WorldWideScience

Sample records for active computing security

  1. Computer security

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  2. A New Approach to Practical Active-Secure Two-Party Computation

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio; Burra, Sai Sheshank

    2011-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao's garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce a...

  3. A New Approach to Practical Active-Secure Two-Party Computation

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio; Burra, Sai Sheshank

    2012-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao’s garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce a...

  4. Security in Computer Applications

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  5. Cognitive Computing for Security.

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  6. Computer Security Handbook

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  7. Security of computer networks

    Kolář, Tomáš

    2012-01-01

    This thesis is focused on design and documentation of computer network and its security in the medium-sized company. First part of this thesis describes basics of computer networks, computer infiltrations, types of assault and preventive protection of corporate networks. The practical part of this thesis is devoted to documentation of the old corporate network and the complete design of a new computer network, its security against attacks and the loss corporate data.

  8. Indirection and computer security.

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  9. Secure cloud computing

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  10. CLOUD COMPUTING SECURITY

    DANISH JAMIL,

    2011-04-01

    Full Text Available It is no secret that cloud computing is becoming more and more popular today and is ever increasing inpopularity with large companies as they share valuable resources in a cost effective way. Due to this increasingdemand for more clouds there is an ever growing threat of security becoming a major issue. This paper shalllook at ways in which security threats can be a danger to cloud computing and how they can be avoided.

  11. CLOUD COMPUTING AND SECURITY

    Asharani Shinde

    2015-10-01

    Full Text Available This document gives an insight into Cloud Computing giving an overview of key features as well as the detail study of exact working of Cloud computing. Cloud Computing lets you access all your application and documents from anywhere in the world, freeing you from the confines of the desktop thus making it easier for group members in different locations to collaborate. Certainly cloud computing can bring about strategic, transformational and even revolutionary benefits fundamental to future enterprise computing but it also offers immediate and pragmatic opportunities to improve efficiencies today while cost effectively and systematically setting the stage for the strategic change. As this technology makes the computing, sharing, networking easy and interesting, we should think about the security and privacy of information too. Thus the key points we are going to be discussed are what is cloud, what are its key features, current applications, future status and the security issues and the possible solutions.

  12. Computer security simulation

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  13. Computer Security: Competing Concepts

    Nissenbaum, Helen; Friedman, Batya; Felten, Edward

    2001-01-01

    This paper focuses on a tension we discovered in the philosophical part of our multidisciplinary project on values in web-browser security. Our project draws on the methods and perspectives of empirical social science, computer science, and philosophy to identify values embodied in existing web-browser security and also to prescribe changes to existing systems (in particular, Mozilla) so that values relevant to web-browser systems are better served than presently they are. The tension, which ...

  14. Cloud Computing Security

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  15. Computer Security at Nuclear Facilities

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  16. Computer Science Security

    Ocotlan Diaz-Parra; Ruiz-Vanoye, Jorge A.; Barrera-Cámara, Ricardo A.; Alejandro Fuentes-Penna; Natalia Sandoval

    2014-01-01

    Soft Systems Methodology (SSM) is a problem-solving methodology employing systems thinking. SSM has been applied to the management, planning, health and medical systems, information systems planning, human resource management, analysis of the logistics systems, knowledge management, project management, construction management and engineering, and development of expert systems. This paper proposes using SSM for strategic planning of Enterprise Computer Security.

  17. Computer Science Security

    Ocotlan Diaz-Parra

    2014-01-01

    Full Text Available Soft Systems Methodology (SSM is a problem-solving methodology employing systems thinking. SSM has been applied to the management, planning, health and medical systems, information systems planning, human resource management, analysis of the logistics systems, knowledge management, project management, construction management and engineering, and development of expert systems. This paper proposes using SSM for strategic planning of Enterprise Computer Security.

  18. Security Dynamics of Cloud Computing

    Khaled M. Khan

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  19. New computer security campaign

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  20. Computer Security: the security marathon

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  1. NETWORK SECURITY: AN APPROACH TOWARDS SECURE COMPUTING

    Rahul Pareek

    2011-01-01

    The security of computer networks plays a strategic role in modern computer systems. In order to enforce high protection levels against malicious attack, a number of software tools have been currently developed. Intrusion Detection System has recently become a heated research topic due to its capability of detecting and preventing the attacks from malicious network users. A pattern matching IDS for network security has been proposed in this paper. Many network security applications...

  2. Computer Security: the security marathon, part 2

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  3. Computer Security Day

    CERN Bulletin

    2010-01-01

      Viruses, phishing, malware and cyber-criminals can all threaten your computer and your data, even at CERN! Experts will share their experience with you and offer solutions to keep your computer secure. Thursday, 10 June 2010, 9.30, Council Chamber Make a note in your diary! Presentations in French and English: How do hackers break into your computer? Quels sont les enjeux et conséquences des attaques informatiques contre le CERN ? How so criminals steal your money on the Internet? Comment utiliser votre ordinateur de manière sécurisée ? and a quiz: test your knowledge and win one of the many prizes that will be on offer! For more information and to follow the day's events via a live webcast go to: http://cern.ch/SecDay.  

  4. CLOUD COMPUTING SECURITY ISSUES

    Florin OGIGAU-NEAMTIU

    2012-01-01

    Full Text Available The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality is that cloud computing has simplified some technical aspects of building computer systems, but the myriad challenges facing IT environment still remain. Organizations which consider adopting cloud based services must also understand the many major problems of information policy, including issues of privacy, security, reliability, access, and regulation. The goal of this article is to identify the main security issues and to draw the attention of both decision makers and users to the potential risks of moving data into “the cloud”.

  5. New computer security measures

    IT Department

    2008-01-01

    As a part of the long-term strategy to improve computer security at CERN, and especially given the attention focused to CERN by the start-up of the LHC, two additional security measures concerning DNS and Tor will shortly be introduced. These are described in the following texts and will affect only a small number of users. "PHISHING" ATTACKS CONTINUE CERN computer users continue to be subjected to attacks by people trying to infect our machines and obtain passwords and other confidential information by social engineering trickery. Recent examples include an e-mail message sent from "La Poste" entitled "Colis Postal" on 21 August, a fake mail sent from web and mail services on 8 September, and an e-mail purporting to come from Hallmark Cards announcing the arrival of an electronic postcard. However, there are many other examples and there are reports of compromised mail accounts being used for more realistic site-specific phishing attempts. Given the increased publicity rela...

  6. Visualization Tools for Teaching Computer Security

    Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

    2010-01-01

    Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

  7. Security basics for computer architects

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  8. Computational Intelligence, Cyber Security and Computational Models

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  9. Computer Security at Nuclear Facilities

    This series of slides presents the IAEA policy concerning the development of recommendations and guidelines for computer security at nuclear facilities. A document of the Nuclear Security Series dedicated to this issue is on the final stage prior to publication. This document is the the first existing IAEA document specifically addressing computer security. This document was necessary for 3 mains reasons: first not all national infrastructures have recognized and standardized computer security, secondly existing international guidance is not industry specific and fails to capture some of the key issues, and thirdly the presence of more or less connected digital systems is increasing in the design of nuclear power plants. The security of computer system must be based on a graded approach: the assignment of computer system to different levels and zones should be based on their relevance to safety and security and the risk assessment process should be allowed to feed back into and influence the graded approach

  10. Reminder: Mandatory Computer Security Course

    IT Department

    2011-01-01

    Just like any other organization, CERN is permanently under attack – even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Therefore, a new dedicated basic computer security course has been designed informing you about the “Do’s” and “Dont’s” when using CERN's computing facilities. This course is mandatory for all person owning a CERN computer account and must be followed once every three years. Users who have never done the course, or whose course needs to be renewe...

  11. New Mandatory Computer Security Course

    CERN Bulletin

    2010-01-01

    Just like any other organization, CERN is permanently under attack - even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Since 2007, newcomers have to follow a dedicated basic computer security course informing them about the “Do’s” and “Dont’s” when using CERNs computing facilities. This course has recently been redesigned. It is now mandatory for all CERN members (users and staff) owning a CERN computer account and must be followed once every three years. Members who...

  12. Cloud Computing Security Issue: Survey

    Kamal, Shailza; Kaur, Rajpreet

    2011-12-01

    Cloud computing is the growing field in IT industry since 2007 proposed by IBM. Another company like Google, Amazon, and Microsoft provides further products to cloud computing. The cloud computing is the internet based computing that shared recourses, information on demand. It provides the services like SaaS, IaaS and PaaS. The services and recourses are shared by virtualization that run multiple operation applications on cloud computing. This discussion gives the survey on the challenges on security issues during cloud computing and describes some standards and protocols that presents how security can be managed.

  13. Security and policy driven computing

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  14. Computer and information security handbook

    Vacca, John R

    2012-01-01

    The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

  15. Tools for Computer Security

    Lecoeuche, Denis

    2015-01-01

    This report describes several scripts developed in order to facilitate and automate security-related tests and tasks for the CMS Group at CERN. They will be integrated in the release cycle of specific web services.

  16. SECURITY ISSUES IN COMPUTER NETWORK ARCHITECTURE

    Dr. M. Lilly Florence

    2011-01-01

    The architecture of a computer network has evolved with advances in technology. The design of secure computer network architecture to protect the integrity of information exchange is pursued by the commercial and financial sectors and at all levels of government agencies. Active networks represent a new approach to network architecture. It provides a much more flexible network infrastructure. The network security is mainly based on the network architecture. The purpose of this paper is to pro...

  17. Computer Network Security- The Challenges of Securing a Computer Network

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  18. A methodology for performing computer security reviews

    DOE Order 5637.1, ''Classified Computer Security,'' requires regular reviews of the computer security activities for an ADP system and for a site. Based on experiences gained in the Los Alamos computer security program through interactions with DOE facilities, we have developed a methodology to aid a site or security officer in performing a comprehensive computer security review. The methodology is designed to aid a reviewer in defining goals of the review (e.g., preparation for inspection), determining security requirements based on DOE policies, determining threats/vulnerabilities based on DOE and local threat guidance, and identifying critical system components to be reviewed. Application of the methodology will result in review procedures and checklists oriented to the review goals, the target system, and DOE policy requirements. The review methodology can be used to prepare for an audit or inspection and as a periodic self-check tool to determine the status of the computer security program for a site or specific ADP system. 1 tab

  19. A methodology for performing computer security reviews

    This paper reports on DIE Order 5637.1, Classified Computer Security, which requires regular reviews of the computer security activities for an ADP system and for a site. Based on experiences gained in the Los Alamos computer security program through interactions with DOE facilities, the authors have developed a methodology to aid a site or security officer in performing a comprehensive computer security review. The methodology is designed to aid a reviewer in defining goals of the review (e.g., preparation for inspection), determining security requirements based on DOE policies, determining threats/vulnerabilities based on DOE and local threat guidance, and identifying critical system components to be reviewed. Application of the methodology will result in review procedures and checklists oriented to the review goals, the target system, and DOE policy requirements. The review methodology can be used to prepare for an audit or inspection and as a periodic self-check tool to determine the status of the computer security program for a site or specific ADP system

  20. Computer Security at Nuclear Facilities (French Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  1. Security Protocol Verification: Symbolic and Computational Models

    Blanchet, Bruno

    2012-01-01

    Security protocol verification has been a very active research area since the 1990s. This paper surveys various approaches in this area, considering the verification in the symbolic model, as well as the more recent approaches that rely on the computational model or that verify protocol implementations rather than specifications. Additionally, we briefly describe our symbolic security protocol verifier ProVerif and situate it among these approaches.

  2. Computer Security: professionalism in security, too

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  3. Change of Computer Security Officer

    IT Department

    2008-01-01

    After many years of successfully protecting the CERN site in her role as Computer Security Officer (CSO), Denise Heagerty is being assigned to a new role within the IT Department. David Myers has been appointed to the position of CSO for one year from 1st September. W. von Rüden, IT Department Head

  4. Computer Security: Security operations at CERN (4/4)

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  5. LEGO for Two-Party Secure Computation

    Nielsen, Jesper Buus; Orlandi, Claudio

    2009-01-01

    . Asymptotically it obtains a factor  improvement in computation and communication over previous cut-and-choose based solutions, where  is the size of the circuit being computed. The protocol is universally composable (UC) in the OT-hybrid model against a static, active adversary.......This paper continues the recent line of work of making Yao’s garbled circuit approach to two-party computation secure against an active adversary. We propose a new cut-and-choose based approach called LEGO (Large Efficient Garbled-circuit Optimization): It is specifically aimed at large circuits...

  6. World of Cloud Computing & Security

    Ashish Kumar

    2012-06-01

    Full Text Available Cloud computing promises to increase the velocity with which application are deployed, increase innovation and lower costs, all while increasing business agility and hence envisioned as the next generation architecture of IT Enterprise. Nature of cloud computing builds an established trend for driving cost out of the delivery of services while increasing the speed and agility with which services are deployed. Cloud Computing incorporates virtualization, on demand deployment, Internet delivery of services and open source software .From another perspective, everything is new because cloud computing changes how we invent, develop, deploy, scale, update, maintain and pay for application and the infrastructure on which they run. Because of these benefits of Cloud Computing, it requires an effective and flexible dynamic security scheme to ensure the correctness of users’ data in the cloud. Quality of service is an important aspect and hence, extensive cloud data security and performance is required. Normal 0 false false false EN-US X-NONE X-NONE ashish.kumar@bharatividyapeeth.edu

  7. Computer access security code system

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  8. Cloud Computing Security Issues and Challenges

    Kuyoro S. O.

    2011-12-01

    Full Text Available Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.

  9. Secure Multiparty Computation Goes Live

    Bøgetoft, Peter; Lund Christensen, Dan; Damgård, Ivan Bjerre;

    2009-01-01

    In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used. This work was supported by the Danish Strategic Research Council and the European...... Commision. Tomas Toft’s work was partially performed at Aarhus University. In Holland, he was supported by the research program Sentinels, financed by Technology Foundation STW, the Netherlands Organization for Scientific Research (NWO), and the Dutch Ministry of Economic Affairs....

