The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper examines service migration in a new computing paradigm, the cloud computing environment (CCE), by examining security and integration issues associated with service implementation. We postulate that a cloud architecture will evolve to be both more flexible and heterogeneous in resources because of the services complexity demanded by organizations. This introduces additional, but tractable,...
DDoS attacks to servers cause the dysfunctional condition and finally bring the server to be stopped. Previous researches to detect and defense for DDoS attacks have shown that the entropy for the source IP address or destination port number is the effective metric to detect these DoS/DDoS attacks. In the organization incoming the small amount of packets, the window width to calculate an entropy value...
In this paper, we introduce a new scheme for performing IT Risk Management within organizational domains. It adopts a business process-oriented view which integrates risk assessment, vulnerability assessment and risk mitigation into a quantitative framework. Taking the asset dependencies into account, we map business process values to IT hardware components in a hierarchical fashion and combine it...
In July 2008, the Kaminsky attack showed that DNS is sensitive to cache poisoning, and DNSSEC is considered the long term solution to mitigate this attack. A lot of technical documents provide configuration and security guide lines to deploy DNSSEC on organization's servers. However, such documents do not provide ISP or network administrators inputs to plan or evaluate the cost of the migration. This...
Security and privacy are two prime barriers to adoption of the cloud computing. To address this problem on Infrastructure-as-a-Service model, a trusted cloud computing platform model has been proposed to provide a closed box execution environment that guarantees confidential execution of guest virtual machines. However this model has significant drawbacks that it relies on the trusted third party...
Security risk management is becoming increasingly important in a variety of areas related to information technology (IT), such as telecommunications, cloud computing, banking information systems, etc. In this paper, we develop a systematic quantitative framework for security risk management in IT-intensive organizations. This framework provides a unified viewpoint for considering a wide array of security...
As organizations become larger and larger, a worldwide enterprise may involve many regional branches, and also form partnerships with other organizations. Therefore it becomes necessary to implement authentication systems which are capable of working across multiple security domains or internet domains. We proposed an effective scheme which can implement virtual identity federation by establishing...
Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not...
Cloud computing has become a popular computing paradigm in which virtualized and scalable resources are consolidated to provide services over Internet. However, the resource capability of a single cloud is generally limited, and some applications often require various cloud centers over Internet to deliver services together. Therefore, a Virtual Organization (VO) will be a promising approach to integrate...
A billing system consists of many components that allow an end user to be able to add, view, print, or perform normal billing operations. These components can be in the form of servers, desktops, laptops, routers, firewalls, printers, and other appliances. All of these components connect together in some form to make up the complete billing system. The security of the whole billing system is reliant...
Early detection methods are required to prevent the DoS / DDoS attacks. The detection methods using the entropy have been classified into the long-term entropy based on the observation of more than 10,000 packets and the short-term entropy that of less than 10,000 packets. The long-term entropy have less fluctuation leading to easy detection of anomaly accesses using the threshold, while having the...
Many enterprises, organizations, governments and militaries are all facing a problem: how to protect their confidential documents, especially how to prevent them from being unauthorized copied or redistributed is a serious trouble as lacking of mechanism to forbid this action at present. In this paper we propose a Secure Confidential Document Model (SCDM). The document under the proposed model is...
The credential collection method plays a vital role in automated trust negotiation (ATN) systems. Most existing work used the traditional trust negotiation method, which brings a much heavy burden to the credential server and causes blind credential fetching problem. This paper presents a distributed proving and negotiation (DPN) algorithm for trust management. DPN can intelligently carry out a remote...
The methods for intrusion detection systems (IDS) are based on identification and prevention of attacks and threats to computer systems, but there are few studies concerning forecasting approaches. Similarly to other sciences (e.g. seismology, meteorology, and economics) in which extent efforts are done for forecasts, trend analysis could also be employed in information security field. The aim of...
This paper develops a framework for analyzing security risk dependencies in organizations and ranking the risks. The framework captures how risk `diffuses' via complex interactions and reaches an equilibrium by introducing a risk-rank algorithm. A conceptual structure of an organization-comprised of business units, security threats/vulnerabilities, and people-is leveraged for modeling risk dependencies...
The proposed scheme presents the real time security managing methods that can be implemented using RFID, biometric and smart messaging. Entry doors to restricted areas are controlled using the biometric machines. Registered staff manages their entry through their RFID card, which is verified with biometric. The relay in the biometric reader will unlock the door if the verification is successful after...
Information security breaches pose major threats to the reliable execution of corporate strategies and may have negative effects on business value. Information security risk management (ISRM) provides an effective approach for assessing, mitigating, and evaluating information security risks. Existing ISRM approaches are highly accepted but demand very detailed knowledge about the IT security domain...
This article, from the prospect of P2P e-commerce advantages and challenges, discusses the risks of P2P e-commerce issues, and points out that trust is the basis of all business activities. Business organizations should take certain measures against risks from P2P e-commerce. The effective confidence-building mechanism can enable e-commerce more secure, reduce the risk of people's expectations, and...
Workflow management systems (WFMS) are concerned with the control and coordination of operational business processes, called workflows. When workflow technology is deployed in domains where processes have simple coordinative requirements, the flow of control and data may be easily mapped onto process effectiveness. With the diversity of resources, subjects and activities in the system, ensuring a...
Incident post-mortem analysis after recovery from incidents is recommended by most incident response experts. An analysis of why and how an incident happened is crucial for determining appropriate countermeasures to prevent the recurrence of the incident. Currently, there is a lack of structured methods for such an analysis, which would identify the causes of a security incident. In this paper, we...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.