Página 12 dos resultados de 8247 itens digitais encontrados em 0.026 segundos

Scholarship for service: IA tutorials and workshops for educators

Falby, Naomi B.
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Relatório
Português
Relevância na Pesquisa
37.244236%
In 2003 and 2004 the Center for Information Systems Security Studies and Research (CISR) at the Naval Postgraduate School organized tutorials and workshops with the intent of increasing the capacity of the United States higher education enterprise to produce professionals in the fields of Information Assurance (IA) and computer security. The target audience of the workshops has been 2-year college, 4-year college, and university-level educators who have responsibility for teaching curricula that are, or could be, related to IA issues. Participation by instructors from institutions serving underrepresented groups was high. Attendance at the tutorials was maximized both years. The format for each workshop was three sequential sessions: a tutorial session, a refereed paper session, and a working session. This sequence allowed newer practitioners to become knowledgeable about the basics of IA, provided an opportunity for experienced practitioners to present new ideas for discussion, and allowed both groups to interact in a problem solving context to develop solutions for point issues presented by the workshop. The tutorial sessions, attended by 19 participants in 2003 and 20 participants in 2004, provided education to faculty about the fundamentals of information assurance and computer security and to improve their instructional capability in these areas. The participants indicated that they benefited substantially from both the tutorials and the subsequent gathering of IA educators at the Workshop on Education in Computer Security (WECS).

FireViz : a personal firewall visualizing tool; FireViz : a personal network firewall visualizing tool

Sharma, Nidhi
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 95 p.; 4618721 bytes; 4622665 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
37.244236%
In this thesis, I present FireViz, a personal firewall visualizing tool. FireViz visually displays activities of a personal firewall in real time. The primary goal of FireViz is to educate typical computer users of the security threats their computers are exposed to when connected to a network and expose any potential loop holes in the firewall's security policies. To this end, FireViz presents a novel visualization paradigm that provides users with an informative yet non-intrusive interface to their network and firewall. FireViz achieves this by incorporating a peripheral mapping of the network on the user's screen and displaying network events along this periphery. Information about network events is encoded visually to help users develop a more intuitive model of the network at a low cost. The peripheral nature of FireViz along with the use of non-modal visual displays allows users to easily understand network events without obstructing their primary tasks. The visualization is also capable of highlighting exceptional events that may represent potential threats without relying on the end user to understand ally threat model. Thus, FireViz aims to provide users with a superior framework for understanding the network security model and achieving improved system security in the process.; by Nidhi Sharma.; Thesis (M. Eng.)--Massachusetts Institute of Technology...

IT Security Issues Within the Video Game Industry

Mohr, Stephen; Rahman, Syed Shawon
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 07/11/2011 Português
Relevância na Pesquisa
37.259363%
IT security issues are an important aspect for each and every organization within the video game industry. Within the video game industry alone, you might not normally think of security risks being an issue. But as we can and have seen in recent news, no company is immune to security risks no matter how big or how small. While each of these organizations will never be exactly the same as the next, there are common security issues that can and do affect each and every video game company. In order to properly address those security issues, one of the current leading video game companies was selected in order to perform an initial security assessment. This security assessment provided a starting point upon which specific goals and procedures were determined to help mitigate those risks. The information contained within was initially completed on the case study but has been generalized to allow the information to be easily applied to any video game company.; Comment: 16 pages

Reasoning About Information Flow Security of Separation Kernels with Channel-based Communication

Zhao, Yongwang; Sann, David; Zhang, Fuyuan; Liu, Yang
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 17/10/2015 Português
Relevância na Pesquisa
37.259363%
Assurance of information flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for separation kernels, ARINC 653 has been complied with by mainstream separation kernels. Security of functionalities defined in ARINC 653 is thus very important for the development and certification of separation kernels. This paper presents the first effort to formally specify and verify separation kernels with ARINC 653 channel-based communication. We provide a reusable formal specification and security proofs for separation kernels in Isabelle/HOL. During reasoning about information flow security, we find some security flaws in the ARINC 653 standard, which can cause information leakage, and fix them in our specification. We also validate the existence of the security flaws in two open-source ARINC 653 compliant separation kernels.; Comment: 17 pages, 4 figures

Security policies for distributed systems

Quilbeuf, Jean; Igna, Georgeta; Bytschkow, Denis; Ruess, Harald
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 14/10/2013 Português
Relevância na Pesquisa
37.259363%
A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between processes that do not exchange messages directly. We show that implicitly defined security policies in distributed systems are enforced, provided that processes run in separation, and possible process communication on a technical platform is restricted to specified message paths of the system. Furthermore, we propose to further restrict the allowable information flow by adding filter functions for controlling which messages may be transmitted between processes, and we prove that locally checking filter functions is sufficient for ensuring global security policies. Altogether, global intransitive security policies are established by means of local verification conditions for the (trusted) processes of the distributed system. Moreover, security policies may be implemented securely on distributed integration platforms which ensure partitioning. We illustrate our results with a smart grid case study, where we use CTL model checking for discharging local verification conditions for each process under consideration.; Comment: Submitted to POST14

