WorldWideScience

Sample records for active computing security

  1. Computer security

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  2. A New Approach to Practical Active-Secure Two-Party Computation

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio; Burra, Sai Sheshank

    2011-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao's garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce a...

  3. A New Approach to Practical Active-Secure Two-Party Computation

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio; Burra, Sai Sheshank

    2012-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao’s garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce a...

  4. Security in Computer Applications

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  5. Cognitive Computing for Security.

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  6. Computer Security Handbook

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  7. Security of computer networks

    Kolář, Tomáš

    2012-01-01

    This thesis is focused on design and documentation of computer network and its security in the medium-sized company. First part of this thesis describes basics of computer networks, computer infiltrations, types of assault and preventive protection of corporate networks. The practical part of this thesis is devoted to documentation of the old corporate network and the complete design of a new computer network, its security against attacks and the loss corporate data.

  8. Indirection and computer security.

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  9. Secure cloud computing

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  10. CLOUD COMPUTING SECURITY

    DANISH JAMIL,

    2011-04-01

    Full Text Available It is no secret that cloud computing is becoming more and more popular today and is ever increasing inpopularity with large companies as they share valuable resources in a cost effective way. Due to this increasingdemand for more clouds there is an ever growing threat of security becoming a major issue. This paper shalllook at ways in which security threats can be a danger to cloud computing and how they can be avoided.

  11. CLOUD COMPUTING AND SECURITY

    Asharani Shinde

    2015-10-01

    Full Text Available This document gives an insight into Cloud Computing giving an overview of key features as well as the detail study of exact working of Cloud computing. Cloud Computing lets you access all your application and documents from anywhere in the world, freeing you from the confines of the desktop thus making it easier for group members in different locations to collaborate. Certainly cloud computing can bring about strategic, transformational and even revolutionary benefits fundamental to future enterprise computing but it also offers immediate and pragmatic opportunities to improve efficiencies today while cost effectively and systematically setting the stage for the strategic change. As this technology makes the computing, sharing, networking easy and interesting, we should think about the security and privacy of information too. Thus the key points we are going to be discussed are what is cloud, what are its key features, current applications, future status and the security issues and the possible solutions.

  12. Computer security simulation

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  13. Computer Security: Competing Concepts

    Nissenbaum, Helen; Friedman, Batya; Felten, Edward

    2001-01-01

    This paper focuses on a tension we discovered in the philosophical part of our multidisciplinary project on values in web-browser security. Our project draws on the methods and perspectives of empirical social science, computer science, and philosophy to identify values embodied in existing web-browser security and also to prescribe changes to existing systems (in particular, Mozilla) so that values relevant to web-browser systems are better served than presently they are. The tension, which ...

  14. Cloud Computing Security

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  15. Computer Security at Nuclear Facilities

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  16. Computer Science Security

    Ocotlan Diaz-Parra; Ruiz-Vanoye, Jorge A.; Barrera-Cámara, Ricardo A.; Alejandro Fuentes-Penna; Natalia Sandoval

    2014-01-01

    Soft Systems Methodology (SSM) is a problem-solving methodology employing systems thinking. SSM has been applied to the management, planning, health and medical systems, information systems planning, human resource management, analysis of the logistics systems, knowledge management, project management, construction management and engineering, and development of expert systems. This paper proposes using SSM for strategic planning of Enterprise Computer Security.

  17. Computer Science Security

    Ocotlan Diaz-Parra

    2014-01-01

    Full Text Available Soft Systems Methodology (SSM is a problem-solving methodology employing systems thinking. SSM has been applied to the management, planning, health and medical systems, information systems planning, human resource management, analysis of the logistics systems, knowledge management, project management, construction management and engineering, and development of expert systems. This paper proposes using SSM for strategic planning of Enterprise Computer Security.

  18. Security Dynamics of Cloud Computing

    Khaled M. Khan

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  19. New computer security campaign

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  20. Computer Security: the security marathon

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  1. NETWORK SECURITY: AN APPROACH TOWARDS SECURE COMPUTING

    Rahul Pareek

    2011-01-01

    The security of computer networks plays a strategic role in modern computer systems. In order to enforce high protection levels against malicious attack, a number of software tools have been currently developed. Intrusion Detection System has recently become a heated research topic due to its capability of detecting and preventing the attacks from malicious network users. A pattern matching IDS for network security has been proposed in this paper. Many network security applications...

  2. Computer Security: the security marathon, part 2

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  3. Computer Security Day

    CERN Bulletin

    2010-01-01

      Viruses, phishing, malware and cyber-criminals can all threaten your computer and your data, even at CERN! Experts will share their experience with you and offer solutions to keep your computer secure. Thursday, 10 June 2010, 9.30, Council Chamber Make a note in your diary! Presentations in French and English: How do hackers break into your computer? Quels sont les enjeux et conséquences des attaques informatiques contre le CERN ? How so criminals steal your money on the Internet? Comment utiliser votre ordinateur de manière sécurisée ? and a quiz: test your knowledge and win one of the many prizes that will be on offer! For more information and to follow the day's events via a live webcast go to: http://cern.ch/SecDay.  

  4. CLOUD COMPUTING SECURITY ISSUES

    Florin OGIGAU-NEAMTIU

    2012-01-01

    Full Text Available The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality is that cloud computing has simplified some technical aspects of building computer systems, but the myriad challenges facing IT environment still remain. Organizations which consider adopting cloud based services must also understand the many major problems of information policy, including issues of privacy, security, reliability, access, and regulation. The goal of this article is to identify the main security issues and to draw the attention of both decision makers and users to the potential risks of moving data into “the cloud”.

  5. New computer security measures

    IT Department

    2008-01-01

    As a part of the long-term strategy to improve computer security at CERN, and especially given the attention focused to CERN by the start-up of the LHC, two additional security measures concerning DNS and Tor will shortly be introduced. These are described in the following texts and will affect only a small number of users. "PHISHING" ATTACKS CONTINUE CERN computer users continue to be subjected to attacks by people trying to infect our machines and obtain passwords and other confidential information by social engineering trickery. Recent examples include an e-mail message sent from "La Poste" entitled "Colis Postal" on 21 August, a fake mail sent from web and mail services on 8 September, and an e-mail purporting to come from Hallmark Cards announcing the arrival of an electronic postcard. However, there are many other examples and there are reports of compromised mail accounts being used for more realistic site-specific phishing attempts. Given the increased publicity rela...

  6. Visualization Tools for Teaching Computer Security

    Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

    2010-01-01

    Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

  7. Security basics for computer architects

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  8. Computational Intelligence, Cyber Security and Computational Models

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  9. Computer Security at Nuclear Facilities

    This series of slides presents the IAEA policy concerning the development of recommendations and guidelines for computer security at nuclear facilities. A document of the Nuclear Security Series dedicated to this issue is on the final stage prior to publication. This document is the the first existing IAEA document specifically addressing computer security. This document was necessary for 3 mains reasons: first not all national infrastructures have recognized and standardized computer security, secondly existing international guidance is not industry specific and fails to capture some of the key issues, and thirdly the presence of more or less connected digital systems is increasing in the design of nuclear power plants. The security of computer system must be based on a graded approach: the assignment of computer system to different levels and zones should be based on their relevance to safety and security and the risk assessment process should be allowed to feed back into and influence the graded approach

  10. Reminder: Mandatory Computer Security Course

    IT Department

    2011-01-01

    Just like any other organization, CERN is permanently under attack – even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Therefore, a new dedicated basic computer security course has been designed informing you about the “Do’s” and “Dont’s” when using CERN's computing facilities. This course is mandatory for all person owning a CERN computer account and must be followed once every three years. Users who have never done the course, or whose course needs to be renewe...

  11. New Mandatory Computer Security Course

    CERN Bulletin

    2010-01-01

    Just like any other organization, CERN is permanently under attack - even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Since 2007, newcomers have to follow a dedicated basic computer security course informing them about the “Do’s” and “Dont’s” when using CERNs computing facilities. This course has recently been redesigned. It is now mandatory for all CERN members (users and staff) owning a CERN computer account and must be followed once every three years. Members who...

  12. Cloud Computing Security Issue: Survey

    Kamal, Shailza; Kaur, Rajpreet

    2011-12-01

    Cloud computing is the growing field in IT industry since 2007 proposed by IBM. Another company like Google, Amazon, and Microsoft provides further products to cloud computing. The cloud computing is the internet based computing that shared recourses, information on demand. It provides the services like SaaS, IaaS and PaaS. The services and recourses are shared by virtualization that run multiple operation applications on cloud computing. This discussion gives the survey on the challenges on security issues during cloud computing and describes some standards and protocols that presents how security can be managed.

  13. Security and policy driven computing

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  14. Computer and information security handbook

    Vacca, John R

    2012-01-01

    The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

  15. Tools for Computer Security

    Lecoeuche, Denis

    2015-01-01

    This report describes several scripts developed in order to facilitate and automate security-related tests and tasks for the CMS Group at CERN. They will be integrated in the release cycle of specific web services.

  16. SECURITY ISSUES IN COMPUTER NETWORK ARCHITECTURE

    Dr. M. Lilly Florence

    2011-01-01

    The architecture of a computer network has evolved with advances in technology. The design of secure computer network architecture to protect the integrity of information exchange is pursued by the commercial and financial sectors and at all levels of government agencies. Active networks represent a new approach to network architecture. It provides a much more flexible network infrastructure. The network security is mainly based on the network architecture. The purpose of this paper is to pro...

  17. Computer Network Security- The Challenges of Securing a Computer Network

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  18. A methodology for performing computer security reviews

    DOE Order 5637.1, ''Classified Computer Security,'' requires regular reviews of the computer security activities for an ADP system and for a site. Based on experiences gained in the Los Alamos computer security program through interactions with DOE facilities, we have developed a methodology to aid a site or security officer in performing a comprehensive computer security review. The methodology is designed to aid a reviewer in defining goals of the review (e.g., preparation for inspection), determining security requirements based on DOE policies, determining threats/vulnerabilities based on DOE and local threat guidance, and identifying critical system components to be reviewed. Application of the methodology will result in review procedures and checklists oriented to the review goals, the target system, and DOE policy requirements. The review methodology can be used to prepare for an audit or inspection and as a periodic self-check tool to determine the status of the computer security program for a site or specific ADP system. 1 tab

  19. A methodology for performing computer security reviews

    This paper reports on DIE Order 5637.1, Classified Computer Security, which requires regular reviews of the computer security activities for an ADP system and for a site. Based on experiences gained in the Los Alamos computer security program through interactions with DOE facilities, the authors have developed a methodology to aid a site or security officer in performing a comprehensive computer security review. The methodology is designed to aid a reviewer in defining goals of the review (e.g., preparation for inspection), determining security requirements based on DOE policies, determining threats/vulnerabilities based on DOE and local threat guidance, and identifying critical system components to be reviewed. Application of the methodology will result in review procedures and checklists oriented to the review goals, the target system, and DOE policy requirements. The review methodology can be used to prepare for an audit or inspection and as a periodic self-check tool to determine the status of the computer security program for a site or specific ADP system

  20. Computer Security at Nuclear Facilities (French Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  1. Security Protocol Verification: Symbolic and Computational Models

    Blanchet, Bruno

    2012-01-01

    Security protocol verification has been a very active research area since the 1990s. This paper surveys various approaches in this area, considering the verification in the symbolic model, as well as the more recent approaches that rely on the computational model or that verify protocol implementations rather than specifications. Additionally, we briefly describe our symbolic security protocol verifier ProVerif and situate it among these approaches.

  2. Computer Security: professionalism in security, too

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  3. Computer Security: Security operations at CERN (4/4)

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  4. Change of Computer Security Officer

    IT Department

    2008-01-01

    After many years of successfully protecting the CERN site in her role as Computer Security Officer (CSO), Denise Heagerty is being assigned to a new role within the IT Department. David Myers has been appointed to the position of CSO for one year from 1st September. W. von Rüden, IT Department Head

  5. LEGO for Two-Party Secure Computation

    Nielsen, Jesper Buus; Orlandi, Claudio

    2009-01-01

    . Asymptotically it obtains a factor  improvement in computation and communication over previous cut-and-choose based solutions, where  is the size of the circuit being computed. The protocol is universally composable (UC) in the OT-hybrid model against a static, active adversary.......This paper continues the recent line of work of making Yao’s garbled circuit approach to two-party computation secure against an active adversary. We propose a new cut-and-choose based approach called LEGO (Large Efficient Garbled-circuit Optimization): It is specifically aimed at large circuits...

  6. World of Cloud Computing & Security

    Ashish Kumar

    2012-06-01

    Full Text Available Cloud computing promises to increase the velocity with which application are deployed, increase innovation and lower costs, all while increasing business agility and hence envisioned as the next generation architecture of IT Enterprise. Nature of cloud computing builds an established trend for driving cost out of the delivery of services while increasing the speed and agility with which services are deployed. Cloud Computing incorporates virtualization, on demand deployment, Internet delivery of services and open source software .From another perspective, everything is new because cloud computing changes how we invent, develop, deploy, scale, update, maintain and pay for application and the infrastructure on which they run. Because of these benefits of Cloud Computing, it requires an effective and flexible dynamic security scheme to ensure the correctness of users’ data in the cloud. Quality of service is an important aspect and hence, extensive cloud data security and performance is required. Normal 0 false false false EN-US X-NONE X-NONE ashish.kumar@bharatividyapeeth.edu

  7. Computer access security code system

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  8. Cloud Computing Security Issues and Challenges

    Kuyoro S. O.

    2011-12-01

    Full Text Available Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.

  9. Secure Multiparty Computation Goes Live

    Bøgetoft, Peter; Lund Christensen, Dan; Damgård, Ivan Bjerre;

    2009-01-01

    In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used. This work was supported by the Danish Strategic Research Council and the European...... Commision. Tomas Toft’s work was partially performed at Aarhus University. In Holland, he was supported by the research program Sentinels, financed by Technology Foundation STW, the Netherlands Organization for Scientific Research (NWO), and the Dutch Ministry of Economic Affairs....

  10. Securing a HENP Computing Facility

    Misawa, S; Throwe, T

    2003-01-01

    Traditionally, HENP computing facilities have been open facilities that are accessed in many different ways by users that are both internal and external to the facility. However, the need to protect the facility from cybersecurity threats has made it difficult to maintain the openness of the facility to off-site and on-site users. In this paper, we discuss the strategy we have used and the architecture we have developed and deployed to increase the security the US ATLAS and RHIC Computing Facilities, while trying to maintain the openness and accessibility that our user community has come to expect. Included in this discussion are the tools that we have used and the operational experience we have had with the deployed architecture.

  11. Cloud Security A Comprehensive Guide to Secure Cloud Computing

    Krutz, Ronald L

    2010-01-01

    Well-known security experts decipher the most challenging aspect of cloud computing-security. Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable book tackles the most common security challenges that cloud computing faces. The authors offer you years of unpa

  12. Knowledge-based computer security advisor

    The rapid expansion of computer security information and technology has included little support to help the security officer identify the safeguards needed to comply with a policy and to secure a computing system. This paper reports that Los Alamos is developing a knowledge-based computer security system to provide expert knowledge to the security officer. This system includes a model for expressing the complex requirements in computer security policy statements. The model is part of an expert system that allows a security officer to describe a computer system and then determine compliance with the policy. The model contains a generic representation that contains network relationships among the policy concepts to support inferencing based on information represented in the generic policy description

  13. Computer Security: drive-bye

    Stefan Lueders, Computer Security Team

    2016-01-01

    Like a lion waiting to ambush gazelles at a waterhole, malware can catch you by surprise.    As some of you might have noticed, the Computer Security Team had to block the news site “20min.ch” a while ago, as it was found to be distributing malware. This block comes after similar incidents at other Swiss organizations. Our blocking is protective in order to safeguard your computers, laptops, tablets and smartphones. Unfortunately, this is not the first time we have seen these so-called drive-by/waterhole attacks: once you have visited an affected website, embedded third-party malicious code is downloaded to your computer and subsequently infects it (if running Windows or Android as well as, less likely, Mac operating systems). Hence the name “drive-by”. As “20min.ch” is a very frequented website among CERN staff members and users, it makes it a perfect source for attacks against CERN (or other Geneva-based organisations): inste...

  14. SECURITY TECHNIQUES USED IN COMPUTER NETWORKING

    Aarti Ramesh Sonone

    2015-01-01

    Security is one of the important in several areas as personal computer user, organizational computer network etc. because most of the time data will be share from one network to other network via the internet. The rapid growth in the use of internet there is need of computer network security to prevent and protect data or information from the internal and external attacks. Online security includes protection of information from theft, corruption or unauthorized access etc. In this pa...

  15. Computer Security: SAHARA - Security As High As Reasonably Achievable

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  16. A Computer Security Course in the Undergraduate Computer Science Curriculum.

    Spillman, Richard

    1992-01-01

    Discusses the importance of computer security and considers criminal, national security, and personal privacy threats posed by security breakdown. Several examples are given, including incidents involving computer viruses. Objectives, content, instructional strategies, resources, and a sample examination for an experimental undergraduate computer…

  17. Computers, business, and security the new role for security

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  18. A REVIEW ON SECURED CLOUD COMPUTING ENVIRONMENT

    M. Hemanth Chakravarthy

    2014-01-01

    Full Text Available Nowadays, the scientific problem becomes very complex; therefore, it requires more computing power and storage space. These requirements are very common in an organization while dealing with current technological data and requirements. Based on these basic requirements, need of higher computational resources is an important issue when dealing with current technological methodology. Hence, cloud computing has become the most important computing paradigm of recent world. The cloud computing is an open source and using Internet as network model. Rapid growth in the field of “cloud computing” also increases severe security concerns, because security has a constant issue. This study reviews security models of cloud computing.

  19. Scalable and Unconditionally Secure Multiparty Computation

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus

    2007-01-01

    We present a multiparty computation protocol that is unconditionally secure against adaptive and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+poly(nk), where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of the elements of the field...... over which the computation is carried out, D is the multiplicative depth of the circuit, and κ is the security parameter. The corruption threshold is t < n/3. For passive security the corruption threshold is t < n/2 and the communication complexity is O(nC)k. These are the first unconditionally secure...... protocols where the part of the communication complexity that depends on the circuit size is linear in n. We also present a protocol with threshold t < n/2 and complexity O(Cn)k+poly(n\\kappa) based on a complexity assumption which, however, only has to hold during the execution of the protocol – that is...

  20. SECURITY TECHNIQUES USED IN COMPUTER NETWORKING

    Aarti Ramesh Sonone

    2015-10-01

    Full Text Available Security is one of the important in several areas as personal computer user, organizational computer network etc. because most of the time data will be share from one network to other network via the internet. The rapid growth in the use of internet there is need of computer network security to prevent and protect data or information from the internal and external attacks. Online security includes protection of information from theft, corruption or unauthorized access etc. In this paper we discuss the security techniques used in computer network to protect information and information system from unauthorized user and their advantages.

  1. Secure computing, economy, and trust

    Bogetoft, Peter; Damgård, Ivan B.; Jakobsen, Thomas;

    In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, cryptography and security engineering and develop and implement secure auctions for practical real-world problems. In essence this paper is an o...

  2. Tailored Security and Safety for Pervasive Computing

    Blass, Erik-Oliver; Zitterbart, Martina

    Pervasive computing makes high demands on security: devices are seriously resource-restricted, communication takes place spontaneously, and adversaries might control some of the devices. We claim that 1.) today’s research, studying traditional security properties for pervasive computing, leads to inefficient, expensive, and unnecessary strong and unwanted security solutions. Instead, security solutions tailored to the demands of a user, the scenario, or the expected adversary are more promising. 2.) Today’s research for security in pervasive computing makes naive, inefficient, and unrealistic assumptions regarding safety properties, in particular the quality of basic communication. Therefore, future security research has to consider safety characteristics and has to jointly investigate security and safety for efficient, tailored solutions.

  3. Banking Security Characteristics in Cloud Computing Technology

    Jeflea Victor; Georgescu Mircea

    2014-01-01

    Cloud Computing technology has become an imminent reality by penetrating all the environments. Although the benefits of implementing Cloud Computing solutions are obvious, there is still a reluctance to use them, especially in the banking sector. Some authors have compared the banking environment itself to the Cloud Computing technology in terms of security and confidence. In what follows, we propose to highlight the main aspects of Cloud Computing security and to detect any elements of vulne...

  4. Applied computation and security systems

    Saeed, Khalid; Choudhury, Sankhayan; Chaki, Nabendu

    2015-01-01

    This book contains the extended version of the works that have been presented and discussed in the First International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2014) held during April 18-20, 2014 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland and University of Calcutta, India. The Volume I of this double-volume book contains fourteen high quality book chapters in three different parts. Part 1 is on Pattern Recognition and it presents four chapters. Part 2 is on Imaging and Healthcare Applications contains four more book chapters. The Part 3 of this volume is on Wireless Sensor Networking and it includes as many as six chapters. Volume II of the book has three Parts presenting a total of eleven chapters in it. Part 4 consists of five excellent chapters on Software Engineering ranging from cloud service design to transactional memory. Part 5 in Volume II is on Cryptography with two book...

  5. Data Security and Privacy in Cloud Computing

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  6. A Framework for Secure Cloud Computing

    Ahmed E. Youssef

    2012-07-01

    Full Text Available Cloud computing is one of the most discussed topics today in the field of information technology. It introduces a new Internet-based environment for on-demand, dynamic provision of reconfigurable computing resources. The biggest challenge in cloud computing is the security and privacy problems caused by its multi-tenancy nature and the outsourcing of infrastructure, sensitive data and critical applications. In this paper, we propose a framework that identifies security and privacy challenges in cloud computing. It highlights cloud-specific attacks and risks and clearly illustrates their mitigations and countermeasures. We also propose a generic cloud computing security model that helps satisfy security and privacy requirements in the clouds and protect them against various vulnerabilities. The purpose of this work is to advise on security and privacy considerations that should be taken and solutions that might be considered when using the cloud environment by individuals and organizations.

  7. Why SCADA security is NOT like Computer Centre Security

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  8. Security Protocol for Active Networks

    Cheng, L.; Galis, A.

    2006-01-01

    Active packets carrying management and control code have a dynamic nature and support dynamic routing. Thus, active packets must be protected in an end-to-end and hop-to-hop fashion. In this paper, we present a novel approach, known as security protocol for active networks (SPAN), which enables an active packet to be securely transmitted during (instead of after) Security Association (SA) and management negotiations along a new execution path

  9. Computer security and network processor

    The network security somehow is similar to the SARS virus's protection, at present status of the network security implementations exist many inadequate, the necessary of the security monitoring has been enhanced in this paper, as well as relative methods of the segregation of the network when attack happening. Arming the broadband data of high-speed network, the Network Processor was introduced, the prospect applications of it including the data acquisition and analyzing the experiment high energy physics and nuclear physics has been discussed. (authors)

  10. Review your Computer Security Now and Frequently!

    IT Department

    2009-01-01

    The start-up of LHC is foreseen to take place in the autumn and we will be in the public spotlight again. This increases the necessity to be vigilant with respect to computer security and the defacement of an experiment’s Web page in September last year shows that we should be particularly attentive. Attackers are permanently probing CERN and so we must all do the maximum to reduce future risks. Security is a hierarchical responsibility and requires to balance the allocation of resources between making systems work and making them secure. Thus all of us, whether users, developers, system experts, administrators, or managers are responsible for securing our computing assets. These include computers, software applications, documents, accounts and passwords. There is no "silver bullet" for securing systems, which can only be achieved by a painstaking search for all possible vulnerabilities followed by their mitigation. Additional advice on particular topics can be obtained from the relevant I...

  11. A Design Methodology for Computer Security Testing

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  12. Security Solutions against Computer Networks Threats

    Fatemeh Soleimani Roozbahani; Reihaneh Azad

    2015-01-01

    The spread of information networks in communities and organizations have led to a daily huge volume of information exchange between different networks which, of course, has resulted in new threats to the national organizations. It can be said that information security has become today one of the most challenging areas. In other words, defects and disadvantages of computer network security address irreparable damage for enterprises. Therefore, identification of security threats and ways of dea...

  13. IAEA's activities on nuclear security

    Main activities of the IAEA are focused on three items; (1) promotion of peaceful uses of nuclear energy; technical cooperation, (2) nuclear safety and (3) safeguards. Since September 11, 2001 terrorist attack, IAEA's activities on nuclear security has been strengthened. Here nuclear security can be defined as the prevention and detection of and response to, theft, sabotage, unauthorized access, illegal transfer or other malicious acts involving nuclear material, other radioactive substance or their associated facilities. Nuclear security has made a remarkable change and gained great importance. Recent trend of nuclear security was introduced and future perspective of IAEA's verification activities through the inspection including safeguards was described. (T. Tanaka)

  14. OT-Combiners Via Secure Computation

    Harnik, Danny; Ishai, Yuval; Kushilevitz, Eyal;

    2008-01-01

    use of Ω(kn) noisy bits. Better amortized generation of OTs. We show that, following an initial “seed” of O(k) OTs, each additional OT can be generated by only computing and communicating a constant number of outputs of a cryptographic hash function. This improves over a protocol of Ishai et al......An OT-combiner implements a secure oblivious transfer (OT) protocol using oracle access to n OT-candidates of which at most t may be faulty. We introduce a new general approach for combining OTs by making a simple and modular use of protocols for secure computation. Specifically, we obtain an OT......, in a network consisting of a single OT-channel. Our approach applies both to the “semi-honest” and the “malicious” models of secure computation, yielding the corresponding types of OT-combiners. Instantiating our general approach with secure computation protocols from the literature, we conceptually...

  15. STP/HAMPI and Computer Security

    Ganesh, Vijay

    2012-01-01

    In the past several years I have written two SMT solvers called STP and HAMPI that have found widespread use in computer security research by leading groups in academia, industry and the government. In this brief note I summarize the features of STP/HAMPI that make them particularly suited for computer security research, and a listing of some of the more important projects that use them.

  16. SECURITY ISSUES IN CLOUD COMPUTING AND COUNTERMEASURES

    DANISH JAMIL,; HASSAN ZAKI

    2011-01-01

    Cloud computing technology is a new concept of providing dramatically scalable and virtualised resources, bandwidth, software and hardware on demand to consumers. Consumers can typically requests cloud services via a web browser or web service. Using cloud computing, consumers can safe cost of hardware deployment, software licenses and system maintenance. On the other hand, it also has a few security issues. This paper introduces four cloud security problems, which are XML Signature Element W...

  17. CLOUD COMPUTING SECURITY THROUGH SYMMETRIC CIPHER MODEL

    Subramanian Anbazhagan

    2014-10-01

    Full Text Available Cloud computing can be defined as an application and services which runs on distributed network using virtualized and it is accessed through internet protocols and networking. Cloud computing resources and virtual and limitless and information’s of the physical systems on which software running are abstracted from the user. Cloud Computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over the technology infrastructure in the "cloud" that supports them. To satisfy the needs of the users the concept is to incorporate technologies which have the common theme of reliance on the internet Software and data are stored on the servers whereas cloud computing services are provided through applications online which can be accessed from web browsers. Lack of security and access control is the major drawback in the cloud computing as the users deal with sensitive data to public clouds .Multiple virtual machine in cloud can access insecure information flows as service provider; therefore to implement the cloud it is necessary to build security. Therefore the main aim of this paper is to provide cloud computing security through symmetric cipher model. This article proposes symmetric cipher model in order to implement cloud computing security so that data can accessed and stored securely.

  18. Computer Security: transparent monitoring for your protection

    Stefan Lueders, Computer Security Team

    2016-01-01

    Computer security can be handled in one of two ways: in secrecy, behind a black curtain; or out in the open, subject to scrutiny and with full transparency. We believe that the latter is the only right way for CERN, and have always put that belief into practice. In keeping with this spirit, here is a reminder of how we monitor (your) CERN activities in order to guarantee timely responses to computer security incidents.   We monitor all network traffic coming into and going out of CERN. Automatic tools look for suspicious patterns like connections to known malicious IP addresses, web pages or domains. They check for malicious files being downloaded and make statistical analyses of connections in order to identify unusual behaviour. The automatic analysis of the logs from the CERN Domain Name Servers complements this and provides a redundant means of detection. We also constantly scan the CERN office network and keep an inventory of the individual network services running on each device: w...

  19. Practical Computer Security through Cryptography

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  20. Towards An Engineering Discipline of Computational Security

    Mili, Ali [New Jersey Insitute of Technology; Sheldon, Frederick T [ORNL; Jilani, Lamia Labed [Institut Superieur de Gestion; Ayed, Rahma Ben [University of Tunis, Belvedere, Tunisia

    2007-01-01

    George Boole ushered the era of modern logic by arguing that logical reasoning does not fall in the realm of philosophy, as it was considered up to his time, but in the realm of mathematics. As such, logical propositions and logical arguments are modeled using algebraic structures. Likewise, we submit that security attributes must be modeled as formal mathematical propositions that are subject to mathematical analysis. In this paper, we approach this problem by attempting to model security attributes in a refinement-like framework that has traditionally been used to represent reliability and safety claims. Keywords: Computable security attributes, survivability, integrity, dependability, reliability, safety, security, verification, testing, fault tolerance.

  1. SECURITY ISSUES IN CLOUD COMPUTING AND COUNTERMEASURES

    DANISH JAMIL,

    2011-04-01

    Full Text Available Cloud computing technology is a new concept of providing dramatically scalable and virtualised resources, bandwidth, software and hardware on demand to consumers. Consumers can typically requests cloud services via a web browser or web service. Using cloud computing, consumers can safe cost of hardware deployment, software licenses and system maintenance. On the other hand, it also has a few security issues. This paper introduces four cloud security problems, which are XML Signature Element Wrapping, Browser Security, Cloud Malware Injection Attack and Flooding Attacks, and also gives the possible countermeasures.

  2. SECURITY FOR DATA STORAGE IN CLOUD COMPUTING

    Prof. S.A.Gade; Mukesh P.Patil

    2015-01-01

    Cloud computing is nothing but a specific style of computing where everything from computing power to business apps are provided facility. This application moves the various data to the large data centers through computing where security provided fully trustworthy. The data stored in the cloud may be frequently updated by the users (registered user) including actions like insertion, deletion, modification etc. To ensure that data storage in cl oud this web applicatio...

  3. Cloud Computing Security Latest Issues amp Countermeasures

    Shelveen Pandey

    2015-08-01

    Full Text Available Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shared resources over the years security on the cloud is a growing concern. In this review paper the current cloud security issues and practices are described and a few innovative solutions are proposed that can help improve cloud computing security in the future.

  4. Computer Security: Mac security – nothing for old versions

    Stefan Lueders, Computer Security Team

    2016-01-01

    A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software – or, in computer lingo: patching, patching, patching.   Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help… Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their &ldq...

  5. New mechanism for Cloud Computing Storage Security

    Almokhtar Ait El Mrabti

    2016-07-01

    Full Text Available Cloud computing, often referred to as simply the cloud, appears as an emerging computing paradigm which promises to radically change the way computer applications and services are constructed, delivered, managed and finally guaranteed as dynamic computing environments for end users. The cloud is the delivery of on-demand computing resources - everything from applications to data centers - over the Internet on a pay-for-use basis. The revolution of cloud computing has provided opportunities for research in all aspects of cloud computing. Despite the big progress in cloud computing technologies, funding concerns in cloud, security may limit a broader adoption. This paper presents a technique to tolerate both accidental and intentional faults, which is fragmentation-redundancy-scattering (FRS. The possibility to use the FRS technique as an intrusion tolerance one is investigated for providing secure and dependable storage in the cloud environment. Also a cloud computing security (CCS based on the FRS technique is proposed to explore how this proposal can then be used via several scenarios. To demonstrate the robustness of the proposal, we formalize our design and we carry out a security as well as performance evaluations of the approach and we compare it with the classical model. The paper concludes by strongly suggesting future research proposals for the CCS framework.

