The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The implementation of RFID technology in computer systems gives access to quality information on the location or object tracking in real time, thereby improving workflow and lead to safer, faster and better business decisions. This paper discusses the quantitative indicators of the quality of the computer system supported by RFID technology applied in monitoring facilities (pallets, packages and people)...
Hardware-Assisted Flow Integrity extension (HAFIX) was proposed as a defense against code-reuse attacks that exploit backward edges (returns). HAFIX provides finegrained protection by confining return addresses to only target call sites in functions active on the call stack. We study whether the backward-edge policy in HAFIX is sufficient to prevent code-reuse exploits on real-world programs. In this...
With deference to Butler Lampson, I present five hints specifically for building high-assurance cyber-physical systems: (1) use Turing-incomplete languages (2) simple interfaces are secure interfaces, (3) program the glue code and architecture, (4) system verification is a probabilistic game, and (5) high-assurance systems require a high-assurance culture.
Method for increasing protection level of desktop PC type computer software application and user data using smartphone is proposed and presented in this paper. Smartphones are widely used, almost every person has one and manufacturers of smartphones offer wide range of the devices. All desktop computer applications for some particular and special purposes have applied some kind of protection. This...
Since the first performance benchmarks proposed more than 25 years ago, the concept of comparing/ranking computer systems or components has proven to be a powerful instrument to promote the improvement of specific computer or software features. Following this path, many benchmarking studies have extended the benchmarking model initially proposed for performance to address the comparison of different...
Educational Universities are gradually enhancing the traditional delivery mode towards blended learning, virtual classrooms and distance learning with the help of technology to reach the various demands of programs needed by people around the world. Learners are looking for specific programs of their interest, regardless of the location. Modern learning trends depend more on the technology and electronic...
A panel of seven experts discusses the state of the practice of formal methods (FM) in software development, with a focus on FM's relevance to security.
Recent years people have witnessed a surge of interest in APT attack, due to its complex and persistent attack characteristics. In order to prevent APT attacks, this article studies and analyzes a large number of APT attack cases which have been disclosed, gives an overview of APT attack lifecycle and attack techniques. This paper discusses the purposes of APT attacks and APT attack characteristics...
Currently informatics resources are facing major security challenges carried out by hackers or computer criminals, which are increasing in number and improving their methods of attacking computer systems. For this reason, Equipment Computer Incident Response Teams (CSIRT) has been created to respond to several attacks in accidents or security breaches in the information resources of organizations...
PUF is a security primitive that exploits the fact that no two ICs are exactly the same. To verify a new PUF design, several metrics including uniqueness, reliability, and randomness must be evaluated, which requires various resources and a long set-up time. In this live demonstration, we have developed an automatically evaluation platform for the PUF design. To the authors' best knowledge, this is...
The rapid growth of computer technologies has resulted in a corresponding increase in the creation of new loopholes in systems which eventually might result in data leak. Data leakage is an incident in which sensitive information is released to any unauthorized party intentionally or unintentionally. There is a large set of software available which can be used to prevent data leak, however they fail...
In the IoT, massive distribution and long physical lifetimes will disrupt the "penetrate and patch" security paradigm that helps mitigate the consequences of the vulnerabilities endemic in individual systems. In this paper, we examine what will happen in the IoT if we build its systems the same way. We collect data and model the vulnerability blooms and patching delays in historical systems...
In election systems, there are many opportunities to incorporate forensic techniques and gather forensic evidence that can lead to determining the root cause of an anomaly. Although much has been written about security and forensic techniques in election systems, very little research has focused on measuring the forensic capabilities of election systems and mapping them to potential security safeguards...
In Geekonomics. The Real Cost of Insecure Software, David Rice argues that market forces drive most software manufacturers to pay scant attention to security. This paper reviews Mr. Rice's arguments taking into account the irruption of the Internet of Things (IoT). First, the document explores if the economic and societal forces driving the behaviors that result in insecure software will be modified...
Bitcoins have opened a new chapter in the arena of electronic financial transactions. Due to their decentralized nature and independence from the need of a third party for authorizing transactions, they are seen as an alternative choice for payments by many firms and financial institutions. But like all other prevalent financial transaction technologies, they are also having their securities issues...
In this paper, we describe the development and validation of three survey instruments designed to measure the human factor in information security and privacy. These instruments are intended to measure the extent to which people engage in the responses necessary to mitigate three different information security and privacy threats: computer performance compromise, personal information compromise, and...
Cyber-Physical Systems (CPS) are yielding novel problems and solutions for security researchers. CPSs connect computerized controllers and human supervisors with physical systems used in the energy, transportation, water, manufacturing, and other sectors. Recent attacks against CPS have prompted unprecedented investigation into new threats and mitigations against CPSs. There are motivating examples...
We are discussing a framework for formally modeling and analyzing the security of trusted boot processes. The presented framework is based on actor networks. It considers essential cyber-physical features of the system and how to check the authenticity of the software it is running.
Software security assurance is an important process in software development that protects the sensitive data and resources contained in and controlled by the software. Addressing security vulnerabilities at an early phase could decrease the cost of addressing them in later stages by two orders of magnitude. In order to detect vulnerabilities in Web services and Web applications in a scalable and accurate...
As a kind of critical system, safety-critical system is always used for the key areas such as aerospace, national defense, transportation, nuclear energy, health and so on, which require the high security. Due to the inherent defects which caused by the complexity of the organizational structure, and the external threats which caused by the open and dynamic environment, some unexpected results will...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.