  10. Securing a HENP Computing Facility

    Misawa, S; Throwe, T

    2003-01-01

    Traditionally, HENP computing facilities have been open facilities that are accessed in many different ways by users that are both internal and external to the facility. However, the need to protect the facility from cybersecurity threats has made it difficult to maintain the openness of the facility to off-site and on-site users. In this paper, we discuss the strategy we have used and the architecture we have developed and deployed to increase the security the US ATLAS and RHIC Computing Facilities, while trying to maintain the openness and accessibility that our user community has come to expect. Included in this discussion are the tools that we have used and the operational experience we have had with the deployed architecture.

  11. Cloud Security A Comprehensive Guide to Secure Cloud Computing

    Krutz, Ronald L

    2010-01-01

    Well-known security experts decipher the most challenging aspect of cloud computing-security. Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable book tackles the most common security challenges that cloud computing faces. The authors offer you years of unpa

  12. Knowledge-based computer security advisor

    The rapid expansion of computer security information and technology has included little support to help the security officer identify the safeguards needed to comply with a policy and to secure a computing system. This paper reports that Los Alamos is developing a knowledge-based computer security system to provide expert knowledge to the security officer. This system includes a model for expressing the complex requirements in computer security policy statements. The model is part of an expert system that allows a security officer to describe a computer system and then determine compliance with the policy. The model contains a generic representation that contains network relationships among the policy concepts to support inferencing based on information represented in the generic policy description

  13. Computer Security: drive-bye

    Stefan Lueders, Computer Security Team

    2016-01-01

    Like a lion waiting to ambush gazelles at a waterhole, malware can catch you by surprise.    As some of you might have noticed, the Computer Security Team had to block the news site “20min.ch” a while ago, as it was found to be distributing malware. This block comes after similar incidents at other Swiss organizations. Our blocking is protective in order to safeguard your computers, laptops, tablets and smartphones. Unfortunately, this is not the first time we have seen these so-called drive-by/waterhole attacks: once you have visited an affected website, embedded third-party malicious code is downloaded to your computer and subsequently infects it (if running Windows or Android as well as, less likely, Mac operating systems). Hence the name “drive-by”. As “20min.ch” is a very frequented website among CERN staff members and users, it makes it a perfect source for attacks against CERN (or other Geneva-based organisations): inste...

  14. SECURITY TECHNIQUES USED IN COMPUTER NETWORKING

    Aarti Ramesh Sonone

    2015-01-01

    Security is one of the important in several areas as personal computer user, organizational computer network etc. because most of the time data will be share from one network to other network via the internet. The rapid growth in the use of internet there is need of computer network security to prevent and protect data or information from the internal and external attacks. Online security includes protection of information from theft, corruption or unauthorized access etc. In this pa...

  15. A Computer Security Course in the Undergraduate Computer Science Curriculum.

    Spillman, Richard

    1992-01-01

    Discusses the importance of computer security and considers criminal, national security, and personal privacy threats posed by security breakdown. Several examples are given, including incidents involving computer viruses. Objectives, content, instructional strategies, resources, and a sample examination for an experimental undergraduate computer…

  16. Computer Security: SAHARA - Security As High As Reasonably Achievable

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  17. A REVIEW ON SECURED CLOUD COMPUTING ENVIRONMENT

    M. Hemanth Chakravarthy

    2014-01-01

    Full Text Available Nowadays, the scientific problem becomes very complex; therefore, it requires more computing power and storage space. These requirements are very common in an organization while dealing with current technological data and requirements. Based on these basic requirements, need of higher computational resources is an important issue when dealing with current technological methodology. Hence, cloud computing has become the most important computing paradigm of recent world. The cloud computing is an open source and using Internet as network model. Rapid growth in the field of “cloud computing” also increases severe security concerns, because security has a constant issue. This study reviews security models of cloud computing.

  18. Scalable and Unconditionally Secure Multiparty Computation

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus

    2007-01-01

    We present a multiparty computation protocol that is unconditionally secure against adaptive and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+poly(nk), where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of the elements of the field...... over which the computation is carried out, D is the multiplicative depth of the circuit, and κ is the security parameter. The corruption threshold is t < n/3. For passive security the corruption threshold is t < n/2 and the communication complexity is O(nC)k. These are the first unconditionally secure...... protocols where the part of the communication complexity that depends on the circuit size is linear in n. We also present a protocol with threshold t < n/2 and complexity O(Cn)k+poly(n\\kappa) based on a complexity assumption which, however, only has to hold during the execution of the protocol – that is...

  19. SECURITY TECHNIQUES USED IN COMPUTER NETWORKING

    Aarti Ramesh Sonone

    2015-10-01

    Full Text Available Security is one of the important in several areas as personal computer user, organizational computer network etc. because most of the time data will be share from one network to other network via the internet. The rapid growth in the use of internet there is need of computer network security to prevent and protect data or information from the internal and external attacks. Online security includes protection of information from theft, corruption or unauthorized access etc. In this paper we discuss the security techniques used in computer network to protect information and information system from unauthorized user and their advantages.

  20. Computers, business, and security the new role for security

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  1. Secure computing, economy, and trust

    Bogetoft, Peter; Damgård, Ivan B.; Jakobsen, Thomas;

    In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, cryptography and security engineering and develop and implement secure auctions for practical real-world problems. In essence this paper is an o...

  2. Tailored Security and Safety for Pervasive Computing

    Blass, Erik-Oliver; Zitterbart, Martina

    Pervasive computing makes high demands on security: devices are seriously resource-restricted, communication takes place spontaneously, and adversaries might control some of the devices. We claim that 1.) today’s research, studying traditional security properties for pervasive computing, leads to inefficient, expensive, and unnecessary strong and unwanted security solutions. Instead, security solutions tailored to the demands of a user, the scenario, or the expected adversary are more promising. 2.) Today’s research for security in pervasive computing makes naive, inefficient, and unrealistic assumptions regarding safety properties, in particular the quality of basic communication. Therefore, future security research has to consider safety characteristics and has to jointly investigate security and safety for efficient, tailored solutions.

  3. Banking Security Characteristics in Cloud Computing Technology

    Jeflea Victor; Georgescu Mircea

    2014-01-01

    Cloud Computing technology has become an imminent reality by penetrating all the environments. Although the benefits of implementing Cloud Computing solutions are obvious, there is still a reluctance to use them, especially in the banking sector. Some authors have compared the banking environment itself to the Cloud Computing technology in terms of security and confidence. In what follows, we propose to highlight the main aspects of Cloud Computing security and to detect any elements of vulne...

  4. Applied computation and security systems

    Saeed, Khalid; Choudhury, Sankhayan; Chaki, Nabendu

    2015-01-01

    This book contains the extended version of the works that have been presented and discussed in the First International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2014) held during April 18-20, 2014 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland and University of Calcutta, India. The Volume I of this double-volume book contains fourteen high quality book chapters in three different parts. Part 1 is on Pattern Recognition and it presents four chapters. Part 2 is on Imaging and Healthcare Applications contains four more book chapters. The Part 3 of this volume is on Wireless Sensor Networking and it includes as many as six chapters. Volume II of the book has three Parts presenting a total of eleven chapters in it. Part 4 consists of five excellent chapters on Software Engineering ranging from cloud service design to transactional memory. Part 5 in Volume II is on Cryptography with two book...

  5. Data Security and Privacy in Cloud Computing

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  6. A Framework for Secure Cloud Computing

    Ahmed E. Youssef

    2012-07-01

    Full Text Available Cloud computing is one of the most discussed topics today in the field of information technology. It introduces a new Internet-based environment for on-demand, dynamic provision of reconfigurable computing resources. The biggest challenge in cloud computing is the security and privacy problems caused by its multi-tenancy nature and the outsourcing of infrastructure, sensitive data and critical applications. In this paper, we propose a framework that identifies security and privacy challenges in cloud computing. It highlights cloud-specific attacks and risks and clearly illustrates their mitigations and countermeasures. We also propose a generic cloud computing security model that helps satisfy security and privacy requirements in the clouds and protect them against various vulnerabilities. The purpose of this work is to advise on security and privacy considerations that should be taken and solutions that might be considered when using the cloud environment by individuals and organizations.

  7. Why SCADA security is NOT like Computer Centre Security

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  8. Security Protocol for Active Networks

    Cheng, L.; Galis, A.

    2006-01-01

    Active packets carrying management and control code have a dynamic nature and support dynamic routing. Thus, active packets must be protected in an end-to-end and hop-to-hop fashion. In this paper, we present a novel approach, known as security protocol for active networks (SPAN), which enables an active packet to be securely transmitted during (instead of after) Security Association (SA) and management negotiations along a new execution path

  9. Computer security and network processor

    The network security somehow is similar to the SARS virus's protection, at present status of the network security implementations exist many inadequate, the necessary of the security monitoring has been enhanced in this paper, as well as relative methods of the segregation of the network when attack happening. Arming the broadband data of high-speed network, the Network Processor was introduced, the prospect applications of it including the data acquisition and analyzing the experiment high energy physics and nuclear physics has been discussed. (authors)

  10. Review your Computer Security Now and Frequently!

    IT Department

    2009-01-01

    The start-up of LHC is foreseen to take place in the autumn and we will be in the public spotlight again. This increases the necessity to be vigilant with respect to computer security and the defacement of an experiment’s Web page in September last year shows that we should be particularly attentive. Attackers are permanently probing CERN and so we must all do the maximum to reduce future risks. Security is a hierarchical responsibility and requires to balance the allocation of resources between making systems work and making them secure. Thus all of us, whether users, developers, system experts, administrators, or managers are responsible for securing our computing assets. These include computers, software applications, documents, accounts and passwords. There is no "silver bullet" for securing systems, which can only be achieved by a painstaking search for all possible vulnerabilities followed by their mitigation. Additional advice on particular topics can be obtained from the relevant I...

  11. A Design Methodology for Computer Security Testing

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  12. Security Solutions against Computer Networks Threats

    Fatemeh Soleimani Roozbahani; Reihaneh Azad

    2015-01-01

    The spread of information networks in communities and organizations have led to a daily huge volume of information exchange between different networks which, of course, has resulted in new threats to the national organizations. It can be said that information security has become today one of the most challenging areas. In other words, defects and disadvantages of computer network security address irreparable damage for enterprises. Therefore, identification of security threats and ways of dea...

  13. IAEA's activities on nuclear security

    Main activities of the IAEA are focused on three items; (1) promotion of peaceful uses of nuclear energy; technical cooperation, (2) nuclear safety and (3) safeguards. Since September 11, 2001 terrorist attack, IAEA's activities on nuclear security has been strengthened. Here nuclear security can be defined as the prevention and detection of and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material, other radioactive substance or their associated facilities. Nuclear security has made a remarkable change and gained great importance. Recent trend of nuclear security was introduced and future perspective of IAEA's verification activities through the inspection including safeguards was described. (T. Tanaka)

  14. OT-Combiners Via Secure Computation

    Harnik, Danny; Ishai, Yuval; Kushilevitz, Eyal;

    2008-01-01

    use of Ω(kn) noisy bits. Better amortized generation of OTs. We show that, following an initial “seed” of O(k) OTs, each additional OT can be generated by only computing and communicating a constant number of outputs of a cryptographic hash function. This improves over a protocol of Ishai et al......An OT-combiner implements a secure oblivious transfer (OT) protocol using oracle access to n OT-candidates of which at most t may be faulty. We introduce a new general approach for combining OTs by making a simple and modular use of protocols for secure computation. Specifically, we obtain an OT......, in a network consisting of a single OT-channel. Our approach applies both to the “semi-honest” and the “malicious” models of secure computation, yielding the corresponding types of OT-combiners. Instantiating our general approach with secure computation protocols from the literature, we conceptually...

  15. STP/HAMPI and Computer Security

    Ganesh, Vijay

    2012-01-01

    In the past several years I have written two SMT solvers called STP and HAMPI that have found widespread use in computer security research by leading groups in academia, industry and the government. In this brief note I summarize the features of STP/HAMPI that make them particularly suited for computer security research, and a listing of some of the more important projects that use them.

  16. SECURITY ISSUES IN CLOUD COMPUTING AND COUNTERMEASURES

    DANISH JAMIL,; HASSAN ZAKI

    2011-01-01

    Cloud computing technology is a new concept of providing dramatically scalable and virtualised resources, bandwidth, software and hardware on demand to consumers. Consumers can typically requests cloud services via a web browser or web service. Using cloud computing, consumers can safe cost of hardware deployment, software licenses and system maintenance. On the other hand, it also has a few security issues. This paper introduces four cloud security problems, which are XML Signature Element W...

  17. CLOUD COMPUTING SECURITY THROUGH SYMMETRIC CIPHER MODEL

    Subramanian Anbazhagan

    2014-10-01

    Full Text Available Cloud computing can be defined as an application and services which runs on distributed network using virtualized and it is accessed through internet protocols and networking. Cloud computing resources and virtual and limitless and information’s of the physical systems on which software running are abstracted from the user. Cloud Computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over the technology infrastructure in the "cloud" that supports them. To satisfy the needs of the users the concept is to incorporate technologies which have the common theme of reliance on the internet Software and data are stored on the servers whereas cloud computing services are provided through applications online which can be accessed from web browsers. Lack of security and access control is the major drawback in the cloud computing as the users deal with sensitive data to public clouds .Multiple virtual machine in cloud can access insecure information flows as service provider; therefore to implement the cloud it is necessary to build security. Therefore the main aim of this paper is to provide cloud computing security through symmetric cipher model. This article proposes symmetric cipher model in order to implement cloud computing security so that data can accessed and stored securely.

  18. Computer Security: transparent monitoring for your protection

    Stefan Lueders, Computer Security Team

    2016-01-01

    Computer security can be handled in one of two ways: in secrecy, behind a black curtain; or out in the open, subject to scrutiny and with full transparency. We believe that the latter is the only right way for CERN, and have always put that belief into practice. In keeping with this spirit, here is a reminder of how we monitor (your) CERN activities in order to guarantee timely responses to computer security incidents.   We monitor all network traffic coming into and going out of CERN. Automatic tools look for suspicious patterns like connections to known malicious IP addresses, web pages or domains. They check for malicious files being downloaded and make statistical analyses of connections in order to identify unusual behaviour. The automatic analysis of the logs from the CERN Domain Name Servers complements this and provides a redundant means of detection. We also constantly scan the CERN office network and keep an inventory of the individual network services running on each device: w...

