The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The following topics were discussed: data security, cryptography, electronic voting system, business management, distributed systems, risk management, software engineering, etc.
We propose in this paper a framework in which the security policies of services in a distributed environment can be expressed. Services interact by exchanging credentials. Each service is made up of an access control policy protecting the access to the service, and of a trust negotiation policy controlling the accessibility of the credentials for other services. We add a workflow layer for each service...
IPv6 is an attractive technology for innovative services such as health care monitoring, alarm systems, peer to peer applications, virtual machine systems and so on. The generalization of end to end paradigm, possible due to the length of IPv6 addresses, eases the deployment of such services. Nevertheless end to end connection can be a threat since application can be easily accessible from outside...
The paper describes a protocol for Secure E-Mail Infrastructure for establishing trust between different domains in order to protect mail servers from spam messages. The protocol uses messages for trusted interactions between intra and inter E-mail domain components, Secure E-mail (SEM) servers and Secure Mail Infrastructure (SMI) servers. In addition, the protocol validates E-mail addresses thus...
Recently, the use of formal methods to specify and verify properties of electronic voting (e-voting) systems, with particular interest in security, verifiability, and anonymity, is getting much attention. Formal specification and verification of such systems can greatly help to better understand the system requirements by thoroughly specifying and analyzing the underlying assumptions and security...
Many companies have to share various types of information containing private data without being aware about the threats related to such non-controlled disclosure. Therefore we propose a solution to support these companies to evaluate the disclosure risk for all their types of data; by recommending the safest configurations using a smart bootstrapping system.
Declassification is required for most programs which manipulate protected data to process their results. In highly-secure programs, the declassification decision must be taken explicitly, which means that data or operations which are being declassified are known. This decision is critical and must be supported by automated verifications, which determine the risk of information leakage related to a...
Anomaly based intrusion detection systems rely on the build of a normal behavior model. When a deviation from this normal behavior is detected, an alert is raised. This anomaly approach, unlike the misuse approach, is able to detect unknown attacks. A basic technique to build such a model for a program is to use the system call sequences of the process. To improve the accuracy and completeness of...
This paper extends VAMPiRE, a stealth breakpoint framework specifically tailored for microscopic malware analysis. Stealth breakpoints are designed to provide unlimited number of code, data and I/O breakpoints that cannot be detected or countered. However, in this paper we present several attacks that can be used to detect and counter VAMPiRE. We then present a solution towards preventing such attacks...
Covert channels are a mechanism that allows an attacker to parasitically place messages within a legitimate channel. Detection of these covert channels can have consequences for an attacker. Not only is the ability to communicate lost or compromised, but analysis of the channel can lead to the identity of the attacker themselves. If the attacker is a wanted criminal or foreign intelligence service,...
From information security point of view, an enterprise is considered as a collection of assets and their interrelations. These interrelations may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or installation of software or information assets in hardware. As a result, access to one element may enable access to another...
The major contribution of this paper is the introduction of a reference model which is capable to consider information acquired within the business process management and risk management domain. The central objective of the reference model is to enable the modeling of risk aspects in such a way that it provides the foundation for risk-aware business process simulations. Within this paper, we firstly...
The automation of power grids by means of supervisory control and data acquisition (SCADA) systems has led to an improvement of power grid operations and functionalities but also to pervasive cyber interdependencies between power grids and telecommunication networks. Many power grid services are increasingly depending upon the adequate functionality of SCADA system which in turn strictly depends on...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.