WorldWideScience

Sample records for active computing security

  1. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  2. A New Approach to Practical Active-Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio

    2012-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao’s garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce...

  3. A New Approach to Practical Active-Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio

    2011-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao's garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce...

  4. Security in Computer Applications

    CERN Document Server

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  5. Cognitive Computing for Security.

    Energy Technology Data Exchange (ETDEWEB)

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  6. Computer Security Handbook

    CERN Document Server

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  7. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  8. Secure cloud computing

    CERN Document Server

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  9. CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    DANISH JAMIL,

    2011-04-01

    Full Text Available It is no secret that cloud computing is becoming more and more popular today and is ever increasing inpopularity with large companies as they share valuable resources in a cost effective way. Due to this increasingdemand for more clouds there is an ever growing threat of security becoming a major issue. This paper shalllook at ways in which security threats can be a danger to cloud computing and how they can be avoided.

  10. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  11. CLOUD COMPUTING AND SECURITY

    Directory of Open Access Journals (Sweden)

    Asharani Shinde

    2015-10-01

    Full Text Available This document gives an insight into Cloud Computing giving an overview of key features as well as the detail study of exact working of Cloud computing. Cloud Computing lets you access all your application and documents from anywhere in the world, freeing you from the confines of the desktop thus making it easier for group members in different locations to collaborate. Certainly cloud computing can bring about strategic, transformational and even revolutionary benefits fundamental to future enterprise computing but it also offers immediate and pragmatic opportunities to improve efficiencies today while cost effectively and systematically setting the stage for the strategic change. As this technology makes the computing, sharing, networking easy and interesting, we should think about the security and privacy of information too. Thus the key points we are going to be discussed are what is cloud, what are its key features, current applications, future status and the security issues and the possible solutions.

  12. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  13. Security Dynamics of Cloud Computing

    OpenAIRE

    Khaled M. Khan

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  14. New computer security campaign

    CERN Multimedia

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  15. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  16. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  17. Computer Security Day

    CERN Multimedia

    CERN Bulletin

    2010-01-01

      Viruses, phishing, malware and cyber-criminals can all threaten your computer and your data, even at CERN! Experts will share their experience with you and offer solutions to keep your computer secure. Thursday, 10 June 2010, 9.30, Council Chamber Make a note in your diary! Presentations in French and English: How do hackers break into your computer? Quels sont les enjeux et conséquences des attaques informatiques contre le CERN ? How so criminals steal your money on the Internet? Comment utiliser votre ordinateur de manière sécurisée ? and a quiz: test your knowledge and win one of the many prizes that will be on offer! For more information and to follow the day's events via a live webcast go to: http://cern.ch/SecDay.  

  18. CLOUD COMPUTING SECURITY ISSUES

    Directory of Open Access Journals (Sweden)

    Florin OGIGAU-NEAMTIU

    2012-01-01

    Full Text Available The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality is that cloud computing has simplified some technical aspects of building computer systems, but the myriad challenges facing IT environment still remain. Organizations which consider adopting cloud based services must also understand the many major problems of information policy, including issues of privacy, security, reliability, access, and regulation. The goal of this article is to identify the main security issues and to draw the attention of both decision makers and users to the potential risks of moving data into “the cloud”.

  19. CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    Ştefan IOVAN

    2016-05-01

    Full Text Available Cloud computing reprentes the software applications offered as a service online, but also the software and hardware components from the data center.In the case of wide offerd services for any type of client, we are dealing with a public cloud. In the other case, in wich a cloud is exclusively available for an organization and is not available to the open public, this is consider a private cloud [1]. There is also a third type, called hibrid in which case an user or an organization might use both services available in the public and private cloud. One of the main challenges of cloud computing are to build the trust and ofer information privacy in every aspect of service offerd by cloud computingle. The variety of existing standards, just like the lack of clarity in sustenability certificationis not a real help in building trust. Also appear some questions marks regarding the efficiency of traditionsecurity means that are applied in the cloud domain. Beside the economic and technology advantages offered by cloud, also are some advantages in security area if the information is migrated to cloud. Shared resources available in cloud includes the survey, use of the "best practices" and technology for advance security level, above all the solutions offered by the majority of medium and small businesses, big companies and even some guvermental organizations [2].

  20. New computer security measures

    CERN Multimedia

    IT Department

    2008-01-01

    As a part of the long-term strategy to improve computer security at CERN, and especially given the attention focused to CERN by the start-up of the LHC, two additional security measures concerning DNS and Tor will shortly be introduced. These are described in the following texts and will affect only a small number of users. "PHISHING" ATTACKS CONTINUE CERN computer users continue to be subjected to attacks by people trying to infect our machines and obtain passwords and other confidential information by social engineering trickery. Recent examples include an e-mail message sent from "La Poste" entitled "Colis Postal" on 21 August, a fake mail sent from web and mail services on 8 September, and an e-mail purporting to come from Hallmark Cards announcing the arrival of an electronic postcard. However, there are many other examples and there are reports of compromised mail accounts being used for more realistic site-specific phishing attempts. Given the increased publicity rela...

  1. Mobile security and trusted computing

    OpenAIRE

    Mitchell, Chris J.

    2006-01-01

    Some of the most significant security issues arising in the context of ubiquitous mobile computing are reviewed. Emerging technologies which may be able to help overcome these security problems are also described; in particular we consider methods for secure 'imprinting' of mobile devices, techniques proposed for establishing trust between devices with no prior relationship, and finally the relevence of trusted computing technology to mobile security issues.

  2. Visualization Tools for Teaching Computer Security

    Science.gov (United States)

    Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

    2010-01-01

    Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

  3. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  4. Secure computing on reconfigurable systems

    NARCIS (Netherlands)

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the a

  5. Scalable and Unconditionally Secure Multiparty Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus

    2007-01-01

    We present a multiparty computation protocol that is unconditionally secure against adaptive and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+poly(nk), where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of the elements of the field...... over which the computation is carried out, D is the multiplicative depth of the circuit, and κ is the security parameter. The corruption threshold is t security the corruption threshold is t secure......, the protocol has so called everlasting security....

  6. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  7. Security Architecture of Cloud Computing

    Directory of Open Access Journals (Sweden)

    V.KRISHNA REDDY

    2011-09-01

    Full Text Available The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages on the data security of service consumers. This paper aims to emphasize the main security issues existing in cloud computing environments. The security issues at various levels of cloud computing environment is identified in this paper and categorized based on cloud computing architecture. This paper focuses on the usage of Cloud services and security issues to build these cross-domain Internet-connected collaborations.

  8. Los Alamos Center for Computer Security formal computer security model

    Energy Technology Data Exchange (ETDEWEB)

    Dreicer, J.S.; Hunteman, W.J.; Markin, J.T.

    1989-01-01

    This paper provides a brief presentation of the formal computer security model currently being developed at the Los Alamos Department of Energy (DOE) Center for Computer Security (CCS). The need to test and verify DOE computer security policy implementation first motivated this effort. The actual analytical model was a result of the integration of current research in computer security and previous modeling and research experiences. The model is being developed to define a generic view of the computer and network security domains, to provide a theoretical basis for the design of a security model, and to address the limitations of present formal mathematical models for computer security. The fundamental objective of computer security is to prevent the unauthorized and unaccountable access to a system. The inherent vulnerabilities of computer systems result in various threats from unauthorized access. The foundation of the Los Alamos DOE CCS model is a series of functionally dependent probability equations, relations, and expressions. The model is undergoing continued discrimination and evolution. We expect to apply the model to the discipline of the Bell and LaPadula abstract sets of objects and subjects. 6 refs.

  9. Reminder: Mandatory Computer Security Course

    CERN Multimedia

    IT Department

    2011-01-01

    Just like any other organization, CERN is permanently under attack – even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Therefore, a new dedicated basic computer security course has been designed informing you about the “Do’s” and “Dont’s” when using CERN's computing facilities. This course is mandatory for all person owning a CERN computer account and must be followed once every three years. Users who have never done the course, or whose course needs to be renewe...

  10. New Mandatory Computer Security Course

    CERN Multimedia

    CERN Bulletin

    2010-01-01

    Just like any other organization, CERN is permanently under attack - even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Since 2007, newcomers have to follow a dedicated basic computer security course informing them about the “Do’s” and “Dont’s” when using CERNs computing facilities. This course has recently been redesigned. It is now mandatory for all CERN members (users and staff) owning a CERN computer account and must be followed once every three years. Members who...

  11. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  12. Security Problems in Cloud Computing

    OpenAIRE

    Rola Motawie; Mahmoud M. El-Khouly; Samir Abou El-Seoud

    2016-01-01

    Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sh...

  13. Security and policy driven computing

    CERN Document Server

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  14. Security Problems in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Rola Motawie

    2016-12-01

    Full Text Available Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sharing, multi-tenancy, and outsourcing, create new challenges for the security community. In this work, we provide a comparable study of cloud computing privacy and security concerns. We identify and classify known security threats, cloud vulnerabilities, and attacks.

  15. Computer and information security handbook

    CERN Document Server

    Vacca, John R

    2012-01-01

    The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

  16. Tools for Computer Security

    CERN Document Server

    Lecoeuche, Denis

    2015-01-01

    This report describes several scripts developed in order to facilitate and automate security-related tests and tasks for the CMS Group at CERN. They will be integrated in the release cycle of specific web services.

  17. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  18. Cloud computing security.

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Dongwan; Claycomb, William R.; Urias, Vincent E.

    2010-10-01

    Cloud computing is a paradigm rapidly being embraced by government and industry as a solution for cost-savings, scalability, and collaboration. While a multitude of applications and services are available commercially for cloud-based solutions, research in this area has yet to fully embrace the full spectrum of potential challenges facing cloud computing. This tutorial aims to provide researchers with a fundamental understanding of cloud computing, with the goals of identifying a broad range of potential research topics, and inspiring a new surge in research to address current issues. We will also discuss real implementations of research-oriented cloud computing systems for both academia and government, including configuration options, hardware issues, challenges, and solutions.

  19. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  20. Computer Security: professionalism in security, too

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  1. Change of Computer Security Officer

    CERN Multimedia

    IT Department

    2008-01-01

    After many years of successfully protecting the CERN site in her role as Computer Security Officer (CSO), Denise Heagerty is being assigned to a new role within the IT Department. David Myers has been appointed to the position of CSO for one year from 1st September. W. von Rüden, IT Department Head

  2. Safeguards technology and computer security training

    Energy Technology Data Exchange (ETDEWEB)

    Hunteman, W.J.; Zack, N.R.

    1992-01-01

    The Los Alamos National Laboratory Safeguards Systems Group provides a variety of training services to the federal government and its contractors. The US Department of Energy sponsors a Safeguards Technology Training Program at Los Alamos in which seminars are offered concerning materials accounting for nuclear safeguards, measurement control for materials accounting, and variance propagation and systems analysis. These seminars provide guidance and techniques for accounting for nuclear material, developing and quantifying quality nuclear material measurements, and assessing overall accounting system performance. The Safeguards Systems Group also provides training in computer and data security applications; i.e., a workshop and the Los Alamos Vulnerability/Risk Assessment System (LAVA), computer system security officer training, and nuclear material safeguards for managers training, which are available on request. This paper describes the purpose, content, and expected benefits of the training activities that can be applied at nuclear materials facilities or where there are computer and/or data security concerns.

  3. Safeguards technology and computer security training

    Energy Technology Data Exchange (ETDEWEB)

    Hunteman, W.J.; Zack, N.R.

    1992-09-01

    The Los Alamos National Laboratory Safeguards Systems Group provides a variety of training services to the federal government and its contractors. The US Department of Energy sponsors a Safeguards Technology Training Program at Los Alamos in which seminars are offered concerning materials accounting for nuclear safeguards, measurement control for materials accounting, and variance propagation and systems analysis. These seminars provide guidance and techniques for accounting for nuclear material, developing and quantifying quality nuclear material measurements, and assessing overall accounting system performance. The Safeguards Systems Group also provides training in computer and data security applications; i.e., a workshop and the Los Alamos Vulnerability/Risk Assessment System (LAVA), computer system security officer training, and nuclear material safeguards for managers training, which are available on request. This paper describes the purpose, content, and expected benefits of the training activities that can be applied at nuclear materials facilities or where there are computer and/or data security concerns.

  4. LEGO for Two-Party Secure Computation

    DEFF Research Database (Denmark)

    Nielsen, Jesper Buus; Orlandi, Claudio

    2009-01-01

    This paper continues the recent line of work of making Yao’s garbled circuit approach to two-party computation secure against an active adversary. We propose a new cut-and-choose based approach called LEGO (Large Efficient Garbled-circuit Optimization): It is specifically aimed at large circuits...

  5. Secure multiparty computation goes live

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Christensen, Dan Lund; Damgård, Ivan Bjerre

    2009-01-01

    Commision. Tomas Toft’s work was partially performed at Aarhus University. In Holland, he was supported by the research program Sentinels, financed by Technology Foundation STW, the Netherlands Organization for Scientific Research (NWO), and the Dutch Ministry of Economic Affairs.......In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used. This work was supported by the Danish Strategic Research Council and the European...

  6. The importance of trust in computer security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2014-01-01

    The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent...

  7. About Security Solutions in Fog Computing

    Directory of Open Access Journals (Sweden)

    Eugen Petac

    2016-01-01

    Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

  8. The importance of trust in computer security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2014-01-01

    The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent...... and well informed about the security policies. Over the past two decades, however, computing has proliferated into all aspects of modern society and the spread of malicious software (malware) like worms, viruses and botnets have become an increasing threat. This development indicates a failure in some...... of the fundamental assumptions that underpin existing computer security technologies and that a new view of computer security is long overdue. In this paper, we examine traditionalmodels, policies and mechanisms of computer security in order to identify areas where the fundamental assumptions may fail. In particular...

  9. Cloud Security A Comprehensive Guide to Secure Cloud Computing

    CERN Document Server

    Krutz, Ronald L

    2010-01-01

    Well-known security experts decipher the most challenging aspect of cloud computing-security. Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable book tackles the most common security challenges that cloud computing faces. The authors offer you years of unpa

  10. Security Management Model in Cloud Computing Environment

    OpenAIRE

    2016-01-01

    In the cloud computing environment, cloud virtual machine (VM) will be more and more the number of virtual machine security and management faced giant Challenge. In order to address security issues cloud computing virtualization environment, this paper presents a virtual machine based on efficient and dynamic deployment VM security management model state migration and scheduling, study of which virtual machine security architecture, based on AHP (Analytic Hierarchy Process) virtual machine de...

  11. Managing Security in Advanced Computational Infrastructure

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    Proposed by Education Ministry of China, Advanced Computational Infrastructure (ACI) aims at sharing geographically distributed high-performance computing and huge-capacity data resource among the universities of China. With the fast development of large-scale applications in ACI, the security requirements become more and more urgent. The special security needs in ACI is first analyzed in this paper, and security management system based on ACI is presented. Finally, the realization of security management system is discussed.

  12. Computer Security: drive-bye

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Like a lion waiting to ambush gazelles at a waterhole, malware can catch you by surprise.    As some of you might have noticed, the Computer Security Team had to block the news site “20min.ch” a while ago, as it was found to be distributing malware. This block comes after similar incidents at other Swiss organizations. Our blocking is protective in order to safeguard your computers, laptops, tablets and smartphones. Unfortunately, this is not the first time we have seen these so-called drive-by/waterhole attacks: once you have visited an affected website, embedded third-party malicious code is downloaded to your computer and subsequently infects it (if running Windows or Android as well as, less likely, Mac operating systems). Hence the name “drive-by”. As “20min.ch” is a very frequented website among CERN staff members and users, it makes it a perfect source for attacks against CERN (or other Geneva-based organisations): inste...

  13. Computer Security: SAHARA - Security As High As Reasonably Achievable

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  14. A Computer Security Course in the Undergraduate Computer Science Curriculum.

    Science.gov (United States)

    Spillman, Richard

    1992-01-01

    Discusses the importance of computer security and considers criminal, national security, and personal privacy threats posed by security breakdown. Several examples are given, including incidents involving computer viruses. Objectives, content, instructional strategies, resources, and a sample examination for an experimental undergraduate computer…

  15. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  16. Discussion on the Hospital Computer Security Active Defense Technology%医院计算机安全主动防御技术探讨

    Institute of Scientific and Technical Information of China (English)

    彭利华

    2014-01-01

    With the development of computer network technology, it has been widely used in hospitals, especial y with the arrival of the era of big data, the hospital computer management and ef ective implementation of the network management of patient information, treatment of case data, has become an important part of hospital information, but facing the hospital computer security issues have become increasingly prominent. In this paper, a detailed analysis of the relevant factors of hospital computer security, at the same time, the model of computer security active defense, and in-depth analysis of the architecture of computer security active defense technology, so as to bet er use the computer, computer use perception.%随着计算机网络技术的发展,其在医院得到了广泛地应用,尤其是随着大数据时代的到来,医院计算机网络的使用有效地实现了患者信息、治疗案例等数据的联网管理,已经成为医院信息化的重要组成部分,但是医院计算机网络安全面临的问题日益突出。本文分析了医院计算机网络安全的相关因素,阐述了计算机网络安全主动防御模型,同时深入地分析了计算机网络安全主动防御技术的体系架构,以便人们更好地使用计算机,提升计算机使用的感知度。

  17. Securing the Cloud Cloud Computer Security Techniques and Tactics

    CERN Document Server

    Winkler, Vic (JR)

    2011-01-01

    As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

  18. OT-Combiners Via Secure Computation

    DEFF Research Database (Denmark)

    Harnik, Danny; Ishai, Yuval; Kushilevitz, Eyal

    2008-01-01

    An OT-combiner implements a secure oblivious transfer (OT) protocol using oracle access to n OT-candidates of which at most t may be faulty. We introduce a new general approach for combining OTs by making a simple and modular use of protocols for secure computation. Specifically, we obtain an OT......, in a network consisting of a single OT-channel. Our approach applies both to the “semi-honest” and the “malicious” models of secure computation, yielding the corresponding types of OT-combiners. Instantiating our general approach with secure computation protocols from the literature, we conceptually simplify......-combiner from any instantiation of the following two ingredients: (1) a t-secure n-party protocol for the OT functionality, in a network consisting of secure point-to-point channels and a broadcast primitive; and (2) a secure two-party protocol for a functionality determined by the former multiparty protocol...

  19. Secure computing, economy, and trust

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Damgård, Ivan B.; Jakobsen, Thomas

    In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, cryptography and security engineering and develop and implement secure auctions for practical real-world problems. In essence this paper is an o...

  20. Data Security and Privacy in Cloud Computing

    OpenAIRE

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  1. A Framework for Secure Cloud Computing

    Directory of Open Access Journals (Sweden)

    Ahmed E. Youssef

    2012-07-01

    Full Text Available Cloud computing is one of the most discussed topics today in the field of information technology. It introduces a new Internet-based environment for on-demand, dynamic provision of reconfigurable computing resources. The biggest challenge in cloud computing is the security and privacy problems caused by its multi-tenancy nature and the outsourcing of infrastructure, sensitive data and critical applications. In this paper, we propose a framework that identifies security and privacy challenges in cloud computing. It highlights cloud-specific attacks and risks and clearly illustrates their mitigations and countermeasures. We also propose a generic cloud computing security model that helps satisfy security and privacy requirements in the clouds and protect them against various vulnerabilities. The purpose of this work is to advise on security and privacy considerations that should be taken and solutions that might be considered when using the cloud environment by individuals and organizations.

  2. Applied computation and security systems

    CERN Document Server

    Saeed, Khalid; Choudhury, Sankhayan; Chaki, Nabendu

    2015-01-01

    This book contains the extended version of the works that have been presented and discussed in the First International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2014) held during April 18-20, 2014 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland and University of Calcutta, India. The Volume I of this double-volume book contains fourteen high quality book chapters in three different parts. Part 1 is on Pattern Recognition and it presents four chapters. Part 2 is on Imaging and Healthcare Applications contains four more book chapters. The Part 3 of this volume is on Wireless Sensor Networking and it includes as many as six chapters. Volume II of the book has three Parts presenting a total of eleven chapters in it. Part 4 consists of five excellent chapters on Software Engineering ranging from cloud service design to transactional memory. Part 5 in Volume II is on Cryptography with two book...

  3. Why SCADA security is NOT like Computer Centre Security

    CERN Document Server

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  4. Motivating Contributions for Home Computer Security

    Science.gov (United States)

    Wash, Richard L.

    2009-01-01

    Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

  5. FORMATION OF A COMPUTER SECURITY POLICY BOARD

    CERN Multimedia

    2001-01-01

    In view of the increasing number of security incidents at CERN, the Directorate has set up a Computer Security Policy Board. Information about the mandate and the meetings of the Board is linked from http://cern.ch/security which is the entry point for computer security information at CERN. File Services Computing Rule The use of CERN's Computing facilities are governed by Operational Circular No 5 and its subsidiary rules. To protect file servers at CERN from unauthorised use, the Organization has issued a new subsidiary rule related to file services. Details hereof and of the complete set of rules applicable to the use of CERN computing facilities are available at http://cern.ch/ComputingRules

  6. FORMATION OF A COMPUTER SECURITY POLICY BOARD

    CERN Multimedia

    2001-01-01

    In view of the increasing number of security incidents at CERN, the Directorate has set up a Computer Security Policy Board. Information about the mandate and the meetings of the Board is linked from http://cern.ch/security, which is the entry point for computer security information at CERN. FILE SERVICES COMPUTING RULE The use of CERN's Computing facilities are governed by Operational Circular No 5 and its subsidiary rules. To protect file servers at CERN from unauthorised use, the Organization has issued a new subsidiary rule related to file services. Details hereof and of the complete set of rules applicable to the use of CERN computing facilities are available at http://cern.ch/ComputingRules.

  7. Implementing Security for Active Networks in Internet

    Institute of Scientific and Technical Information of China (English)

    Tang Yin; Wang Weiran

    2003-01-01

    Active networks is primarily a Defense Advanced Research Projects Agency(DARPA)-funded project focusing on the research of mechanisms, applications, and operating systems to develop a reconfigurable network infrastructure. This letter proposes an Secure Active Tracing System (SATS) to implementing security for active networking in Internet. Unlike currently existing schemes, SATS reduces the computational overloads by executing the filtering operation on selected packet streams only when needed.

  8. A common language for computer security incidents

    Energy Technology Data Exchange (ETDEWEB)

    John D. Howard; Thomas A Longstaff

    1998-10-01

    Much of the computer security information regularly gathered and disseminated by individuals and organizations cannot currently be combined or compared because a common language has yet to emerge in the field of computer security. A common language consists of terms and taxonomies (principles of classification) which enable the gathering, exchange and comparison of information. This paper presents the results of a project to develop such a common language for computer security incidents. This project results from cooperation between the Security and Networking Research Group at the Sandia National Laboratories, Livermore, CA, and the CERT{reg_sign} Coordination Center at Carnegie Mellon University, Pittsburgh, PA. This Common Language Project was not an effort to develop a comprehensive dictionary of terms used in the field of computer security. Instead, the authors developed a minimum set of high-level terms, along with a structure indicating their relationship (a taxonomy), which can be used to classify and understand computer security incident information. They hope these high-level terms and their structure will gain wide acceptance, be useful, and most importantly, enable the exchange and comparison of computer security incident information. They anticipate, however, that individuals and organizations will continue to use their own terms, which may be more specific both in meaning and use. They designed the common language to enable these lower-level terms to be classified within the common language structure.

  9. Review your Computer Security Now and Frequently!

    CERN Multimedia

    IT Department

    2009-01-01

    The start-up of LHC is foreseen to take place in the autumn and we will be in the public spotlight again. This increases the necessity to be vigilant with respect to computer security and the defacement of an experiment’s Web page in September last year shows that we should be particularly attentive. Attackers are permanently probing CERN and so we must all do the maximum to reduce future risks. Security is a hierarchical responsibility and requires to balance the allocation of resources between making systems work and making them secure. Thus all of us, whether users, developers, system experts, administrators, or managers are responsible for securing our computing assets. These include computers, software applications, documents, accounts and passwords. There is no "silver bullet" for securing systems, which can only be achieved by a painstaking search for all possible vulnerabilities followed by their mitigation. Additional advice on particular topics can be obtained from the relevant I...

  10. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  11. A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE

    Directory of Open Access Journals (Sweden)

    Arijit Ukil

    2013-09-01

    Full Text Available In a typical cloud computing diverse facilitating components like hardware, software, firmware,networking, and services integrate to offer different computational facilities, while Internet or a privatenetwork (or VPN provides the required backbone to deliver the services. The security risks to the cloud system delimit the benefits of cloud computing like “on-demand, customized resource availability and performance management”. It is understood that current IT and enterprise security solutions are not adequate to address the cloud security issues. This paper explores the challenges and issues of security concerns of cloud computing through different standard and novel solutions. We propose analysis and architecture for incorporating different security schemes, techniques and protocols for cloud computing,particularly in Infrastructure-as-a-Service (IaaS and Platform-as-a-Service (PaaS systems. The proposedarchitecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and is not coupled with the underlying backbone. This would facilitate to manage the cloud system more effectively and provide the administrator to include the specific solution to counter the threat. We have also shown using experimental data how a cloud service provider can estimate the charging based on the security service it provides and security-related cost-benefit analysis can be estimated.

  12. Computer Security: transparent monitoring for your protection

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Computer security can be handled in one of two ways: in secrecy, behind a black curtain; or out in the open, subject to scrutiny and with full transparency. We believe that the latter is the only right way for CERN, and have always put that belief into practice. In keeping with this spirit, here is a reminder of how we monitor (your) CERN activities in order to guarantee timely responses to computer security incidents.   We monitor all network traffic coming into and going out of CERN. Automatic tools look for suspicious patterns like connections to known malicious IP addresses, web pages or domains. They check for malicious files being downloaded and make statistical analyses of connections in order to identify unusual behaviour. The automatic analysis of the logs from the CERN Domain Name Servers complements this and provides a redundant means of detection. We also constantly scan the CERN office network and keep an inventory of the individual network services running on each device: w...

  13. Security Issues related with cloud computing

    Directory of Open Access Journals (Sweden)

    Manju,

    2014-04-01

    Full Text Available The term CLOUD means Common Location Independent Online Utility on Demand. It‟s an emerging technology in IT industries. Cloud technologies are improving day by day and now it become a need for all small and large scale industries. Companies like Google, Amazon, Microsoft etc. is providing virtualized environment for user by which it omits the need for physical storage and others. But as the advantage of cloud computing is increasing day by day the issues are also threatening the IT industries. These issues related with the security of the data. The basic idea of this review paper is to elaborate the security issues related with cloud computing and what methods are implemented to improve these security. Certain algorithms like RSA, DES, and Ceaser Cipher etc. implemented to improve the security issues. In this paper we have implemented Identity based mRSA algorithm in this paper for improving security of data.

  14. Practical Computer Security through Cryptography

    Science.gov (United States)

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  15. Cloud Computing Security Latest Issues amp Countermeasures

    Directory of Open Access Journals (Sweden)

    Shelveen Pandey

    2015-08-01

    Full Text Available Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shared resources over the years security on the cloud is a growing concern. In this review paper the current cloud security issues and practices are described and a few innovative solutions are proposed that can help improve cloud computing security in the future.

  16. Computer Security: Mac security – nothing for old versions

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software – or, in computer lingo: patching, patching, patching.   Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help… Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their &ldq...

  17. New mechanism for Cloud Computing Storage Security

    Directory of Open Access Journals (Sweden)

    Almokhtar Ait El Mrabti

    2016-07-01

    Full Text Available Cloud computing, often referred to as simply the cloud, appears as an emerging computing paradigm which promises to radically change the way computer applications and services are constructed, delivered, managed and finally guaranteed as dynamic computing environments for end users. The cloud is the delivery of on-demand computing resources - everything from applications to data centers - over the Internet on a pay-for-use basis. The revolution of cloud computing has provided opportunities for research in all aspects of cloud computing. Despite the big progress in cloud computing technologies, funding concerns in cloud, security may limit a broader adoption. This paper presents a technique to tolerate both accidental and intentional faults, which is fragmentation-redundancy-scattering (FRS. The possibility to use the FRS technique as an intrusion tolerance one is investigated for providing secure and dependable storage in the cloud environment. Also a cloud computing security (CCS based on the FRS technique is proposed to explore how this proposal can then be used via several scenarios. To demonstrate the robustness of the proposal, we formalize our design and we carry out a security as well as performance evaluations of the approach and we compare it with the classical model. The paper concludes by strongly suggesting future research proposals for the CCS framework.

  18. Computational social networks security and privacy

    CERN Document Server

    2012-01-01

    Presents the latest advances in security and privacy issues in computational social networks, and illustrates how both organizations and individuals can be protected from real-world threats Discusses the design and use of a wide range of computational tools and software for social network analysis Provides experience reports, survey articles, and intelligence techniques and theories relating to specific problems in network technology

  19. Privacy and Security issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Anita Kumari Nanda , Brojo Kishore Mishra

    2012-12-01

    Full Text Available “Cloud computing” – a relatively recent term, defines the paths ahead in computer science world. Being built on decades of research it utilizes all recent achievements in virtualization, distributed computing, utility computing, and networking. It implies a service oriented architecture through offering software and platforms as services, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on demand services and many other things. Security concerns the confidentiality, availability and integrity of data or information. Security may also include authentication and non-repudiation. This paper is a brief survey based on readings of “cloud” computing and it tries to address related research topics, privacy and security issues ahead and possible solution.

  20. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  1. INFORMATION SECURITY IN COMPUTER NETWORKS

    OpenAIRE

    Мехед, Д. Б.

