The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
A major cyber-security concern to date for webservers are Distributed Denial of Service (DDoS) attacks. Previously we proposed a novel overlay-based method consisting of distributed network of public servers (PS) for preparation, and access nodes (AN) for actual communication. The AN's performance is evaluated under difficult to detect HTTP(S)-DDoS attacks. Yet, attackers may attempt service denial...
As the system is deployed in the dynamic environments, the need of self-adaptive system is increasing. In addition, by advancing the network technology, self-adaptive system interacts with other systems to achieve the complex goals, which are difficult to be achieved by single self-adaptive system. During the interaction, they may share security-critical information. As a result, security becomes...
In order for an election system to be trusted, it needs to be verifiable. Methods must exist to check that the votes are cast as intended by the voters. There must be strong evidence that the machines function as they are supposed to function. Voters should feel confident that the election is conducted fairly and accurately. This paper first outlines the major concerns about election technologies...
In election systems, there are many opportunities to incorporate forensic techniques and gather forensic evidence that can lead to determining the root cause of an anomaly. Although much has been written about security and forensic techniques in election systems, very little research has focused on measuring the forensic capabilities of election systems and mapping them to potential security safeguards...
With the web witnessing an immense shift towards publishing data, integrating data from diverse sources that have heterogeneous security levels become even more challenging. There is a need to maintain security and privacy requirements of each data source participating in a data integration process before and during the integration. In Data Integration Systems (DIS) for critical domains, data needs...
With the emergence of new technologies the requirements for trusted platforms are constantly changing. Thus, the current Trusted Platform Modules (TPMs) have to cope with issues they have not been designed for. One such deficit of current TPMs is the inability to support multiple stakeholders as in mobile computing, virtualization, and cloud computing applications. In such scenarios, a TPM has to...
Online consumer trust in Business to Consumer (B2C) e-commerce trust has been viewed as a key differentiator that determines the success or failure of many companies conducting their business over the Internet. In order to explore the influence factor of consumer trust and their priority, and to look for the way to promote consumer trust, an Analytic Network Process (ANP) model is constructed in this...
The Laboratory of Cryptography and System Security (CrySyS) is dedicated to conduct research in the field of computer security and user privacy. This paper shows a research roadmap of the CrySyS Lab from its inception in 2003 until today. We will present the major achievements in the past with a particular emphasis on the research and teaching curriculum in security and privacy. We will discuss network-...
Security-by-Contract (S??C) is a paradigm providing security assurances for mobile applications. In this work, we present an extension of S??C enriched with an automatic trust management infrastructure. Indeed, we enhance the already existing architecture by adding new modules and configurations for contracts managing. At deploy-time, our system decides the run-time configuration depending on the...
Effective and efficient management of technology is indispensable to the implementation of software projects in the public sector. E-voting - which involves technological, institutional (legal and political), and societal risks - demands complicated risk management and can, as such, be considered one of the most, if not the most, ambitious field of application. Estonia has successfully implemented...
More and more companies are outsourcing parts of their business processes to third party providers to exploit the expertise and economies of scale of these third party providers. In the IT field, emerging delivery models for software such as Software as a Service and cloud computing offer the possibility to outsource applications and computing infrastructure and thus enable enterprises to focus on...
It is difficult to state whether a certain software product is developed securely enough. An evaluation methodology that takes the security assurance methods used during the software development lifecycle into account is one step closer to a solution to this problem. In this paper we discuss our first heuristics for security assurance evaluation that would give guidelines on the trustworthiness of...
Past yearspsila radical changes in how we use the World Wide Web led to new challenges in guarding user rights. The ldquoWeb 2.0rdquo movement relies to large extents on commercial Web services where users can publish their content and manage their personal information. Experience has shown that the companies providing these Web services only then seek for standardized, open, and trustworthy solutions...
GEMOM (Genetic Message Oriented Secure Middleware) is an EU FP7 ICT project that focuses on the significant and measurable increase in the end-to-end intelligence, security and resilience of complex, distributed information systems. Complex, distributed software systems are virtually impossible to implement without heavy use of messaging infrastructure. While the existing state of the art achieves...
In current peer-to-peer systems users interact with unknown services and users for the purpose of online transactions such as file sharing and trading of commodities. Peer-to-Peer reputation systems allow users to assess the trustworthiness of unknown entities based on subjective feedback from the other peers. However, this cannot constitute sufficient proof for many transactions like service composition,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.