  6. Computer security at ukrainian nuclear facilities: interface between nuclear safety and security

    Active introduction of information technology, computer instrumentation and control systems (I and C systems) in the nuclear field leads to a greater efficiency and management of technological processes at nuclear facilities. However, this trend brings a number of challenges related to cyber-attacks on the above elements, which violates computer security as well as nuclear safety and security of a nuclear facility. This paper considers regulatory support to computer security at the nuclear facilities in Ukraine. The issue of computer and information security considered in the context of physical protection, because it is an integral component. The paper focuses on the computer security of I and C systems important to nuclear safety. These systems are potentially vulnerable to cyber threats and, in case of cyber-attacks, the potential negative impact on the normal operational processes can lead to a breach of the nuclear facility security. While ensuring nuclear security of I and C systems, it interacts with nuclear safety, therefore, the paper considers an example of an integrated approach to the requirements of nuclear safety and security

  7. Computational social networks security and privacy

    2012-01-01

    Presents the latest advances in security and privacy issues in computational social networks, and illustrates how both organizations and individuals can be protected from real-world threats Discusses the design and use of a wide range of computational tools and software for social network analysis Provides experience reports, survey articles, and intelligence techniques and theories relating to specific problems in network technology

  8. Artificial immune system applications in computer security

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  9. REVIEW PAPER ON MOBILE CLOUD COMPUTING SECURITY

    Priyanka d. Raut

    2015-10-01

    Full Text Available Nowadays smart-phones are being capable of supporting a broad range of applications, many of which demand an increasing computational power. This leads to a challenge because smart-phones are resource-constrained devices with finite computation power, memory, storage, and energy. With the development of mobility and cloud computing, mobile cloud computing (MCC has introduced and become a point of research. With the need of extendibility and on-demand self-service, it can provide the good infrastructure, platform and software services in a cloud to mobile clients through the mobile network. Therefore, Cloud computing is anticipated to bring an innovation in mobile computing, where the mobile devices can make use of clouds for data processing, storage and other intensive operations. Despite the surprising advancement achieved by MCC, the clients of MCC are still below expectations due to the related risks in terms of security and confidentiality. The more and more information is placed onto the cloud by individuals and enterprises, the more the security issue begins to grow. This paper presents the various security issues that arise about how secure the mobile cloud computing environment is.

  10. International Conference on Computational Intelligence, Cyber Security, and Computational Models

    Ramasamy, Vijayalakshmi; Sheen, Shina; Veeramani, C; Bonato, Anthony; Batten, Lynn

    2016-01-01

    This book aims at promoting high-quality research by researchers and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security, and Computational Models ICC3 2015 organized by PSG College of Technology, Coimbatore, India during December 17 – 19, 2015. This book enriches with innovations in broad areas of research like computational modeling, computational intelligence and cyber security. These emerging inter disciplinary research areas have helped to solve multifaceted problems and gained lot of attention in recent years. This encompasses theory and applications, to provide design, analysis and modeling of the aforementioned key areas.

  11. The university computer network security system

    张丁欣

    2012-01-01

    With the development of the times, advances in technology, computer network technology has been deep into all aspects of people's lives, it plays an increasingly important role, is an important tool for information exchange. Colleges and universities is to cultivate the cradle of new technology and new technology, computer network Yulu nectar to nurture emerging technologies, and so, as institutions of higher learning should pay attention to the construction of computer network security system.

  12. Leakage Resilient Secure Two-Party Computation

    Damgård, Ivan Bjerre; Hazay, Carmit; Patra, Arpita

    2012-01-01

    returns its result. Almost independently of secure computation, the area of {\\em leakage resilient cryptography} has recently been evolving intensively, studying the question of designing cryptographic primitives that remain secure even when some information about the secret key is leaked. In this paper....... \\item {\\em Leakage resilient oblivious transfer.} We present the first construction for 1-out-of-2 oblivious transfer with security against leakage of a constant fraction of the honest party's memory. Our protocol is based on the OT construction presented by Peikert et al.~\\cite{PeikertVW08}. \\item {\\em...... Leakage resilient Yao's Garbled Circuit~\\cite{Yao82}.} We provide the first general construction for secure two-party computation and show how to adapt the proof from~\\cite{LP09} of Yao's protocol into the leakage resilient setting. Our result holds for a restricted set of functions due to technicalities...

  13. Cloud Computing Security in Business Information Systems

    Ristov, Sasko; Kostoska, Magdalena

    2012-01-01

    Cloud computing providers' and customers' services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs) are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company's type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objecti...

  14. Guidelines for computer security in general practice

    Peter Schattner; Catherine Pleteshner; Heinz Bhend; Johan Brouns

    2007-01-01

    Background As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. Objective To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template ...

  15. Flexible And Secure Access To Computing Clusters

    Jan Meizner; Maciej Malawski; Marian Bubak

    2010-01-01

    The investigation presented in this paper was prompted by the need to provide a manageablesolution for secure access to computing clusters with a federated authentication framework.This requirement is especially important for scientists who need direct access to computingnodes in order to run their applications (e.g. chemical or medical simulations) with proprietary,open-source or custom-developed software packages. Our existing software, whichenables non-Web clients to use Shibboleth-secured...

  16. Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

    2012-01-01

    Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

  17. Computer Security at Nuclear Facilities. Reference Manual (Chinese Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  18. Computer Security at Nuclear Facilities. Reference Manual (Russian Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  19. Computer Security at Nuclear Facilities. Reference Manual (Arabic Edition)

    The possibility that nuclear or other radioactive material could be used for malicious purposes cannot be ruled out in the current global situation. States have responded to this risk by engaging in a collective commitment to strengthen the protection and control of such material and to respond effectively to nuclear security events. States have agreed to strengthen existing instruments and have established new international legal instruments to enhance nuclear security worldwide. Nuclear security is fundamental in the management of nuclear technologies and in applications where nuclear or other radioactive material is used or transported. Through its Nuclear Security Programme, the IAEA supports States to establish, maintain and sustain an effective nuclear security regime. The IAEA has adopted a comprehensive approach to nuclear security. This recognizes that an effective national nuclear security regime builds on: the implementation of relevant international legal instruments; information protection; physical protection; material accounting and control; detection of and response to trafficking in such material; national response plans; and contingency measures. With its Nuclear Security Series, the IAEA aims to assist States in implementing and sustaining such a regime in a coherent and integrated manner. The IAEA Nuclear Security Series comprises Nuclear Security Fundamentals, which include objectives and essential elements of a State's nuclear security regime; Recommendations; Implementing Guides; and Technical Guidance. Each State carries the full responsibility for nuclear security, specifically: to provide for the security of nuclear and other radioactive material and associated facilities and activities; to ensure the security of such material in use, storage or in transport; to combat illicit trafficking and the inadvertent movement of such material; and to be prepared to respond to a nuclear security event. This publication is in the Technical Guidance

  20. Overview of Security issues in Cloud Computing

    Ajey Singh

    2012-03-01

    Full Text Available Cloud computing may be defined as management and provision of resources, software, applications and information as services over the cloud (internet on demand. Cloud computing comes into focus only when you think about what IT always needs: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. "Cloud computing continues to gain acceptance as a critical way to deliver on-demand information and resources to customers,” The cloud architecture is implemented in such a way that it provides you the flexibility to share application as well as other network resources (hardware etc[1]. This will lead to a need based flexible architecture where the resources will expand or contract with a little configuration changes. Cloud computing is often provided "as a service" over the Internet, typically in the form of infrastructure as a service (IaaS, platform as a service (PaaS, or software as a service (SaaS.From an end users perspective, you don’t need to care for the OS, the plug-ins, web security or the software platform[2]. Everything should be in place without any worry. This paper focuses on technical security issues in cloud computing, cloud computing has various benefits in an enterprise but major concern is how security is implemented in cloud computing.

  1. Computation, cryptography, and network security

    Rassias, Michael

    2015-01-01

    Analysis, assessment, and data management are core competencies for operation research analysts. This volume addresses a number of issues and developed methods for improving those skills. It is an outgrowth of a conference held in April 2013 at the Hellenic Military Academy, and brings together a broad variety of mathematical methods and theories with several applications. It discusses directions and pursuits of scientists that pertain to engineering sciences. It is also presents the theoretical background required for algorithms and techniques applied to a large variety of concrete problems. A number of open questions as well as new future areas are also highlighted.   This book will appeal to operations research analysts, engineers, community decision makers, academics, the military community, practitioners sharing the current “state-of-the-art,” and analysts from coalition partners. Topics covered include Operations Research, Games and Control Theory, Computational Number Theory and Information Securi...

  2. Soft computing techniques in voltage security analysis

    Chakraborty, Kabir

    2015-01-01

    This book focuses on soft computing techniques for enhancing voltage security in electrical power networks. Artificial neural networks (ANNs) have been chosen as a soft computing tool, since such networks are eminently suitable for the study of voltage security. The different architectures of the ANNs used in this book are selected on the basis of intelligent criteria rather than by a “brute force” method of trial and error. The fundamental aim of this book is to present a comprehensive treatise on power system security and the simulation of power system security. The core concepts are substantiated by suitable illustrations and computer methods. The book describes analytical aspects of operation and characteristics of power systems from the viewpoint of voltage security. The text is self-contained and thorough. It is intended for senior undergraduate students and postgraduate students in electrical engineering. Practicing engineers, Electrical Control Center (ECC) operators and researchers will also...

  3. Cloud Computing Security in Business Information Systems

    Sasko Ristov

    2012-03-01

    Full Text Available Cloud computing providers‘ and customers‘ services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company’s type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objectives if customer services are hosted on-premise or in cloud. The conclusion is that obtaining the ISO 27001:2005 certificate (or if already obtained will further improve CSP and CC information security systems, and introduce mutual trust in cloud services but will not cover all relevant issues. In this paper we also continue our efforts in business continuity detriments cloud computing produces, and propose some solutions that mitigate the risks.

  4. Computer Security: Geneva, Suisse Romande and beyond

    Computer Security Team

    2014-01-01

    To ensure good computer security, it is essential for us to keep in close contact and collaboration with a multitude of official and unofficial, national and international bodies, agencies, associations and organisations in order to discuss best practices, to learn about the most recent (and, at times, still unpublished) vulnerabilities, and to handle jointly any security incident. A network of peers - in particular a network of trusted peers - can provide important intelligence about new vulnerabilities or ongoing attacks much earlier than information published in the media. In this article, we would like to introduce a few of the official peers we usually deal with.*   Directly relevant for CERN are SWITCH, our partner for networking in Switzerland, and our contacts within the WLCG, i.e. the European Grid Infrastructure (EGI), and the U.S. Open Science Grid (OSG). All three are essential partners when discussing security implementations and resolving security incidents. SWITCH, in...

  5. DATA INTEGRITY PROOF AND SECURE COMPUTATION IN CLOUD COMPUTING

    Veeralakshmi Ponnuramu; Latha Tamilselvan

    2012-01-01

    Cloud computing is an emerging computing paradigm in which information technology resources and capacities are provided as services over the internet. The users can remotely store their data into the cloud so that the users can be relieved from the burden of local data storage and maintenance. The user does not have any control on the remotely located data. This unique feature possess many security challenges. One of the important concern is the integrity of data and computations. To ensure c...

  6. MOBILE COMPUTING AND MCOMMERCE SECURITY ISSUES

    Krishna Prakash

    2014-09-01

    Full Text Available The radical evolution of computers and advancement of technology in the area of hardware (smaller size, weight, low power consumption and cost, high performance and communications has introduced the notion of mobile computing. Mobile Commerce is an evolving area of e-commerce, where users can interact with service providers through a mobile and wireless network using mobile device for information retrieval and transaction processing. Mobile wireless market is increasing by leaps and bounds. The quality and speeds available in the mobile environment must match the fixed networks if the convergence of the mobile wireless and fixed communication network is to happen in the real sense. The challenge for mobile network lie in providing very large footprint of mobile services with high speed and security. Online transactions using mobile devices must ensure high security for user credentials and it should not be possible for misuse. The paper discusses issues related to M-Commerce security.

  7. Securing Local Support for Your Computer Project.

    Roecks, Alan L.

    1979-01-01

    Guidelines for securing and maintaining local funding for computer-related projects include suggestions in the areas of establishing and maintaining project/school board relationships, encountering social and political factors, and defining guidelines for project implementation. Successes and failures of the MICA project are provided as…

  8. Guidelines for computer security in general practice

    Peter Schattner

    2007-06-01

    Conclusions This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

  9. A Development Framework for Software Security in Nuclear Safety Systems: Integrating Secure Development and System Security Activities

    The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering

  10. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  11. Security for small computer systems a practical guide for users

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  12. Extreme Scale Computing to Secure the Nation

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  13. Software For Computer-Security Audits

    Arndt, Kate; Lonsford, Emily

    1994-01-01

    Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

  14. DATA INTEGRITY PROOF AND SECURE COMPUTATION IN CLOUD COMPUTING

    Veeralakshmi Ponnuramu

    2012-01-01

    Full Text Available Cloud computing is an emerging computing paradigm in which information technology resources and capacities are provided as services over the internet. The users can remotely store their data into the cloud so that the users can be relieved from the burden of local data storage and maintenance. The user does not have any control on the remotely located data. This unique feature possess many security challenges. One of the important concern is the integrity of data and computations. To ensure correctness of user’s data in the cloud, an effective scheme assuring the integrity of the data stored in the cloud is proposed. We try to obtain and prove that the data stored in the cloud is not modified by the provider, thereby ensuring the integrity of data. To ensure secure computation our scheme uses the Merkle hash tree for checking the correctness of computations done by the cloud service provider. Algorithms are implemented using java core concepts and java Remote Method Invocation (RMI concepts for client-server communication by setting up the private cloud environment with eucalyptus tool. This method is used to assure data integrity and secured computations with reduced computational and storage overhead of the client.

  15. SECURITY AND PRIVACY ISSUES IN CLOUD COMPUTING

    Amina AIT OUAHMAN

    2014-10-01

    Full Text Available Today, cloud computing is defined and talked about across the ICT industry under different contexts and with different definitions attached to it. It is a new paradigm in the evolution of Information Technology, as it is one of the biggest revolutions in this field to have taken place in recent times. According to the National Institute for Standards and Technology (NIST, “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services that can be rapidly provisioned and released with minimal management effort or service provider interaction” [1]. The importance of Cloud Computing is increasing and it is receiving a growing attention in the scientific and industrial communities. A study by Gartner [2] considered Cloud Computing as the first among the top 10 most important technologies and with a better prospect in successive years by companies and organizations. Clouds bring out tremendous benefits for both individuals and enterprises. Clouds support economic savings, outsourcing mechanisms, resource sharing, any-where any-time accessibility, on-demand scalability, and service flexibility. Clouds minimize the need for user involvement by masking technical details such as software upgrades, licenses, and maintenance from its customers. Clouds could also offer better security advantages over individual server deployments. Since a cloud aggregates resources, cloud providers charter expert security personnel while typical companies could be limited with a network administrator who might not be well versed in cyber security issues. The new concepts introduced by the clouds, such as computation outsourcing, resource sharing, and external data warehousing, increase the security and privacy concerns and create new security challenges. Moreover, the large scale of the clouds, the proliferation of mobile access devices (e

  16. Computer Security: better code, fewer problems

    Stefan Lueders, Computer Security Team

    2016-01-01

    The origin of many security incidents is negligence or unintentional mistakes made by web developers or programmers. In the rush to complete the work, due to skewed priorities, or just to ignorance, basic security principles can be omitted or forgotten.   The resulting vulnerabilities lie dormant until the evil side spots them and decides to hit hard. Computer security incidents in the past have put CERN’s reputation at risk due to websites being defaced with negative messages about the Organization, hash files of passwords being extracted, restricted data exposed… And it all started with a little bit of negligence! If you check out the Top 10 web development blunders, you will see that the most prevalent mistakes are: Not filtering input, e.g. accepting “<“ or “>” in input fields even if only a number is expected.  Not validating that input: you expect a birth date? So why accept letters? &...

  17. The Role of Trust in Computer Security

    Jensen, Christian D.

    2012-01-01

    human behaviour imposed by social and religious norms. Most of these assumptions, however, are implicit and they will fail when the environment of the systems change, e.g., when systems are used on a global scale on the Internet. This talk identifies such implicit assumptions in current security...... technologies and show how many of them concern the placement of trust on human or system agents. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason......Summary form only given. Traditional security technologies are based on numerous assumptions about the environment in which systems are used. This includes assumptions about the enforcement of legislative and contractual frameworks, limitations of particular technologies and the constraints on...

  18. Audit and Evaluation of Computer Security. Computer Science and Technology.

    Ruthberg, Zella G.

    This is a collection of consensus reports, each produced at a session of an invitational workshop sponsored by the National Bureau of Standards. The purpose of the workshop was to explore the state-of-the-art and define appropriate subjects for future research in the audit and evaluation of computer security. Leading experts in the audit and…

  19. Cloud computing security with Nymble Technology

    Pradip U.Wawge

    2012-03-01

    Full Text Available Misbehave blacklisting schemes allow online service provide in cloud computer to prevent Misbehave access by abusive users while preserving the privacy of all Misbehave users (both abusive and non-abusive. The scheme proposed for this purpose was Nymble, an extremely efficient scheme based only on symmetric primitives; however, Nymble relies on trusted third parties who can collude to de-Anonymizing users of the scheme.Networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited by users employing this anonymity for abusive purposes such as defacing popular Web sites. Web site administrators routinely rely on IP-address blocking for disabling access to misbehaving users, but blocking IP addresses is not practical if the abuser routes through an misbehave network. As a result, administrators block all known exit nodes of misbehave networks, denying anonymous access to misbehaving and behaving users alike. To address this problem, we present Nimble, a system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. Our system is thus agnostic to different servers’ definitions of misbehaviour servers can blacklist users for whatever reason, and the privacy of blacklisted users is maintained.Although the cloud computing model is considered to be a very promising internet-based computing platform, it results in a loss of security control over the cloud-hosted assets. This is due to the outsourcing of enterprise IT assets hosted on third-party cloud computing platforms. Moreover, the lack of security constraints in the Service Level Agreements between the cloud providers and consumers results in a loss of trust as well. Obtaining a security certificate such as ISO 27000 or NIST-FISMA would help cloud providers improve consumers trust in their cloud

  20. Customer Security Issues in Cloud Computing

    Nimmati Satheesh

    2013-01-01

    The Cloud computing concept offers dynamically scalable resources provisioned as a service overthe Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capitalexpenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality, however, thereare still some challenges to be solved. Amongst these are security and trust issues, since the user's data has tobe released to the Cloud and thus leaves the protection-sphere of the dat...

  1. Computer Security: Introduction to information and computer security (1/4)

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  2. Protecting Office Information: Computer and Data Security.

    Davis-Newton, Hazel C.

    1986-01-01

    Discusses the nature of modern office automation, microcomputer access controls that can be activated to improve security (passwords, error lockout, palm geometry, automatic shutoff, time lock, call back), data communications controls (cryptographic transmission of data, scramblers, dial-back-devices), and management practices that may be…

  3. Extreme Scale Computing to Secure the Nation

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  4. Security Issues Associated with Big Data in Cloud Computing

    Venkata Narasimha Inukollu; Sailaja Arsi; Srinivasa Rao Ravuri

    2014-01-01

    In this paper, we discuss security issues for cloud computing, Big data, Map Reduce and Hadoop environment. The main focus is on security issues in cloud computing that are associated with big data. Big data applications are a great benefit to organizations, business, companies and many large scale and small scale industries.We also discuss various possible solutions for the issues in cloud computing security and Hadoop. Cloud computing security is developing at a rapid pace which includes co...

  5. Secure User Data in Cloud Computing using RSA Algorithm

    Sunny Behal

    2014-12-01

    Full Text Available Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services of the internet. Cloud computing provides customers the way to share distributed resources and services that belong to different organizations or sites. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This paper explores various security methods such as Access Control, Telecommunications and Network Security, Information security governance and risk management, Application Security, Security Architecture and Design, We proposed a method using RSA algorithm.

  6. 48 CFR 952.204-77 - Computer security.

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006)...

  7. SEED: A Suite of Instructional Laboratories for Computer Security Education

    Du, Wenliang; Wang, Ronghua

    2008-01-01

    The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

  8. Securing Embedded Smart Cameras with Trusted Computing

    Winkler Thomas

    2011-01-01

    Full Text Available Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only open new possibilities but also raise new challenges. Often overlooked are potential security issues of the camera system. The increasing amount of software running on the cameras turns them into attractive targets for attackers. Therefore, the protection of camera devices and delivered data is of critical importance. In this work we present an embedded camera prototype that uses Trusted Computing to provide security guarantees for streamed videos. With a hardware-based security solution, we ensure integrity, authenticity, and confidentiality of videos. Furthermore, we incorporate image timestamping, detection of platform reboots, and reporting of the system status. This work is not limited to theoretical considerations but also describes the implementation of a prototype system. Extensive evaluation results illustrate the practical feasibility of the approach.

  9. Computer-Aided Sensor Development Focused on Security Issues.

    Bialas, Andrzej

    2016-01-01

    The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research. PMID:27240360

  10. Flexible And Secure Access To Computing Clusters

    Jan Meizner

    2010-01-01

    Full Text Available The investigation presented in this paper was prompted by the need to provide a manageablesolution for secure access to computing clusters with a federated authentication framework.This requirement is especially important for scientists who need direct access to computingnodes in order to run their applications (e.g. chemical or medical simulations with proprietary,open-source or custom-developed software packages. Our existing software, whichenables non-Web clients to use Shibboleth-secured services, has been extended to providedirect SSH access to cluster nodes using the Linux Pluggable Authentication Modules mechanism.This allows Shibboleth users to run the required software on clusters. Validationand performance comparison with existing SSH authentication mechanisms confirm that thepresented tools satisfy the stated requirements.

  11. On technical security issues in cloud computing

    Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils;

    2009-01-01

    The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality......, however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations. © 2009 IEEE....

  12. Cloud Computing Security Issues and Challenges

    Kuyoro S. O.; Ibikunle F; Awodele O

    2011-01-01

    Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services w...

  13. Towards Information Security Metrics Framework for Cloud Computing

    Muhammad Imran Tariq

    2012-10-01

    Full Text Available Cloud computing has recently emerged as new computing paradigm which basically aims to provide customized, reliable, dynamic services over the internet.  Cost and security are influential issues to deploy cloud computing in large enterprise.  Privacy and security are very important issues in terms of user trust and legal compliance. Information Security (IS metrics are best tool used to measure the efficiency, performance, effectiveness and impact of the security constraints. It is very hard issue to get maximum benefits from Information security metrics in cloud computing. The aim of this paper is to discuss security issues of cloud computing, and propose basic building blocks of information security metrics framework for cloud computing. This framework helps cloud users to create information security metrics, analyze cloud threats, processing on cloud threats to mitigate them and threat assessment

  14. Security Implications of Making Computing Resources Available via Computational Grids

    Adabala, Sumalatha; Butt, Ali Raza; Figueiredo, Renato J. J.; Kapadia, Nirav H.; Fortes, Jose A. B.

    2001-01-01

    This report inrvestigates the issues of securing access to computin,g resources in computation. al grids. Grid en,viron,men.ts are built orb top of platforms that corrtrol access to resources within a sin,gle adenin.istrative domairr, at the g.r-an,ular.ityo f a use,r. In wide-area multi-domain. grid en.viron,men.ts, the overhead of mainiainin,g user accounts is prohibitive, a.rad secu7.in,g access to resources via user accountability is impractical. Typically, these issues are han,dled by in...

  15. Immunity-based security architecture for active switch

    Jingsong, Pan

    2012-01-01

    This paper proposes one kind of active network security technique which combined artificial immune intrusion detection system (IDS) and firewall, it can omni-directional carry on protection to the computers and networks.

  16. An Overview of Computer Network security and Research Technology

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  17. Security Issues Associated with Big Data in Cloud Computing

    Venkata Narasimha Inukollu

    2014-06-01

    Full Text Available In this paper, we discuss security issues for cloud computing, Big data, Map Reduce and Hadoop environment. The main focus is on security issues in cloud computing that are associated with big data. Big data applications are a great benefit to organizations, business, companies and many large scale and small scale industries.We also discuss various possible solutions for the issues in cloud computing security and Hadoop. Cloud computing security is developing at a rapid pace which includes computer security, network security, information security, and data privacy. Cloud computing plays a very vital role in protecting data, applications and the related infrastructure with the help of policies, technologies, controls, and big data tools Moreover, cloud computing, big data and its applications, advantages are likely to represent the most promising new frontiers in science.

  18. Secure Two-Party Computational Geometry

    Shun-Dong Li; Yi-Qi Dai

    2005-01-01

    Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric problems, and in doing so a building block is developed,the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.

  19. Computer Network Security: Best Practices for Alberta School Jurisdictions.

    Alberta Dept. of Education, Edmonton.

    This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…

  20. An Overview Of The Security Concerns In Enterprise Cloud Computing

    Anthony Bisong; Rahman, Syed M.

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud comp...

  1. An Overview of the Security Concerns in Enterprise Cloud Computing

    Bisong, Anthony; Syed; Rahman, M.

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud co...

  2. Security in Cloud Computing : A Security Assessment of Cloud Computing Providers for an Online Receipt Storage

    Blakstad, Kåre Marius; Andreassen, Mats

    2010-01-01

    Considerations with regards to security issues and demands must be addressed before migrating an application into a cloud computing environment. Different vendors, Microsoft Azure, Amazon Web Services and Google AppEngine, provide different capabilities and solutions to the individual areas of concern presented by each application. Through a case study of an online receipt storage application from the company dSafe, a basis is formed for the evaluation. The three cloud computing vendors are a...

  3. Secure Multiparty Quantum Computation for Summation and Multiplication.

    Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

    2016-01-01

    As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics. PMID:26792197

  4. Computer security of NPP instrumentation and control systems: regulatory framework

    The paper examines the regulatory framework on computer security of NPP instrumentation and control systems (I and C) and presents the short overview of IAEA Nuclear Security Series. It considers the key reference manual from these series and draft new guide on NPP I and C computer security. The paper presents requirements for information and computer security of NPP I and C from the standards of the International Electrotechnical Commission (IEC) and, in particular, the standard regulating requirements for NPP I and C computer security program. Regulatory guide of the US Nuclear Regulatory Commission with requirements for computer security program of nuclear facilities has been analyzed. The research considers challenges of regulatory control in this area and defines tasks to improve regulatory framework on computer security at Ukrainian nuclear facilities.

  5. Modeling and performance evaluation of computer systems security operation

    Guster, D.; Krivulin, N. K.

    2012-01-01

    A model of computer system security operation is developed based on the fork-join queueing network formalism. We introduce a security operation performance measure, and show how it may be used to performance evaluation of actual systems.

  6. Restricted access processor - An application of computer security technology

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  7. Computer Security: is your code sane?

    Stefan Lueders, Computer Security Team

    2015-01-01

    How many of us write code? Software? Programs? Scripts? How many of us are properly trained in this and how well do we do it? Do we write functional, clean and correct code, without flaws, bugs and vulnerabilities*? In other words: are our codes sane?   Figuring out weaknesses is not that easy (see our quiz in an earlier Bulletin article). Therefore, in order to improve the sanity of your code, prevent common pit-falls, and avoid the bugs and vulnerabilities that can crash your code, or – worse – that can be misused and exploited by attackers, the CERN Computer Security team has reviewed its recommendations for checking the security compliance of your code. “Static Code Analysers” are stand-alone programs that can be run on top of your software stack, regardless of whether it uses Java, C/C++, Perl, PHP, Python, etc. These analysers identify weaknesses and inconsistencies including: employing undeclared variables; expressions resu...

  8. Computer Security: Your privacy at CERN matters

    Stefan Lueders, Computer Security Team

    2015-01-01

    Congrats to all those who spotted that our last contribution to the CERN Bulletin (“CERN Secure Password Competition” – see here) was an April Fools’ Day hoax. Of course, there is no review and no jury and there won’t be any competition. Consequently, we are sorry to say that we cannot announce any winners. The extension of the password history rule and the initiative of finding password duplicates are absolute nonsense too.   In fact, the Computer Security team, just like the CERN Account Management service, the Single Sign-On team and the ServiceDesk, does not know and has no need to know your password. Passwords are actually salted and hashed using the SHA256 cryptographic hash function. Thus, there is no literal password database and no way that anyone apart from you can know your password – unless you have given it away intentionally or inadvertently… Remember, your password is yours and only yours, so please do not...

  9. Computer Security: WWW censorship? Not at CERN

    Stefan Lueders, Computer Security Team

    2016-01-01

    Whoops! We received a number of critical responses to our previous article on the upcoming DNS firewall (“DNS to the rescue!” - see here). While they were mostly constructive, the main question was “How dare we censor Internet access?” Let us clarify this.   Computer security at CERN must always find the right balance between CERN’s academic environment, its operations and security itself. Of course we can easily overdo it one way or another, but that would kill our academic freedom and bring the Organization to a halt. That certainly isn’t in our interest. On the other hand, CERN is permanently under attack and we have to do everything possible to ensure that those attacks are kept at bay. Otherwise they could impact CERN’s operations… So, have we found the right balance? Concerning access to the Internet and in particular to the web, we have not and will not block random websites because of their content unless &a...

  10. Java parallel secure stream for grid computing

    The emergence of high speed wide area networks makes grid computing a reality. However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to network tuning of TCP window size to improve the bandwidth and to reduce latency on a high speed wide area network. The authors present a pure Java package called JPARSS (Java Parallel Secure Stream) that divides data into partitions that are sent over several parallel Java streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a gird environment without the necessity of tuning the TCP window size. Several experimental results are provided to show that using parallel stream is more effective than tuning TCP window size. In addition X.509 certificate based single sign-on mechanism and SSL based connection establishment are integrated into this package. Finally a few applications using this package will be discussed

  11. Computer Security: The dilemma of fractal defence

    Stefan Lueders, Computer Security Team

    2015-01-01

    Aren’t mathematical fractals just beautiful? The Mandelbrot set and the Julia set, the Sierpinski gasket, the Menger sponge, the Koch curve (see here)… Based on very simple mathematical rules, they quickly develop into a mosaic of facets slightly different from each other. More and more features appear the closer you zoom into a fractal and expose similar but not identical features of the overall picture.   Computer security is like these fractals, only much less pretty: simple at first glance, but increasingly complex and complicated when you look more closely at the details. The deeper you dig, the more and more possibilities open up for malicious people as the attack surface grows, just like that of “Koch’s snowflakes”, where the border length grows exponentially. Consequently, the defensive perimeter also increases when we follow the bits and bytes layer by layer from their processing in the CPU, trickling up the software stack thro...

  12. Java Parallel Secure Stream for Grid Computing

    JieChen; WaltAkers; 等

    2001-01-01

    The emergence of high speed wide area networks makes grid computing a reality.However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to metwork tuning of TCP window size to imporvethe bandwidth and to reduce latency on a high speed wide area network.This paper presents a pure Java package called JPARSS(java Parallel Secure Stream) that divides data into partitions that are sent over several parallel Java Streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a gird environment without the necessity of tuning the TCP window size.Several experimental results are provided to show that using parallel stream is more effective than tuning TCP window size.In addition X.509 certificate based single sign-on mechanism and SSL based connection establishment are integrated into this package ,Finally a few applications using this package will be discussed.

  13. Teaching Objectives of a Simulation Game for Computer Security

    Irvine, Cynthia E.; Thompson, Michael

    2003-01-01

    This paper describes a computer simulation game being developed to teach computer security principles. The player of the game constructs computer networks and makes choices affecting the ability of these networks and the game's virtual users to protect valuable assets from attack by both vandals and well-motivated professionals. The game introduces the player to the need for well formed information security policies, allowing the player to deploy a variety of means to enforce security policie...

  14. CONSIDERATIONS ABOUT COMPUTER NETWORKS SECURITY UNDER VARIOUS OPERATING SYSTEMS

    Nicolae Radu MARSANU; Claudiu SICHITIU; George SICHITIU

    2010-01-01

    Importance of security issues in computer networks has increased with the expansion of electronic data processing and transmission via the network. When operating on confidential information, it is important that the benefits of sharing and communication of a computer network to be supported by substantial security facilities. This is essential given that computer networks have come to be used including the development of banking, shopping or fees. Following the implementation of security mec...

  15. A Security Kernel Architecture Based Trusted Computing Platform

    CHEN You-lei; SHEN Chang-xiang

    2005-01-01

    A security kernel architecture built on trusted computing platform in the light of thinking about trusted computing is presented. According to this architecture, a new security module TCB (Trusted Computing Base) is added to the operation system kernel and two operation interface modes are provided for the sake of self-protection. The security kernel is divided into two parts and trusted mechanism is separated from security functionality. The TCB module implements the trusted mechanism such as measurement and attestation,while the other components of security kernel provide security functionality based on these mechanisms. This architecture takes full advantage of functions provided by trusted platform and clearly defines the security perimeter of TCB so as to assure self-security from architectural vision. We also present function description of TCB and discuss the strengths and limitations comparing with other related researches.

  16. Nomadic Computing : Security assessment of remote access to workplace systems

    Karlsson, Johanna

    2003-01-01

    Nomadic computing is about communication on an anytime anywhere basis. Security in this area is today not high enough and at the same time nomadic computing is increasing. In this thesis, security in the area of nomadic computing and remote access to company systems is assessed. The purpose is to investigate the security in this area today but also in the future in order to answer the main question of how and when secure nomadic computing can be offered. For this purpose a futuristic scenario...

  17. An Overview Of The Security Concerns In Enterprise Cloud Computing

    Anthony Bisong

    2011-01-01

    Full Text Available Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risksand protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  18. An Overview of the Security Concerns in Enterprise Cloud Computing

    Bisong, Anthony; Rahman, M; 10.5121/ijnsa.2011.3103

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  19. Computer Security: oops, there it goes...

    Stefan Lueders, Computer Security Team

    2015-01-01

    Do you love riddles, hide and seek or picture puzzles a la “Where’s Wally”? Then take a look at the photo below, and try to spot the error.   It is hard to spot: the yellow sticker on the computer screen shows a password providing access to the web application running on the screen. Surprising! Fortunately, this sticker was quickly removed by the corresponding system owners and the password changed. However, we can all make improvements: passwords must never be written down and definitely not on stickers attached to screens, keyboards, or desks. Remember: your password is your “toothbrush” - a toothbrush you do not share and you change regularly. Neither your colleagues, your supervisor, the Service Desk or the Computer Security Team have any valid reason to ask for it. They should not and will never do so. The same is valid for any external company: UBS, Paypal, Amazon, Facebook or Google will never ask you for your pass...

  20. Computer Security: in the name of CERN

    Stefan Lueders, Computer Security Team

    2015-01-01

    This summer, the American/Canadian dating website Ashley Madison was successfully compromised by a group of hackers (see here) who subsequently published tons of confidential information: addresses, dates of birth, e-mail addresses, ethnicities, genders, names, passwords, payment histories, phone numbers, security questions, sexual preferences, usernames and website activity.   Initially, these attackers blackmailed Ashley Madison and requested that the service be shut down. Later, however, they just made their stolen data public on the Internet. More than 30 million unique e-mail addresses – a hallelujah for miscreants. What can they do with this data? One possibility is blackmailing the people whose e-mail addresses were exposed by threatening to tell their spouses (“Pay me X bitcoins or I will tell your spouse that you are looking for a date!”). Another is targeting those people who have registered with their company e-...

  1. Secure system design and trustable computing

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  2. A Novel Open Security Framework for Cloud Computing

    Devki Gaurav Pal

    2012-06-01

    Full Text Available The evolution of cloud computing enables organizations to reduce their expenditure on IT infrastructure and is advantageous to both the serving and served organizations. But security issue is major concern in adoption of cloud. This paper focuses on the problem of lack of security considerations in Service Level Agreements and top security threats and vulnerability which are suggested by security experts. The Security framework for end to end security in cloud computing has also been proposed in the present work. This paper also draws attention on need of Open Security Framework. Proposed framework is developed by collective participation of security experts, practitioners, Cloud Service Providers and Clients. It is in line with various government policies, legislation and standards like ISO 27000 series, SOX, HIPPA, COBIT, ITIL etc. to comply with them. This step will boost mutual trust and privacy of participants.

  3. Implementation of computer security at nuclear facilities in Germany

    Lochthofen, Andre; Sommer, Dagmar [Gesellschaft fuer Anlagen- und Reaktorsicherheit mbH (GRS), Koeln (Germany)

    2013-07-01

    In recent years, electrical and I and C components in nuclear power plants (NPPs) were replaced by software-based components. Due to the increased number of software-based systems also the threat of malevolent interferences and cyber-attacks on NPPs has increased. In order to maintain nuclear security, conventional physical protection measures and protection measures in the field of computer security have to be implemented. Therefore, the existing security management process of the NPPs has to be expanded to computer security aspects. In this paper, we give an overview of computer security requirements for German NPPs. Furthermore, some examples for the implementation of computer security projects based on a GRS-best-practice-approach are shown. (orig.)

  4. Deliberate Secure Grid Computing Blueprint Design in Indian Context

    Sanjeev Puri

    2012-06-01

    Full Text Available The novel concept of grid computing, clusters of computational power is constructed from a network of many small and widespread different computers servers or workstations into a single resource. We now proceed to translate the grid security problem into specific grid security requirements. The purpose of Grid technologies is to support the secure sharing and scalable coordinated use of diverse resources in dynamic, distributed VOs. We propose a secure blueprint design for grid systems that addresses requirements for single sign-on, interoperability with local policies of any grid city of India, with dynamically varying resource demands.

  5. Modeling Computational Security in Long-Lived Systems

    Canetti, Ran; Cheung, Ling; Kaynar, Dilsun; Lynch, Nancy; Pereira, Olivier

    2009-01-01

    For many cryptographic protocols, security relies on the assumption that adversarial entities have limited computational power. This type of security degrades progressively over the lifetime of a protocol. However, some cryptographic services, such as timestamping services or digital archives, are emph{long-lived} in nature; they are expected to be secure and operational for a very long time (ie super-polynomial). In such cases, security cannot be guaranteed in the traditi...

  6. A Novel Cloud Computing Algorithm of Security and Privacy

    Chih-Yung Chen

    2013-01-01

    Full Text Available The emergence of cloud computing has simplified the flow of large-scale deployment distributed system of software suppliers; when issuing respective application programs in a sharing clouds service to different user, the management of material becomes more complex. Therefore, in multitype clouds service of trust environment, when enterprises face cloud computing, what most worries is the issue of security, but individual users are worried whether the privacy material will have an outflow risk. This research has mainly analyzed several different construction patterns of cloud computing, and quite relevant case in the deployment construction security of cloud computing by fit and unfit quality, and proposed finally an optimization safe deployment construction of cloud computing and security mechanism of material protection calculating method, namely, Global Authentication Register System (GARS, to reduce cloud material outflow risk. We implemented a system simulation to test the GARS algorithm of availability, security and performance. By experimental data analysis, the solutions of cloud computing security, and privacy derived from the research can be effective protection in cloud information security. Moreover, we have proposed cloud computing in the information security-related proposals that would provide related units for the development of cloud computing security practice.

  7. Practical Secure Computation with Pre-Processing

    Zakarias, Rasmus Winther

    2016-01-01

    , communicating O(n log∗ n) ele- ments in the small field and performing O(n log n log log n) operations on small field elements. The fourth main result of the dissertation is a generic and efficient protocol for proving knowledge of a witness for circuit satisfiability in Zero-Knowledge. We prove our......Secure Multiparty Computation has been divided between protocols best suited for binary circuits and protocols best suited for arithmetic circuits. With their MiniMac protocol in [DZ13], Damgård and Zakarias take an important step towards bridging these worlds with an arithmetic protocol tuned for...... yields an astonishing fast evaluation per AES block of 400μs = 400 ∗ 10−6 seconds. Our techniques focus on AES but work in general. In particular we reduce round complexity of the protocol using oblivious table lookup to take care of the non-linear parts. At first glance one might expect table lookup to...

  8. Computer Security: “New_invoice.zip”

    Stefan Lueders, Computer Security Team

    2015-01-01

    Thanks for reading this. But I wonder, what do you expect? Why did this generic title catch your interest? Of course, you might read our articles on a regular basis and it is the “Computer Security:” that brought you here. But still, was there anything else? You should stop reading here... unless you believe this text is meant for you. Or if you are curious. Or if you expect to learn something. Actually, that’s it. “New_invoice.zip” taught more than 40 people at CERN a lesson... the hard way.   “New_invoice.zip” was the name of an attachment to a rather blunt e-mail sent directly to many of our dear colleagues. Others received the e-mail via mailing lists like “it-dep”. The subject of the mail was “invoice” and its message read “Check the document” (see Image 1). The recipient list was vast and full of many different, not necessarily connected names. Clicking on t...

  9. Machine Learning Methods for Computer Security (Dagstuhl Perspectives Workshop 12371)

    Joseph, Anthony D.; Laskov, Pavel; Roli, Fabio; Tygar, J. Doug; Nelson, Blaine

    2013-01-01

    The study of learning in adversarial environments is an emerging discipline at the juncture between machine learning and computer security. The interest in learning-based methods for security- and system-design applications comes from the high degree of complexity of phenomena underlying the security and reliability of computer systems. As it becomes increasingly difficult to reach the desired properties solely using statically designed mechanisms, learning methods are being used more and mor...

  10. Computer Security and the Data Encryption Standard. Proceedings of the Conference on Computer Security and the Data Encryption Standard.

    Branstad, Dennis K., Ed.

    The 15 papers and summaries of presentations in this collection provide technical information and guidance offered by representatives from federal agencies and private industry. Topics discussed include physical security, risk assessment, software security, computer network security, and applications and implementation of the Data Encryption…

  11. Food Security Strategy Based on Computer Innovation

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  12. Practical and Secure Outsourcing of Linear Programming in Cloud Computing

    K. Jaya Santhosh, S. Reshma

    2012-01-01

    Despite the tremendous benefits in CloudComputing, security is the primary obstacle, especially forcustomers when their confidential data are consumed andproduced during the computation. Treating the cloud as anintrinsically insecure computing platform from theviewpoint of the cloud customers, we must designmechanisms that not only protect sensitive information byenabling computations with encrypted data, but also protectcustomers from malicious behaviors by enabling thevalidation of computat...

  13. On the Power of Correlated Randomness in Secure Computation

    Ishai, Yuval; Kushilevitz, Eyal; Meldgaard, Sigurd Torkel;

    2013-01-01

    positive and negative results on unconditionally secure computation with correlated randomness. Concretely, we obtain the following results. Minimizing communication. Any multiparty functionality can be realized, with perfect security against semi-honest parties or statistical security against malicious......We investigate the extent to which correlated secret randomness can help in secure computation with no honest majority. It is known that correlated randomness can be used to evaluate any circuit of size s with perfect security against semi-honest parties or statistical security against malicious...... parties, where the communication complexity grows linearly with s. This leaves open two natural questions: (1) Can the communication complexity be made independent of the circuit size? (2) Is it possible to obtain perfect security against malicious parties? We settle the above questions, obtaining both...

  14. Peer-to-Peer Secure Multi-Party Numerical Computation

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2008-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and numerous other tasks, where the computing nodes would like to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we examine several possible approaches and discuss their feasibility. Among the possible approaches, we identify a single approach which is both scalable and theoretically secure. An additional novel contribution is that we show how to compute the neighborhood based collaborative filtering, a state-of-the-art collaborative filtering algorithm, winner of the Netflix progress ...

  15. The importance of trust in computer security

    Jensen, Christian D.

    2014-01-01

    fail. In particular, we identify areas where the “hard” security properties are based on trust in the different agents in the system and certain external agents who enforce the legislative and contractual frameworks. Trust is generally considered a “soft” security property, so building a “hard...

  16. Secure User Data in Cloud Computing using RSA Algorithm

    Sunny Behal

    2014-01-01

    Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services of the internet. Cloud computing provides customers the way to share distributed resources and services that belong to different organizations or sites. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This paper explores various security methods su...

  17. Food Security Strategy Based on Computer Innovation

    Ruihui Mu

    2015-04-01

    Full Text Available Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control strategy, when the issue of marketing and business strategy is very important. The results of this study also demonstrated the relationship between reward and food security strategies. Interview analysis showed that the attitude of senior management in the hotel's food security policy, the company's ability to significantly dependent on the corporate image.

  18. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Yi Sun; Qiaoyan Wen; Yudong Zhang; Hua Zhang; Zhengping Jin; Wenmin Li

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following th...

  19. Security Implications of Typical Grid Computing Usage Scenarios

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing

  20. A Distributed k-Secure Sum Protocol for Secure Multi-Party Computations

    Sheikh, Rashid; Mishra, Durgesh Kumar

    2010-01-01

    Secure sum computation of private data inputs is an interesting example of Secure Multiparty Computation (SMC) which has attracted many researchers to devise secure protocols with lower probability of data leakage. In this paper, we provide a novel protocol to compute the sum of individual data inputs with zero probability of data leakage when two neighbor parties collude to know the data of a middle party. We break the data block of each party into number of segments and redistribute the segments among parties before the computation. These entire steps create a scenario in which it becomes impossible for semi honest parties to know the private data of some other party.

  1. Robust Security System for Critical Computers

    Preet Inder Singh

    2012-06-01

    Full Text Available Among the various means of available resource protection including biometrics, password based system is most simple, user friendly, cost effective and commonly used, but this system having high sensitivity with attacks. Most of the advanced methods for authentication based on password encrypt the contents of password before storing or transmitting in physical domain. But all conventional cryptographic based encryption methods are having its own limitations, generally either in terms of complexity, efficiency or in terms of security. In this paper a simple method is developed that provide more secure and efficient means of authentication, at the same time simple in design for critical systems. Apart from protection, a step toward perfect security has taken by adding the feature of intruder detection along with the protection system. This is possible by merging various security systems with each other i.e password based security with keystroke dynamic, thumb impression with retina scan associated with the users. This new method is centrally based on user behavior and users related security system, which provides the robust security to the critical systems with intruder detection facilities.

  2. Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

    Tompkins, F. G.

    1983-01-01

    The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

  3. Security Framework for Agent-Based Cloud Computing

    K Venkateshwaran

    2015-06-01

    Full Text Available Agent can play a key role in bringing suitable cloud services to the customer based on their requirements. In agent based cloud computing, agent does negotiation, coordination, cooperation and collaboration on behalf of the customer to make the decisions in efficient manner. However the agent based cloud computing have some security issues like (a. addition of malicious agent in the cloud environment which could demolish the process by attacking other agents, (b. denial of service by creating flooding attacks on other involved agents. (c. Some of the exceptions in the agent interaction protocol such as Not-Understood and Cancel_Meta protocol can be misused and may lead to terminating the connection of all the other agents participating in the negotiating services. Also, this paper proposes algorithms to solve these issues to ensure that there will be no intervention of any malicious activities during the agent interaction.

  4. A survey on top security threats in cloud computing

    Muhammad Kazim

    2015-03-01

    Full Text Available Cloud computing enables the sharing of resources such as storage, network, applications and software through internet. Cloud users can lease multiple resources according to their requirements, and pay only for the services they use. However, despite all cloud benefits there are many security concerns related to hardware, virtualization, network, data and service providers that act as a significant barrier in the adoption of cloud in the IT industry. In this paper, we survey the top security concerns related to cloud computing. For each of these security threats we describe, i how it can be used to exploit cloud components and its effect on cloud entities such as providers and users, and ii the security solutions that must be taken to prevent these threats. These solutions include the security techniques from existing literature as well as the best security practices that must be followed by cloud administrators.

  5. Composable security of measuring-Alice blind quantum computation

    Morimae, Tomoyuki; Koshiba, Takeshi

    2013-01-01

    Blind quantum computing [A. Broadbent, J. Fitzsimons, and E. Kashefi, Proceedings of the 50th Annual IEEE Symposium on Foundations of Computer Science 517 (2009)] is a secure cloud quantum computing protocol which enables a client (who does not have enough quantum technology at her disposal) to delegate her quantum computation to a server (who has a universal quantum computer) without leaking any relevant information to the server. In [T. Morimae and K. Fujii, Phys. Rev. A {\\bf87}, 050301(R) ...

  6. A Survey on Cloud Computing Security

    Modares, Hero; Salleh, Rosli; Moravejosharieh, Amirhosein; Keshavarz, Hassan; Shahgoli, Majid Talebi

    2012-01-01

    Computation encounter the new approach of cloud computing which maybe keeps the world and possibly can prepare all the human's necessities. In other words, cloud computing is the subsequent regular step in the evolution of on-demand information technology services and products. The Cloud is a metaphor for the Internet and is a concept for the covered complicated infrastructure; it also depends on sketching in computer network diagrams. In this paper we will focus on concept of cloud computing...

  7. A REVIEW ON SECURED CLOUD COMPUTING ENVIRONMENT

    M. Hemanth Chakravarthy; E. Kannan

    2014-01-01

    Nowadays, the scientific problem becomes very complex; therefore, it requires more computing power and storage space. These requirements are very common in an organization while dealing with current technological data and requirements. Based on these basic requirements, need of higher computational resources is an important issue when dealing with current technological methodology. Hence, cloud computing has become the most important computing paradigm of recent world. The cloud computing is ...

  8. Computer Security: Cryptography and authentication (2/4)

    CERN. Geneva

    2012-01-01

    Remi Mollon studied computer security at University and he first worked on Grids, with the EGEE project, for a French Bioinformatics institute. Information security being crucial in that field, he developed an encrypted file management system on top of Grid middleware, and he contributed in integrating legacy applications with Grids. Then, he was hired by CERN as a Grid Data Management developer, and he joined the Grid Operational Security Coordination Team. Remi has now moved to CERN Computer Security Team. Remi is involved in the daily security operations, in addition to be responsible to design Team's computer infrastructure, and to participate to several projects, like multi-factor authentication at CERN. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have s...

  9. Security Issues Model on Cloud Computing: A Case of Malaysia

    Komeil Raisian; Jamaiah Yahaya

    2015-01-01

    By developing the cloud computing, viewpoint of many people regarding the infrastructure architectures, software distribution and improvement model changed significantly. Cloud computing associates with the pioneering deployment architecture, which could be done through grid calculating, effectiveness calculating and autonomic calculating. The fast transition towards that, has increased the worries regarding a critical issue for the effective transition of cloud computing. From the security v...

  10. Analysis on Cloud Computing Information Security Problems and the Countermeasures

    2012-01-01

    Cloud computing is one of the most popular terms in the present IT industry, as well as one of the most prosperous technology. This paper introduces the concept, principle and characteristics of cloud computing, analyzes information security problems resulted from cloud computing, and puts forward corresponding solutions.

  11. Securing the Data Storage and Processing in Cloud Computing Environment

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  12. Optimizing security of cloud computing within the DoD

    Antedomenico, Noemi

    2010-01-01

    What countermeasures best strengthen the confidentiality, integrity and availability (CIA) of the implementation of cloud computing within the DoD? This question will be answered by analyzing threats and countermeasures within the context of the ten domains comprising the Certified Information System Security Professional (CISSP) Common Body of Knowledge (CBK). The ten domains that will be used in this analysis include access control; telecommunications and network security; information secur...

  13. Computer Security: a Survey of Methods and Systems

    Yampolskiy, Roman V.; Venu Govindaraju

    2007-01-01

    In this work we have reviewed studies which survey all aspects of computer security including attackers and attacks, software bugs and viruses as well as different intrusion detection systems and ways to evaluate such systems. The aim was to develop a survey of security related issues which would provide adequate information and advice to newcomers to the field as well as a good reference guide for security professionals.

  14. Position paper on active countermeasures for computer networks.

    Van Randwyk, Jamie A.

    2003-07-01

    Computer security professionals have used passive network countermeasures for several years in order to secure computer networks. Passive countermeasures such as firewalls and intrusion detection systems are effective but their use alone is not enough to protect a network. Active countermeasures offer new ways of protecting a computer network. Corporations and government entities should adopt active network countermeasures as a means of protecting their computer networks.

  15. A SECURE KEY COMPUTATION PROTOCOL FOR SECURE GROUP COMMUNICATION WITH PASSWORD BASED AUTHENTICATION

    Velumadhava Rao R

    2013-02-01

    Full Text Available Providing security in group communication is more essential in this new network environment. Authentication and Confidentiality are the major concerns in secure group communication. Our proposed approach uses an authenticated group key transfer protocol that relies on trusted key generation center (KGC. KGC computes group pair for each individual and transport the pair of values to all group members in a secured manner. Password based authentication mechanism is used to avoid the illegal member access in a group Also, the proposed approach facilitates efficient key computation technique such that only authorized group members will be able to computer and retrieve the secret key and unauthorized members cannot retrieve the key. The proposed algorithm is more efficient and relies on NP class. In addition, the distribution of key is also safe and secure. Moreover, the pair generated for the computation of key is also very strong since the cryptographic techniques are used which provides efficient computation.

  16. Constant-overhead secure computation of Boolean circuits using preprocessing

    Damgård, Ivan Bjerre; Zakarias, S.

    2013-01-01

    We present a protocol for securely computing a Boolean circuit C in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming a preprocessing functionality that is not given the inputs. For a large number of players the work for each player is the same as...

  17. Telecommunications Policy Research Conference. Computer and Communications Security Section. Papers.

    Telecommunications Policy Research Conference, Inc., Washington, DC.

    In his paper, "European Needs and Attitudes towards Information Security," Richard I. Polis notes that the needs for security in computer systems, telecommunications, and media are rather uniform throughout Western Europe, and are seen as being significantly different from the needs in the United States. Recognition of these needs is, however,…

  18. Effective Ways of Secure Private and Trusted Cloud Computing

    Pardeep Kumar

    2011-05-01

    Full Text Available Cloud computing is an Internet-based computing, where shared resources, software and information, are provided to computers and devices on-demand. It provides people the way to share distributed resources and services that belong to different organization. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. In this paper we assess how can cloud providers earn their customers' trust and provide the security, privacy and reliability, when a third party is processing sensitive data in a remote machine located in various countries? A concept of utility cloud has been represented to provide the various services to the users. Emerging technologies can help address the challenges of Security, Privacy and Trust in cloud computing.

  19. A Compendium Over Cloud Computing Cryptographic Algorithms and Security Issues

    Neha Mishra

    2015-01-01

    Full Text Available Cloud computing is an emerging and revolutionary approach towards the computing and becoming more risk prone than ever before. It is an evolutionary approach of using resources and services on demand and as per need of consumers. Cloud computing providing a platform rose on the Internet for usage of IT services and flexible infrastructure to the consumers and business. Deployment and management of services or resources are maintained by the third party. Whereas there are innumerable advantages to approaching the cloud computing, it also contains various issues such as confidentiality, Integrity, Authenticity and Privacy. One of the prominent barrier to adopt the cloud computing is security. This paper comprises the elaborated study on various security issues allied to cloud computing are presented by consolidating literature reviews on cryptographic algorithms used for data security.

  20. Effective Ways of Secure, Private and Trusted Cloud Computing

    Kumar, Pardeep; Chauhan, Durg Singh; Gupta, P K; Diwakar, Manoj

    2011-01-01

    Cloud computing is an Internet-based computing, where shared resources, software and information, are provided to computers and devices on-demand. It provides people the way to share distributed resources and services that belong to different organization. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. In this paper we assess how can cloud providers earn their customers' trust and provide the security, privacy and reliability, when a third party is processing sensitive data in a remote machine located in various countries? A concept of utility cloud has been represented to provide the various services to the users. Emerging technologies can help address the challenges of Security, Privacy and Trust in cloud computing.

  1. Using Binary Code Instrumentation in Computer Security

    Marius POPA

    2013-01-01

    Full Text Available The paper approaches the low-level details of the code generated by compilers whose format permits outside actions. Binary code modifications are manually done when the internal format is known and understood, or automatically by certain tools developed to process the binary code. The binary code instrumentation goals may be various from security increasing and bug fixing to development of malicious software. The paper highlights the binary code instrumentation techniques by code injection to increase the security and reliability of a software application. Also, the paper offers examples for binary code formats understanding and how the binary code injection may be applied.

  2. Cloud Computing Security Latest Issues amp Countermeasures

    Shelveen Pandey; Mohammed Farik

    2015-01-01

    Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shar...

  3. Computer Security: Bye, Bye, Windows XP security... Welcome infections!

    Computer Security Team

    2014-01-01

    Rest in peace, Windows XP. Since your birth on 25 October 2001, you have struggled hard to survive this harsh Internet world. You fell prey to “Melissa”, “Sasser” and “Conficker”, and brought CERN its last large-scale infection with “Blaster” in 2004.    After being upgraded to “SP2”, you discovered software development lifecycles, regular “Patch Tuesdays” and a local firewall that rejected everything by default. In the end, you outlived your weird brother “Vista” and survived as the ugly duckling cousin to the beautiful Mr. Mac. But all your ups and downs are over now. On 8 April 2014, you were given your very last security updates. These life-sustaining measures will be stopped now. Game over. From now on, you are a zombie: presumed dead, but still kept running by your master/owner/user. They might not even understand that you now pose a risk ...

  4. SECURED SMART SYSTEM DESING IN PERVASIVE COMPUTING ENVIRONMENT USING VCS

    M.Varaprasad Rao; Prof N Ch Bharta Chryulu

    2015-01-01

    Ubiquitous Computing uses mobile phones or tiny devices for application development with sensors embedded in mobile phones. The information generated by these devices is a big task in collection and storage. For further, the data transmission to the intended destination is delay tolerant. In this paper, we made an attempt to propose a new security algorithm for providing security to Pervasive Computing Environment (PCE) system using Public-key Encryption (PKE) algorithm, Biometric...

  5. Secure Two-Party Computation with Low Communication

    Damgård, Ivan Bjerre; Faust, Sebastian; Hazay, Carmit

    2011-01-01

    We propose a 2-party UC-secure computation protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic...... based on the knowledge of exponent in an RSA group, and build succinct zero-knowledge arguments in the CRS model....

  6. Auditing cloud computing a security and privacy guide

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  7. Strategies for safeguarding security of mobile computing.

    Green, Hays

    2013-02-01

    An effective mobile health strategy should comprise, in the very least, six key steps: Conduct a mobile security risk assessment. Establish policies and procedures. Develop a training program. Implement measures to prevent unauthorized access. Perform a clinical workflow analysis. Establish the organization's approach for responding to a breach. PMID:23413675

  8. Collaboration using roles. [in computer network security

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  9. Concept of private detective and security activity

    Alexey Yu. Ogurtsov

    2011-01-01

    Having analyzed the notions contents, the author has singled out three basic criteria, characterizing private detective and security activity under Russian legislation: provision of services for a fee; service provider must have the special permission (license) from law enforcement agencies.

  10. An Improved Grid Security Infrastructure by Trusted Computing

    YAN Fei; ZHANG Huanguo; SUN Qi; SHEN Zhidong; ZHANG Liqiang; QIANG Weizhong

    2006-01-01

    Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.

  11. Computer Security: one click and BOOM…

    Stefan Lueders, Computer Security Team

    2016-01-01

    Browsing the World Wide Web is not as easy as it seems… One wrong click and all your passwords (CERN, Facebook, PayPal, Amazon, etc.) could be stolen; all your activities could be clandestinely monitored (mouse movements and clicks, words typed, screenshots, microphone and webcam recordings, etc.); confidential documents could be stolen; and an attack path (a so-called back-door) into CERN could be opened…    As a result, you would have to reinstall your computer from scratch and change all your passwords! One of our colleagues learned this the hard way. One wrong click in summer 2015 permitted malicious attackers to infiltrate CERN but, fortunately, no real damage was done. Still, the cost of investigating the incident ran to several tens of thousands of Swiss francs and a lot of time was wasted trying to understand the attacker’s intent and the extent of the infiltration... With the goal of increasing more awareness of the risk of clicking on li...

  12. Security prospects through cloud computing by adopting multiple clouds

    Jensen, Meiko; Schwenk, Jörg; Bohli, Jens Matthias;

    2011-01-01

    Clouds impose new security challenges, which are amongst the biggest obstacles when considering the usage of cloud services. This triggered a lot of research activities in this direction, resulting in a quantity of proposals targeting the various security threats. Besides the security issues coming...... with the cloud paradigm, it can also provide a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the...

  13. Secure Two-Party Computation with Low Communication

    Damgård, Ivan Bjerre; Kölker, Jonas; Faust, Sebastian;

    2012-01-01

    We propose a 2-party UC-secure protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic in the size...... of the circuit. This implies, for instance, delegatable computation that requires no expensive off-line phase and remains secure even if the server learns whether the client accepts its results. To achieve this, we define two new notions of extractable hash functions, propose an instantiation based...

  14. On Some Security Issues in Pervasive Computing - Light Weight Cryptography

    Rukma Rekha N

    2012-02-01

    Full Text Available Pervasive Computing Environment is a world where technologies fadeout into the background. The technology is invisible to the user and he is least distracted by the technology. This paper tries to focus on the issues of pervasive computing and reveals the security issues in pervasive computing. We try to find out the role of light weight cryptography in pervasive computing and a comparison between traditional and light weight cryptographic approaches was made.

  15. Attacks on Computer Network and Corresponding Security Measures

    Gajanan D. Kurundkar; Quadri M.N; Dr.Santosh D. Khamitkar

    2010-01-01

    Computer security means action of preventing and detecting unconstitutional use of your computer. Prevention measures help you to stop "intruders" from accessing any part of your computer system. With the free flow of routing data and the high availability of computer resources, possible threats to the networks can result in loss of privacy and in spiteful use of information or resources that can eventually lead to large financial losses. Detection helps you to determine whether or not someon...

  16. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  17. Current Cloud Computing Security Concerns from Consumer Perspective

    Hafiz Gulfam Ahmad; Zeeshan Ahmad

    2013-01-01

    In recent years cloud computing is the subject of extensive research in the emerging field of information technology and has become a promising business.The reason behind this widespread interest is its abilityto increase the capacity and capability of enterprises,having no investment for new infrastructure,no software license requirement and no need of any training. Security concern is the main limitation factor in the growth of this new born technology.The secur-ity responsibilities of both,the provider and the consumer greatly differ between cloud service models.In this paper we discuss a variety of security risks,authentication issues,trust,and legal regularity in cloud environment with consumer perspective.Early research focused only on techni-cal and business consequences of cloud computing and ignored consumer perspective.There-fore,this paper discusses the consumer security and privacy preferences.

  18. OS friendly microprocessor architecture: Hardware level computer security

    Jungwirth, Patrick; La Fratta, Patrick

    2016-05-01

    We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

  19. Privacy and Security issues in Cloud Computing

    Anita Kumari Nanda , Brojo Kishore Mishra

    2012-01-01

    “Cloud computing” – a relatively recent term, defines the paths ahead in computer science world. Being built on decades of research it utilizes all recent achievements in virtualization, distributed computing, utility computing, and networking. It implies a service oriented architecture through offering software and platforms as services, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on demand services and many other things. Sec...

  20. Computer Security: improve software, avoid blunder

    Computer Security Team

    2014-01-01

    Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

  1. Security Scheme and Its Application towards Vehicular Computing

    Maria baby

    2014-04-01

    Full Text Available Cloud computing is a colloquial expression used to describe a variety of different types of computing that involves a large number of computers that are connected through real time communication network. Cloud computing is a ability to run a program on many connected computers at the same time. Another technology VANET uses moving car as nodes in a network to create a mobile network, allowing a car approximately 100 to 300 meters each other to connectand in turn, create a network with a wide range. Vehicular Computing is a similar toVANET, which have 2 types: infrastructure based VCand autonomous VC. This work is using infrastructure based VC; drivers will be able to access services by network communications involving the roadside infrastructure. Security challenges, which provides the most extensive analysis of the document in the public arena. Although security issues have received attention in cloud computing and vehicular network and identify security challenges that are specific to VCs. E.g.: challenges interface, tangled identifies and locations and the complexity of establishing trust relationships among multiple players caused by intermittent short- range communications. We provide a privacy and security in cloud computing in this paper for vehicular computing

  2. CYBER FORENSICS: COMPUTER SECURITY AND INCIDENTRESPONSE

    Virginiah Sekgwathe; Mohammad Talib

    2012-01-01

    The intensification of Information and Communications Technology usage in all facets of life exceedingly amplify the incidents of information security policy breaches, cyber crimes, fraud, commercial crimes, cyber laundering etc, hence require a well developed approach to tackle these incidents in order to realize legally defensible digital evidence. Since electronic evidence is fragile and can easily be modified, finding this data, collecting, preserving, and presenting it properly in a cour...

  3. Using Binary Code Instrumentation in Computer Security

    Marius POPA; Sergiu Marin CAPISIZU

    2013-01-01

    The paper approaches the low-level details of the code generated by compilers whose format permits outside actions. Binary code modifications are manually done when the internal format is known and understood, or automatically by certain tools developed to process the binary code. The binary code instrumentation goals may be various from security increasing and bug fixing to development of malicious software. The paper highlights the binary code instrumentation techniques by code injection to...

  4. Security and Fault aware Scheduling in Computational Grid

    Mansour Noshfar

    2013-09-01

    Full Text Available Grid Computation is an issue that has received much attention from researchers in recent years. Its aim is to use the computational power of idle resources which have been distributed in different places and under different policies and security conditions. Therefore, one of the challenges facing this technology is the issue of security of jobs and the computational sites. Distributed jobs in computational sites may become problematic due to some infections and malwares. As a result, the risks and security levels should be considered; computing resources must be evaluated by resource owners for task execution, and scheduling should be based on requested users' security levels. This is the matter that has been ignored in the previous scheduling algorithms, which leads to waste of time and overhead. In this paper, a new method based on a combination of Genetic and Imperialism Competitive algorithm is presented to implement a security-aware scheduling and failure algorithm. The proposed method is compared with the previous methods such as Min-Min, Suffrage and genetic algorithms, has become near optimal and led to reduce the overhead caused by violation of security conditions. Additionally, Due to the usage of fault tolerance mechanisms, the performance of these mechanisms has been evaluated and it was found that the replication mechanism had the lowest failure rate and the check point mechanism had a direct effect on the performance and it should be fully supervised and be smart.