    2016-01-01

    The article deals with computer networks, types of construction, the analysis of the advantages and disadvantages of different types of networks. The basic types of information transmission, highlighted their advantages and disadvantages, losing information and methods of protection.

  2. International Conference on Computational Intelligence, Cyber Security, and Computational Models

    CERN Document Server

    Ramasamy, Vijayalakshmi; Sheen, Shina; Veeramani, C; Bonato, Anthony; Batten, Lynn

    2016-01-01

    This book aims at promoting high-quality research by researchers and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security, and Computational Models ICC3 2015 organized by PSG College of Technology, Coimbatore, India during December 17 – 19, 2015. This book enriches with innovations in broad areas of research like computational modeling, computational intelligence and cyber security. These emerging inter disciplinary research areas have helped to solve multifaceted problems and gained lot of attention in recent years. This encompasses theory and applications, to provide design, analysis and modeling of the aforementioned key areas.

  3. REVIEW PAPER ON MOBILE CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    Priyanka d. Raut

    2015-10-01

    Full Text Available Nowadays smart-phones are being capable of supporting a broad range of applications, many of which demand an increasing computational power. This leads to a challenge because smart-phones are resource-constrained devices with finite computation power, memory, storage, and energy. With the development of mobility and cloud computing, mobile cloud computing (MCC has introduced and become a point of research. With the need of extendibility and on-demand self-service, it can provide the good infrastructure, platform and software services in a cloud to mobile clients through the mobile network. Therefore, Cloud computing is anticipated to bring an innovation in mobile computing, where the mobile devices can make use of clouds for data processing, storage and other intensive operations. Despite the surprising advancement achieved by MCC, the clients of MCC are still below expectations due to the related risks in terms of security and confidentiality. The more and more information is placed onto the cloud by individuals and enterprises, the more the security issue begins to grow. This paper presents the various security issues that arise about how secure the mobile cloud computing environment is.

  4. The university computer network security system

    Institute of Scientific and Technical Information of China (English)

    张丁欣

    2012-01-01

    With the development of the times, advances in technology, computer network technology has been deep into all aspects of people's lives, it plays an increasingly important role, is an important tool for information exchange. Colleges and universities is to cultivate the cradle of new technology and new technology, computer network Yulu nectar to nurture emerging technologies, and so, as institutions of higher learning should pay attention to the construction of computer network security system.

  5. Cloud Computing Security in Business Information Systems

    CERN Document Server

    Ristov, Sasko; Kostoska, Magdalena

    2012-01-01

    Cloud computing providers' and customers' services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs) are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company's type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objecti...

  6. Levels of Security Issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    R. Charanya

    2013-04-01

    Full Text Available Nowadays, Cloud computing is booming in most of the IT industry. Most of the organizations are moving to cloud computing due to various reasons. It provide elastic architecture accessible through internet and also it eliminate the setting up of high cost computing infrastructure for the IT based solutions and services. Cloud computing is pay-per-use model, on-demand network access to a sharedpool of configurable computing resources like Application-as a service, Platform as a services and infrastructure as a services. In this paper, survey of security issues at different levels such as application level, host level and network level is presented.

  7. Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

    CERN Multimedia

    2012-01-01

    Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

  8. Los Alamos CCS (Center for Computer Security) formal computer security model

    Energy Technology Data Exchange (ETDEWEB)

    Dreicer, J.S.; Hunteman, W.J. (Los Alamos National Lab., NM (USA))

    1989-01-01

    This paper provides a brief presentation of the formal computer security model currently being developed at the Los Alamos Department of Energy (DOE) Center for Computer Security (CCS). The initial motivation for this effort was the need to provide a method by which DOE computer security policy implementation could be tested and verified. The actual analytical model was a result of the integration of current research in computer security and previous modeling and research experiences. The model is being developed to define a generic view of the computer and network security domains, to provide a theoretical basis for the design of a security model, and to address the limitations of present models. Formal mathematical models for computer security have been designed and developed in conjunction with attempts to build secure computer systems since the early 70's. The foundation of the Los Alamos DOE CCS model is a series of functionally dependent probability equations, relations, and expressions. The mathematical basis appears to be justified and is undergoing continued discrimination and evolution. We expect to apply the model to the discipline of the Bell-Lapadula abstract sets of objects and subjects. 5 refs.

  9. Overview of Security issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Ajey Singh

    2012-03-01

    Full Text Available Cloud computing may be defined as management and provision of resources, software, applications and information as services over the cloud (internet on demand. Cloud computing comes into focus only when you think about what IT always needs: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. "Cloud computing continues to gain acceptance as a critical way to deliver on-demand information and resources to customers,” The cloud architecture is implemented in such a way that it provides you the flexibility to share application as well as other network resources (hardware etc[1]. This will lead to a need based flexible architecture where the resources will expand or contract with a little configuration changes. Cloud computing is often provided "as a service" over the Internet, typically in the form of infrastructure as a service (IaaS, platform as a service (PaaS, or software as a service (SaaS.From an end users perspective, you don’t need to care for the OS, the plug-ins, web security or the software platform[2]. Everything should be in place without any worry. This paper focuses on technical security issues in cloud computing, cloud computing has various benefits in an enterprise but major concern is how security is implemented in cloud computing.

  10. Soft computing techniques in voltage security analysis

    CERN Document Server

    Chakraborty, Kabir

    2015-01-01

    This book focuses on soft computing techniques for enhancing voltage security in electrical power networks. Artificial neural networks (ANNs) have been chosen as a soft computing tool, since such networks are eminently suitable for the study of voltage security. The different architectures of the ANNs used in this book are selected on the basis of intelligent criteria rather than by a “brute force” method of trial and error. The fundamental aim of this book is to present a comprehensive treatise on power system security and the simulation of power system security. The core concepts are substantiated by suitable illustrations and computer methods. The book describes analytical aspects of operation and characteristics of power systems from the viewpoint of voltage security. The text is self-contained and thorough. It is intended for senior undergraduate students and postgraduate students in electrical engineering. Practicing engineers, Electrical Control Center (ECC) operators and researchers will also...

  11. Computer Security: Geneva, Suisse Romande and beyond

    CERN Multimedia

    Computer Security Team

    2014-01-01

    To ensure good computer security, it is essential for us to keep in close contact and collaboration with a multitude of official and unofficial, national and international bodies, agencies, associations and organisations in order to discuss best practices, to learn about the most recent (and, at times, still unpublished) vulnerabilities, and to handle jointly any security incident. A network of peers - in particular a network of trusted peers - can provide important intelligence about new vulnerabilities or ongoing attacks much earlier than information published in the media. In this article, we would like to introduce a few of the official peers we usually deal with.*   Directly relevant for CERN are SWITCH, our partner for networking in Switzerland, and our contacts within the WLCG, i.e. the European Grid Infrastructure (EGI), and the U.S. Open Science Grid (OSG). All three are essential partners when discussing security implementations and resolving security incidents. SWITCH, in...

  12. Computation, cryptography, and network security

    CERN Document Server

    Rassias, Michael

    2015-01-01

    Analysis, assessment, and data management are core competencies for operation research analysts. This volume addresses a number of issues and developed methods for improving those skills. It is an outgrowth of a conference held in April 2013 at the Hellenic Military Academy, and brings together a broad variety of mathematical methods and theories with several applications. It discusses directions and pursuits of scientists that pertain to engineering sciences. It is also presents the theoretical background required for algorithms and techniques applied to a large variety of concrete problems. A number of open questions as well as new future areas are also highlighted.   This book will appeal to operations research analysts, engineers, community decision makers, academics, the military community, practitioners sharing the current “state-of-the-art,” and analysts from coalition partners. Topics covered include Operations Research, Games and Control Theory, Computational Number Theory and Information Securi...

  13. Overview of Security issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Mr. Ajey Singh

    2012-03-01

    Full Text Available Cloud computing may be defined as management andprovision of resources, software, applications andinformation as services over the cloud (internet on demand.Cloud computing comes into focus only when you thinkabout what IT always needs: a way to increase capacity oradd capabilities on the fly without investing in newinfrastructure, training new personnel, or licensing newsoftware. "Cloud computing continues to gain acceptanceas a critical way to deliver on-demand information andresources to customers,” The cloud architecture isimplemented in such a way that it provides you the flexibilityto share application as well as other network resources(hardware etc[1]. This will lead to a need based flexiblearchitecture where the resources will expand or contractwith a little configuration changes. Cloud computing isoften provided "as a service" over the Internet, typically inthe form of infrastructure as a service (IaaS, platform as aservice (PaaS, or software as a service (SaaS.From an endusers perspective, you don’t need to care for the OS, theplug-ins, web security or the software platform[2].Everything should be in place without any worry. This paperfocuses on technical security issues in cloud computing,cloud computing has various benefits in an enterprise butmajor concern is how security is implemented in cloudcomputing.

  14. The Role of Trust in Computer Security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2012-01-01

    technologies and show how many of them concern the placement of trust on human or system agents. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason...

  15. Cloud computing security requirements: a systematic review

    NARCIS (Netherlands)

    Iankoulova, Iliana; Daneva, Maya; Rolland, C.; Castro, J.; Pastor, O.

    2012-01-01

    Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide

  16. Guidelines for computer security in general practice

    Directory of Open Access Journals (Sweden)

    Peter Schattner

    2007-06-01

    Conclusions This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

  17. Security for small computer systems a practical guide for users

    CERN Document Server

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  18. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  19. Security in Fog Computing through Encryption

    Directory of Open Access Journals (Sweden)

    Akhilesh Vishwanath

    2016-05-01

    Full Text Available Cloud computing is considered as one of the most exciting technology because of its flexibility and scalability. The main problem that occurs in cloud is security. To overcome the problems or issues of security, a new technique called fog-computing is evolved. As there are security issues in fog even after getting the encrypted data from cloud, we implemented the process of encryption using AES algorithm to check how it works for the fog. So far, to our analysis AES algorithm is the most secured process of encryption for security. Three datasets of different types are considered and applied the analysed encryption technique over those datasets. On validation, entire data over datasets is being accurately encrypted and decrypted back as well. We took android mobile as an edge device and deployed the encryption over datasets into it. Further, performance of encryption is evaluated over selected datasets for accuracy if the entire data is correctly encrypted and decrypted along with the time, User load, Response time, Memory Utilization over file size. Further best and worst cases among the datasets are analysed thereby evaluating the suitability of AES in fog.

  20. Secure Arithmetic Computation with No Honest Majority

    CERN Document Server

    Ishai, Yuval; Sahai, Amit

    2008-01-01

    We study the complexity of securely evaluating arithmetic circuits over finite rings. This question is motivated by natural secure computation tasks. Focusing mainly on the case of two-party protocols with security against malicious parties, our main goals are to: (1) only make black-box calls to the ring operations and standard cryptographic primitives, and (2) minimize the number of such black-box calls as well as the communication overhead. We present several solutions which differ in their efficiency, generality, and underlying intractability assumptions. These include: 1. An unconditionally secure protocol in the OT-hybrid model which makes a black-box use of an arbitrary ring $R$, but where the number of ring operations grows linearly with (an upper bound on) $\\log|R|$. 2. Computationally secure protocols in the OT-hybrid model which make a black-box use of an underlying ring, and in which the number of ring operations does not grow with the ring size. These results extend a previous approach of Naor an...

  1. Extreme Scale Computing to Secure the Nation

    Energy Technology Data Exchange (ETDEWEB)

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  2. Key Technologies and Applications of Secure Multiparty Computation

    Directory of Open Access Journals (Sweden)

    Xiaoqiang Guo

    2013-07-01

    Full Text Available With the advent of the information age, the network security is particularly important. The secure multiparty computation is a very important branch of cryptography. It is a hotspot in the field of information security. It expanded the scope of the traditional distributed computing and information security, provided a new computing model for the network collaborative computing. First we introduced several key technologies of secure multiparty computation: secret sharing and verifiable secret sharing, homomorphic public key cryptosystem, mix network, zero knowledge proof, oblivious transfer, millionaire protocol. Second we discussed the applications of secure multiparty computation in electronic voting, electronic auctions, threshold signature, database queries, data mining, mechanical engineering and other fields.

  3. Secure information transfer based on computing reservoir

    Science.gov (United States)

    Szmoski, R. M.; Ferrari, F. A. S.; de S. Pinto, S. E.; Baptista, M. S.; Viana, R. L.

    2013-04-01

    There is a broad area of research to ensure that information is transmitted securely. Within this scope, chaos-based cryptography takes a prominent role due to its nonlinear properties. Using these properties, we propose a secure mechanism for transmitting data that relies on chaotic networks. We use a nonlinear on-off device to cipher the message, and the transfer entropy to retrieve it. We analyze the system capability for sending messages, and we obtain expressions for the operating time. We demonstrate the system efficiency for a wide range of parameters. We find similarities between our method and the reservoir computing.

  4. Software For Computer-Security Audits

    Science.gov (United States)

    Arndt, Kate; Lonsford, Emily

    1994-01-01

    Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

  5. Security Issues in Cloud Computing - A Review

    Directory of Open Access Journals (Sweden)

    Irfan Hussain

    2014-09-01

    Full Text Available Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.

  6. SECURITY AND PRIVACY ISSUES IN CLOUD COMPUTING

    Directory of Open Access Journals (Sweden)

    Amina AIT OUAHMAN

    2014-10-01

    Full Text Available Today, cloud computing is defined and talked about across the ICT industry under different contexts and with different definitions attached to it. It is a new paradigm in the evolution of Information Technology, as it is one of the biggest revolutions in this field to have taken place in recent times. According to the National Institute for Standards and Technology (NIST, “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services that can be rapidly provisioned and released with minimal management effort or service provider interaction” [1]. The importance of Cloud Computing is increasing and it is receiving a growing attention in the scientific and industrial communities. A study by Gartner [2] considered Cloud Computing as the first among the top 10 most important technologies and with a better prospect in successive years by companies and organizations. Clouds bring out tremendous benefits for both individuals and enterprises. Clouds support economic savings, outsourcing mechanisms, resource sharing, any-where any-time accessibility, on-demand scalability, and service flexibility. Clouds minimize the need for user involvement by masking technical details such as software upgrades, licenses, and maintenance from its customers. Clouds could also offer better security advantages over individual server deployments. Since a cloud aggregates resources, cloud providers charter expert security personnel while typical companies could be limited with a network administrator who might not be well versed in cyber security issues. The new concepts introduced by the clouds, such as computation outsourcing, resource sharing, and external data warehousing, increase the security and privacy concerns and create new security challenges. Moreover, the large scale of the clouds, the proliferation of mobile access devices (e

  7. Computer Security: better code, fewer problems

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    The origin of many security incidents is negligence or unintentional mistakes made by web developers or programmers. In the rush to complete the work, due to skewed priorities, or just to ignorance, basic security principles can be omitted or forgotten.   The resulting vulnerabilities lie dormant until the evil side spots them and decides to hit hard. Computer security incidents in the past have put CERN’s reputation at risk due to websites being defaced with negative messages about the Organization, hash files of passwords being extracted, restricted data exposed… And it all started with a little bit of negligence! If you check out the Top 10 web development blunders, you will see that the most prevalent mistakes are: Not filtering input, e.g. accepting “<“ or “>” in input fields even if only a number is expected.  Not validating that input: you expect a birth date? So why accept letters? &...

  8. Audit and Evaluation of Computer Security. Computer Science and Technology.

    Science.gov (United States)

    Ruthberg, Zella G.

    This is a collection of consensus reports, each produced at a session of an invitational workshop sponsored by the National Bureau of Standards. The purpose of the workshop was to explore the state-of-the-art and define appropriate subjects for future research in the audit and evaluation of computer security. Leading experts in the audit and…

  9. Computer Security: Introduction to information and computer security (1/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  10. Extreme Scale Computing to Secure the Nation

    Energy Technology Data Exchange (ETDEWEB)

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  11. 48 CFR 952.204-77 - Computer security.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006)...

  12. SEED: A Suite of Instructional Laboratories for Computer Security Education

    Science.gov (United States)

    Du, Wenliang; Wang, Ronghua

    2008-01-01

    The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

  13. Computer-Aided Sensor Development Focused on Security Issues

    Directory of Open Access Journals (Sweden)

    Andrzej Bialas

    2016-05-01

    Full Text Available The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

  14. Computer-Aided Sensor Development Focused on Security Issues.

    Science.gov (United States)

    Bialas, Andrzej

    2016-05-26

    The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

  15. Securing Embedded Smart Cameras with Trusted Computing

    Directory of Open Access Journals (Sweden)

    Winkler Thomas

    2011-01-01

    Full Text Available Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only open new possibilities but also raise new challenges. Often overlooked are potential security issues of the camera system. The increasing amount of software running on the cameras turns them into attractive targets for attackers. Therefore, the protection of camera devices and delivered data is of critical importance. In this work we present an embedded camera prototype that uses Trusted Computing to provide security guarantees for streamed videos. With a hardware-based security solution, we ensure integrity, authenticity, and confidentiality of videos. Furthermore, we incorporate image timestamping, detection of platform reboots, and reporting of the system status. This work is not limited to theoretical considerations but also describes the implementation of a prototype system. Extensive evaluation results illustrate the practical feasibility of the approach.

  16. Flexible And Secure Access To Computing Clusters

    Directory of Open Access Journals (Sweden)

    Jan Meizner

    2010-01-01

    Full Text Available The investigation presented in this paper was prompted by the need to provide a manageablesolution for secure access to computing clusters with a federated authentication framework.This requirement is especially important for scientists who need direct access to computingnodes in order to run their applications (e.g. chemical or medical simulations with proprietary,open-source or custom-developed software packages. Our existing software, whichenables non-Web clients to use Shibboleth-secured services, has been extended to providedirect SSH access to cluster nodes using the Linux Pluggable Authentication Modules mechanism.This allows Shibboleth users to run the required software on clusters. Validationand performance comparison with existing SSH authentication mechanisms confirm that thepresented tools satisfy the stated requirements.

  17. On technical security issues in cloud computing

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils

    2009-01-01

    The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality......, however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations. © 2009 IEEE....

  18. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  19. Individual versus Organizational Computer Security and Privacy Concerns in Journalism

    Directory of Open Access Journals (Sweden)

    McGregor Susan E.

    2016-10-01

    Full Text Available A free and open press is a critical piece of the civil-society infrastructure that supports both established and emerging democracies. However, as the professional activities of reporting and publishing are increasingly conducted by digital means, computer security and privacy risks threaten free and independent journalism around the globe. Through interviews with 15 practicing journalists and 14 organizational stakeholders (supervising editors and technologists, we reveal the distinct - and sometimes conflicting-computer security concerns and priorities of different stakeholder groups within journalistic institutions, as well as unique issues in journalism compared to other types of organizations. As these concerns have not been deeply studied by those designing computer security practices or technologies that may benefit journalism, this research offers insight into some of the practical and cultural constraints that can limit the computer security and privacy practices of the journalism community as a whole. Based on these findings, we suggest paths for future research and development that can bridge these gaps through new tools and practices.

  20. Security Issues Associated with Big Data in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Venkata Narasimha Inukollu

    2014-06-01

    Full Text Available In this paper, we discuss security issues for cloud computing, Big data, Map Reduce and Hadoop environment. The main focus is on security issues in cloud computing that are associated with big data. Big data applications are a great benefit to organizations, business, companies and many large scale and small scale industries.We also discuss various possible solutions for the issues in cloud computing security and Hadoop. Cloud computing security is developing at a rapid pace which includes computer security, network security, information security, and data privacy. Cloud computing plays a very vital role in protecting data, applications and the related infrastructure with the help of policies, technologies, controls, and big data tools Moreover, cloud computing, big data and its applications, advantages are likely to represent the most promising new frontiers in science.

  1. Security Risk Scoring Incorporating Computers' Environment

    Directory of Open Access Journals (Sweden)

    Eli Weintraub

    2016-04-01

    Full Text Available A framework of a Continuous Monitoring System (CMS is presented, having new improved capabilities. The system uses the actual real-time configuration of the system and environment characterized by a Configuration Management Data Base (CMDB which includes detailed information of organizational database contents, security and privacy specifications. The Common Vulnerability Scoring Systems' (CVSS algorithm produces risk scores incorporating information from the CMDB. By using the real updated environmental characteristics the system enables achieving accurate scores compared to existing practices. Framework presentation includes systems' design and an illustration of scoring computations.

  2. Computer Network Security: Best Practices for Alberta School Jurisdictions.

    Science.gov (United States)

    Alberta Dept. of Education, Edmonton.

    This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…

  3. Secure medical information sharing in cloud computing.

    Science.gov (United States)

    Shao, Zhiyi; Yang, Bo; Zhang, Wenzheng; Zhao, Yi; Wu, Zhenqiang; Miao, Meixia

    2015-01-01

    Medical information sharing is one of the most attractive applications of cloud computing, where searchable encryption is a fascinating solution for securely and conveniently sharing medical data among different medical organizers. However, almost all previous works are designed in symmetric key encryption environment. The only works in public key encryption do not support keyword trapdoor security, have long ciphertext related to the number of receivers, do not support receiver revocation without re-encrypting, and do not preserve the membership of receivers. In this paper, we propose a searchable encryption supporting multiple receivers for medical information sharing based on bilinear maps in public key encryption environment. In the proposed protocol, data owner stores only one copy of his encrypted file and its corresponding encrypted keywords on cloud for multiple designated receivers. The keyword ciphertext is significantly shorter and its length is constant without relation to the number of designated receivers, i.e., for n receivers the ciphertext length is only twice the element length in the group. Only the owner knows that with whom his data is shared, and the access to his data is still under control after having been put on the cloud. We formally prove the security of keyword ciphertext based on the intractability of Bilinear Diffie-Hellman problem and the keyword trapdoor based on Decisional Diffie-Hellman problem.

  4. Secure Two-Party Computational Geometry

    Institute of Scientific and Technical Information of China (English)

    Shun-Dong Li; Yi-Qi Dai

    2005-01-01

    Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric problems, and in doing so a building block is developed,the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.

  5. An Overview Of The Security Concerns In Enterprise Cloud Computing

    OpenAIRE

    Anthony Bisong; Rahman, Syed M

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud comp...

  6. An Overview of the Security Concerns in Enterprise Cloud Computing

    OpenAIRE

    Bisong, Anthony; Syed; Rahman, M.

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud co...

  7. Science and Technology Resources on the Internet: Computer Security.

    Science.gov (United States)

    Kinkus, Jane F.

    2002-01-01

    Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

  8. Computer Security: WWW censorship? Not at CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Whoops! We received a number of critical responses to our previous article on the upcoming DNS firewall (“DNS to the rescue!” - see here). While they were mostly constructive, the main question was “How dare we censor Internet access?” Let us clarify this.   Computer security at CERN must always find the right balance between CERN’s academic environment, its operations and security itself. Of course we can easily overdo it one way or another, but that would kill our academic freedom and bring the Organization to a halt. That certainly isn’t in our interest. On the other hand, CERN is permanently under attack and we have to do everything possible to ensure that those attacks are kept at bay. Otherwise they could impact CERN’s operations… So, have we found the right balance? Concerning access to the Internet and in particular to the web, we have not and will not block random websites because of their content unless &a...

  9. Computer Security: Your privacy at CERN matters

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Congrats to all those who spotted that our last contribution to the CERN Bulletin (“CERN Secure Password Competition” – see here) was an April Fools’ Day hoax. Of course, there is no review and no jury and there won’t be any competition. Consequently, we are sorry to say that we cannot announce any winners. The extension of the password history rule and the initiative of finding password duplicates are absolute nonsense too.   In fact, the Computer Security team, just like the CERN Account Management service, the Single Sign-On team and the ServiceDesk, does not know and has no need to know your password. Passwords are actually salted and hashed using the SHA256 cryptographic hash function. Thus, there is no literal password database and no way that anyone apart from you can know your password – unless you have given it away intentionally or inadvertently… Remember, your password is yours and only yours, so please do not...

  10. Computer Security: is your code sane?

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    How many of us write code? Software? Programs? Scripts? How many of us are properly trained in this and how well do we do it? Do we write functional, clean and correct code, without flaws, bugs and vulnerabilities*? In other words: are our codes sane?   Figuring out weaknesses is not that easy (see our quiz in an earlier Bulletin article). Therefore, in order to improve the sanity of your code, prevent common pit-falls, and avoid the bugs and vulnerabilities that can crash your code, or – worse – that can be misused and exploited by attackers, the CERN Computer Security team has reviewed its recommendations for checking the security compliance of your code. “Static Code Analysers” are stand-alone programs that can be run on top of your software stack, regardless of whether it uses Java, C/C++, Perl, PHP, Python, etc. These analysers identify weaknesses and inconsistencies including: employing undeclared variables; expressions resu...

  11. Computer Security: The dilemma of fractal defence

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Aren’t mathematical fractals just beautiful? The Mandelbrot set and the Julia set, the Sierpinski gasket, the Menger sponge, the Koch curve (see here)… Based on very simple mathematical rules, they quickly develop into a mosaic of facets slightly different from each other. More and more features appear the closer you zoom into a fractal and expose similar but not identical features of the overall picture.   Computer security is like these fractals, only much less pretty: simple at first glance, but increasingly complex and complicated when you look more closely at the details. The deeper you dig, the more and more possibilities open up for malicious people as the attack surface grows, just like that of “Koch’s snowflakes”, where the border length grows exponentially. Consequently, the defensive perimeter also increases when we follow the bits and bytes layer by layer from their processing in the CPU, trickling up the software stack thro...

  12. A Security Kernel Architecture Based Trusted Computing Platform

    Institute of Scientific and Technical Information of China (English)

    CHEN You-lei; SHEN Chang-xiang

    2005-01-01

    A security kernel architecture built on trusted computing platform in the light of thinking about trusted computing is presented. According to this architecture, a new security module TCB (Trusted Computing Base) is added to the operation system kernel and two operation interface modes are provided for the sake of self-protection. The security kernel is divided into two parts and trusted mechanism is separated from security functionality. The TCB module implements the trusted mechanism such as measurement and attestation,while the other components of security kernel provide security functionality based on these mechanisms. This architecture takes full advantage of functions provided by trusted platform and clearly defines the security perimeter of TCB so as to assure self-security from architectural vision. We also present function description of TCB and discuss the strengths and limitations comparing with other related researches.

  13. An Overview Of The Security Concerns In Enterprise Cloud Computing

    Directory of Open Access Journals (Sweden)

    Anthony Bisong

    2011-01-01

    Full Text Available Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risksand protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  14. An Overview of the Security Concerns in Enterprise Cloud Computing

    CERN Document Server

    Bisong, Anthony; Rahman, M; 10.5121/ijnsa.2011.3103

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  15. Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

    Science.gov (United States)

    Edwards, Keith

    2015-01-01

    Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

  16. Computer Security: oops, there it goes...

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Do you love riddles, hide and seek or picture puzzles a la “Where’s Wally”? Then take a look at the photo below, and try to spot the error.   It is hard to spot: the yellow sticker on the computer screen shows a password providing access to the web application running on the screen. Surprising! Fortunately, this sticker was quickly removed by the corresponding system owners and the password changed. However, we can all make improvements: passwords must never be written down and definitely not on stickers attached to screens, keyboards, or desks. Remember: your password is your “toothbrush” - a toothbrush you do not share and you change regularly. Neither your colleagues, your supervisor, the Service Desk or the Computer Security Team have any valid reason to ask for it. They should not and will never do so. The same is valid for any external company: UBS, Paypal, Amazon, Facebook or Google will never ask you for your pass...

  17. A Novel Open Security Framework for Cloud Computing

    Directory of Open Access Journals (Sweden)

    Devki Gaurav Pal

    2012-06-01

    Full Text Available The evolution of cloud computing enables organizations to reduce their expenditure on IT infrastructure and is advantageous to both the serving and served organizations. But security issue is major concern in adoption of cloud. This paper focuses on the problem of lack of security considerations in Service Level Agreements and top security threats and vulnerability which are suggested by security experts. The Security framework for end to end security in cloud computing has also been proposed in the present work. This paper also draws attention on need of Open Security Framework. Proposed framework is developed by collective participation of security experts, practitioners, Cloud Service Providers and Clients. It is in line with various government policies, legislation and standards like ISO 27000 series, SOX, HIPPA, COBIT, ITIL etc. to comply with them. This step will boost mutual trust and privacy of participants.

  18. Deliberate Secure Grid Computing Blueprint Design in Indian Context

    Directory of Open Access Journals (Sweden)

    Sanjeev Puri

    2012-06-01

    Full Text Available The novel concept of grid computing, clusters of computational power is constructed from a network of many small and widespread different computers servers or workstations into a single resource. We now proceed to translate the grid security problem into specific grid security requirements. The purpose of Grid technologies is to support the secure sharing and scalable coordinated use of diverse resources in dynamic, distributed VOs. We propose a secure blueprint design for grid systems that addresses requirements for single sign-on, interoperability with local policies of any grid city of India, with dynamically varying resource demands.

  19. Secure system design and trustable computing

    CERN Document Server

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  20. The Westinghouse Hanford Company Unclassified Computer Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Gurth, R.J.

    1994-02-01

    This paper describes the evolution of the Westinghouse Hanford Company (WHC) Unclassified Computer Security (UCS) Program over the past seven years. The intent has been to satisfy the requirements included in the DOE Order 1360.2B (DOE 1992) for Unclassified Computer Security in the most efficient and cost-effective manner.

  1. Secure Two-Party Computation with Low Communication

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Faust, Sebastian; Hazay, Carmit

    2011-01-01

    We propose a 2-party UC-secure computation protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic...