  19. Practical Computer Security through Cryptography

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  20. Towards An Engineering Discipline of Computational Security

    Mili, Ali [New Jersey Insitute of Technology; Sheldon, Frederick T [ORNL; Jilani, Lamia Labed [Institut Superieur de Gestion; Ayed, Rahma Ben [University of Tunis, Belvedere, Tunisia

    2007-01-01

    George Boole ushered the era of modern logic by arguing that logical reasoning does not fall in the realm of philosophy, as it was considered up to his time, but in the realm of mathematics. As such, logical propositions and logical arguments are modeled using algebraic structures. Likewise, we submit that security attributes must be modeled as formal mathematical propositions that are subject to mathematical analysis. In this paper, we approach this problem by attempting to model security attributes in a refinement-like framework that has traditionally been used to represent reliability and safety claims. Keywords: Computable security attributes, survivability, integrity, dependability, reliability, safety, security, verification, testing, fault tolerance.

  1. SECURITY ISSUES IN CLOUD COMPUTING AND COUNTERMEASURES

    DANISH JAMIL,

    2011-04-01

    Full Text Available Cloud computing technology is a new concept of providing dramatically scalable and virtualised resources, bandwidth, software and hardware on demand to consumers. Consumers can typically requests cloud services via a web browser or web service. Using cloud computing, consumers can safe cost of hardware deployment, software licenses and system maintenance. On the other hand, it also has a few security issues. This paper introduces four cloud security problems, which are XML Signature Element Wrapping, Browser Security, Cloud Malware Injection Attack and Flooding Attacks, and also gives the possible countermeasures.

  2. SECURITY FOR DATA STORAGE IN CLOUD COMPUTING

    Prof. S.A.Gade; Mukesh P.Patil

    2015-01-01

    Cloud computing is nothing but a specific style of computing where everything from computing power to business apps are provided facility. This application moves the various data to the large data centers through computing where security provided fully trustworthy. The data stored in the cloud may be frequently updated by the users (registered user) including actions like insertion, deletion, modification etc. To ensure that data storage in cl oud this web applicatio...

  3. Cloud Computing Security Latest Issues amp Countermeasures

    Shelveen Pandey

    2015-08-01

    Full Text Available Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shared resources over the years security on the cloud is a growing concern. In this review paper the current cloud security issues and practices are described and a few innovative solutions are proposed that can help improve cloud computing security in the future.

  4. New mechanism for Cloud Computing Storage Security

    Almokhtar Ait El Mrabti

    2016-07-01

    Full Text Available Cloud computing, often referred to as simply the cloud, appears as an emerging computing paradigm which promises to radically change the way computer applications and services are constructed, delivered, managed and finally guaranteed as dynamic computing environments for end users. The cloud is the delivery of on-demand computing resources - everything from applications to data centers - over the Internet on a pay-for-use basis. The revolution of cloud computing has provided opportunities for research in all aspects of cloud computing. Despite the big progress in cloud computing technologies, funding concerns in cloud, security may limit a broader adoption. This paper presents a technique to tolerate both accidental and intentional faults, which is fragmentation-redundancy-scattering (FRS. The possibility to use the FRS technique as an intrusion tolerance one is investigated for providing secure and dependable storage in the cloud environment. Also a cloud computing security (CCS based on the FRS technique is proposed to explore how this proposal can then be used via several scenarios. To demonstrate the robustness of the proposal, we formalize our design and we carry out a security as well as performance evaluations of the approach and we compare it with the classical model. The paper concludes by strongly suggesting future research proposals for the CCS framework.

  5. Computer Security: Mac security – nothing for old versions

    Stefan Lueders, Computer Security Team

    2016-01-01

    A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software – or, in computer lingo: patching, patching, patching.   Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help… Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their &ldq...

  6. Computer security at ukrainian nuclear facilities: interface between nuclear safety and security

    Active introduction of information technology, computer instrumentation and control systems (I and C systems) in the nuclear field leads to a greater efficiency and management of technological processes at nuclear facilities. However, this trend brings a number of challenges related to cyber-attacks on the above elements, which violates computer security as well as nuclear safety and security of a nuclear facility. This paper considers regulatory support to computer security at the nuclear facilities in Ukraine. The issue of computer and information security considered in the context of physical protection, because it is an integral component. The paper focuses on the computer security of I and C systems important to nuclear safety. These systems are potentially vulnerable to cyber threats and, in case of cyber-attacks, the potential negative impact on the normal operational processes can lead to a breach of the nuclear facility security. While ensuring nuclear security of I and C systems, it interacts with nuclear safety, therefore, the paper considers an example of an integrated approach to the requirements of nuclear safety and security

  7. Computational social networks security and privacy

    2012-01-01

    Presents the latest advances in security and privacy issues in computational social networks, and illustrates how both organizations and individuals can be protected from real-world threats Discusses the design and use of a wide range of computational tools and software for social network analysis Provides experience reports, survey articles, and intelligence techniques and theories relating to specific problems in network technology

  8. Artificial immune system applications in computer security

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  9. International Conference on Computational Intelligence, Cyber Security, and Computational Models

    Ramasamy, Vijayalakshmi; Sheen, Shina; Veeramani, C; Bonato, Anthony; Batten, Lynn

    2016-01-01

    This book aims at promoting high-quality research by researchers and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security, and Computational Models ICC3 2015 organized by PSG College of Technology, Coimbatore, India during December 17 – 19, 2015. This book enriches with innovations in broad areas of research like computational modeling, computational intelligence and cyber security. These emerging inter disciplinary research areas have helped to solve multifaceted problems and gained lot of attention in recent years. This encompasses theory and applications, to provide design, analysis and modeling of the aforementioned key areas.

  10. REVIEW PAPER ON MOBILE CLOUD COMPUTING SECURITY

    Priyanka d. Raut

    2015-10-01

    Full Text Available Nowadays smart-phones are being capable of supporting a broad range of applications, many of which demand an increasing computational power. This leads to a challenge because smart-phones are resource-constrained devices with finite computation power, memory, storage, and energy. With the development of mobility and cloud computing, mobile cloud computing (MCC has introduced and become a point of research. With the need of extendibility and on-demand self-service, it can provide the good infrastructure, platform and software services in a cloud to mobile clients through the mobile network. Therefore, Cloud computing is anticipated to bring an innovation in mobile computing, where the mobile devices can make use of clouds for data processing, storage and other intensive operations. Despite the surprising advancement achieved by MCC, the clients of MCC are still below expectations due to the related risks in terms of security and confidentiality. The more and more information is placed onto the cloud by individuals and enterprises, the more the security issue begins to grow. This paper presents the various security issues that arise about how secure the mobile cloud computing environment is.

  11. The university computer network security system

    张丁欣

    2012-01-01

    With the development of the times, advances in technology, computer network technology has been deep into all aspects of people's lives, it plays an increasingly important role, is an important tool for information exchange. Colleges and universities is to cultivate the cradle of new technology and new technology, computer network Yulu nectar to nurture emerging technologies, and so, as institutions of higher learning should pay attention to the construction of computer network security system.

  12. Leakage Resilient Secure Two-Party Computation

    Damgård, Ivan Bjerre; Hazay, Carmit; Patra, Arpita

    2012-01-01

    returns its result. Almost independently of secure computation, the area of {\\em leakage resilient cryptography} has recently been evolving intensively, studying the question of designing cryptographic primitives that remain secure even when some information about the secret key is leaked. In this paper....... \\item {\\em Leakage resilient oblivious transfer.} We present the first construction for 1-out-of-2 oblivious transfer with security against leakage of a constant fraction of the honest party's memory. Our protocol is based on the OT construction presented by Peikert et al.~\\cite{PeikertVW08}. \\item {\\em...... Leakage resilient Yao's Garbled Circuit~\\cite{Yao82}.} We provide the first general construction for secure two-party computation and show how to adapt the proof from~\\cite{LP09} of Yao's protocol into the leakage resilient setting. Our result holds for a restricted set of functions due to technicalities...

  13. Cloud Computing Security in Business Information Systems

    Ristov, Sasko; Kostoska, Magdalena

    2012-01-01

    Cloud computing providers' and customers' services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs) are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company's type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objecti...

  14. Flexible And Secure Access To Computing Clusters

    Jan Meizner; Maciej Malawski; Marian Bubak

    2010-01-01

    The investigation presented in this paper was prompted by the need to provide a manageablesolution for secure access to computing clusters with a federated authentication framework.This requirement is especially important for scientists who need direct access to computingnodes in order to run their applications (e.g. chemical or medical simulations) with proprietary,open-source or custom-developed software packages. Our existing software, whichenables non-Web clients to use Shibboleth-secured...

  15. Guidelines for computer security in general practice

    Peter Schattner; Catherine Pleteshner; Heinz Bhend; Johan Brouns

    2007-01-01

    Background As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. Objective To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template ...

  16. Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

    2012-01-01

    Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

  17. Computer Security at Nuclear Facilities. Reference Manual (Chinese Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  18. Computer Security at Nuclear Facilities. Reference Manual (Russian Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  19. Computer Security at Nuclear Facilities. Reference Manual (Arabic Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  20. Overview of Security issues in Cloud Computing

    Ajey Singh

    2012-03-01

    Full Text Available Cloud computing may be defined as management and provision of resources, software, applications and information as services over the cloud (internet on demand. Cloud computing comes into focus only when you think about what IT always needs: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. "Cloud computing continues to gain acceptance as a critical way to deliver on-demand information and resources to customers,” The cloud architecture is implemented in such a way that it provides you the flexibility to share application as well as other network resources (hardware etc[1]. This will lead to a need based flexible architecture where the resources will expand or contract with a little configuration changes. Cloud computing is often provided "as a service" over the Internet, typically in the form of infrastructure as a service (IaaS, platform as a service (PaaS, or software as a service (SaaS.From an end users perspective, you don’t need to care for the OS, the plug-ins, web security or the software platform[2]. Everything should be in place without any worry. This paper focuses on technical security issues in cloud computing, cloud computing has various benefits in an enterprise but major concern is how security is implemented in cloud computing.

  1. Computation, cryptography, and network security

    Rassias, Michael

    2015-01-01

    Analysis, assessment, and data management are core competencies for operation research analysts. This volume addresses a number of issues and developed methods for improving those skills. It is an outgrowth of a conference held in April 2013 at the Hellenic Military Academy, and brings together a broad variety of mathematical methods and theories with several applications. It discusses directions and pursuits of scientists that pertain to engineering sciences. It is also presents the theoretical background required for algorithms and techniques applied to a large variety of concrete problems. A number of open questions as well as new future areas are also highlighted.   This book will appeal to operations research analysts, engineers, community decision makers, academics, the military community, practitioners sharing the current “state-of-the-art,” and analysts from coalition partners. Topics covered include Operations Research, Games and Control Theory, Computational Number Theory and Information Securi...

  2. Soft computing techniques in voltage security analysis

    Chakraborty, Kabir

    2015-01-01

    This book focuses on soft computing techniques for enhancing voltage security in electrical power networks. Artificial neural networks (ANNs) have been chosen as a soft computing tool, since such networks are eminently suitable for the study of voltage security. The different architectures of the ANNs used in this book are selected on the basis of intelligent criteria rather than by a “brute force” method of trial and error. The fundamental aim of this book is to present a comprehensive treatise on power system security and the simulation of power system security. The core concepts are substantiated by suitable illustrations and computer methods. The book describes analytical aspects of operation and characteristics of power systems from the viewpoint of voltage security. The text is self-contained and thorough. It is intended for senior undergraduate students and postgraduate students in electrical engineering. Practicing engineers, Electrical Control Center (ECC) operators and researchers will also...

  3. Cloud Computing Security in Business Information Systems

    Sasko Ristov

    2012-03-01

    Full Text Available Cloud computing providers‘ and customers‘ services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company’s type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objectives if customer services are hosted on-premise or in cloud. The conclusion is that obtaining the ISO 27001:2005 certificate (or if already obtained will further improve CSP and CC information security systems, and introduce mutual trust in cloud services but will not cover all relevant issues. In this paper we also continue our efforts in business continuity detriments cloud computing produces, and propose some solutions that mitigate the risks.

  4. DATA INTEGRITY PROOF AND SECURE COMPUTATION IN CLOUD COMPUTING

    Veeralakshmi Ponnuramu; Latha Tamilselvan

    2012-01-01

    Cloud computing is an emerging computing paradigm in which information technology resources and capacities are provided as services over the internet. The users can remotely store their data into the cloud so that the users can be relieved from the burden of local data storage and maintenance. The user does not have any control on the remotely located data. This unique feature possess many security challenges. One of the important concern is the integrity of data and computations. To ensure c...

  5. Computer Security: Geneva, Suisse Romande and beyond

    Computer Security Team

    2014-01-01

    To ensure good computer security, it is essential for us to keep in close contact and collaboration with a multitude of official and unofficial, national and international bodies, agencies, associations and organisations in order to discuss best practices, to learn about the most recent (and, at times, still unpublished) vulnerabilities, and to handle jointly any security incident. A network of peers - in particular a network of trusted peers - can provide important intelligence about new vulnerabilities or ongoing attacks much earlier than information published in the media. In this article, we would like to introduce a few of the official peers we usually deal with.*   Directly relevant for CERN are SWITCH, our partner for networking in Switzerland, and our contacts within the WLCG, i.e. the European Grid Infrastructure (EGI), and the U.S. Open Science Grid (OSG). All three are essential partners when discussing security implementations and resolving security incidents. SWITCH, in...