  5. CYBER FORENSICS: COMPUTER SECURITY AND INCIDENTRESPONSE

    Virginiah Sekgwathe

    2012-01-01

    Full Text Available The intensification of Information and Communications Technology usage in all facets of life exceedingly amplify the incidents of information security policy breaches, cyber crimes, fraud, commercial crimes, cyber laundering etc, hence require a well developed approach to tackle these incidents in order to realize legally defensible digital evidence. Since electronic evidence is fragile and can easily be modified, finding this data, collecting, preserving, and presenting it properly in a court of law is the real challenge. There is a need for use of semantic analysis to discover underlying security policy requirements and internal power structures and institutionalization of anti cyber attack, antimoney- laundering and regulatory schemes. The first responders to cyber security incidents often than always are an organization ICT personnel who are technically sound though may be deficient in investigative skill. The scientific standards of cyber forensics dictates the procedure as it promotes objectivity, a precise and well documented analysis, particularly that the findings maybe used as evidence against the attacker. This paper aims to contribute to the advancement of the cyber forensics discipline with a view to assist the International community in combating this sophisticated, high-tech, dynamic ever changing phenomenon.

  6. Information Security in the Age of Cloud Computing

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  7. Security issues occur in Cloud Computing and there Solutions

    Karamjit Singh

    2012-05-01

    Full Text Available Cloud computing is a recent advancement wherein IT infrastructure and applications are provided as “services” to end-users under a usage-based payment model. Many organizations, such as Google, Amazon, IBM and many others, accelerate their paces in developing Cloud computing systems and providing services to user with best affords but there phases many difficulties regarding securityproblem and users also afraid toward security of own data i.e. whether cloud providers able to maintain data integrity ,confidentiality as well as authentication. To resolve the security issues in cloud computing, this paper presents various solutions for different issues.

  8. A cancellable and fuzzy fingerprint scheme for mobile computing security

    Yang, Wencheng; Xi, Kai; Li, Cai

    2012-09-01

    Fingerprint recognition provides an effective user authentication solution for mobile computing systems. However, as a fingerprint template protection scheme, fingerprint fuzzy vault is subject to cross-matching attacks, since the same finger might be registered for various applications. In this paper, we propose a fingerprint-based biometric security scheme named the cancellable and fuzzy fingerprint scheme, which combines a cancellable non-linear transformation with the client/server version of fuzzy vault, to address the cross-matching attack in a mobile computing system. Experimental results demonstrate that our scheme can provide reliable and secure protection to the mobile computing system while achieving an acceptable matching performance.

  9. Constant-Overhead Secure Computation of Boolean Circuits using Preprocessing

    Damgård, Ivan Bjerre; Zakarias, Sarah Nouhad Haddad

    We present a protocol for securely computing a Boolean circuit $C$ in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming access to a preprocessing functionality that is not given the inputs to compute on. For a large number of players the work done by...... each player is the same as the work needed to compute the circuit in the clear, up to a constant factor. Our protocol is the first to obtain these properties for Boolean circuits. On the technical side, we develop new homomorphic authentication schemes based on asymptotically good codes with an...

  10. Computationally Efficient Neural Network Intrusion Security Awareness

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  11. MOBILE COMPUTING AND MCOMMERCE SECURITY ISSUES

    Krishna Prakash; Balachandra

    2014-01-01

    The radical evolution of computers and advancement of technology in the area of hardware (smaller size, weight, low power consumption and cost, high performance) and communications has introduced the notion of mobile computing. Mobile Commerce is an evolving area of e-commerce, where users can interact with service providers through a mobile and wireless network using mobile device for information retrieval and transaction processing. Mobile wireless market is increasing by lea...

  12. Cloud Computing and Research into WLAN Security

    FANG Hong-ying; Wang, Jian

    2010-01-01

    The WLAN treats wireless channel as transmission medium, but its open characteristics cause wiretapping ,identity threats, counterfeiting and tampering of information are actually ubiquitous. In this paper, based on cloud computing model, we set up hundreds of millions of times per second, super-computing platform;Secondly, we crack WEP the most common WLAN encryption protocol to verify a series of safety mechainsm proposed by IEEE 802.11 to be ineffective, such as identiffication authenticat...

  13. Secure Communications with Mobile Devices During In-Field Activities

    One of the classic problems in information security is how to exchange confidential information securely in uncontrolled environments. There have been innumerable academic and commercial hours spent resolving this question. In traditional practice, securing communications meant investing in satellites, specialized hardware, rigorous security engineering and testing, and expending a lot of resources. For this reason, smaller organizations have often been unable to secure communications. The widespread adoption of mobile communications and the modern mobile device has brought about unprecedented abilities to stay connected with colleagues during work activities. As connectedness has increased, so have the opportunities for information compromise. The enormous mobile landscape, with competing ecosystems, large research and product development budgets, proliferating devices, and rapidly-shifting technical foundations prove to be a tremendous source of both opportunity and risk. With the reality of shrinking budgets and increasing threats, many organizations, commercial enterprises, and product vendors are looking for new ways to utilize existing resources for secure communications and mobile work capabilities. Keeping communications private and secure using the infrastructure of the world's telecommunications network and standard computing and mobile devices is the challenge. This paper will examine some methods for communicating securely using consumer mobile products and evaluate the risk such tools can present to an organization in the context of inspection work in the field. (author)

  14. Computer Security: the value of your password

    Stefan Lueders, Computer Security Team

    2016-01-01

    Of course, your passwords have a value to you as they allow you to access your computer and your Facebook page, to buy on Amazon, to create a Twitter feed, and to use a multitude of computing services provided by CERN. But have you ever thought of their value to the malicious people of this world?    With your account password, I can take over your computer. I can install software allowing me to enable your microphone and listen to your communications and what is happening around you as long as your computer is turned on. I can take regular screenshots and monitor you while you work. With that, I can try to determine your working habits, your online behaviour, the way you write e-mails… Useful, if I want to impersonate you believably (e.g. to attack CERN and the systems you are working on at CERN). What’s more, with access to your computer, I can install a keylogger to record your every keystroke – including when you type all your other passwords: ...

  15. SECURED SMART SYSTEM DESING IN PERVASIVE COMPUTING ENVIRONMENT USING VCS

    M Varaprasad Rao

    2015-05-01

    Full Text Available Ubiquitous Computing uses mobile phones or tiny devices for application development with sensors embedded in mobile phones. The information generated by these devices is a big task in collection and storage. For further, the data transmission to the intended destination is delay tolerant. In this paper, we made an attempt to propose a new security algorithm for providing security to Pervasive Computing Environment (PCE system using Public-key Encryption (PKE algorithm, Biometric Security (BS algorithm and Visual Cryptography Scheme (VCS algorithm. In the proposed PCE monitoring system it automates various home appliances using VCS and also provides security against intrusion using Zigbee IEEE 802.15.4 based Sensor Network, GSM and Wi-Fi networks are embedded through a standard Home gateway.

  16. Computer Security: your car, my control

    Stefan Lueders, Computer Security Team

    2015-01-01

    We have discussed the Internet of Things (IoT) and its security implications already in past issues of the CERN Bulletin, for example in “Today’s paranoia, tomorrow’s reality” (see here). Unfortunately, tomorrow has come. At this years's Black Hat conference researchers presented their findings on how easily your car can be hacked and controlled remotely. Sigh.   While these researchers have just shown that they can wirelessly hijack a Jeep Cherokee, others have performed similar studies with SmartCars, Fords, a Tesla, a Corvette, BMWs, Chryslers and Mercedes! With the increasing computerisation of cars, the engine management system, air conditioning, anti-lock braking system, electronic stability programme, etc. are linked to the infotainment, navigation and communication systems, opening the door for these vehicles to be hacked remotely. The now prevalent Bluetooth connection with smartphones is one entry vector to attack your car remotely...

  17. Secure and Stability Practical Outsourcing in Cloud Computing

    Mr.V.Sudarshan

    2012-09-01

    Full Text Available Cloud computing has great potential of providing robust computational power to the society at reduced cost. It enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation. Treating the cloud as an intrinsically insecure computing platform from the viewpoint of the cloud customers, we must design mechanisms that not only protect sensitive information by enabling computations with encrypted data, but also protect customers from malicious behaviors by enabling the validation of the computation result. Such a mechanism of general secure computation outsourcing was recently shown to be feasible in theory, but to design mechanisms that are practically efficient remains a very challenging problem. Focusing on engineering computing and optimization tasks, this paper investigates secure outsourcing of widely applicable linear programming (LP computations. In order to achieve practical efficiency, our mechanism design explicitly decomposes the LP computation outsourcing into public LP solvers running on the cloud and private LP parameters owned by the customer. The resulting flexibility allows us to explore appropriate security efficiency tradeoff via higher-level abstraction of LP computations than the general circuit representation. In particular, by formulating private data owned by the customer for LP problem as a set of matrices and vectors, we are able to develop a set of efficient privacy-preserving problem transformation techniques, which allow customers to transform original LP problem into some arbitrary one

  18. Computer Security: downloading films is no peccadillo

    Stefan Lueders, Computer Security Team

    2015-01-01

    Dear Summer Students, within the Organization, you have many possibilities to pursue your natural curiosity and acquire as much new knowledge as you can siphon into your brain. CERN provides you with the academic freedom to do so, with almost no limitations. But hold on: “free” and “no limitations” don’t mean that you can do whatever you want…   Please note that, when using CERN’s computing facilities, when sending e-mails from your CERN e-mail address, when using your laptop/smartphone/computer, you must follow a basic framework of rules, the CERN Computing Rules. I would like to focus on one particular aspect of those rules: that of accessing music, videos, films or computer games from popular websites like ThePirateBay or using Bittorrent.  CERN has an awesome connection to the Internet, lots of bandwidth and a high capacity for web downloads. However, this does not mean that downloading music, videos...

  19. Guaranteeing Data Storage Security in Cloud Computing

    Viswanath Aiyer

    2015-05-01

    Full Text Available Cloud Computing has been imagined as the next generation structural engineering of IT Enterprise. .By using the homomorphic token with dispersed verification of eradication coded information, our plan attains to the combination of capacity rightness protection and information blunder limitation, i.e., the identification of getting rowdy server(s

  20. Securing applications in personal computers: the relay race approach.

    Wright, James Michael

    1991-01-01

    Approved for public release; distribution is unlimited This Thesis reviews the increasing need for security in a personal computer (PC) environment and proposes a new approach for securing PC applications at the application layer. The Relay Race Approach extends two standard approaches : data encryption and password access control at the main program level, to the subprogram level by the use of a special parameter, the "Baton" . The applicability of this approach is de...

  1. Secure distributed genome analysis for GWAS and sequence comparison computation

    Zhang, Yihua; Blanton, Marina; Almashaqbeh, Ghada

    2015-01-01

    Background The rapid increase in the availability and volume of genomic data makes significant advances in biomedical research possible, but sharing of genomic data poses challenges due to the highly sensitive nature of such data. To address the challenges, a competition for secure distributed processing of genomic data was organized by the iDASH research center. Methods In this work we propose techniques for securing computation with real-life genomic data for minor allele frequency and chi-...

  2. An information security education initiative for engineering and computer science

    Chin, Shiu-Kai; Irvine, Cynthia E.; Frincke, Deborah

    1997-01-01

    This paper puts forward a case for an educational initiative in information security at both the undergraduate and graduate levels. Its focus is on the need for such education, the desired educational outcomes, and how the outcomes may be assessed. A basic thesis of this paper is that the goals, methods, and evaluation techniques of information and computer security are consistent with and supportive of the stated goals of engineering education and the growing movement for outcomes based a...

  3. The New Trend of Security in Cloud Computing

    Xiangdong Li

    2012-12-01

    Full Text Available The use of services of cloud computing has been growing widely in industry, organizations and institutions recently, due to its tempting benefits, for example, the scalability, efficiency, flexibility and lower cost. The security issues have been studied and analyzed extensively. In order to understand the risk issues existing in today’s cloud, we discuss the new trend of security of cloud in this paper. The preventing methods are also discussed.

  4. Quality Function Deployment (QFD House of Quality for Strategic Planning of Computer Security of SMEs

    Jorge A. Ruiz-Vanoye

    2013-01-01

    Full Text Available This article proposes to implement the Quality Function Deployment (QFD House of Quality for strategic planning of computer security for Small and Medium Enterprises (SME. The House of Quality (HoQ applied to computer security of SME is a framework to convert the security needs of corporate computing in a set of specifications to improve computer security.

  5. Complete Fairness in Secure Two-Party Computation

    Gordon, S. Dov; Hazay, Carmit; Katz, Jonathan;

    2011-01-01

    In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees, informa......In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees......, informally, that if one party receives its output, then the other party does too. Cleve [1986] showed that complete fairness cannot be achieved in general without an honest majority. Since then, the accepted folklore has been that nothing non-trivial can be computed with complete fairness in the two......-party setting. We demonstrate that this folklore belief is false by showing completely fair protocols for various nontrivial functions in the two-party setting based on standard cryptographic assumptions. We first show feasibility of obtaining complete fairness when computing any function over polynomial...

  6. Control Systems Cyber Security Standards Support Activities

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  7. Securing Embedded Smart Cameras with Trusted Computing

    Thomas Winkler; Bernhard Rinner

    2011-01-01

    Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only ...

  8. Computer Security: posting and mis-posting

    Stefan Lueders, Computer Security Team

    2015-01-01

    This is what can happen at CERN if you don't lock your computer screen...   “Hi, I am looking for a partner either male or female to attend salsa lessons. I have a great body and enjoy rubbing it against other people on the dance floor. I would consider dinner after with the right person. If you think you can keep up with me and enjoy getting sweaty send me a reply. Stay sexy…” This is the original text of a recent posting on the CERN Market webpage. Some people might find this appealing, some people think this is funny. Personally, I couldn’t care less. But professionally, we had to follow up as this text can be perceived as inappropriate and, thus, in violation of the Terms of Usage of the CERN Market as well as the CERN Computing Rules and its annex on private usage of the CERN computing facilities. We remind you that the CERN Market is a public website that can be used by people within but also outside CERN. All posts are visible world...

  9. Computer Security: Our life in symbiosis*

    Stefan Lueders, Computer Security Team

    2014-01-01

    Do you recall our Bulletin articles on control system cyber-security (“Hacking control systems, switching lights off!” and “Hacking control systems, switching... accelerators off?”) from early 2013? Let me shed some light on this issue from a completely different perspective.   I was raised in Europe during the 80s. With all the conveniences of a modern city, my environment made me a cyborg - a human entangled with technology - supported but also dependent on software and hardware. Since my childhood, I have eaten food packaged by machines and shipped through a sophisticated network of ships and lorries, keeping it fresh or frozen until it arrives in supermarkets. I heat my house with the magic of nuclear energy provided to me via a complicated electrical network. In fact, many of the amenities and gadgets I use are based on electricity and I just need to tap a power socket. When on vacation, I travel by taxi, train and airplane. And I enjoy the beautifu...

  10. Computer Security: what is your identity?

    Stefan Lueders, Computer Security Team

    2016-01-01

    In the physical world this is fairly clear; your sense of self is multi-faceted and highly complex but the entity of “you” is well defined.  You can prove your identity simply, typically by showing your ID card or by having someone vouch for you. You are a being layered with attributes. Other people may request some of these attributes: your first name at Starbucks or your shoe size at the bowling alley. But only your most trusted contacts are granted access to your entire set of attributes… or maybe you never expose your identity entirely!   Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for ea...

  11. Computer Security: White hats for CERN

    Stefan Lueders, Computer Security Team

    2016-01-01

    CERN is under attack. Permanently. Even right now. In particular, the CERN web environment, with its thousands of websites and millions of webpages, is a popular target for evil-doers as well as for security researchers.   Usually, their attacks are unsuccessful and fade away over time. Sometimes, however, they are successful and manage to break into a CERN website or web server… It is imperative that we learn about our weaknesses before others do – and fix them! Hackers with bad intentions are usually named “black hats” as they misuse their power to cause destruction or downtime via any weakness they can find. “Grey hats” are more moderate and might just have some fun with the weaknesses they find, for example by putting naked teddy bears or a personal message (such as “I hacked U”) on the compromised website. Last but not least, “white hats” report their findings directly to us and suggest that...

  12. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  13. Computer Security: DNS to the rescue!

    Stefan Lueders, Computer Security Team

    2016-01-01

    Why you should be grateful to the Domain Name System at CERN.   Incidents involving so-called “drive-by” infections and “ransomware” are on the rise. Whilst an up-to-date and fully patched operating system is essential; whilst running anti-virus software with current virus signature files is a must; whilst “stop --- think --- don’t click” surely helps, we can still go one step further in better protecting your computers: DNS to the rescue. The DNS, short for Domain Name System, translates the web address you want to visit (like “http://cern.ch”) to a machine-readable format (the IP address, here: “188.184.9.234”). For years, we have automatically monitored the DNS translation requests made by your favourite web browser (actually by your operating system, but that doesn’t matter here), and we have automatically informed you if your computer tried to access a website known to hos...

  14. Secure distributed genome analysis for GWAS and sequence comparison computation

    2015-01-01

    Background The rapid increase in the availability and volume of genomic data makes significant advances in biomedical research possible, but sharing of genomic data poses challenges due to the highly sensitive nature of such data. To address the challenges, a competition for secure distributed processing of genomic data was organized by the iDASH research center. Methods In this work we propose techniques for securing computation with real-life genomic data for minor allele frequency and chi-squared statistics computation, as well as distance computation between two genomic sequences, as specified by the iDASH competition tasks. We put forward novel optimizations, including a generalization of a version of mergesort, which might be of independent interest. Results We provide implementation results of our techniques based on secret sharing that demonstrate practicality of the suggested protocols and also report on performance improvements due to our optimization techniques. Conclusions This work describes our techniques, findings, and experimental results developed and obtained as part of iDASH 2015 research competition to secure real-life genomic computations and shows feasibility of securely computing with genomic data in practice. PMID:26733307

  15. Computer Security: Hacking CERN - a win-win for all

    Stefan Lueders, Computer Security Team

    2015-01-01

    The first round of the CERN WhiteHat Challenge has finished (see here). At the end of March, CERN was "attacked" by a dozen students from the St. Pölten University of Applied Sciences, Austria.   These attacks were part of their Master's degree in computer science and computer security, where they study penetration testing and vulnerability scanning, i.e. finding weaknesses in computing systems: techniques, tools, approaches and ethics. Usually, such studies are done against mock-ups like “Google Gruyere”, the “Damn Vulnerable Web Application” or OWASP’s “WebGoat” and “Hackademic”. However, while those mock-ups are in principle useful, they rarely resemble the operational reality of the Internet. CERN has offered computer security professors an alternative: the opportunity to use CERN’s web-ecosystem and all other systems open to th...

  16. Security Considerations and Recommendations in Computer-Based Testing

    Saleh M. Al-Saleem

    2014-01-01

    Full Text Available Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT. However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password in order to check the identity and authenticity of the examinee.

  17. Soft Computing - A step towards building Secure Cognitive WLAN

    Lingareddy, S C; Babu, Dr Vinaya; Dhruve, Kashyap

    2010-01-01

    Wireless Networks rendering varied services has not only become the order of the day but the demand of a large pool of customers as well. Thus, security of wireless networks has become a very essential design criterion. This paper describes our research work focused towards creating secure cognitive wireless local area networks using soft computing approaches. The present dense Wireless Local Area Networks (WLAN) pose a huge threat to network integrity and are vulnerable to attacks. In this paper we propose a secure Cognitive Framework Architecture (CFA). The Cognitive Security Manager (CSM) is the heart of CFA. The CSM incorporates access control using Physical Architecture Description Layer (PADL) and analyzes the operational matrices of the terminals using multi layer neural networks, acting accordingly to identify authorized access and unauthorized usage patterns.

  18. CERN Technical Training: new courses on computer security

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions ...

  19. CERN Technical Training: new courses on computer security

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Center. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour training aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  20. CERN Technical Training: new courses on computer security

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  1. Placing computer security at the heart of learning

    Richards, Mike; Price, Blaine A.; Nuseibeh, Bashar

    2008-01-01

    In this paper we present the approach adopted at the UK’s Open University for teaching computer security to large numbers of students at a distance through supported open learning. We discuss how the production of learning materials at the university has had to change to reflect the ever-increasing rate of technological, legislative and social change within the computing discipline, and how the university has had to rethink the role of the academic in the course development process. We argue ...

  2. A Novel Cloud Computing Algorithm of Security and Privacy

    Chih-Yung Chen; Jih-Fu Tu

    2013-01-01

    The emergence of cloud computing has simplified the flow of large-scale deployment distributed system of software suppliers; when issuing respective application programs in a sharing clouds service to different user, the management of material becomes more complex. Therefore, in multitype clouds service of trust environment, when enterprises face cloud computing, what most worries is the issue of security, but individual users are worried whether the privacy material will have an outflow risk...

  3. DESIGN AND IMPLEMENTATION OF A COMPUTER CONTROLLED BUILDING SECURITY SYSTEM

    ÇOLAK, İlhami; IRMAK, Erdal

    2010-01-01

    ABSTRACTIn this study, a computer controlled building security system based on CANModul-592 microcontroller has been designed and implemented. The system includes fire alarm and intrusion detectors. The signals generated by detectors are transmitted to CANModul-592 that processes the signals and then sends to a computer via parallel port for controlling and visualization of the system. A program for monitoring and parallel port communication has been developed in Borland Delphi 4.0. The achie...

  4. Computer Security: USB sticks - the silent killers

    Stefan Lueders, Computer Security Team

    2015-01-01

    You've just found a USB stick in Restaurant 1. You'd like to return it … but who is the owner? Maybe the contents can tell you? Connect it to your laptop, and you might figure it out. But hold on, what if its content is dangerous…?   USB sticks are an excellent vehicle for infecting countless PCs and laptops. Years ago, several dozen laptops were infected during a conference when someone passed around a USB stick with flight departure information. Unfortunately, this stick was infected. Similarly, we have seen a domino effect of infections in the FP and EN departments after some USB sticks made the rounds, infecting one PC after another. In the end, a massive number of PCs had to be reinstalled. Some USB sticks are even worse. They pretend to be “just a keyboard” (named “RubberDucky”) and, once inserted, they execute a pre-programmed sequence of keystrokes intended to extract information from your computer or take ...

  5. Computer Security: protect CERN - respect copyrights

    Computer Security Team

    2014-01-01

    Are you a physicist who does complex mathematical calculations? Are you a webmaster who regularly embeds visual contents? Do you regularly present to large audiences? Are you an engineer who does sophisticated simulations of heat transfers, structural stability or electric circuits? Are you a technician who often uses CAD software? Do you like listening to music while being at CERN? Go ahead!   But make sure that you have legitimately obtained the software/images/music/videos you are using and hold valid licenses to run your software. Using illegal or pirated software/images/music/videos is not a trivial offense. It violates the CERN Computing Rules (OC5) and puts the Organization at risk! Vendors deserve credit and compensation. So make sure to buy your software via legitimate channels and use a valid and honestly obtained license. This also applies to “shareware” and software under open licenses, which might also come with a cost. Usually, only “freeware&rd...

  6. Secure Genomic Computation through Site-Wise Encryption.

    Zhao, Yongan; Wang, XiaoFeng; Tang, Haixu

    2015-01-01

    Commercial clouds provide on-demand IT services for big-data analysis, which have become an attractive option for users who have no access to comparable infrastructure. However, utilizing these services for human genome analysis is highly risky, as human genomic data contains identifiable information of human individuals and their disease susceptibility. Therefore, currently, no computation on personal human genomic data is conducted on public clouds. To address this issue, here we present a site-wise encryption approach to encrypt whole human genome sequences, which can be subject to secure searching of genomic signatures on public clouds. We implemented this method within the Hadoop framework, and tested it on the case of searching disease markers retrieved from the ClinVar database against patients' genomic sequences. The secure search runs only one order of magnitude slower than the simple search without encryption, indicating our method is ready to be used for secure genomic computation on public clouds. PMID:26306278

  7. Computer Security: How to succeed in software deployment

    Computer Security Team

    2014-01-01

    The summer student period has ended and we would like to congratulate all those who successfully accomplished their project! In particular, well done to those who managed to develop and deploy sophisticated web applications in the short summer season. Unfortunately, not all web applications made the final cut, moved into production and became visible on the Internet. We had to reject some... let me explain why.   Making a web application visible on the Internet requires an opening in the CERN outer perimeter firewall. Such a request is usually made through the CERN WebReq web interface. As standard procedure, the CERN Computer Security team reviews every request and performs a security assessment. This is where you, your supervisee and the Computer Security team all start to get frustrated. Many summer students delivered awesome web applications with great new functions and a good “look and feel” following precise use cases, using modern web technologies, dashboards, integr...

  8. Concept of private detective and security activity

    Alexey Yu. Ogurtsov

    2011-02-01

    Full Text Available Having analyzed the notions contents, the author has singled out three basic criteria, characterizing private detective and security activity under Russian legislation: provision of services for a fee; service provider must have the special permission (license from law enforcement agencies.

  9. Secure Dynamic access control scheme of PHR in cloud computing.

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  10. A Survey on Mobile Cloud Computing with Embedded Security Considerations

    Victor Onomza Waziri

    2014-04-01

    Full Text Available The emergence of cloud computing hold a promise to computing where software is provided as a services (SaaS via the Internet. Mobile cloud computing integrates cloud computing with mobile devices. By this architecture, certain challenges (e.g., battery life, storage, and bandwidth of mobile devices are addressed. Cloud computing provides the foundation for mobile cloud computing through the delivery of services, software, storage and computational capacity over the Internet, thereby reducing cost, increasing storage, improving battery life of mobile devices and providing flexibility and mobility of data and information. However, the realization of some of these benefits is far from reality in mobile applications, as a result, opens new areas of research such as security of privacy and services. To better understand how to facilitate the development of mobile cloud computing, we surveyed existing work in mobile cloud computing in the context and principles of its foundational cloud computing technology. We provided a definition of mobile cloud computing and gave a summary of results from this review, in particular, the models, architecture, applications and challenges of mobile cloud computing. We concluded with recommendations for how this better understanding of mobile cloud computing can assist in the development of better and stronger mobile applications.

  11. About Securing Economical Application on our System by Protecting our Computer from Intruders

    2009-01-01

    Computer security is one of the most important issues in the computer world. With the number of viruses and other malicious software that prey on exploits in the Windows operating system increasing, we need to take preventative measures to make sure that our computer does not become infected. The days of only having to worry about e-mail attachments and documents on a floppy disk are over. Nowadays, viruses or worms actively seek out computers to infect without the computer user even doing an...

  12. Computer Security: a plea to Santa Claus

    Stefan Lueders, Computer Security Team

    2015-01-01

    Running pirated software or illegal licences, using cracking tools to bypass software activation measures, sharing music and films – these are problems that academic environments unfortunately have to deal with. All violate the copyright of the software/music/film owners, and copyright owners are not Santa Claus...    CERN, like other research organisations and universities, regularly receives allegations from external companies complaining about laptops or PCs running illegal software or sharing their films, videos or music with peers – and thus violating copyright.  Usually, we then contact the owners of the corresponding devices in order to understand whether these allegations are true. Very often such allegations boil down to a laptop whose owner replies “I confirm that a torrent client was left up and running on my device by mistake” or “This is a file that is stored on my personal hard disk.” As if those allegatio...

  13. Secure Computation in a Bidirectional Relay

    Kashyap, Navin; Thangaraj, Andrew

    2012-01-01

    Bidirectional relaying, where a relay helps two user nodes to exchange equal length binary messages, has been an active area of recent research. A popular strategy involves a modified Gaussian MAC, where the relay decodes the XOR of the two messages using the naturally-occurring sum of symbols simultaneously transmitted by user nodes. In this work, we consider the Gaussian MAC in bidirectional relaying with an additional secrecy constraint for protection against a honest but curious relay. The constraint is that, while the relay should decode the XOR, it should be fully ignorant of the individual messages of the users. We exploit the symbol addition that occurs in a Gaussian MAC to design explicit strategies that achieve perfect independence between the received symbols and individual transmitted messages. Our results actually hold for a more general scenario where the messages at the two user nodes come from a finite Abelian group, and the relay must decode the sum within the group of the two messages. We pr...

  14. Ethical Guidelines for Computer Security Researchers: "Be Reasonable"

    Sassaman, Len

    For most of its existence, the field of computer science has been lucky enough to avoid ethical dilemmas by virtue of its relatively benign nature. The subdisciplines of programming methodology research, microprocessor design, and so forth have little room for the greater questions of human harm. Other, more recently developed sub-disciplines, such as data mining, social network analysis, behavioral profiling, and general computer security, however, open the door to abuse of users by practitioners and researchers. It is therefore the duty of the men and women who chart the course of these fields to set rules for themselves regarding what sorts of actions on their part are to be considered acceptable and what should be avoided or handled with caution out of ethical concerns. This paper deals solely with the issues faced by computer security researchers, be they vulnerability analysts, privacy system designers, malware experts, or reverse engineers.

  15. Researches on Grid Security Authentication Algorithm in Cloud Computing

    Keshou Wu; Lizhao Liu; Jian Liu; Weifeng Li; Gang Xie; Xiaona Tong; Yun Lin

    2011-01-01

    Focusing on multi-machine distributed computing security problems in cloud computing, the paper has proposed a grid distributed parallel authentication model based on trusted computing, which can realize simultaneous verification of grid authentication and grid behavior on upper layer of SSL and&...

  16. Bootstrapped Oblivious Transfer and Secure Two-Party Function Computation

    Wang, Ye

    2009-01-01

    We propose an information theoretic framework for the secure two-party function computation (SFC) problem and introduce the notion of SFC capacity. We study and extend string oblivious transfer (OT) to sample-wise OT. We propose an efficient, perfectly private OT protocol utilizing the binary erasure channel or source. We also propose the bootstrap string OT protocol which provides disjoint (weakened) privacy while achieving a multiplicative increase in rate, thus trading off security for rate. Finally, leveraging our OT protocol, we construct a protocol for SFC and establish a general lower bound on SFC capacity of the binary erasure channel and source.

  17. A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

    Siniša Tomović

    2016-01-01

    Full Text Available The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

  18. X.509 Authentication Services to Enhance the Data Security in Cloud Computing

    Surbhi Chauhan; Kamal Kant; Arjun Singh

    2012-01-01

    This paper represents a method to build a Cloud Security by giving concept of X.509 authentication services. We are discussing theory of cloud computing, feature of cloud computing and cloud security .We proposed a X.509 format to enhances data security in cloud (Public). Cloud computing is a new computational paradigm that offers an innovative business model for organization.

  19. ADVANCED FILE BASED SECURITY MECHANISM IN CLOUD COMPUTING: A REVIEW

    Nisha Nisha

    2015-04-01

    Full Text Available Cloud computing is a broad solution that delivers IT as a service. Cloud computing uses the internet and the central remote servers to support different data and applications. It is an internet based technology. It permits the users to approach their personal files at any computer with internet access. The cloud computing flexibility is a function of the allocation of resources on authority’s request. It represents all the complexities of the network which may include everything from cables, routers, servers, data centers and all such other devices. Cloud based systems saves data off multiple organizations on shared hardware systems. In this paper the attempt to secure data from unauthorized access. The Method of data security is AES algorithm for providing data security by encrypting the given data based on the AES. It is based on a design principle known as a substitution-permutation network, and is fast in both Software and Hardware. The algorithms used in AES are so simple that they can be easily implemented using heap processors and a minimum amount of memory and this data then can only be decrypted by authorized person by using his private key. 

  20. Computer Security: today’s paranoia, tomorrow’s reality

    Computer Security Team

    2014-01-01

    When the Internet opened its gates to academia in the late 80s and, together with the World Wide Web a few years later, to the general public, computer security was considered somehow irrelevant. People pointing to vulnerabilities and security risks (“hackers”) were labelled as paranoid. But they woke to reality during the outbreak of the “ILOVEYOU” virus in 2000, which caused large scale infections of Windows PCs (including many at CERN).    Similarly, warnings about weaknesses and insecure control systems, issued by CERN and others (see our Bulletin article “Hacking control systems, switching lights off!"), were ignored until the “Stuxnet” attack against control systems in Iran proved them right in 2010. Reality beat 'paranoia' again. Last year, the paranoid fear of many security experts that our whole IT infrastructure might have been infiltrated and spied on turned real, if you believe ...

  1. Techniques for Efficiently Ensuring Data Storage Security in Cloud Computing

    Vasu Raju

    2011-09-01

    Full Text Available The Cloud Computing is the next generation architecture of IT Enterprise. It moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. Here, focus is on cloud data storage security, an important aspect of quality of service. To ensure the correctness of users’ data in the cloud, we propose an effective and flexible distributed scheme with two salient features. By utilizing the homomorphic token with distributed verification of erasure-coded data, the scheme achieves the integration of storage correctness and data error localization. The new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. Extensive security and performance analysis shows that the proposed scheme is efficient and resilient against Byzantine failure, malicious data modification attack, and server colluding attacks.