  2. Computer Security: in the name of CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    This summer, the American/Canadian dating website Ashley Madison was successfully compromised by a group of hackers (see here) who subsequently published tons of confidential information: addresses, dates of birth, e-mail addresses, ethnicities, genders, names, passwords, payment histories, phone numbers, security questions, sexual preferences, usernames and website activity.   Initially, these attackers blackmailed Ashley Madison and requested that the service be shut down. Later, however, they just made their stolen data public on the Internet. More than 30 million unique e-mail addresses – a hallelujah for miscreants. What can they do with this data? One possibility is blackmailing the people whose e-mail addresses were exposed by threatening to tell their spouses (“Pay me X bitcoins or I will tell your spouse that you are looking for a date!”). Another is targeting those people who have registered with their company e-...

  3. Computer Security: “New_invoice.zip”

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Thanks for reading this. But I wonder, what do you expect? Why did this generic title catch your interest? Of course, you might read our articles on a regular basis and it is the “Computer Security:” that brought you here. But still, was there anything else? You should stop reading here... unless you believe this text is meant for you. Or if you are curious. Or if you expect to learn something. Actually, that’s it. “New_invoice.zip” taught more than 40 people at CERN a lesson... the hard way.   “New_invoice.zip” was the name of an attachment to a rather blunt e-mail sent directly to many of our dear colleagues. Others received the e-mail via mailing lists like “it-dep”. The subject of the mail was “invoice” and its message read “Check the document” (see Image 1). The recipient list was vast and full of many different, not necessarily connected names. Clicking on t...

  4. Quantum-Classical Complexity-Security Tradeoff In Secure Multi-Party Computation

    OpenAIRE

    Chau, HF

    1999-01-01

    I construct a secure multi-party scheme to compute a classical function by a succinct use of a specially designed fault-tolerant random polynomial quantum error correction code. This scheme is secure provided that (asymptotically) strictly greater than five-sixths of the players are honest. Moreover, the security of this scheme follows directly from the theory of quantum error correcting code, and hence is valid without any computational assumption. I also discuss the quantum-classical comple...

  5. Food Security Strategy Based on Computer Innovation

    OpenAIRE

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  6. On the Power of Correlated Randomness in Secure Computation

    DEFF Research Database (Denmark)

    Ishai, Yuval; Kushilevitz, Eyal; Meldgaard, Sigurd Torkel

    2013-01-01

    We investigate the extent to which correlated secret randomness can help in secure computation with no honest majority. It is known that correlated randomness can be used to evaluate any circuit of size s with perfect security against semi-honest parties or statistical security against malicious...... positive and negative results on unconditionally secure computation with correlated randomness. Concretely, we obtain the following results. Minimizing communication. Any multiparty functionality can be realized, with perfect security against semi-honest parties or statistical security against malicious...... parties, where the communication complexity grows linearly with s. This leaves open two natural questions: (1) Can the communication complexity be made independent of the circuit size? (2) Is it possible to obtain perfect security against malicious parties? We settle the above questions, obtaining both...

  7. Peer-to-Peer Secure Multi-Party Numerical Computation

    CERN Document Server

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2008-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and numerous other tasks, where the computing nodes would like to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we examine several possible approaches and discuss their feasibility. Among the possible approaches, we identify a single approach which is both scalable and theoretically secure. An additional novel contribution is that we show how to compute the neighborhood based collaborative filtering, a state-of-the-art collaborative filtering algorithm, winner of the Netflix progress ...

  8. Security, Privacy and Trust Challenges in Cloud Computing and Solutions

    Directory of Open Access Journals (Sweden)

    Seyyed Yasser hashemi

    2014-07-01

    Full Text Available Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing recently emerged as a promising solution to information technology (IT management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. As much as the technological benefits, cloud computing also has risks involved. In this paper Cloud Computing security challenges will be discussed and proposed many new recommendations to increase security and trust also maintaining privacy.

  9. A Cluster- Based Secure Active Network Environment

    Institute of Scientific and Technical Information of China (English)

    CHEN Xiao-lin; ZHOU Jing-yang; DAI Han; LU Sang-lu; CHEN Gui-hai

    2005-01-01

    We introduce a cluster-based secure active network environment (CSANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the active router, while others are executed in the secure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KeyNote, untrusted active packets are controlled to securely consume resource. The DSM consistency management makes that active packets can be parallelly processed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routers.

  10. Security Implications of Typical Grid Computing Usage Scenarios

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.

    2001-06-05

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing.

  11. Food Security Strategy Based on Computer Innovation

    Directory of Open Access Journals (Sweden)

    Ruihui Mu

    2015-04-01

    Full Text Available Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control strategy, when the issue of marketing and business strategy is very important. The results of this study also demonstrated the relationship between reward and food security strategies. Interview analysis showed that the attitude of senior management in the hotel's food security policy, the company's ability to significantly dependent on the corporate image.

  12. Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

    Science.gov (United States)

    Tompkins, F. G.

    1983-01-01

    The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

  13. Security of fixed and wireless computer networks

    NARCIS (Netherlands)

    Verschuren, J.; Degen, A.J.G.; Veugen, P.J.M.

    2003-01-01

    A few decades ago, most computers were stand-alone machines: they were able to process information using their own resources. Later, computer systems were connected to each other enabling a computer system to exchange data with another computer and to use resources of another computer. With the coup

  14. Robust Security System for Critical Computers

    Directory of Open Access Journals (Sweden)

    Preet Inder Singh

    2012-06-01

    Full Text Available Among the various means of available resource protection including biometrics, password based system is most simple, user friendly, cost effective and commonly used, but this system having high sensitivity with attacks. Most of the advanced methods for authentication based on password encrypt the contents of password before storing or transmitting in physical domain. But all conventional cryptographic based encryption methods are having its own limitations, generally either in terms of complexity, efficiency or in terms of security. In this paper a simple method is developed that provide more secure and efficient means of authentication, at the same time simple in design for critical systems. Apart from protection, a step toward perfect security has taken by adding the feature of intruder detection along with the protection system. This is possible by merging various security systems with each other i.e password based security with keystroke dynamic, thumb impression with retina scan associated with the users. This new method is centrally based on user behavior and users related security system, which provides the robust security to the critical systems with intruder detection facilities.

  15. Ethical Responsibility Key to Computer Security.

    Science.gov (United States)

    Lynn, M. Stuart

    1989-01-01

    The pervasiveness of powerful computers and computer networks has raised the specter of new forms of abuse and of concomitant ethical issues. Blurred boundaries, hackers, the Computer Worm, ethical issues, and implications for academic institutions are discussed. (MLW)

  16. A survey on top security threats in cloud computing

    Directory of Open Access Journals (Sweden)

    Muhammad Kazim

    2015-03-01

    Full Text Available Cloud computing enables the sharing of resources such as storage, network, applications and software through internet. Cloud users can lease multiple resources according to their requirements, and pay only for the services they use. However, despite all cloud benefits there are many security concerns related to hardware, virtualization, network, data and service providers that act as a significant barrier in the adoption of cloud in the IT industry. In this paper, we survey the top security concerns related to cloud computing. For each of these security threats we describe, i how it can be used to exploit cloud components and its effect on cloud entities such as providers and users, and ii the security solutions that must be taken to prevent these threats. These solutions include the security techniques from existing literature as well as the best security practices that must be followed by cloud administrators.

  17. Computer Security: Cryptography and authentication (2/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Remi Mollon studied computer security at University and he first worked on Grids, with the EGEE project, for a French Bioinformatics institute. Information security being crucial in that field, he developed an encrypted file management system on top of Grid middleware, and he contributed in integrating legacy applications with Grids. Then, he was hired by CERN as a Grid Data Management developer, and he joined the Grid Operational Security Coordination Team. Remi has now moved to CERN Computer Security Team. Remi is involved in the daily security operations, in addition to be responsible to design Team's computer infrastructure, and to participate to several projects, like multi-factor authentication at CERN. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have s...

  18. Managing computer security: How can research help

    Energy Technology Data Exchange (ETDEWEB)

    Bailey, D.J.

    1990-01-01

    This paper points out significant problems in managing the security of large systems. Addressed to the research community, it suggests research questions whose solution would benefit the people charged with protecting actual systems, and, hence, would create real improvements in system security. The problems of managing connection-rich distributed systems are discussed, and a research direction leading to a solution for the problems of distributed systems is suggested.

  19. Analysis on Cloud Computing Information Security Problems and the Countermeasures

    Institute of Scientific and Technical Information of China (English)

    2012-01-01

    Cloud computing is one of the most popular terms in the present IT industry, as well as one of the most prosperous technology. This paper introduces the concept, principle and characteristics of cloud computing, analyzes information security problems resulted from cloud computing, and puts forward corresponding solutions.

  20. Securing the Data Storage and Processing in Cloud Computing Environment

    Science.gov (United States)

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  1. A Novel Trusted Computing Model for Network Security Authentication

    Directory of Open Access Journals (Sweden)

    Ling Xing

    2014-02-01

    Full Text Available Network information poses great threats from malicious attacks due to the openness and virtuality of network structure. Traditional methods to ensure infor- mation security may fail when both integrity and source authentication for information are required. Based on the security of data broadcast channel, a novel Trusted Com- puting Model (TCM of network security authentication is proposed to enhance the security of network information. In this model, a method of Uniform content locator security Digital Certificate (UDC, which is capable of fully and uniquely index network information, is developed. Standard of MPEG-2 Transport Streams (TS is adopted to pack UDC data. Additionally, a UDC hashing algorithm (UHA512 is designed to compute the integrity and security of data infor- mation . Experimental results show that the proposed model is feasible and effective to network security authentication. 

  2. A Compendium Over Cloud Computing Cryptographic Algorithms and Security Issues

    Directory of Open Access Journals (Sweden)

    Neha Mishra

    2015-01-01

    Full Text Available Cloud computing is an emerging and revolutionary approach towards the computing and becoming more risk prone than ever before. It is an evolutionary approach of using resources and services on demand and as per need of consumers. Cloud computing providing a platform rose on the Internet for usage of IT services and flexible infrastructure to the consumers and business. Deployment and management of services or resources are maintained by the third party. Whereas there are innumerable advantages to approaching the cloud computing, it also contains various issues such as confidentiality, Integrity, Authenticity and Privacy. One of the prominent barrier to adopt the cloud computing is security. This paper comprises the elaborated study on various security issues allied to cloud computing are presented by consolidating literature reviews on cryptographic algorithms used for data security.

  3. Effective Ways of Secure Private and Trusted Cloud Computing

    Directory of Open Access Journals (Sweden)

    Pardeep Kumar

    2011-05-01

    Full Text Available Cloud computing is an Internet-based computing, where shared resources, software and information, are provided to computers and devices on-demand. It provides people the way to share distributed resources and services that belong to different organization. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. In this paper we assess how can cloud providers earn their customers' trust and provide the security, privacy and reliability, when a third party is processing sensitive data in a remote machine located in various countries? A concept of utility cloud has been represented to provide the various services to the users. Emerging technologies can help address the challenges of Security, Privacy and Trust in cloud computing.

  4. Auditing cloud computing a security and privacy guide

    CERN Document Server

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  5. Cloud Computing Security Latest Issues amp Countermeasures

    OpenAIRE

    Shelveen Pandey; Mohammed Farik

    2015-01-01

    Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shar...

  6. Computer Security: Bye, Bye, Windows XP security... Welcome infections!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Rest in peace, Windows XP. Since your birth on 25 October 2001, you have struggled hard to survive this harsh Internet world. You fell prey to “Melissa”, “Sasser” and “Conficker”, and brought CERN its last large-scale infection with “Blaster” in 2004.    After being upgraded to “SP2”, you discovered software development lifecycles, regular “Patch Tuesdays” and a local firewall that rejected everything by default. In the end, you outlived your weird brother “Vista” and survived as the ugly duckling cousin to the beautiful Mr. Mac. But all your ups and downs are over now. On 8 April 2014, you were given your very last security updates. These life-sustaining measures will be stopped now. Game over. From now on, you are a zombie: presumed dead, but still kept running by your master/owner/user. They might not even understand that you now pose a risk ...

  7. Secure Two-Party Computation with Low Communication

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Kölker, Jonas; Faust, Sebastian;

    2012-01-01

    We propose a 2-party UC-secure protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic in the size...... of the circuit. This implies, for instance, delegatable computation that requires no expensive off-line phase and remains secure even if the server learns whether the client accepts its results. To achieve this, we define two new notions of extractable hash functions, propose an instantiation based...

  8. On Some Security Issues in Pervasive Computing - Light Weight Cryptography

    Directory of Open Access Journals (Sweden)

    Rukma Rekha N

    2012-02-01

    Full Text Available Pervasive Computing Environment is a world where technologies fadeout into the background. The technology is invisible to the user and he is least distracted by the technology. This paper tries to focus on the issues of pervasive computing and reveals the security issues in pervasive computing. We try to find out the role of light weight cryptography in pervasive computing and a comparison between traditional and light weight cryptographic approaches was made.

  9. Current Cloud Computing Security Concerns from Consumer Perspective

    Institute of Scientific and Technical Information of China (English)

    Hafiz Gulfam Ahmad; Zeeshan Ahmad

    2013-01-01

    In recent years cloud computing is the subject of extensive research in the emerging field of information technology and has become a promising business.The reason behind this widespread interest is its abilityto increase the capacity and capability of enterprises,having no investment for new infrastructure,no software license requirement and no need of any training. Security concern is the main limitation factor in the growth of this new born technology.The secur-ity responsibilities of both,the provider and the consumer greatly differ between cloud service models.In this paper we discuss a variety of security risks,authentication issues,trust,and legal regularity in cloud environment with consumer perspective.Early research focused only on techni-cal and business consequences of cloud computing and ignored consumer perspective.There-fore,this paper discusses the consumer security and privacy preferences.

  10. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  11. Strategies for safeguarding security of mobile computing.

    Science.gov (United States)

    Green, Hays

    2013-02-01

    An effective mobile health strategy should comprise, in the very least, six key steps: Conduct a mobile security risk assessment. Establish policies and procedures. Develop a training program. Implement measures to prevent unauthorized access. Perform a clinical workflow analysis. Establish the organization's approach for responding to a breach.

  12. Collaboration using roles. [in computer network security

    Science.gov (United States)

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  13. Security prospects through cloud computing by adopting multiple clouds

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Bohli, Jens Matthias

    2011-01-01

    Clouds impose new security challenges, which are amongst the biggest obstacles when considering the usage of cloud services. This triggered a lot of research activities in this direction, resulting in a quantity of proposals targeting the various security threats. Besides the security issues coming...... with the cloud paradigm, it can also provide a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the same time...

  14. OS friendly microprocessor architecture: Hardware level computer security

    Science.gov (United States)

    Jungwirth, Patrick; La Fratta, Patrick

    2016-05-01

    We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

  15. Reviews on Security Issues and Challenges in Cloud Computing

    Science.gov (United States)

    An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

    2016-11-01

    Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

  16. Security Scheme and Its Application towards Vehicular Computing

    Directory of Open Access Journals (Sweden)

    Maria baby

    2014-04-01

    Full Text Available Cloud computing is a colloquial expression used to describe a variety of different types of computing that involves a large number of computers that are connected through real time communication network. Cloud computing is a ability to run a program on many connected computers at the same time. Another technology VANET uses moving car as nodes in a network to create a mobile network, allowing a car approximately 100 to 300 meters each other to connectand in turn, create a network with a wide range. Vehicular Computing is a similar toVANET, which have 2 types: infrastructure based VCand autonomous VC. This work is using infrastructure based VC; drivers will be able to access services by network communications involving the roadside infrastructure. Security challenges, which provides the most extensive analysis of the document in the public arena. Although security issues have received attention in cloud computing and vehicular network and identify security challenges that are specific to VCs. E.g.: challenges interface, tangled identifies and locations and the complexity of establishing trust relationships among multiple players caused by intermittent short- range communications. We provide a privacy and security in cloud computing in this paper for vehicular computing

  17. New Approaches to Practical Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Nordholt, Peter Sebastian

    We present two new approaches to maliciously secure two-party computation with practical efficiency: • First, we present the first maliciously secure two-party computation protocol with practical efficiency based on the classic semi-honest protocol given by Goldreich et al. at STOC 1987. Before now...... yielding a protocol of high practical efficiency. • As a bi-product of these two new protocols for secure two-party computations we develop two new cryptographic tools of independent interest: for the first protocol we give a highly practical OT-extension protocol that, apart from a few OTs to bootstrap...... all practical protocols with malicious security were based on Yao’s garbled circuits. We report on an implementation of this protocol demonstrating its high efficiency. For larger circuits it evaluates 20000 Boolean gates per second. As an example, evaluating one oblivious AES encryption (around 34000...

  18. Computer Security: one click and BOOM…

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Browsing the World Wide Web is not as easy as it seems… One wrong click and all your passwords (CERN, Facebook, PayPal, Amazon, etc.) could be stolen; all your activities could be clandestinely monitored (mouse movements and clicks, words typed, screenshots, microphone and webcam recordings, etc.); confidential documents could be stolen; and an attack path (a so-called back-door) into CERN could be opened…    As a result, you would have to reinstall your computer from scratch and change all your passwords! One of our colleagues learned this the hard way. One wrong click in summer 2015 permitted malicious attackers to infiltrate CERN but, fortunately, no real damage was done. Still, the cost of investigating the incident ran to several tens of thousands of Swiss francs and a lot of time was wasted trying to understand the attacker’s intent and the extent of the infiltration... With the goal of increasing more awareness of the risk of clicking on li...

  19. Security and Fault aware Scheduling in Computational Grid

    Directory of Open Access Journals (Sweden)

    Mansour Noshfar

    2013-09-01

    Full Text Available Grid Computation is an issue that has received much attention from researchers in recent years. Its aim is to use the computational power of idle resources which have been distributed in different places and under different policies and security conditions. Therefore, one of the challenges facing this technology is the issue of security of jobs and the computational sites. Distributed jobs in computational sites may become problematic due to some infections and malwares. As a result, the risks and security levels should be considered; computing resources must be evaluated by resource owners for task execution, and scheduling should be based on requested users' security levels. This is the matter that has been ignored in the previous scheduling algorithms, which leads to waste of time and overhead. In this paper, a new method based on a combination of Genetic and Imperialism Competitive algorithm is presented to implement a security-aware scheduling and failure algorithm. The proposed method is compared with the previous methods such as Min-Min, Suffrage and genetic algorithms, has become near optimal and led to reduce the overhead caused by violation of security conditions. Additionally, Due to the usage of fault tolerance mechanisms, the performance of these mechanisms has been evaluated and it was found that the replication mechanism had the lowest failure rate and the check point mechanism had a direct effect on the performance and it should be fully supervised and be smart.

  20. Privacy and Security issues in Cloud Computing

    OpenAIRE

    Anita Kumari Nanda , Brojo Kishore Mishra

    2012-01-01

    “Cloud computing” – a relatively recent term, defines the paths ahead in computer science world. Being built on decades of research it utilizes all recent achievements in virtualization, distributed computing, utility computing, and networking. It implies a service oriented architecture through offering software and platforms as services, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on demand services and many other things. Sec...

  1. Actively Secure Two-Party Evaluation of Any Quantum Operation

    DEFF Research Database (Denmark)

    Dupuis, Frédéric; Nielsen, Jesper Buus; Salvail, Louis

    2012-01-01

    We provide the first two-party protocol allowing Alice and Bob to evaluate privately even against active adversaries any completely positive, trace-preserving map , given as a quantum circuit, upon their joint quantum input state . Our protocol leaks no more to any active adversary than an ideal ...... functionality for provided Alice and Bob have the cryptographic resources for active secure two-party classical computation. Our protocol is constructed from the protocol for the same task secure against specious adversaries presented in [4]....

  2. Computer Security: improve software, avoid blunder

    CERN Document Server

    Computer Security Team

    2014-01-01

    Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

  3. FREQUENCY OPTIMIZATION FOR SECURITY MONITORING OF COMPUTER SYSTEMS

    Directory of Open Access Journals (Sweden)

    Вogatyrev V.A.

    2015-03-01

    Full Text Available The subject areas of the proposed research are monitoring facilities for protection of computer systems exposed to destructive attacks of accidental and malicious nature. The interval optimization model of test monitoring for the detection of hazardous states of security breach caused by destructive attacks is proposed. Optimization function is to maximize profit in case of requests servicing in conditions of uncertainty, and intensity variance of the destructive attacks including penalties when servicing of requests is in dangerous conditions. The vector task of system availability maximization and minimization of probabilities for its downtime and dangerous conditions is proposed to be reduced to the scalar optimization problem based on the criterion of profit maximization from information services (service of requests that integrates these private criteria. Optimization variants are considered with the definition of the averaged periodic activities of monitoring and adapting of these periods to the changes in the intensity of destructive attacks. Adaptation efficiency of the monitoring frequency to changes in the activity of the destructive attacks is shown. The proposed solutions can find their application for optimization of test monitoring intervals to detect hazardous conditions of security breach that makes it possible to increase the system effectiveness, and specifically, to maximize the expected profit from information services.

  4. Guidelines for Security of Computer Applications

    Science.gov (United States)

    2007-11-02

    RUTHZ 77], [RUTHZ 78], [EDPAF 77], [ IIASA 77], [SGCCA 75B], [MAIRW 76] are effective in meeting all three security objectives; however, some are...and [ IIASA 77]. * Fields can be checked for: − legitimate characters (format checks), − proper sequences with respect to corresponding fields in...MAIRW 76], [JANCE 74], and [ IIASA 77] referenced above. * Integrated Test Facility (ITF). The ITF allows the performance of the application system

  5. Information Security in the Age of Cloud Computing

    Science.gov (United States)

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  6. A cancellable and fuzzy fingerprint scheme for mobile computing security

    Science.gov (United States)

    Yang, Wencheng; Xi, Kai; Li, Cai

    2012-09-01

    Fingerprint recognition provides an effective user authentication solution for mobile computing systems. However, as a fingerprint template protection scheme, fingerprint fuzzy vault is subject to cross-matching attacks, since the same finger might be registered for various applications. In this paper, we propose a fingerprint-based biometric security scheme named the cancellable and fuzzy fingerprint scheme, which combines a cancellable non-linear transformation with the client/server version of fuzzy vault, to address the cross-matching attack in a mobile computing system. Experimental results demonstrate that our scheme can provide reliable and secure protection to the mobile computing system while achieving an acceptable matching performance.

  7. Security issues occur in Cloud Computing and there Solutions

    Directory of Open Access Journals (Sweden)

    Karamjit Singh

    2012-05-01

    Full Text Available Cloud computing is a recent advancement wherein IT infrastructure and applications are provided as “services” to end-users under a usage-based payment model. Many organizations, such as Google, Amazon, IBM and many others, accelerate their paces in developing Cloud computing systems and providing services to user with best affords but there phases many difficulties regarding securityproblem and users also afraid toward security of own data i.e. whether cloud providers able to maintain data integrity ,confidentiality as well as authentication. To resolve the security issues in cloud computing, this paper presents various solutions for different issues.

  8. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  9. Cloud Computing for Network Security Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Jin Yang

    2013-01-01

    Full Text Available In recent years, as a new distributed computing model, cloud computing has developed rapidly and become the focus of academia and industry. But now the security issue of cloud computing is a main critical problem of most enterprise customers faced. In the current network environment, that relying on a single terminal to check the Trojan virus is considered increasingly unreliable. This paper analyzes the characteristics of current cloud computing, and then proposes a comprehensive real-time network risk evaluation model for cloud computing based on the correspondence between the artificial immune system antibody and pathogen invasion intensity. The paper also combines assets evaluation system and network integration evaluation system, considering from the application layer, the host layer, network layer may be factors that affect the network risks. The experimental results show that this model improves the ability of intrusion detection and can support for the security of current cloud computing.

  10. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  11. Optimizing Security of Cloud Computing within the DoD

    Science.gov (United States)

    2010-12-01

    governmental use of cloud computing,” Government Information Quarterly , Vol. 27, Issue 3 (July 2010). 34 Frictionless registration processes. Frictionless...cloud computing,” Government Information Quarterly , Vol. 27, Issue 3 (July 2010). 347 Ibid. 348 Ibid. 65 impair availability for all users of...with governmental use of cloud computing,” Government Information Quarterly , Vol. 27, Issue 3 (July 2010) 354 Brunette and Mogull, “Security Guidance

  12. Quality Function Deployment (QFD House of Quality for Strategic Planning of Computer Security of SMEs

    Directory of Open Access Journals (Sweden)

    Jorge A. Ruiz-Vanoye

    2013-01-01

    Full Text Available This article proposes to implement the Quality Function Deployment (QFD House of Quality for strategic planning of computer security for Small and Medium Enterprises (SME. The House of Quality (HoQ applied to computer security of SME is a framework to convert the security needs of corporate computing in a set of specifications to improve computer security.

  13. Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

    Science.gov (United States)

    Caruso, Ronald D

    2003-01-01

    Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort.

  14. Secure and Stability Practical Outsourcing in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Mr.V.Sudarshan

    2012-09-01

    Full Text Available Cloud computing has great potential of providing robust computational power to the society at reduced cost. It enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation. Treating the cloud as an intrinsically insecure computing platform from the viewpoint of the cloud customers, we must design mechanisms that not only protect sensitive information by enabling computations with encrypted data, but also protect customers from malicious behaviors by enabling the validation of the computation result. Such a mechanism of general secure computation outsourcing was recently shown to be feasible in theory, but to design mechanisms that are practically efficient remains a very challenging problem. Focusing on engineering computing and optimization tasks, this paper investigates secure outsourcing of widely applicable linear programming (LP computations. In order to achieve practical efficiency, our mechanism design explicitly decomposes the LP computation outsourcing into public LP solvers running on the cloud and private LP parameters owned by the customer. The resulting flexibility allows us to explore appropriate security efficiency tradeoff via higher-level abstraction of LP computations than the general circuit representation. In particular, by formulating private data owned by the customer for LP problem as a set of matrices and vectors, we are able to develop a set of efficient privacy-preserving problem transformation techniques, which allow customers to transform original LP problem into some arbitrary one

  15. Computer Security: the value of your password

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Of course, your passwords have a value to you as they allow you to access your computer and your Facebook page, to buy on Amazon, to create a Twitter feed, and to use a multitude of computing services provided by CERN. But have you ever thought of their value to the malicious people of this world?    With your account password, I can take over your computer. I can install software allowing me to enable your microphone and listen to your communications and what is happening around you as long as your computer is turned on. I can take regular screenshots and monitor you while you work. With that, I can try to determine your working habits, your online behaviour, the way you write e-mails… Useful, if I want to impersonate you believably (e.g. to attack CERN and the systems you are working on at CERN). What’s more, with access to your computer, I can install a keylogger to record your every keystroke – including when you type all your other passwords: ...

  16. The New Trend of Security in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Xiangdong Li

    2012-12-01

    Full Text Available The use of services of cloud computing has been growing widely in industry, organizations and institutions recently, due to its tempting benefits, for example, the scalability, efficiency, flexibility and lower cost. The security issues have been studied and analyzed extensively. In order to understand the risk issues existing in today’s cloud, we discuss the new trend of security of cloud in this paper. The preventing methods are also discussed.

  17. Computer Security: your car, my control

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    We have discussed the Internet of Things (IoT) and its security implications already in past issues of the CERN Bulletin, for example in “Today’s paranoia, tomorrow’s reality” (see here). Unfortunately, tomorrow has come. At this years's Black Hat conference researchers presented their findings on how easily your car can be hacked and controlled remotely. Sigh.   While these researchers have just shown that they can wirelessly hijack a Jeep Cherokee, others have performed similar studies with SmartCars, Fords, a Tesla, a Corvette, BMWs, Chryslers and Mercedes! With the increasing computerisation of cars, the engine management system, air conditioning, anti-lock braking system, electronic stability programme, etc. are linked to the infotainment, navigation and communication systems, opening the door for these vehicles to be hacked remotely. The now prevalent Bluetooth connection with smartphones is one entry vector to attack your car remotely...

  18. Complete Fairness in Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Gordon, S. Dov; Hazay, Carmit; Katz, Jonathan

    2011-01-01

    In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees, informa......In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees......, informally, that if one party receives its output, then the other party does too. Cleve [1986] showed that complete fairness cannot be achieved in general without an honest majority. Since then, the accepted folklore has been that nothing non-trivial can be computed with complete fairness in the two......-party setting. We demonstrate that this folklore belief is false by showing completely fair protocols for various nontrivial functions in the two-party setting based on standard cryptographic assumptions. We first show feasibility of obtaining complete fairness when computing any function over polynomial...

  19. Computer Security: downloading films is no peccadillo

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Dear Summer Students, within the Organization, you have many possibilities to pursue your natural curiosity and acquire as much new knowledge as you can siphon into your brain. CERN provides you with the academic freedom to do so, with almost no limitations. But hold on: “free” and “no limitations” don’t mean that you can do whatever you want…   Please note that, when using CERN’s computing facilities, when sending e-mails from your CERN e-mail address, when using your laptop/smartphone/computer, you must follow a basic framework of rules, the CERN Computing Rules. I would like to focus on one particular aspect of those rules: that of accessing music, videos, films or computer games from popular websites like ThePirateBay or using Bittorrent.  CERN has an awesome connection to the Internet, lots of bandwidth and a high capacity for web downloads. However, this does not mean that downloading music, videos...

  20. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    Energy Technology Data Exchange (ETDEWEB)

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  1. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2017-01-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

  2. Security Techniques for protecting data in Cloud Computing

    OpenAIRE

    2012-01-01

    Context: From the past few years, there has been a rapid progress in Cloud Computing. With the increasing number of companies resorting to use resources in the Cloud, there is a necessity for protecting the data of various users using centralized resources. Some major challenges that are being faced by Cloud Computing are to secure, protect and process the data which is the property of the user. Aims and Objectives: The main aim of this research is to understand the security threats and ident...

