implementing a more expensive solution may provide little to no benefit from a traditional performance standpoint, implementing a system of higher cost can increase the systems resiliency, highlighting the importance of incorporating proper objective measures in optimization procedure.

Measurement device independent quantum key distribution assisted by hybrid qubit

Measurement device independent Quantum Key Distribution (MDI-QKD), is immune to all attacks on detection and achieve immense improvement with respect to quantum key distribution system security. However, Bell state measurement (BSM), the kernel processing in MDI-QKD, can only identify two of the four Bell states, which limits the efficiency of the protocol. In this paper, a modified MDI-QKD with hybrid qubit is proposed to provide a major step towards answering this question. The hybrid qubits, which are composed of single photon qubit qubits and coherent qubit, are sent to the quantum relay to perform parallel BSMs synchronously and bit flip can be easily operated to complete the whole key distribution process. The secure key rate can be improved with our modified protocol owing to the higher success probability of BSM, which is increased by adding the parity check of coherent qubit. Furthermore, though our protocol requires photon number resolving detectors, the BSM of coherent state could be instead implemented using squeezed state which makes our scheme practical with state-of-the-art devices.

Practical security of continuous-variable quantum key distribution with finite sampling bandwidth effects

Practical security of the continuous-variable quantum key distribution (CVQKD) system with finite sampling bandwidth of analog-to-digital converter (ADC) at the receiver's side is investigated. We find that the finite sampling bandwidth effects may decrease the lower bound of secret key rate without awareness of the legitimate communicators. This leaves security loopholes for Eve to attack the system. In addition, this effect may restrains the linear relationship of secret key bit rate with repetition rate of the system; subsequently, there is a saturation value for the secret key bit rate with the repetition rate. To resist such kind of effects, we propose a dual sampling detection approach in which two ADCs are employed so that the finite sampling bandwidth effects are removed.