  2. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Wen, Qiaoyan; Zhang, Hua; Jin, Zhengping; Li, Wenmin

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function. PMID:24982949

  3. Two-cloud-servers-assisted secure outsourcing multiparty computation.

    Sun, Yi; Wen, Qiaoyan; Zhang, Yudong; Zhang, Hua; Jin, Zhengping; Li, Wenmin

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function. PMID:24982949

  4. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Yi Sun

    2014-01-01

    Full Text Available We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  5. A Framework for Security Transparency in Cloud Computing

    Umar Mukhtar Ismail

    2016-02-01

    Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

  6. Policy-Based Security for Wireless Components in High Assurance Computer Systems

    L. A. Wahsheh; J. Alves-Foss

    2007-01-01

    To enable the growth of wireless networks in high assurance computer systems, it is essential to establish a security engineering methodology that provides system security managers with a procedural engineering process to develop computer security policies. Our research demonstrates how wireless communication technology is deployed using the Multiple Independent Levels of Security (MILS) architecture for high assurance computer system design of security and safety-critical multi-enclave syste...

  7. Optimize the security performance of the computing environment of IHEP

    The authors give a basic background of crackers, then some attack events that have happened in IHEP networks are enumerated and introduced. At last a highly efficient defence system that integrates author's experience, research results and have put in practice in IHEP networks environment is described in detail. The authors also give network and information security advice and process for high energy physics computing environment in the Institute of High Energy Physics that will implement in the future

  8. A Domain-Specific Programming Language for Secure Multiparty Computation

    Nielsen, Janus Dam; Schwartzbach, Michael Ignatieff

    2007-01-01

    We present a domain-specific programming language for Secure Multiparty Computation (SMC). Information is a resource of vital importance and considerable economic value to individuals, public administration, and private companies. This means that the confidentiality of information is crucial, but...... at the same time significant value can often be obtained by combining confidential information from various sources. This fundamental conflict between the benefits of confidentiality and the benefits of information sharing may be overcome using the cryptographic method of SMC where computations are...

  9. Automated procedure for performing computer security risk analysis

    Computers, the invisible backbone of nuclear safeguards, monitor and control plant operations and support many materials accounting systems. Our automated procedure to assess computer security effectiveness differs from traditional risk analysis methods. The system is modeled as an interactive questionnaire, fully automated on a portable microcomputer. A set of modular event trees links the questionnaire to the risk assessment. Qualitative scores are obtained for target vulnerability, and qualitative impact measures are evaluated for a spectrum of threat-target pairs. These are then combined by a linguistic algebra to provide an accurate and meaningful risk measure. 12 references, 7 figures

  10. 16th Department of Energy Computer Security Group Training Conference: Proceedings

    1994-04-01

    Various topic on computer security are presented. Integrity standards, smartcard systems, network firewalls, encryption systems, cryptography, computer security programs, multilevel security guards, electronic mail privacy, the central intelligence agency, internet security, and high-speed ATM networking are typical examples of discussed topics. Individual papers are indexed separately.

  11. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  12. WLAN Security-Active Attack of WLAN Secure Network

    Anil Kumar Singh

    2011-05-01

    Full Text Available In Wireless Local Area Network data transfer from one node to another node via air in the form of radio waves. There is no physical medium for transferring the data like traditional LAN. Because of its susceptible nature WLAN can open the door for the intruders and attackers that can come from any direction. Security is the most important element in WLAN. MAC address filtering is one of the security methods for securing the WLAN. But it is also vulnerable. In this paper we will demonstrate how hackers exploit the WLAN vulnerability (Identity theft of legitimate user to access the Wireless Local Area Network.

  13. WLAN Security-Active Attack of WLAN Secure Network

    Anil Kumar Singh; Bharat Mishra

    2011-01-01

    In Wireless Local Area Network data transfer from one node to another node via air in the form of radio waves. There is no physical medium for transferring the data like traditional LAN. Because of its susceptible nature WLAN can open the door for the intruders and attackers that can come from any direction. Security is the most important element in WLAN. MAC address filtering is one of the security methods for securing the WLAN. But it is also vulnerable. In this paper we will demonstrate ho...

  14. On Data and Virtualization Security Risks and Solutions of Cloud Computing

    Xiangyang Luo; Lin Yang; Dai Hao; Fenlin Liu; Daoshun Wang

    2014-01-01

    Data security and virtualization security issues are two key bottlenecks restricting the application of cloud computing promoting and applications, especially for the Cloud-based media computing system. In this paper, states of the art of the techniques on cloud computing data security issues, such as data encryption, access control, integrity authentication and other issues is surveyed, on this basis, the key technical issues of the cloud computing data security should concern about and focu...

  15. A Modified ck-Secure Sum Protocol for Multi-Party Computation

    Sheikh, Rashid; Mishra, Durgesh Kumar

    2010-01-01

    Secure Multi-Party Computation (SMC) allows multiple parties to compute some function of their inputs without disclosing the actual inputs to one another. Secure sum computation is an easily understood example and the component of the various SMC solutions. Secure sum computation allows parties to compute the sum of their individual inputs without disclosing the inputs to one another. In this paper, we propose a modified version of our ck-Secure Sum protocol with more security when a group of the computing parties conspire to know the data of some party.

  16. A Survey on Security Issues in Cloud Computing

    Bhadauria, Rohit; Chaki, Nabendu; Sanyal, Sugata

    2011-01-01

    Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims...

  17. Writing Across the Curriculum -- An Online Course in Computer Security

    Neelu Sinha

    2006-01-01

    Full Text Available Writing fosters both critical thinking and student learning, serving as one of the most effective ways to understand a topic. Writing across the Curriculum (WAC began in the late 1970’s, as a pedagogical reform movement in response to a perceived deficiency in literacy among college students. Over the past two decades universities have worked to broaden the scope of student writing from composition classes to classes in the students’ major. This paper chronicles the application of WAC into the discipline of Computer Science. The purpose of this study is to develop an online Computer Security course (for sophomores and juniors in Computer Science, under the umbrella of WAC, to help improve the students’ writing overall and focus on skills students require in upper level courses in the major. Developing this course as an online course (rather than a traditional face-to-face course offers flexible configurability and scalability, features that are useful to prepare students for constantly changing real world security challenges. This paper includes all aspects of course design and insight into lessons learned. Results indicate that both the faculty and students benefit from such a writing intensive course. Reading and responding to the students’ writing enables faculty to gain valuable insights into the students’ thoughts, ideas, problems, and other issues. Students reported increased knowledge and comprehension of the subject material, deeper understanding of the conventions within Computer Science, improved analysis and reporting skills, ability to understand and present abstract concepts effectively, and skill in producing professional documents.

  18. Secure Data Sharing in Cloud Computing using Hybrid cloud

    Er. Inderdeep Singh

    2015-06-01

    Full Text Available Cloud computing is fast growing technology that enables the users to store and access their data remotely. Using cloud services users can enjoy the benefits of on-demand cloud applications and data with limited local infrastructure available with them. While accessing the data from cloud, different users may have relationship among them depending on some attributes, and thus sharing of data along with user privacy and data security becomes important to get effective results. Most of the research has been done to secure the data authentication so that user’s don’t lose their private data stored on public cloud. But still data sharing is a significant hurdle to overcome by researchers. Research is going on to provide secure data sharing with enhanced user privacy and data access security. In this paper various research and challenges in this area are discussed in detail. It will definitely help the cloud users to understand the topic and researchers to develop a method to overcome these challenges.

  19. State of the Art of Network Security Perspectives in Cloud Computing

    Oh, Tae Hwan; Lim, Shinyoung; Choi, Young B.; Park, Kwang-Roh; Lee, Heejo; Choi, Hyunsang

    Cloud computing is now regarded as one of social phenomenon that satisfy customers' needs. It is possible that the customers' needs and the primary principle of economy - gain maximum benefits from minimum investment - reflects realization of cloud computing. We are living in the connected society with flood of information and without connected computers to the Internet, our activities and work of daily living will be impossible. Cloud computing is able to provide customers with custom-tailored features of application software and user's environment based on the customer's needs by adopting on-demand outsourcing of computing resources through the Internet. It also provides cloud computing users with high-end computing power and expensive application software package, and accordingly the users will access their data and the application software where they are located at the remote system. As the cloud computing system is connected to the Internet, network security issues of cloud computing are considered as mandatory prior to real world service. In this paper, survey and issues on the network security in cloud computing are discussed from the perspective of real world service environments.

  20. Secure Medical Images Sharing over Cloud Computing environment

    Fatma E.-Z. A. Elgamal

    2013-06-01

    Full Text Available Nowadays, many applications have been appeared due to the rapid development in the term of telecommunication. One of these applications is the telemedicine where the patients' digital data can transfer between the doctors for farther diagnosis. Therefore, the protection of the exchanged medical data is essential especially when transferring these data in an insecure medium such as the cloud computing environment, where the security is considered a major issue. In this paper, two security approaches were presented to guarantee a secure sharing of medical images over the cloud computing environment by providing the mean of trust management between the authorized parities of these data and also allows the privacy sharing of the Electronic Patients' Records string data between those parities while preserving the shared medical image from the distortion. The first approach apply spatial watermarking technique while the second approach implements a hybrid spatial and transform techniques in order to achieve the needed goal. The experimental results show the efficiency of the proposed approaches and the robustness against various types of attacks.

  1. MODEL OF INFORMATION SECURITY FOR CONTROL PROCESSES OF COMPUTER NETWORKS

    Kucher V. A.

    2015-06-01

    Full Text Available In order to improve the security of information transfer we have offered one of the possible approaches to modeling process control computer networks with elements of intelligent decision support. We proceed from the graph model of network nodes which are network devices with software control agents, and arcs are logical channels of information exchange between the equipment computer systems. We built an addressless sensing technology which ensures the completeness of monitoring of all network equipment. To classify the computer networks state we provided a method for calculating the values of reliability. Development of signal mismatch triggers the control cycle as a result of which the adjustment of the state of network equipment. For existing tools we proposed adding network control expert system consists of a knowledge base, inference mechanism and means of description and fill in the knowledge base

  2. Computer Security of NPP Instrumentation and Control Systems: Cyber Threats

    The paper is devoted to cyber threats, as one of the aspects in computer security of instrumentation and control systems for nuclear power plants (NPP). The basic concepts, terms and definitions are shortly addressed. The paper presents a detailed analysis of potential cyber threats during the design and operation of NPP instrumentation and control systems. Eleven major types of threats are considered, including: the malicious software and hardware Trojans (in particular, in commercial-off-the-shelf software and hardware), computer attacks through data networks and intrusion of malicious software from an external storage media and portable devices. Particular attention is paid to the potential use of lower safety class software as a way of harmful effects (including the intrusion of malicious fragments of code) on higher safety class software. The examples of actual incidents at various nuclear facilities caused by intentional cyber attacks or unintentional computer errors during the operation of software of systems important to NPP safety.

  3. Recent advances in computational intelligence in defense and security

    Falcon, Rafael; Zincir-Heywood, Nur; Abbass, Hussein

    2016-01-01

    This volume is an initiative undertaken by the IEEE Computational Intelligence Society’s Task Force on Security, Surveillance and Defense to consolidate and disseminate the role of CI techniques in the design, development and deployment of security and defense solutions. Applications range from the detection of buried explosive hazards in a battlefield to the control of unmanned underwater vehicles, the delivery of superior video analytics for protecting critical infrastructures or the development of stronger intrusion detection systems and the design of military surveillance networks. Defense scientists, industry experts, academicians and practitioners alike will all benefit from the wide spectrum of successful applications compiled in this volume. Senior undergraduate or graduate students may also discover uncharted territory for their own research endeavors.

  4. A Survey on Cloud Computing Security, Challenges and Threats

    Rajnish Choubey,

    2011-03-01

    Full Text Available Cloud computing is an internet based model that enable convenient, on demand and pay per use access to a pool of shared resources. It is a new technology that satisfies a user’s requirement for computingresources like networks, storage, servers, services and applications, without physically acquiring them. It reduces the overhead of the organization of marinating the large system but it has associated risks and threats also which include – security, data leakage, insecure interface and sharing of resources and inside attacks.

  5. Techniques for Efficiently Ensuring Data Storage Security in Cloud Computing

    Banoth, Rajkumar

    2011-01-01

    The Cloud Computing is the next generation architecture of IT Enterprise. It moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. Here, focus is on cloud data storage security, an important aspect...... of quality of service. To ensure the correctness of users’ data in the cloud, we propose an effective and flexible distributed scheme with two salient features. By utilizing the homomorphic token with distributed verification of erasure-coded data, the scheme achieves the integration of storage correctness...

  6. Secure Computation, I/O-Efficient Algorithms and Distributed Signatures

    Damgård, Ivan Bjerre; Kölker, Jonas; Toft, Tomas

    2012-01-01

    adversary corrupting a constant fraction of the players and servers. Using packed secret sharing, the data can be stored in a compact way but will only be accessible in a block-wise fashion. We explore the possibility of using I/O-efficient algorithms to nevertheless compute on the data as efficiently as if.......We consider a setting where a set of n players use a set of m servers to store a large, private data set. Later the players decide on functions they want to compute on the data without the servers needing to know which computation is done, while the computation should be secure against a malicious...... values of form r, gr for random secret-shared r ∈ ℤq and gr in a group of order q. This costs a constant number of exponentiation per player per value generated, even if less than n/3 players are malicious. This can be used for efficient distributed computing of Schnorr signatures. We further develop the...

  7. Semiquantum key distribution with secure delegated quantum computation

    Li, Qin; Chan, Wai Hong; Zhang, Shengyu

    2016-01-01

    Semiquantum key distribution allows a quantum party to share a random key with a “classical” party who only can prepare and measure qubits in the computational basis or reorder some qubits when he has access to a quantum channel. In this work, we present a protocol where a secret key can be established between a quantum user and an almost classical user who only needs the quantum ability to access quantum channels, by securely delegating quantum computation to a quantum server. We show the proposed protocol is robust even when the delegated quantum server is a powerful adversary, and is experimentally feasible with current technology. As one party of our protocol is the most quantum-resource efficient, it can be more practical and significantly widen the applicability scope of quantum key distribution.

  8. Security and computer forensics in web engineering education

    Glisson, W.; Welland, R.; Glisson, L.M.

    2010-01-01

    The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security shou...

  9. What then do we do about computer security?

    Suppona, Roger A.; Mayo, Jackson R.; Davis, Christopher Edward; Berg, Michael J.; Wyss, Gregory Dane

    2012-01-01

    This report presents the answers that an informal and unfunded group at SNL provided for questions concerning computer security posed by Jim Gosler, Sandia Fellow (00002). The primary purpose of this report is to record our current answers; hopefully those answers will turn out to be answers indeed. The group was formed in November 2010. In November 2010 Jim Gosler, Sandia Fellow, asked several of us several pointed questions about computer security metrics. Never mind that some of the best minds in the field have been trying to crack this nut without success for decades. Jim asked Campbell to lead an informal and unfunded group to answer the questions. With time Jim invited several more Sandians to join in. We met a number of times both with Jim and without him. At Jim's direction we contacted a number of people outside Sandia who Jim thought could help. For example, we interacted with IBM's T.J. Watson Research Center and held a one-day, videoconference workshop with them on the questions.

  10. Security Model for Microsoft Based Mobile Sales Management Application in Private Cloud Computing

    Kuan Chee Houng

    2013-05-01

    Full Text Available The Microsoft-based mobile sales management application is a sales force management application that currently running on Windows Mobile 6.5. It handles sales-related activity and cuts down the administrative task of sales representative. Then, Windows launch a new mobile operating system, Windows Phone and stop providing support to Windows Mobile. This has become an obstacle for Windows Mobile development. From time to time, Windows Mobile will be eliminated from the market due to no support provided by Microsoft. Besides that, Windows Mobile application cannot run on Windows Phone mobile operating system due to lack of compatibility. Therefore, applications those run on Windows Mobile need to find a solution addressing this problem. The rise of cloud computing technology in delivering software as a service becomes a solution. The Microsoft-based mobile sales management application delivers a service to run in a web browser, rather than limited by certain type of mobile that run the Windows Mobile operating system. However, there are some security issues need to concern in order to deliver the Microsoft-based mobile application as a service in private cloud computing. Therefore, security model is needed to answer the security issues in private cloud computing. This research is to propose a security model for the Microsoft-based mobile sales management application in private cloud computing. Lastly, a User Acceptance Test (UAT is carried out to test the compatibility between proposed security model of Microsoft-based mobile sales management application in a private cloud and tablet computers.

  11. 移动计算安全性%Mobile Computing Security

    胡健; 刘锦德

    2000-01-01

    In the first,security issues in open system that supports mobile computing are discussed in detail,and then the fundamental principle for building a security system in the environment of mobile computing is given.According to the principle,security issues and policies related to mobile code programming language and mobile agent system are further discussed.

  12. Simulation of active products cooperation for active security management

    Zouinkhi, Ahmed; Ltifi, Amel; Ben Gayed, Mohamed; Abdelkrim, Naceur; Bajic, Eddy; Rondeau, Eric

    2010-01-01

    Wireless sensor networks (WSNs) are a new paradigm of telecommunication networks. WSNs are designed to perform efficient data collection and environment monitoring, among other applications. This article presents an approach of modelling and simulation of cooperation between active products that are equipped with a platform of sensor networks and ambient communication capabilities in order to increase their security, in a context of ambient intelligence of a deposit for chemical substances. T...

  13. Security approaches in using tablet computers for primary data collection in clinical research.

    Wilcox, Adam B; Gallagher, Kathleen; Bakken, Suzanne

    2013-01-01

    Next-generation tablets (iPads and Android tablets) may potentially improve the collection and management of clinical research data. The widespread adoption of tablets, coupled with decreased software and hardware costs, has led to increased consideration of tablets for primary research data collection. When using tablets for the Washington Heights/Inwood Infrastructure for Comparative Effectiveness Research (WICER) project, we found that the devices give rise to inherent security issues associated with the potential use of cloud-based data storage approaches. This paper identifies and describes major security considerations for primary data collection with tablets; proposes a set of architectural strategies for implementing data collection forms with tablet computers; and discusses the security, cost, and workflow of each strategy. The paper briefly reviews the strategies with respect to their implementation for three primary data collection activities for the WICER project. PMID:25848559

  14. Smart object design for active security management of hazardous products

    Dobre, Dragos; Bajic, Eddy

    2007-01-01

    The hazardous substances are products that need special attention from the personnel which manipulates them, therefore, there is an increased need for better security management of goods and people. In this paper we propose the design of the Smart Object capable to survey its own environment according to its own security rules and to cooperate with others surounding equiped products to manage the security level in acceptable boundaries. By this way, an Active Security Environment is created, ...

  15. Selected aspects of security mechanisms for cloud computing – current solutions and development perspectives

    Aneta Poniszewska-Maranda

    2014-01-01

    The security aspects of cloud computing, especially the security of data, become more and more important. It is necessary to find and develop the new mechanisms to secure the cloud. The problem presented in the paper concerns the mechanisms for security of cloud computing with special attention paid to aspects of access control in clouds - the state of the art and the perspectives for the future.

  16. Researches on Grid Security Authentication Algorithm in Cloud Computing

    Keshou Wu

    2011-11-01

    Full Text Available Focusing on multi-machine distributed computing security problems in cloud computing, the paper has proposed a grid distributed parallel authentication model based on trusted computing, which can realize simultaneous verification of grid authentication and grid behavior on upper layer of SSL and TLS protocols. Adaptive grid authentication method is established applying adaptive stream cipher framework; an adaptive stream cipher heuristic code generator and k-means heuristic behavior trust query function is proposed and acted as authentication kernel. Through comparison of the test results of TLS and SSL authentication protocol and the new grid authentication method, the effectiveness of the new grid authentication method has been explained.

  17. "Glitch Logic" and Applications to Computing and Information Security

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  18. Computer Security: Anatomy of a Usability Disaster, and a Plan for Recovery

    Sasse, M. A.

    2003-01-01

    This paper reviews past and current work on usability of security mechanisms. Given that most users interact with computer security on a daily basis, it is astonishing how little interest the CHI community has taken in the design of security systems. Many usability problems associated with security mechanisms could be avoided through application of basic usability knowledge and methods. At the same time, the design of security systems raises some issues that cannot be met with existing CHI kn...

  19. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    Sun Qiong; Min Liu; Shiming Pang

    2013-01-01

    With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...

  20. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    Sun Qiong

    2013-07-01

    Full Text Available With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed membership-based cloud service provided selection policy. By exploring the prospects of cloud computing in Internet sales, we try to solve the problem of the security of personal information in this channel.

  1. An Approach for Storage Security in Cloud Computing- A Survey

    W. Sharon Inbarani, G. Shenbaga Moorthy, C. Kumar Charlie Paul

    2013-01-01

    Full Text Available The many advantages of cloud computing areincreasingly attracting individuals and organizations tooutsource their data from local to remote cloud servers. Inaddition to cloud infrastructure and platform providers, such asAmazon, Google, and Microsoft, more and more cloudapplication providers are emerging which are dedicated tooffering more accessible and user friendly data storage servicesto cloud customers. Storing data in a third party’s cloud systemcauses serious concern over data confidentiality. Generalencryption schemes protect data confidentiality, but also limitthe functionality of the storage system. We propose a thresholdproxy re-encryption scheme and integrate it with decentralizederasure code such that a secure distributed storage system isformulated. The distributed storage system not only supportssecure and robust data storage and retrieval, but also lets a userforward his data in the storage servers to another user withoutretrieving the data back.

  2. Crytosystem for Computer security using Iris patterns and Hetro correlators

    R. Bremananth

    2011-11-01

    Full Text Available Biometric based cryptography system provides an efficient and secure data transmission as compare to the traditional encryption system. However, it is a computationally challenge task to solve the issues to incorporate biometric and cryptography. In connection with our previous works, this paper reveals a robust cryptosystem using iris biometric pattern as a crypto-key to resolve the issues in the encryption. An error correction engine based on hetro-correlators has been used to evoke the partially tarnished data fashioned by the decryption process. This process determines the non-repudiation and key management problems. The experimental results show that the suggestion algorithm can implement in the real-life cryptosystem.

  3. A Study of Implementing an Information Security Management System for Open Source Cloud Computing

    Cristian Cernat

    2012-09-01

    Full Text Available An Information Security Management System (ISMS contains a coordinated set of activities, processes, controls, and policies with the purpose of protecting and managing the information assets within an organization. In this paper we present the way in which an ISMS as specified in the ISO 27001 can be applied for the cloud and implemented on our test platform based on SlapOS, the first open source provisioning and billing system for distributed cloud computing. The goal of this paper is to demonstrate a new and easier way to manage security for the cloud, with a specific focus on distributed cloud computing. We will present the results measured by applying ISMS controls for ensuring levels of QoS and SLA according to contracts, moreover also optimizing the costs and resources used by the cloud platform.

  4. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Sergio Mauricio Martínez Monterrubio; Juan Frausto Solis; Raúl Monroy Borja

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer s...

  5. CERN Computing Colloquium | Computer Security in 2016: Where are we and what to expect | 8 February

    2016-01-01

    Computer Security in 2016: Where are we and what to expect  by Sebastian Lopienski, CERN-IT Monday 8 February from 11 a.m. to 12 p.m http://cseminar.web.cern.ch/cseminar/ at CERN, Council Chamber (503-1-001)  Description: Attacks against computer systems, belonging both to individuals and organisations, are an everyday reality. How many times have we heard about supposedly well protected companies and online services at the mercy of cyber criminals, or governments accusing other nation states of cyber espionage. Only the most serious breaches and biggest data leaks continue to make the headlines. But really, how secure is our data, computers and networks? What is happening behind the scenes? Is it actually possible to avoid the vulnerabilities, or detect the resulting exploits? This talk will address these questions and provide a high-level overview of security trends in the last year or two. It will include information on emerging typ...

  6. ROSA: Realistic Open Security Architecture for active networks

    Calderón, María; Bagnulo, Marcelo; Alarcos, Bernardo; Sedano, Marifeli

    2002-01-01

    Active network technology enables fast deployment of new network services tailored to the specific needs of end users, among other features. Nevertheless, security is still a main concern when considering the industrial adoption of this technology. In this article we describe an open security architecture for active network platforms that follow the discrete approach. The proposed solution provides all the required security features, and it also grants proper scalability of ...

  7. Computer Security: When a person leaves - access rights remain!

    Computer Security Team

    2014-01-01

    We have been contacted recently by an embarrassed project manager who just figured out that a student who left at the end of 2013 still had access rights to read the whole project folder in February 2014: “How can that be?! In any other company, access rights would be purged at the same time as an employment contract terminates." Not so at CERN.   CERN has always been an open site with an open community. Physical access to the site is lightweight and you just need to have your CERN access card at hand. Further restrictions have only been put in place where safety or security really require them, and CERN does not require you to keep your access card on display. The same holds for the digital world. Once registered at CERN - either by contract, via your experiment or through the Users' office - you own a computing account that provides you with access to a wide variety of computing services. For example, last year 9,730 students/technicians/engineers/researchers/sta...

  8. VCC-SSF: Service-Oriented Security Framework for Vehicular Cloud Computing

    Won Min Kang

    2015-02-01

    Full Text Available Recently, as vehicle computing technology has advanced, the paradigm of the vehicle has changed from a simple means of transportation to a smart vehicle for safety and convenience. In addition, the previous functions of the Intelligent Transportation System (ITS such as traffic accident prevention and providing traffic volume information have been combined with cloud computing. ITS services provide user-oriented broad services in the Vehicular Cloud Computing (VCC environment through efficient traffic management, traffic accident prevention, and convenience services. However, existing vehicle services focus on providing services using sensing information inside the vehicle and the system to provide the service through an interface with the external infrastructure is insufficient. In addition, because wireless networks are used in VCC environments, there is a risk of important information leakage from sensors inside the vehicle, such as driver personal identification and payment information at the time of goods purchase. We propose the VCC Service-oriented Security Framework (VCC-SSF to address the limitations and security threats of VCC-based services. The proposed framework considers security for convenient and efficient services of VCC and includes new user-oriented payment management and active accident management services. Furthermore, it provides authentication, encryption, access control, confidentiality, integrity, and privacy protection for user personal information and information inside the vehicle.

  9. Computational models of epileptiform activity.

    Wendling, Fabrice; Benquet, Pascal; Bartolomei, Fabrice; Jirsa, Viktor

    2016-02-15

    We reviewed computer models that have been developed to reproduce and explain epileptiform activity. Unlike other already-published reviews on computer models of epilepsy, the proposed overview starts from the various types of epileptiform activity encountered during both interictal and ictal periods. Computational models proposed so far in the context of partial and generalized epilepsies are classified according to the following taxonomy: neural mass, neural field, detailed network and formal mathematical models. Insights gained about interictal epileptic spikes and high-frequency oscillations, about fast oscillations at seizure onset, about seizure initiation and propagation, about spike-wave discharges and about status epilepticus are described. This review shows the richness and complementarity of the various modeling approaches as well as the fruitful contribution of the computational neuroscience community in the field of epilepsy research. It shows that models have progressively gained acceptance and are now considered as an efficient way of integrating structural, functional and pathophysiological data about neural systems into "coherent and interpretable views". The advantages, limitations and future of modeling approaches are discussed. Perspectives in epilepsy research and clinical epileptology indicate that very promising directions are foreseen, like model-guided experiments or model-guided therapeutic strategy, among others. PMID:25843066

  10. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data for a variety of users, often requiring strong separation between job allocations. There are many challenges to establishing these secure enclaves within the shared infrastructure of high-performance computing (HPC) environments. The isolation mechanisms in the system software are the basic building blocks for enabling secure compute enclaves. There are a variety of approaches and the focus of this report is to review the different virtualization technologies that facilitate the creation of secure compute enclaves. The report reviews current operating system (OS) protection mechanisms and modern virtualization technologies to better understand the performance/isolation properties. We also examine the feasibility of running ``virtualized'' computing resources as non-privileged users, and providing controlled administrative permissions for standard users running within a virtualized context. Our examination includes technologies such as Linux containers (LXC [32], Docker [15]) and full virtualization (KVM [26], Xen [5]). We categorize these different approaches to virtualization into two broad groups: OS-level virtualization and system-level virtualization. The OS-level virtualization uses containers to allow a single OS kernel to be partitioned to create Virtual Environments (VE), e.g., LXC. The resources within the host's kernel are only virtualized in the sense of separate namespaces. In contrast, system-level virtualization uses hypervisors to manage multiple OS kernels and virtualize the physical resources (hardware) to create Virtual Machines (VM), e.g., Xen, KVM. This terminology of VE and VM, detailed in Section 2, is used throughout the report to distinguish between the two different approaches to providing virtualized execution

  11. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua;

    2012-01-01

    access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing.......Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...

  12. A Review on Cloud Computing: Design Challenges in Architecture and Security

    Hu, Fei; Qiu, Meikang; Li, Jiayin; Grant, Travis; Taylor, Drew; McCaleb, Seth; Butler, Lee; Hamner, Richard

    2011-01-01

    Cloud computing is becoming a powerful network architecture to perform large-scale and complex computing.In this paper, we will comprehensively survey the concepts and architecture of cloud computing, as well as its security and privacy issues. We will compare different cloud models, trust/reputation models and privacy-preservation schemes. Their pros and cons are discussed for each cloud computing security and architecture strategy.

  13. Preaching What We Practice: Teaching Ethical Decision-Making to Computer Security Professionals

    Fleischmann, Kenneth R.

    The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism - we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders [1]. Computer security research and practice involves a number of opportunities for ethical decisions. For example, decisions about whether or not to automatically provide security updates involve tradeoffs related to caring versus user autonomy. Decisions about online voting include tradeoffs between convenience and security. Finally, decisions about routinely screening e-mails for spam involve tradeoffs of efficiency and privacy. It is critical that these and other decisions facing computer security researchers and professionals are confronted head on as value-laden design decisions, and that computer security researchers and professionals consider the perspectives of various stakeholders in making these decisions.

  14. Cloud Computing Adoption Framework – a security framework for business clouds

    Chang, Victor; Kuo, Yen-Hung; Ramachandran, Muthu

    2016-01-01

    This paper presents a Cloud Computing Adoption Framework (CCAF) security suitable for business clouds. CCAF multi-layered security is based on the development and integration of three major security technologies: firewall, identity management and encryption based on the development of Enterprise File Sync and Share technologies. This paper presents our motivation, related work and our views on security framework. Core technologies have been explained in details and experiments were designed t...

  15. Application of Trusted Computing to Secure Video Broadcasts to Mobile Receivers

    Gallery, Eimear; Tomlinson, Allan; Delicata, Rob

    2006-01-01

    This paper addresses the problem of configuring mobile devices to receive broadcast services protected by legacy conditional access systems. The protocols apply the concepts of trusted computing to allow a mobile host to demonstrate that it is secure, before any application or associated keys are securely downloaded. Thus the protocols are applicable anywhere a secure download is required. A general analysis of the security of the protocols is presented, followed by the r...

  16. A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

    KARDAŞ, Geylani; ÇELİKEL, Ebru; ALAYBEYOĞLU, Ayşegül

    2008-01-01

    In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication an...

  17. Case Study: Creation of a Degree Program in Computer Security. White Paper.

    Belon, Barbara; Wright, Marie

    This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

  18. EFFICIENT RANKED AND SECURE FILE RETRIEVAL IN CLOUD COMPUTING

    J. Jospin Jeya

    2014-01-01

    Full Text Available Cloud computing facilitates extremely scalable services that can be consumed over internet. An important aspect of the cloud services is that user data are stored remotely in unknown machines in which users do not posses or manage. Since the data’s are stored remotely, we have to keep in mind that sensitive cloud data have to be encrypted before they are outsourced to the commercial public cloud, which makes efficient data utilization service. Searchable encryption file retrieval technique allows users to securely search over encrypted data through search word. Ranking the files based on relevance scores greatly enhances system usability by making it possible relevance ranking instead of sending unwanted results and further ensures the file retrieval accuracy. In this study, we are developing an automated system for both named and un-named documents based on the clustering algorithms. We implement the ranking and searching algorithm to retrieve top k files. We also provides the mapping and encryption algorithm to protect the information. The resulting design is able to provide efficient ranking which will reduce the search time drastically and reduce the communication overhead. The mapping and encryption algorithms protect document against an outside attackers and prevent an untrusted cloud data provider from learning data.

  19. A secure communications infrastructure for high-performance distributed computing

    Foster, I.; Koenig, G.; Tuecke, S. [and others

    1997-08-01

    Applications that use high-speed networks to connect geographically distributed supercomputers, databases, and scientific instruments may operate over open networks and access valuable resources. Hence, they can require mechanisms for ensuring integrity and confidentially of communications and for authenticating both users and resources. Security solutions developed for traditional client-server applications do not provide direct support for the program structures, programming tools, and performance requirements encountered in these applications. The authors address these requirements via a security-enhanced version of the Nexus communication library; which they use to provide secure versions of parallel libraries and languages, including the Message Passing Interface. These tools permit a fine degree of control over what, where, and when security mechanisms are applied. In particular, a single application can mix secure and nonsecure communication, allowing the programmer to make fine-grained security/performance tradeoffs. The authors present performance results that quantify the performance of their infrastructure.

  20. Measuring Human Performance within Computer Security Incident Response Teams

    McClain, Jonathan T. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Silva, Austin Ray [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Avina, Glory Emmanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Forsythe, James C. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. These events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.

  1. Addressing security issues related to virtual institute distributed activities

    Stytz, Martin R.; Banks, Sheila B.

    2008-03-01

    One issue confounding the development and experimentation of distributed modeling and simulation environments is the inability of the project team to identify and collaborate with resources, both human and technical, from outside the United States. This limitation is especially significant within the human behavior representation area where areas such as cultural effects research and joint command team behavior modeling require the participation of various cultural and national representatives. To address this limitation, as well as other human behavior representation research issues, NATO Research and Technology Organization initiated a project to develop a NATO virtual institute that enables more effective and more collaborative research into human behavior representation. However, in building and operating a virtual institute one of the chief concerns must be the cyber security of the institute. Because the institute "exists" in cyberspace, all of its activities are susceptible to cyberattacks, subterfuge, denial of service and all of the vulnerabilities that networked computers must face. In our opinion, for the concept of virtual institutes to be successful and useful, their operations and services must be protected from the threats in the cyber environment. A key to developing the required protection is the development and promulgation of standards for cyber security. In this paper, we discuss the types of cyber standards that are required, how new internet technologies can be exploited and can benefit the promulgation, development, maintenance, and robustness of the standards. This paper is organized as follows. Section One introduces the concept of the virtual institutes, the expected benefits, and the motivation for our research and for research in this area. Section Two presents background material and a discussion of topics related to VIs, uman behavior and cultural modeling, and network-centric warfare. Section Three contains a discussion of the

  2. Secure multi-party computation solution to Yao's millionaires' problem based on set-inclusion

    LI Shundong; DAI Yiqi; YOU Qiyou

    2005-01-01

    Secure multi-party computation is a focus of international cryptography in recent years. Protocols for Yao's millionaires' problem have become an important building block of many secure multi-party computation protocols. Their efficiency are crucial to the efficiency of many secure multi-party computation protocols. Unfortunately, known protocols for Yao's millionaires' problem have high computational complexity or communication complexity. In this study, based on the 1-out-of-m oblivious transfer and set-inclusion problem, we propose a new protocol to solve this problem. This new protocol is very efficient in terms of both computational and communication complexities. Its privacy-preserving property is also proved by simulation paradigm which is generally accepted in the study of secure multi-party computation. We also compare the information leakage of our new protocol and the known protocols.

  3. New Approaches to Practical Secure Two-Party Computation

    Nordholt, Peter Sebastian

    gates) takes 64 seconds, but when repeating the task 27 times it only takes less than 3 seconds per instance. • Second, we revisit the LEGO protocol of Nielsen and Orlandi presented at TCC 2009. Their protocol demonstrated a more efficient technique to get malicious security in secure two...

  4. Management and Coordination of Nuclear Security Activities in Kenya

    Over recent years the structure, format and content of the International Atomic Energy Agency (IAEA) standards have been developed further to become the global reference for the delivery of high standards of safety, radiation protection, radioactive waste management (RWM) and the safe transport of radioactive materials. Unlike safety, international standards for security do not exist. While nuclear safety deals with the design and operation of facilities and activities that prevent accidental release of radioactivity into the environment; security, however, embraces the need to protect materials and facilities from theft, misuse, attack or sabotage. In managing and coordinating nuclear security activities, these two factors have been taken into account to ensure that physical security of sources and combating of illicit trafficking of nuclear and radioactive materials. The regulatory authority, working together with relevant border and other national security organs, bilateral, the IAEA and other international organizations to contain the situation. (author)

  5. A Survey on Mobile Cloud Computing with Embedded Security Considerations

    Victor Onomza Waziri; Joshua Abah; Olumide Sunday Adewale; Muhammad Bashir Abdullahi

    2014-01-01

    The emergence of cloud computing hold a promise to computing where software is provided as a services (SaaS) via the Internet. Mobile cloud computing integrates cloud computing with mobile devices. By this architecture, certain challenges (e.g., battery life, storage, and bandwidth) of mobile devices are addressed. Cloud computing provides the foundation for mobile cloud computing through the delivery of services, software, storage and computational capacity over the Internet, thereby reducin...

  6. Security for Service-Oriented On-Demand Grid Computing

    Smith, Matthew

    2009-01-01

    The Grid computing paradigm is becoming a well established method for high performance computing. While the first generation of Grid computing solutions implemented their own proprietary interfaces, the introduction of the service-oriented computing paradigm and the corresponding web service standards into the field of Grid computing through the Open Grid Services Architecture (OGSA) increased the interoperability of the Grid. Thi...

  7. Evolution of nuclear security regulatory activities in Brazil

    Mello, Luiz A. de; Monteiro Filho, Joselio S.; Belem, Lilia M.J.; Torres, Luiz F.B. [Comissao Nacional de Energia Nuclear (CNEN), Rio de Janeiro, RJ (Brazil). Diretoria de Radioprotecao e Segurania Nuclear. Coordenacao de Salvaguardas e Protecao Fisica], e-mail: gpf@cnen.gov.br

    2009-07-01

    The changing of the world scenario in the last 15 years has increased worldwide the concerns about overall security and, as a consequence, about the nuclear and radioactive material as well as their associated facilities. Considering the new situation, in February 2004, the Brazilian National Nuclear Energy Commission (CNEN), decided to create the Nuclear Security Office. This Office is under the Coordination of Nuclear Safeguards and Security, in the Directorate for Safety, Security and Safeguards (Regulatory Directorate). Before that, security regulation issues were dealt in a decentralized manner, within that Directorate, by different licensing groups in specific areas (power reactors, fuel cycle facilities, radioactive facilities, transport of nuclear material, etc.). This decision was made in order to allow a coordinated approach on the subject, to strengthen the regulation in nuclear/radioactive security, and to provide support to management in the definition of institutional security policies. The CNEN Security Office develops its work based in the CNEN Physical Protection Regulation for Nuclear Operational Units - NE-2.01, 1996, the Convention on the Physical Protection of Nuclear Material and the IAEA Nuclear Security Series . This paper aims at presenting the activities developed and the achievements obtained by this new CNEN office, as well as identifying the issues and directions for future efforts. (author)

  8. Evolution of nuclear security regulatory activities in Brazil

    The changing of the world scenario in the last 15 years has increased worldwide the concerns about overall security and, as a consequence, about the nuclear and radioactive material as well as their associated facilities. Considering the new situation, in February 2004, the Brazilian National Nuclear Energy Commission (CNEN), decided to create the Nuclear Security Office. This Office is under the Coordination of Nuclear Safeguards and Security, in the Directorate for Safety, Security and Safeguards (Regulatory Directorate). Before that, security regulation issues were dealt in a decentralized manner, within that Directorate, by different licensing groups in specific areas (power reactors, fuel cycle facilities, radioactive facilities, transport of nuclear material, etc.). This decision was made in order to allow a coordinated approach on the subject, to strengthen the regulation in nuclear/radioactive security, and to provide support to management in the definition of institutional security policies. The CNEN Security Office develops its work based in the CNEN Physical Protection Regulation for Nuclear Operational Units - NE-2.01, 1996, the Convention on the Physical Protection of Nuclear Material and the IAEA Nuclear Security Series . This paper aims at presenting the activities developed and the achievements obtained by this new CNEN office, as well as identifying the issues and directions for future efforts. (author)

  9. To Provide Security for Storage Services in Cloud Computing

    D.Shravani1 , Dr. S. Zahoor Ul Huq

    2013-01-01

    Cloud computing is the delivery of computing and storage capacity as a service to a community of end-recipients. Cloud computing entrusts services with a user's data, software and computation over a network. It is an emerging computing model in which resources of the computing communications are provided as services over the internet. Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications without the burden of local hardware and softwa...

  10. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Sergio Mauricio Martínez Monterrubio

    2015-01-01

    Full Text Available The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  11. EMRlog method for computer security for electronic medical records with logic and data mining.

    Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system. PMID:26495300

  12. CTF: Computer security competitions for learning and fun

    CERN. Geneva

    2015-01-01

    CTF hacking competitions condense practical security knowledge in short and measurable challenges, in short: education, fun, prizes and fame! This talk is an introduction to these type of competitions from a player perspective over the years.

  13. An SOA Model with Security-as-a-service in Cloud Computing Application-I banking

    Shalini G; Hamsalatha . J; Shivakumar, M.

    2014-01-01

    Cloud computing is an emerging technology which provides three main services namely SaaS,PaaS and IaaS where the security is addressed individually in each of these services. In this view the network traffic and computation time increases, and slows down the availability of cloud resources to the service consumers. In this paper we have proposed a new service provider namely security-as-a-service in cloud computing wherein all the security related tasks will be handled uniquely which is simil...

  14. Fast and maliciously secure two-party computation using the GPU

    Frederiksen, Tore Kasper; Nielsen, Jesper Buus

    2013-01-01

    We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two-party compu......-party computation in a financially feasible and practical setting by using a consumer grade CPU and GPU. Our protocol further uses some novel constructions in order to combine garbled circuits and an OT extension in a parallel and maliciously secure setting....

  15. A Glance at Secure Multiparty Computation for Privacy Preserving Data Mining

    Dr. Durgesh Kumar Mishra

    2009-11-01

    Full Text Available In this paper, we provide an overview of the new and rapidly emerging research area of Secure Multiparty Computation (SMC. We also propose several existing as well as new SMC problems along with some solutions. It provides detailed overview of work done so far in this area and a brief evaluation and conclusion about SMC. SMC literally means: Secure- Safety concerns for data security and integrity of individual organizations. Multiparty- Involving multiple organizations/parties for Privacy Preserving Data Mining (PPDM. Computations- Any global operations. Therefore, keeping them together, it is a mechanism to provide collaborate computations of multiple organizations without revealing data of individual organization.

  16. A Secure Multi-Party Computation Protocol for Malicious Computation Prevention for preserving privacy during Data Mining

    Mishra, Dr Durgesh Kumar; Kapoor, Nikhil; Bahety, Ravish

    2009-01-01

    Secure Multi-Party Computation (SMC) allows parties with similar background to compute results upon their private data, minimizing the threat of disclosure. The exponential increase in sensitive data that needs to be passed upon networked computers and the stupendous growth of internet has precipitated vast opportunities for cooperative computation, where parties come together to facilitate computations and draw out conclusions that are mutually beneficial; at the same time aspiring to keep their private data secure. These computations are generally required to be done between competitors, who are obviously weary of each-others intentions. SMC caters not only to the needs of such parties but also provides plausible solutions to individual organizations for problems like privacy-preserving database query, privacy-preserving scientific computations, privacy-preserving intrusion detection and privacy-preserving data mining. This paper is an extension to a previously proposed protocol Encrytpo_Random, which prese...

  17. Security Scheme and Its Application towards Vehicular Computing

    Maria baby; P. Bhuvaneshwari; Dr. S. Uma

    2014-01-01

    Cloud computing is a colloquial expression used to describe a variety of different types of computing that involves a large number of computers that are connected through real time communication network. Cloud computing is a ability to run a program on many connected computers at the same time. Another technology VANET uses moving car as nodes in a network to create a mobile network, allowing a car approximately 100 to 300 meters each other to connectand in turn, create a network ...

  18. Efficient Appraisal of Cloud Computing Through Comprehensive Confrontation of Security Issues and Discrepancies Involved

    Rajesh T1 , Vihari P

    2013-05-01

    Full Text Available Cloud computing is a new computational paradigm that an innovative business model allows organizations to adopt without prior IT investments well. Despite the potential benefits derived from the cloud computing, the security model is still the question of where the cloud model affects adoption. The security problem is complicated by the cloud model as newdimensions of the problem scope with respect to the model architecture, multi-tenancy, elasticity, and were entered. Dependency stack In this paper, a detailed analysis of the cloud security problem we. Introduce We investigated the problem from the perspective of architecture cloud, the cloud features offered perspective, the perspective of the cloud stakeholders, and cloud service delivery models perspective. Based on this analysis, we conduct a detailed specification of the cloud security problem and the main functions to be covered by any proposed security

  19. Naval Postgraduate School Center for Infosec Studies and Research: Teaching the Science of Computer Security (U)

    Irvine, Cynthia E.

    1997-01-01

    (U) The Naval Postgraduate School Center for Information Systems Security (INFOSEC) Studies and Research (NPS CISR) is developing a comprehensive program in INFOSEC education and research that can become a resource for DoN/DoD and U.S Government in terms of educational materials and research. A security track within the Computer Science curriculum has been established. Its philosophical core is the abstract notion of conceptually complete security mechanism, the Refere...

  20. Network and security challenges in cloud computing infrastructure as a service model

    Abdollahifar, Anahita

    2013-01-01

    The aim of the project is improving available approaches in Cloud Computing security. Because there is some limitations for understanding there is not enough information that how available Clouds are working and security approaches are engaged. The mentioned data is limited by commercial vendors. So, an open source Cloud was implemented and security concerns were studied. OpenStack and DevStack were chosen as an open source Clouds. Different modules of platform and their intern...

  1. Comment on ''Secure multiparty computation with a dishonest majority via quantum means''

    In a recent paper [K. Loukopoulos and D. E. Browne, Phys. Rev. A 81, 062336 (2010)], five schemes for secure multiparty computation utilizing the Greenberger-Horne-Zeilinger (GHZ) quantum correlation were presented, which were claimed to be secure in some kinds of security models. However, this study points out that schemes C and D2 could be attacked by corrupted parties replacing photon and exchanging classical information.

  2. Security Mechanism in Computer Network Environment: A Study of Adoption Status in Malaysian Company

    N. Darmawan; A. Yee-Loong Chong; Keng-Boon Ooi; V. A/L Venggadasallam

    2009-01-01

    The principle objective of this study was to examine the computer network security level of Malaysian companies. Original research using a self-administered questionnaire was distributed to 300 Malaysian companies. Data were analyzed by employing descriptive statistics. In general the adoption level of network security tools in Malaysia is still considered low with an average mean of 3.22. Based on the tools adopted, most of the companies are using common network security tool such as antivir...

  3. Computer Networks Security Models - A New Approach for Denial-of-Services Attacks Mitigation

    Tsvetanov, Tsvetomir

    2010-01-01

    Computer networks are a critical factor for the performance of a modern company. Managing networks is as important as managing any other aspect of the company’s performance and security. There are many tools and appliances for monitoring the traffic and analyzing the network flow security. They use different approaches and rely on a variety of characteristics of the network flows. Network researchers are still working on a common approach for security baselining that might e...

  4. PUBLIC LINEAR PROGRAMMING SOLUTION FOR THE DESIGN OF SECURE AND EFFICIENT COMPUTING IN CLOUD

    Dr.R.V.Krishnaiah

    2013-09-01

    Full Text Available This next generation of computing holds enormous potential to stimulate economic growth and enable governments to reduce costs, increase transparency and expand services to citizens. Cloud computing robust computational power to the society at reduced cost and enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation.

  5. Perspective on Secure Development Activities and Features of Safety I and C Systems

    The Enforcement Decree of the Act on Physical Protection and Radiological Emergency (ED-APPRE) was revised December 2013 to include security requirements on computer systems at nuclear facilities to protect those systems against malicious cyber-attacks. It means Cyber-Security-related measures, controls and activities of safety I and C systems against cyber-attacks shall meet the requirements of ED-APPRE. Still regulation upon inadvertent access or non-malicious modifications to the safety I and C systems is covered under the Nuclear Safety Act. The objective of this paper is to propose KINS' regulatory perspective on secure development and features against non-malicious access or modification of safety I and C systems. Secure development activities and features aim to prevent inadvertent and non-malicious access, and to prevent unwanted action from personnel or connected systems for ensuring reliable operation of safety I and C systems. Secure development activities of safety I and C systems are life cycle activities to ensure unwanted, unneeded and undocumented code is not incorporated into the systems. Secure features shall be developed, verified and qualified throughout the development life cycle

  6. Perspective on Secure Development Activities and Features of Safety I and C Systems

    Kang, Youngdoo; Yu, Yeong Jin; Kim, Hyungtae; Kwon, Yong il; Park, Yeunsoo; Choo, Jaeyul; Son, Jun Young; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

    2015-05-15

    The Enforcement Decree of the Act on Physical Protection and Radiological Emergency (ED-APPRE) was revised December 2013 to include security requirements on computer systems at nuclear facilities to protect those systems against malicious cyber-attacks. It means Cyber-Security-related measures, controls and activities of safety I and C systems against cyber-attacks shall meet the requirements of ED-APPRE. Still regulation upon inadvertent access or non-malicious modifications to the safety I and C systems is covered under the Nuclear Safety Act. The objective of this paper is to propose KINS' regulatory perspective on secure development and features against non-malicious access or modification of safety I and C systems. Secure development activities and features aim to prevent inadvertent and non-malicious access, and to prevent unwanted action from personnel or connected systems for ensuring reliable operation of safety I and C systems. Secure development activities of safety I and C systems are life cycle activities to ensure unwanted, unneeded and undocumented code is not incorporated into the systems. Secure features shall be developed, verified and qualified throughout the development life cycle.

  7. 77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    2012-12-18

    ... ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM))--Match Number 1307 AGENCY: Social Security Administration. ACTION...-certification of eligibility for the Extra Help with ] Medicare Prescription Drug Plan Costs program (Extra...

  8. Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

    Foltz, C. Bryan; Renwick, Janet S.

    2011-01-01

    The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

  9. 78 FR 38949 - Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response

    2013-06-28

    ... information sharing and communication before, during and after an incident? Coordinated Handling of an... Technology (NIST) is seeking information relating to Computer Security Incident Coordination (CSIC). NIST is... defensive technologies, such as anti-virus scanning, cryptographically- protected communications,...

  10. Analytical Investigation on Computer Network Security System of Colleges and Universities

    徐悦

    2013-01-01

    With the development of network technology, computer systems of colleges and universities gradually use network management and services, which provides comprehensive and convenient information access and management conditions. How?ever, in the network environment, the security of the system faces security threats like virus, malicious software and human at?tack, which may make the network data of the computer system damaged and tampered, or even lead to network system paraly?sis, breakdown of system concerning management and payment, missing and stealing of confidential documents. Therefore, it is of important application significance to promote the security of computer network systems of colleges and universities. This paper conducts comprehensive analysis on the security system of computer network systems of colleges and universities, elaborates its R&D and application status and puts forward specific schemes of prevention and solutions, which provides suggestions and refer?ence for its construction.

  11. Security, Privacy and Trust Challenges in Cloud Computing and Solutions

    Seyyed Yasser hashemi; Parisa Sheykhi Hesarlo

    2014-01-01

    Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing recently emerged as a promising solution to information technology (IT) management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. As much as the technologic...

  12. Security and Privacy of Sensitive Data in Cloud Computing

    Gholami, Ali

    2016-01-01

    Cloud computing offers the prospect of on-demand, elastic computing, provided as a utility service, and it is revolutionizing many domains of computing. Compared with earlier methods of processing data, cloud computing environments provide significant benefits, such as the availability of automated tools to assemble, connect, configure and reconfigure virtualized resources on demand. These make it much easier to meet organizational goals as organizations can easily deploy cloud services. Howe...

  13. E-Commerce Applications Security Aspects in Cloud Computing

    Sridhar, D.; V.Ganapriya2

    2014-01-01

    Cloud computing has attracted the IT enterprise attention especially the e-commerce enterprise. Cloud computing is a new Internet-based computer technology. The paper analyzed the current actuality of the application for enterprise E-commerce, and pointed the main issue of that application

  14. Integrated Safety Mechanisms Based on Security Risks Minimization for the Distributed Computer Systems

    Vadym Mukhin; Artem Volokyta

    2013-01-01

    Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems.In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potentia...

  15. Strategic Planning for the Computer Security: A Practice Case of an Electrical Research Institute

    Jorge A. Ruiz-Vanoye; Ocotlan Diaz-Parra; Ana Canepa Saénz; Barrera-Cámara, Ricardo A.; Alejandro Fuentes-Penna; Beatriz Bernabe-Loranca

    2014-01-01

    We show a practice case of strategic planning for the computer science security based on the concepts of strategic administration of enterprise politics. The practice case of the computer science security shows information about an Electric Research Institute of Mexican Government. The Electric Research Institute is a public enterprise dedicated to innovation, technological development and applied scientific research, in order to develop technologies applicable to the electrical and oil indus...

  16. 云计算安全性研究%Research on Cloud Computing Security

    班增辉

    2016-01-01

    虽然就目前来看,对云计算尚未有明确的界定,但是在社会的各个领域都对云计算有广泛的应用。在用户选择云计算时,需要考虑云计算的安全性,保证云计算的安全性也是实现其稳定、健康发展的重--素。文章以云计算的概念与特征为切入点,分析云计算在其应用中存在的安全问题,探讨云计算的安全性问题与云计算的安全策略与建议。%Although the cloud computing has not yet have a clear deifnition, but in every ifeld of society have wide application on cloud computing. When the user select the cloud, it is necessary to consider the security of cloud computing, ensure the security of cloud computing and achieve the stable and healthy development of the important factors. Based on the concept and characteristics of cloud computing as the breakthrough point, analysis of the application of cloud computing in its security problems, probing into the security issues of cloud computing and cloud computing security strategies and Suggestions.

  17. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  18. Teaching Hands-On Linux Host Computer Security

    Shumba, Rose

    2006-01-01

    In the summer of 2003, a project to augment and improve the teaching of information assurance courses was started at IUP. Thus far, ten hands-on exercises have been developed. The exercises described in this article, and presented in the appendix, are based on actions required to secure a Linux host. Publicly available resources were used to…

  19. Computer Security: “Heartbleed” - a disaster for privacy

    Computer Security Team

    2014-01-01

    "On a scale of 1 to 10, this is an 11,” claimed the famous security expert Bruce Schneier (see here). Indeed, the serious vulnerability dubbed “Heartbleed” affects everyone who relies on secure and private Internet communication. You cannot avoid it, so let’s see how it affects you.   “Heartbleed” is the name that's been given to a vulnerability for OpenSSL (CVE-2014-0160). This software implements “the Secure Socket Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptography library”. SSL and TLS protocols are used to encrypt any communication between a client and a server, and to ensure that your communication is safe from eavesdropping or spying - that is, until 2012, when this bug was introduced. It allows the extraction of the first 64 kB from the memory of a server or client using OpenSSL (not necessarily web servers), and can potent...

  20. An Analysis of Security Challenges in Cloud Computing

    Ms. Disha H. Parekh

    2013-02-01

    Full Text Available Vendors offer a pool of shared resources to their users through the cloud network. Nowadays, shifting to cloud is a very optimal decision as it provides pay-as-you-go services to users. Cloud has boomed high in business and other industries for its advantages like multi-tenancy, resource pooling, storage capacity etc. In spite of its vitality, it exhibits various security flaws including loss of sensitive data, data leakage and few others related to cloning, resource pooling and so on. As far as security issues are concerned, a very wide study has been reviewed which signifies threats with service and deployment models of cloud. In order to comprehend these threats, this study is presented so as to effectively refine the crude security issues under various areas of cloud. This study also aims at revealing different security threats under the cloud models as well as network concerns to stagnate the threats within cloud, facilitating researchers, cloud providers and end users for noteworthy analysis of threats.

  1. Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2009-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a singl...

  2. An Australian Perspective On The Challenges For Computer And Network Security For Novice End-Users

    Patryk Szewczyk

    2012-12-01

    Full Text Available It is common for end-users to have difficulty in using computer or network security appropriately and thus have often been ridiculed when misinterpreting instructions or procedures. This discussion paper details the outcomes of research undertaken over the past six years on why security is overly complex for end-users. The results indicate that multiple issues may render end-users vulnerable to security threats and that there is no single solution to address these problems. Studies on a small group of senior citizens has shown that educational seminars can be beneficial in ensuring that simple security aspects are understood and used appropriately.

  3. Noise-driven informatics: secure classical communications via wire and noise-based computing

    Kish, Laszlo B

    2008-01-01

    In this paper, we show recent results indicating that using electrical noise as information carrier offers outstanding potentials reminding of quantum informatics. One example is noise-based computing and logic that shows certain similarities to quantum logic. However, due to the lack of the collapse of wavefunction and due to the immediate accessibility of superposition components, the use of noise-based and quantum computers will probably be different. Another example is secure communications where, out of the unconditional security at idealistic situations, a practical security beyond known quantum solutions can be achieved and has been demonstrated. Here the keys to security are the robustness of classical information, and the second law of thermodynamics. These offer the avoidance of making error statistics and single bit security. It has the potential to restrict the practical applications of quantum communicators to the situations where no wire can be used but optical communication via fiber or via spa...

  4. Computer Security: “Hello World” - Welcome to CERN

    Stefan Lueders, Computer Security Team

    2015-01-01

    Welcome to the open, liberal and free academic computing environment at CERN. Thanks to your new (or long-established!) affiliation with CERN, you are eligible for a CERN computing account, which enables you to register your devices: computers, laptops, smartphones, tablets, etc. It provides you with plenty of disk space and an e-mail address. It allows you to create websites, virtual machines and databases on demand.   You can now access most of the computing services provided by the GS and IT departments: Indico, for organising meetings and conferences; EDMS, for the approval of your engineering specifications; TWiki, for collaboration with others; and the WLCG computing grid. “Open, liberal, and free”, however, does not mean that you can do whatever you like. While we try to make your access to CERN's computing facilities as convenient and easy as possible, there are a few limits and boundaries to respect. These boundaries protect both the Organization'...

  5. A Compendium Over Cloud Computing Cryptographic Algorithms and Security Issues

    Neha Mishra; Shahid Siddiqui; Jitesh P. Tripathi

    2015-01-01

    Cloud computing is an emerging and revolutionary approach towards the computing and becoming more risk prone than ever before. It is an evolutionary approach of using resources and services on demand and as per need of consumers. Cloud computing providing a platform rose on the Internet for usage of IT services and flexible infrastructure to the consumers and business. Deployment and management of services or resources are maintained by the third party. Whereas there are innumerable advantage...

  6. Cloud Computing: Virtual Clusters, Data Security, and Disaster Recovery

    Hwang, Kai

    Dr. Kai Hwang is a Professor of Electrical Engineering and Computer Science and Director of Internet and Cloud Computing Lab at the Univ. of Southern California (USC). He received the Ph.D. in Electrical Engineering and Computer Science from the Univ. of California, Berkeley. Prior to joining USC, he has taught at Purdue Univ. for many years. He has also served as a visiting Chair Professor at Minnesota, Hong Kong Univ., Zhejiang Univ., and Tsinghua Univ. He has published 8 books and over 210 scientific papers in computer science/engineering.

  7. Securing and Managing the Data with efficient Architecture in Cloud Computing Environment

    kartheesan log

    2012-11-01

    Full Text Available Cloud computing technology and services has become an important issue in the recent years. Cloud Computing needs lot of attention, time and innovative concepts for the technology to mature over a period of time. Many organizations show interest in adopting cloud computing technology and services because of its socio economic and time factor. Cloud computing is nothing but virtual centralization of different computers where the software and memory space is provided by the vendor and the data is managed by them. This leaves the client/customer unaware of where the process is running or where the data is stored. Security of the data is highly dependent on the vendor who has to provide an assurance to the customer on security issues by making service level agreements. This paper focus on security issues, requirements for providing a secured data in cloud computing environment by giving a standard service oriented cloud computing Architecture and management tools that can be used by the organizations for authentication, confidentiality and integrity. Thus providing secured data access and transfer. 

  8. Hybrid-secure MPC 

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    parameter ρ < n/2, we obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t < n/2, and computationally secure with agreement on abort (privacy and correctness only) for up to t < n -ρ. Our......Most protocols for distributed, fault-tolerant computation, or multi-party computation (MPC), provide security guarantees in an all-or-nothing fashion. In contrast, a hybrid-secure protocol provides different security guarantees depending on the set of corrupted parties and the computational power...... of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness...

  9. A User-Centric Data Secure Creation Scheme in Cloud Computing

    SU Mang; LI Fenghua; SHI Guozhen; GENG Kui; XIONG Jinbo

    2016-01-01

    Due to the use of the cloud computing technology, the ownership is separated from the adminis-tration of the data in cloud and the shared data might be migrated between different clouds, which would bring new challenges to data secure creation, especially for the data privacy protection. We propose a User-centric data secure creation scheme (UCDSC) for the security requirements of resource owners in cloud. In this scheme, a data owner first divides the users into different domains. The data owner encrypts data and defines different secure managing poli-cies for the data according to domains. To encrypt the data in UCDSC, we present an algorithm based on Access con-trol conditions proxy re-encryption (ACC-PRE), which is proved to be master secret secure and Chosen-ciphertext attack (CCA) secure in random oracle model. We give the application protocols and make the comparisons between some existing approaches and UCDSC.

  10. IMPROVED SECURE STORAGE AS SERVICE IN CLOUD COMPUTING

    Mutharasi N

    2015-10-01

    Full Text Available Cloud is the vast area where multiple accesses to the storage has been emerging. Data sharing is the important thing which was accessible around the world by multiple entities. In my proposed work, data has been stored and accessed from cloud in an efficient manner by encrypting with asymmetric algorithm and generating the hash value for the encrypted data. To ensure high security we are splitting the encrypted data into ‘n’ number of parts and storing it in different cloud servers. During the retrieval process integrate the different parts of the encrypted data and decrypt the file in clients place. Thus providing high security to the data stored in the cloud space. Our proposed scheme is highly efficient even if server crashes.

  11. A technique for the development of reliable software for computer-aided security systems

    This contribution gives a review of the tasks of a computer-aided security system, the specialities of the software design and the many measures and techniques used to reach high reliability of software in nuclear engineering. These measures and techniques can also be transferred to the security systems of other fields of technology. The future tasks of security systems are briefly discussed that cannot be realized without computers. The constructive measures that can be used during the particular development stages are given by means of the distributed security computer system that has been developed at Karlsruhe Nuclear Research Center (KfK). The different types of analytical measures as well as the corresponding tools for testing and verification of high reliability software are briefly described. (orig.)

  12. Main control computer security model of closed network systems protection against cyber attacks

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  13. On the Boundaries of Trust and Security in Computing and Communications Systems

    Pathan, Al-Sakib Khan

    2012-01-01

    This article analyzes trust and security in computing and communications systems. While in human-life, trust usually has some kind of commonly understood meaning, in the realm of computing and communications systems, it could be interpreted differently in different environments and settings. On the other hand, security is about making sure that the participating entities are legitimate in a communication event or incident so that the core requirements of privacy, integrity, and authenticity are maintained. This notion is also true for our human life, even for example entering a house needs legitimacy of a person. Some boundary lines preserve the security; otherwise an unwanted access is called a 'security breach'. The intent of this article is to compare and discuss these two terms with our societal behavior and understanding amongst entities. To illustrate these issues especially in computing and communications world, some of the innovating and recent technologies are discussed which demand trust and securit...

  14. Dynamic Threat Assessment for Prioritising Computer Network Security

    Hayat, MZ; Reeve, JS; Boutle, C

    2006-01-01

    Large corporations today consist of heterogeneous IT networks with many thousands of devices, which may use numerous physical and logical interfaces to communicate. Much effort has been applied in automating laborious, time-consuming and sometimes-repetitive security services such as patch management and event loggers for these networks. However such tasks can still take many hours and even days to successfully complete. Currently it is left to the systems administrators’ discretion to choose...

  15. Integrated Safety Mechanisms Based on Security Risks Minimization for the Distributed Computer Systems

    Vadym Mukhin

    2013-02-01

    Full Text Available Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems.In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potential losses due to the realization of threats, to analyze the dynamics of intrusions into computer systems and to select the effective security tools.As a result, there is designed the structure of the tools for risk minimization in the distributed computer systems and are formalized the main functions of this structure. Also, in the paper is suggested the assessment of risk factors of the security threats and the probability of the threats realization, which are based on their division into appropriate groups. The proposed tools for security risk minimization allow effectively identify, classify and analyze threats to the security of the distributed computing systems.