  3. Addressing Security Challenges in Pervasive Computing Applications

    Science.gov (United States)

    2010-10-10

    Conference on Engineering of Complex Computer Systems, Auckland, New Zealand, July 2007. 5. Kyriakos Anastasakis, Behzad Bordbar, Geri Georg and...tending Database Technology, Saint-Petersburg, Russia, March 2009. 24. Geri Georg, Indrakshi Ray, Kyriakos Anastasakis, Behzad Bordbar, Manachai...and Behzad Bor- dbar, "Ensuring Spatio-Temporal Access Control for Real-World Applications", Proceed- ings of the 14 th ACM Symposium on Access

  4. Computer Security: posting and mis-posting

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    This is what can happen at CERN if you don't lock your computer screen...   “Hi, I am looking for a partner either male or female to attend salsa lessons. I have a great body and enjoy rubbing it against other people on the dance floor. I would consider dinner after with the right person. If you think you can keep up with me and enjoy getting sweaty send me a reply. Stay sexy…” This is the original text of a recent posting on the CERN Market webpage. Some people might find this appealing, some people think this is funny. Personally, I couldn’t care less. But professionally, we had to follow up as this text can be perceived as inappropriate and, thus, in violation of the Terms of Usage of the CERN Market as well as the CERN Computing Rules and its annex on private usage of the CERN computing facilities. We remind you that the CERN Market is a public website that can be used by people within but also outside CERN. All posts are visible world...

  5. Computer Security: Our life in symbiosis*

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2014-01-01

    Do you recall our Bulletin articles on control system cyber-security (“Hacking control systems, switching lights off!” and “Hacking control systems, switching... accelerators off?”) from early 2013? Let me shed some light on this issue from a completely different perspective.   I was raised in Europe during the 80s. With all the conveniences of a modern city, my environment made me a cyborg - a human entangled with technology - supported but also dependent on software and hardware. Since my childhood, I have eaten food packaged by machines and shipped through a sophisticated network of ships and lorries, keeping it fresh or frozen until it arrives in supermarkets. I heat my house with the magic of nuclear energy provided to me via a complicated electrical network. In fact, many of the amenities and gadgets I use are based on electricity and I just need to tap a power socket. When on vacation, I travel by taxi, train and airplane. And I enjoy the beautifu...

  6. Computer Security: what is your identity?

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    In the physical world this is fairly clear; your sense of self is multi-faceted and highly complex but the entity of “you” is well defined.  You can prove your identity simply, typically by showing your ID card or by having someone vouch for you. You are a being layered with attributes. Other people may request some of these attributes: your first name at Starbucks or your shoe size at the bowling alley. But only your most trusted contacts are granted access to your entire set of attributes… or maybe you never expose your identity entirely!   Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for ea...

  7. Computer Security: White hats for CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    CERN is under attack. Permanently. Even right now. In particular, the CERN web environment, with its thousands of websites and millions of webpages, is a popular target for evil-doers as well as for security researchers.   Usually, their attacks are unsuccessful and fade away over time. Sometimes, however, they are successful and manage to break into a CERN website or web server… It is imperative that we learn about our weaknesses before others do – and fix them! Hackers with bad intentions are usually named “black hats” as they misuse their power to cause destruction or downtime via any weakness they can find. “Grey hats” are more moderate and might just have some fun with the weaknesses they find, for example by putting naked teddy bears or a personal message (such as “I hacked U”) on the compromised website. Last but not least, “white hats” report their findings directly to us and suggest that...

  8. 计算机网络安全技术%Security Technologies of Computer Network

    Institute of Scientific and Technical Information of China (English)

    罗明宇; 卢锡城; 卢泽新; 韩亚欣

    2000-01-01

    With the development of computer network,requirements of computer network security have been more and more urgent. In tills paper, goals of network security are reviewed. Several network attack methods,such as interruption,interception, modification, fabrication,are studied. Network security technologies,such as security mechan!sm,encryption,security detection,firewall,were discussed.

  9. Computer Security: DNS to the rescue!

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Why you should be grateful to the Domain Name System at CERN.   Incidents involving so-called “drive-by” infections and “ransomware” are on the rise. Whilst an up-to-date and fully patched operating system is essential; whilst running anti-virus software with current virus signature files is a must; whilst “stop --- think --- don’t click” surely helps, we can still go one step further in better protecting your computers: DNS to the rescue. The DNS, short for Domain Name System, translates the web address you want to visit (like “http://cern.ch”) to a machine-readable format (the IP address, here: “188.184.9.234”). For years, we have automatically monitored the DNS translation requests made by your favourite web browser (actually by your operating system, but that doesn’t matter here), and we have automatically informed you if your computer tried to access a website known to hos...

  10. Computer Security: Hacking CERN - a win-win for all

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    The first round of the CERN WhiteHat Challenge has finished (see here). At the end of March, CERN was "attacked" by a dozen students from the St. Pölten University of Applied Sciences, Austria.   These attacks were part of their Master's degree in computer science and computer security, where they study penetration testing and vulnerability scanning, i.e. finding weaknesses in computing systems: techniques, tools, approaches and ethics. Usually, such studies are done against mock-ups like “Google Gruyere”, the “Damn Vulnerable Web Application” or OWASP’s “WebGoat” and “Hackademic”. However, while those mock-ups are in principle useful, they rarely resemble the operational reality of the Internet. CERN has offered computer security professors an alternative: the opportunity to use CERN’s web-ecosystem and all other systems open to th...

  11. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  12. Soft Computing - A step towards building Secure Cognitive WLAN

    CERN Document Server

    Lingareddy, S C; Babu, Dr Vinaya; Dhruve, Kashyap

    2010-01-01

    Wireless Networks rendering varied services has not only become the order of the day but the demand of a large pool of customers as well. Thus, security of wireless networks has become a very essential design criterion. This paper describes our research work focused towards creating secure cognitive wireless local area networks using soft computing approaches. The present dense Wireless Local Area Networks (WLAN) pose a huge threat to network integrity and are vulnerable to attacks. In this paper we propose a secure Cognitive Framework Architecture (CFA). The Cognitive Security Manager (CSM) is the heart of CFA. The CSM incorporates access control using Physical Architecture Description Layer (PADL) and analyzes the operational matrices of the terminals using multi layer neural networks, acting accordingly to identify authorized access and unauthorized usage patterns.

  13. Security considerations and recommendations in computer-based testing.

    Science.gov (United States)

    Al-Saleem, Saleh M; Ullah, Hanif

    2014-01-01

    Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT). However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password) in order to check the identity and authenticity of the examinee.

  14. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions ...

  15. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  16. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Center. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour training aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  17. Computer virus security in the Department of the Navy

    OpenAIRE

    Salters, Michael Jerome

    1992-01-01

    Approved for public release; distribution is unlimited This thesis discusses the growing threat of computer viruses and their impact on Automated Information Systems. In particular, it attempts to show a need to establish sound security programs that properly address computer viruses. A major area of the thesis focuses on current guidance by the Department of Defense and the Department of the Navy and provides recommendation for an effective Navy organization to effectively ...

  18. A Novel Cloud Computing Algorithm of Security and Privacy

    OpenAIRE

    Chih-Yung Chen; Jih-Fu Tu

    2013-01-01

    The emergence of cloud computing has simplified the flow of large-scale deployment distributed system of software suppliers; when issuing respective application programs in a sharing clouds service to different user, the management of material becomes more complex. Therefore, in multitype clouds service of trust environment, when enterprises face cloud computing, what most worries is the issue of security, but individual users are worried whether the privacy material will have an outflow risk...

  19. Secure Genomic Computation through Site-Wise Encryption.

    Science.gov (United States)

    Zhao, Yongan; Wang, XiaoFeng; Tang, Haixu

    2015-01-01

    Commercial clouds provide on-demand IT services for big-data analysis, which have become an attractive option for users who have no access to comparable infrastructure. However, utilizing these services for human genome analysis is highly risky, as human genomic data contains identifiable information of human individuals and their disease susceptibility. Therefore, currently, no computation on personal human genomic data is conducted on public clouds. To address this issue, here we present a site-wise encryption approach to encrypt whole human genome sequences, which can be subject to secure searching of genomic signatures on public clouds. We implemented this method within the Hadoop framework, and tested it on the case of searching disease markers retrieved from the ClinVar database against patients' genomic sequences. The secure search runs only one order of magnitude slower than the simple search without encryption, indicating our method is ready to be used for secure genomic computation on public clouds.

  20. Computer Security: How to succeed in software deployment

    CERN Multimedia

    Computer Security Team

    2014-01-01

    The summer student period has ended and we would like to congratulate all those who successfully accomplished their project! In particular, well done to those who managed to develop and deploy sophisticated web applications in the short summer season. Unfortunately, not all web applications made the final cut, moved into production and became visible on the Internet. We had to reject some... let me explain why.   Making a web application visible on the Internet requires an opening in the CERN outer perimeter firewall. Such a request is usually made through the CERN WebReq web interface. As standard procedure, the CERN Computer Security team reviews every request and performs a security assessment. This is where you, your supervisee and the Computer Security team all start to get frustrated. Many summer students delivered awesome web applications with great new functions and a good “look and feel” following precise use cases, using modern web technologies, dashboards, integr...

  1. Teaching Objectives of a Simulation Game for Computer Security

    Science.gov (United States)

    2007-11-02

    established market and the growing acceptance of computer games in education (Kirriemuir, 2002). The game will simulate a range of scenarios involving...43-58. Sterne, D.F., (1991). On the Buzzword “Security Policy”, Proceedings of the IEEE Symposium on Reseach in Secu- rity and Privacy, Oakland, CA

  2. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    DEFF Research Database (Denmark)

    Hazay, Carmit; Toft, Tomas

    2010-01-01

    simulation in the presence of malicious, polynomial-time adversaries (assuming that ElGamal encryption is semantically secure) and exhibits computation and communication costs of O(n + m) in a constant round complexity. In addition to the above, we propose a collection of protocols for variations...

  3. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  4. Computer Security: protect CERN - respect copyrights

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Are you a physicist who does complex mathematical calculations? Are you a webmaster who regularly embeds visual contents? Do you regularly present to large audiences? Are you an engineer who does sophisticated simulations of heat transfers, structural stability or electric circuits? Are you a technician who often uses CAD software? Do you like listening to music while being at CERN? Go ahead!   But make sure that you have legitimately obtained the software/images/music/videos you are using and hold valid licenses to run your software. Using illegal or pirated software/images/music/videos is not a trivial offense. It violates the CERN Computing Rules (OC5) and puts the Organization at risk! Vendors deserve credit and compensation. So make sure to buy your software via legitimate channels and use a valid and honestly obtained license. This also applies to “shareware” and software under open licenses, which might also come with a cost. Usually, only “freeware&rd...

  5. Computer Security: USB sticks - the silent killers

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    You've just found a USB stick in Restaurant 1. You'd like to return it … but who is the owner? Maybe the contents can tell you? Connect it to your laptop, and you might figure it out. But hold on, what if its content is dangerous…?   USB sticks are an excellent vehicle for infecting countless PCs and laptops. Years ago, several dozen laptops were infected during a conference when someone passed around a USB stick with flight departure information. Unfortunately, this stick was infected. Similarly, we have seen a domino effect of infections in the FP and EN departments after some USB sticks made the rounds, infecting one PC after another. In the end, a massive number of PCs had to be reinstalled. Some USB sticks are even worse. They pretend to be “just a keyboard” (named “RubberDucky”) and, once inserted, they execute a pre-programmed sequence of keystrokes intended to extract information from your computer or take ...

  6. Computer Security Issues in Online Banking: An Assessment from the Context of Usable Security

    Science.gov (United States)

    Mahmadi, FN; Zaaba, ZF; Osman, A.

    2016-11-01

    Today's online banking is a convenient mode of finance management. Despite the ease of doing online banking, there are people that still sceptical in utilizing it due to perception and its security. This paper highlights the subject of online banking security in Malaysia, especially from the perspective of the end-users. The study is done by assessing human computer interaction, usability and security. An online survey utilising 137 participants was previously conducted to gain preliminary insights on security issues of online banking in Malaysia. Following from those results, 37 participants were interviewed to gauge deeper understanding about end-users perception on online banking within the context of usable security. The results suggested that most of the end-users are continuingly experiencing significant difficulties especially in relation to the technical terminologies, security features and other technical issues. Although the security features are provided to provide a shield or protection, users are still incapable to cope with the technical aspects of such implementation.

  7. Constant-Overhead Secure Computation of Boolean Circuits using Preprocessing

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Zakarias, Sarah Nouhad Haddad

    We present a protocol for securely computing a Boolean circuit $C$ in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming access to a preprocessing functionality that is not given the inputs to compute on. For a large number of players the work done...... by each player is the same as the work needed to compute the circuit in the clear, up to a constant factor. Our protocol is the first to obtain these properties for Boolean circuits. On the technical side, we develop new homomorphic authentication schemes based on asymptotically good codes...... with an additional multiplication property. We also show a new algorithm for verifying the product of Boolean matrices in quadratic time with exponentially small error probability, where previous methods would only give a constant error....

  8. Ethical Guidelines for Computer Security Researchers: "Be Reasonable"

    Science.gov (United States)

    Sassaman, Len

    For most of its existence, the field of computer science has been lucky enough to avoid ethical dilemmas by virtue of its relatively benign nature. The subdisciplines of programming methodology research, microprocessor design, and so forth have little room for the greater questions of human harm. Other, more recently developed sub-disciplines, such as data mining, social network analysis, behavioral profiling, and general computer security, however, open the door to abuse of users by practitioners and researchers. It is therefore the duty of the men and women who chart the course of these fields to set rules for themselves regarding what sorts of actions on their part are to be considered acceptable and what should be avoided or handled with caution out of ethical concerns. This paper deals solely with the issues faced by computer security researchers, be they vulnerability analysts, privacy system designers, malware experts, or reverse engineers.

  9. Design and Implementation of Enhanced Secured Cloud Computing

    Directory of Open Access Journals (Sweden)

    M. Gayatri

    2014-03-01

    Full Text Available Cloud computing plays a major role in providing different resources in the form of web services like tax calculation web service, e-banking web service etc., for smooth running of our daily lives. We can rely on cloud computing if these useful web services are really secure enough to use. This paper focuses on analyzing limitations of current cryptographic schemes used in providing security to data on cloud and highlights the usage of Elliptic Curve Cryptography scheme (ECC used in cloud based applications and implements Elliptic curve digital signature algorithm on cloud data and compares its performance with RSA based scheme. The performance of elliptic curve cryptosystem heavily depends on an operation called point multiplication. In this paper a new point multiplication method using modified base representation is used. This method reduces the point addition as well as pint doubling operations thereby increasing the efficiency of computing time in performing encryption and decryption operations

  10. Computer Security: a plea to Santa Claus

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Running pirated software or illegal licences, using cracking tools to bypass software activation measures, sharing music and films – these are problems that academic environments unfortunately have to deal with. All violate the copyright of the software/music/film owners, and copyright owners are not Santa Claus...    CERN, like other research organisations and universities, regularly receives allegations from external companies complaining about laptops or PCs running illegal software or sharing their films, videos or music with peers – and thus violating copyright.  Usually, we then contact the owners of the corresponding devices in order to understand whether these allegations are true. Very often such allegations boil down to a laptop whose owner replies “I confirm that a torrent client was left up and running on my device by mistake” or “This is a file that is stored on my personal hard disk.” As if those allegatio...

  11. Protecting Terminals by Security Domain Mechanism Based on Trusted Computing

    Institute of Scientific and Technical Information of China (English)

    ZHOU Zheng; ZHANG Jun; LI Jian; LIU Yi

    2006-01-01

    Networks are composed with servers and rather larger amounts of terminals and most menace of attack and virus come from terminals. Eliminating malicious code and access or breaking the conditions only under witch attack or virus can be invoked in those terminals would be the most effective way to protect information systems. The concept of trusted computing was first introduced into terminal virus immunity. Then a model of security domain mechanism based on trusted computing to protect computers from proposed from abstracting the general information systems. The principle of attack resistant and venture limitation of the model was demonstrated by means of mathematical analysis, and the realization of the model was proposed.

  12. Quantum And Relativistic Protocols For Secure Multi-Party Computation

    CERN Document Server

    Colbeck, Roger

    2009-01-01

    After a general introduction, the thesis is divided into four parts. In the first, we discuss the task of coin tossing, principally in order to highlight the effect different physical theories have on security in a straightforward manner, but, also, to introduce a new protocol for non-relativistic strong coin tossing. This protocol matches the security of the best protocol known to date while using a conceptually different approach to achieve the task. In the second part variable bias coin tossing is introduced. This is a variant of coin tossing in which one party secretly chooses one of two biased coins to toss. It is shown that this can be achieved with unconditional security for a specified range of biases, and with cheat-evident security for any bias. We also discuss two further protocols which are conjectured to be unconditionally secure for any bias. The third section looks at other two-party secure computations for which, prior to our work, protocols and no-go theorems were unknown. We introduce a gene...

  13. A Domain-Specific Programming Language for Secure Multiparty Computation

    DEFF Research Database (Denmark)

    Nielsen, Janus Dam; Schwartzbach, Michael Ignatieff

    2007-01-01

    , but at the same time significant value can often be obtained by combining confidential information from various sources. This fundamental conflict between the benefits of confidentiality and the benefits of information sharing may be overcome using the cryptographic method of SMC where computations are performed...... on secret values and results are only revealed according to specific protocols. We identify the key linguistic concepts of SMC and bridge the gap between high-level security requirements and low-level cryptographic operations constituting an SMC platform, thus improving the efficiency and security of SMC...... application development. The language is implemented in a prototype compiler that generates Java code exploiting a distributed cryptographic runtime....

  14. X.509 Authentication Services to Enhance the Data Security in Cloud Computing

    OpenAIRE

    Surbhi Chauhan; Kamal Kant; Arjun Singh

    2012-01-01

    This paper represents a method to build a Cloud Security by giving concept of X.509 authentication services. We are discussing theory of cloud computing, feature of cloud computing and cloud security .We proposed a X.509 format to enhances data security in cloud (Public). Cloud computing is a new computational paradigm that offers an innovative business model for organization.

  15. A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

    Directory of Open Access Journals (Sweden)

    Siniša Tomović

    2016-01-01

    Full Text Available The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

  16. 77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-12-18

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM))--Match Number 1307 AGENCY: Social Security Administration....

  17. 75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

    Science.gov (United States)

    2010-02-01

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match Number 1308 AGENCY: Social Security Administration...

  18. Implementing security in computer based patient records clinical experiences.

    Science.gov (United States)

    Iversen, K R; Heimly, V; Lundgren, T I

    1995-01-01

    In Norway, organizational changes in hospitals and a stronger focus on patient safety have changed the way of organizing and managing paper based patient records. Hospital-wide patient records tend to replace department based records. Since not only clinicians, but also other non-medical staff have access to the paper records, they also have easy access to all the information which is available on a specific patient; such a system has obvious 'side effects' on privacy and security. Computer based patient records (CPRs) can provide the solution to this apparent paradox if the complex aspects of security, privacy, effectiveness, and user friendliness are focused on jointly from the outset in designing such systems. Clinical experiences in Norway show that it is possible to design patient record systems that provide a very useful tool for clinicians and other health care personnel (HCP) while fully complying with comprehensive security and privacy requirements.

  19. Computer Security: today’s paranoia, tomorrow’s reality

    CERN Multimedia

    Computer Security Team

    2014-01-01

    When the Internet opened its gates to academia in the late 80s and, together with the World Wide Web a few years later, to the general public, computer security was considered somehow irrelevant. People pointing to vulnerabilities and security risks (“hackers”) were labelled as paranoid. But they woke to reality during the outbreak of the “ILOVEYOU” virus in 2000, which caused large scale infections of Windows PCs (including many at CERN).    Similarly, warnings about weaknesses and insecure control systems, issued by CERN and others (see our Bulletin article “Hacking control systems, switching lights off!"), were ignored until the “Stuxnet” attack against control systems in Iran proved them right in 2010. Reality beat 'paranoia' again. Last year, the paranoid fear of many security experts that our whole IT infrastructure might have been infiltrated and spied on turned real, if you believe ...

  20. FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

    Directory of Open Access Journals (Sweden)

    Yunsick Sung

    2016-09-01

    Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

  1. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Directory of Open Access Journals (Sweden)

    Yi Sun

    2014-01-01

    Full Text Available We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  2. Two-cloud-servers-assisted secure outsourcing multiparty computation.

    Science.gov (United States)

    Sun, Yi; Wen, Qiaoyan; Zhang, Yudong; Zhang, Hua; Jin, Zhengping; Li, Wenmin

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  3. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    DEFF Research Database (Denmark)

    Hazay, Carmit; Toft, Tomas

    2014-01-01

    We propose a protocol for the problem of secure two-party pattern matching, where Alice holds a text t∈{0,1}∗ of length n, while Bob has a pattern p∈{0,1}∗ of length m. The goal is for Bob to (only) learn where his pattern occurs in Alice’s text, while Alice learns nothing. Private pattern matching...... for important variations of the secure pattern matching problem that are significantly more efficient than the current state of art solutions: First, we deal with secure pattern matching with wildcards. In this variant the pattern may contain wildcards that match both 0 and 1. Our protocol requires O......(n+m) communication and O(1) rounds using O(nm) computation. Then we treat secure approximate pattern matching. In this variant the matches may be approximated, i.e., have Hamming distance less than some threshold, τ. Our protocol requires O(nτ) communication in O(1) rounds using O(nm) computation. Third, we have...

  4. 16th Department of Energy Computer Security Group Training Conference: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1994-04-01

    Various topic on computer security are presented. Integrity standards, smartcard systems, network firewalls, encryption systems, cryptography, computer security programs, multilevel security guards, electronic mail privacy, the central intelligence agency, internet security, and high-speed ATM networking are typical examples of discussed topics. Individual papers are indexed separately.

  5. A Framework for Security Transparency in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Umar Mukhtar Ismail

    2016-02-01

    Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

  6. Information security: where computer science, economics and psychology meet.

    Science.gov (United States)

    Anderson, Ross; Moore, Tyler

    2009-07-13

    Until ca. 2000, information security was seen as a technological discipline, based on computer science but with mathematics helping in the design of ciphers and protocols. That perspective started to change as researchers and practitioners realized the importance of economics. As distributed systems are increasingly composed of machines that belong to principals with divergent interests, incentives are becoming as important to dependability as technical design. A thriving new field of information security economics provides valuable insights not just into 'security' topics such as privacy, bugs, spam and phishing, but into more general areas of system dependability and policy. This research programme has recently started to interact with psychology. One thread is in response to phishing, the most rapidly growing form of online crime, in which fraudsters trick people into giving their credentials to bogus websites; a second is through the increasing importance of security usability; and a third comes through the psychology-and-economics tradition. The promise of this multidisciplinary research programme is a novel framework for analysing information security problems-one that is both principled and effective.

  7. Detecting Security threats in the Router using Computational Intelligence

    CERN Document Server

    Visumathi, J

    2010-01-01

    nformation security is an issue of global concern. As the Internet is delivering great convenience and benefits to the modern society, the rapidly increasing connectivity and accessibility to the Internet is also posing a serious threat to security and privacy, to individuals, organizations, and nations alike. Finding effective ways to detect, prevent, and respond to intrusions and hacker attacks of networked computers and information systems. This paper presents a knowledge discovery frame work to detect DoS attacks at the boundary controllers (routers). The idea is to use machine learning approach to discover network features that can depict the state of the network connection. Using important network data (DoS relevant features), we have developed kernel machine based and soft computing detection mechanisms that achieve high detection accuracies. We also present our work of identifying DoS pertinent features and evaluating the applicability of these features in detecting novel DoS attacks. Architecture for...

  8. Lilith: A scalable secure tool for massively parallel distributed computing

    Energy Technology Data Exchange (ETDEWEB)

    Armstrong, R.C.; Camp, L.J.; Evensky, D.A.; Gentile, A.C.

    1997-06-01

    Changes in high performance computing have necessitated the ability to utilize and interrogate potentially many thousands of processors. The ASCI (Advanced Strategic Computing Initiative) program conducted by the United States Department of Energy, for example, envisions thousands of distinct operating systems connected by low-latency gigabit-per-second networks. In addition multiple systems of this kind will be linked via high-capacity networks with latencies as low as the speed of light will allow. Code which spans systems of this sort must be scalable; yet constructing such code whether for applications, debugging, or maintenance is an unsolved problem. Lilith is a research software platform that attempts to answer these questions with an end toward meeting these needs. Presently, Lilith exists as a test-bed, written in Java, for various spanning algorithms and security schemes. The test-bed software has, and enforces, hooks allowing implementation and testing of various security schemes.

  9. Constant-overhead secure computation of Boolean circuits using preprocessing

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Zakarias, S.

    2013-01-01

    We present a protocol for securely computing a Boolean circuit C in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming a preprocessing functionality that is not given the inputs. For a large number of players the work for each player is the same...... as computing the circuit in the clear, up to a constant factor. Our protocol is the first to obtain these properties for Boolean circuits. On the technical side, we develop new homomorphic authentication schemes based on asymptotically good codes with an additional multiplication property. We also show a new...... algorithm for verifying the product of Boolean matrices in quadratic time with exponentially small error probability, where previous methods only achieved constant error....

  10. Computer/information security design approaches for Complex 21/Reconfiguration facilities

    Energy Technology Data Exchange (ETDEWEB)

    Hunteman, W.J.; Zack, N.R. [Los Alamos National Lab., NM (United States). Safeguards Systems Group; Jaeger, C.D. [Sandia National Labs., Albuquerque, NM (United States). Surety/Dismantlement Dept.

    1993-12-31

    Los Alamos National Laboratory and Sandia National Laboratories have been designated the technical lead laboratories to develop the design of the computer/information security, safeguards, and physical security systems for all of the DOE Complex 21/Reconfiguration facilities. All of the automated information processing systems and networks in these facilities will be required to implement the new DOE orders on computer and information security. The planned approach for a highly integrated information processing capability in each of the facilities will require careful consideration of the requirements in DOE Orders 5639.6 and 1360.2A. The various information protection requirements and user clearances within the facilities will also have a significant effect on the design of the systems and networks. Fulfilling the requirements for proper protection of the information and compliance with DOE orders will be possible because the computer and information security concerns are being incorporated in the early design activities. This paper will discuss the computer and information security issues being addressed in the integrated design effort for the tritium, uranium/lithium, plutonium, plutonium storage, and high explosive/assembly facilities.

  11. Computer/information security design approaches for Complex 21/Reconfiguration facilities

    Energy Technology Data Exchange (ETDEWEB)

    Hunteman, W.J.; Zack, N.R. [Los Alamos National Lab., NM (United States); Jaeger, C.D. [Sandia National Labs., Albuquerque, NM (United States)

    1993-08-01

    Los Alamos National Laboratory and Sandia National Laboratories have been designated the technical lead laboratories to develop the design of the computer/information security, safeguards, and physical security systems for all of the DOE Complex 21/Reconfiguration facilities. All of the automated information processing systems and networks in these facilities will be required to implement the new DOE orders on computer and information security. The planned approach for a highly integrated information processing capability in each of the facilities will require careful consideration of the requirements in DOE Orders 5639.6 and 1360.2A. The various information protection requirements and user clearances within the facilities will also have a significant effect on the design of the systems and networks. Fulfilling the requirements for proper protection of the information and compliance with DOE orders will be possible because the computer and information security concerns are being incorporated in the early design activities. This paper will discuss the computer and information security addressed in the integrated design effort, uranium/lithium, plutonium, plutonium high explosive/assembly facilities.

  12. Optimize the Security Performance of the Computing Environment of IHEP

    Institute of Scientific and Technical Information of China (English)

    Rong-shengXU; Bao-XuLIU

    2001-01-01

    This paper gives a background of crackers,then some attack events that have happened in IHEP networks are enumerated and introduced.At last a highly efficient defence system that integrates author's experience,research results and have put in practice in IHEP networks environment is described in detail,This paper also gives network and information security advice and process for high energy physics computing environment in the Institute of High Energy Physics that will implement in the future.

  13. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  14. NINJA: a noninvasive framework for internal computer security hardening

    Science.gov (United States)

    Allen, Thomas G.; Thomson, Steve

    2004-07-01

    Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

  15. Call for participation first ACM workshop on education in computer security

    OpenAIRE

    Irvine, Cynthia; Orman, Hilarie

    1997-01-01

    Taken from the NPS website. The security of information systems and networks is a growing concern. Experts are needed to design and organize the protection mechanisms for these systems. Both government and industry increasingly seek individuals with knowledge and skills in computer security. In the past, most traditional computer science curricula bypassed formal studies in computer security altogether. An understanding of computer security was achieved largely through on-the-job ...

  16. On Data and Virtualization Security Risks and Solutions of Cloud Computing

    OpenAIRE

    Xiangyang Luo; Lin Yang; Dai Hao; Fenlin Liu; Daoshun Wang

    2014-01-01

    Data security and virtualization security issues are two key bottlenecks restricting the application of cloud computing promoting and applications, especially for the Cloud-based media computing system. In this paper, states of the art of the techniques on cloud computing data security issues, such as data encryption, access control, integrity authentication and other issues is surveyed, on this basis, the key technical issues of the cloud computing data security should concern about and focu...

  17. Smart photonic networks and computer security for image data

    Science.gov (United States)

    Campello, Jorge; Gill, John T.; Morf, Martin; Flynn, Michael J.