Non-profit Organizations' Need to Address Security for Effective Government Contacting

Rice, Lee; Rahman, Shawon
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 30/11/2015 Português
Relevância na Pesquisa
37.259363%
The need for information security within small to mid-size companies is increasing. The risks of information security breach, data loss, and disaster are growing. The impact of IT outages and issues on the company are unacceptable to any size business and their clients. There are many ways to address the security for IT departments. The need to address risks of attacks as well as disasters is important to the IT security policies and procedures. The IT departments of small to medium companies have to address these security concerns within their budgets and other limited resources.Security planning, design, and employee training that is needed requires input and agreement from all levels of the company and management. This paper will discuss security needs and methods to implement them into a corporate infrastructure.

Composable security of delegated quantum computation

Dunjko, Vedran; Fitzsimons, Joseph F.; Portmann, Christopher; Renner, Renato
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
37.277156%
Delegating difficult computations to remote large computation facilities, with appropriate security guarantees, is a possible solution for the ever-growing needs of personal computing power. For delegated computation protocols to be usable in a larger context---or simply to securely run two protocols in parallel---the security definitions need to be composable. Here, we define composable security for delegated quantum computation. We distinguish between protocols which provide only blindness---the computation is hidden from the server---and those that are also verifiable---the client can check that it has received the correct result. We show that the composable security definition capturing both these notions can be reduced to a combination of several distinct "trace-distance-type" criteria---which are, individually, non-composable security definitions. Additionally, we study the security of some known delegated quantum computation protocols, including Broadbent, Fitzsimons and Kashefi's Universal Blind Quantum Computation protocol. Even though these protocols were originally proposed with insufficient security criteria, they turn out to still be secure given the stronger composable definitions.; Comment: 37+9 pages, 13 figures. v3: minor changes...

Software as a Service: Analyzing Security Issues

Chouhan, Pushpinder Kaur; Yao, Feng; Yerima, Suleiman Y.; Sezer, Sakir
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 07/05/2015 Português
Relevância na Pesquisa
37.259363%
Software-as-a-service (SaaS) is a type of software service delivery model which encompasses a broad range of business opportunities and challenges. Users and service providers are reluctant to integrate their business into SaaS due to its security concerns while at the same time they are attracted by its benefits. This article highlights SaaS utility and applicability in different environments like cloud computing, mobile cloud computing, software defined networking and Internet of things. It then embarks on the analysis of SaaS security challenges spanning across data security, application security and SaaS deployment security. A detailed review of the existing mainstream solutions to tackle the respective security issues mapping into different SaaS security challenges is presented. Finally, possible solutions or techniques which can be applied in tandem are presented for a secure SaaS platform.; Comment: International Conference on Big Data and Analytics for Business (BDAB 2014), New Delhi, India, Dec. 28-29 2014

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

Hilker, Michael; Schommer, Christoph
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 07/05/2008 Português
Relevância na Pesquisa
37.259363%
Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is distinguished. The security system then checks the node from outside and the right security components are provided through a service oriented architecture. Due to the running in a virtual machine, the infected nodes can be halted, duplicated, and moved to other nodes for further analysis and legal aspects. This organisation is in this article analysed and a preliminary implementation showing promising results are discussed.; Comment: 4 pages

Security and Privacy Issues in Wireless Mesh Networks: A Survey

Sen, Jaydip
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 05/02/2013 Português
Relevância na Pesquisa
37.259363%
This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.; Comment: 62 pages...

Rethinking Security Incident Response: The Integration of Agile Principles

Grispos, George; Glisson, William Bradley; Storer, Tim
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 11/08/2014 Português
Relevância na Pesquisa
37.259363%
In today's globally networked environment, information security incidents can inflict staggering financial losses on organizations. Industry reports indicate that fundamental problems exist with the application of current linear plan-driven security incident response approaches being applied in many organizations. Researchers argue that traditional approaches value containment and eradication over incident learning. While previous security incident response research focused on best practice development, linear plan-driven approaches and the technical aspects of security incident response, very little research investigates the integration of agile principles and practices into the security incident response process. This paper proposes that the integration of disciplined agile principles and practices into the security incident response process is a practical solution to strengthening an organization's security incident response posture.; Comment: Paper presented at the 20th Americas Conference on Information Systems (AMCIS 2014), Savannah, Georgia

NetSecCC: A Scalable and Fault-tolerant Architecture without Outsourcing Cloud Network Security

He, Jin; Dong, Mianxiong; Ota, Kaoru; Fan, Minyu; Wang, Guangwei
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 04/05/2014 Português
Relevância na Pesquisa
37.277156%
Modern cloud computing platforms based on virtual machine monitors carry a variety of complex business that present many network security vulnerabilities. At present, the traditional architecture employs a number of security devices at front-end of cloud computing to protect its network security. Under the new environment, however, this approach can not meet the needs of cloud security. New cloud security vendors and academia also made great efforts to solve network security of cloud computing, unfortunately, they also cannot provide a perfect and effective method to solve this problem. We introduce a novel network security architecture for cloud computing (NetSecCC) that addresses this problem. NetSecCC not only provides an effective solution for network security issues of cloud computing, but also greatly improves in scalability, fault-tolerant, resource utilization, etc. We have implemented a proof-of-concept prototype about NetSecCC and proved by experiments that NetSecCC is an effective architecture with minimal performance overhead that can be applied to the extensive practical promotion in cloud computing.; Comment: 10pages, 10figures

Development of a Window Based Security System for Electronic Data Interchange

Philip, Achimugu; Oluwatolani, Oluwagbemi; Joshua, Abah
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 04/08/2011 Português
Relevância na Pesquisa
37.244236%
The Electronic Data Interchange (EDI) is the exchange of standardized documents between computer systems for business use. The objective of this study is to make Electronic Data Interchange secure to use and to eliminate human intervention in the transfer of data between business partners so that productivity and efficiency can be improved and also promote its usage between two or more trading organizations. This paper provides an overview of EDI by describing the traditional problems of exchanging information in business environments and how the EDI solves those problems and gives benefits to the company that makes use of EDI. This paper also introduces the common EDI Standards and explains how it works, how it is used over the internet and the security measures implemented. The system was executed on both local area network and wide area network after a critical study of the existing EDI methods and also implemented using VB.Net programming language. Finally, an interactive program was developed that handles the transfer of files, with special attention to the security of the items that are being transferred from one computer workstation to another.; Comment: Submitted to Journal of Computer Science and Engineering, see http://sites.google.com/site/jcseuk/volume-7-issue-2-june-2011

VoIP Technology: Security Issues Analysis

Lazzez, Amor
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 08/12/2013 Português
Relevância na Pesquisa
37.259363%
Voice over IP (VoIP) is the technology allowing voice and multimedia transmissions as data packets over a private or a public IP network. Thanks to the benefits that it may provide, the VoIP technology is increasingly attracting attention and interest in the industry. Actually, VoIP allows significant benefits for customers and communication services providers such as cost savings, rich media service, phone and service portability, mobility, and the integration with other applications. Nevertheless, the deployment of the VoIP technology encounters many challenges such as architecture complexity, interoperability issues, QoS issues, and security concerns. Among these disadvantages, VoIP security issues are becoming more serious because traditional security devices, protocols, and architectures cannot adequately protect VoIP systems from recent intelligent attacks. The aim of this paper is carry out a deep analysis of the security concerns of the VoIP technology. Firstly, we present a brief overview about the VoIP technology. Then, we discuss security attacks and vulnerabilities related to VoIP protocols and devices. After that, we talk about the security profiles of the VoIP protocols, and we present the main security components designed to help the deployment of a reliable and secured VoIP systems.; Comment: 9 pages

A Framework for Hybrid Systems with Denial-of-Service Security Attack

Wang, Shuling; Nielson, Flemming; Nielson, Hanne Riis
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
37.244236%
Hybrid systems are integrations of discrete computation and continuous physical evolution. The physical components of such systems introduce safety requirements, the achievement of which asks for the correct monitoring and control from the discrete controllers. However, due to denial-of-service security attack, the expected information from the controllers is not received and as a consequence the physical systems may fail to behave as expected. This paper proposes a formal framework for expressing denial-of-service security attack in hybrid systems. As a virtue, a physical system is able to plan for reasonable behavior in case the ideal control fails due to unreliable communication, in such a way that the safety of the system upon denial-of-service is still guaranteed. In the context of the modeling language, we develop an inference system for verifying safety of hybrid systems, without putting any assumptions on how the environments behave. Based on the inference system, we implement an interactive theorem prover and have applied it to check an example taken from train control system.; Comment: 19 pages, 1 figures, the short version was accepted by FORTE 2014

M-Banking Security - a futuristic improved security approach

Navale, Geeta S.; Joshi, Swati S.; Deshmukh, Aaradhana A.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 05/02/2010 Português
Relevância na Pesquisa
37.277156%
In last few decades large technology development raised various new needs. Financial sector has also no exception. People are approaching all over the world to fulfill there dreams. Any sector needs to understand changing need of customer. In order to satisfy financial need for customer banks are taking help of new technology such as internet. Only problem remain is of security. The aim of this work is to provide a secure environment in terms of security for transaction by various ways. In order to improve security we are making use of "Steganography" technique in the way never used before. Task of enhancing security include construction of formula for both data encryption and also for hiding pattern. Server should not process any fake request hence concept of custom "Session id" and "Request id" is introduced. Implementation of such a security constraints in banking sector not only help to serve customer in better way but also make customer confident and satisfy.; Comment: International Journal of Computer Science Issues, IJCSI, Vol. 7, Issue 1, No. 2, January 2010, http://ijcsi.org/articles/M-Banking-Security-a-futuristic-improved-security-approach.php

A Tale of Two Mechanisms: Incentivizing Investments in Security Games

Naghizadeh, Parinaz; Liu, Mingyan
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 25/03/2015 Português
Relevância na Pesquisa
37.259363%
In a system of interdependent users, the security of an entity is affected not only by that user's investment in security measures, but also by the positive externality of the security decisions of (some of) the other users. The provision of security in such system is therefore modeled as a public good provision problem, and is referred to as a security game. In this paper, we compare two well-known incentive mechanisms in this context for incentivizing optimal security investments among users, namely the Pivotal and the Externality mechanisms. The taxes in a Pivotal mechanism are designed to ensure users' voluntary participation, while those in an Externality mechanism are devised to maintain a balanced budget. We first show the more general result that, due to the non-excludable nature of security, no mechanism can incentivize the socially optimal investment profile, while at the same time ensuring voluntary participation and maintaining a balanced budget for all instances of security games. To further illustrate, we apply the Pivotal and Externality mechanisms to the special case of weighted total effort interdependence models, and identify some of the effects of varying interdependency between users on the budget deficit in the Pivotal mechanism...

Convergence of Corporate and Information Security

Syed; Rahman, M.; Donahue, Shannon E.
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 09/02/2010 Português
Relevância na Pesquisa
37.259363%
As physical and information security boundaries have become increasingly blurry many organizations are experiencing challenges with how to effectively and efficiently manage security within the corporate. There is no current standard or best practice offered by the security community regarding convergence; however many organizations such as the Alliance for Enterprise Security Risk Management (AESRM) offer some excellent suggestions for integrating a converged security program. This paper reports on how organizations have traditionally managed asset protection, why that is changing and how to establish convergence to optimize security value to the business within an enterprise.; Comment: IEEE format, International Journal of Computer Science and Information Security, IJCSIS January 2010, ISSN 1947 5500, http://sites.google.com/site/ijcsis/

Complete Security Framework for Wireless Sensor Networks

Sharma, Kalpana; Ghose, M. K.; Kuldeep
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 02/08/2009 Português
Relevância na Pesquisa
37.277156%
Security concern for a Sensor Networks and level of security desired may differ according to application specific needs where the sensor networks are deployed. Till now, most of the security solutions proposed for sensor networks are layer wise i.e a particular solution is applicable to single layer itself. So, to integrate them all is a new research challenge. In this paper we took up the challenge and have proposed an integrated comprehensive security framework that will provide security services for all services of sensor network. We have added one extra component i.e. Intelligent Security Agent (ISA) to assess level of security and cross layer interactions. This framework has many components like Intrusion Detection System, Trust Framework, Key Management scheme and Link layer communication protocol. We have also tested it on three different application scenarios in Castalia and Omnet++ simulator.; Comment: 7 pages, International Journal of Computer Science and Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.423

Security properties in an open peer-to-peer network

Lalande, Jean-Francois; Rodriguez, David; Toinard, Christian
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 06/04/2010 Português
Relevância na Pesquisa
37.277156%
This paper proposes to address new requirements of confidentiality, integrity and availability properties fitting to peer-to-peer domains of resources. The enforcement of security properties in an open peer-topeer network remains an open problem as the literature have mainly proposed contribution on availability of resources and anonymity of users. That paper proposes a novel architecture that eases the administration of a peer-to-peer network. It considers a network of safe peer-to-peer clients in the sense that it is a commune client software that is shared by all the participants to cope with the sharing of various resources associated with different security requirements. However, our proposal deals with possible malicious peers that attempt to compromise the requested security properties. Despite the safety of an open peer-to-peer network cannot be formally guaranteed, since a end user has privileges on the target host, our solution provides several advanced security enforcement. First, it enables to formally define the requested security properties of the various shared resources. Second, it evaluates the trust and the reputation of the requesting peer by sending challenges that test the fairness of its peer-to-peer security policy. Moreover...