  16. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    Hazay, Carmit; Toft, Tomas

    2014-01-01

    We propose a protocol for the problem of secure two-party pattern matching, where Alice holds a text t∈{0,1}∗ of length n, while Bob has a pattern p∈{0,1}∗ of length m. The goal is for Bob to (only) learn where his pattern occurs in Alice’s text, while Alice learns nothing. Private pattern matching...... costs of O(n+m) group elements in a constant round complexity. This improves over previous work by Gennaro et al. (Public Key Cryptography, pp. 145–160, 2010) whose solution requires overhead of O(nm) group elements and exponentiations in O(m) rounds. In addition to the above, we propose a collection of...... protocols for important variations of the secure pattern matching problem that are significantly more efficient than the current state of art solutions: First, we deal with secure pattern matching with wildcards. In this variant the pattern may contain wildcards that match both 0 and 1. Our protocol...

  17. Cyber Security on Nuclear Power Plant's Computer Systems

    Computer systems are used in many different fields of industry. Most of us are taking great advantages from the computer systems. Because of the effectiveness and great performance of computer system, we are getting so dependable on the computer. But the more we are dependable on the computer system, the more the risk we will face when the computer system is unavailable or inaccessible or uncontrollable. There are SCADA, Supervisory Control And Data Acquisition, system which are broadly used for critical infrastructure such as transportation, electricity, water management. And if the SCADA system is vulnerable to the cyber attack, it is going to be nation's big disaster. Especially if nuclear power plant's main control systems are attacked by cyber terrorists, the results may be huge. Leaking of radioactive material will be the terrorist's main purpose without using physical forces. In this paper, different types of cyber attacks are described, and a possible structure of NPP's computer network system is presented. And the paper also provides possible ways of destruction of the NPP's computer system along with some suggestions for the protection against cyber attacks

  18. An Empirical Measure of Computer Security Strength for Vulnerability Remediation

    Villegas, Rafael

    2010-01-01

    Remediating all vulnerabilities on computer systems in a timely and cost effective manner is difficult given that the window of time between the announcement of a new vulnerability and an automated attack has decreased. Hence, organizations need to prioritize the vulnerability remediation process on their computer systems. The goal of this…

  19. FAO ACTIVITIES FOR THE INTERNATIONAL FOOD SECURITY

    РАГИМОВ НИШАТ ИНГИЛАБ ОГЛЫ

    2011-03-01

    Full Text Available  In this article there are analyzed the concept of food safety, activity of the Food and Agricultural Organization of the United Nations (FAO in sphere of maintenance of food safety, and also influence of such activity on various internal measures, for maintenance of national economic safety of the country is granted. In article the conferences spent by FAO, and also the accepted programs on maintenance of the world food safety. Besides, it is considered the concept of «food crisis» and ways of its elimination, physiological and economic criteria of food safety of the world and the country are revealed. Despite some revealings, it is necessary to notice that till now there is no even a uniform standard definition of the concept «food safety» that is simultaneously ascertained.

  20. Implementing AES via an Actively/Covertly Secure Dishonest-Majority MPC Protocol

    Damgård, Ivan Bjerre; Keller, Marcel; Keller, Enrique;

    2012-01-01

    We describe an implementation of the protocol of Damgård, Pastro, Smart and Zakarias (SPDZ/Speedz) for multi-party computation in the presence of a dishonest majority of active adversaries. We present a number of modifications to the protocol; the first reduces the security to covert security, but...... implementation techniques, which are distinct from prior MPC work in this area due to the use of MACs within the SPDZ protocol. We then examine two implementation choices for the finite fields; one based on finite fields of size 28 and one based on embedding the AES field into a larger finite field of size 240...

  1. Advances in computers dependable and secure systems engineering

    Hurson, Ali

    2012-01-01

    Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field. In-depth surveys and tutorials on new computer technologyWell-known authors and researchers in the fieldExtensive bibliographies with m

  2. Cryptography for security and privacy in cloud computing

    Rass, Stefan

    2013-01-01

    As is common practice in research, many new cryptographic techniques have been developed to tackle either a theoretical question or foreseeing a soon to become reality application. Cloud computing is one of these new areas, where cryptography is expected to unveil its power by bringing striking new features to the cloud. Cloud computing is an evolving paradigm, whose basic attempt is to shift computing and storage capabilities to external service providers.This resource offers an overview of the possibilities of cryptography for protecting data and identity information, much beyond well-known

  3. Secure grid-based computing with social-network based trust management in the semantic web

    Špánek, Roman; Tůma, Miroslav

    2006-01-01

    Roč. 16, č. 6 (2006), s. 475-488. ISSN 1210-0552 R&D Projects: GA AV ČR 1ET100300419; GA MŠk 1M0554 Institutional research plan: CEZ:AV0Z10300504 Keywords : semantic web * grid computing * trust management * reconfigurable networks * security * hypergraph model * hypergraph algorithms Subject RIV: IN - Informatics, Computer Science

  4. Secured histories: computing group statistics on encrypted data while preserving individual privacy

    Rieffel, Eleanor; van Melle, William; Lee, Adam J

    2010-01-01

    As sensors become ever more prevalent, more and more information will be collected about each of us. A long-term research question is how best to support beneficial analysis of such data while preserving individual privacy. Awareness systems represent an emerging class of applications supporting both business and social functions that leverage pervasive sensors to detect and report end-user physical state, activities, and available communication channels. To buy into the system, however, users must be able to control how information about them is shared. We introduce "need to know" security in which an individual has full access to her own data, a third party processes the data without learning anything about the data values, and other users, such as analysts, learn only the desired statistics. Our novel privacy mechanism for time series data gives users a high level of control over their individual data while allowing storage of data and computation of summary statistics to take place on untrusted machines. ...

  5. DEVELOPING A SECURITY PROTOCOL FOR A WIRELESS COMPUTER VIRTUAL LABORATORY (WCVLAB

    EDWARD N. UDO

    2011-12-01

    Full Text Available For a Virtual Computer Laboratory (VCLAB to operate effectively within a Wireless intranet setup, a lot of protocols are employed to function. This write-up is aimed at developing a protocol to secure a Wireless Computer Virtual Laboratory (WCVLAB of any institution. The protocol developed secures a Wireless Computer Virtual Laboratory through an authentication server by supplying authentication parameters at registration, which will be stored to be used at login for comparison. Fingerprint is used to ensure that a user iswho he or she claims to be. Duration for access is allotted for a user, after which initial parameters will be supplied for re-authentication. While a user is still logged-on, security questions will be posed intermittently to avoid spoofing. The methodology used for this research is Structured System Analysis and Design. Java Programming Language is used for coding the program and MySQL is the database tool. The result of the implemented system is a secured protocol that guarantees secured access. This is different from the security of other Computer Virtual Laboratory which uses only users name, pin or registration number.

  6. Computer Security: IT or not IT, that is the question

    Stefan Lueders, Computer Security Team

    2015-01-01

    Following on from our recent Bulletin article on “How to succeed in software deployment” (see here), we repeatedly face the problem that “standard” IT services are replicated within CERN or even outsourced to external companies.   Past experience has shown that such non-centrally managed systems are more prone to security risks and, in the long run, are less well managed – that is, if they’re not eventually orphaned completely. If hosted outside CERN, there is also the risk that sensitive data from the Organization could be leaked and that CERN would not be able to intervene in the event of a security problem. Imagine, for example, a slide show created by an external consultant and hosted in the cloud… While this might have been convenient for the consultant, a regular user of that cloud service, the content was lost once the consultant’s job was done and nobody at CERN took responsibility for the slide show. Or...

  7. 17 CFR 240.3b-15 - Definition of ancillary portfolio management securities activities.

    2010-04-01

    ... portfolio management securities activities. 240.3b-15 Section 240.3b-15 Commodity and Securities Exchanges... ancillary portfolio management securities activities. (a) The term ancillary portfolio management securities... of incidental trading activities for portfolio management purposes; and (3) Are limited to...

  8. 75 FR 47311 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security...

    2010-08-05

    ... period soliciting comments, of the following collection of information on March 4, 2010, 75 FR 9920... security costs and information reasonably necessary to complete an audit. This requirement includes... SECURITY Transportation Security Administration Extension of Agency Information Collection Activity...

  9. Fair Secure Computation with Reputation Assumptions in the Mobile Social Networks

    Yilei Wang

    2015-01-01

    Full Text Available With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

  10. A PROFICIENT MODEL FOR HIGH END SECURITY IN CLOUD COMPUTING

    R. Bala Chandar

    2014-01-01

    Full Text Available Cloud computing is an inspiring technology due to its abilities like ensuring scalable services, reducing the anxiety of local hardware and software management associated with computing while increasing flexibility and scalability. A key trait of the cloud services is remotely processing of data. Even though this technology had offered a lot of services, there are a few concerns such as misbehavior of server side stored data , out of control of data owner's data and cloud computing does not control the access of outsourced data desired by the data owner. To handle these issues, we propose a new model to ensure the data correctness for assurance of stored data, distributed accountability for authentication and efficient access control of outsourced data for authorization. This model strengthens the correctness of data and helps to achieve the cloud data integrity, supports data owner to have control on their own data through tracking and improves the access control of outsourced data.

  11. Assessing the Risk Situation of Network Security for Active Defense

    ZHANG Xiang; YAO Shuping; TANG Chenghua

    2006-01-01

    The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of risk and forecast index in time series, they were analytical hierarchy process (AHP) and support vector regression (SVR). The module framework applied the methods above was also discussed. Experiment results showed the forecast values were so close to actual values and so it proved the approach is correct.

  12. Activity Report (2001 - 2003). Computing Research Center of KEK

    An activity of Computing Research Center from 2001 to 2003 is reported. In the IT field, the network environment has been changed rapidly in these years, for example, from Internet to broad band network. Super SINET made a new research environment in the high energy physics, nuclear fusion, cosmophysics, biology, nanoscience and computing GRID by a very high speed network. With using the network, a large amount of experimental data from Belle group was analyzed among KEK, Nagoya, Tohoku and Tokyo University and Tokyo Institute of Technology. The report consists of eight chapters; the first chapter contains research and development of fourteen devices, the second chapter application of computer system, the third use of information system, the forth use of network system, the fifth security, the sixes user support, the seventh preparation of facility and the eighth materials and activity records. (S.Y.)

  13. Secure data structures based on multi-party computation

    Toft, Tomas

    2011-01-01

    This work considers data structures based on multi-party computation (MPC) primitives: structuring secret (e.g. secret shared and potentially unknown) data such that it can both be queried and updated efficiently. Implementing an oblivious RAM (ORAM) using MPC allows any existing data structure...

  14. Computing on Masked Data to improve the Security of Big Data

    Gadepally, Vijay; Hancock, Braden; Kaiser, Benjamin; Kepner, Jeremy; Michaleas, Pete; Varia, Mayank; Yerukhimovich, Arkady

    2015-01-01

    Organizations that make use of large quantities of information require the ability to store and process data from central locations so that the product can be shared or distributed across a heterogeneous group of users. However, recent events underscore the need for improving the security of data stored in such untrusted servers or databases. Advances in cryptographic techniques and database technologies provide the necessary security functionality but rely on a computational model in which t...

  15. Secure Computation of Top-K Eigenvectors for Shared Matrices in the Cloud

    Powers, James; Chen, Keke

    2012-01-01

    With the development of sensor network, mobile computing, and web applications, data are now collected from many distributed sources to form big datasets. Such datasets can be hosted in the cloud to achieve economical processing. However, these data might be highly sensitive requiring secure storage and processing. We envision a cloud-based data storage and processing framework that enables users to economically and securely share and handle big datasets. Under this framework, we study the ma...

  16. High-performance secure multi-party computation for data mining applications

    Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas;

    2012-01-01

    -world benchmarks. Sharemind is a secure multi-party computation framework designed with real-life efficiency in mind. It has been applied in several practical scenarios, and from these experiments, new requirements have been identified. Firstly, large datasets require more efficient protocols for standard...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

  17. Unconditionally secure computers, algorithms and hardware, such as memories, processors, keyboards, flash and hard drives

    Kish, Laszlo B.; Saidi, Olivier

    2008-01-01

    In the case of the need of extraordinary security, Kirchhoff-loop-Johnson-(like)-noise ciphers can easily be integrated on existing types of digital chips in order to provide secure data communication between hardware processors, memory chips, hard disks and other units within a computer or other data processor system. The secure key exchange can take place at the very first run and the system can renew the key later at random times with an authenticated fashion to prohibit man-in-the-middle ...

  18. IMPLEMENTATION OF PERVASIVE COMPUTING BASED HIGH-SECURE SMART HOME SYSTEM

    Ventylees Raj.S

    2012-11-01

    Full Text Available In recent year, the home environment has seen a rapid introduction of wireless communication network enabled advance computing technologies. In this paper I mainly focus on the monitoring of smart home remotely and providing security when user is away from the home. The proposed security algorithm is combining of Biometrics, public key encryption and SMS based security alarm system. In the proposed security algorithm offered only Authenticate person monitoring home appliances via wireless networks. In the proposed pervasive monitoring system it provides security against intrusion as well as it automates various home appliances using SMS. Zigbee IEEE 802.15.4 based Sensor Network, GSM and Wi-Fi wireless networks are embedded through a standard Home gateway. This home gateway controls the overall wireless communication of smart home systems. The pervasive computing environment created by the smart Sensors, wireless networksand context-aware routing protocol for wireless sensor networks. Each smart Sensor node should have multipath routing protocol to automatically establish the wireless networks between Smart Nodes. To develop a new ondemand context-aware routing protocol for the smart home system, here this paper introduces the pervasive computing based smart home monitoring system’s design that provides secure smart services to users, and demonstrates its implementation using a real time environment.

  19. Activity-based computing: computational management of activities reflecting human intention

    Bardram, Jakob E; Jeuris, Steven; Houben, Steven

    2015-01-01

    An important research topic in artificial intelligence is automatic sensing and inferencing of contextual information, which is used to build computer models of the user’s activity. One approach to build such activity-aware systems is the notion of activity-based computing (ABC). ABC is a computing...

  20. Applying Encryption Algorithm for Data Security and Privacy in Cloud Computing

    Mohit Marwaha

    2013-01-01

    Full Text Available Cloud computing is the next big thing after internet in the field of information technology; some say its a metaphor for internet. It is an Internet-based computing technology, in which software, shared recourses and information, are provided to consumers and devices on-demand, and as per users requirement on a pay per use model. Even though the cloud continues to grow in popularity, Usability and respectability, Problems with data protection and data privacy and other Security issues play a major setback in the field of Cloud Computing. Privacy and security are the key issue for cloud storage. Encryption is a well known technology for protecting sensitive data. Use of the combination of Public and Private key encryption to hide the sensitive data of users, and cipher text retrieval. The paper analyzes the feasibility of the applying encryption algorithm for data security and privacy in cloud Storage.

  1. (Unconditional) Secure Multiparty Computation with Man-in-the-middle Attacks

    Vaya, Shailesh

    2010-01-01

    In secure multi-party computation $n$ parties jointly evaluate an $n$-variate function $f$ in the presence of an adversary which can corrupt up till $t$ parties. Almost all the works that have appeared in the literature so far assume the presence of authenticated channels between the parties. This assumption is far from realistic. Two directions of research have been borne from relaxing this (strong) assumption: (a) The adversary is virtually omnipotent and can control all the communication channels in the network, (b) Only a partially connected topology of authenticated channels is guaranteed and adversary controls a subset of the communication channels in the network. This work introduces a new setting for (unconditional) secure multiparty computation problem which is an interesting intermediate model with respect to the above well studied models from the literature (by sharing a salient feature from both the above models). We consider the problem of (unconditional) secure multi-party computation when 'some...

  2. Operation, Management, Security and Sustainability for Cloud Computing

    WESTPHAL, C. B.

    2014-06-01

    Full Text Available This paper presents some scope, context, proposals and solutions related with the following topics: Decision-Theoretic Planning for Cloud Computing; An Architecture for Risk Analysis in Cloud; Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation; Challenges of Operationalizing PACS on Cloud Over Wireless Networks; Environment, Services and Network Management for Green Clouds; Provisioning and Resource Allocation for Green Clouds; and Optimizing Green Clouds through Legacy Network Infrastructure Management.

  3. Authorization Based Secure Data Transaction in Cloud Computing

    V.Vamsikrishna; P.Boominathan

    2014-01-01

    Analyze in cloud computing be in the receipt of distributed process in transacting database utilize over cloud servers entities work in the evidence of authorization that are given an explanation for collection certified proof of authority. The proof and status it’s corrected and collects over the expended a point of time duration below the threat of process an authority policy of the client confident actuality not available circumstances. In this paper we focus on the felt finding of the pro...

  4. Operation, Management, Security and Sustainability for Cloud Computing

    WESTPHAL, C. B.; WESTPHAL C. M.; Koch, F.L.; GERONIMO, G. A.; Werner, J; Mendes, R. S.

    2014-01-01

    This paper presents some scope, context, proposals and solutions related with the following topics: Decision-Theoretic Planning for Cloud Computing; An Architecture for Risk Analysis in Cloud; Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation; Challenges of Operationalizing PACS on Cloud Over Wireless Networks; Environment, Services and Network Management for Green Clouds; Provisioning and Resource Allocation for Green Clouds; and Optimizing Green Clouds through Legacy ...

  5. Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

    1985-07-01

    The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

  6. Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

    1985-01-01

    The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

  7. 2nd International Doctoral Symposium on Applied Computation and Security Systems

    Cortesi, Agostino; Saeed, Khalid; Chaki, Nabendu

    2016-01-01

    The book contains the extended version of the works that have been presented and discussed in the Second International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2015) held during May 23-25, 2015 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland; Ca’ Foscari University, Venice, Italy and University of Calcutta, India. The book is divided into volumes and presents dissertation works in the areas of Image Processing, Biometrics-based Authentication, Soft Computing, Data Mining, Next Generation Networking and Network Security, Remote Healthcare, Communications, Embedded Systems, Software Engineering and Service Engineering.

  8. Towards securing pervasive computing systems by design: a language approach

    Jakob, Henner

    2011-01-01

    A growing number of environments is being populated with a range of networked devices. Applications leverage these devices to support everyday activities in a variety of areas (e.g., home automation and patient monitoring). As these devices and applications get woven into our everyday activities, they become critical: their failure can put people and assets at risk. Failures can be caused by malicious attacks and misbehaving applications. Although the impact of such situations can be major, s...

  9. Computer Modeling of Radiation Portal Monitors for Homeland Security Applications

    Radiation Portal Monitors (RPMs) are currently being used at our nation's borders to detect potential nuclear threats. At the Pacific Northwest National Laboratory (PNNL), realistic computer models of RPMs are being developed to simulate the screening of vehicles and cargo. Detailed models of the detection equipment, vehicles, cargo containers, cargos, and radioactive sources are being used to determine the optimal configuration of detectors. These models can also be used to support work to optimize alarming algorithms so that they maximize sensitivity for items of interest while minimizing nuisance alarms triggered by legitimate radioactive material in the commerce stream. Proposed next-generation equipment is also being modeled to quantify performance and capability improvements to detect potential nuclear threats. A discussion of the methodology used to perform computer modeling for RPMs will be provided. In addition, the efforts to validate models used to perform these scenario analyses will be described. Finally, areas where improved modeling capability is needed will be discussed as a guide to future development efforts

  10. Computer Security: Join the CERN WhiteHat Challenge!

    Computer Security Team

    2014-01-01

    Over the past couple of months, several CERN users have reported vulnerabilities they have found in computing services and servers running at CERN. All were relevant, many were interesting and a few even surprising. Spotting weaknesses and areas for improvement before malicious people can exploit them is paramount. It helps protect the operation of our accelerators and experiments as well as the reputation of the Organization. Therefore, we would like to express our gratitude to those people for having reported these weaknesses! Great job and well done!   Seizing the opportunity, we would like to reopen the hunt for bugs, vulnerabilities and insecure configurations of CERN applications, websites and devices. You might recall we ran a similar initiative (“Hide & Seek”) in 2012 where we asked you to sift through CERN’s webpages and send us those that hold sensitive and confidential information. Quite a number of juicy documents were found and subsequently remov...

  11. Computer Security: Social Media - Dos and Don’ts

    Computer Security Team

    2014-01-01

    Do you blog frequently? Send tweets about what you've done? Keep a lively Facebook profile? Comment regularly on interactive forums? Many of us do.    "Social media", i.e. Twitter, Facebook, public blogs, interactive forums and public commenting functions on websites, are widely used for sharing information, outreach and contact with the world. While you can make use of social media for many different purposes, the lines between private and public, personal and professional are often blurred. Consequently, it is often difficult to get the balance right. As a social animal, you want to be frank, open and communicative and share your knowledge, experiences, opinions, feelings and life with your peers. On the other hand, while working at or for CERN, you cannot act in the void but have to respect CERN’s Code of Conduct, CERN’s Computing Rules and, for CERN personnel, the Staff Rules and Regulations. Therefore, if your posts include mention ...

  12. Using Virtualization Technique to Increase Security and Reduce Energy Consumption in Cloud Computing

    Hamid Banirostam

    2014-03-01

    Full Text Available An approach has been presented in this paper in order to generate a secure environment on internet Based Virtual Computing platform and also to reduce energy consumption in green cloud computing. The proposed approach constantly checks the accuracy of stored data by means of a central control service inside the network environment and also checks system security through isolating single virtual machines using a common virtual environment. This approach has been simulated on two types of Virtual Machine Manager (VMM Quick EMUlator (Qemu, HVM (Hardware Virtual Machine Xen and outputs of the simulation in VMInsight show that when service is getting singly used, the overhead of its performance will be increased. As a secure system, the proposed approach is able to recognize malicious behaviors and assure service security by means of operational integrity measurement. Moreover, the rate of system efficiency has been evaluated according to the amount of energy consumption on five applications (Defragmentation, Compression, Linux Boot Decompression and Kernel Boot. Therefore, this has been resulted that to secure multi-tenant environment, managers and supervisors should independently install a security monitoring system for each Virtual Machines (VMs which will come up to have the management heavy workload of. While the proposed approach, can respond to all VM’s with just one virtual machine as a supervisor.

  13. End-to-end security in active networks

    I. Brown

    2001-01-01

    Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: t...

  14. EABDS:Attribute-Based Secure Data Sharing with Efficient Revo cation in Cloud Computing

    HUANG Qinlong; MA Zhaofeng; YANG Yixian; FU Jingyi; NIU Xinxin

    2015-01-01

    Ciphertext-policy attribute-based encryp-tion (CP-ABE) is becoming a promising solution to guar-antee data security in cloud computing. In this paper, we present an attribute-based secure data sharing scheme with Efficient revocation (EABDS) in cloud computing. Our scheme first encrypts data with Data encryption key (DEK) using symmetric encryption and then encrypts DEK based on CP-ABE, which guarantees the data con-fidentiality and achieves fine-grained access control. In or-der to solve the key escrow problem in current attribute based data sharing schemes, our scheme adopts additively homomorphic encryption to generate attribute secret keys of users by attribute authority in cooperation with key server, which prevents attribute authority from access-ing the data by generating attribute secret keys alone. Our scheme presents an immediate attribute revocation method that achieves both forward and backward security. The computation overhead of user is also reduced by dele-gating most of the decryption operations to the key server. The security and performance analysis results show that our scheme is more secure and efficient.

  15. A Theory of Secure Mobile Computation with Confined Movement and Communication

    2007-01-01

    An extended πcalculus was introduced to deal with secure movement and intercommunication between agents.The system extends Nomadic-πwith objective migration primitive and confined region which serves as annotation labels of agents and channels.the confined region labels were used to uniquely identify the constraints on the migration and communication of agents,with the labels,the agents could be confined in a secure subsystem the migration and communication of agents,with the labels,the agents could be confined in a secure subsystem and the inter-agent communication could be confined between agents located on trusted sites during computation.The operational semantics for the calculus was given out ,and a type system which enforces security properties called confined migration and confined communication was developed.

  16. Applying Encryption Algorithm for Data Security and Privacy in Cloud Computing

    Mohit Marwaha; Rajeev Bedi

    2013-01-01

    Cloud computing is the next big thing after internet in the field of information technology; some say its a metaphor for internet. It is an Internet-based computing technology, in which software, shared recourses and information, are provided to consumers and devices on-demand, and as per users requirement on a pay per use model. Even though the cloud continues to grow in popularity, Usability and respectability, Problems with data protection and data privacy and other Security issues play a ...

  17. Strong authentication system along with virtual private network: A secure cloud solution for cloud computing

    Randeep Kaur Chhabra; Prof. Ashok Verma

    2012-01-01

    Cloud computing is collaboration of applications and services that run on a distributed environment using virtualized resources and accessed by common internet protocols and networking standards. Due to its feature and availability of its service at low cost it is achieving increased popularity in IT industry. But there are several issues in cloud computing such as security issues, network issues, performance issues, availability etc. which is ruining its growth. As, people store their confid...

  18. Towards Realising Secure and Efficient Image and Video Processing Applications on Quantum Computers

    Abdullah M. Iliyasu

    2013-01-01

    Exploiting the promise of security and efficiency that quantum computing offers, the basic foundations leading to commercial applications for quantum image processing are proposed. Two mathematical frameworks and algorithms to accomplish the watermarking of quantum images, authentication of ownership of already watermarked images and recovery of their unmarked versions on quantum computers are proposed. Encoding the images as 2n-sized normalised Flexible Representation of Quantum Images (FRQI...

  19. Unconditionally Secure Constant-Rounds Multi-party Computation for Equality, Comparison, Bits and Exponentiation

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus; Toft, Tomas;

    2006-01-01

    We show that if a set of players hold shares of a value aFp for some prime p (where the set of shares is written [a] p ), it is possible to compute, in constant rounds and with unconditional security, sharings of the bits of a, i.e., compute sharings [a 0] p , ..., [a ℓ− − 1] p such that ℓ = ⌈ log2...

  20. Computer Security: ransomware - when it is too late...

    Stefan Lueders, Computer Security Team

    2016-01-01

    “Ransomware is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction.    Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying...” (Source: https://en.wikipedia.org/wiki/Ransomware) It is not unusual to see devices falling prey to ransomware. PCs and laptops, in particular those running the Windows operating system, can easily be infected with ransomware if the user is inattentive. For example, if they open an attachment to an unsolicited mail (see some hints to detect bad emails here), or click on the link to a malicious website (see our articles on our clicking campaign). So what can you do if you have already ...

  1. Secure and Dynamic Model for Book Searching on Cloud Computing as Mobile Augmented Reality

    Adeel Rafiq

    2014-01-01

    Full Text Available Availability of internet on different devices like smart phones like android based, IOs based, windows based and PDA etc. has brought into the evolution of mobile cloud computing, which is a vast side of research nowadays. Internet connectivity has become very easy with the evolution of Wi-Fi, everyone can access the internet using wireless connectivity. A major issue in wireless connectivity is the low level of encryption and low security. This might be a security risk for the sensitive data available on the cloud. There are mobile augmented reality systems based on cloud computing, we want to propose a dynamic framework for the security of cloud and live update data on cloud.

  2. SECURITY ISSUES AND CHALLENGES IN MOBILE COMPUTING AND M-COMMERCE

    Krishna Prakash

    2015-05-01

    Full Text Available Mobile computing and Mobile Commerce is most popular now a days because of the service offered during the mobility. Mobile computing has become the reality today rather than the luxury.Mobile wireless market is increasing by leaps and bounds. The quality and speeds available in the mobile environment must match the fixed networks if the convergence of the mobile wireless and fixed communication network is to happen in the real sense. The challenge for mobile network lies in providing very large footprint of mobile services with high speed and security. Online transactions using mobile devices must ensure high security for user credentials and it should not be possible for misuse. M-Commerce is the electronic commerce performed using mobile devices. Since user credentials to be kept secret, a high level of security should be ensured.

  3. Computer Security: Getting a better image from the Organization

    Computer Security Team

    2014-01-01

    Do you make regular presentations about CERN or CERN's activities to the public? Do you manage public webpages hosted by CERN? Do you edit or contribute to CERN publications? Besides plenty of text, every good presentation, webpage or publication is usually spruced up with visual content: graphics, photos or even videos. But have you ever thought about whether you actually have the proper rights to use such imagery?   Just recently, a stock photo agency contacted CERN regarding an image published on a web page currently under CERN's responsibility. According to them, this image had been used without the proper rights and thus violated their copyright. As the web page is from 2007 and as is part of an EU funded project which has since ended, it is hard to check the facts. The image has since been removed to comply with the photo agency's conditions. We should take all the possible steps to avoid receiving similar letters, and to uphold the good image of the Organization...

  4. 78 FR 35295 - Agency Information Collection Activities: Department of Homeland Security (DHS) Cybersecurity...

    2013-06-12

    ... SECURITY Agency Information Collection Activities: Department of Homeland Security (DHS) Cybersecurity...-NEW. SUMMARY: The Department of Homeland Security, Cybersecurity Education Office, will submit the....gov . SUPPLEMENTARY INFORMATION: Title II, Homeland Security Act, 6 U.S.C. 121(d)(1) To...

  5. Data mining technique for a secure electronic payment transaction using MJk-RSA in mobile computing

    G. V., Ramesh Babu; Narayana, G.; Sulaiman, A.; Padmavathamma, M.

    2012-04-01

    Due to the evolution of the Electronic Learning (E-Learning), one can easily get desired information on computer or mobile system connected through Internet. Currently E-Learning materials are easily accessible on the desktop computer system, but in future, most of the information shall also be available on small digital devices like Mobile, PDA, etc. Most of the E-Learning materials are paid and customer has to pay entire amount through credit/debit card system. Therefore, it is very important to study about the security of the credit/debit card numbers. The present paper is an attempt in this direction and a security technique is presented to secure the credit/debit card numbers supplied over the Internet to access the E-Learning materials or any kind of purchase through Internet. A well known method i.e. Data Cube Technique is used to design the security model of the credit/debit card system. The major objective of this paper is to design a practical electronic payment protocol which is the safest and most secured mode of transaction. This technique may reduce fake transactions which are above 20% at the global level.

  6. Dynamic Auditing Protocol for Efficient and Secure Data Storage in Cloud Computing

    J. Noorul Ameen

    2014-06-01

    Full Text Available Cloud computing, where the data has been stored on cloud servers and retrieved by users (data consumers the data from cloud servers. However, there are some security challenges which are in need of independent auditing services to verify the data integrity and safety in the cloud. Until now a numerous methods has been developed for remote integrity checking whichever only serve for static archive data and cannot be implemented to the auditing service if the data in the cloud is being dynamically updated. Therefore, it is expected to design an efficient and secure dynamic auditing protocol to convince the data owners for t he security and integrity of their data. In this paper, we intent to construct an auditing framework for cloud storage systems for efficient privacy-preserving auditing service. Then, our auditing protocol is extended to support the data dynamic operations for secure auditing in the random oracle model. In addition, our auditing protocol is improved to support batch auditing for both multiple owners and multiple clouds without any trusted organizer. Our proposed auditing protocols will be proved for their secure and efficient computation with reduced cost for the auditing.

  7. Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

    Ahmad, Mushtaq

    Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

  8. Performance analysis of a security architecture for active networks in Java

    Alarcos, Bernardo; Hoz, Enrique de la; Sedano, Marifeli; Calderón, María

    2003-01-01

    Active network technology supports the deployment and execution on the fly of new active services, without interrupting the network operation. Active networks are composed of special nodes (named Active Router) that are able to execute active code to offer the active services. This technology introduces some security threats that must be solved using a security architecture. We have developed a security architecture (ROSA) for an active network platform (SARA). Java has been used as pro...

  9. Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

    Buckman, Joel; Gold, Stephanie

    2012-01-01

    This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

  10. Strong authentication system along with virtual private network: A secure cloud solution for cloud computing

    Randeep Kaur Chhabra

    2012-06-01

    Full Text Available Cloud computing is collaboration of applications and services that run on a distributed environment using virtualized resources and accessed by common internet protocols and networking standards. Due to its feature and availability of its service at low cost it is achieving increased popularity in IT industry. But there are several issues in cloud computing such as security issues, network issues, performance issues, availability etc. which is ruining its growth. As, people store their confidential and private data on cloud, issues related to the security of their data is at the top. The user authentication is the key factors of security in cloud. Many of the organizations for authentication still relies on static password authentication technique, but this method is getting old and is becoming less secure. So, there is a requirement for a strong authentication technique. For implementing a strong authentication technique, this paper has proposed a dynamic one-time password technique with two factor authentication scheme in which mobile phones are used as an authentication device. This technique is very robust, secure, multi-factor, dynamic password based authentication scheme. In this technique, mobile phone will run a MIDlet which is responsible to produce one time password which is valid for short period of time. The produced one time password is then used by client to authenticate itself to the cloud. For securely transmitting all the information between client and server, secure socket layer (SSL has been used. All the information is encrypted by AES-256 and sends over the network, along with that client can also use virtual private network for carrying the sensitive information into the cloud. So, this paper focus on the authentication and network issues of the cloud.