    1998-02-01

    Work reported here is part of a larger project on 'Smart Photonic Networks and Computer Security for Image Data', studying the interactions of coding and security, switching architecture simulations, and basic technologies. Coding and security: coding methods that are appropriate for data security in data fusion networks were investigated. These networks have several characteristics that distinguish them form other currently employed networks, such as Ethernet LANs or the Internet. The most significant characteristics are very high maximum data rates; predominance of image data; narrowcasting - transmission of data form one source to a designated set of receivers; data fusion - combining related data from several sources; simple sensor nodes with limited buffering. These characteristics affect both the lower level network design and the higher level coding methods.Data security encompasses privacy, integrity, reliability, and availability. Privacy, integrity, and reliability can be provided through encryption and coding for error detection and correction. Availability is primarily a network issue; network nodes must be protected against failure or routed around in the case of failure. One of the more promising techniques is the use of 'secret sharing'. We consider this method as a special case of our new space-time code diversity based algorithms for secure communication. These algorithms enable us to exploit parallelism and scalable multiplexing schemes to build photonic network architectures. A number of very high-speed switching and routing architectures and their relationships with very high performance processor architectures were studied. Indications are that routers for very high speed photonic networks can be designed using the very robust and distributed TCP/IP protocol, if suitable processor architecture support is available.

  18. State of the Art of Network Security Perspectives in Cloud Computing

    Science.gov (United States)

    Oh, Tae Hwan; Lim, Shinyoung; Choi, Young B.; Park, Kwang-Roh; Lee, Heejo; Choi, Hyunsang

    Cloud computing is now regarded as one of social phenomenon that satisfy customers' needs. It is possible that the customers' needs and the primary principle of economy - gain maximum benefits from minimum investment - reflects realization of cloud computing. We are living in the connected society with flood of information and without connected computers to the Internet, our activities and work of daily living will be impossible. Cloud computing is able to provide customers with custom-tailored features of application software and user's environment based on the customer's needs by adopting on-demand outsourcing of computing resources through the Internet. It also provides cloud computing users with high-end computing power and expensive application software package, and accordingly the users will access their data and the application software where they are located at the remote system. As the cloud computing system is connected to the Internet, network security issues of cloud computing are considered as mandatory prior to real world service. In this paper, survey and issues on the network security in cloud computing are discussed from the perspective of real world service environments.

  19. Writing Across the Curriculum -- An Online Course in Computer Security

    Directory of Open Access Journals (Sweden)

    Neelu Sinha

    2006-01-01

    Full Text Available Writing fosters both critical thinking and student learning, serving as one of the most effective ways to understand a topic. Writing across the Curriculum (WAC began in the late 1970’s, as a pedagogical reform movement in response to a perceived deficiency in literacy among college students. Over the past two decades universities have worked to broaden the scope of student writing from composition classes to classes in the students’ major. This paper chronicles the application of WAC into the discipline of Computer Science. The purpose of this study is to develop an online Computer Security course (for sophomores and juniors in Computer Science, under the umbrella of WAC, to help improve the students’ writing overall and focus on skills students require in upper level courses in the major. Developing this course as an online course (rather than a traditional face-to-face course offers flexible configurability and scalability, features that are useful to prepare students for constantly changing real world security challenges. This paper includes all aspects of course design and insight into lessons learned. Results indicate that both the faculty and students benefit from such a writing intensive course. Reading and responding to the students’ writing enables faculty to gain valuable insights into the students’ thoughts, ideas, problems, and other issues. Students reported increased knowledge and comprehension of the subject material, deeper understanding of the conventions within Computer Science, improved analysis and reporting skills, ability to understand and present abstract concepts effectively, and skill in producing professional documents.

  20. A Survey on Security Issues in Cloud Computing

    CERN Document Server

    Bhadauria, Rohit; Chaki, Nabendu; Sanyal, Sugata

    2011-01-01

    Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims...

  1. Secure Data Sharing in Cloud Computing using Hybrid cloud

    Directory of Open Access Journals (Sweden)

    Er. Inderdeep Singh

    2015-06-01

    Full Text Available Cloud computing is fast growing technology that enables the users to store and access their data remotely. Using cloud services users can enjoy the benefits of on-demand cloud applications and data with limited local infrastructure available with them. While accessing the data from cloud, different users may have relationship among them depending on some attributes, and thus sharing of data along with user privacy and data security becomes important to get effective results. Most of the research has been done to secure the data authentication so that user’s don’t lose their private data stored on public cloud. But still data sharing is a significant hurdle to overcome by researchers. Research is going on to provide secure data sharing with enhanced user privacy and data access security. In this paper various research and challenges in this area are discussed in detail. It will definitely help the cloud users to understand the topic and researchers to develop a method to overcome these challenges.

  2. Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

    Science.gov (United States)

    Kraemer, Sara; Carayon, Pascale

    2007-03-01

    This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

  3. Implementing AES via an Actively/Covertly Secure Dishonest-Majority MPC Protocol

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Keller, Marcel; Keller, Enrique;

    2012-01-01

    We describe an implementation of the protocol of Damgård, Pastro, Smart and Zakarias (SPDZ/Speedz) for multi-party computation in the presence of a dishonest majority of active adversaries. We present a number of modifications to the protocol; the first reduces the security to covert security...

  4. Recent advances in computational intelligence in defense and security

    CERN Document Server

    Falcon, Rafael; Zincir-Heywood, Nur; Abbass, Hussein

    2016-01-01

    This volume is an initiative undertaken by the IEEE Computational Intelligence Society’s Task Force on Security, Surveillance and Defense to consolidate and disseminate the role of CI techniques in the design, development and deployment of security and defense solutions. Applications range from the detection of buried explosive hazards in a battlefield to the control of unmanned underwater vehicles, the delivery of superior video analytics for protecting critical infrastructures or the development of stronger intrusion detection systems and the design of military surveillance networks. Defense scientists, industry experts, academicians and practitioners alike will all benefit from the wide spectrum of successful applications compiled in this volume. Senior undergraduate or graduate students may also discover uncharted territory for their own research endeavors.

  5. Techniques for Efficiently Ensuring Data Storage Security in Cloud Computing

    DEFF Research Database (Denmark)

    Banoth, Rajkumar

    2011-01-01

    The Cloud Computing is the next generation architecture of IT Enterprise. It moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. Here, focus is on cloud data storage security, an important aspect...... of quality of service. To ensure the correctness of users’ data in the cloud, we propose an effective and flexible distributed scheme with two salient features. By utilizing the homomorphic token with distributed verification of erasure-coded data, the scheme achieves the integration of storage correctness...

  6. A Survey on Cloud Computing Security, Challenges and Threats

    Directory of Open Access Journals (Sweden)

    Rajnish Choubey,

    2011-03-01

    Full Text Available Cloud computing is an internet based model that enable convenient, on demand and pay per use access to a pool of shared resources. It is a new technology that satisfies a user’s requirement for computingresources like networks, storage, servers, services and applications, without physically acquiring them. It reduces the overhead of the organization of marinating the large system but it has associated risks and threats also which include – security, data leakage, insecure interface and sharing of resources and inside attacks.

  7. Permanently Secure Quantum Bit Commitment from a Temporary Computation Bound

    CERN Document Server

    Kent, A

    1997-01-01

    Alice is a private citizen whose computational resources are modest. Bob represents a large organisation at the forefront of computational and cryptological research. Bob's computational and cryptanalytic power is unknown to Alice, but Bob can confidently estimate a bound on Alice's ability to carry out a computation that would break a classical bit commitment. Alice wishes to commit a bit to Bob. She requires that he will never be able to decode it unless she chooses to reveal it, but also that if she does he will be confident that her commitment was genuine. We describe here a simple quantum bit commitment scheme which satisfies these criteria. By iterating the scheme, we obtain quantum bit commitment schemes which allow either Alice or Bob to commit bits to the other. These schemes do not contradict Mayers' and Lo and Chau's no-go results: they rely on a temporary computability bound. However, they are permanently secure against cheating by either party, provided only that Alice was not able to break Bob's...

  8. Secure OpenID Authentication Model by Using Trusted Computing

    Directory of Open Access Journals (Sweden)

    E. Ghazizadeh

    2014-01-01

    Full Text Available The growth of Internet online services has been very quick in recent years. Each online service requires Internet users to create a new account to use the service. The problem can be seen when each user usually needs more than one service and, consequently, has numerous accounts. These numerous accounts have to be managed in a secure and simple way to be protected against identity theft. Single sign-on (SSO and OpenID have been used to decrease the complexity of managing numerous accounts required in the Internet identity environment. Trusted Platform Module (TPM and Trust Multitenancy are great trusted computing-based technologies to solve security concerns in the Internet identity environment. Since trust is one of the pillars of security in the cloud, this paper analyzes the existing cloud identity techniques in order to investigate their strengths and weaknesses. This paper proposes a model in which One Time Password (OTP, TPM, and OpenID are used to provide a solution against phishing as a common identity theft in cloud environment.

  9. 移动计算安全性%Mobile Computing Security

    Institute of Scientific and Technical Information of China (English)

    胡健; 刘锦德

    2000-01-01

    In the first,security issues in open system that supports mobile computing are discussed in detail,and then the fundamental principle for building a security system in the environment of mobile computing is given.According to the principle,security issues and policies related to mobile code programming language and mobile agent system are further discussed.

  10. Security Model for Microsoft Based Mobile Sales Management Application in Private Cloud Computing

    Directory of Open Access Journals (Sweden)

    Kuan Chee Houng

    2013-05-01

    Full Text Available The Microsoft-based mobile sales management application is a sales force management application that currently running on Windows Mobile 6.5. It handles sales-related activity and cuts down the administrative task of sales representative. Then, Windows launch a new mobile operating system, Windows Phone and stop providing support to Windows Mobile. This has become an obstacle for Windows Mobile development. From time to time, Windows Mobile will be eliminated from the market due to no support provided by Microsoft. Besides that, Windows Mobile application cannot run on Windows Phone mobile operating system due to lack of compatibility. Therefore, applications those run on Windows Mobile need to find a solution addressing this problem. The rise of cloud computing technology in delivering software as a service becomes a solution. The Microsoft-based mobile sales management application delivers a service to run in a web browser, rather than limited by certain type of mobile that run the Windows Mobile operating system. However, there are some security issues need to concern in order to deliver the Microsoft-based mobile application as a service in private cloud computing. Therefore, security model is needed to answer the security issues in private cloud computing. This research is to propose a security model for the Microsoft-based mobile sales management application in private cloud computing. Lastly, a User Acceptance Test (UAT is carried out to test the compatibility between proposed security model of Microsoft-based mobile sales management application in a private cloud and tablet computers.

  11. Detecting Security threats in the Router using Computational Intelligence

    Directory of Open Access Journals (Sweden)

    J. Visumathi

    2010-04-01

    Full Text Available Information security is an issue of global concern. As the Internet is delivering great convenience and benefits to the modern society, the rapidly increasing connectivity and accessibility to the Internet is also posing a serious threat to security and privacy, to individuals, organizations, and nations alike. Finding effective ways to detect, prevent, and respond to intrusions and hacker attacks of networked computers and information systems. This paper presents a knowledge discovery frame work to detect DoS attacks at the boundary controllers (routers. The idea is to use machine learning approach to discover network features that can depict the state of the network connection. Using important network data (DoS relevant features, we have developed kernel machine based and soft computing detection mechanisms that achieve high detection accuracies. We also present our work of identifying DoS pertinent features and evaluating the applicability of these features in detecting novel DoS attacks. Architecture for detecting DoS attacks at the router is presented. We demonstrate that highly efficient and accurate signature based classifiers can be constructed by using important network features and machine learning techniques to detect DoS attacks at the boundary controllers.

  12. What then do we do about computer security?

    Energy Technology Data Exchange (ETDEWEB)

    Suppona, Roger A.; Mayo, Jackson R.; Davis, Christopher Edward; Berg, Michael J.; Wyss, Gregory Dane

    2012-01-01

    This report presents the answers that an informal and unfunded group at SNL provided for questions concerning computer security posed by Jim Gosler, Sandia Fellow (00002). The primary purpose of this report is to record our current answers; hopefully those answers will turn out to be answers indeed. The group was formed in November 2010. In November 2010 Jim Gosler, Sandia Fellow, asked several of us several pointed questions about computer security metrics. Never mind that some of the best minds in the field have been trying to crack this nut without success for decades. Jim asked Campbell to lead an informal and unfunded group to answer the questions. With time Jim invited several more Sandians to join in. We met a number of times both with Jim and without him. At Jim's direction we contacted a number of people outside Sandia who Jim thought could help. For example, we interacted with IBM's T.J. Watson Research Center and held a one-day, videoconference workshop with them on the questions.

  13. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data for a variety of users, often requiring strong separation between job allocations. There are many challenges to establishing these secure enclaves within the shared infrastructure of high-performance computing (HPC) environments. The isolation mechanisms in the system software are the basic building blocks for enabling secure compute enclaves. There are a variety of approaches and the focus of this report is to review the different virtualization technologies that facilitate the creation of secure compute enclaves. The report reviews current operating system (OS) protection mechanisms and modern virtualization technologies to better understand the performance/isolation properties. We also examine the feasibility of running ``virtualized'' computing resources as non-privileged users, and providing controlled administrative permissions for standard users running within a virtualized context. Our examination includes technologies such as Linux containers (LXC [32], Docker [15]) and full virtualization (KVM [26], Xen [5]). We categorize these different approaches to virtualization into two broad groups: OS-level virtualization and system-level virtualization. The OS-level virtualization uses containers to allow a single OS kernel to be partitioned to create Virtual Environments (VE), e.g., LXC. The resources within the host's kernel are only virtualized in the sense of separate namespaces. In contrast, system-level virtualization uses hypervisors to manage multiple OS kernels and virtualize the physical resources (hardware) to create Virtual Machines (VM), e.g., Xen, KVM. This terminology of VE and VM, detailed in Section 2, is used throughout the report to distinguish between the two different approaches to providing virtualized execution

  14. Security approaches in using tablet computers for primary data collection in clinical research.

    Science.gov (United States)

    Wilcox, Adam B; Gallagher, Kathleen; Bakken, Suzanne

    2013-01-01

    Next-generation tablets (iPads and Android tablets) may potentially improve the collection and management of clinical research data. The widespread adoption of tablets, coupled with decreased software and hardware costs, has led to increased consideration of tablets for primary research data collection. When using tablets for the Washington Heights/Inwood Infrastructure for Comparative Effectiveness Research (WICER) project, we found that the devices give rise to inherent security issues associated with the potential use of cloud-based data storage approaches. This paper identifies and describes major security considerations for primary data collection with tablets; proposes a set of architectural strategies for implementing data collection forms with tablet computers; and discusses the security, cost, and workflow of each strategy. The paper briefly reviews the strategies with respect to their implementation for three primary data collection activities for the WICER project.

  15. On Data and Virtualization Security Risks and Solutions of Cloud Computing

    Directory of Open Access Journals (Sweden)

    Xiangyang Luo

    2014-03-01

    Full Text Available Data security and virtualization security issues are two key bottlenecks restricting the application of cloud computing promoting and applications, especially for the Cloud-based media computing system. In this paper, states of the art of the techniques on cloud computing data security issues, such as data encryption, access control, integrity authentication and other issues is surveyed, on this basis, the key technical issues of the cloud computing data security should concern about and focus on are indicated, and some corresponding countermeasures and suggestions are presented. For the virtualization security problem introduced by private cloud computing, the security risks induced by virtualization are analyzed and classified, and then based on the divide-conquer idea, for each kind of security risk, some corresponding solutions are presented.

  16. Selected aspects of security mechanisms for cloud computing – current solutions and development perspectives

    OpenAIRE

    Aneta Poniszewska-Maranda

    2014-01-01

    The security aspects of cloud computing, especially the security of data, become more and more important. It is necessary to find and develop the new mechanisms to secure the cloud. The problem presented in the paper concerns the mechanisms for security of cloud computing with special attention paid to aspects of access control in clouds - the state of the art and the perspectives for the future.

  17. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    Directory of Open Access Journals (Sweden)

    Sun Qiong

    2013-07-01

    Full Text Available With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed membership-based cloud service provided selection policy. By exploring the prospects of cloud computing in Internet sales, we try to solve the problem of the security of personal information in this channel.

  18. "Glitch Logic" and Applications to Computing and Information Security

    Science.gov (United States)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  19. A Study of Implementing an Information Security Management System for Open Source Cloud Computing

    Directory of Open Access Journals (Sweden)

    Cristian Cernat

    2012-09-01

    Full Text Available An Information Security Management System (ISMS contains a coordinated set of activities, processes, controls, and policies with the purpose of protecting and managing the information assets within an organization. In this paper we present the way in which an ISMS as specified in the ISO 27001 can be applied for the cloud and implemented on our test platform based on SlapOS, the first open source provisioning and billing system for distributed cloud computing. The goal of this paper is to demonstrate a new and easier way to manage security for the cloud, with a specific focus on distributed cloud computing. We will present the results measured by applying ISMS controls for ensuring levels of QoS and SLA according to contracts, moreover also optimizing the costs and resources used by the cloud platform.

  20. Fast and maliciously secure two-party computation using the GPU

    DEFF Research Database (Denmark)

    Frederiksen, Tore Kasper; Nielsen, Jesper Buus

    2013-01-01

    We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two-party compu......We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two...

  1. CERN Computing Colloquium | Computer Security in 2016: Where are we and what to expect | 8 February

    CERN Multimedia

    2016-01-01

    Computer Security in 2016: Where are we and what to expect  by Sebastian Lopienski, CERN-IT Monday 8 February from 11 a.m. to 12 p.m http://cseminar.web.cern.ch/cseminar/ at CERN, Council Chamber (503-1-001)  Description: Attacks against computer systems, belonging both to individuals and organisations, are an everyday reality. How many times have we heard about supposedly well protected companies and online services at the mercy of cyber criminals, or governments accusing other nation states of cyber espionage. Only the most serious breaches and biggest data leaks continue to make the headlines. But really, how secure is our data, computers and networks? What is happening behind the scenes? Is it actually possible to avoid the vulnerabilities, or detect the resulting exploits? This talk will address these questions and provide a high-level overview of security trends in the last year or two. It will include information on emerging typ...

  2. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-08-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  3. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  4. Computer Security: When a person leaves - access rights remain!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    We have been contacted recently by an embarrassed project manager who just figured out that a student who left at the end of 2013 still had access rights to read the whole project folder in February 2014: “How can that be?! In any other company, access rights would be purged at the same time as an employment contract terminates." Not so at CERN.   CERN has always been an open site with an open community. Physical access to the site is lightweight and you just need to have your CERN access card at hand. Further restrictions have only been put in place where safety or security really require them, and CERN does not require you to keep your access card on display. The same holds for the digital world. Once registered at CERN - either by contract, via your experiment or through the Users' office - you own a computing account that provides you with access to a wide variety of computing services. For example, last year 9,730 students/technicians/engineers/researchers/sta...

  5. VCC-SSF: Service-Oriented Security Framework for Vehicular Cloud Computing

    Directory of Open Access Journals (Sweden)

    Won Min Kang

    2015-02-01

    Full Text Available Recently, as vehicle computing technology has advanced, the paradigm of the vehicle has changed from a simple means of transportation to a smart vehicle for safety and convenience. In addition, the previous functions of the Intelligent Transportation System (ITS such as traffic accident prevention and providing traffic volume information have been combined with cloud computing. ITS services provide user-oriented broad services in the Vehicular Cloud Computing (VCC environment through efficient traffic management, traffic accident prevention, and convenience services. However, existing vehicle services focus on providing services using sensing information inside the vehicle and the system to provide the service through an interface with the external infrastructure is insufficient. In addition, because wireless networks are used in VCC environments, there is a risk of important information leakage from sensors inside the vehicle, such as driver personal identification and payment information at the time of goods purchase. We propose the VCC Service-oriented Security Framework (VCC-SSF to address the limitations and security threats of VCC-based services. The proposed framework considers security for convenient and efficient services of VCC and includes new user-oriented payment management and active accident management services. Furthermore, it provides authentication, encryption, access control, confidentiality, integrity, and privacy protection for user personal information and information inside the vehicle.

  6. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...

  7. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data for a variety of users, often requiring strong separation between job allocations. There are many challenges to establishing these secure enclaves within the shared infrastructure of high-performance computing (HPC) environments. The isolation mechanisms in the system software are the basic building blocks for enabling secure compute enclaves. There are a variety of approaches and the focus of this report is to review the different virtualization technologies that facilitate the creation of secure compute enclaves. The report reviews current operating system (OS) protection mechanisms and modern virtualization technologies to better understand the performance/isolation properties. We also examine the feasibility of running ``virtualized'' computing resources as non-privileged users, and providing controlled administrative permissions for standard users running within a virtualized context. Our examination includes technologies such as Linux containers (LXC [32], Docker [15]) and full virtualization (KVM [26], Xen [5]). We categorize these different approaches to virtualization into two broad groups: OS-level virtualization and system-level virtualization. The OS-level virtualization uses containers to allow a single OS kernel to be partitioned to create Virtual Environments (VE), e.g., LXC. The resources within the host's kernel are only virtualized in the sense of separate namespaces. In contrast, system-level virtualization uses hypervisors to manage multiple OS kernels and virtualize the physical resources (hardware) to create Virtual Machines (VM), e.g., Xen, KVM. This terminology of VE and VM, detailed in Section 2, is used throughout the report to distinguish between the two different approaches to providing virtualized execution

  8. Preaching What We Practice: Teaching Ethical Decision-Making to Computer Security Professionals

    Science.gov (United States)

    Fleischmann, Kenneth R.

    The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism - we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders [1]. Computer security research and practice involves a number of opportunities for ethical decisions. For example, decisions about whether or not to automatically provide security updates involve tradeoffs related to caring versus user autonomy. Decisions about online voting include tradeoffs between convenience and security. Finally, decisions about routinely screening e-mails for spam involve tradeoffs of efficiency and privacy. It is critical that these and other decisions facing computer security researchers and professionals are confronted head on as value-laden design decisions, and that computer security researchers and professionals consider the perspectives of various stakeholders in making these decisions.

  9. Towards quantitative measures of Information Security: A Cloud Computing case study

    Directory of Open Access Journals (Sweden)

    Mouna Jouini

    2015-05-01

    Full Text Available Cloud computing is a prospering technology that most organizations consider as a cost effective strategy to manage Information Technology (IT. It delivers computing services as a public utility rather than a personal one. However, despite the significant benefits, these technologies present many challenges including less control and a lack of security. In this paper, we illustrate the use of a cyber security metrics to define an economic security model for cloud computing system. We, also, suggest two cyber security measures in order to better understand system threats and, thus, propose appropriate counter measure to mitigate them.

  10. IMPLEMENTATION OF PERVASIVE COMPUTING BASED HIGH-SECURE SMART HOME SYSTEM

    OpenAIRE

    Ventylees Raj.S

    2012-01-01

    In recent year, the home environment has seen a rapid introduction of wireless communication network enabled advance computing technologies. In this paper I mainly focus on the monitoring of smart home remotely and providing security when user is away from the home. The proposed security algorithm is combining of Biometrics, public key encryption and SMS based security alarm system. In the proposed security algorithm offered only Authenticate person monitoring home appliances via wireless net...

  11. Case Study: Creation of a Degree Program in Computer Security. White Paper.

    Science.gov (United States)

    Belon, Barbara; Wright, Marie

    This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

  12. 77 FR 43639 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-07-25

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA.... ACTION: Notice of a renewal of an existing computer matching program that expired on May 10,...

  13. 77 FR 54943 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-09-06

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA.... ACTION: Notice of a renewal of an existing computer matching program that will expire on October 1,...

  14. Computer Security Awareness Guide for Department of Energy Laboratories, Government Agencies, and others for use with Lawrence Livermore National Laboratory`s (LLNL): Computer security short subjects videos

    Energy Technology Data Exchange (ETDEWEB)

    1993-12-31

    Lonnie Moore, the Computer Security Manager, CSSM/CPPM at Lawrence Livermore National Laboratory (LLNL) and Gale Warshawsky, the Coordinator for Computer Security Education & Awareness at LLNL, wanted to share topics such as computer ethics, software piracy, privacy issues, and protecting information in a format that would capture and hold an audience`s attention. Four Computer Security Short Subject videos were produced which ranged from 1-3 minutes each. These videos are very effective education and awareness tools that can be used to generate discussions about computer security concerns and good computing practices. Leaders may incorporate the Short Subjects into presentations. After talking about a subject area, one of the Short Subjects may be shown to highlight that subject matter. Another method for sharing them could be to show a Short Subject first and then lead a discussion about its topic. The cast of characters and a bit of information about their personalities in the LLNL Computer Security Short Subjects is included in this report.

  15. DEVELOPING OF THE SYSTEM INFORMATION SECURITY MODEL FOR COMPUTER TRAINING COMPLEX

    Directory of Open Access Journals (Sweden)

    Viktoriia N. Kovalchuk

    2010-08-01

    Full Text Available The regulatory documents regarding the computer training rooms and information communication technologies in respect to the information safety are being analyzed in the given paper. The model of information security system of the computer training complex is developed. In particular there are considered the requirements to the security system construction, its functioning and the stages of the lifecycle. The analysis of typical risks for the information resources is conducted, the main methods of their information security are offered.

  16. Computer Security for Commercial Nuclear Power Plants - Literature Review for Korea Hydro Nuclear Power Central Research Institute

    Energy Technology Data Exchange (ETDEWEB)

    Duran, Felicia Angelica [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). Security Systems Analysis Dept.; Waymire, Russell L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). Security Systems Analysis Dept.

    2013-10-01

    Sandia National Laboratories (SNL) is providing training and consultation activities on security planning and design for the Korea Hydro and Nuclear Power Central Research Institute (KHNPCRI). As part of this effort, SNL performed a literature review on computer security requirements, guidance and best practices that are applicable to an advanced nuclear power plant. This report documents the review of reports generated by SNL and other organizations [U.S. Nuclear Regulatory Commission, Nuclear Energy Institute, and International Atomic Energy Agency] related to protection of information technology resources, primarily digital controls and computer resources and their data networks. Copies of the key documents have also been provided to KHNP-CRI.

  17. Energy-efficient and security-optimized AES hardware design for ubiquitous computing

    Institute of Scientific and Technical Information of China (English)

    Chen Yicheng; Zou Xuecheng; Liu Zhenglin; Han Yu; Zheng Zhaoxia

    2008-01-01

    Ubiquitous computing must incorporate a certain level of security.For the severely resource con-strained applications,the energy-efficient and small size cryptography algorithm implementation is a critical problem.Hardware implementations of the advanced encryption standard(AES)for authentication and encryption are presented.An energy consumption variable is derived to evaluate low-power design strategies for battery-powered devices.It proves that compact AES architectures fail to optimize the AES hardware energy,whereas reducing invalid switching activities and implementing power-optimized sub-modules are the reasonable methods.Implemen tations of different substitution box(S-Boxes)structures are presented with 0.25 μm 1.8 V CMOS(complementary metal oxide semiconductor)standard cell library.The comparisons and trade-offs among area,security,and power are explored.The experimental results show that Galois field composite S-Boxes have smaller size and higheat security but consume considerably more power,whereas decoder-switch-encoder S-Boxes have the best power characteristics with disadvantages in terms of size and security.The combination of these two type S-Boxes instead of homogeneous S-Boxes in AES circuit will lead to optimal schemes.The technique of latch-dividing data path is analyzed,and the quantitative simulation results demonstrate that this approach diminishes the glitches effectively at a very low hardware cost.

  18. Measuring Human Performance within Computer Security Incident Response Teams

    Energy Technology Data Exchange (ETDEWEB)

    McClain, Jonathan T. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Silva, Austin Ray [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Avina, Glory Emmanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Forsythe, James C. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. These events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.

  19. An Information Security Education Initiative for Engineering and Computer Science

    Science.gov (United States)

    2007-11-02

    Security Problem" by the National Research Council in its book, Cryptog- raphy’s Role in Securing the Information Society , [40]. Today’s information age...skills appropriate to each role in the " information society " must be identified. There is a need for technical literacy among decision makers within...Science and National Research Council Telecommunications Board. Cryptography’s Role in Securing the Information Society . National Academy Press, 1996. [41

  20. Defining and Computing a Value Based Cyber-Security Measure

    Energy Technology Data Exchange (ETDEWEB)

    Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2011-01-01

    In past work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities\\; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper we discuss the specification and design of a system that collects, updates and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  1. Defining and Computing a Valued Based Cyber-Security Measure

    Energy Technology Data Exchange (ETDEWEB)

    Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2012-01-01

    In earlier work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  2. Proposal for a security management in cloud computing for health care.

    Science.gov (United States)

    Haufe, Knut; Dzombeta, Srdan; Brandis, Knud

    2014-01-01

    Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  3. Secure multi-party computation solution to Yao's millionaires' problem based on set-inclusion

    Institute of Scientific and Technical Information of China (English)

    LI Shundong; DAI Yiqi; YOU Qiyou

    2005-01-01

    Secure multi-party computation is a focus of international cryptography in recent years. Protocols for Yao's millionaires' problem have become an important building block of many secure multi-party computation protocols. Their efficiency are crucial to the efficiency of many secure multi-party computation protocols. Unfortunately, known protocols for Yao's millionaires' problem have high computational complexity or communication complexity. In this study, based on the 1-out-of-m oblivious transfer and set-inclusion problem, we propose a new protocol to solve this problem. This new protocol is very efficient in terms of both computational and communication complexities. Its privacy-preserving property is also proved by simulation paradigm which is generally accepted in the study of secure multi-party computation. We also compare the information leakage of our new protocol and the known protocols.

