The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Information privacy protection is an essential problem in internal networks. The Bell-LaPadula Model (abbreviated BLP) is a state machine model used for enforcing access control, while it can't be used for networks. L-BLP model is designed for Local Area Networks(LAN) while it can't be proved security. We reveal the security problems in L-BLP and propose a security model based on BLP. We define five...
Covert timing channel may compromise multi-level security system, it's necessary to eliminate or restrict them. Jamming covert timing channel is a main method to restrict the channel's capacity, but existing works' jamming strategies don't take the packets arriving rate and queue's length into account, the jamming strategies they use may affect the overt channel's availability. This paper proposes...
3G networks are currently facing severe traffic overload problems caused by excessive demands of mobile users. Offloading part of the 3G traffic through other forms of networks, such as Delay Tolerant Networks (DTNs), WiFi hotspots, and Femtocells, is a promising solution. However, since these networks can only provide intermittent and opportunistic connectivity to mobile users, utilizing them for...
The recent popularization of hand-held mobile devices, such as smartphones, enables the inter-connectivity among mobile users without the support of Internet infrastructure. When mobile users move and contact each other opportunistically, they form a Delay Tolerant Network (DTN), which can be exploited to share data among them. Data replication is one of the common techniques for such data sharing...
Data access is an important issue in Delay Tolerant Networks (DTNs), and a common technique to improve the performance of data access is cooperative caching. However, due to the unpredictable node mobility in DTNs, traditional caching schemes cannot be directly applied. In this paper, we propose DAC, a novel caching protocol adaptive to the challenging environment of DTNs. Specifically, we exploit...
The upcoming vehicular communication standard IEEE 802.11p adopts a Carrier Sense Multiple Access (CSMA) based MAC protocol, in which the mobile nodes listen to the wireless channel before transmission. In this paper, we show the disadvantages of the CSMA for Vehicular Ad Hoc Network (VANET): 1) lack of the assurance of the delivery delay for the emergent safety messages; 2) poor performance on periodically...
Middle Boxes serve for the security in Data Center Networks (DCNs). Together with the growth of the services and applications in DCNs, flexible and scalable middle box deployment is highly required. The current middle box deployment methods are error prone. In this paper we propose Policy Aware Data center network (PAD), a flexible and scalable middle box provisioning architecture. PAD supports traditional...
The administrator shall implement multilevel security policy in a multilevel security network system. The policy must ensure the information flow from low level host to the same level host or high level host, and prevent the information flow from high level host to low level host, but traditional network is difficult to meet the requirement. This paper proposes a design of multi-level security network...
In this paper, we propose a (2, n) secret image sharing scheme with precise reconstruction for binary, grayscale and color image. In sharing phase, XOR-based secret sharing scheme is utilized and each participant is required to hold a certain number of shares, each having the same size as the secret image. In revealing phase, each two participants can recover the original secret image precisely by...
The privacy protection is an important issue for suspicious MANETs, a kind of Mobile Ad-hoc Networks (MANETs) that the nodes do not trust each other. One vital problem of the privacy protection in suspicious MANETs is that the malicious nodes may abuse the privacy protection to initiate some attacks that can not be tracked. As a solution to this problem, this paper proposes a universal controllable...
The security and trustworthiness of enterprise networks have been a major concern in the research and practice of Intranet security. The security of endpoints and their network access are inevitably two important factors regarding enterprise network security. In this paper we present a novel architecture to enforce controls on endpoint application execution and network access, in which the policy...
The trustworthiness of application plays a key role in the overall trustworthiness of computer systems. However, the current uncontrolled way of application execution brings difficulties in providing sufficient application trustworthiness. In this paper we present a server-based application execution architecture to reinforce the application-level trustworthiness, with reference to trusted computing...
As a primary mean of authentication, static password based authentication methods suffer from high risk in current insecure network environment. The one-time password (OTP) authentication scheme is proposed to efficiently resist the replay attack and the guessing attack. However, current one-time password schemes bring new problems. The OTP schemes of challenge-response are hard to integrate into...
A multilevel security (MLS) model with credibility characteristics, the credibility-based Bell-LaPadula (CBLP) security model, has been proposed to resolve the problem of trusted subjectspsila hidden security flaw and poor system usability in present MLS systems in the previous paper of the authors. A sampling statistics method is proposed in this paper to evaluate the availability of the CBLP model...
Lattice basis reduction algorithms have contributed a lot to cryptanalysis of RSA systems. A typical application is Boneh-Durfee's seminal work for breaking low private key RSA (and its successors in other applications). Although it's well known that this technique is not guaranteed to succeed, there is no thorough proof yet when it fails. In this paper, we summarize the Boneh-Durfee-like algorithms...
The paper proposes a novel secure distributed disk system. By dynamically exploiting file-system semantics of on-disk data blocks and sensing activities of the local file system, the disk system can be integrated with the current file systems seamlessly without changing the standard block interface between them and can efficiently manage accesses to the files from multiple hosts. And the disk system...
As a popular application layer signaling protocol, Session Initiation Protocol (SIP) has been adopted by telecom NGN, 3G IMS, and various Internet and enterprise applications. The payment mechanism is an important enhancement for SIP services and can bring economic incentives to the service providers. This paper proposes SIPCoin, a new real-time payment scheme for SIP services based on hash chain...
The session initiation protocol (SIP) is one popular signaling protocol used in many collaborative applications like VoIP, instant messaging and presence. In this paper, we evaluate one well-known SIP proxy server (i.e. OpenSER) on two multi-core platforms: SUN Niagara and Intel Clovertown, which are installed with Solaris OS and Linux OS respectively. Through the evaluation, we identify three factors...
Session Initiation Protocol (SIP) is one building block for IP Multimedia Subsystem (IMS) and Next Generation Network (NGN), and is becoming ubiquitous in Internet telephony services. Therefore, the performance issue of SIP servers is becoming crucial. In this paper, SIP stack processing is identified to be CPU-bound in nature and dominates the system overhead for common SIP server scenarios. These...
With the development of network communication and collaboration, distributed denial-of-service (DDos) attack increasingly becomes one of the hardest and most annoying network security problems to address. In this paper, we present a new framework to detect the DDos attacks according to the packet flows of specific protocols. Our aim is to detect the attacks as early as possible and avoid the unnecessary...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.