  11. Security in Cloud Computing For Service Delivery Models: Challenges and Solutions

    Preeti Barrow

    2016-04-01

    Full Text Available Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with almost no investment in new framework, training new staff, or authorizing new software. Though today everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on different cloud service models and a survey of the different security challenges and issues while providing services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS, IaaS and PaaS of cloud environment. This paper also explores the various security solutions currently being applied to protect cloud from various kinds of intruders

  12. An Efficient and Secure m-IPS Scheme of Mobile Devices for Human-Centric Computing

    Young-Sik Jeong

    2014-01-01

    Full Text Available Recent rapid developments in wireless and mobile IT technologies have led to their application in many real-life areas, such as disasters, home networks, mobile social networks, medical services, industry, schools, and the military. Business/work environments have become wire/wireless, integrated with wireless networks. Although the increase in the use of mobile devices that can use wireless networks increases work efficiency and provides greater convenience, wireless access to networks represents a security threat. Currently, wireless intrusion prevention systems (IPSs are used to prevent wireless security threats. However, these are not an ideal security measure for businesses that utilize mobile devices because they do not take account of temporal-spatial and role information factors. Therefore, in this paper, an efficient and secure mobile-IPS (m-IPS is proposed for businesses utilizing mobile devices in mobile environments for human-centric computing. The m-IPS system incorporates temporal-spatial awareness in human-centric computing with various mobile devices and checks users’ temporal spatial information, profiles, and role information to provide precise access control. And it also can extend application of m-IPS to the Internet of things (IoT, which is one of the important advanced technologies for supporting human-centric computing environment completely, for real ubiquitous field with mobile devices.

  13. Experimental realization of an entanglement access network and secure multi-party computation.

    Chang, X-Y; Deng, D-L; Yuan, X-X; Hou, P-Y; Huang, Y-Y; Duan, L-M

    2016-01-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography. PMID:27404561

  14. Experimental realization of secure multi-party computation in an entanglement access to network

    Chang, X Y; Yuan, X X; Hou, P Y; Huang, Y Y; Duan, L M

    2015-01-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

  15. Experimental realization of an entanglement access network and secure multi-party computation

    Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

    2016-07-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

  16. Simple steps to data encryption a practical guide to secure computing

    Loshin, Peter

    2013-01-01

    Everyone wants privacy and security online, something that most computer users have more or less given up on as far as their personal data is concerned. There is no shortage of good encryption software, and no shortage of books, articles and essays that purport to be about how to use it. Yet there is precious little for ordinary users who want just enough information about encryption to use it safely and securely and appropriately--WITHOUT having to become experts in cryptography. Data encryption is a powerful tool, if used properly. Encryption turns ordinary, readable data into what

  17. Towards Realising Secure and Efficient Image and Video Processing Applications on Quantum Computers

    Abdullah M. Iliyasu

    2013-07-01

    Full Text Available Exploiting the promise of security and efficiency that quantum computing offers, the basic foundations leading to commercial applications for quantum image processing are proposed. Two mathematical frameworks and algorithms to accomplish the watermarking of quantum images, authentication of ownership of already watermarked images and recovery of their unmarked versions on quantum computers are proposed. Encoding the images as 2n-sized normalised Flexible Representation of Quantum Images (FRQI states, with n-qubits and 1-qubit dedicated to capturing the respective information about the colour and position of every pixel in the image respectively, the proposed algorithms utilise the flexibility inherent to the FRQI representation, in order to confine the transformations on an image to any predetermined chromatic or spatial (or a combination of both content of the image as dictated by the watermark embedding, authentication or recovery circuits. Furthermore, by adopting an apt generalisation of the criteria required to realise physical quantum computing hardware, three standalone components that make up the framework to prepare, manipulate and recover the various contents required to represent and produce movies on quantum computers are also proposed. Each of the algorithms and the mathematical foundations for their execution were simulated using classical (i.e., conventional or non-quantum computing resources, and their results were analysed alongside other longstanding classical computing equivalents. The work presented here, combined together with the extensions suggested, provide the basic foundations towards effectuating secure and efficient classical-like image and video processing applications on the quantum-computing framework.

  18. Review of Cloud Computing Security%云安全研究进展综述

    俞能海; 郝卓; 徐甲甲; 张卫明; 张驰

    2013-01-01

    随着云计算在学术界和工业界的兴起,云计算也不可避免的带来了一些安全问题.本文对云计算的安全需求进行了总结,指出云计算不仅在机密性、数据完整性、访问控制和身份认证等传统安全性上存在需求,而且在可信性、配置安全性、虚拟机安全性等方面具有新的安全需求.我们对云计算的两个典型产品Amazon Web Services和Windows Azure的安全状况进行了总结,并阐述了针对云计算的拒绝服务攻击和旁通道攻击.基于云计算的安全需求和面临的攻击,对现有安全机制进行了优缺点分析,系统的总结了现有的安全机制.%With the development of cloud computing in the academia and industry, it is inevitable that many security problems arise.This paper summarizes the security requirements of cloud computing, which not only cover the traditional security requirements like confidentiality,data integrity,access control and identity authentication,but also introduce new security requirements in the credibility,configuration and virtual machinery.We make conclusions about the security situations on two typical cloud computing products: Amazon Web Services and Windows Azure and elaborate two attack mechanisms against cloud computing:Denial of service attack and Side channel attack.Based on the security requirements and attacks against cloud computing, we systematically summarize the current security protection mechanisms and further make a comparison among them.

  19. Crypto Multi Tenant: An Environment of Secure Computing Using Cloud Sql

    Parul Kashyap

    2014-06-01

    Full Text Available Today’s most modern research area of computing is cloud computing due to its ability to diminish the costs associated with virtualization, high availability, dynamic resource pools and increases the efficiency of computing. But still it contains some drawbacks such as privacy, security, etc. This paper is thoroughly focused on the security of data of multi tenant model obtains from the virtualization feature of cloud computing. We use AES-128 bit algorithm and cloud SQL to protect sensitive data before storing in the cloud. When the authorized customer arises for usage of data, then data firstly decrypted after that provides to the customer. Multi tenant infrastructure is supported by Google, which prefers pushing of contents in short iteration cycle. As the customer is distributed and their demands can arise anywhere, anytime so data can’t store at particular site it must be available different sites also. For this faster accessing by different users from different places Google is the best one. To get high reliability and availability data is stored in encrypted before storing in database and updated every time after usage. It is very easy to use without requiring any software. This authenticate user can recover their encrypted and decrypted data, afford efficient and data storage security in the cloud.

  20. The impact of changes in DOE computer security on safeguards systems

    Recent changes in the Department of Energy regulations on classified computer security have introduced a number of significant requirements for automated information systems and networks. These changes are necessary because of changes in computer technology, a reduced level of clearances, and increased personnel access, such as DOE open-quotes Lclose quotes clearances and international inspections, in the facilities. These changes will affect all computer-based systems that process, or are connected to computers that process, classified data. The additional and modified requirements are identified and described. The impact of the requirements on safeguards computer-based systems, such as instruments, database systems, and networks, is reviewed. Some simple examples of typical safeguards systems are discussed with suggestions on how the systems can comply with the requirements

  1. AN ACTIVE MIDDLEWARE FOR SECURE AUTOMATIC RECONFIGURATION OF APPLICATIONS FOR ANDROID DEVICES

    S. Kami Makki

    2014-09-01

    Full Text Available With the prevalence of smart phones and the role they play in the lives of consumers, the demand for high performing mobile computing is apparent. Although smartphones today are feature-rich, they are still resource-scarce; they are limited by their memory, energy, and processing power. These limitations constrain the ability of these devices to perform intensive computational tasks without compromising the consistency of mobile device performance. As such, the development of a dynamic and intelligent mobile middleware solution can ameliorate these constraints through the utilization of surrogate computing methodologies. In this paper, we present an intelligent and active middleware solution for secure automatic reconfiguration of applications for android devices. This middleware offers efficiency and enhances the conservation of resources for these devices.

  2. Energy Efficient Security Preserving VM Live Migration In Data Centers For Cloud Computing

    Korir Sammy

    2012-03-01

    Full Text Available Virtualization is an innovation that has widely been utilized in modern data centers for cloud computing to realize energy-efficient operations of servers. Virtual machine (VM migration brings multiple benefits such as resource distribution and energy aware consolidation. Server consolidation achieves energy efficiency by enabling multiple instances of operating systems to run simultaneously on a single machine. With virtualization, it is possible to consolidate severs through VM live migration. However, migration of virtual machines brings extra energy consumption and serious security concerns that derail full adoption of this technology. In this paper, we propose a secure energy-aware provisioning of cloud computing resources on consolidated and virtualized platforms. Energy efficiency is achieved through just-right dynamic Round-Robin provisioning mechanism and the ability to power down sub-systems of a host system that are not required by VMs mapped to it. We further propose solutions to security challenges faced during VM live migration. We validate our approach by conducting a set of rigorous performance evaluation study using CloudSim toolkit. The experimental results show that our approach achieves reduced energy consumption in data centers while not compromising on security.

  3. Computational Security Analysis of the UMTS and LTE Authentication and Key Agreement Protocols

    Mjølsnes, Stig

    2012-01-01

    One of the forerunners and main candidates for the fourth generation (4G) generation mobile communication system is commonly known under the name Long-Term Evolution (LTE) and its standard is produced and maintained by the international 3rd Generation Partnership Program (3GPP) consortium. The LTE Authentication and Key Agreement (AKA) protocol design is based on the Universal Mobile Telecommunications System (UMTS) AKA protocol, which is widely used today for third generation (3G) wireless networks. The authentication protocols for these mobile network systems will arguably become the most widely used security protocols in the near future. We present a computational security analysis of both the LTE AKA and the UMTS AKA. This work constitutes the first security analysis of LTE AKA to date. Our analysis is based on a computational security model. Moreover, we report on a deficiency in the protocol specifications, and show how this may enable attacks on both LTE AKA and UMTS AKA. The vulnerability can be explo...

  4. Service task partition and distribution in star topology computer grid subject to data security constraints

    The paper considers grid computing systems in which the resource management systems (RMS) can divide service tasks into execution blocks (EBs) and send these blocks to different resources. In order to provide a desired level of service reliability the RMS can assign the same blocks to several independent resources for parallel execution. The data security is a crucial issue in distributed computing that affects the execution policy. By the optimal service task partition into the EBs and their distribution among resources, one can achieve the greatest possible service reliability and/or expected performance subject to data security constraints. The paper suggests an algorithm for solving this optimization problem. The algorithm is based on the universal generating function technique and on the evolutionary optimization approach. Illustrative examples are presented. - Highlights: → Grid service with star topology is considered. → An algorithm for evaluating service reliability and data security is presented. → A tradeoff between the service reliability and data security is analyzed. → A procedure for optimal service task partition and distribution is suggested.

  5. Local encoding of computationally designed enzyme activity

    Allert, Malin; Dwyer, Mary A.; Hellinga, Homme W.

    2006-01-01

    One aim of computational protein design is to introduce novel enzyme activity into proteins of known structure by predicting mutations that stabilize transition states. Previously we have shown that it is possible to introduce triose phosphate isomerase activity into the ribose-binding protein of Escherichia coli by constructing 17 mutations in the first two layers of residues that surround the wild-type ligand-binding site. Here we report that these mutations can be “transplanted” into a hom...

  6. 76 FR 70830 - Proposed Information Collection (Procedures, and Security for Government Financing) Activity...

    2011-11-15

    ... AFFAIRS Proposed Information Collection (Procedures, and Security for Government Financing) Activity... Government Financing. OMB Control Number: 2900-0688. Type of Review: Extension of a currently approved..., Security for Government Financing--10 hours. Estimated Average Burden per Respondent: a. VAAR...

  7. Enhancing Information Security in Cloud Computing Services using SLA based metrics

    , Nia; Mganga, Ramadianti Putri;; Charles, Medard

    2011-01-01

    Context: Cloud computing is a prospering technology that most organizations are considering for adoption as a cost effective strategy for managing IT. However, organizations also still consider the technology to be associated with many business risks that are not yet resolved. Such issues include security, privacy as well as legal and regulatory risks. As an initiative to address such risks, organizations can develop and implement SLA to establish common expectations and goals between the clo...

  8. FendOff encryption software to secure personal information on computers and mobile devices

    Solovyev, Victor; Umarov, Ramzan

    2015-01-01

    The paper describes several original cryptographic cipher modules (VSEM) that are based on using one time pseudorandom pad and pseudorandom transpositions. The VSEM includes 4 modules of encryption that can be applied in combinations. We studied ability of these modules to secure the private data against attacks and their speed of encryption. The VSEM encryption was implemented in Fendoff applications for mobile devices on iOS and Android platforms as well as in computer application running W...

  9. Information Technology Convergence, Secure and Trust Computing, and Data Management ITCS 2012 & STA 2012

    Kim, Jongsung; Zou, Deqing; Lee, Yang

    2012-01-01

    ITCS 2012 and STA 2012 address the various theories and practical applications of information technology convergence, secure and trust computing, and data management in future environments. It will present important results of significant value to solve the application services and various problems within the scope of ITCS 2012 & STA 2012. In addition, we expect it will trigger further related research and technology developments which will improve our lives in the future.

  10. ”AcTrust: A Security Model for Trust Based Computing

    Morali, A.

    2006-01-01

    The role of distributed system in our daily life is getting more and more important. The resources of the cyber world are consumed by peers independent from their physical locations, mobile codes interact with each other and their environment on behalf of people. Grid computing provides potential benefits to applications, but as the responsibilities and the intelligence of such systems increase, security threats that they pose to the applications increases, too. In order to prevent these dist...

  11. Batch Secret Sharing for Secure Multi-party Computation in Asynchronous Network

    HUANG Zheng; GONG Zheng; LI Qiang

    2009-01-01

    This paper proposes an efficient batch secret sharing protocol among n players resilient to t < n/4 players in asynchronous network. The construction of our protocol is along the line of Hirt's protocol which works in synchronous model. Compared with the method of using secret share protocol m times to share m secrets, our protocol is quite efficient. The protocol can be used to improve the efficiency of secure multi-party computation (MPC) greatly in asynchronous network.

  12. On the security of a chaotic encryption scheme: Problems with computerized chaos in finite computing precision

    Li, SJ; Mou, XQ; Cai, YL; Ji, Z.; Zhang, JH

    2003-01-01

    Zhou et al. have proposed a chaotic encryption scheme, which is based on a kind of computerized piecewise linear chaotic map (PWLCM) realized in finite computing precision. In this paper, we point out that Zhou's encryption scheme is not secure enough from strict cryptographic viewpoint. The reason lies in the dynamical degradation of the computerized piecewise linear chaotic map employed by Zhou et al. The dynamical degradation of the computerized chaos induces many weak keys to cause large ...

  13. An Approach to Evaluating Computer Network Security with Intuitionistic Trapezoidal Fuzzy Information

    Ming Xue

    2014-01-01

    We investigate the multiple attribute decision-making problems for evaluating the computer network security with intuitionistic trapezoidal fuzzy information. We utilize the intuitionistic trapezoidal fuzzy weighted average (ITFWA) operator to aggregate the intuitionistic trapezoidal fuzzy information corresponding to each alternative and get the overall value of the alternatives and then rank the alternatives and select the most desirable one(s) according to the distance between the overall ...

  14. Secure Grid-based Computing with Social-Network based Trust Management in the (Semantic) Web

    Špánek, Roman; Tůma, Miroslav

    Wien: Österreichische Computer Gesselschaft, 2006 - (Barolli, L.; Abderazek, B.; Grill, T.; Nguyen, T.; Tjondronegoro, D.), s. 663-667 ISBN 3-85403-216-1. [MoMM2006 & iiWAS2006. Yogyakarta (ID), 04.12.2006-06.12.2006] R&D Projects: GA AV ČR 1ET100300419; GA MŠk 1M0554 Institutional research plan: CEZ:AV0Z10300504 Keywords : security * semantic web * trust * social networks * virtual organizations Subject RIV: IN - Informatics, Computer Science

  15. 分析计算机安全问题%Analysis of Computer Security

    李振美

    2014-01-01

    随着社会经济的不断发展,信息技术也在飞速发展过程中,从计算机的诞生之初到当今的网络信息时代,计算机的应用已渗入到社会的各个行业中,计算机促使了互联网的发展,同时网络给人们的生活、工作和学习等带来了很多乐趣。信息网络在给人们带来便捷的同时也引发了一系列安全问题,如计算机硬件设施安全、软件信息安全、网络黑客、病毒的侵袭等等,计算机可能给我们带来自各个方面的威胁,所以熟知计算机安全所面临的问题,积极探索影响计算机安全运行的防范措施,保护个人的计算机免受威胁,已经成为人们关注重点问题,显得尤为重要。%With the continuous development of social economy, information technology is also in the process of rapid development, from the beginning of the birth of the computer to network information age in nowdey,the application of computer has penetrated into every industry of the society, the computer prompted the development of the Internet, the network to people's life, work and study at the same time, brought a lot of fun. Information network brings convenient also triggered a series of security problems, such as computer hardware security, software, information security, network hacker, virus attacks and so on.The computer may bring us from the threat of various aspects, so learning computer security problems, exploring measures to prevent affecting the safe operation of the computer, protect personal computer from threat, has become the key problem, especially important.

  16. Ensuring Data Security And Privacy In Cloud Computing Through Transparency as Service Model

    Afzaal Ahmad

    2014-09-01

    Full Text Available Cloud Computing is hot technology in computer world today. Its getting popular because its inexpensive, provides on demand access when and where needed. It also removes technical staff requirements for maintaining the infrastructure because that is done on the provider side thus significantly reducing organizational costs. It also provides opportunity for scientists to use powerful computing resources for research purposes which are very expensive on rent bases which they normally would not have been able to use due to cost factors.But with these features it has certain problems that discredit the service one of major problems is Data Security and Privacy.Since the only party that has physical access to data storage is provider and to keep track of where data is stored for certain users the providers keep meta-data in their own databases it creates a security and data privacy issue.If meta-data is compromised than unauthorized access to user data is possible.This paper proposes a Transparency Service Model to insure security and privacy of the user data.

  17. Embedding Computer Activities into the Context of Preschools

    Morgado, Leonel; Cristóvão-Morgado, Rosa; Bulas Cruz, Maria Gabriel; Kahn, Ken

    2005-01-01

    Computer activities are all too often employed in preschool (and kindergarten) activity rooms with little regard for what is going on beyond the computer. Consequently, in those circumstances computer time is lacking appropriate context that could help link computer activities with the educational themes surrounding non-computer activities. Providing technical computer training to preschool and kindergarten teachers is often not sufficient to originate activities that embed that context beyon...

  18. A Secure Mathematical Computation Protocol%安全网络数学计算协议

    林东岱; 宋志敏; 等

    2002-01-01

    The Internet Accessible Mathematical Computation (IAMC) framework makes supplying/accessing mathematical computation easy on the Internet/Web.In this paper ,the vulnerabilities of the current IAMC framework is discussed.A scheme for incorporating SSL/TLS protocol into the current Mathematical Computation Protocol is presented. The resulting secure Mathematical Computation Protocol can then provide crypto-graphic authentications,data privacy and integrity.%讨论了网络数学计算框架IAMC的安全性问题,给出了一个用安全协议SSL/TLS提高数学计算协议MCP安全性的实现方案.改进后的网络数学计算框架可有效地提供计算数据的机密性、完整性和用户认证等安全功能.

  19. Supporting Human Activities - Exploring Activity-Centered Computing

    Christensen, Henrik Bærbak; Bardram, Jakob

    2002-01-01

    -hoc collaboration based on shared material, and organized in terms of well-defined, recurring, work activities. We propose that this kind of work can be supported by a pervasive computing infrastructure together with domain-specific services, both designed from a perspective where work activities are first class......In this paper we explore an activity-centered computing paradigm that is aimed at supporting work processes that are radically different from the ones known from office work. Our main inspiration is healthcare work that is characterized by an extreme degree of mobility, many interruptions, ad...

  20. Autonomous Micro-Modular Mobile Data Center Cloud Computing Study for Modeling, Simulation, Information Processing and Cyber-Security Viability Project

    National Aeronautics and Space Administration — Cloud computing security penetration testing and anomaly detection defense studies were conducted to assess the adequacy of cloud computing security.  Since...

  1. Security

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  2. Secure Selection of Multiple Resources Based on Virtual Private Network for Computational Grids

    G. Kavitha

    2011-01-01

    Full Text Available Problem statement: Grid computing provides a virtual framework for controlled sharing of resources across institutional boundaries. In computational grids, a client application is executed on the available set of resources that satisfy the user QoS requirements. Some applications require exhaustive computation power for execution of its tasks. In general, these tasks are assigned to a single available resource on the grid that has the required computation power. Therefore, the client application waits indefinitely until a suitable resource is found. Approach: In this study a novel multiple resource selection strategy is presented, which selects multiple resources based on trust and QoS parameters and the tasks are mapped to the appropriate resources for parallel execution. Selection of resources is based on the trust value of the resource, the available computation power at the time of job submission, the speed of the connectivity link, the time deadline and the budget constraints. The proposed method performs task grouping and selects the optimum number of resources for task execution. The tasks are executed in parallel among the multiple resources and the results are aggregated and transferred to the client within the specified time deadline. Security for the user tasks is strengthened by creating a Virtual Private Network (VPN to the selected resources and tasks are further mapped to the resources through the secured VPN channel. Results: Simulations results show that there is a significant improvement in the overall resource utilization of the grid with a high success rate of jobs and reduction in the total execution time of submitted jobs. Conclusion: The tasks are scheduled to available multiple resources with VPN security. As optimum number of resources is selected for parallel execution, the resources are utilized to a maximum and there is a reduction in the percentage of pending jobs on the grid.

  3. Basic legal provisions concerning the activities of industrial security personnel

    The author confines himself to sabotage and espionage. Necessary counter-measures are determined by the respective type of activities. Sect. 618 of the German Civil Code and Sect. 120 a of the Industrial Code give basic legal provisions for the protection of industrial personnel. The legal position held by owner or occupant forms the legal basis for 'vulnerable point protection'. The owner's rights are assigned to the industrial police and are exercised in correspondence with the service or employment contract set up according to Sect. 611 and the following sections of the German Civil Code. Outside guards work according to the performance contract given int the Sections 675, 611, 631 of the German Civil Code. The security personnel has the common right of self-help: self-defence, civil rights concerning the state of national emergency and self-defence under criminal law, rights derived from ownership and property. The author critically argues views held by Mr. Hoffmann-Riem who thinks that police powers have been assigned to private persons. He definitely answers in the negative to the execution of, or encroachment on, sovereign (police) powers by industrial security personnel. A special legal regulation is not necessary, since private protection in form of professional selfdefence is admissible under the law in force. (HSCH)

  4. Basic legal provisions concerning the activities of industrial security personnel

    Eberstein, H.H.

    1980-06-20

    The author confines himself to sabotage and espionage. Necessary counter-measures are determined by the respective type of activities. Sect. 618 of the German Civil Code and Sect. 120 a of the Industrial Code give basic legal provisions for the protection of industrial personnel. The legal position held by owner or occupant forms the legal basis for 'vulnerable point protection'. The owner's rights are assigned to the industrial police and are exercised in correspondence with the service or employment contract set up according to Sect. 611 and the following sections of the German Civil Code. Outside guards work according to the performance contract given int the Sections 675, 611, 631 of the German Civil Code. The security personnel has the common right of self-help: self-defence, civil rights concerning the state of national emergency and self-defence under criminal law, rights derived from ownership and property. The author critically argues views held by Mr. Hoffmann-Riem who thinks that police powers have been assigned to private persons. He definitely answers in the negative to the execution of, or encroachment on, sovereign (police) powers by industrial security personnel. A special legal regulation is not necessary, since private protection in form of professional selfdefence is admissible under the law in force.

  5. Proceedings from the conference on high speed computing: High speed computing and national security

    Hirons, K.P.; Vigil, M.; Carlson, R. [comps.

    1997-07-01

    This meeting covered the following topics: technologies/national needs/policies: past, present and future; information warfare; crisis management/massive data systems; risk assessment/vulnerabilities; Internet law/privacy and rights of society; challenges to effective ASCI programmatic use of 100 TFLOPs systems; and new computing technologies.

  6. Information security management handbook

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  7. Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques

    Bhadauria, Rohit

    2012-01-01

    Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow multi-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data-centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to...

  8. Framework for generating expert systems to perform computer security risk analysis

    At Los Alamos we are developing a framework to generate knowledge-based expert systems for performing automated risk analyses upon a subject system. The expert system is a computer program that models experts' knowledge about a topic, including facts, assumptions, insights, and decision rationale. The subject system, defined as the collection of information, procedures, devices, and real property upon which the risk analysis is to be performed, is a member of the class of systems that have three identifying characteristics: a set of desirable assets (or targets), a set of adversaries (or threats) desiring to obtain or to do harm to the assets, and a set of protective mechanisms to safeguard the assets from the adversaries. Risk analysis evaluates both vulnerability to and the impact of successful threats against the targets by determining the overall effectiveness of the subject system safeguards, identifying vulnerabilities in that set of safeguards, and determining cost-effective improvements to the safeguards. As a testbed, we evaluate the inherent vulnerabilities and risks in a system of computer security safeguards. The method considers safeguards protecting four generic targets (physical plant of the computer installation, its hardware, its software, and its documents and displays) against three generic threats (natural hazards, direct human actions requiring the presence of the adversary, and indirect human actions wherein the adversary is not on the premises-perhaps using such access tools as wiretaps, dialup lines, and so forth). Our automated procedure to assess the effectiveness of computer security safeguards differs from traditional risk analysis methods

  9. Comment on ''Secure multiparty computation with a dishonest majority via quantum means''

    Li Yanbing [State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876 (China); Beijing Electronic Science and Technology Institute, Beijing 100070 (China); Wen Qiaoyan; Qin Sujuan [State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876 (China)

    2011-07-15

    In a recent paper [K. Loukopoulos and D. E. Browne, Phys. Rev. A 81, 062336 (2010)], five schemes for secure multiparty computation utilizing the Greenberger-Horne-Zeilinger (GHZ) quantum correlation were presented, which were claimed to be secure in some kinds of security models. However, this study points out that schemes C and D2 could be attacked by corrupted parties replacing photon and exchanging classical information.

  10. Security and Integrity of Data in Cloud Computing Based on Feature Extraction of Handwriting Signature

    Ali A. Yassin

    2015-05-01

    Full Text Available Cloud Computing gains users to store their data into the cloud as the remotest manner so that they can be comforted from the trouble of local data save and maintenance. The user loses the control of his remotely located data. This feature has many security challenges such as the authority and integrity of data. One of the significant concerns that require to be addressed is to assure the user of the integrity i.e. rightness of his data in the cloud. Continuously, the user cannot access to cloud’s data directly. So, the cloud must provide a technique for the user to ensure if the integrity of his data is protected or is compromised. In this paper, we propose the use of encrypted data integrity by presenting the feature extraction of handwriting signature in a modern encryption scheme that preserves the integrity of data in cloud server. Any prohibited data modification, removal, or addition can be detected by cloud user. Additionally, our proposed scheme presents a proof of data integrity in the cloud which the user can know the truth of his data in the cloud server. We employ user’s handwritten signature to secure and integrate his data in cloud server. Extensive security and performance analyses view that our proposed scheme has highly efficient and provably secure. In addition, the performance time decreases and the compensation ratio of data integrity is increases.

  11. Unconditionally secure computers and hardware, such as memories, processors, and hard drives

    Kish, Laszlo B

    2008-01-01

    In the case of the need of extraordinary security, Kirchhoff-loop-Johnson-(like)-noise ciphers can easily be integrated on existing types of digital chips in order to provide secure data communication between hardware processors, memory chips, hard disks and other units within a computer or other data processor system. The secure key exchange can take place at the very first run and the system can renew the key later at random times with an authenticated fashion to prohibit man-in-the-middle attack. The key can be stored in flash memories within the communicating chip units at hidden random addresses among other random bits that are continuously generated by the secure line but are never actually used. Thus, even if the system is disassembled, and the eavesdropper can have direct access to the communication lines between the units, or even if she is trying to use a man-in-the-middle attack, no information can be extracted. The only way to break the code is to learn the chip structure, to understand the machin...

  12. 77 FR 3843 - Agency Information Collection (Procedures, and Security for Government Financing) Activities...

    2012-01-25

    ... AFFAIRS Agency Information Collection (Procedures, and Security for Government Financing) Activities Under..., Security for Government Financing. OMB Control Number: 2900-0688. Type of Review: Extension of a currently.... b. VAAR 832.202-4, Security for Government Financing--10 hours. Estimated Average Burden...

  13. 78 FR 57643 - Agency Information Collection Activities: Department of Homeland Security (DHS) Cybersecurity...

    2013-09-19

    ... SECURITY Agency Information Collection Activities: Department of Homeland Security (DHS) Cybersecurity... FR 35295, for a 60-day public comment period. No comments were received by DHS. The purpose of this....: Michael Wigal, dhs.pra@hq.dhs.gov . SUPPLEMENTARY INFORMATION: Title II, Homeland Security Act, 6...

  14. Computational Models for Analysis of Illicit Activities

    Nizamani, Sarwat

    devise policies to minimize them. These activities include cybercrimes, terrorist attacks or violent actions in response to certain world issues. Beside such activities, there are several other related activities worth analyzing, for which computational models have been presented in this thesis....... These models include a model for analyzing evolution of terrorist networks; a text classification model for detecting suspicious text and identification of suspected authors of anonymous emails; and a semantic analysis model for news reports, which may help analyze the illicit activities in certain area...... with location and temporal information. For the network evolution, the hierarchical agglomerative clustering approach has been applied to terrorist networks as case studies. The networks' evolutions show that how individual actors who are initially isolated from each other are converted in small groups, which...

  15. Computer based integral gamma activity measurement system

    PC based Integral Gamma Activity measurement system has been developed for measuring the gross gamma activity. The Integral system comprises of the Ion chamber, electrometer amplifier and data acquisition system. This system is used for measuring the activity and also for recording of the decay characteristics. A windows based computer program has been developed for data acquisition and storage during the experiment. The system records the detector current output in the range of 10 pA to 10 nA. The measured current was converted into pre-calibrated gross gamma activity which was used for estimating the power distribution within the reactor core. The paper describes development of the system including the experiment results. (author)

  16. Cryptanalysis and security enhancement of optical cryptography based on computational ghost imaging

    Yuan, Sheng; Yao, Jianbin; Liu, Xuemei; Zhou, Xin; Li, Zhongyang

    2016-04-01

    Optical cryptography based on computational ghost imaging (CGI) has attracted much attention of researchers because it encrypts plaintext into a random intensity vector rather than complexed-valued function. This promising feature of the CGI-based cryptography reduces the amount of data to be transmitted and stored and therefore brings convenience in practice. However, we find that this cryptography is vulnerable to chosen-plaintext attack because of the linear relationship between the input and output of the encryption system, and three feasible strategies are proposed to break it in this paper. Even though a large number of plaintexts need to be chosen in these attack methods, it means that this cryptography still exists security risks. To avoid these attacks, a security enhancement method utilizing an invertible matrix modulation is further discussed and the feasibility is verified by numerical simulations.

  17. Darwin inside the machines: Malware evolution and the consequences for computer security

    Iliopoulos, D; Szor, P

    2011-01-01

    Recent advances in anti-malware technologies have steered the security industry away from maintaining vast signature databases and into newer defence technologies such as behaviour blocking, application whitelisting and others. Most would agree that the reasoning behind this is to keep up with the arms race established between malware writers and the security community almost three decades ago. Still, malware writers have not as yet created new paradigms. Indeed, malicious code development is still largely limited to code pattern changes utilizing polymorphic and metamorphic engines, as well as executable packer and wrapper technologies. Each new malware instance retains the exact same core functionality as its ancestor and only alters the way it looks. What if, instead, malware were able to change its function or behaviour autonomously? What if, in the absence of human intervention, computer viruses resembled biological viruses in their ability to adapt to new defence technologies as soon as they came into e...

  18. Human factors in Coast Guard Computer Security - an analysis of current awareness and potential techniques to improve security program viability

    Whalen, Timothy J.

    2001-01-01

    The Coast Guard is becoming increasingly reliant upon our nation's information infrastructure. As such, our ability to ensure the security of those systems is also increasing in import. Traditional information security measures tend to be system-oriented and often fail to address the human element that is critical to system success. In order to ensure information system security, both system and human factors requirements must be addressed. This thesis attempts to identify both the suscep...

  19. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

    Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239

  20. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm.

    Abdulhamid, Shafi'i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239