  4. Cloud Computing and Information Security%云计算与信息安全

    Institute of Scientific and Technical Information of China (English)

    叶加龙; 张公让

    2011-01-01

    This paper surveyed the development of information security. Cloud computing is a new technology, and provided the opportunities and challenges brought by cloud computing to information security. The basic concepts of cloud computing and security problem of cloud computing were explained, and through cloud computing user and service provider to analysis method of information security of cloud computing.%信息安全是当前计算机科学的一个研究热点;云计算是一个新的技术,给信息安全提供了挑战和机遇.介绍了云计算的基本概念、云计算的安全问题,通过云计算用户以及云计算服务提供商两方面分析了云计算中确保信息安全的方法.

  5. Proposal for a Security Management in Cloud Computing for Health Care

    Directory of Open Access Journals (Sweden)

    Knut Haufe

    2014-01-01

    Full Text Available Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  6. A Comprehensive Study about Cloud Computing Security: Issues, Applications and Challenges

    Directory of Open Access Journals (Sweden)

    Sima Ghoflgary

    2014-11-01

    Full Text Available Cloud computing provides facilities for users to save their data or information in servers which are connected through Internet or Intranet. Further, users can run their applications with the help of software provided by cloud computing servers without installing that software in their own personal computers. Since many users access to cloud computing servers for various goals, therefore one of the main problem in this regard is providing security in access, usage, share or running users’ programs by cloud computing sources or servers. This paper attempts to study security issues, applications and its challenges on cloud computing

  7. Proposal for a Security Management in Cloud Computing for Health Care

    OpenAIRE

    Knut Haufe; Srdan Dzombeta; Knud Brandis

    2014-01-01

    Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general info...

  8. Addressing security issues related to virtual institute distributed activities

    Science.gov (United States)

    Stytz, Martin R.; Banks, Sheila B.

    2008-03-01

    One issue confounding the development and experimentation of distributed modeling and simulation environments is the inability of the project team to identify and collaborate with resources, both human and technical, from outside the United States. This limitation is especially significant within the human behavior representation area where areas such as cultural effects research and joint command team behavior modeling require the participation of various cultural and national representatives. To address this limitation, as well as other human behavior representation research issues, NATO Research and Technology Organization initiated a project to develop a NATO virtual institute that enables more effective and more collaborative research into human behavior representation. However, in building and operating a virtual institute one of the chief concerns must be the cyber security of the institute. Because the institute "exists" in cyberspace, all of its activities are susceptible to cyberattacks, subterfuge, denial of service and all of the vulnerabilities that networked computers must face. In our opinion, for the concept of virtual institutes to be successful and useful, their operations and services must be protected from the threats in the cyber environment. A key to developing the required protection is the development and promulgation of standards for cyber security. In this paper, we discuss the types of cyber standards that are required, how new internet technologies can be exploited and can benefit the promulgation, development, maintenance, and robustness of the standards. This paper is organized as follows. Section One introduces the concept of the virtual institutes, the expected benefits, and the motivation for our research and for research in this area. Section Two presents background material and a discussion of topics related to VIs, uman behavior and cultural modeling, and network-centric warfare. Section Three contains a discussion of the

  9. Vulnerabilities and responsibilities: dealing with monsters in computer security

    NARCIS (Netherlands)

    Pieters, W.; Consoli, L.

    2009-01-01

    Purpose – The purpose of this paper is to analyze information security assessment in terms of cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security vulnerabilities, as well as to enable a proactive attitude towards preventing such vulnerabilities

  10. Multilevel classification of security concerns in cloud computing

    Directory of Open Access Journals (Sweden)

    Syed Asad Hussain

    2017-01-01

    Full Text Available Threats jeopardize some basic security requirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider.

  11. Research on Cloud Computing Security%云计算安全研究

    Institute of Scientific and Technical Information of China (English)

    庄金莲; 周志平

    2014-01-01

    为解决云计算平台的安全问题,对云计算的安全架构进行了系统的研究。针对云计算平台跨区域模糊边界、虚拟化服务、数据保密的安全威胁特点,从虚拟化技术、可信云计算、可信访问控制机制三个层面深入分析云计算安全框架,并提出云计算平台的安全策略与建议,满足云计算安全框架的建设需求。%This paper systematically studied the security architecture of cloud computing,so as to solve the security problem of cloud computing platform.Security threats of cloud computing platform are characterized by the fuzzy boundary across the region,virtualization service and data security. According to the above characteristics,this thesis analyses detailedly the cloud computing security framework from the virtualization technology,the trusted cloud computing and the trusted access control mechanism,and puts forward the security strategies and suggestions of cloud computing to meet the construction demand of cloud computing security framework.

  12. Application of Intelligent Data Mining Approach in Securing the Cloud Computing

    Directory of Open Access Journals (Sweden)

    Hanna M. Said

    2016-09-01

    Full Text Available Cloud computing is a modern term refers to a model for emerging computing, where it is possible to use machines in large data centers for delivering services in a scalable manner, so corporations has become in need for large scale inexpensive computing. Recently, several governments have begun to utilize cloud computing architectures, applications and platforms for meeting the needs of their constituents and delivering services. Security occupies the first rank of obstacles that face cloud computing for governmental agencies and businesses. Cloud computing is surrounded by many risks that may have major effects on services and information supported via this technology. Also, Cloud Computing is one of the promising technology in which the scientific community has recently encountered. Cloud computing is related to other research areas such as distributed and grid computing, Service-Oriented Architecture, and virtualization, as cloud computing inherited their limitations and advancements. It is possible to exploit new opportunities for security. This paper aim is to discuss and analyze how achieve mitigation for cloud computing security risks as a basic step towards obtaining secure and safe environment for cloud computing. The results showed that, Using a simple decision tree model Chaid algorithm security rating for classifying approach is a robust technique that enables the decision-maker to measure the extent of cloud securing, and the provided services. It was proved throughout this paper that policies, standards, and controls are critical in management process to safeguard and protect the systems as well as data. The management process should analyze and understand cloud computing risks for protecting systems and data from security exploits

  13. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Science.gov (United States)

    Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system. PMID:26495300

  14. EMRlog method for computer security for electronic medical records with logic and data mining.

    Science.gov (United States)

    Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  15. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Directory of Open Access Journals (Sweden)

    Sergio Mauricio Martínez Monterrubio

    2015-01-01

    Full Text Available The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  16. 75 FR 47311 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security...

    Science.gov (United States)

    2010-08-05

    ... security costs and information reasonably necessary to complete an audit. This requirement includes... SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Infrastructure Fee Records Retention AGENCY: Transportation...

  17. 78 FR 4856 - Extension of Agency Information Collection Activity Under OMB Review: Aviation Security...

    Science.gov (United States)

    2013-01-23

    ... carrier's calendar year 2000 security costs and information reasonably necessary to complete an audit... SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under OMB Review: Aviation Security Infrastructure Fee Records Retention AGENCY: Transportation...

  18. The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)

    Science.gov (United States)

    Clarke, Marlon

    2011-01-01

    As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors…

  19. CTF: Computer security competitions for learning and fun

    CERN Document Server

    CERN. Geneva

    2015-01-01

    CTF hacking competitions condense practical security knowledge in short and measurable challenges, in short: education, fun, prizes and fame! This talk is an introduction to these type of competitions from a player perspective over the years.

  20. Defining and Computing a Valued Based Cyber Security Measure

    Energy Technology Data Exchange (ETDEWEB)

    Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2011-01-01

    In earlier works (Ben-Aissa et al. 2010; Abercrombie et al. 2008; Sheldon et al. 2009), we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  1. Evolution of nuclear security regulatory activities in Brazil

    Energy Technology Data Exchange (ETDEWEB)

    Mello, Luiz A. de; Monteiro Filho, Joselio S.; Belem, Lilia M.J.; Torres, Luiz F.B. [Comissao Nacional de Energia Nuclear (CNEN), Rio de Janeiro, RJ (Brazil). Diretoria de Radioprotecao e Segurania Nuclear. Coordenacao de Salvaguardas e Protecao Fisica], e-mail: gpf@cnen.gov.br

    2009-07-01

    The changing of the world scenario in the last 15 years has increased worldwide the concerns about overall security and, as a consequence, about the nuclear and radioactive material as well as their associated facilities. Considering the new situation, in February 2004, the Brazilian National Nuclear Energy Commission (CNEN), decided to create the Nuclear Security Office. This Office is under the Coordination of Nuclear Safeguards and Security, in the Directorate for Safety, Security and Safeguards (Regulatory Directorate). Before that, security regulation issues were dealt in a decentralized manner, within that Directorate, by different licensing groups in specific areas (power reactors, fuel cycle facilities, radioactive facilities, transport of nuclear material, etc.). This decision was made in order to allow a coordinated approach on the subject, to strengthen the regulation in nuclear/radioactive security, and to provide support to management in the definition of institutional security policies. The CNEN Security Office develops its work based in the CNEN Physical Protection Regulation for Nuclear Operational Units - NE-2.01, 1996, the Convention on the Physical Protection of Nuclear Material and the IAEA Nuclear Security Series . This paper aims at presenting the activities developed and the achievements obtained by this new CNEN office, as well as identifying the issues and directions for future efforts. (author)

  2. A Secure Multi-Party Computation Protocol for Malicious Computation Prevention for preserving privacy during Data Mining

    CERN Document Server

    Mishra, Dr Durgesh Kumar; Kapoor, Nikhil; Bahety, Ravish

    2009-01-01

    Secure Multi-Party Computation (SMC) allows parties with similar background to compute results upon their private data, minimizing the threat of disclosure. The exponential increase in sensitive data that needs to be passed upon networked computers and the stupendous growth of internet has precipitated vast opportunities for cooperative computation, where parties come together to facilitate computations and draw out conclusions that are mutually beneficial; at the same time aspiring to keep their private data secure. These computations are generally required to be done between competitors, who are obviously weary of each-others intentions. SMC caters not only to the needs of such parties but also provides plausible solutions to individual organizations for problems like privacy-preserving database query, privacy-preserving scientific computations, privacy-preserving intrusion detection and privacy-preserving data mining. This paper is an extension to a previously proposed protocol Encrytpo_Random, which prese...

  3. BI-DIRECTIONAL ANONYMOUS IDENTITY AUTHENTICATION SCHEME FOR CLOUD COMPUTING BASED ON SECURITY ACTIVE BUNDLE%基于安全活跃束S AB的匿名双向云身份认证方案

    Institute of Scientific and Technical Information of China (English)

    张琼文; 吴承荣

    2014-01-01

    Dynamic and transparent cloud brings infinite possibility to people’s life;meanwhile it also imposes greater challenges on theincreasing privacy and security problems of digital identity in virtual world.Digital identity has a close relationship with information services.Before accessing or sharing the resources,the identities of both users and services providers should be authenticated each other.In particular,when the identity theft is rampant,telling authentication on users,partners and cloud services providers is the crucial measurement.Weanalyse the status quo of cloud identity authentication and the challenges encountering,and propose a scheme named “security active bundle(SAB)cloud identity authentication”based on predicate encryption and Active Bundle idea,which realises the bi-directional anonymousauthentication between the end user and the cloud,or among the clouds.This scheme strengthens the privacy protection of personal sensitiveinformation and no longer depends on the trusted third party,etc.%动态透明的云给人们的生活带来了无限的可能,同时也对虚拟世界中与日俱增的数字身份的隐私和安全问题提出了更大的挑战。数字身份和信息服务有着密切关系,在访问或分享资源前,用户和服务双方的身份都有必要先通过认证。特别是当身份窃取猖獗的时候,有力地用户认证、合作伙伴认证、云服务提供商认证等是至关重要的措施。分析云身份认证的现状和面临的挑战,基于谓词加密和Active Bundle思想提出了安全活跃束SAB(Security Active Bundle)云身份认证方案,实现了终端用户与云以及云之间的双向匿名认证,加强了个人敏感信息隐私保护和不再依赖可信第三方等。

  4. PUBLIC LINEAR PROGRAMMING SOLUTION FOR THE DESIGN OF SECURE AND EFFICIENT COMPUTING IN CLOUD

    Directory of Open Access Journals (Sweden)

    Dr.R.V.Krishnaiah

    2013-09-01

    Full Text Available This next generation of computing holds enormous potential to stimulate economic growth and enable governments to reduce costs, increase transparency and expand services to citizens. Cloud computing robust computational power to the society at reduced cost and enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation.

  5. Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

    Science.gov (United States)

    Foltz, C. Bryan; Renwick, Janet S.

    2011-01-01

    The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

  6. Computer Security in the Introductory Business Information Systems Course: An Exploratory Study of Textbook Coverage

    Science.gov (United States)

    Sousa, Kenneth J.; MacDonald, Laurie E.; Fougere, Kenneth T.

    2005-01-01

    The authors conducted an evaluation of Management Information Systems (MIS) textbooks and found that computer security receives very little in-depth coverage. The textbooks provide, at best, superficial treatment of security issues. The research results suggest that MIS faculty need to provide material to supplement the textbook to provide…

  7. A Newer User Authentication, File encryption and Distributed Server Based Cloud Computing security architecture

    Directory of Open Access Journals (Sweden)

    Kawser Wazed Nafi

    2012-10-01

    Full Text Available The cloud computing platform gives people the opportunity for sharing resources, services and information among the people of the whole world. In private cloud system, information is shared among the persons who are in that cloud. For this, security or personal information hiding process hampers. In this paper we have proposed new security architecture for cloud computing platform. This ensures secure communication system and hiding information from others. AES based file encryption system and asynchronous key system for exchanging information or data is included in this model. This structure can be easily applied with main cloud computing features, e.g. PaaS, SaaS and IaaS. This model also includes onetime password system for user authentication process. Our work mainly deals with the security system of the whole cloud computing platform.

  8. Analytical Investigation on Computer Network Security System of Colleges and Universities

    Institute of Scientific and Technical Information of China (English)

    徐悦

    2013-01-01

    With the development of network technology, computer systems of colleges and universities gradually use network management and services, which provides comprehensive and convenient information access and management conditions. How?ever, in the network environment, the security of the system faces security threats like virus, malicious software and human at?tack, which may make the network data of the computer system damaged and tampered, or even lead to network system paraly?sis, breakdown of system concerning management and payment, missing and stealing of confidential documents. Therefore, it is of important application significance to promote the security of computer network systems of colleges and universities. This paper conducts comprehensive analysis on the security system of computer network systems of colleges and universities, elaborates its R&D and application status and puts forward specific schemes of prevention and solutions, which provides suggestions and refer?ence for its construction.

  9. Supporting localized activities in ubiquitous computing environments

    OpenAIRE

    Pinto, Helder

    2004-01-01

    The design of pervasive and ubiquitous computing systems must be centered on users' activity in order to bring computing systems closer to people. Adopting an activity-centered approach to the design of pervasive and ubiquitous computing systems leads us to seek to understand: a) how humans naturally accomplish an activity; and b) how computing artifacts from both the environmental and personal domains may contribute to the accomplishment of an activity. This work particularly focuses o...

  10. E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Challenges

    Directory of Open Access Journals (Sweden)

    Maha Attia

    2016-07-01

    Full Text Available In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage, Account, Service, Traffic Hijacking and Unknown Risk Profile

  11. 云计算安全性研究%Research on Cloud Computing Security

    Institute of Scientific and Technical Information of China (English)

    班增辉

    2016-01-01

    虽然就目前来看,对云计算尚未有明确的界定,但是在社会的各个领域都对云计算有广泛的应用。在用户选择云计算时,需要考虑云计算的安全性,保证云计算的安全性也是实现其稳定、健康发展的重--素。文章以云计算的概念与特征为切入点,分析云计算在其应用中存在的安全问题,探讨云计算的安全性问题与云计算的安全策略与建议。%Although the cloud computing has not yet have a clear deifnition, but in every ifeld of society have wide application on cloud computing. When the user select the cloud, it is necessary to consider the security of cloud computing, ensure the security of cloud computing and achieve the stable and healthy development of the important factors. Based on the concept and characteristics of cloud computing as the breakthrough point, analysis of the application of cloud computing in its security problems, probing into the security issues of cloud computing and cloud computing security strategies and Suggestions.

  12. Review of Cloud Computing Security%云计算安全研究综述

    Institute of Scientific and Technical Information of China (English)

    房晶; 吴昊; 白松林

    2011-01-01

    With the development of cloud computing, the security issues of cloud computing are being more and more focused.In this paper, some types of security-related problems and their solutions of cloud computing are being comprehensively analyzed. Firstly, this paper describes the architecture of cloud computing and then compares the difference of cloud computing socurity and the traditional security, focusing on the technology of cloud computing security, and finally elaborate the key research areas and results of current cloud computing security from the perspective of cloud computing standard organizations and products.%随着云计算的发展,云计算的安全问题越来越受到关注.本文将全面分析云计算中与安全有关的各类问题及其解决方案.文中首先介绍了云计算的体系架构,接着比较了云计算安全和传统安全的区别,重点介绍了云计算的安全技术,最后从云计算的标准组织和产品的角度阐述了现阶段云计算安全的重点研究领域和成果.

  13. Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

    CERN Document Server

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2009-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a singl...

  14. A computer science approach to managing security in health care.

    Science.gov (United States)

    Asirelli, P; Braccini, G; Caramella, D; Coco, A; Fabbrini, F

    2002-09-01

    The security of electronic medical information is very important for health care organisations, which have to ensure confidentiality, integrity and availability of the information provided. This paper will briefly outline the legal measures adopted by the European Community, Italy and the United States to regulate the use and disclosure of medical records. It will then go on to highlight how information technology can help to address these issues with special reference to the management of organisation policies. To this end, we will present a modelling example for the security policy of a radiological department.

  15. Security, Privacy and Trust Challenges in Cloud Computing and Solutions

    OpenAIRE

    Seyyed Yasser hashemi; Parisa Sheykhi Hesarlo

    2014-01-01

    Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing recently emerged as a promising solution to information technology (IT) management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. As much as the technologic...

  16. An Australian Perspective On The Challenges For Computer And Network Security For Novice End-Users

    Directory of Open Access Journals (Sweden)

    Patryk Szewczyk

    2012-12-01

    Full Text Available It is common for end-users to have difficulty in using computer or network security appropriately and thus have often been ridiculed when misinterpreting instructions or procedures. This discussion paper details the outcomes of research undertaken over the past six years on why security is overly complex for end-users. The results indicate that multiple issues may render end-users vulnerable to security threats and that there is no single solution to address these problems. Studies on a small group of senior citizens has shown that educational seminars can be beneficial in ensuring that simple security aspects are understood and used appropriately.

  17. The method of a joint intraday security check system based on cloud computing

    Science.gov (United States)

    Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

    2017-01-01

    The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

  18. A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

    Directory of Open Access Journals (Sweden)

    Geylani KARDAŞ

    2008-01-01

    Full Text Available In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication and mobility to the system architecture. A real implementation of the proposed architecture which utilizes the JavaCard technology is also discussed in this study.

  19. High-performance secure multi-party computation for data mining applications

    DEFF Research Database (Denmark)

    Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas

    2012-01-01

    Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

  20. An Efficient and Secure Protocol for Ensuring Data Storage Security in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Syam Kumar P

    2011-11-01

    Full Text Available Currently, there has been an increasing trend in outsourcing data to remote cloud, where the people outsource their data at Cloud Service Provider(CSP who offers huge storage space with low cost. Thus users can reduce the maintenance and burden of local data storage. Meanwhile, once data goes into cloud they lose control of their data, which inevitably brings new security risks toward integrity and confidentiality. Hence, efficient and effective methods are needed to ensure the data integrity and confidentiality of outsource data on untrusted cloud servers. The previously proposed protocols fail to provide strong security assurance to the users. In this paper, we propose an efficient and secure protocol to address these issues. Our design is based on Elliptic Curve Cryptography and Sobol Sequence (random sampling. Our method allows third party auditor to periodically verify the data integrity stored at CSP without retrieving original data. It generates probabilistic proofs of integrity by challenging random sets of blocks from the server, which drastically reduces the communication and I/O costs. The challenge-response protocol transmits a small, constant amount of data, which minimizes network communication. Most importantly, our protocol is confidential: it never reveals the data contents to the malicious parties. The proposed scheme also considers the dynamic data operations at block level while maintaining the same security assurance. Our solution removes the burden of verification from the user, alleviates both the users and storage services fear about data leakage and data corruptions. Through security analysis, we prove that our method is secure and through performance and experimental results, we also prove that our method is efficient. To compare with existing schemes, our scheme is more secure and efficient.

  1. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  2. Application of Intelligent Data Mining Approach in Securing the Cloud Computing

    OpenAIRE

    Hanna M. Said; Ibrahim El Emary; Bader A. Alyoubi; Adel A. Alyoubi

    2016-01-01

    Cloud computing is a modern term refers to a model for emerging computing, where it is possible to use machines in large data centers for delivering services in a scalable manner, so corporations has become in need for large scale inexpensive computing. Recently, several governments have begun to utilize cloud computing architectures, applications and platforms for meeting the needs of their constituents and delivering services. Security occupies the first rank of obstacles that face cloud co...

  3. Noise-driven informatics: secure classical communications via wire and noise-based computing

    CERN Document Server

    Kish, Laszlo B

    2008-01-01

    In this paper, we show recent results indicating that using electrical noise as information carrier offers outstanding potentials reminding of quantum informatics. One example is noise-based computing and logic that shows certain similarities to quantum logic. However, due to the lack of the collapse of wavefunction and due to the immediate accessibility of superposition components, the use of noise-based and quantum computers will probably be different. Another example is secure communications where, out of the unconditional security at idealistic situations, a practical security beyond known quantum solutions can be achieved and has been demonstrated. Here the keys to security are the robustness of classical information, and the second law of thermodynamics. These offer the avoidance of making error statistics and single bit security. It has the potential to restrict the practical applications of quantum communicators to the situations where no wire can be used but optical communication via fiber or via spa...

  4. Survey on Security Issues in File Management in Cloud Computing Environment

    Science.gov (United States)

    Gupta, Udit

    2015-06-01

    Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

  5. Computer Security: “Heartbleed” - a disaster for privacy

    CERN Multimedia

    Computer Security Team

    2014-01-01

    "On a scale of 1 to 10, this is an 11,” claimed the famous security expert Bruce Schneier (see here). Indeed, the serious vulnerability dubbed “Heartbleed” affects everyone who relies on secure and private Internet communication. You cannot avoid it, so let’s see how it affects you.   “Heartbleed” is the name that's been given to a vulnerability for OpenSSL (CVE-2014-0160). This software implements “the Secure Socket Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptography library”. SSL and TLS protocols are used to encrypt any communication between a client and a server, and to ensure that your communication is safe from eavesdropping or spying - that is, until 2012, when this bug was introduced. It allows the extraction of the first 64 kB from the memory of a server or client using OpenSSL (not necessarily web servers), and can potent...

  6. Teaching Hands-On Linux Host Computer Security

    Science.gov (United States)

    Shumba, Rose

    2006-01-01

    In the summer of 2003, a project to augment and improve the teaching of information assurance courses was started at IUP. Thus far, ten hands-on exercises have been developed. The exercises described in this article, and presented in the appendix, are based on actions required to secure a Linux host. Publicly available resources were used to…

  7. Drop-in Security for Distributed and Portable Computing Elements.

    Science.gov (United States)

    Prevelakis, Vassilis; Keromytis, Angelos

    2003-01-01

    Proposes the use of a special purpose drop-in firewall/VPN gateway called Sieve, that can be inserted between the mobile workstation and the network to provide individualized security services for that particular station. Discusses features and advantages of the system and demonstrates how Sieve was used in various application areas such as at…

  8. 云计算安全需求综述%Overview of Cloud Computing Security

    Institute of Scientific and Technical Information of China (English)

    肖红跃; 张文科; 刘桂芬

    2012-01-01

    云计算已成为全球未来信息产业发展的战略方向和推动经济增长的重要引擎,而云计算的安全问题是影响其发展的主要障碍。文中结合云计算的服务模型和技术特点,分析了云计算的技术特性和安全目标,并重点从基础设施服务安全、平台服务安全、应用软件服务安全、终端安全防护、安全管理以及法规监管等方面的安全需求,系统性地分析了通用云计算架构下云计算存在的安全风险与安全需求,最后给出了建设云安全系统的建议。%Cloud computing now becomes the strategic development orientation of global information industry. The security problem of cloud computing is the primary obstacle hindering its further growth. This article analyzes the security object of cloud computing according to its service model and technical characteristics. With focus on security of infrastructure services,security of platform services,security of application software services,terminal security protection,security management and legal regulations,this article systematically discusses the existing security risks and security requirements of general cloud computing architecture. Finally this article gives suggestions on how to build cloud security system.

  9. A User-Centric Data Secure Creation Scheme in Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    SU Mang; LI Fenghua; SHI Guozhen; GENG Kui; XIONG Jinbo

    2016-01-01

    Due to the use of the cloud computing technology, the ownership is separated from the adminis-tration of the data in cloud and the shared data might be migrated between different clouds, which would bring new challenges to data secure creation, especially for the data privacy protection. We propose a User-centric data secure creation scheme (UCDSC) for the security requirements of resource owners in cloud. In this scheme, a data owner first divides the users into different domains. The data owner encrypts data and defines different secure managing poli-cies for the data according to domains. To encrypt the data in UCDSC, we present an algorithm based on Access con-trol conditions proxy re-encryption (ACC-PRE), which is proved to be master secret secure and Chosen-ciphertext attack (CCA) secure in random oracle model. We give the application protocols and make the comparisons between some existing approaches and UCDSC.

  10. Main control computer security model of closed network systems protection against cyber attacks

    Science.gov (United States)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  11. On the Boundaries of Trust and Security in Computing and Communications Systems

    CERN Document Server

    Pathan, Al-Sakib Khan

    2012-01-01

    This article analyzes trust and security in computing and communications systems. While in human-life, trust usually has some kind of commonly understood meaning, in the realm of computing and communications systems, it could be interpreted differently in different environments and settings. On the other hand, security is about making sure that the participating entities are legitimate in a communication event or incident so that the core requirements of privacy, integrity, and authenticity are maintained. This notion is also true for our human life, even for example entering a house needs legitimacy of a person. Some boundary lines preserve the security; otherwise an unwanted access is called a 'security breach'. The intent of this article is to compare and discuss these two terms with our societal behavior and understanding amongst entities. To illustrate these issues especially in computing and communications world, some of the innovating and recent technologies are discussed which demand trust and securit...

  12. A Trust-Based Model for Security Cooperating in Vehicular Cloud Computing

    Directory of Open Access Journals (Sweden)

    Zhipeng Tang

    2016-01-01

    Full Text Available VCC is a computing paradigm which consists of vehicles cooperating with each other to realize a lot of practical applications, such as delivering packages. Security cooperation is a fundamental research topic in Vehicular Cloud Computing (VCC. Because of the existence of malicious vehicles, the security cooperation has become a challenging issue in VCC. In this paper, a trust-based model for security cooperating, named DBTEC, is proposed to promote vehicles’ security cooperation in VCC. DBTEC combines the indirect trust estimation in Public board and the direct trust estimation in Private board to compute the trust value of vehicles when choosing cooperative partners; a trustworthy cooperation path generating scheme is proposed to ensure the safety of cooperation and increase the cooperation completion rates in VCC. Extensive experiments show that our scheme improves the overall cooperation completion rates by 6~7%.

  13. Integrated Safety Mechanisms Based on Security Risks Minimization for the Distributed Computer Systems

    Directory of Open Access Journals (Sweden)

    Vadym Mukhin

    2013-02-01

    Full Text Available Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems.In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potential losses due to the realization of threats, to analyze the dynamics of intrusions into computer systems and to select the effective security tools.As a result, there is designed the structure of the tools for risk minimization in the distributed computer systems and are formalized the main functions of this structure. Also, in the paper is suggested the assessment of risk factors of the security threats and the probability of the threats realization, which are based on their division into appropriate groups. The proposed tools for security risk minimization allow effectively identify, classify and analyze threats to the security of the distributed computing systems.

  14. Computer Security: “Hello World” - Welcome to CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Welcome to the open, liberal and free academic computing environment at CERN. Thanks to your new (or long-established!) affiliation with CERN, you are eligible for a CERN computing account, which enables you to register your devices: computers, laptops, smartphones, tablets, etc. It provides you with plenty of disk space and an e-mail address. It allows you to create websites, virtual machines and databases on demand.   You can now access most of the computing services provided by the GS and IT departments: Indico, for organising meetings and conferences; EDMS, for the approval of your engineering specifications; TWiki, for collaboration with others; and the WLCG computing grid. “Open, liberal, and free”, however, does not mean that you can do whatever you like. While we try to make your access to CERN's computing facilities as convenient and easy as possible, there are a few limits and boundaries to respect. These boundaries protect both the Organization'...

  15. Privacy Enhanced Pervasive Computing Model with Dynamic Trust and Security

    Directory of Open Access Journals (Sweden)

    Geetha Mariappan

    2014-06-01

    Full Text Available The objective of the research work is to propose a policy aware privacy enhancement model using dynamic trust and security management techniques. The different polices of the stakeholders incorporating device manufacturer, service provider, Mobile agents and mobile users are considered to achieve an enhanced privacy for on-demand request. The entities involving direct and indirect trust establishment with all forms of uncertainties like DDoS attacks are considered along with multiple layers of security management operations across varying trusted entities. The focus is to enhance the existing privacy through an efficient, preventive, detective, response mechanisms for those attacks, which will address the problem of DDoS before, during and after an actual attack. The session time and access time are controlled by the privileges and rights for disclosure of information in pervasive environment.