  6. MOBILE COMPUTING AND MCOMMERCE SECURITY ISSUES

    Krishna Prakash

    2014-09-01

    Full Text Available The radical evolution of computers and advancement of technology in the area of hardware (smaller size, weight, low power consumption and cost, high performance and communications has introduced the notion of mobile computing. Mobile Commerce is an evolving area of e-commerce, where users can interact with service providers through a mobile and wireless network using mobile device for information retrieval and transaction processing. Mobile wireless market is increasing by leaps and bounds. The quality and speeds available in the mobile environment must match the fixed networks if the convergence of the mobile wireless and fixed communication network is to happen in the real sense. The challenge for mobile network lie in providing very large footprint of mobile services with high speed and security. Online transactions using mobile devices must ensure high security for user credentials and it should not be possible for misuse. The paper discusses issues related to M-Commerce security.

  7. Securing Local Support for Your Computer Project.

    Roecks, Alan L.

    1979-01-01

    Guidelines for securing and maintaining local funding for computer-related projects include suggestions in the areas of establishing and maintaining project/school board relationships, encountering social and political factors, and defining guidelines for project implementation. Successes and failures of the MICA project are provided as…

  8. Guidelines for computer security in general practice

    Peter Schattner

    2007-06-01

    Conclusions This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

  9. A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

    The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering

  10. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  11. Security for small computer systems a practical guide for users

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  12. Extreme Scale Computing to Secure the Nation

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  13. Software For Computer-Security Audits

    Arndt, Kate; Lonsford, Emily

    1994-01-01

    Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

  14. DATA INTEGRITY PROOF AND SECURE COMPUTATION IN CLOUD COMPUTING

    Veeralakshmi Ponnuramu

    2012-01-01

    Full Text Available Cloud computing is an emerging computing paradigm in which information technology resources and capacities are provided as services over the internet. The users can remotely store their data into the cloud so that the users can be relieved from the burden of local data storage and maintenance. The user does not have any control on the remotely located data. This unique feature possess many security challenges. One of the important concern is the integrity of data and computations. To ensure correctness of user’s data in the cloud, an effective scheme assuring the integrity of the data stored in the cloud is proposed. We try to obtain and prove that the data stored in the cloud is not modified by the provider, thereby ensuring the integrity of data. To ensure secure computation our scheme uses the Merkle hash tree for checking the correctness of computations done by the cloud service provider. Algorithms are implemented using java core concepts and java Remote Method Invocation (RMI concepts for client-server communication by setting up the private cloud environment with eucalyptus tool. This method is used to assure data integrity and secured computations with reduced computational and storage overhead of the client.

  15. SECURITY AND PRIVACY ISSUES IN CLOUD COMPUTING

    Amina AIT OUAHMAN

    2014-10-01

    Full Text Available Today, cloud computing is defined and talked about across the ICT industry under different contexts and with different definitions attached to it. It is a new paradigm in the evolution of Information Technology, as it is one of the biggest revolutions in this field to have taken place in recent times. According to the National Institute for Standards and Technology (NIST, “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services that can be rapidly provisioned and released with minimal management effort or service provider interaction” [1]. The importance of Cloud Computing is increasing and it is receiving a growing attention in the scientific and industrial communities. A study by Gartner [2] considered Cloud Computing as the first among the top 10 most important technologies and with a better prospect in successive years by companies and organizations. Clouds bring out tremendous benefits for both individuals and enterprises. Clouds support economic savings, outsourcing mechanisms, resource sharing, any-where any-time accessibility, on-demand scalability, and service flexibility. Clouds minimize the need for user involvement by masking technical details such as software upgrades, licenses, and maintenance from its customers. Clouds could also offer better security advantages over individual server deployments. Since a cloud aggregates resources, cloud providers charter expert security personnel while typical companies could be limited with a network administrator who might not be well versed in cyber security issues. The new concepts introduced by the clouds, such as computation outsourcing, resource sharing, and external data warehousing, increase the security and privacy concerns and create new security challenges. Moreover, the large scale of the clouds, the proliferation of mobile access devices (e

  16. Computer Security: better code, fewer problems

    Stefan Lueders, Computer Security Team

    2016-01-01

    The origin of many security incidents is negligence or unintentional mistakes made by web developers or programmers. In the rush to complete the work, due to skewed priorities, or just to ignorance, basic security principles can be omitted or forgotten.   The resulting vulnerabilities lie dormant until the evil side spots them and decides to hit hard. Computer security incidents in the past have put CERN’s reputation at risk due to websites being defaced with negative messages about the Organization, hash files of passwords being extracted, restricted data exposed… And it all started with a little bit of negligence! If you check out the Top 10 web development blunders, you will see that the most prevalent mistakes are: Not filtering input, e.g. accepting “<“ or “>” in input fields even if only a number is expected.  Not validating that input: you expect a birth date? So why accept letters? &...

  17. The Role of Trust in Computer Security

    Jensen, Christian D.

    2012-01-01

    human behaviour imposed by social and religious norms. Most of these assumptions, however, are implicit and they will fail when the environment of the systems change, e.g., when systems are used on a global scale on the Internet. This talk identifies such implicit assumptions in current security...... technologies and show how many of them concern the placement of trust on human or system agents. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason......Summary form only given. Traditional security technologies are based on numerous assumptions about the environment in which systems are used. This includes assumptions about the enforcement of legislative and contractual frameworks, limitations of particular technologies and the constraints on...

  18. Audit and Evaluation of Computer Security. Computer Science and Technology.

    Ruthberg, Zella G.

    This is a collection of consensus reports, each produced at a session of an invitational workshop sponsored by the National Bureau of Standards. The purpose of the workshop was to explore the state-of-the-art and define appropriate subjects for future research in the audit and evaluation of computer security. Leading experts in the audit and…

  19. Customer Security Issues in Cloud Computing

    Nimmati Satheesh

    2013-01-01

    The Cloud computing concept offers dynamically scalable resources provisioned as a service overthe Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capitalexpenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality, however, thereare still some challenges to be solved. Amongst these are security and trust issues, since the user's data has tobe released to the Cloud and thus leaves the protection-sphere of the dat...

  20. Cloud computing security with Nymble Technology

    Pradip U.Wawge

    2012-03-01

    Full Text Available Misbehave blacklisting schemes allow online service provide in cloud computer to prevent Misbehave access by abusive users while preserving the privacy of all Misbehave users (both abusive and non-abusive. The scheme proposed for this purpose was Nymble, an extremely efficient scheme based only on symmetric primitives; however, Nymble relies on trusted third parties who can collude to de-Anonymizing users of the scheme.Networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular Web sites. Web site administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an misbehave network. As a result, administrators block all known exit nodes of misbehave networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nimble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehaviour servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.Although the cloud computing model is considered to be a very promising internet-based computing platform, it results in a loss of security control over the cloud-hosted assets. This is due to the outsourcing of enterprise IT assets hosted on third-party cloud computing platforms. Moreover, the lack of security constraints in the Service Level Agreements between the cloud providers and consumers results in a loss of trust as well. Obtaining a security certificate such as ISO 27000 or NIST-FISMA would help cloud providers improve consumers trust in their cloud

  1. Computer Security: Introduction to information and computer security (1/4)

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  2. Protecting Office Information: Computer and Data Security.

    Davis-Newton, Hazel C.

    1986-01-01

    Discusses the nature of modern office automation, microcomputer access controls that can be activated to improve security (passwords, error lockout, palm geometry, automatic shutoff, time lock, call back), data communications controls (cryptographic transmission of data, scramblers, dial-back-devices), and management practices that may be…

  3. Extreme Scale Computing to Secure the Nation

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  4. Security Issues Associated with Big Data in Cloud Computing

    Venkata Narasimha Inukollu; Sailaja Arsi; Srinivasa Rao Ravuri

    2014-01-01

    In this paper, we discuss security issues for cloud computing, Big data, Map Reduce and Hadoop environment. The main focus is on security issues in cloud computing that are associated with big data. Big data applications are a great benefit to organizations, business, companies and many large scale and small scale industries.We also discuss various possible solutions for the issues in cloud computing security and Hadoop. Cloud computing security is developing at a rapid pace which includes co...

  5. Secure User Data in Cloud Computing using RSA Algorithm

    Sunny Behal

    2014-12-01

    Full Text Available Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services of the internet. Cloud computing provides customers the way to share distributed resources and services that belong to different organizations or sites. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This paper explores various security methods such as Access Control, Telecommunications and Network Security, Information security governance and risk management, Application Security, Security Architecture and Design, We proposed a method using RSA algorithm.

  6. 48 CFR 952.204-77 - Computer security.

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006)...

  7. SEED: A Suite of Instructional Laboratories for Computer Security Education

    Du, Wenliang; Wang, Ronghua

    2008-01-01

    The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

  8. Securing Embedded Smart Cameras with Trusted Computing

    Winkler Thomas

    2011-01-01

    Full Text Available Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only open new possibilities but also raise new challenges. Often overlooked are potential security issues of the camera system. The increasing amount of software running on the cameras turns them into attractive targets for attackers. Therefore, the protection of camera devices and delivered data is of critical importance. In this work we present an embedded camera prototype that uses Trusted Computing to provide security guarantees for streamed videos. With a hardware-based security solution, we ensure integrity, authenticity, and confidentiality of videos. Furthermore, we incorporate image timestamping, detection of platform reboots, and reporting of the system status. This work is not limited to theoretical considerations but also describes the implementation of a prototype system. Extensive evaluation results illustrate the practical feasibility of the approach.

  9. Computer-Aided Sensor Development Focused on Security Issues.

    Bialas, Andrzej

    2016-01-01

    The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

  10. On technical security issues in cloud computing

    Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils;

    2009-01-01

    The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality......, however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations. © 2009 IEEE....

  11. Flexible And Secure Access To Computing Clusters

    Jan Meizner

    2010-01-01

    Full Text Available The investigation presented in this paper was prompted by the need to provide a manageablesolution for secure access to computing clusters with a federated authentication framework.This requirement is especially important for scientists who need direct access to computingnodes in order to run their applications (e.g. chemical or medical simulations with proprietary,open-source or custom-developed software packages. Our existing software, whichenables non-Web clients to use Shibboleth-secured services, has been extended to providedirect SSH access to cluster nodes using the Linux Pluggable Authentication Modules mechanism.This allows Shibboleth users to run the required software on clusters. Validationand performance comparison with existing SSH authentication mechanisms confirm that thepresented tools satisfy the stated requirements.

  12. Cloud Computing Security Issues and Challenges

    Kuyoro S. O.; Ibikunle F; Awodele O

    2011-01-01

    Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services w...

  13. Towards Information Security Metrics Framework for Cloud Computing

    Muhammad Imran Tariq

    2012-10-01

    Full Text Available Cloud computing has recently emerged as new computing paradigm which basically aims to provide customized, reliable, dynamic services over the internet.  Cost and security are influential issues to deploy cloud computing in large enterprise.  Privacy and security are very important issues in terms of user trust and legal compliance. Information Security (IS metrics are best tool used to measure the efficiency, performance, effectiveness and impact of the security constraints. It is very hard issue to get maximum benefits from Information security metrics in cloud computing. The aim of this paper is to discuss security issues of cloud computing, and propose basic building blocks of information security metrics framework for cloud computing. This framework helps cloud users to create information security metrics, analyze cloud threats, processing on cloud threats to mitigate them and threat assessment

  14. Security Implications of Making Computing Resources Available via Computational Grids

    Adabala, Sumalatha; Butt, Ali Raza; Figueiredo, Renato J. J.; Kapadia, Nirav H.; Fortes, Jose A. B.

    2001-01-01

    This report inrvestigates the issues of securing access to computin,g resources in computation. al grids. Grid en,viron,men.ts are built orb top of platforms that corrtrol access to resources within a sin,gle adenin.istrative domairr, at the g.r-an,ular.ityo f a use,r. In wide-area multi-domain. grid en.viron,men.ts, the overhead of mainiainin,g user accounts is prohibitive, a.rad secu7.in,g access to resources via user accountability is impractical. Typically, these issues are han,dled by in...

  15. Immunity-based security architecture for active switch

    Jingsong, Pan

    2012-01-01

    This paper proposes one kind of active network security technique which combined artificial immune intrusion detection system (IDS) and firewall, it can omni-directional carry on protection to the computers and networks.

  16. An Overview of Computer Network security and Research Technology

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  17. Security Issues Associated with Big Data in Cloud Computing

    Venkata Narasimha Inukollu

    2014-06-01

    Full Text Available In this paper, we discuss security issues for cloud computing, Big data, Map Reduce and Hadoop environment. The main focus is on security issues in cloud computing that are associated with big data. Big data applications are a great benefit to organizations, business, companies and many large scale and small scale industries.We also discuss various possible solutions for the issues in cloud computing security and Hadoop. Cloud computing security is developing at a rapid pace which includes computer security, network security, information security, and data privacy. Cloud computing plays a very vital role in protecting data, applications and the related infrastructure with the help of policies, technologies, controls, and big data tools Moreover, cloud computing, big data and its applications, advantages are likely to represent the most promising new frontiers in science.

  18. Secure Two-Party Computational Geometry

    Shun-Dong Li; Yi-Qi Dai

    2005-01-01

    Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric problems, and in doing so a building block is developed,the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.

  19. Computer Network Security: Best Practices for Alberta School Jurisdictions.

    Alberta Dept. of Education, Edmonton.

    This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…

  20. An Overview Of The Security Concerns In Enterprise Cloud Computing

    Anthony Bisong; Rahman, Syed M.

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud comp...

  1. An Overview of the Security Concerns in Enterprise Cloud Computing

    Bisong, Anthony; Syed; Rahman, M.

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud co...

  2. Security in Cloud Computing : A Security Assessment of Cloud Computing Providers for an Online Receipt Storage

    Blakstad, Kåre Marius; Andreassen, Mats

    2010-01-01

    Considerations with regards to security issues and demands must be addressed before migrating an application into a cloud computing environment. Different vendors, Microsoft Azure, Amazon Web Services and Google AppEngine, provide different capabilities and solutions to the individual areas of concern presented by each application. Through a case study of an online receipt storage application from the company dSafe, a basis is formed for the evaluation. The three cloud computing vendors are a...

  3. Secure Multiparty Quantum Computation for Summation and Multiplication.

    Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

    2016-01-01

    As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics. PMID:26792197

  4. Computer security of NPP instrumentation and control systems: regulatory framework

    The paper examines the regulatory framework on computer security of NPP instrumentation and control systems (I and C) and presents the short overview of IAEA Nuclear Security Series. It considers the key reference manual from these series and draft new guide on NPP I and C computer security. The paper presents requirements for information and computer security of NPP I and C from the standards of the International Electrotechnical Commission (IEC) and, in particular, the standard regulating requirements for NPP I and C computer security program. Regulatory guide of the US Nuclear Regulatory Commission with requirements for computer security program of nuclear facilities has been analyzed. The research considers challenges of regulatory control in this area and defines tasks to improve regulatory framework on computer security at Ukrainian nuclear facilities.

  5. Modeling and performance evaluation of computer systems security operation

    Guster, D.; Krivulin, N. K.

    2012-01-01

    A model of computer system security operation is developed based on the fork-join queueing network formalism. We introduce a security operation performance measure, and show how it may be used to performance evaluation of actual systems.

  6. Restricted access processor - An application of computer security technology

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  7. Computer Security: is your code sane?

    Stefan Lueders, Computer Security Team

    2015-01-01

    How many of us write code? Software? Programs? Scripts? How many of us are properly trained in this and how well do we do it? Do we write functional, clean and correct code, without flaws, bugs and vulnerabilities*? In other words: are our codes sane?   Figuring out weaknesses is not that easy (see our quiz in an earlier Bulletin article). Therefore, in order to improve the sanity of your code, prevent common pit-falls, and avoid the bugs and vulnerabilities that can crash your code, or – worse – that can be misused and exploited by attackers, the CERN Computer Security team has reviewed its recommendations for checking the security compliance of your code. “Static Code Analysers” are stand-alone programs that can be run on top of your software stack, regardless of whether it uses Java, C/C++, Perl, PHP, Python, etc. These analysers identify weaknesses and inconsistencies including: employing undeclared variables; expressions resu...

  8. Computer Security: Your privacy at CERN matters

    Stefan Lueders, Computer Security Team

    2015-01-01

    Congrats to all those who spotted that our last contribution to the CERN Bulletin (“CERN Secure Password Competition” – see here) was an April Fools’ Day hoax. Of course, there is no review and no jury and there won’t be any competition. Consequently, we are sorry to say that we cannot announce any winners. The extension of the password history rule and the initiative of finding password duplicates are absolute nonsense too.   In fact, the Computer Security team, just like the CERN Account Management service, the Single Sign-On team and the ServiceDesk, does not know and has no need to know your password. Passwords are actually salted and hashed using the SHA256 cryptographic hash function. Thus, there is no literal password database and no way that anyone apart from you can know your password – unless you have given it away intentionally or inadvertently… Remember, your password is yours and only yours, so please do not...

  9. Computer Security: WWW censorship? Not at CERN

    Stefan Lueders, Computer Security Team

    2016-01-01

    Whoops! We received a number of critical responses to our previous article on the upcoming DNS firewall (“DNS to the rescue!” - see here). While they were mostly constructive, the main question was “How dare we censor Internet access?” Let us clarify this.   Computer security at CERN must always find the right balance between CERN’s academic environment, its operations and security itself. Of course we can easily overdo it one way or another, but that would kill our academic freedom and bring the Organization to a halt. That certainly isn’t in our interest. On the other hand, CERN is permanently under attack and we have to do everything possible to ensure that those attacks are kept at bay. Otherwise they could impact CERN’s operations… So, have we found the right balance? Concerning access to the Internet and in particular to the web, we have not and will not block random websites because of their content unless &a...

  10. Computer Security: The dilemma of fractal defence

    Stefan Lueders, Computer Security Team

    2015-01-01

    Aren’t mathematical fractals just beautiful? The Mandelbrot set and the Julia set, the Sierpinski gasket, the Menger sponge, the Koch curve (see here)… Based on very simple mathematical rules, they quickly develop into a mosaic of facets slightly different from each other. More and more features appear the closer you zoom into a fractal and expose similar but not identical features of the overall picture.   Computer security is like these fractals, only much less pretty: simple at first glance, but increasingly complex and complicated when you look more closely at the details. The deeper you dig, the more and more possibilities open up for malicious people as the attack surface grows, just like that of “Koch’s snowflakes”, where the border length grows exponentially. Consequently, the defensive perimeter also increases when we follow the bits and bytes layer by layer from their processing in the CPU, trickling up the software stack thro...

  11. Java Parallel Secure Stream for Grid Computing

    JieChen; WaltAkers; 等

    2001-01-01

    The emergence of high speed wide area networks makes grid computing a reality.However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to metwork tuning of TCP window size to imporvethe bandwidth and to reduce latency on a high speed wide area network.This paper presents a pure Java package called JPARSS(java Parallel Secure Stream) that divides data into partitions that are sent over several parallel Java Streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a gird environment without the necessity of tuning the TCP window size.Several experimental results are provided to show that using parallel stream is more effective than tuning TCP window size.In addition X.509 certificate based single sign-on mechanism and SSL based connection establishment are integrated into this package ,Finally a few applications using this package will be discussed.

  12. Java parallel secure stream for grid computing

    The emergence of high speed wide area networks makes grid computing a reality. However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to network tuning of TCP window size to improve the bandwidth and to reduce latency on a high speed wide area network. The authors present a pure Java package called JPARSS (Java Parallel Secure Stream) that divides data into partitions that are sent over several parallel Java streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a gird environment without the necessity of tuning the TCP window size. Several experimental results are provided to show that using parallel stream is more effective than tuning TCP window size. In addition X.509 certificate based single sign-on mechanism and SSL based connection establishment are integrated into this package. Finally a few applications using this package will be discussed

  13. Teaching Objectives of a Simulation Game for Computer Security

    Irvine, Cynthia E.; Thompson, Michael

    2003-01-01

    This paper describes a computer simulation game being developed to teach computer security principles. The player of the game constructs computer networks and makes choices affecting the ability of these networks and the game's virtual users to protect valuable assets from attack by both vandals and well-motivated professionals. The game introduces the player to the need for well formed information security policies, allowing the player to deploy a variety of means to enforce security policie...

  14. CONSIDERATIONS ABOUT COMPUTER NETWORKS SECURITY UNDER VARIOUS OPERATING SYSTEMS

    Nicolae Radu MARSANU; Claudiu SICHITIU; George SICHITIU

    2010-01-01

    Importance of security issues in computer networks has increased with the expansion of electronic data processing and transmission via the network. When operating on confidential information, it is important that the benefits of sharing and communication of a computer network to be supported by substantial security facilities. This is essential given that computer networks have come to be used including the development of banking, shopping or fees. Following the implementation of security mec...

  15. A Security Kernel Architecture Based Trusted Computing Platform

    CHEN You-lei; SHEN Chang-xiang

    2005-01-01

    A security kernel architecture built on trusted computing platform in the light of thinking about trusted computing is presented. According to this architecture, a new security module TCB (Trusted Computing Base) is added to the operation system kernel and two operation interface modes are provided for the sake of self-protection. The security kernel is divided into two parts and trusted mechanism is separated from security functionality. The TCB module implements the trusted mechanism such as measurement and attestation,while the other components of security kernel provide security functionality based on these mechanisms. This architecture takes full advantage of functions provided by trusted platform and clearly defines the security perimeter of TCB so as to assure self-security from architectural vision. We also present function description of TCB and discuss the strengths and limitations comparing with other related researches.

  16. Nomadic Computing : Security assessment of remote access to workplace systems

    Karlsson, Johanna

    2003-01-01

    Nomadic computing is about communication on an anytime anywhere basis. Security in this area is today not high enough and at the same time nomadic computing is increasing. In this thesis, security in the area of nomadic computing and remote access to company systems is assessed. The purpose is to investigate the security in this area today but also in the future in order to answer the main question of how and when secure nomadic computing can be offered. For this purpose a futuristic scenario...

  17. An Overview Of The Security Concerns In Enterprise Cloud Computing

    Anthony Bisong

    2011-01-01

    Full Text Available Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risksand protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  18. An Overview of the Security Concerns in Enterprise Cloud Computing

    Bisong, Anthony; Rahman, M; 10.5121/ijnsa.2011.3103

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  19. Computer Security: oops, there it goes...

    Stefan Lueders, Computer Security Team

    2015-01-01

    Do you love riddles, hide and seek or picture puzzles a la “Where’s Wally”? Then take a look at the photo below, and try to spot the error.   It is hard to spot: the yellow sticker on the computer screen shows a password providing access to the web application running on the screen. Surprising! Fortunately, this sticker was quickly removed by the corresponding system owners and the password changed. However, we can all make improvements: passwords must never be written down and definitely not on stickers attached to screens, keyboards, or desks. Remember: your password is your “toothbrush” - a toothbrush you do not share and you change regularly. Neither your colleagues, your supervisor, the Service Desk or the Computer Security Team have any valid reason to ask for it. They should not and will never do so. The same is valid for any external company: UBS, Paypal, Amazon, Facebook or Google will never ask you for your pass...

  20. Computer Security: in the name of CERN

    Stefan Lueders, Computer Security Team

    2015-01-01

    This summer, the American/Canadian dating website Ashley Madison was successfully compromised by a group of hackers (see here) who subsequently published tons of confidential information: addresses, dates of birth, e-mail addresses, ethnicities, genders, names, passwords, payment histories, phone numbers, security questions, sexual preferences, usernames and website activity.   Initially, these attackers blackmailed Ashley Madison and requested that the service be shut down. Later, however, they just made their stolen data public on the Internet. More than 30 million unique e-mail addresses – a hallelujah for miscreants. What can they do with this data? One possibility is blackmailing the people whose e-mail addresses were exposed by threatening to tell their spouses (“Pay me X bitcoins or I will tell your spouse that you are looking for a date!”). Another is targeting those people who have registered with their company e-...

  1. A Novel Open Security Framework for Cloud Computing

    Devki Gaurav Pal

    2012-06-01

    Full Text Available The evolution of cloud computing enables organizations to reduce their expenditure on IT infrastructure and is advantageous to both the serving and served organizations. But security issue is major concern in adoption of cloud. This paper focuses on the problem of lack of security considerations in Service Level Agreements and top security threats and vulnerability which are suggested by security experts. The Security framework for end to end security in cloud computing has also been proposed in the present work. This paper also draws attention on need of Open Security Framework. Proposed framework is developed by collective participation of security experts, practitioners, Cloud Service Providers and Clients. It is in line with various government policies, legislation and standards like ISO 27000 series, SOX, HIPPA, COBIT, ITIL etc. to comply with them. This step will boost mutual trust and privacy of participants.

  2. Secure system design and trustable computing

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  3. Implementation of computer security at nuclear facilities in Germany

    Lochthofen, Andre; Sommer, Dagmar [Gesellschaft fuer Anlagen- und Reaktorsicherheit mbH (GRS), Koeln (Germany)

    2013-07-01

    In recent years, electrical and I and C components in nuclear power plants (NPPs) were replaced by software-based components. Due to the increased number of software-based systems also the threat of malevolent interferences and cyber-attacks on NPPs has increased. In order to maintain nuclear security, conventional physical protection measures and protection measures in the field of computer security have to be implemented. Therefore, the existing security management process of the NPPs has to be expanded to computer security aspects. In this paper, we give an overview of computer security requirements for German NPPs. Furthermore, some examples for the implementation of computer security projects based on a GRS-best-practice-approach are shown. (orig.)

  4. Deliberate Secure Grid Computing Blueprint Design in Indian Context

    Sanjeev Puri

    2012-06-01

    Full Text Available The novel concept of grid computing, clusters of computational power is constructed from a network of many small and widespread different computers servers or workstations into a single resource. We now proceed to translate the grid security problem into specific grid security requirements. The purpose of Grid technologies is to support the secure sharing and scalable coordinated use of diverse resources in dynamic, distributed VOs. We propose a secure blueprint design for grid systems that addresses requirements for single sign-on, interoperability with local policies of any grid city of India, with dynamically varying resource demands.

  5. Modeling Computational Security in Long-Lived Systems

    Canetti, Ran; Cheung, Ling; Kaynar, Dilsun; Lynch, Nancy; Pereira, Olivier

    2009-01-01

    For many cryptographic protocols, security relies on the assumption that adversarial entities have limited computational power. This type of security degrades progressively over the lifetime of a protocol. However, some cryptographic services, such as timestamping services or digital archives, are emph{long-lived} in nature; they are expected to be secure and operational for a very long time (ie super-polynomial). In such cases, security cannot be guaranteed in the traditi...

  6. A Novel Cloud Computing Algorithm of Security and Privacy

    Chih-Yung Chen

    2013-01-01

    Full Text Available The emergence of cloud computing has simplified the flow of large-scale deployment distributed system of software suppliers; when issuing respective application programs in a sharing clouds service to different user, the management of material becomes more complex. Therefore, in multitype clouds service of trust environment, when enterprises face cloud computing, what most worries is the issue of security, but individual users are worried whether the privacy material will have an outflow risk. This research has mainly analyzed several different construction patterns of cloud computing, and quite relevant case in the deployment construction security of cloud computing by fit and unfit quality, and proposed finally an optimization safe deployment construction of cloud computing and security mechanism of material protection calculating method, namely, Global Authentication Register System (GARS, to reduce cloud material outflow risk. We implemented a system simulation to test the GARS algorithm of availability, security and performance. By experimental data analysis, the solutions of cloud computing security, and privacy derived from the research can be effective protection in cloud information security. Moreover, we have proposed cloud computing in the information security-related proposals that would provide related units for the development of cloud computing security practice.

  7. Computer Security: “New_invoice.zip”

    Stefan Lueders, Computer Security Team

    2015-01-01

    Thanks for reading this. But I wonder, what do you expect? Why did this generic title catch your interest? Of course, you might read our articles on a regular basis and it is the “Computer Security:” that brought you here. But still, was there anything else? You should stop reading here... unless you believe this text is meant for you. Or if you are curious. Or if you expect to learn something. Actually, that’s it. “New_invoice.zip” taught more than 40 people at CERN a lesson... the hard way.   “New_invoice.zip” was the name of an attachment to a rather blunt e-mail sent directly to many of our dear colleagues. Others received the e-mail via mailing lists like “it-dep”. The subject of the mail was “invoice” and its message read “Check the document” (see Image 1). The recipient list was vast and full of many different, not necessarily connected names. Clicking on t...

