The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Computer technology and the proliferation of networks that enabled data exchange between computers gave birth to the Internet and mankind realized the dawn of a new, virtual environment aptly named “cyberspace.” If you think about critical infrastructure, things that come to mind are all of the services and assets that make civilized life possible. The evolution of Smart Grid Technology promises the...
Computer technology and the proliferation of networks that enabled data exchange between computers gave birth to the Internet and mankind realized the dawn of a new, virtual environment aptly named “cyberspace.” If you think about critical infrastructure, things that come to mind are all of the services and assets that make civilized life possible. The evolution of Smart Grid Technology promises the...
To facilitate the management of patient records, traditional paper-based patient records have been modified into electronic medical records and then into electronic patient records. This study proposes a key management scheme based on Lagrange interpolation formula and hierarchical management structure to make Mobile Agent a more secure and efficient access control scheme for electronic patient records...
In this paper we describe where current risk controls (as documented in ISO27001/27002) for mitigating information security risks are likely to be inadequate for use in the cloud. Such an analysis could provide a rationale for prioritizing protection research, and the work presented here is part of a larger exercise designed to identify the potential for cascade attacks in the cloud, and those areas...
Basing on the idea of intrusion masking and defense-in-depth, a generic architecture of survivable storage system is presented. The architecture includes 3 subsystems: storage strategy, user management and security module. Through analyzing the overall survivability of storage systems, and importing survivable requirement into the design phase of storage systems, security and other attributes is easily...
Industrial adoption of cloud computing for collaborative business processes is limited by their ability to meet inter-enterprise security requirements. Although some clouds offerings comply with security standards, no solution today allows businesses to assess security compliance of applications at the business level and dynamically link to security countermeasures on-demand. In this paper, we present...
Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not...
The DynaSOAr framework presents a wholly service-oriented approach to grid and Internet-based computing that makes a clear and explicit separation of concerns between service-provision and resource-provision for each service invocation. The separation allows the dynamic deployment of code at runtime, in the form of a service implementation, between a service provider and an explicit resource provider...
Cloud computing has become a popular computing paradigm in which virtualized and scalable resources are consolidated to provide services over Internet. However, the resource capability of a single cloud is generally limited, and some applications often require various cloud centers over Internet to deliver services together. Therefore, a Virtual Organization (VO) will be a promising approach to integrate...
In this paper, a new miniature padlock is designed and invented that uses electronic system as its fundamental operator. The lock comes with robust software that is difficult to crack for security purposes. The lock is small in size, light but firm and does not need an analog key, offering huge boosts of convenience. With keys being removed from the scenario, lots of problems that conventional lock...
Internet Information Server as one of today's popular server, providing a powerful Internet and Internet service function, it works as the Windows NT family of operating systems to provide a set of services, such as Windows NT Server4.0 and Windows Server 2000 and so on. IIS stringent security mechanisms for the establishment of a high-security server have laid a solid foundation. Therefore, to explore...
Wikis are powerful, collaborative tools and can be used for educational purposes in many ways. The original idea of a Wiki is to make information accessible to all. However, it is very interesting that experiences in the use of Wikis in educational settings showed that security and data protection of wiki contents is definitely an issue. In this paper, we discuss problems and solutions on the basis...
The following topics are dealt with: virtual environment; security; privacy; online social networks; collaborative editing; peer-to-peer; sensor networks; modeling; access control; trust; Web service; health care computing; distributed networking; collaborative architecture; and information sharing.
Google's Android framework incorporates an operating system and software stack for mobile devices. Using a general-purpose operating system such as Linux in mobile devices has advantages but also security risks. Security-Enhanced Linux (SELinux) can help reduce potential damage from a successful attack.
Cloud computing is the topic in this paper. Cloud computing is the latest wave in systems architectures. The cloud realizes computing as a utility-that is, customers submit their computing tasks to the cloud, which provides the resources necessary to execute those tasks. Security is a major concern that could limit the cloud computing paradigm's impact. The factors affecting security in cloud computing,...
A more and more enterprises using Web services to accelerate its own development. At this point, how to network in an open application environment, guard the confidentiality of their data, resources are more and more concern for people, network security has become the network an integral part of the building. This paper introduces the architecture of network security, and further information on the...
In the following years, the desktop-based applications will be changed to cloud computing gradually. Since all users' profile and context data will be stored on the service supplier side based on their ID. ID is becoming a security bottleneck: attackers can trace all other information via user ID. Increasingly, a simple service may be involved in a chain of service clouds; each cloud is able to access...
Coordination languages for mobile, distributed systems constitute a good basis for the use of aspect-oriented features for providing a clear separation between the functionality and the security policies of programs. Allowing for a distributed definition of aspects, that jointly define a security policy, provide for a number of challenges regarding how to deal with conflicts and how to demonstrate...
Data (or information) provenance has many important applications. However, prior work on data provenance management almost exclusively focused on the collection, representation, query, and storage of provenance data. In contrast, the security aspect of provenance management has not been understood nor adequately addressed. A natural question then is: What would a secure provenance management system...
A transaction is assigned with a purpose which is a collection of roles. Suppose a transaction T1 with a purpose R1 writes an object o2 after reading an object o1 and then another transaction T2 with R2 reads o2 and writes an object o3. Unless T2 is granted a read right of o1, illegal information flow occur from o1 to o2. In the purpose-marking(PM) protocol, T1 marks o2 with the purpose R1. T2 cannot...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.