The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Virtualization is a term that refers to the abstraction of computer resources. The purpose of virtual computing environment is to improve resource utilization by providing a unified integrated operating platform for users and applications based on aggregation of heterogeneous and autonomous resources. More recently, virtualization at all levels (system storage, and network) became important again...
We witness an ongoing intensive research towards the specification and implementation of autonomic behaviors for the Future Internet. Important issues that need to be addressed in that context are related to diverse security aspects of the emerging autonomic network technologies. In this paper, we present our research on security in autonomic networks based on the GANA reference model. We present...
Security problems arise in software systems are very challenging. Using program analysis techniques and some language based security rules can help in enforcing application-level security through control access to program resources and verification of control flow of the information inside the program based on some security properties. This paper presents a new job analyzer component for an intrusion...
Many e-commerce applications are prevalent in today's world. New features and enhanced security, both are required for successful launch and deployment of e-commerce applications. In this paper, we focus on a generic e-commerce architecture, called eTRON which incorporates - at its nucleus - the tamper-resistant eTRON chip, equipped with functions for mutual authentication, secure communication, and...
The DynaSOAr framework presents a wholly service-oriented approach to grid and Internet-based computing that makes a clear and explicit separation of concerns between service-provision and resource-provision for each service invocation. The separation allows the dynamic deployment of code at runtime, in the form of a service implementation, between a service provider and an explicit resource provider...
Web Services are at the heart of many Internet-based e-business systems. Security issues in web services are critical for the continuity of the provided services. Solutions such as Role-Based Access Control and Trust-Based Access Control were proposed to address threats to security in single Web Service scenarios. These solutions do not fully provide the required security level in situations related...
SELinux is a strong and flexible system with a well-defined MAC architecture. It provides a mechanism to enforce the access control based on confidentiality and integrity requirements which offers an effective protection of information security. This paper describes in what way SELinux uses various models and policies to secure the information safety which different from others, especially from a...
The first edition of Java (both the language and the platform) was released in 1995, which contained the all-or-nothing security access model. A mid-1997 paper I published in IEEE Micro laid out a vision for the future of Java security, which notably included a model for fine-grained access control, a crypto architecture, and a number of other security mechanisms. The first implementation of these...
Middleware security is usually regarded as a wrapper of underlying security mechanisms rather than a infrastructure for enforcement and management of access control policies. We argue that there is a need for more generalized security mechanisms at middleware layer to enforce multiple access control policies. We introduce StarACM, a novel policy-oriented security architecture at middleware layer,...
The Internet of Things and Services is a rapidly growing concept that illustrates that the ever increasing amount of physical items of our daily life which become addressable through a network could be made more easily manageable and usable through the use of Services. This surge of exposed resources along with the level of privacy and value of the information they hold, together with the increase...
Trustworthy network is the inevitable trend in the development of high trusted computing and Internet. It is beyond the traditional information security including confidentiality, integrity and availability, but on the survivability and controllability. Trustworthiness of users on identity and behaviors is very important for trustworthy network, which can be realized by access control technology....
Nowadays, P2P file-sharing systems have gained a large acceptance among the Internet users. However, there has been little relatively work done in access control for P2P networks, where security is a critical requirement for broader applications of the technology not only in the current but also in the future. In this work, a new architecture is presented in this paper, it integrates the aspects of...
There is a huge prevalence of mobile devices being connected to the Internet because of high demands for information access and dissemination. It is now well understood that XML plays a vital role as a means for information representation, exchange, and storage. Naturally, XML data is exchanged and stored as these mobile devices communicate with each other, and over the web. A major concern for one...
Information security is a crucial aspect for enterprises that has to be considered as a strong requirement from the early stages of the development process and data warehouses (DWs) manage highly important information used to make strategic decisions which has to be protected from unauthorized users. In order to develop secure DWs we have proposed a model driven architecture (MDA) composed of several...
E-learning has been an important way, method, target and criterion of modern teaching. E-assessment is an important component of e-learning and e-qualification. Item Banks using Item Response Theory are the basis of e-assessment. With the application of WEB technology, how to share item bank resources becomes one of the problems to be solved imperatively in e-assessment. This paper proposes a grid-based...
Data warehouses (DWs) manage crucial information for enterprises which must be protected from unauthorized accesses. The question of which security issues are present in all stages of the DW design is therefore of great importance when considering these security constraints in design decisions. We have used the model driven architecture (MDA) approach to propose an MDA architecture with which to develop...
Access control is an effective method to deal with Internet attacks. It has problems in some application fields, such as bigger granularity, not easy to assure the consistency of authority policies and so on. The paper proposed the model of J2EE based access decision services - JRADS according to the comprehensive application of J2EE in the distributed environment. It separated the authority logic...
To achieve the increasing needed service of solving multi-users' access in heterogeneous network, this paper presents an integrated AAA architecture combined with PANA mechanism, for benefit of masking different link layer access technologies in heterogeneous network environment. Compared with current authorization mechanism, we propose an optimal solution that access network resources are based not...
Traditional security model, where the identity of all possible requesting subjects must be pre-registered in advance, is not suitable for the distributed applications with strong real-time requirements. A promising approach is represented by automated trust negotiation, which establishes trust between strangers through the exchange of digital credentials and the use of access control policies. As...
The security models used in Grid systems today strongly bear the marks of their diverse origin. Historically retrofitted to the distributed systems they are designed to protect and control, the security model is usually limited in scope and applicability, and its implementation tailored towards a few specific deployment scenarios. A common approach towards even the "basic" elements such...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.