  8. Practical Secure Computation with Pre-Processing

    Zakarias, Rasmus Winther

    2016-01-01

    , communicating O(n log∗ n) ele- ments in the small field and performing O(n log n log log n) operations on small field elements. The fourth main result of the dissertation is a generic and efficient protocol for proving knowledge of a witness for circuit satisfiability in Zero-Knowledge. We prove our......Secure Multiparty Computation has been divided between protocols best suited for binary circuits and protocols best suited for arithmetic circuits. With their MiniMac protocol in [DZ13], Damgård and Zakarias take an important step towards bridging these worlds with an arithmetic protocol tuned for...... yields an astonishing fast evaluation per AES block of 400μs = 400 ∗ 10−6 seconds. Our techniques focus on AES but work in general. In particular we reduce round complexity of the protocol using oblivious table lookup to take care of the non-linear parts. At first glance one might expect table lookup to...

  9. Machine Learning Methods for Computer Security (Dagstuhl Perspectives Workshop 12371)

    Joseph, Anthony D.; Laskov, Pavel; Roli, Fabio; Tygar, J. Doug; Nelson, Blaine

    2013-01-01

    The study of learning in adversarial environments is an emerging discipline at the juncture between machine learning and computer security. The interest in learning-based methods for security- and system-design applications comes from the high degree of complexity of phenomena underlying the security and reliability of computer systems. As it becomes increasingly difficult to reach the desired properties solely using statically designed mechanisms, learning methods are being used more and mor...

  10. Computer Security and the Data Encryption Standard. Proceedings of the Conference on Computer Security and the Data Encryption Standard.

    Branstad, Dennis K., Ed.

    The 15 papers and summaries of presentations in this collection provide technical information and guidance offered by representatives from federal agencies and private industry. Topics discussed include physical security, risk assessment, software security, computer network security, and applications and implementation of the Data Encryption…

  11. Food Security Strategy Based on Computer Innovation

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  12. Practical and Secure Outsourcing of Linear Programming in Cloud Computing

    K. Jaya Santhosh, S. Reshma

    2012-01-01

    Despite the tremendous benefits in CloudComputing, security is the primary obstacle, especially forcustomers when their confidential data are consumed andproduced during the computation. Treating the cloud as anintrinsically insecure computing platform from theviewpoint of the cloud customers, we must designmechanisms that not only protect sensitive information byenabling computations with encrypted data, but also protectcustomers from malicious behaviors by enabling thevalidation of computat...

  13. On the Power of Correlated Randomness in Secure Computation

    Ishai, Yuval; Kushilevitz, Eyal; Meldgaard, Sigurd Torkel;

    2013-01-01

    positive and negative results on unconditionally secure computation with correlated randomness. Concretely, we obtain the following results. Minimizing communication. Any multiparty functionality can be realized, with perfect security against semi-honest parties or statistical security against malicious......We investigate the extent to which correlated secret randomness can help in secure computation with no honest majority. It is known that correlated randomness can be used to evaluate any circuit of size s with perfect security against semi-honest parties or statistical security against malicious...... parties, where the communication complexity grows linearly with s. This leaves open two natural questions: (1) Can the communication complexity be made independent of the circuit size? (2) Is it possible to obtain perfect security against malicious parties? We settle the above questions, obtaining both...

  14. Peer-to-Peer Secure Multi-Party Numerical Computation

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2008-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and numerous other tasks, where the computing nodes would like to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we examine several possible approaches and discuss their feasibility. Among the possible approaches, we identify a single approach which is both scalable and theoretically secure. An additional novel contribution is that we show how to compute the neighborhood based collaborative filtering, a state-of-the-art collaborative filtering algorithm, winner of the Netflix progress ...

  15. Secure User Data in Cloud Computing using RSA Algorithm

    Sunny Behal

    2014-01-01

    Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services of the internet. Cloud computing provides customers the way to share distributed resources and services that belong to different organizations or sites. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This paper explores various security methods su...

  16. The importance of trust in computer security

    Jensen, Christian D.

    2014-01-01

    fail. In particular, we identify areas where the “hard” security properties are based on trust in the different agents in the system and certain external agents who enforce the legislative and contractual frameworks. Trust is generally considered a “soft” security property, so building a “hard...

  17. Food Security Strategy Based on Computer Innovation

    Ruihui Mu

    2015-04-01

    Full Text Available Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control strategy, when the issue of marketing and business strategy is very important. The results of this study also demonstrated the relationship between reward and food security strategies. Interview analysis showed that the attitude of senior management in the hotel's food security policy, the company's ability to significantly dependent on the corporate image.

  18. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Yi Sun; Qiaoyan Wen; Yudong Zhang; Hua Zhang; Zhengping Jin; Wenmin Li

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following th...

  19. Security Implications of Typical Grid Computing Usage Scenarios

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing

  20. A Distributed k-Secure Sum Protocol for Secure Multi-Party Computations

    Sheikh, Rashid; Mishra, Durgesh Kumar

    2010-01-01

    Secure sum computation of private data inputs is an interesting example of Secure Multiparty Computation (SMC) which has attracted many researchers to devise secure protocols with lower probability of data leakage. In this paper, we provide a novel protocol to compute the sum of individual data inputs with zero probability of data leakage when two neighbor parties collude to know the data of a middle party. We break the data block of each party into number of segments and redistribute the segments among parties before the computation. These entire steps create a scenario in which it becomes impossible for semi honest parties to know the private data of some other party.

  1. Robust Security System for Critical Computers

    Preet Inder Singh

    2012-06-01

    Full Text Available Among the various means of available resource protection including biometrics, password based system is most simple, user friendly, cost effective and commonly used, but this system having high sensitivity with attacks. Most of the advanced methods for authentication based on password encrypt the contents of password before storing or transmitting in physical domain. But all conventional cryptographic based encryption methods are having its own limitations, generally either in terms of complexity, efficiency or in terms of security. In this paper a simple method is developed that provide more secure and efficient means of authentication, at the same time simple in design for critical systems. Apart from protection, a step toward perfect security has taken by adding the feature of intruder detection along with the protection system. This is possible by merging various security systems with each other i.e password based security with keystroke dynamic, thumb impression with retina scan associated with the users. This new method is centrally based on user behavior and users related security system, which provides the robust security to the critical systems with intruder detection facilities.

  2. Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

    Tompkins, F. G.

    1983-01-01

    The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

  3. Security Framework for Agent-Based Cloud Computing

    K Venkateshwaran

    2015-06-01

    Full Text Available Agent can play a key role in bringing suitable cloud services to the customer based on their requirements. In agent based cloud computing, agent does negotiation, coordination, cooperation and collaboration on behalf of the customer to make the decisions in efficient manner. However the agent based cloud computing have some security issues like (a. addition of malicious agent in the cloud environment which could demolish the process by attacking other agents, (b. denial of service by creating flooding attacks on other involved agents. (c. Some of the exceptions in the agent interaction protocol such as Not-Understood and Cancel_Meta protocol can be misused and may lead to terminating the connection of all the other agents participating in the negotiating services. Also, this paper proposes algorithms to solve these issues to ensure that there will be no intervention of any malicious activities during the agent interaction.

  4. Position paper on active countermeasures for computer networks.

    Van Randwyk, Jamie A.

    2003-07-01

    Computer security professionals have used passive network countermeasures for several years in order to secure computer networks. Passive countermeasures such as firewalls and intrusion detection systems are effective but their use alone is not enough to protect a network. Active countermeasures offer new ways of protecting a computer network. Corporations and government entities should adopt active network countermeasures as a means of protecting their computer networks.

  5. A survey on top security threats in cloud computing

    Muhammad Kazim

    2015-03-01

    Full Text Available Cloud computing enables the sharing of resources such as storage, network, applications and software through internet. Cloud users can lease multiple resources according to their requirements, and pay only for the services they use. However, despite all cloud benefits there are many security concerns related to hardware, virtualization, network, data and service providers that act as a significant barrier in the adoption of cloud in the IT industry. In this paper, we survey the top security concerns related to cloud computing. For each of these security threats we describe, i how it can be used to exploit cloud components and its effect on cloud entities such as providers and users, and ii the security solutions that must be taken to prevent these threats. These solutions include the security techniques from existing literature as well as the best security practices that must be followed by cloud administrators.

  6. Composable security of measuring-Alice blind quantum computation

    Morimae, Tomoyuki; Koshiba, Takeshi

    2013-01-01

    Blind quantum computing [A. Broadbent, J. Fitzsimons, and E. Kashefi, Proceedings of the 50th Annual IEEE Symposium on Foundations of Computer Science 517 (2009)] is a secure cloud quantum computing protocol which enables a client (who does not have enough quantum technology at her disposal) to delegate her quantum computation to a server (who has a universal quantum computer) without leaking any relevant information to the server. In [T. Morimae and K. Fujii, Phys. Rev. A {\\bf87}, 050301(R) ...

  7. A REVIEW ON SECURED CLOUD COMPUTING ENVIRONMENT

    M. Hemanth Chakravarthy; E. Kannan

    2014-01-01

    Nowadays, the scientific problem becomes very complex; therefore, it requires more computing power and storage space. These requirements are very common in an organization while dealing with current technological data and requirements. Based on these basic requirements, need of higher computational resources is an important issue when dealing with current technological methodology. Hence, cloud computing has become the most important computing paradigm of recent world. The cloud computing is ...

  8. A Survey on Cloud Computing Security

    Modares, Hero; Salleh, Rosli; Moravejosharieh, Amirhosein; Keshavarz, Hassan; Shahgoli, Majid Talebi

    2012-01-01

    Computation encounter the new approach of cloud computing which maybe keeps the world and possibly can prepare all the human's necessities. In other words, cloud computing is the subsequent regular step in the evolution of on-demand information technology services and products. The Cloud is a metaphor for the Internet and is a concept for the covered complicated infrastructure; it also depends on sketching in computer network diagrams. In this paper we will focus on concept of cloud computing...

  9. Computer Security: Cryptography and authentication (2/4)

    CERN. Geneva

    2012-01-01

    Remi Mollon studied computer security at University and he first worked on Grids, with the EGEE project, for a French Bioinformatics institute. Information security being crucial in that field, he developed an encrypted file management system on top of Grid middleware, and he contributed in integrating legacy applications with Grids. Then, he was hired by CERN as a Grid Data Management developer, and he joined the Grid Operational Security Coordination Team. Remi has now moved to CERN Computer Security Team. Remi is involved in the daily security operations, in addition to be responsible to design Team's computer infrastructure, and to participate to several projects, like multi-factor authentication at CERN. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have s...

  10. Security Issues Model on Cloud Computing: A Case of Malaysia

    Komeil Raisian; Jamaiah Yahaya

    2015-01-01

    By developing the cloud computing, viewpoint of many people regarding the infrastructure architectures, software distribution and improvement model changed significantly. Cloud computing associates with the pioneering deployment architecture, which could be done through grid calculating, effectiveness calculating and autonomic calculating. The fast transition towards that, has increased the worries regarding a critical issue for the effective transition of cloud computing. From the security v...

  11. Analysis on Cloud Computing Information Security Problems and the Countermeasures

    2012-01-01

    Cloud computing is one of the most popular terms in the present IT industry, as well as one of the most prosperous technology. This paper introduces the concept, principle and characteristics of cloud computing, analyzes information security problems resulted from cloud computing, and puts forward corresponding solutions.

  12. Securing the Data Storage and Processing in Cloud Computing Environment

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  13. Optimizing security of cloud computing within the DoD

    Antedomenico, Noemi

    2010-01-01

    What countermeasures best strengthen the confidentiality, integrity and availability (CIA) of the implementation of cloud computing within the DoD? This question will be answered by analyzing threats and countermeasures within the context of the ten domains comprising the Certified Information System Security Professional (CISSP) Common Body of Knowledge (CBK). The ten domains that will be used in this analysis include access control; telecommunications and network security; information secur...

  14. Computer Security: a Survey of Methods and Systems

    Yampolskiy, Roman V.; Venu Govindaraju

    2007-01-01

    In this work we have reviewed studies which survey all aspects of computer security including attackers and attacks, software bugs and viruses as well as different intrusion detection systems and ways to evaluate such systems. The aim was to develop a survey of security related issues which would provide adequate information and advice to newcomers to the field as well as a good reference guide for security professionals.

  15. Constant-overhead secure computation of Boolean circuits using preprocessing

    Damgård, Ivan Bjerre; Zakarias, S.

    2013-01-01

    We present a protocol for securely computing a Boolean circuit C in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming a preprocessing functionality that is not given the inputs. For a large number of players the work for each player is the same as...

  16. Telecommunications Policy Research Conference. Computer and Communications Security Section. Papers.

    Telecommunications Policy Research Conference, Inc., Washington, DC.

    In his paper, "European Needs and Attitudes towards Information Security," Richard I. Polis notes that the needs for security in computer systems, telecommunications, and media are rather uniform throughout Western Europe, and are seen as being significantly different from the needs in the United States. Recognition of these needs is, however,…

  17. A SECURE KEY COMPUTATION PROTOCOL FOR SECURE GROUP COMMUNICATION WITH PASSWORD BASED AUTHENTICATION

    Velumadhava Rao R

    2013-02-01

    Full Text Available Providing security in group communication is more essential in this new network environment. Authentication and Confidentiality are the major concerns in secure group communication. Our proposed approach uses an authenticated group key transfer protocol that relies on trusted key generation center (KGC. KGC computes group pair for each individual and transport the pair of values to all group members in a secured manner. Password based authentication mechanism is used to avoid the illegal member access in a group Also, the proposed approach facilitates efficient key computation technique such that only authorized group members will be able to computer and retrieve the secret key and unauthorized members cannot retrieve the key. The proposed algorithm is more efficient and relies on NP class. In addition, the distribution of key is also safe and secure. Moreover, the pair generated for the computation of key is also very strong since the cryptographic techniques are used which provides efficient computation.

  18. Effective Ways of Secure, Private and Trusted Cloud Computing

    Kumar, Pardeep; Chauhan, Durg Singh; Gupta, P K; Diwakar, Manoj

    2011-01-01

    Cloud computing is an Internet-based computing, where shared resources, software and information, are provided to computers and devices on-demand. It provides people the way to share distributed resources and services that belong to different organization. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. In this paper we assess how can cloud providers earn their customers' trust and provide the security, privacy and reliability, when a third party is processing sensitive data in a remote machine located in various countries? A concept of utility cloud has been represented to provide the various services to the users. Emerging technologies can help address the challenges of Security, Privacy and Trust in cloud computing.

  19. Effective Ways of Secure Private and Trusted Cloud Computing

    Pardeep Kumar

    2011-05-01

    Full Text Available Cloud computing is an Internet-based computing, where shared resources, software and information, are provided to computers and devices on-demand. It provides people the way to share distributed resources and services that belong to different organization. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. In this paper we assess how can cloud providers earn their customers' trust and provide the security, privacy and reliability, when a third party is processing sensitive data in a remote machine located in various countries? A concept of utility cloud has been represented to provide the various services to the users. Emerging technologies can help address the challenges of Security, Privacy and Trust in cloud computing.

  20. A Compendium Over Cloud Computing Cryptographic Algorithms and Security Issues

    Neha Mishra

    2015-01-01

    Full Text Available Cloud computing is an emerging and revolutionary approach towards the computing and becoming more risk prone than ever before. It is an evolutionary approach of using resources and services on demand and as per need of consumers. Cloud computing providing a platform rose on the Internet for usage of IT services and flexible infrastructure to the consumers and business. Deployment and management of services or resources are maintained by the third party. Whereas there are innumerable advantages to approaching the cloud computing, it also contains various issues such as confidentiality, Integrity, Authenticity and Privacy. One of the prominent barrier to adopt the cloud computing is security. This paper comprises the elaborated study on various security issues allied to cloud computing are presented by consolidating literature reviews on cryptographic algorithms used for data security.

  1. Cloud Computing Security Latest Issues amp Countermeasures

    Shelveen Pandey; Mohammed Farik

    2015-01-01

    Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shar...

  2. Using Binary Code Instrumentation in Computer Security

    Marius POPA

    2013-01-01

    Full Text Available The paper approaches the low-level details of the code generated by compilers whose format permits outside actions. Binary code modifications are manually done when the internal format is known and understood, or automatically by certain tools developed to process the binary code. The binary code instrumentation goals may be various from security increasing and bug fixing to development of malicious software. The paper highlights the binary code instrumentation techniques by code injection to increase the security and reliability of a software application. Also, the paper offers examples for binary code formats understanding and how the binary code injection may be applied.

  3. Secure Two-Party Computation with Low Communication

    Damgård, Ivan Bjerre; Faust, Sebastian; Hazay, Carmit

    2011-01-01

    We propose a 2-party UC-secure computation protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic...... based on the knowledge of exponent in an RSA group, and build succinct zero-knowledge arguments in the CRS model....

  4. SECURED SMART SYSTEM DESING IN PERVASIVE COMPUTING ENVIRONMENT USING VCS

    M.Varaprasad Rao; Prof N Ch Bharta Chryulu

    2015-01-01

    Ubiquitous Computing uses mobile phones or tiny devices for application development with sensors embedded in mobile phones. The information generated by these devices is a big task in collection and storage. For further, the data transmission to the intended destination is delay tolerant. In this paper, we made an attempt to propose a new security algorithm for providing security to Pervasive Computing Environment (PCE) system using Public-key Encryption (PKE) algorithm, Biometric...

  5. Computer Security: Bye, Bye, Windows XP security... Welcome infections!

    Computer Security Team

    2014-01-01

    Rest in peace, Windows XP. Since your birth on 25 October 2001, you have struggled hard to survive this harsh Internet world. You fell prey to “Melissa”, “Sasser” and “Conficker”, and brought CERN its last large-scale infection with “Blaster” in 2004.    After being upgraded to “SP2”, you discovered software development lifecycles, regular “Patch Tuesdays” and a local firewall that rejected everything by default. In the end, you outlived your weird brother “Vista” and survived as the ugly duckling cousin to the beautiful Mr. Mac. But all your ups and downs are over now. On 8 April 2014, you were given your very last security updates. These life-sustaining measures will be stopped now. Game over. From now on, you are a zombie: presumed dead, but still kept running by your master/owner/user. They might not even understand that you now pose a risk ...

  6. Auditing cloud computing a security and privacy guide

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  7. Strategies for safeguarding security of mobile computing.

    Green, Hays

    2013-02-01

    An effective mobile health strategy should comprise, in the very least, six key steps: Conduct a mobile security risk assessment. Establish policies and procedures. Develop a training program. Implement measures to prevent unauthorized access. Perform a clinical workflow analysis. Establish the organization's approach for responding to a breach. PMID:23413675

  8. Collaboration using roles. [in computer network security

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  9. An Improved Grid Security Infrastructure by Trusted Computing

    YAN Fei; ZHANG Huanguo; SUN Qi; SHEN Zhidong; ZHANG Liqiang; QIANG Weizhong

    2006-01-01

    Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.

  10. Concept of private detective and security activity

    Alexey Yu. Ogurtsov

    2011-01-01

    Having analyzed the notions contents, the author has singled out three basic criteria, characterizing private detective and security activity under Russian legislation: provision of services for a fee; service provider must have the special permission (license) from law enforcement agencies.

  11. Computer Security: one click and BOOM…

    Stefan Lueders, Computer Security Team

    2016-01-01

    Browsing the World Wide Web is not as easy as it seems… One wrong click and all your passwords (CERN, Facebook, PayPal, Amazon, etc.) could be stolen; all your activities could be clandestinely monitored (mouse movements and clicks, words typed, screenshots, microphone and webcam recordings, etc.); confidential documents could be stolen; and an attack path (a so-called back-door) into CERN could be opened…    As a result, you would have to reinstall your computer from scratch and change all your passwords! One of our colleagues learned this the hard way. One wrong click in summer 2015 permitted malicious attackers to infiltrate CERN but, fortunately, no real damage was done. Still, the cost of investigating the incident ran to several tens of thousands of Swiss francs and a lot of time was wasted trying to understand the attacker’s intent and the extent of the infiltration... With the goal of increasing more awareness of the risk of clicking on li...

  12. Security prospects through cloud computing by adopting multiple clouds

    Jensen, Meiko; Schwenk, Jörg; Bohli, Jens Matthias;

    2011-01-01

    Clouds impose new security challenges, which are amongst the biggest obstacles when considering the usage of cloud services. This triggered a lot of research activities in this direction, resulting in a quantity of proposals targeting the various security threats. Besides the security issues coming...... with the cloud paradigm, it can also provide a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the...

  13. Secure Two-Party Computation with Low Communication

    Damgård, Ivan Bjerre; Kölker, Jonas; Faust, Sebastian;

    2012-01-01

    We propose a 2-party UC-secure protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic in the size...... of the circuit. This implies, for instance, delegatable computation that requires no expensive off-line phase and remains secure even if the server learns whether the client accepts its results. To achieve this, we define two new notions of extractable hash functions, propose an instantiation based...

  14. On Some Security Issues in Pervasive Computing - Light Weight Cryptography

    Rukma Rekha N

    2012-02-01

    Full Text Available Pervasive Computing Environment is a world where technologies fadeout into the background. The technology is invisible to the user and he is least distracted by the technology. This paper tries to focus on the issues of pervasive computing and reveals the security issues in pervasive computing. We try to find out the role of light weight cryptography in pervasive computing and a comparison between traditional and light weight cryptographic approaches was made.

  15. Attacks on Computer Network and Corresponding Security Measures

    Gajanan D. Kurundkar; Quadri M.N; Dr.Santosh D. Khamitkar

    2010-01-01

    Computer security means action of preventing and detecting unconstitutional use of your computer. Prevention measures help you to stop "intruders" from accessing any part of your computer system. With the free flow of routing data and the high availability of computer resources, possible threats to the networks can result in loss of privacy and in spiteful use of information or resources that can eventually lead to large financial losses. Detection helps you to determine whether or not someon...

  16. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  17. Current Cloud Computing Security Concerns from Consumer Perspective

    Hafiz Gulfam Ahmad; Zeeshan Ahmad

    2013-01-01

    In recent years cloud computing is the subject of extensive research in the emerging field of information technology and has become a promising business.The reason behind this widespread interest is its abilityto increase the capacity and capability of enterprises,having no investment for new infrastructure,no software license requirement and no need of any training. Security concern is the main limitation factor in the growth of this new born technology.The secur-ity responsibilities of both,the provider and the consumer greatly differ between cloud service models.In this paper we discuss a variety of security risks,authentication issues,trust,and legal regularity in cloud environment with consumer perspective.Early research focused only on techni-cal and business consequences of cloud computing and ignored consumer perspective.There-fore,this paper discusses the consumer security and privacy preferences.

  18. OS friendly microprocessor architecture: Hardware level computer security

    Jungwirth, Patrick; La Fratta, Patrick

    2016-05-01

    We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

  19. Privacy and Security issues in Cloud Computing

    Anita Kumari Nanda , Brojo Kishore Mishra

    2012-01-01

    “Cloud computing” – a relatively recent term, defines the paths ahead in computer science world. Being built on decades of research it utilizes all recent achievements in virtualization, distributed computing, utility computing, and networking. It implies a service oriented architecture through offering software and platforms as services, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on demand services and many other things. Sec...

  20. Security Scheme and Its Application towards Vehicular Computing

    Maria baby

    2014-04-01

    Full Text Available Cloud computing is a colloquial expression used to describe a variety of different types of computing that involves a large number of computers that are connected through real time communication network. Cloud computing is a ability to run a program on many connected computers at the same time. Another technology VANET uses moving car as nodes in a network to create a mobile network, allowing a car approximately 100 to 300 meters each other to connectand in turn, create a network with a wide range. Vehicular Computing is a similar toVANET, which have 2 types: infrastructure based VCand autonomous VC. This work is using infrastructure based VC; drivers will be able to access services by network communications involving the roadside infrastructure. Security challenges, which provides the most extensive analysis of the document in the public arena. Although security issues have received attention in cloud computing and vehicular network and identify security challenges that are specific to VCs. E.g.: challenges interface, tangled identifies and locations and the complexity of establishing trust relationships among multiple players caused by intermittent short- range communications. We provide a privacy and security in cloud computing in this paper for vehicular computing

  1. Computer Security: improve software, avoid blunder

    Computer Security Team

    2014-01-01

    Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

  2. Security and Fault aware Scheduling in Computational Grid

    Mansour Noshfar

    2013-09-01

    Full Text Available Grid Computation is an issue that has received much attention from researchers in recent years. Its aim is to use the computational power of idle resources which have been distributed in different places and under different policies and security conditions. Therefore, one of the challenges facing this technology is the issue of security of jobs and the computational sites. Distributed jobs in computational sites may become problematic due to some infections and malwares. As a result, the risks and security levels should be considered; computing resources must be evaluated by resource owners for task execution, and scheduling should be based on requested users' security levels. This is the matter that has been ignored in the previous scheduling algorithms, which leads to waste of time and overhead. In this paper, a new method based on a combination of Genetic and Imperialism Competitive algorithm is presented to implement a security-aware scheduling and failure algorithm. The proposed method is compared with the previous methods such as Min-Min, Suffrage and genetic algorithms, has become near optimal and led to reduce the overhead caused by violation of security conditions. Additionally, Due to the usage of fault tolerance mechanisms, the performance of these mechanisms has been evaluated and it was found that the replication mechanism had the lowest failure rate and the check point mechanism had a direct effect on the performance and it should be fully supervised and be smart.

  3. CYBER FORENSICS: COMPUTER SECURITY AND INCIDENTRESPONSE

    Virginiah Sekgwathe; Mohammad Talib

    2012-01-01

    The intensification of Information and Communications Technology usage in all facets of life exceedingly amplify the incidents of information security policy breaches, cyber crimes, fraud, commercial crimes, cyber laundering etc, hence require a well developed approach to tackle these incidents in order to realize legally defensible digital evidence. Since electronic evidence is fragile and can easily be modified, finding this data, collecting, preserving, and presenting it properly in a cour...

  4. Using Binary Code Instrumentation in Computer Security

    Marius POPA; Sergiu Marin CAPISIZU

    2013-01-01

    The paper approaches the low-level details of the code generated by compilers whose format permits outside actions. Binary code modifications are manually done when the internal format is known and understood, or automatically by certain tools developed to process the binary code. The binary code instrumentation goals may be various from security increasing and bug fixing to development of malicious software. The paper highlights the binary code instrumentation techniques by code injection to...

  5. CYBER FORENSICS: COMPUTER SECURITY AND INCIDENTRESPONSE

    Virginiah Sekgwathe

    2012-01-01

    Full Text Available The intensification of Information and Communications Technology usage in all facets of life exceedingly amplify the incidents of information security policy breaches, cyber crimes, fraud, commercial crimes, cyber laundering etc, hence require a well developed approach to tackle these incidents in order to realize legally defensible digital evidence. Since electronic evidence is fragile and can easily be modified, finding this data, collecting, preserving, and presenting it properly in a court of law is the real challenge. There is a need for use of semantic analysis to discover underlying security policy requirements and internal power structures and institutionalization of anti cyber attack, antimoney- laundering and regulatory schemes. The first responders to cyber security incidents often than always are an organization ICT personnel who are technically sound though may be deficient in investigative skill. The scientific standards of cyber forensics dictates the procedure as it promotes objectivity, a precise and well documented analysis, particularly that the findings maybe used as evidence against the attacker. This paper aims to contribute to the advancement of the cyber forensics discipline with a view to assist the International community in combating this sophisticated, high-tech, dynamic ever changing phenomenon.

  6. Information Security in the Age of Cloud Computing

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  7. Security issues occur in Cloud Computing and there Solutions

    Karamjit Singh

    2012-05-01

    Full Text Available Cloud computing is a recent advancement wherein IT infrastructure and applications are provided as “services” to end-users under a usage-based payment model. Many organizations, such as Google, Amazon, IBM and many others, accelerate their paces in developing Cloud computing systems and providing services to user with best affords but there phases many difficulties regarding securityproblem and users also afraid toward security of own data i.e. whether cloud providers able to maintain data integrity ,confidentiality as well as authentication. To resolve the security issues in cloud computing, this paper presents various solutions for different issues.

  8. Constant-Overhead Secure Computation of Boolean Circuits using Preprocessing

    Damgård, Ivan Bjerre; Zakarias, Sarah Nouhad Haddad

    We present a protocol for securely computing a Boolean circuit $C$ in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming access to a preprocessing functionality that is not given the inputs to compute on. For a large number of players the work done by...... each player is the same as the work needed to compute the circuit in the clear, up to a constant factor. Our protocol is the first to obtain these properties for Boolean circuits. On the technical side, we develop new homomorphic authentication schemes based on asymptotically good codes with an...

  9. A cancellable and fuzzy fingerprint scheme for mobile computing security

    Yang, Wencheng; Xi, Kai; Li, Cai

    2012-09-01

    Fingerprint recognition provides an effective user authentication solution for mobile computing systems. However, as a fingerprint template protection scheme, fingerprint fuzzy vault is subject to cross-matching attacks, since the same finger might be registered for various applications. In this paper, we propose a fingerprint-based biometric security scheme named the cancellable and fuzzy fingerprint scheme, which combines a cancellable non-linear transformation with the client/server version of fuzzy vault, to address the cross-matching attack in a mobile computing system. Experimental results demonstrate that our scheme can provide reliable and secure protection to the mobile computing system while achieving an acceptable matching performance.

  10. MOBILE COMPUTING AND MCOMMERCE SECURITY ISSUES

    Krishna Prakash; Balachandra

    2014-01-01

    The radical evolution of computers and advancement of technology in the area of hardware (smaller size, weight, low power consumption and cost, high performance) and communications has introduced the notion of mobile computing. Mobile Commerce is an evolving area of e-commerce, where users can interact with service providers through a mobile and wireless network using mobile device for information retrieval and transaction processing. Mobile wireless market is increasing by lea...

  11. Cloud Computing and Research into WLAN Security

    FANG Hong-ying; Wang, Jian

    2010-01-01

    The WLAN treats wireless channel as transmission medium, but its open characteristics cause wiretapping ,identity threats, counterfeiting and tampering of information are actually ubiquitous. In this paper, based on cloud computing model, we set up hundreds of millions of times per second, super-computing platform;Secondly, we crack WEP the most common WLAN encryption protocol to verify a series of safety mechainsm proposed by IEEE 802.11 to be ineffective, such as identiffication authenticat...

  12. Computationally Efficient Neural Network Intrusion Security Awareness

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  13. Secure Communications with Mobile Devices During In-Field Activities

    One of the classic problems in information security is how to exchange confidential information securely in uncontrolled environments. There have been innumerable academic and commercial hours spent resolving this question. In traditional practice, securing communications meant investing in satellites, specialized hardware, rigorous security engineering and testing, and expending a lot of resources. For this reason, smaller organizations have often been unable to secure communications. The widespread adoption of mobile communications and the modern mobile device has brought about unprecedented abilities to stay connected with colleagues during work activities. As connectedness has increased, so have the opportunities for information compromise. The enormous mobile landscape, with competing ecosystems, large research and product development budgets, proliferating devices, and rapidly-shifting technical foundations prove to be a tremendous source of both opportunity and risk. With the reality of shrinking budgets and increasing threats, many organizations, commercial enterprises, and product vendors are looking for new ways to utilize existing resources for secure communications and mobile work capabilities. Keeping communications private and secure using the infrastructure of the world's telecommunications network and standard computing and mobile devices is the challenge. This paper will examine some methods for communicating securely using consumer mobile products and evaluate the risk such tools can present to an organization in the context of inspection work in the field. (author)

  14. Computer Security: the value of your password

    Stefan Lueders, Computer Security Team

    2016-01-01

    Of course, your passwords have a value to you as they allow you to access your computer and your Facebook page, to buy on Amazon, to create a Twitter feed, and to use a multitude of computing services provided by CERN. But have you ever thought of their value to the malicious people of this world?    With your account password, I can take over your computer. I can install software allowing me to enable your microphone and listen to your communications and what is happening around you as long as your computer is turned on. I can take regular screenshots and monitor you while you work. With that, I can try to determine your working habits, your online behaviour, the way you write e-mails… Useful, if I want to impersonate you believably (e.g. to attack CERN and the systems you are working on at CERN). What’s more, with access to your computer, I can install a keylogger to record your every keystroke – including when you type all your other passwords: ...

  15. SECURED SMART SYSTEM DESING IN PERVASIVE COMPUTING ENVIRONMENT USING VCS

    M Varaprasad Rao

    2015-05-01

    Full Text Available Ubiquitous Computing uses mobile phones or tiny devices for application development with sensors embedded in mobile phones. The information generated by these devices is a big task in collection and storage. For further, the data transmission to the intended destination is delay tolerant. In this paper, we made an attempt to propose a new security algorithm for providing security to Pervasive Computing Environment (PCE system using Public-key Encryption (PKE algorithm, Biometric Security (BS algorithm and Visual Cryptography Scheme (VCS algorithm. In the proposed PCE monitoring system it automates various home appliances using VCS and also provides security against intrusion using Zigbee IEEE 802.15.4 based Sensor Network, GSM and Wi-Fi networks are embedded through a standard Home gateway.

  16. Secure and Stability Practical Outsourcing in Cloud Computing

    Mr.V.Sudarshan

    2012-09-01

    Full Text Available Cloud computing has great potential of providing robust computational power to the society at reduced cost. It enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation. Treating the cloud as an intrinsically insecure computing platform from the viewpoint of the cloud customers, we must design mechanisms that not only protect sensitive information by enabling computations with encrypted data, but also protect customers from malicious behaviors by enabling the validation of the computation result. Such a mechanism of general secure computation outsourcing was recently shown to be feasible in theory, but to design mechanisms that are practically efficient remains a very challenging problem. Focusing on engineering computing and optimization tasks, this paper investigates secure outsourcing of widely applicable linear programming (LP computations. In order to achieve practical efficiency, our mechanism design explicitly decomposes the LP computation outsourcing into public LP solvers running on the cloud and private LP parameters owned by the customer. The resulting flexibility allows us to explore appropriate security efficiency tradeoff via higher-level abstraction of LP computations than the general circuit representation. In particular, by formulating private data owned by the customer for LP problem as a set of matrices and vectors, we are able to develop a set of efficient privacy-preserving problem transformation techniques, which allow customers to transform original LP problem into some arbitrary one

  17. Computer Security: your car, my control

    Stefan Lueders, Computer Security Team

    2015-01-01

    We have discussed the Internet of Things (IoT) and its security implications already in past issues of the CERN Bulletin, for example in “Today’s paranoia, tomorrow’s reality” (see here). Unfortunately, tomorrow has come. At this years's Black Hat conference researchers presented their findings on how easily your car can be hacked and controlled remotely. Sigh.   While these researchers have just shown that they can wirelessly hijack a Jeep Cherokee, others have performed similar studies with SmartCars, Fords, a Tesla, a Corvette, BMWs, Chryslers and Mercedes! With the increasing computerisation of cars, the engine management system, air conditioning, anti-lock braking system, electronic stability programme, etc. are linked to the infotainment, navigation and communication systems, opening the door for these vehicles to be hacked remotely. The now prevalent Bluetooth connection with smartphones is one entry vector to attack your car remotely...

  18. Securing applications in personal computers: the relay race approach.

    Wright, James Michael

    1991-01-01

    Approved for public release; distribution is unlimited This Thesis reviews the increasing need for security in a personal computer (PC) environment and proposes a new approach for securing PC applications at the application layer. The Relay Race Approach extends two standard approaches : data encryption and password access control at the main program level, to the subprogram level by the use of a special parameter, the "Baton" . The applicability of this approach is de...

  19. Secure distributed genome analysis for GWAS and sequence comparison computation

    Zhang, Yihua; Blanton, Marina; Almashaqbeh, Ghada

    2015-01-01

    Background The rapid increase in the availability and volume of genomic data makes significant advances in biomedical research possible, but sharing of genomic data poses challenges due to the highly sensitive nature of such data. To address the challenges, a competition for secure distributed processing of genomic data was organized by the iDASH research center. Methods In this work we propose techniques for securing computation with real-life genomic data for minor allele frequency and chi-...

  20. The New Trend of Security in Cloud Computing

    Xiangdong Li

    2012-12-01

    Full Text Available The use of services of cloud computing has been growing widely in industry, organizations and institutions recently, due to its tempting benefits, for example, the scalability, efficiency, flexibility and lower cost. The security issues have been studied and analyzed extensively. In order to understand the risk issues existing in today’s cloud, we discuss the new trend of security of cloud in this paper. The preventing methods are also discussed.

  1. An information security education initiative for engineering and computer science

    Chin, Shiu-Kai; Irvine, Cynthia E.; Frincke, Deborah

    1997-01-01

    This paper puts forward a case for an educational initiative in information security at both the undergraduate and graduate levels. Its focus is on the need for such education, the desired educational outcomes, and how the outcomes may be assessed. A basic thesis of this paper is that the goals, methods, and evaluation techniques of information and computer security are consistent with and supportive of the stated goals of engineering education and the growing movement for outcomes based a...

  2. Computer Security: downloading films is no peccadillo

    Stefan Lueders, Computer Security Team

    2015-01-01

    Dear Summer Students, within the Organization, you have many possibilities to pursue your natural curiosity and acquire as much new knowledge as you can siphon into your brain. CERN provides you with the academic freedom to do so, with almost no limitations. But hold on: “free” and “no limitations” don’t mean that you can do whatever you want…   Please note that, when using CERN’s computing facilities, when sending e-mails from your CERN e-mail address, when using your laptop/smartphone/computer, you must follow a basic framework of rules, the CERN Computing Rules. I would like to focus on one particular aspect of those rules: that of accessing music, videos, films or computer games from popular websites like ThePirateBay or using Bittorrent.  CERN has an awesome connection to the Internet, lots of bandwidth and a high capacity for web downloads. However, this does not mean that downloading music, videos...

  3. Guaranteeing Data Storage Security in Cloud Computing

    Viswanath Aiyer

    2015-05-01

    Full Text Available Cloud Computing has been imagined as the next generation structural engineering of IT Enterprise. .By using the homomorphic token with dispersed verification of eradication coded information, our plan attains to the combination of capacity rightness protection and information blunder limitation, i.e., the identification of getting rowdy server(s

  4. Quality Function Deployment (QFD House of Quality for Strategic Planning of Computer Security of SMEs

    Jorge A. Ruiz-Vanoye

    2013-01-01

    Full Text Available This article proposes to implement the Quality Function Deployment (QFD House of Quality for strategic planning of computer security for Small and Medium Enterprises (SME. The House of Quality (HoQ applied to computer security of SME is a framework to convert the security needs of corporate computing in a set of specifications to improve computer security.

  5. Complete Fairness in Secure Two-Party Computation

    Gordon, S. Dov; Hazay, Carmit; Katz, Jonathan;

    2011-01-01

    In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees, informa......In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees......, informally, that if one party receives its output, then the other party does too. Cleve [1986] showed that complete fairness cannot be achieved in general without an honest majority. Since then, the accepted folklore has been that nothing non-trivial can be computed with complete fairness in the two......-party setting. We demonstrate that this folklore belief is false by showing completely fair protocols for various nontrivial functions in the two-party setting based on standard cryptographic assumptions. We first show feasibility of obtaining complete fairness when computing any function over polynomial...

  6. Securing Embedded Smart Cameras with Trusted Computing

    Thomas Winkler; Bernhard Rinner

    2011-01-01

    Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only ...

  7. Control Systems Cyber Security Standards Support Activities

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  8. Computer Security: posting and mis-posting

    Stefan Lueders, Computer Security Team

    2015-01-01

    This is what can happen at CERN if you don't lock your computer screen...   “Hi, I am looking for a partner either male or female to attend salsa lessons. I have a great body and enjoy rubbing it against other people on the dance floor. I would consider dinner after with the right person. If you think you can keep up with me and enjoy getting sweaty send me a reply. Stay sexy…” This is the original text of a recent posting on the CERN Market webpage. Some people might find this appealing, some people think this is funny. Personally, I couldn’t care less. But professionally, we had to follow up as this text can be perceived as inappropriate and, thus, in violation of the Terms of Usage of the CERN Market as well as the CERN Computing Rules and its annex on private usage of the CERN computing facilities. We remind you that the CERN Market is a public website that can be used by people within but also outside CERN. All posts are visible world...

  9. Computer Security: what is your identity?

    Stefan Lueders, Computer Security Team

    2016-01-01

    In the physical world this is fairly clear; your sense of self is multi-faceted and highly complex but the entity of “you” is well defined.  You can prove your identity simply, typically by showing your ID card or by having someone vouch for you. You are a being layered with attributes. Other people may request some of these attributes: your first name at Starbucks or your shoe size at the bowling alley. But only your most trusted contacts are granted access to your entire set of attributes… or maybe you never expose your identity entirely!   Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for ea...

  10. Computer Security: White hats for CERN

    Stefan Lueders, Computer Security Team

    2016-01-01

    CERN is under attack. Permanently. Even right now. In particular, the CERN web environment, with its thousands of websites and millions of webpages, is a popular target for evil-doers as well as for security researchers.   Usually, their attacks are unsuccessful and fade away over time. Sometimes, however, they are successful and manage to break into a CERN website or web server… It is imperative that we learn about our weaknesses before others do – and fix them! Hackers with bad intentions are usually named “black hats” as they misuse their power to cause destruction or downtime via any weakness they can find. “Grey hats” are more moderate and might just have some fun with the weaknesses they find, for example by putting naked teddy bears or a personal message (such as “I hacked U”) on the compromised website. Last but not least, “white hats” report their findings directly to us and suggest that...