The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper addresses the rapidly increasing issue of sensitive user data theft and the data incongruity due to Web Content Management System (WCMS) structure and very complex WCMS to WCMS conversion procedure. After retaining the full picture of the situation, the paper approaches a solution for securely accessing, modifying and migrating WCMS database(DB) using a precise information hiding and data...
At present time the unregistered SIM cards (here unregistered means the SIM cards which are registered with false information provided by dealer) are widely used for committing crimes in the perspective of Bangladesh. Due to the complexity of the present SIM card registration process, the subscribers are reluctant to register themselves. In this paper we propose a cloud based system model which demonstrates...
CAPTCHA is an automated test that humans can pass, but current computer programs can't pass any program that has high success over a CAPTCHA can be used to solve an unsolved Artificial Intelligence (AI) problem. The most widely used CAPTCHAs rely on the sophisticated distortion of text images rendering them unrecognizable to the state of the art of pattern recognition techniques, and these text-based...
This paper proposes a methodology and a tool to evaluate the security risk presented when using software components or systems. The risk is estimated based on known vulnerabilities existing on the software components. An automated tool is used to extract and aggregate information on vulnerabilities reported by users and available on public databases (e.g., OSVDB and NVD). This tool generates comprehensive...
The expansion of the Internet has made web applications become a part of everyday life. As a result the number of incidents which exploit web application vulnerabilities are increasing. A large percentage of these incidents are SQL Injection attacks which are a serious security threat to databases with potentially sensitive information. Therefore, much research has been done to detect and prevent...
Analyzing and processing complex information by using computer aim at mine ventilation manage system in coal mine, this paper put forward feasible and reliable technical decision to the urgent requirements of coal mine safe technology and locale status. By studying middle component and application server, the design approach of building coal mine ventilation safe information network centered on safe...
Privacy protection in publishing high dimensional data is a challenging problem. Surprisingly, there are very few works on this problem. Nevertheless, the latest approach proposed so far suffers two drawbacks, namely introduction of excessive information loss and dependence on a given generalization taxonomy. To address the issues, this paper proposes a taxonomy free grouping approach for anonymizing...
The Mars Exploration Rover Mission (MER) includes the twin rovers, Spirit and Opportunity, which have been performing geological research and surface exploration since early 2004. The rovers' durability well beyond their original prime mission (90 sols or Martian days) has allowed them to be a valuable platform for scientific research for well over 2000 sols, but as a by-product it has produced new...
Alerts correlation techniques have been widely used to provide intelligent and stateful detection methodologies. This is to understand attack steps and predict the expected sequence of events. However, most of the proposed systems are based on rule - based mechanisms which are tedious and error prone. Other methods are based on statistical modeling, these are unable to identify causal relationships...
Development organizations often do not have time to perform security fortification on every file in a product before release. One way of prioritizing security efforts is to use metrics to identify core business logic that could contain vulnerabilities, such as database interaction code. Database code is a source of SQL injection vulnerabilities, but importantly may be home to unrelated vulnerabilities...
Like fingerprint, human face can be applied as a security system because it has almost the same characteristics as that of fingerprint, in terms of the uniqueness and non transferable. Therefore, in this paper, we design and simulate fast human face recognition for the security system. It is realized by implementing the compact features of face image as data dimensional reduction and the shifting-mean...
In this paper, we study the potentiality of discrimination between vulnerabilities given by CVSS framework. CVSSis an op en framework which assess the intrinsic characteristics of vulnerabilities and gives a severity score for each one. We study the distribution of CVSS metrics (in particular base metrics)in the NVD database. We then focus on the environmental part of CVSS framework, which allows...
Given its low dollar and maintenance cost, RFID is poised to become the enabling technology for inventory control and supply chain management. However, as an outcome of its low cost, RFID based inventory control is susceptible to pernicious security and privacy threats. A deleterious attack on such a system is corporate espionage, where attackers through illicit inventorying infer sales and restocking...
In this paper, we discuss information model of IEC 61850 protocol. We give the prototype design of information model of IEC 61850 and study record accessing times. We suggest use of real time main memory database model for IEC 61850. We also use TLSF memory allocator for assigning memory to records in IEC 61850 prototype. We suggest a back up scheme for database for fast crash recovery. Finally we...
Log event correlation is an effective means of detecting system faults and security breaches encountered in information technology environments. Centralized, database-driven log event correlation is common, but suffers from flaws such as high network bandwidth utilization, significant requirements for system resources, and difficulty in detecting certain suspicious behaviors. Distributed event correlation...
Compliance is a critical enterprise management concern, compliance measures are often implemented using polices. This paper proposed a general compliance policy model for security audit after the definition and description of security policy were given out. The model is suitable to express fine-gained audit policy based on periodical time constraints. It also provides a security audit implementation...
As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. Too many nouns web application security vulnerabilities result from generic input validation problems. Examples of such vulnerabilities are SQL injection and Cross-Site...
Balancing privacy and security concerns in biometric systems is an area of growing importance. While important work has gone on in template protection and revocable biometric tokens, these avenues of research address only one aspect of the problem. Such research does not address a critical issue: balancing the need government and anti-fraud programs to do deduplication (ensure one identity per person)...
This is global challenge to preserve the soft computing data through hard device. By this issue in the field of Computer science and Engineering Technology, the data collection and capturing techniques together with algorithms for combining multiple range, allow us to accurately digitize the internal and external characteristics of many soft computing and hard devices. This capability makes it possible...
Polyinstantiabtion provides the ability to create more versions of single information. It is used to prevent inference attacks. This paper explains the use of polyinstantiation in relational databases with multilevel security. Also, shows how polyinstantiation can be occurred and what types of polyinstantiation. The basic concepts of multilevel security database models are described and issues regarding...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.