  16. A Survey of Formal Models for Computer Security.

    Science.gov (United States)

    1981-09-30

    presenting the individual models. 6.1 Basic Concepts and Trends The finite state machine model for computation views a computer system as a finite...top-level specification. The simplest description of the top-level model for DSU is given by Walker, et al. [36]. It is a finite state machine model , with

  17. An Empirical Measure of Computer Security Strength for Vulnerability Remediation

    Science.gov (United States)

    Villegas, Rafael

    2010-01-01

    Remediating all vulnerabilities on computer systems in a timely and cost effective manner is difficult given that the window of time between the announcement of a new vulnerability and an automated attack has decreased. Hence, organizations need to prioritize the vulnerability remediation process on their computer systems. The goal of this…

  18. Business Administration and Computer Science Degrees: Earnings, Job Security, and Job Satisfaction

    Science.gov (United States)

    Mehta, Kamlesh; Uhlig, Ronald

    2017-01-01

    This paper examines the potential of business administration vs. computer science degrees in terms of earnings, job security, and job satisfaction. The paper focuses on earnings potential five years and ten years after the completion of business administration and computer science degrees. Moreover, the paper presents the income changes with…

  19. Computer science security research and human subjects: emerging considerations for research ethics boards.

    Science.gov (United States)

    Buchanan, Elizabeth; Aycock, John; Dexter, Scott; Dittrich, David; Hvizdak, Erin

    2011-06-01

    This paper explores the growing concerns with computer science research, and in particular, computer security research and its relationship with the committees that review human subjects research. It offers cases that review boards are likely to confront, and provides a context for appropriate consideration of such research, as issues of bots, clouds, and worms enter the discourse of human subjects review.

  20. Meeting the security requirements of electronic medical records in the ERA of high-speed computing.

    Science.gov (United States)

    Alanazi, H O; Zaidan, A A; Zaidan, B B; Kiah, M L Mat; Al-Bakri, S H

    2015-01-01

    This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.

  1. Computer Hardware Environment and Security%微机硬件环境与安全

    Institute of Scientific and Technical Information of China (English)

    邵伟

    2012-01-01

    Computer hardware,operating environment and hardware security computer network information system to normal operation,hardware,operating environment and security has a direct impact on the safety of network information systems.From the environmental interference,equipment,natural damage,natural disasters and other factors brought to the micro-computer security threats.This article describes the hardware of the computer running the environmental requirements,hardware,security threats,and hardware security technology used to implement information security.%微机硬件的运行环境和硬件安全是计算机网络信息系统能够正常运行的基础,硬件的运行环境和安全直接影响着网络信息系统的安全。而来自于环境干扰、设备自然损坏、自然灾害等因素给微型计算机带来了安全威胁。本文介绍了微机运行的硬件的环境要求、硬件的安全威胁,并提出了用来实现信息安全的硬件安全技术方法。

  2. Cryptography for security and privacy in cloud computing

    CERN Document Server

    Rass, Stefan

    2013-01-01

    As is common practice in research, many new cryptographic techniques have been developed to tackle either a theoretical question or foreseeing a soon to become reality application. Cloud computing is one of these new areas, where cryptography is expected to unveil its power by bringing striking new features to the cloud. Cloud computing is an evolving paradigm, whose basic attempt is to shift computing and storage capabilities to external service providers.This resource offers an overview of the possibilities of cryptography for protecting data and identity information, much beyond well-known

  3. Advances in computers dependable and secure systems engineering

    CERN Document Server

    Hurson, Ali

    2012-01-01

    Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field. In-depth surveys and tutorials on new computer technologyWell-known authors and researchers in the fieldExtensive bibliographies with m

  4. Activity-Driven Computing Infrastructure - Pervasive Computing in Healthcare

    DEFF Research Database (Denmark)

    Bardram, Jakob Eyvind; Christensen, Henrik Bærbak; Olesen, Anders Konring

    In many work settings, and especially in healthcare, work is distributed among many cooperating actors, who are constantly moving around and are frequently interrupted. In line with other researchers, we use the term pervasive computing to describe a computing infrastructure that supports work...... where users access a dynamic range of computing and software devices, where users can shift between devices, and where users move around while preserving their working environment. This paper describes our design of a pervasive activity-driven computing infrastructure. The main tenet in this approach...... is to preserve a user’s computational working context enabling him to shift between different devices while on the move and enabling him to interrupt and return to work-activities fluently. Furthermore, the infrastructure contains agents that propose new activities based on the user’s current context...

  5. Fair Secure Computation with Reputation Assumptions in the Mobile Social Networks

    Directory of Open Access Journals (Sweden)

    Yilei Wang

    2015-01-01

    Full Text Available With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

  6. Towards a Game Theoretic View of Secure Computation

    DEFF Research Database (Denmark)

    Asharov, Gilad; Canetti, Ran; Hazay, Carmit

    2011-01-01

    We demonstrate how Game Theoretic concepts and formalism can be used to capture cryptographic notions of security. In the restricted but indicative case of two-party protocols in the face of malicious fail-stop faults, we first show how the traditional notions of secrecy and correctness of protoc......We demonstrate how Game Theoretic concepts and formalism can be used to capture cryptographic notions of security. In the restricted but indicative case of two-party protocols in the face of malicious fail-stop faults, we first show how the traditional notions of secrecy and correctness...... of protocols can be captured as properties of Nash equilibria in games for rational players. Next, we concentrate on fairness. Here we demonstrate a Game Theoretic notion and two different cryptographic notions that turn out to all be equivalent. In addition, we provide a simulation based notion that implies...... the previous three. All four notions are weaker than existing cryptographic notions of fairness. In particular, we show that they can be met in some natural setting where existing notions of fairness are provably impossible to achieve....

  7. Computer Security: IT or not IT, that is the question

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Following on from our recent Bulletin article on “How to succeed in software deployment” (see here), we repeatedly face the problem that “standard” IT services are replicated within CERN or even outsourced to external companies.   Past experience has shown that such non-centrally managed systems are more prone to security risks and, in the long run, are less well managed – that is, if they’re not eventually orphaned completely. If hosted outside CERN, there is also the risk that sensitive data from the Organization could be leaked and that CERN would not be able to intervene in the event of a security problem. Imagine, for example, a slide show created by an external consultant and hosted in the cloud… While this might have been convenient for the consultant, a regular user of that cloud service, the content was lost once the consultant’s job was done and nobody at CERN took responsibility for the slide show. Or...

  8. Computer Network Security Technology%浅谈计算机网络安全技术

    Institute of Scientific and Technical Information of China (English)

    梁其烺

    2011-01-01

    从当前计算机网络安全现状入手,对主要的网络安全威胁进行了讨论。最后分析了计算机网络安全技术的类型,力图使网络设计者和使用者对网络安全有一个全面的认识,从而能正确采用成功对策。%The present situation of the current computer network security,network security of the main threats were discussed,the final analysis,the type of computer network security technology to try to make the network designers and users of network security with a comprehensive understanding, so that it can correctly the use of successful strategies.

  9. Secure Threat Information Exchange across the Internet of Things for Cyber Defense in a Fog Computing Environment

    OpenAIRE

    Mihai-Gabriel IONITA; Victor-Valeriu PATRICIU

    2016-01-01

    Threat information exchange is a critical part of any security system. Decisions regarding security are taken with more confidence and with more results when the whole security context is known. The fog computing paradigm enhances the use cases of the already used cloud computing systems by bringing all the needed resources to the end-users towards the edge of the network. While fog decentralizes the cloud, it is very important to correlate security events which happen in branch offices aroun...

  10. Risk in the Clouds?: Security Issues Facing Government Use of Cloud Computing

    Science.gov (United States)

    Wyld, David C.

    Cloud computing is poised to become one of the most important and fundamental shifts in how computing is consumed and used. Forecasts show that government will play a lead role in adopting cloud computing - for data storage, applications, and processing power, as IT executives seek to maximize their returns on limited procurement budgets in these challenging economic times. After an overview of the cloud computing concept, this article explores the security issues facing public sector use of cloud computing and looks to the risk and benefits of shifting to cloud-based models. It concludes with an analysis of the challenges that lie ahead for government use of cloud resources.

  11. A PROFICIENT MODEL FOR HIGH END SECURITY IN CLOUD COMPUTING

    Directory of Open Access Journals (Sweden)

    R. Bala Chandar

    2014-01-01

    Full Text Available Cloud computing is an inspiring technology due to its abilities like ensuring scalable services, reducing the anxiety of local hardware and software management associated with computing while increasing flexibility and scalability. A key trait of the cloud services is remotely processing of data. Even though this technology had offered a lot of services, there are a few concerns such as misbehavior of server side stored data , out of control of data owner's data and cloud computing does not control the access of outsourced data desired by the data owner. To handle these issues, we propose a new model to ensure the data correctness for assurance of stored data, distributed accountability for authentication and efficient access control of outsourced data for authorization. This model strengthens the correctness of data and helps to achieve the cloud data integrity, supports data owner to have control on their own data through tracking and improves the access control of outsourced data.

  12. Formulation, computation and improvement of steady state security margins in power systems. Part I: Theoretical framework

    Energy Technology Data Exchange (ETDEWEB)

    Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T. [School of Engineering of Universidad Pontificia Comillas, C/Alberto Aguilera, 23, 28015 Madrid (Spain)

    2011-02-15

    A steady state security margin for a particular operational point can be defined as the distance from this initial point to the secure operational limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. A comprehensive literature survey has shown that these security margins have been studied separately. This fact has suggested to the authors the possibility of researching a common analysis framework valid for all of them. This is the first part of a two-part paper. In part I, a novel mathematical formulation valid to address the study of any steady state security margin is proposed. The developed general approach is presented in three steps: (a) formulation, (b) computation, and (c) improvement of security margins. In part II, the performance of the proposed approach when used to compute and improve the aforementioned steady security margins is illustrated through its application to the Spanish power system. Results denote that this approach can be a useful tool to solve a variety of practical situations in modern real power systems. (author)

  13. IMPLEMENTATION OF PERVASIVE COMPUTING BASED HIGH-SECURE SMART HOME SYSTEM

    Directory of Open Access Journals (Sweden)

    Ventylees Raj.S

    2012-11-01

    Full Text Available In recent year, the home environment has seen a rapid introduction of wireless communication network enabled advance computing technologies. In this paper I mainly focus on the monitoring of smart home remotely and providing security when user is away from the home. The proposed security algorithm is combining of Biometrics, public key encryption and SMS based security alarm system. In the proposed security algorithm offered only Authenticate person monitoring home appliances via wireless networks. In the proposed pervasive monitoring system it provides security against intrusion as well as it automates various home appliances using SMS. Zigbee IEEE 802.15.4 based Sensor Network, GSM and Wi-Fi wireless networks are embedded through a standard Home gateway. This home gateway controls the overall wireless communication of smart home systems. The pervasive computing environment created by the smart Sensors, wireless networksand context-aware routing protocol for wireless sensor networks. Each smart Sensor node should have multipath routing protocol to automatically establish the wireless networks between Smart Nodes. To develop a new ondemand context-aware routing protocol for the smart home system, here this paper introduces the pervasive computing based smart home monitoring system’s design that provides secure smart services to users, and demonstrates its implementation using a real time environment.

  14. Applying Encryption Algorithm for Data Security and Privacy in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Mohit Marwaha

    2013-01-01

    Full Text Available Cloud computing is the next big thing after internet in the field of information technology; some say its a metaphor for internet. It is an Internet-based computing technology, in which software, shared recourses and information, are provided to consumers and devices on-demand, and as per users requirement on a pay per use model. Even though the cloud continues to grow in popularity, Usability and respectability, Problems with data protection and data privacy and other Security issues play a major setback in the field of Cloud Computing. Privacy and security are the key issue for cloud storage. Encryption is a well known technology for protecting sensitive data. Use of the combination of Public and Private key encryption to hide the sensitive data of users, and cipher text retrieval. The paper analyzes the feasibility of the applying encryption algorithm for data security and privacy in cloud Storage.

  15. Developing on-demand secure high-performance computing services for biomedical data analytics.

    Science.gov (United States)

    Robison, Nicholas; Anderson, Nick

    2013-01-01

    We propose a technical and process model to support biomedical researchers requiring on-demand high performance computing on potentially sensitive medical datasets. Our approach describes the use of cost-effective, secure and scalable techniques for processing medical information via protected and encrypted computing clusters within a model High Performance Computing (HPC) environment. The process model supports an investigator defined data analytics platform capable of accepting secure data migration from local clinical research data silos into a dedicated analytic environment, and secure environment cleanup upon completion. We define metrics to support the evaluation of this pilot model through performance and stability tests, and describe evaluation of its suitability towards enabling rapid deployment by individual investigators.

  16. 17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.

    Science.gov (United States)

    2010-04-01

    ... selling security holders during a distribution. 242.102 Section 242.102 Commodity and Securities Exchanges... REQUIREMENTS FOR SECURITY FUTURES Regulation M § 242.102 Activities by issuers and selling security holders... or on behalf of an issuer or selling security holder, it shall be unlawful for such person, or...

  17. Secure Computation, I/O-Efficient Algorithms and Distributed Signatures

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Kölker, Jonas; Toft, Tomas

    2012-01-01

    adversary corrupting a constant fraction of the players and servers. Using packed secret sharing, the data can be stored in a compact way but will only be accessible in a block-wise fashion. We explore the possibility of using I/O-efficient algorithms to nevertheless compute on the data as efficiently...

  18. A Multi-Agent Immunology Model for Security Computer

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    This paper presents a computer immunology model for computersecurity , whose main components are defined as idea of Multi-Agent. It introduces the n at ural immune system on the principle, discusses the idea and characteristics of Mu lti-Agent. It gives a system model, and describes the structure and function of each agent. Also, the communication method between agents is described.

  19. Client-server framework for securely outsourcing computations

    NARCIS (Netherlands)

    Veugen, P.J.M.

    2016-01-01

    In the current age of information, with growing internet connectivity, people are looking for service providers to store their data, and compute with it. On the other hand, sensitive personal data is easily misused for unintended purposes. Wouldn’t it be great to have a scalable framework, where mul

  20. Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

    Science.gov (United States)

    1985-01-01

    The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

  1. 2nd International Doctoral Symposium on Applied Computation and Security Systems

    CERN Document Server

    Cortesi, Agostino; Saeed, Khalid; Chaki, Nabendu

    2016-01-01

    The book contains the extended version of the works that have been presented and discussed in the Second International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2015) held during May 23-25, 2015 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland; Ca’ Foscari University, Venice, Italy and University of Calcutta, India. The book is divided into volumes and presents dissertation works in the areas of Image Processing, Biometrics-based Authentication, Soft Computing, Data Mining, Next Generation Networking and Network Security, Remote Healthcare, Communications, Embedded Systems, Software Engineering and Service Engineering.

  2. Assessing the Risk Situation of Network Security for Active Defense

    Institute of Scientific and Technical Information of China (English)

    ZHANG Xiang; YAO Shuping; TANG Chenghua

    2006-01-01

    The risk situation assessment and forecast technique of network security is a basic method of active defense techniques. In order to assess the risk of network security two methods were used to define the index of risk and forecast index in time series, they were analytical hierarchy process (AHP) and support vector regression (SVR). The module framework applied the methods above was also discussed. Experiment results showed the forecast values were so close to actual values and so it proved the approach is correct.

  3. Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

    Directory of Open Access Journals (Sweden)

    Blanton Marina

    2016-10-01

    Full Text Available Computation based on genomic data is becoming increasingly popular today, be it for medical or other purposes. Non-medical uses of genomic data in a computation often take place in a server-mediated setting where the server offers the ability for joint genomic testing between the users. Undeniably, genomic data is highly sensitive, which in contrast to other biometry types, discloses a plethora of information not only about the data owner, but also about his or her relatives. Thus, there is an urgent need to protect genomic data. This is particularly true when the data is used in computation for what we call recreational non-health-related purposes. Towards this goal, in this work we put forward a framework for server-aided secure two-party computation with the security model motivated by genomic applications. One particular security setting that we treat in this work provides stronger security guarantees with respect to malicious users than the traditional malicious model. In particular, we incorporate certified inputs into secure computation based on garbled circuit evaluation to guarantee that a malicious user is unable to modify her inputs in order to learn unauthorized information about the other user’s data. Our solutions are general in the sense that they can be used to securely evaluate arbitrary functions and offer attractive performance compared to the state of the art. We apply the general constructions to three specific types of genomic tests: paternity, genetic compatibility, and ancestry testing and implement the constructions. The results show that all such private tests can be executed within a matter of seconds or less despite the large size of one’s genomic data.

  4. Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

    Science.gov (United States)

    Pathak, Rohit; Joshi, Satyadhar

    With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP

  5. Secure data structures based on multi-party computation

    DEFF Research Database (Denmark)

    Toft, Tomas

    2011-01-01

    This work considers data structures based on multi-party computation (MPC) primitives: structuring secret (e.g. secret shared and potentially unknown) data such that it can both be queried and updated efficiently. Implementing an oblivious RAM (ORAM) using MPC allows any existing data structure...... to be realized using MPC primitives, however, by focusing on a specific example -- a priority queue -- it is shown that it is possible to achieve much better results than the generic solutions can provide. Moreover, the techniques differ significantly from existing ORAM constructions. Indeed it has recently been...

  6. Minimizing Overhead for Secure Computation and Fully Homomorphic Encryption: Overhead

    Science.gov (United States)

    2015-11-01

    VI-C. 464 343 Approved for Public Release; Distribution Unlimited. • A coin value , denoted v(c): the denomination of c, as measured in basecoins, as...w.r.t. committed- value oracle based on one-way functions. For simplicity of exposition, the presen - tation below relies on a non-interactive...m1|) = p(np(λ)) bits long if IsCycle(K,m1) returns false. Thus, as long as IsCycle(K,m1) returns false, A2 can compute the value of b by measuring y’s

  7. Hybrid-secure MPC 

    DEFF Research Database (Denmark)

    Lucas, Christoph; Raub, Dominik; Maurer, Ueli

    2010-01-01

    of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ...Most protocols for distributed, fault-tolerant computation, or multi-party computation (MPC), provide security guarantees in an all-or-nothing fashion. In contrast, a hybrid-secure protocol provides different security guarantees depending on the set of corrupted parties and the computational power...... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t privacy and correctness only) for up to t

  8. A secure multi-party computation solution to intersection problems of sets and rectangles

    Institute of Scientific and Technical Information of China (English)

    LI Shundong; DAI Yiqi; WANG Daoshun; LUO Ping

    2006-01-01

    Secure multi-party computation (SMC) is a research focus in international cryptographic community. At present, there is no SMC solution to the intersection problem of sets. In this paper, we first propose a SMC solution to this problem. Applying Cantor encoding method to computational geometry problems, and based on the solution to set-intersection problem, we further propose solutions to points inclusion problem and intersection problem of rectangles and further prove their privacy-preserving property with widely accepted simulation paradigm. Compared with the known solutions, these new solutions are of less computational complexity and less communication complexity, and have obvious superiority in computational and communication complexity.

  9. New approach for ensuring cloud computing security: using data hiding methods

    Indian Academy of Sciences (India)

    MURAT YESILYURT; YILDIRAY YALMAN

    2016-11-01

    Cloud computing is one of the largest developments occurred in the field of information technology during recent years. This model has become more desirable for all institutions, organizations and also for personal use thanks to the storage of ‘valuable information’ at low costs, access to such information from anywhere in the world as well as its ease of use and low cost. In this paper, the services constituting the cloud architecture and deployment models are examined, and the main factors in the provision of security requirements of all those models as well as points to be taken into consideration are described in detail. In addition, the methods and tools considering how security, confidentiality and integrity of the information or data that formsthe basis of modern technology are implemented in cloud computing architecture are examined. Finally, it is proposed in the paper that the use of data hiding methods in terms of access security in cloud computing architecture and the security of the stored data would be very effective in securing information.

  10. EABDS:Attribute-Based Secure Data Sharing with Efficient Revo cation in Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    HUANG Qinlong; MA Zhaofeng; YANG Yixian; FU Jingyi; NIU Xinxin

    2015-01-01

    Ciphertext-policy attribute-based encryp-tion (CP-ABE) is becoming a promising solution to guar-antee data security in cloud computing. In this paper, we present an attribute-based secure data sharing scheme with Efficient revocation (EABDS) in cloud computing. Our scheme first encrypts data with Data encryption key (DEK) using symmetric encryption and then encrypts DEK based on CP-ABE, which guarantees the data con-fidentiality and achieves fine-grained access control. In or-der to solve the key escrow problem in current attribute based data sharing schemes, our scheme adopts additively homomorphic encryption to generate attribute secret keys of users by attribute authority in cooperation with key server, which prevents attribute authority from access-ing the data by generating attribute secret keys alone. Our scheme presents an immediate attribute revocation method that achieves both forward and backward security. The computation overhead of user is also reduced by dele-gating most of the decryption operations to the key server. The security and performance analysis results show that our scheme is more secure and efficient.

  11. PLANNING INTELLIGENCE ACTIVITIES IN A DYNAMIC SECURITY ENVIRONMENT

    Directory of Open Access Journals (Sweden)

    Anca Pavel

    2016-10-01

    Full Text Available The hypothesis introduced by this article is that, in order to perform intelligence missions and to obtain valuable intelligence for the consumers it is necessary to implement processes and tools to support planning activities. Today's challenges consist rather in the ability of intelligence organizations to identify and initiate new connections, processes and communication flows with other partners operating in the security environment than to plan in their own name secret operations. From this point of view, planning activities should focus on new procedures, at a much more extensive level in order to align institutional efforts beyond the boundaries of their own organization and the national community of information. Also, in order to coordinate intelligence activities, strategic planning must be anchored into a complex analysis of the potential impact of existing and possible future global phenomena that shape the security environment and thus identify better ways of improving results.

  12. A Theory of Secure Mobile Computation with Confined Movement and Communication

    Institute of Scientific and Technical Information of China (English)

    2007-01-01

    An extended πcalculus was introduced to deal with secure movement and intercommunication between agents.The system extends Nomadic-πwith objective migration primitive and confined region which serves as annotation labels of agents and channels.the confined region labels were used to uniquely identify the constraints on the migration and communication of agents,with the labels,the agents could be confined in a secure subsystem the migration and communication of agents,with the labels,the agents could be confined in a secure subsystem and the inter-agent communication could be confined between agents located on trusted sites during computation.The operational semantics for the calculus was given out ,and a type system which enforces security properties called confined migration and confined communication was developed.

  13. Metal artifact removal (MAR) analysis for the security inspections using the X-ray computed tomography

    Science.gov (United States)

    Cho, Hyo Sung; Woo, Tae Ho; Park, Chul Kyu

    2016-10-01

    Using the metal artifact property, it is analyzed for the X-ray computed tomography (CT) in the aspect of the security on the examined places like airport and surveillance areas. Since the importance of terror prevention strategy has been increased, the security application of X-ray CT has the significant remark. One shot X-ray image has the limitation to find out the exact shape to property in the closed box, which could be solved by the CT scanning without the tearing off the box in this work. Cleaner images can be obtained by the advanced technology if the CT scanning is utilized in the security purposes on the secured areas. A metal sample is treated by the metal artifact removal (MAR) method for the enhanced image. The mimicked explosive is experimented for the imaging processing application where the cleaner one is obtained. The procedure is explained and the further study is discussed.

  14. Unconditionally Secure Constant-Rounds Multi-party Computation for Equality, Comparison, Bits and Exponentiation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus; Toft, Tomas

    2006-01-01

    We show that if a set of players hold shares of a value aFp for some prime p (where the set of shares is written [a] p ), it is possible to compute, in constant rounds and with unconditional security, sharings of the bits of a, i.e., compute sharings [a 0] p , ..., [a ℓ− − 1] p such that ℓ = ⌈ log2...

  15. Computer Security: Join the CERN WhiteHat Challenge!

    CERN Document Server

    Computer Security Team

    2014-01-01

    Over the past couple of months, several CERN users have reported vulnerabilities they have found in computing services and servers running at CERN. All were relevant, many were interesting and a few even surprising. Spotting weaknesses and areas for improvement before malicious people can exploit them is paramount. It helps protect the operation of our accelerators and experiments as well as the reputation of the Organization. Therefore, we would like to express our gratitude to those people for having reported these weaknesses! Great job and well done!   Seizing the opportunity, we would like to reopen the hunt for bugs, vulnerabilities and insecure configurations of CERN applications, websites and devices. You might recall we ran a similar initiative (“Hide & Seek”) in 2012 where we asked you to sift through CERN’s webpages and send us those that hold sensitive and confidential information. Quite a number of juicy documents were found and subsequently remov...

  16. Computer Security: Social Media - Dos and Don’ts

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you blog frequently? Send tweets about what you've done? Keep a lively Facebook profile? Comment regularly on interactive forums? Many of us do.    "Social media", i.e. Twitter, Facebook, public blogs, interactive forums and public commenting functions on websites, are widely used for sharing information, outreach and contact with the world. While you can make use of social media for many different purposes, the lines between private and public, personal and professional are often blurred. Consequently, it is often difficult to get the balance right. As a social animal, you want to be frank, open and communicative and share your knowledge, experiences, opinions, feelings and life with your peers. On the other hand, while working at or for CERN, you cannot act in the void but have to respect CERN’s Code of Conduct, CERN’s Computing Rules and, for CERN personnel, the Staff Rules and Regulations. Therefore, if your posts include mention ...

  17. A review of automated image understanding within 3D baggage computed tomography security screening.

    Science.gov (United States)

    Mouton, Andre; Breckon, Toby P

    2015-01-01

    Baggage inspection is the principal safeguard against the transportation of prohibited and potentially dangerous materials at airport security checkpoints. Although traditionally performed by 2D X-ray based scanning, increasingly stringent security regulations have led to a growing demand for more advanced imaging technologies. The role of X-ray Computed Tomography is thus rapidly expanding beyond the traditional materials-based detection of explosives. The development of computer vision and image processing techniques for the automated understanding of 3D baggage-CT imagery is however, complicated by poor image resolutions, image clutter and high levels of noise and artefacts. We discuss the recent and most pertinent advancements and identify topics for future research within the challenging domain of automated image understanding for baggage security screening CT.

  18. Secure and Dynamic Model for Book Searching on Cloud Computing as Mobile Augmented Reality

    Directory of Open Access Journals (Sweden)

    Adeel Rafiq

    2014-01-01

    Full Text Available Availability of internet on different devices like smart phones like android based, IOs based, windows based and PDA etc. has brought into the evolution of mobile cloud computing, which is a vast side of research nowadays. Internet connectivity has become very easy with the evolution of Wi-Fi, everyone can access the internet using wireless connectivity. A major issue in wireless connectivity is the low level of encryption and low security. This might be a security risk for the sensitive data available on the cloud. There are mobile augmented reality systems based on cloud computing, we want to propose a dynamic framework for the security of cloud and live update data on cloud.

  19. 78 FR 38949 - Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response

    Science.gov (United States)

    2013-06-28

    ... specialized formats to communicate incident information? 5. What do you see as the pros and cons of... National Institute of Standards and Technology Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response AGENCY: National Institute of Standards and Technology, U.S. Department...

  20. An Empirical Study and some Improvements of the MiniMac Protocol for Secure Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Lauritsen, Rasmus; Toft, Tomas

    2014-01-01

    suggest a modification of MiniMac that achieves increased parallelism at no extra communication cost. This gives an asymptotic improvement of the original protocol as well as an 8-fold speed-up of our implementation. We compare the resulting protocol to TinyOT for the case of secure computation in parallel...

  1. Computer Security: ransomware - when it is too late...

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    “Ransomware is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction.    Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying...” (Source: https://en.wikipedia.org/wiki/Ransomware) It is not unusual to see devices falling prey to ransomware. PCs and laptops, in particular those running the Windows operating system, can easily be infected with ransomware if the user is inattentive. For example, if they open an attachment to an unsolicited mail (see some hints to detect bad emails here), or click on the link to a malicious website (see our articles on our clicking campaign). So what can you do if you have already ...

  2. CS651 Computer Systems Security Foundations 3d Imagination Cyber Security Management Plan

    Energy Technology Data Exchange (ETDEWEB)

    Nielsen, Roy S. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-03-02

    3d Imagination is a new company that bases its business on selling and improving 3d open source related hardware. The devices that they sell include 3d imagers, 3d printers, pick and place machines and laser etchers. They have a fast company intranet for ease in sharing, storing and printing large, complex 3d designs. They have an employee set that requires a variety of operating systems including Windows, Mac and a variety of Linux both for running business services as well as design and test machines. There are a wide variety of private networks for testing transfer rates to and from the 3d devices, without interference with other network tra c. They do video conferencing conferencing with customers and other designers. One of their machines is based on the project found at delta.firepick.org(Krassenstein, 2014; Biggs, 2014), which in future, will perform most of those functions. Their devices all include embedded systems, that may have full blown operating systems. Most of their systems are designed to have swappable parts, so when a new technology is born, it can be quickly adopted by people with 3d Imagination hardware. This company is producing a fair number of systems and components, however to get the funding they need to mass produce quality parts, so they are preparing for an IPO to raise the funds they need. They would like to have a cyber-security audit performed so they can give their investors con dence that they are protecting their data, customers information and printers in a proactive manner.

