The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Natural language processing (NLP) of clinical text offers great potential to expand secondary use of high-value electronic health record (EHR) data, but a barrier to adopting NLP is the high total cost of operation, driven mainly by the costs and limited availability of technical personnel in applied health research settings. To overcome this barrier we propose a cloud-based service systems model...
Shoulder-surfing, phishing and keylogging are widely used by attackers to obtain users' sensitive credentials. In this paper, we propose a framework to strengthen password authentication using mobile devices and browser extensions. This approach provides a relatively high resilience against shoulder-surfing, phishing and keylogging attacks while requires no change on the server side. A prototype implementation...
Security policy is the core to ensure the system operating safely, security policy conflict will cause the system to suffer a security threaten, which even make system crash, therefore security policy conflict detection is particularly important. This paper researches the type of intra-node security policy conflict detection, analyses the complexity of algorithm of security policy conflict detection,...
The JavaScript language is an interpretive programming language which is used to enhance the client-side interactivity and functionality. However, it has been much exploited by malicious parties to launch browser-based security attacks. Currently there are many security vulnerabilities assessment tools, and browsers provide sand-boxing mechanisms to protect the JavaScript code from compromising the...
With the number of applications running upon the virtualized system increased, the virtual network circumstance becomes more and more complicated; the consequent security problems thereby have been a concern for industrial and academic fields. However, the current solutions are mostly confined to the enforcement of several patchy-works on system which still requires proficient hacking skills for administrators...
The system of WebMail content and attachments recovery can monitor the network without affecting the performance of the network, check the network for confidential information leakage phenomenon. if found it will store the leak records into the hard disk automatically which will be used as evidence for security sectors. This paper introduces in detail the design and implementation of the WebMail content...
Software security has both an objective and a subjective component. A lot of the information available about that today is focused on the security vulnerabilities and their disclosure. It is less frequent that security breaches and failures rates are reported, even in open source projects. Disclosure of security problems can take several forms. A disclosure can be accompanied by a release of the fix...
Electric Power Information Networks are the infrastructure, which not only ensures electric power system operating securely as well as stably, but also promotes power companies'effective and continuable run. Electric power dispatch systems, management information systems, customer relation systems and so on, are all built on this infrastructure. It is an important task for network administrators of...
With the prosperity of E-commerce industry, the electronic commerce course construction also needs developing synchronously. E-commerce security is the important part of e-commerce, and is also a course which combines theory with practice closely. To improve the practical operative ability, a perfect teaching experiment platform is necessary for students to do the e-commerce security-related experiments...
After over forty years' development in an extraordinary speed, the Internet is confronting profoundly different social and economic environments, with the continuously increasing users demands. However, the essence and key designs of the current Internet have remained untouched during the past decades. Over the same years, Internet users have been calling for a better Internet that features significantly...
This work investigates an evolutionary approach to generate gaming strategies for the Attacker-Defender or Intruder-Administrator in simulated cyber warfare. Given a network environment, attack graphs are defined in an anticipation game framework to generate action strategies by analyzing (local/global) vulnerabilities and security measures. The proposed approach extends an anticipation game (AG)...
With the rapid development of Internet, more and more web applications based on database appeared, thus the databases face the threats. Because of the SQL attacks, people pay much attention to the security of database on the internet. This paper presents a solution that is a database security gateway deployed between web server and database server. The paper describes the architecture of the database...
Under the network environment, security of library information system(LISS) is an important topic for all managers. This paper analyzes main categories of security of library information system and puts forward efficient means of protecting this system. The paper finally points out the significance of security of library information system.
We interpret “mission assurance” to mean the guarantee that Mission Essential Functionality (MEF) provided by an information system is continued despite partial failures and other accidental or maliciously induced changes in the system or its operating environment. MEF can be threatened when the Quality of Service (QoS) delivered by the information system drops below useful levels, when the security...
The security of SCADA systems is one of the most pressing subjects in industrial systems, especially for those installation actively using the public network in order to provide new features and services. In this paper we present an innovative approach to the design of Filtering Systems based on the state analysis of the system being monitored. The aim is to detect attacks composed of a set of “SCADA”...
Current online banking only allows payment to be made from a single bank account hence user needs to log in to several banking sites to settle the dues monthly. Paying bills/loans from multiple bank accounts in a single login would provide greater convenience. This paper reviewed the current on line banking system and discussed the challenges in designing an integrated web based application for independent...
The security of complex networks with multiple elements is very difficult to evaluate and characterize by numbers. The interaction between the network elements, the different layer topologies and the numerous features makes the security quantification almost impossible. On the other side, the lack of security benchmarking is very problematic for the budget and invests allocation by companies. Numerical...
Currently, application protection models are mostly static and independent. It means that the applications cannot handle multiple domains to manage accordingly the permissions for a given user request. Managing multiple domains is becoming a more and more common issue as desktop applications are growing in complexity to provide better-designed user interfaces. Today, protection systems are almost...
Since emerged in 2004, Unified Threat Management (UTM) has been used widely to enhance network security protection. Typical UTM device integrates multiple security technologies, therefore its control and management involves various interfaces, message formats, communication protocols, and security policies and so on. Therefore, it is a big challenge to design and implement the configuration and management...
We present an optimization technique for model-based generation of test cases for firewalls. Starting from a formal model for firewall policies in higher-order logic, we derive a collection of semantics-preserving policy transformation rules and an algorithm that optimizes the specification with respect of the number of test cases required for path coverage. The correctness of the rules and the algorithm...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.