The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In today's fastest growing IT industry Cloud Computing is gaining much more popularity because the Cloud providers feel that it is very easy to manage the data in the cloud environment rather than normal web-sites in form of simple web pages. Every day the data seeking is being done by many users immensely. Here due to immense number of users seeking the data on daily basis there is a serious security...
With increasing network security threats, the network vulnerability must consider exploits in the context of multistage, multi-host attack scenarios. The general approach to this problem is to construct an attack graph for a given network configuration. An attack graph consists of a number of attack paths which are essentially series of exploits which an attacker employs to reach the destination....
JavaScript-based browser extensions (JSEs) enhance the core functionality of Web browsers by improving their look and feel, and are widely available for commodity browsers. To enable a rich set of functionalities, browsers typically execute JSEs with elevated privileges. For example, unlike JavaScript code in a Web application, code in a JSE is not constrained by the same-origin policy. Malicious...
With the rapid development of network technology, a variety of new attack methods to the network come out endlessly. Traditional firewalls, depending on the static feature data base, have more and more limitations to these attacks. To alleviate this problem, in this paper we propose a honeynet-based firewall scheme with initiative security strategies. In this scheme, the data-analyzing module can...
In the guidance of the thoughts from fire safety engineering and according to the kinetic mechanism of the occurrence and development of fire and the technological principle of fire prevention and control, this paper preliminarily studies the application of fire risk evaluation method in the fire safety engineering of an underground construction. By determining fire security goal, performance criterion...
Mine disaster has been a worldwide problem for a long time. In recent years, frequently occurred mine disasters have brought serious negative impact on this society. So it is necessary to call for the respect and concern for humanity. In this article, we analyzed causes and the types of the mine disasters, explored a number of irrational and imperfect factors in the rescue process, and tired to carry...
Currently, the number of users accessing to the network is significantly increasing which requires a tightly control based on the organization policy. Network access control (NAC) is an essential tool focuses on checking and granting permission. In general, NAC requires specific network devices which may not work with the existing devices. In this paper, a Policy-Based Network Access Control framework...
Network vulnerability assessment has carried out a certain degree of research work in relative field. The common method for vulnerability assessment is hierarchical asset vulnerability assessment, in which vulnerability value is fixed and the weight of service is subjective. Thus the accuracy of calculation depends on experience and judgment. In this paper, according to CVSS (Common Vulnerability...
Firewalls are among the most important components in network security. Traditionally, the rules of the firewall are kept private under the assumption that privacy of the rule set makes attacks on the network more difficult. We posit that this assumption is no longer valid in the Internet of today due to two factors: the emergence of botnets reducing probing difficulty and second, the emergence of...
The Internet has evolved from its original design. (1)The user cares about what they are looking for, not which machine provides the data or the service. The host-to-host Internet tends to become a data-oriented network. (2) In the pressures of commerce and security, the middleboxes, such as network address translators (NATs), firewalls and caching servers, become commonplace in current Internet....
Maintenance of critical emergency infrastructure is potentially lifesaving, but also expensive and tedious to document and track. In this paper we demonstrate a maintenance system based on Near Field Communication (NFC). NFC-enabled mobile phones and NFC tags are used to improve recurring maintenance processes: the maintenance task itself becomes more efficient; and the system facilitates real-time...
A distributed security MIPv6 model based on dynamic policies is presented to solve the security compatible problem between MIPv6 nodes and the access network. We combine the distributed defensive structure and MIPv6 to build a distributed secure MIPv6 structure based on policies, and implement the dynamic transference of secure policies during mobile nodespsila movement, thus to make the model has...
Currently network security of institutions highly depend on firewalls, which are used to separate untrusted network from trusted one by enforcing security policies. Security policies used in firewalls are ordered set of rules where each rule is represented as a predicate and an action. This paper proposes modeling of firewall rules via directed acyclic graphs (DAG), from which test cases can be automatically...
The configuration of firewalls is highly error prone and automated solution are needed in order to analyze its correctness. We propose a formal and automatic method for checking whether a firewall reacts correctly with respect to a security policy given in an high level declarative language. When errors are detected, some feedback is returned to the user in order to correct the firewall configuration...
Self signed certificates for SSL and self generated hosts keys for SSH are popular zero cost, simple alternatives to public key infrastructure (PKI). They provide security against man in the middle attacks, as long as the the client connecting to those services knows the certificates or host keys a priori. A simple solution used in practice is to trust the certificate or the host key when the client...
Firewalls remain the main perimeter security protection for corporate networks. However, network size and complexity make firewall configuration and maintenance notoriously difficult. Tools are needed to analyse firewall configurations for errors, to verify that they correctly implement security requirements and to generate configurations from higher-level requirements. In this paper we extend our...
SIP-based networks are becoming the de-facto standard for voice, video and instant messaging services. Being exposed to many threats while playing an major role in the operation of essential services, the need for dedicated security management approaches is rapidly increasing. In this paper we present an original security management approach based on a specific vulnerability aware SIP stateful firewall...
In a communication network, an advanced security system should include three security processes, namely a packet filter (Firewall), an intrusion detection system (IDS), and a covert channels detection system (CCDS). The Firewall filters the incoming and outgoing network traffic. The IDS detects and stops attacks, such as denial of service (DoS) attacks. Covert channels allow individuals to communicate...
Nowadays, industrial control systems operators are trying to fulfill requirements from upcoming standards and regulation regarding cyber security issues. However, addressing such security requirements by implementing security measures is not a trivial task. Moreover, the creation and maintenance of the configuration for the security measures is prone to error. This research shows that it is possible...
Software repositories provide abundance of valuable information about open source projects. With the increase in the size of the data maintained by the repositories, automated extraction of such data from individual repositories, as well as of linked information across repositories, has become a necessity. In this paper we describe a framework that uses web scraping to automatically mine repositories...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.