  3. Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

    Science.gov (United States)

    Buckman, Joel; Gold, Stephanie

    2012-01-01

    This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

  4. Dynamic Auditing Protocol for Efficient and Secure Data Storage in Cloud Computing

    Directory of Open Access Journals (Sweden)

    J. Noorul Ameen

    2014-06-01

    Full Text Available Cloud computing, where the data has been stored on cloud servers and retrieved by users (data consumers the data from cloud servers. However, there are some security challenges which are in need of independent auditing services to verify the data integrity and safety in the cloud. Until now a numerous methods has been developed for remote integrity checking whichever only serve for static archive data and cannot be implemented to the auditing service if the data in the cloud is being dynamically updated. Therefore, it is expected to design an efficient and secure dynamic auditing protocol to convince the data owners for t he security and integrity of their data. In this paper, we intent to construct an auditing framework for cloud storage systems for efficient privacy-preserving auditing service. Then, our auditing protocol is extended to support the data dynamic operations for secure auditing in the random oracle model. In addition, our auditing protocol is improved to support batch auditing for both multiple owners and multiple clouds without any trusted organizer. Our proposed auditing protocols will be proved for their secure and efficient computation with reduced cost for the auditing.

  5. Computer Network Security Research%计算机网络安全研究

    Institute of Scientific and Technical Information of China (English)

    李小瓦

    2012-01-01

    本文就从计算机网络安全的特点入手,对计算机网络安全的结构及病毒的传播方式进行分析,找出当前计算机网络中存在的问题;通过现代的密码技术、防火墙技术等提出了行之有效的解决措施。%In this paper, starting from the characteristics of computer network security, and to analyze the structure of the computer network security and the spread of the virus,to identify problems in the current computer network;modem cryptographic techniques and firewall technology effective solutions.

  6. Security Analysis and Improvement of User Authentication Framework for Cloud Computing

    Directory of Open Access Journals (Sweden)

    Nan Chen

    2014-01-01

    Full Text Available Cloud Computing, as an emerging, virtual, large-scale distributed computing model, has gained increasing attention these years. Meanwhile it also faces many secure challenges, one of which is authentication. In this paper, we firstly analyze a user authentication framework for cloud computing proposed by Amlan Jyoti Choudhury et al and point out the security attacks existing in the protocol. Then we propose an improved user authentication scheme. Our improved protocol ensures user legitimacy before entering into the cloud. The confidentiality and the mutual authentication of our protocol are formally proved by the strand space model theory and the authentication test method. The simulation illustrates that the communication performance of our scheme is efficient

  7. Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

    Science.gov (United States)

    Ahmad, Mushtaq

    Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

  8. A Theoretical Aspect of Cloud Computing Service Models and Its Security Issues: A Paradigm

    Directory of Open Access Journals (Sweden)

    S. B. Dash

    2014-06-01

    Full Text Available Cloud computing is a distributed computing environment that provides on demand services to the users for deploying their computational needs in a virtualized environment without the knowledge of technical infrastructure. Due to reliability, scalability, high performance and low band width most of the organizations are running their applications in cloud. The cloud service providers provide the services to the registered cloud users on payment basic across the glove. The cloud services are basically categorized as SaaS, PaaS, and IaaS. The services are available to the users depending on cloud deployment and the SLA (service level agreements between the service providers and the users. Providing security to the users and trust into cloud environment is the responsibility of the cloud service providers. The main objective of this paper is to provide a clear idea about the cloud service models and outline the security issues in the service models.

  9. Security in Cloud Computing For Service Delivery Models: Challenges and Solutions

    Directory of Open Access Journals (Sweden)

    Preeti Barrow

    2016-04-01

    Full Text Available Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with almost no investment in new framework, training new staff, or authorizing new software. Though today everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security assurance to its customers and therefore, businesses are hesitant to accept cloud and the vast benefits that come along with it. The absence of proper security controls delimits the benefits of cloud. In this paper, a review on different cloud service models and a survey of the different security challenges and issues while providing services in cloud is presented .The paper focuses on the security issues specific to service delivery model (SaaS, IaaS and PaaS of cloud environment. This paper also explores the various security solutions currently being applied to protect cloud from various kinds of intruders

  10. An Efficient and Secure m-IPS Scheme of Mobile Devices for Human-Centric Computing

    Directory of Open Access Journals (Sweden)

    Young-Sik Jeong

    2014-01-01

    Full Text Available Recent rapid developments in wireless and mobile IT technologies have led to their application in many real-life areas, such as disasters, home networks, mobile social networks, medical services, industry, schools, and the military. Business/work environments have become wire/wireless, integrated with wireless networks. Although the increase in the use of mobile devices that can use wireless networks increases work efficiency and provides greater convenience, wireless access to networks represents a security threat. Currently, wireless intrusion prevention systems (IPSs are used to prevent wireless security threats. However, these are not an ideal security measure for businesses that utilize mobile devices because they do not take account of temporal-spatial and role information factors. Therefore, in this paper, an efficient and secure mobile-IPS (m-IPS is proposed for businesses utilizing mobile devices in mobile environments for human-centric computing. The m-IPS system incorporates temporal-spatial awareness in human-centric computing with various mobile devices and checks users’ temporal spatial information, profiles, and role information to provide precise access control. And it also can extend application of m-IPS to the Internet of things (IoT, which is one of the important advanced technologies for supporting human-centric computing environment completely, for real ubiquitous field with mobile devices.

  11. Computer Security: Getting a better image from the Organization

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you make regular presentations about CERN or CERN's activities to the public? Do you manage public webpages hosted by CERN? Do you edit or contribute to CERN publications? Besides plenty of text, every good presentation, webpage or publication is usually spruced up with visual content: graphics, photos or even videos. But have you ever thought about whether you actually have the proper rights to use such imagery?   Just recently, a stock photo agency contacted CERN regarding an image published on a web page currently under CERN's responsibility. According to them, this image had been used without the proper rights and thus violated their copyright. As the web page is from 2007 and as is part of an EU funded project which has since ended, it is hard to check the facts. The image has since been removed to comply with the photo agency's conditions. We should take all the possible steps to avoid receiving similar letters, and to uphold the good image of the Organization...

  12. Experimental realization of an entanglement access network and secure multi-party computation

    Science.gov (United States)

    Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

    2016-07-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

  13. Experimental realization of secure multi-party computation in an entanglement access to network

    CERN Document Server

    Chang, X Y; Yuan, X X; Hou, P Y; Huang, Y Y; Duan, L M

    2015-01-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography.

  14. Experimental realization of an entanglement access network and secure multi-party computation

    Science.gov (United States)

    Chang, X.-Y.; Deng, D.-L.; Yuan, X.-X.; Hou, P.-Y.; Huang, Y.-Y.; Duan, L.-M.

    2016-01-01

    To construct a quantum network with many end users, it is critical to have a cost-efficient way to distribute entanglement over different network ends. We demonstrate an entanglement access network, where the expensive resource, the entangled photon source at the telecom wavelength and the core communication channel, is shared by many end users. Using this cost-efficient entanglement access network, we report experimental demonstration of a secure multiparty computation protocol, the privacy-preserving secure sum problem, based on the network quantum cryptography. PMID:27404561

  15. Towards Realising Secure and Efficient Image and Video Processing Applications on Quantum Computers

    Directory of Open Access Journals (Sweden)

    Abdullah M. Iliyasu

    2013-07-01

    Full Text Available Exploiting the promise of security and efficiency that quantum computing offers, the basic foundations leading to commercial applications for quantum image processing are proposed. Two mathematical frameworks and algorithms to accomplish the watermarking of quantum images, authentication of ownership of already watermarked images and recovery of their unmarked versions on quantum computers are proposed. Encoding the images as 2n-sized normalised Flexible Representation of Quantum Images (FRQI states, with n-qubits and 1-qubit dedicated to capturing the respective information about the colour and position of every pixel in the image respectively, the proposed algorithms utilise the flexibility inherent to the FRQI representation, in order to confine the transformations on an image to any predetermined chromatic or spatial (or a combination of both content of the image as dictated by the watermark embedding, authentication or recovery circuits. Furthermore, by adopting an apt generalisation of the criteria required to realise physical quantum computing hardware, three standalone components that make up the framework to prepare, manipulate and recover the various contents required to represent and produce movies on quantum computers are also proposed. Each of the algorithms and the mathematical foundations for their execution were simulated using classical (i.e., conventional or non-quantum computing resources, and their results were analysed alongside other longstanding classical computing equivalents. The work presented here, combined together with the extensions suggested, provide the basic foundations towards effectuating secure and efficient classical-like image and video processing applications on the quantum-computing framework.

  16. Review of Cloud Computing Security%云安全研究进展综述

    Institute of Scientific and Technical Information of China (English)

    俞能海; 郝卓; 徐甲甲; 张卫明; 张驰

    2013-01-01

    随着云计算在学术界和工业界的兴起,云计算也不可避免的带来了一些安全问题.本文对云计算的安全需求进行了总结,指出云计算不仅在机密性、数据完整性、访问控制和身份认证等传统安全性上存在需求,而且在可信性、配置安全性、虚拟机安全性等方面具有新的安全需求.我们对云计算的两个典型产品Amazon Web Services和Windows Azure的安全状况进行了总结,并阐述了针对云计算的拒绝服务攻击和旁通道攻击.基于云计算的安全需求和面临的攻击,对现有安全机制进行了优缺点分析,系统的总结了现有的安全机制.%With the development of cloud computing in the academia and industry, it is inevitable that many security problems arise.This paper summarizes the security requirements of cloud computing, which not only cover the traditional security requirements like confidentiality,data integrity,access control and identity authentication,but also introduce new security requirements in the credibility,configuration and virtual machinery.We make conclusions about the security situations on two typical cloud computing products: Amazon Web Services and Windows Azure and elaborate two attack mechanisms against cloud computing:Denial of service attack and Side channel attack.Based on the security requirements and attacks against cloud computing, we systematically summarize the current security protection mechanisms and further make a comparison among them.

  17. Enhanced Survey and Proposal to secure the data in Cloud Computing Environment

    Directory of Open Access Journals (Sweden)

    MR.S.SUBBIAH

    2013-01-01

    Full Text Available Cloud computing have the power to eliminate the cost of setting high end computing infrastructure. It is a promising area or design to give very flexible architecture, accessible through the internet. In the cloud computing environment the data will be reside at any of the data centers. Due to that, some data center may leak the data stored on there, beyond the reach and control of the users. For this kind of misbehaving data centers, the service providers should take care of the security and privacy of the data stored in the data centers through the cloud computing environment. This survey paper try to elaborate and analyze the various unresolved issues in the cloud computing environment and try to propose an alternate method which can be useful to the various kind of users who are willing to get into the new era of cloud computing. Moreover this paper try to give some suggestions in the area of Securing the data while storing the data in the cloud server, implement new Data displacement strategies, Service Level Agreement between the user and the Cloud Service Provider and finally how to improve the Quality of Service.

  18. Formulation, computation and improvement of steady state security margins in power systems. Part II: Results

    Energy Technology Data Exchange (ETDEWEB)

    Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T. [School of Engineering of Universidad Pontificia Comillas, C/Alberto Aguilera, 23, 28015 Madrid (Spain)

    2011-02-15

    A steady state security margin for a particular operating point can be defined as the distance from this initial point to the secure operating limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. This is the second part of a two part paper. Part I has proposed a novel framework of a general model able to formulate, compute and improve any steady state security margin. In Part II the performance of the general model is validated by solving a variety of practical situations in modern real power systems. Actual examples of the Spanish power system will be used for this purpose. The same computation and improvement algorithms outlined in Part I have been applied for the four security margins considered in the study, outlining the convenience of defining a general framework valid for the four of them. The general model is used here in Part II to compute and improve: (a) the power flow feasibility margin (assessing the influence of the reactive power generation limits in the Spanish power system), (b) the contingency feasibility margin (assessing the influence of transmission and generation capacity in maintaining a correct voltage profile), (c) the load margin to voltage collapse (assessing the location and quantity of loads that must be shed in order to be far away from voltage collapse) and (d) the total transfer capability (assessing the export import pattern of electric power between different areas of the Spanish system). (author)

  19. Energy Efficient Security Preserving VM Live Migration In Data Centers For Cloud Computing

    Directory of Open Access Journals (Sweden)

    Korir Sammy

    2012-03-01

    Full Text Available Virtualization is an innovation that has widely been utilized in modern data centers for cloud computing to realize energy-efficient operations of servers. Virtual machine (VM migration brings multiple benefits such as resource distribution and energy aware consolidation. Server consolidation achieves energy efficiency by enabling multiple instances of operating systems to run simultaneously on a single machine. With virtualization, it is possible to consolidate severs through VM live migration. However, migration of virtual machines brings extra energy consumption and serious security concerns that derail full adoption of this technology. In this paper, we propose a secure energy-aware provisioning of cloud computing resources on consolidated and virtualized platforms. Energy efficiency is achieved through just-right dynamic Round-Robin provisioning mechanism and the ability to power down sub-systems of a host system that are not required by VMs mapped to it. We further propose solutions to security challenges faced during VM live migration. We validate our approach by conducting a set of rigorous performance evaluation study using CloudSim toolkit. The experimental results show that our approach achieves reduced energy consumption in data centers while not compromising on security.

  20. Service task partition and distribution in star topology computer grid subject to data security constraints

    Energy Technology Data Exchange (ETDEWEB)

    Xiang Yanping [Collaborative Autonomic Computing Laboratory, School of Computer Science, University of Electronic Science and Technology of China (China); Levitin, Gregory, E-mail: levitin@iec.co.il [Collaborative Autonomic Computing Laboratory, School of Computer Science, University of Electronic Science and Technology of China (China); Israel electric corporation, P. O. Box 10, Haifa 31000 (Israel)

    2011-11-15

    The paper considers grid computing systems in which the resource management systems (RMS) can divide service tasks into execution blocks (EBs) and send these blocks to different resources. In order to provide a desired level of service reliability the RMS can assign the same blocks to several independent resources for parallel execution. The data security is a crucial issue in distributed computing that affects the execution policy. By the optimal service task partition into the EBs and their distribution among resources, one can achieve the greatest possible service reliability and/or expected performance subject to data security constraints. The paper suggests an algorithm for solving this optimization problem. The algorithm is based on the universal generating function technique and on the evolutionary optimization approach. Illustrative examples are presented. - Highlights: > Grid service with star topology is considered. > An algorithm for evaluating service reliability and data security is presented. > A tradeoff between the service reliability and data security is analyzed. > A procedure for optimal service task partition and distribution is suggested.

  1. Computational Security Analysis of the UMTS and LTE Authentication and Key Agreement Protocols

    CERN Document Server

    Mjølsnes, Stig

    2012-01-01

    One of the forerunners and main candidates for the fourth generation (4G) generation mobile communication system is commonly known under the name Long-Term Evolution (LTE) and its standard is produced and maintained by the international 3rd Generation Partnership Program (3GPP) consortium. The LTE Authentication and Key Agreement (AKA) protocol design is based on the Universal Mobile Telecommunications System (UMTS) AKA protocol, which is widely used today for third generation (3G) wireless networks. The authentication protocols for these mobile network systems will arguably become the most widely used security protocols in the near future. We present a computational security analysis of both the LTE AKA and the UMTS AKA. This work constitutes the first security analysis of LTE AKA to date. Our analysis is based on a computational security model. Moreover, we report on a deficiency in the protocol specifications, and show how this may enable attacks on both LTE AKA and UMTS AKA. The vulnerability can be explo...

  2. 3rd International Doctoral Symposium on Applied Computation and Security Systems

    CERN Document Server

    Saeed, Khalid; Cortesi, Agostino; Chaki, Nabendu

    2017-01-01

    This book presents extended versions of papers originally presented and discussed at the 3rd International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2016) held from August 12 to 14, 2016 in Kolkata, India. The symposium was jointly organized by the AGH University of Science & Technology, Cracow, Poland; Ca’ Foscari University, Venice, Italy; and the University of Calcutta, India. The book is divided into two volumes, Volumes 3 and 4, and presents dissertation works in the areas of Image Processing, Biometrics-based Authentication, Soft Computing, Data Mining, Next-Generation Networking and Network Security, Remote Healthcare, Communications, Embedded Systems, Software Engineering and Service Engineering. The first two volumes of the book published the works presented at the ACSS 2015, which was held from May 23 to 25, 2015 in Kolkata, India.

  3. Special Issue on Entropy-Based Applied Cryptography and Enhanced Security for Ubiquitous Computing

    Directory of Open Access Journals (Sweden)

    James (Jong Hyuk Park

    2016-09-01

    Full Text Available Entropy is a basic and important concept in information theory. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas. Ubiquitous computing (Ubi-comp has emerged rapidly as an exciting new paradigm. In this special issue, we mainly selected and discussed papers related with ore theories based on the graph theory to solve computational problems on cryptography and security, practical technologies; applications and services for Ubi-comp including secure encryption techniques, identity and authentication; credential cloning attacks and countermeasures; switching generator with resistance against the algebraic and side channel attacks; entropy-based network anomaly detection; applied cryptography using chaos function, information hiding and watermark, secret sharing, message authentication, detection and modeling of cyber attacks with Petri Nets, and quantum flows for secret key distribution, etc.

  4. Students and Taxes: a Privacy-Preserving Study Using Secure Computation

    Directory of Open Access Journals (Sweden)

    Bogdanov Dan

    2016-07-01

    Full Text Available We describe the use of secure multi-party computation for performing a large-scale privacy-preserving statistical study on real government data. In 2015, statisticians from the Estonian Center of Applied Research (CentAR conducted a big data study to look for correlations between working during university studies and failing to graduate in time. The study was conducted by linking the database of individual tax payments from the Estonian Tax and Customs Board and the database of higher education events from the Ministry of Education and Research. Data collection, preparation and analysis were conducted using the Share-mind secure multi-party computation system that provided end-to-end cryptographic protection to the analysis. Using ten million tax records and half a million education records in the analysis, this is the largest cryptographically private statistical study ever conducted on real data.

  5. Autonomous Micro-Modular Mobile Data Center Cloud Computing Study for Modeling, Simulation, Information Processing and Cyber-Security Viability Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Cloud computing security penetration testing and anomaly detection defense studies were conducted to assess the adequacy of cloud computing security.  Since...

  6. Parallel Oblivious Array Access for Secure Multiparty Computation and Privacy-Preserving Minimum Spanning Trees

    Directory of Open Access Journals (Sweden)

    Laud Peeter

    2015-06-01

    Full Text Available In this paper, we describe efficient protocols to perform in parallel many reads and writes in private arrays according to private indices. The protocol is implemented on top of the Arithmetic Black Box (ABB and can be freely composed to build larger privacypreserving applications. For a large class of secure multiparty computation (SMC protocols, our technique has better practical and asymptotic performance than any previous ORAM technique that has been adapted for use in SMC.

  7. Using Mathematics to Make Computing on Encrypted Data Secure and Practical

    Science.gov (United States)

    2015-12-01

    New York (2009), 333-342. [PR] M. Prabhakaran and M. Rosulek, Homomorphic Encryption with CCA Security, in Proceedings of Automata, Languages and...method in the language of commutative algebra, replacing the “polynomial chains” that they used to compute powers of ideals in certain rings by tensor...that our reformulation will make it easier to understand the method and improve upon it. This should help to make it more widely applicable in a

  8. Information Technology Convergence, Secure and Trust Computing, and Data Management ITCS 2012 & STA 2012

    CERN Document Server

    Kim, Jongsung; Zou, Deqing; Lee, Yang

    2012-01-01

    ITCS 2012 and STA 2012 address the various theories and practical applications of information technology convergence, secure and trust computing, and data management in future environments. It will present important results of significant value to solve the application services and various problems within the scope of ITCS 2012 & STA 2012. In addition, we expect it will trigger further related research and technology developments which will improve our lives in the future.

  9. Activity-based computing: computational management of activities reflecting human intention

    DEFF Research Database (Denmark)

    Bardram, Jakob E; Jeuris, Steven; Houben, Steven

    2015-01-01

    paradigm that has been applied in personal information management applications as well as in ubiquitous, multidevice, and interactive surface computing. ABC has emerged as a response to the traditional application- and file-centered computing paradigm, which is oblivious to a notion of a user’s activity...... context spanning heterogeneous devices, multiple applications, services, and information sources. In this article, we present ABC as an approach to contextualize information, and present our research into designing activity-centric computing technologies.......An important research topic in artificial intelligence is automatic sensing and inferencing of contextual information, which is used to build computer models of the user’s activity. One approach to build such activity-aware systems is the notion of activity-based computing (ABC). ABC is a computing...

  10. Activity-based computing: computational management of activities reflecting human intention

    DEFF Research Database (Denmark)

    Bardram, Jakob E; Jeuris, Steven; Houben, Steven

    2015-01-01

    An important research topic in artificial intelligence is automatic sensing and inferencing of contextual information, which is used to build computer models of the user’s activity. One approach to build such activity-aware systems is the notion of activity-based computing (ABC). ABC is a computing...... paradigm that has been applied in personal information management applications as well as in ubiquitous, multidevice, and interactive surface computing. ABC has emerged as a response to the traditional application- and file-centered computing paradigm, which is oblivious to a notion of a user’s activity...... context spanning heterogeneous devices, multiple applications, services, and information sources. In this article, we present ABC as an approach to contextualize information, and present our research into designing activity-centric computing technologies....

  11. Secure encapsulation and publication of biological services in the cloud computing environment.

    Science.gov (United States)

    Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

    2013-01-01

    Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

  12. Ensuring Data Security And Privacy In Cloud Computing Through Transparency as Service Model

    Directory of Open Access Journals (Sweden)

    Afzaal Ahmad

    2014-09-01

    Full Text Available Cloud Computing is hot technology in computer world today. Its getting popular because its inexpensive, provides on demand access when and where needed. It also removes technical staff requirements for maintaining the infrastructure because that is done on the provider side thus significantly reducing organizational costs. It also provides opportunity for scientists to use powerful computing resources for research purposes which are very expensive on rent bases which they normally would not have been able to use due to cost factors.But with these features it has certain problems that discredit the service one of major problems is Data Security and Privacy.Since the only party that has physical access to data storage is provider and to keep track of where data is stored for certain users the providers keep meta-data in their own databases it creates a security and data privacy issue.If meta-data is compromised than unauthorized access to user data is possible.This paper proposes a Transparency Service Model to insure security and privacy of the user data.

  13. A Secure Mathematical Computation Protocol%安全网络数学计算协议

    Institute of Scientific and Technical Information of China (English)

    林东岱; 宋志敏; 等

    2002-01-01

    The Internet Accessible Mathematical Computation (IAMC) framework makes supplying/accessing mathematical computation easy on the Internet/Web.In this paper ,the vulnerabilities of the current IAMC framework is discussed.A scheme for incorporating SSL/TLS protocol into the current Mathematical Computation Protocol is presented. The resulting secure Mathematical Computation Protocol can then provide crypto-graphic authentications,data privacy and integrity.%讨论了网络数学计算框架IAMC的安全性问题,给出了一个用安全协议SSL/TLS提高数学计算协议MCP安全性的实现方案.改进后的网络数学计算框架可有效地提供计算数据的机密性、完整性和用户认证等安全功能.

  14. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  15. Discussion on Relevant Standards of Cloud-Computing Security%云计算安全相关标准研究现状初探

    Institute of Scientific and Technical Information of China (English)

    颜斌

    2012-01-01

    云计算带来了广阔的应用前景,但也对传统的信息安全技术在云计算模式下的应用提出了新的挑战,安全和标准化是云计算所面临的众多问题中的关键所在。目前,各国政府机构和研究组织正在积极着手研究相关问题,文中围绕云计算安全标准研究展开,介绍当前主要的云安全标准组织情况,并就各自在云计算安全领域的标准研究情况进行概述,对其主要研究成果进行扼要分析,希望为国内云计算安全标准的研究提供部分借鉴。%Cloud computing brings a broad application prospects while also new challenges to the application of traditional information security technology under cloud computing mode,and its security and standardization is the key to many problems faced by cloud computing. Currently,various government agencies and research organizations are actively engaged in the study of related issues. This paper,with focus on the study of cloud computing security standards,describes the principal cloud security standards organizations,and briefs their the respective standards researches of cloud computing security,analyzes their major research achievements,hoping that this could provide certain reference for domestic research of cloud computing security standards.

  16. 78 FR 46358 - Extension of Agency Information Collection Activity Under OMB Review: Security Programs for...

    Science.gov (United States)

    2013-07-31

    ... From the Federal Register Online via the Government Publishing Office DEPARTMENT OF HOMELAND SECURITY Transportation Security Administration Extension of Agency Information Collection Activity Under... against acts of criminal violence and air piracy, and the introduction of explosives, incendiaries,...

  17. Security

    Science.gov (United States)

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  18. 77 FR 32709 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Homeland Security...

    Science.gov (United States)

    2012-06-01

    ... us. DHS will disclose two separate data files through a computer matching operation for our use in... ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (SSA/ Department of Homeland Security... an existing computer matching program that will expire on July 18, 2012. SUMMARY: In accordance...

  19. 浅析计算机网络安全建设及安全技术策略%Computer Network Security Construction and Security Technology Strategies Analysis

    Institute of Scientific and Technical Information of China (English)

    岳慧平; 刘广; 刘建平

    2011-01-01

    With the computer technology and communication technology in all aspects of social life, the extensive application of computer network security issues and more and more prominent.This definition of network security from the start,details the threat to computer network security considerations,and proposed technical and management aspects of the corresponding preventive measures.%随着计算机技术和通信技术在社会生活各方面的广泛应用,计算机网络安全防护问题也愈来愈突出。本文从网络全定义入手,详细阐述了威胁计算机网络安全的因素,并在技术及管理方面提出了相应的防范对策。

  20. Proceedings from the conference on high speed computing: High speed computing and national security

    Energy Technology Data Exchange (ETDEWEB)

    Hirons, K.P.; Vigil, M.; Carlson, R. [comps.

    1997-07-01

    This meeting covered the following topics: technologies/national needs/policies: past, present and future; information warfare; crisis management/massive data systems; risk assessment/vulnerabilities; Internet law/privacy and rights of society; challenges to effective ASCI programmatic use of 100 TFLOPs systems; and new computing technologies.

  1. Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques

    CERN Document Server

    Bhadauria, Rohit

    2012-01-01

    Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow multi-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data-centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to...

  2. An Intelligent and Secure Health Monitoring Scheme Using IoT Sensor Based on Cloud Computing

    Directory of Open Access Journals (Sweden)

    Jin-Xin Hu

    2017-01-01

    Full Text Available Internet of Things (IoT is the network of physical objects where information and communication technology connect multiple embedded devices to the Internet for collecting and exchanging data. An important advancement is the ability to connect such devices to large resource pools such as cloud. The integration of embedded devices and cloud servers offers wide applicability of IoT to many areas of our life. With the aging population increasing every day, embedded devices with cloud server can provide the elderly with more flexible service without the need to visit hospitals. Despite the advantages of the sensor-cloud model, it still has various security threats. Therefore, the design and integration of security issues, like authentication and data confidentiality for ensuring the elderly’s privacy, need to be taken into consideration. In this paper, an intelligent and secure health monitoring scheme using IoT sensor based on cloud computing and cryptography is proposed. The proposed scheme achieves authentication and provides essential security requirements.

  3. Securely Data Forwarding and Maintaining Reliability of Data in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Sonali A.Wanjari

    2015-02-01

    Full Text Available Cloud works as an online storage servers and provides long term storage services over the internet. It is like a third party in whom we can store a data so they need data confidentiality, robustness and functionality. Encryption and encoding methods are used to solve such problems. After that divide proxy re-encryption scheme and integrating it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure, robust data storage and retrieval but also lets the user forward his data to another user without retrieving the data. A concept of backup in same server allows users to retrieve failure data successfully in the storage server and also forward to another user without retrieving the data back. This is an attempt to provide light-weight approach which protects data access in distributed storage servers. User can implement all important concept i.e. Confidentiality for security, Robustness for healthy data, Reliability for flexible data, Availability for compulsory data will be achieved to another user which is store in cloud and easily overcome problem of “Securely data forwarding and maintaining, reliability of data in cloud computing “using different type of Methodology and Technology.

  4. Computational Models for Analysis of Illicit Activities

    DEFF Research Database (Denmark)

    Nizamani, Sarwat

    result in a fully evolved network. This method of network evolution can help intelligence security analysts to understand the structure of the network. For suspicious emails detection and email author identification, a cluster-based text classification model has been proposed. The model outperformed...... traditional models for both of the tasks. Apart from these globally organized crimes and cybercrimes, there happen specific world issues which affect geographic locations and take the form of bursts of public violence. These kinds of issues have received little attention by the academicians. These issues have...... to describe the phenomenon of contagious public outrage, which eventually leads to the spread of violence following a disclosure of some unpopular political decisions and/or activity. The results shed a new light on terror activity and provide some hint on how to curb the spreading of violence within...

  5. Cryptanalysis and security enhancement of optical cryptography based on computational ghost imaging

    Science.gov (United States)

    Yuan, Sheng; Yao, Jianbin; Liu, Xuemei; Zhou, Xin; Li, Zhongyang

    2016-04-01

    Optical cryptography based on computational ghost imaging (CGI) has attracted much attention of researchers because it encrypts plaintext into a random intensity vector rather than complexed-valued function. This promising feature of the CGI-based cryptography reduces the amount of data to be transmitted and stored and therefore brings convenience in practice. However, we find that this cryptography is vulnerable to chosen-plaintext attack because of the linear relationship between the input and output of the encryption system, and three feasible strategies are proposed to break it in this paper. Even though a large number of plaintexts need to be chosen in these attack methods, it means that this cryptography still exists security risks. To avoid these attacks, a security enhancement method utilizing an invertible matrix modulation is further discussed and the feasibility is verified by numerical simulations.

  6. InfoSec-MobCop - Framework for Theft Detection and Data Security on Mobile Computing Devices

    Science.gov (United States)

    Gupta, Anand; Gupta, Deepank; