Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
Trust, the most fundamental concept in Trusted Computing, is a pervasive notion and, as such, has been studied thoroughly in a variety of different fields. Based on a survey of trust and security, two formal definitions for trust in Trusted Computing are presented in this paper: one for trust between coequal components (the direct trust) and the other for trust in specialization-employed environment...
Peer-to-Peer (P2P) networking is beneficial when removing a centralized server. On the other hand, new mechanisms are required to compensate for the central authority, especially for network security and dependability. In this paper, we propose a new fuzzy reputation (Fuzzy-Rep) model to improve security and dependability of P2P e-commerce. The model employs fuzzy logic inference rules to assess transactions...
Today's approach to security is based on perimeter defense and relies heavily on firewalls, Intrusion detection systems (IDS) and Intrusion prevention systems. Despite years of research and investment in developing such reactive security methodologies, our critical systems remain vulnerable to cyber attacks. In our approach we assume that intrusions are inevitable and our effort is focused on minimizing...
The pervasive systems are weaving themselves in our daily life, making it possible to collect user information invisibly, in an unobtrusive manner by even unknown parties. So run time trustworthiness calculation would be a major issue in these environments. The huge number of interactions between users and pervasive devices necessitate a comprehensive trust model which unifies different trust factors...
In this paper a generalized trust calculation mechanism is proposed which could be used to And out the trust values of various entities involved in a pervasive environment globally. The trust values calculated between the entities are stored in a global data store. This trust value can be used as a basis for future transactions of the entity concerned. The global data store can be maintained by a...
General network attack graph has a large state space. It affects the efficiency of network attack graph generation greatly. In order to solve this problem, a reverse search based network attack graph generation method is proposed. It starts from the target hosts that the goal of attackers, by analyzing the vulnerabilities and connectivity of them, finds all the middleman hosts, then repeats the search...
Grid is the next generation of Internet, and it has attracted the attentions of research communities recently. In practical applications, the nodes in the grid domain need to transact with other strange nodes to acquire the services provided by those nodes. Recently, trust has been recognized as an important factor for Grid security. And it is important for them to make a trust evaluation for those...
This paper introduces a practical security model based on key security considerations by looking at a number of infrastructure aspects of Cloud Computing such as SaaS, Utility, Web, Platform and Managed Services, Service commerce platforms and Internet Integration which was introduced with a concise literature review. The purpose of this paper is to offer a macro level solution for identified common...
In cyber-physical systems, which are the integrations of computational and physical processes, it is hard to realize certain security properties. Fundamentally, physically observable behavior leads to violations of confidentiality. We focus on analyzing certain noninterference based security properties to ensure that interactions between the cyber and physical processes preserve confidentiality. A...
Currently, with the popularization of the computer and Internet technologies, electronic documents have become the most important resource in enterprises or organizations. The security of documents and protecting the information resident in these documents is of paramount importance to the organizationpsilas progress and in some cases, their survival too. Hence, electronic documents are the target...
Trustworthy degree plays an important role in the quantity analysis of trustworthy networks. In this paper, we use mean 2-form of vector to compute the trustworthy degree. Some algebraic properties are discussed. To clarify the reasonability of this method, a simple simulation is constructed.
In distributed systems, it is often needed to establish trust before entities interact together. This trust establishment process involves making each entity ask for some credentials from the other entity, which implies some privacy loss for both parties. We propose a model for achieving the right privacy-trust tradeoff in distributed environments. Each entity aims to join a group in order to protect...
Grids are positioned as systems which spread Internet environments with machines distributed across multiple organizations and administrative domains. Security has been the focus of the grid system recently. As an important part of security, trust in grid computing has been researched extensively. Based on subjective logic, a flexible trust model has been established to enhance the security of Grid...
As online interactions often occur among peers with no prior knowledge of each other in P2P systems, the problem of security is attracting more and more attention. Hence, how to construct an effective trust mechanism to help build trust among peers is an important issue for the research of P2P technology nowadays. This paper proposes a novel reputation-based trust evaluation mechanism for P2P systems...
Trust management, with trust collecting mechanism as one of its foundations, has been the focus of more and more researches in grid security. This paper analyzes shortages of existing trust collecting mechanisms, and then proposes a novel trust collecting mechanism by introducing the idea of publish/subscribe scheme used in messaging system. The objective of this mechanism is to support dynamic trust...
We present a new approach for mutation analysis of security policies test cases. We propose a metamodel that provides a generic representation of security policies access control models and define a set of mutation operators at this generic level. We use Kermeta to build the metamodel and implement the mutation operators. We also illustrate our approach with two successful instantiation of this metamodel:...
Security policy validation based on conformance testing is a promising approach, but it lacks both of a fault model and of better test selection procedures. Penetration testing approaches rely on a fault model based on the exploitation of sequences of vulnerabilities. This document proposes a method to generate test purposes to validate the conformance of a system to a security policy using a fault...
This paper shows an example of non-functional requirements and its propagation to reification using the Use of UML for ODP system specification standard (UML for ODP). As an example of non-functional requirements, sample security requirements are taken and its specifications in UML using UML for ODP for all five RM-ODP viewpoints are illustrated. In addition, the traceability of security aspects between...
Accelerated by the rapid deployment of distributed systems and the Internet, online collaboration and information sharing are pervasive in enterprise computing environment. With regard to the requirements of online collaboration and information sharing, authentication information needs flexible manipulation to facilitate federation across trust domains. To achieve identity federation for federated...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.