The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With the growing interest in Software Defined Networking (SDN) and thanks to the programmability provided by SDN protocols like OpenFlow, network application developers have started implementing solutions to fit corporate needs, like firewalls, load balancers and security services. In this paper, we present a novel solution to answer those needs with usage control policies. We design a policy based...
Protecting (authorizing) access to individual web services has been explored in many research efforts. The focus of such research is to ensure that authorized users with appropriate credentials are able to access resources under controlled and authorized security. However, integrating and/or composing such services, e.g. through workflow environments in collaborative environments, remains an open...
In the envisioned Internet of Things ecosystems, Smart objects are intended to create groups of devices in order to provide higher level services to be leveraged by citizens. However, because of the dynamic nature of such scenarios, the discovery, management and operation of such dynamic coalitions taking into account security and privacy concerns, is a challenging task that has not been properly...
By nature, cloud computing systems are static, homogenous entities. They consist of multiple layers of hardware and software resources. These resources are organized into stacks which provide services to end users. Many service stacks are built from a single template. As a result, they consist of identical resources with identical configurations. This gives potential attackers the asymmetric advantage...
High resolution surveillance systems are essential for security. However, these powerful tools have been misused by several CCTV operators. The governments and civil society are attempting to strike a balance between safety and privacy. Privacy filters can be used to help protect part of an image which included Personally Identifiable Information (PH). This paper presents a novel approach to improve...
Security has been a major concern in computer sciences for a long time. However, the definition and the enforcement of a complete security policy are difficult tasks, requiring deep knowledge of the inner workings of the security mechanisms. The management of the security is even more complex in a system such as a Cloud, which is a heterogeneous environment, with multiple applications and tenants...
Serious games show to have positive impact on training results. Advantages of simulation games lay in the provision of a safe training environment, where users are able to play, test and probe without serious consequences. At the same time, it is important to engage learners by providing a motivating, challenging environment, which becomes meaningful to the player when skills and knowledge acquired...
Control flow obfuscation is an important way of software copyright protection, the main purpose is to make the static analysis tools produce wrong control flow graph, and then prevent malicious use of reverse engineering against software. In this paper we ropose an approach to implement control flow obfuscation using Windows structured exception handling mechanism. Programs are obfuscated by replacing...
Decentralized systems are systems-of-systems whose services are governed by two or more separate organizations under distinct spheres of authority. Coordinated evolution of the various elements of a decentralized system may be difficult, if not impossible, as individual organizations evolve their service offerings in response to organization- and service-specific pressures, including market demand,...
Motivated by the increasing importance of knowing which operating systems are running in a given network, we evaluated operating system discovery (OSD) tools. The results indicated a serious lack of accuracy in current OSD tools. This thesis proposes a new approach to OS discovery which addresses the limitations of existing tools and leads to a more flexible, less intrusive, and much more accurate...
In collaborative workspace, collaborations are constrained by different requirements between different participants. Since policy-based management can be used to simplify collaboration management, administrators and users can use policies to define control rules and configurations of collaborative workspaces. These control rules and restrictions actually reflect management needs and business contracts...
We propose a prevention system for SIP-based networks which adopts a rule-based approach to build prevention specifications on SIP protocol activities that stop attacks exploiting an existing vulnerability before reaching their targets. Our approach innovates from existing solutions by making use of the contextual information of a vulnerability targeted by an attack to apply the prevention specification...
The design, deployment and execution of business process models and their associated security models is expensive and time consuming. This is because these activities usually involve multiple stakeholders that include business domain experts, security experts, web service developers and IT operations teams, and there is no streamlined development environment to allow these stakeholders to work collaboratively...
The security concerns in 3G network, especially the core network, is far from being satisfied. As the most important protocol in the 3G core network, GPRS Tunnel Protocol (GTP) is quite vulnerable to attacks in the flat, full IP environment. Solving such a problem properly is very urgent and important for the operation of 3G network. In this paper, we discus the security issues in GTP, and propose...
One of the key motivations of policy-based management is flexibility and adaptability to existing infrastructure and change management. In the context of security, modern policy languages such as XACML are extensible and support natively the expression of new information and manipulation operations. However, policy engines, which evaluate users' requests according to policies, may not support this...
This paper presents a methodology to perform passive testing of behavioural conformance for the web services based on the security rule. The proposed methodology can be used either to check a trace (offline checking) or to runtime verification (online checking) with timing constraints, including future and past time. In order to perform this: firstly, we use the Nomad language to define the security...
Medical sensor networks allow for pervasive health monitoring in hospitals, at home, or on the way. Each user carries a set of wireless medical sensors that allows caregivers to monitor his health state. The privacy and confidentiality of medical data need to be guaranteed at any moment to make sure that third parties cannot access confidential information. Additionally, the system also has to be...
Ubiquitous computing environment pursues context-aware in order words personalized service by collecting contexts through sensors located over wide area and presenting the service automatically depending not on the user's request but on the situations that are needed. But in order to provide the personalized service, contexts collected through various sensors are needed and they include private information...
Since the virtual network traffic is invisible outside the hypervisor, it is impossible for traditional network-base security devices to harness the attacks happened in virtual computing environment. Industry and academies adopt the network security enabled hypervisor (NSE-H) to protect virtual machines (VM) residing in the virtual network. In this paper, we identified the insufficiency of the existing...
Critical business processes can fail. Therefore, continuity processes are needed as backup solutions. At the same time business processes are required to comply with security, risk and compliance requirements. In the context discussed here, they should be modeled in a decentralized, local and declarative way, including methodological support by tools. By discussing a simplified loan granting process...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.