The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Insider attacks in which misbehaving Virtual Machines (VMs) take part of the cloud system and learn about its internal vulnerabilities constitute a major threat against cloud resources and infrastructure. This demands setting up continuous and comprehensive security arrangements to restrict the effects of such attacks. However, limited security resources prohibit full detection coverage on all VMs...
In todays cloud market, providers are taking advantage of consumer reviews and ratings as a new marketing tool to establish their credibility. However, to achieve higher ratings, they need to enhance their service quality which comes with an additional cost. In this paper, we model this conflicting situation as a Stackelberg game between a typical service provider and multiple service users in a cloud...
As the usage of smart devices is increasing, malware affecting such devices is rapidly evolving as well. Security risks affecting the confidentiality, integrity, and privacy of smart devices are rapidly emerging. Mobile security suites exist to defend the device against malware and other intrusions. However, they require extensive resources which is a constraint of the device itself. In this paper,...
Security has been identified to be the principal stumbling-block preventing users and enterprises from moving their businesses to the cloud. The reason is that cloud systems, besides inheriting all the vulnerabilities of the traditional computing systems, appeal to new types of threats engendered mainly by the virtualization concept that allows multiple users' virtual machines (VMs) to share a common...
In this paper, we address the problem of detecting misbehaving vehicles in Vehicular Ad-Hoc Network using VANET QoS-OLSR, Quality of Service-Optimized Link State Routing protocol. VANET QoS-OLSR is a clustering protocol that is able to increase the stability of the network while maintaining the QoS requirements. However, in this protocol, vehicles can misbehave either by under-speeding or over- speeding...
This paper intends to investigate stress level detection of a driver during real world driving experiment. This detection is based on heart rate variability (HRV) analysis which is derived from ECG signal and reflects autonomic nervous system state of the human body. The alteration of autonomic nervous system predicts the stress level of drivers during driving operation and permits a safe driving...
The success and continuation of cloud computing depends to a large extent on the quality and performance of the offered services. We propose in this paper a novel architecture for cloud computing called Community-based Cloud Computing whose main goal is to improve the quality and performance of the cloud services. In this architecture, cloud services sharing the same domain of interest are partitioned...
This paper looks into ways of supporting social Web services react to the behaviors that their peers expose at run time. Examples of behaviors include selfishness and unfairness. These reactions are associated with actions packaged into capabilities. A capability allows a social Web service to stop exchanging private details with a peer and/or to suspend collaborating with another peer, for example...
Mobile virtualization is a key technology that is witnessing widespread adoption to realize multi-persona functionality capable of accommodating work, personal, and mobility needs on a single mobile terminal. Yet, unlike virtualization on servers and desktop machines, mobile virtualization is more challenging due to the limited resources on mobiles platforms in terms of CPU, memory and battery. The...
Policy-based computing is taking an increasing role in providing real-time decisions and governing the systematic interaction among distributed cloud and Web services. XACML has been known as the de facto standard widely used by many vendors for specifying access control and context-aware policies. Accordingly, the size and complexity of XACML policies are significantly growing to cope with the evolution...
In this paper, we detect two attacks targeting the QoS-OLSR protocol MANET. The Cluster-based model QoS-OLSR is a multimedia protocol designed on top of Optimized Link State Routing (OLSR) protocol. The quality of service (QoS) of the nodes is considered during the selection of the multi-point relays (MPRs) nodes. In this work, we identify two attacks that can be launched against the QoS-OLSR protocol:...
In this paper, we address the problem of botnet detection by correlating information from trusted hosts and network. Botnets are groups of compromised computers controlled by a botmaster through a command and control (C&C) channel. They are noted as one of the foremost security threat causing large scale attacks such as Distributed Denial of Service (DDoS), Spam, mass identity theft and click...
By handling the orchestration, composition and interaction of Web services, the Business Process Execution Language (BPEL) has gained tremendous interest. However, such process-based language does not assure a secure environment for Web services composition. The key solution cannot be seen as a simple embed of security properties in the source code of the business logic since the dynamism of the BPEL...
In this paper, we introduce our approach for the automatic generation of BPEL (Business Process Execution Language) aspects from security policies. It is based on a synergy between policies, Aspect-Oriented Programming (AOP) and composition of web services. Our proposed approach allows first to transform security policies into BPEL aspects. Then, the generated aspects are weaved in the BPEL process...
The QOLSR is a multimedia protocol that was designed on top of the Optimized Link State Routing (OLSR) protocol. It considers the Quality of Service (QoS) of the nodes during the selection of the Multi-Point Relay (MPRs) nodes. One of the drawbacks of this protocol is the network lifetime, where nodes with high bandwidth but limited energy can be selected to serve as MPRs. This would drain the nodes'...
We introduce in this paper an abstract language on top of XACML (eXtensible Access Control Markup Language) for web services security. It is based on the automatic generation of XACML security policies from abstract XACML profile(s). Our proposed approach allows first to specify the XACML profiles, which are then translated using our intended compiler into XACML security policies. The main contributions...
In this paper, we address the problems related to the applicability and useability of security patterns. In this context, we propose a new approach based on aspect-oriented programming (AOP) for security patterns development, specification and deployment. Our approach allows the security experts to deliver their security patterns that describe the steps and actions required for security solutions,...
We propose in this paper a new approach for the dynamic enforcement of Web services security, which is based on a synergy between Aspect-Oriented Programming (AOP) and composition of Web services. Security policies are specified as aspects. The elaborated aspects are then weaved (integrated) in the Business Process Execution Language (BPEL) process at runtime. The main contributions of our approach...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.