The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The article is discussing new challenges faced by modern security systems because the traditional perimeter defenses against man-in-the-middle attacks are inadequate in protection against the man-at-the-end white-box attacks favored by many attackers.
Smart cards are an example of advanced chip technology. They allow information transfer between the card holder and the system over secure networks, but they contain sensitive data related to both the card holder and the system, that has to be kept private and confidential. The objective of this work is to create an executable model of a smart card system, including the security protocols and transactions,...
In his 1960 essay, Eugene Wigner raised the question of ”the unreasonable effectiveness of mathematics in natural sciences”. After several decades of security research, we are tempted to ask the opposite question: Are we not unreasonably ineffective? Why are we not more secure from all the security technologies? I sketch a conceptual landscape of security that may provide some answers, on the background...
Both cloud and GRID are computing paradigms for the large-scale management of distributed resources. Even if the first is usually oriented to transaction-based applications, and the latter to High Performance Computation, there is a lot of interest in their integration. This is typically obtained through the Infrastructure-as-a-Service cloud model, which is exploited in the GRID context to offer machine...
In recent years Web-based systems have become extremely popular and, nowadays, they are used in critical environments such as financial, medical, and military systems. As the use of Web applications for security-critical services has increased, the number and sophistication of attacks against these applications have grown as well. For this reason it is essential to be able to prove that the target...
Cloud computing in general, refers to any service delivered on-demand to customers over the Internet. This paper investigates protocol-composition framework in the context of multi-party computation. We show that if a protocol realizes its functionality with respect to the derived adversary-environment security, then the protocol realizes this functionality with respect to the protocol-composition...
Static code analysis tools are often used by developers as early vulnerability detectors. Due to their automation they are less time-consuming and error-prone then manual reviews. However, they produce large quantities of warnings that developers have to manually examine and understand.In this paper, we look at a solution that makes static code analysis tools more useful as an early vulnerability...
The goal of trusted computing proposed by TCG is to enhance the security of platform by the way of integrity measurement. TPM is a tamper-resistant hardware module designed to provide robust security capabilities like remote attestation and sealed storage for the trusted platform. But TPM has its limitation. It can't be directly used in common PC current in use. A portable TPM device is proposed and...
So far, most existing protocol test generation methods are concentrated on complete protocol test, when aiming at some specific TP (test purpose),a mount of unnecessary test cases are generated because of the limitation of these methods. In this paper a method of TTCN (Tree and Tabular Combined Notation) test case generation based on TP description is proposed, in which according to non-formal TP,...
The paper offers tree-structured connectivity between the peer entities over an infrastructure network as an abstraction to embody the application-oriented processing functions on peer-to-peer information flows. Tree reconfigurations are triggered when failures or security violations occur in the connectivity path between the peer nodes (e.g., increase in path delays, DOS attack on a node). Reconfigurations...
Due to the spreading of SMS services and appearing of new business models, value-added SMS services have been introduced. According to the research results about wide distribution of security incidents on ICT systems worldwide, in spite of known security solutions, there is a necessity for organizational approach to implement security. This paper presents research and development efforts in building...
In recent years, there has been a tremendous increase in the usage of IT based systems in vehicles, with predictions that in the near future, more than 90% of innovations in the automotive sector will be centered on IT software and hardware. However, innovation also means that intellectual property (IP) is created, which is valuable to third (potentially) untrusted and malicious parties. In particular,...
The coordination and scheduling of affiliated tasks to be run at different sites is a challenging problem, specifically in the domain of network performance monitoring. This paper presents a software implementation of the probes coordination protocol (PCP) which provides a solution to this problem. The PCP allows tasks to be executed regularly on a multitude of sites without the need for repeated...
File sharing is a common practice since the introduction of computer networks. It involves using technology that allows network users to share files that are stored on their individual computers. Peer-to-peer or simply P2P applications, such as those used to share multimedia files, are some of the most common forms of file-sharing technology. However, P2P applications are vulnerable to security risks...
Agent-based computing represents a promising paradigm for distributed computing. Unfortunately the lack of security is hindering the application of this paradigm in real world applications. The protection of malicious hosts is considered the most difficult security problem to solve in mobile agent systems. In this paper we provide a mechanism that aims to solve the problem of the malicious hosts....
In view of constant improvement and powerful destructive force of network attack technology and more and more important role of Internet in peoplepsilas life, how to protect Internet from destruction and interference of attacks has become an important task concerning the security and availability of Internet. This paper designs the software of a hardware detection system, which is mainly composed...
A PKI in support of secure Internet routing was first proposed in [1] and refined in later papers, e.g., [2]. In this ldquoResourcerdquo PKI (RPKI) the resources managed are IP address allocations and Autonomous System number (AS #) assignments. The RPKI presents a very different implementation challenge from a typical PKI,in that in the RPKI every relying party needs to validate every certificate...
Although current mechanisms protect against offline credential-stealing attacks, effective protection against online channel-breaking attacks requires technologies to defeat man-in-the-middle (MITM) attacks, and practical protection against content-manipulation attacks requires transaction-authentication technologies.
The increasing complexity of information and telecommunications systems and networks is reaching a level beyond human ability, mainly from the security assessment viewpoint. Methodologies currently proposed for managing and assuring security requirements fall short of industrial and societal expectations. The statistics about vulnerabilities and attacks show that the security, reliability and availability...
NetGAP is used to physically isolate the internal and external networks. Its session strides over both sides of the network. Based on the characteristics of agent, this paper designs several kinds of agent components with file accumulation, content inspection, file transmittance, protocol stream control and so on. Through these agent components it can easily establish a new connection, dealt with...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.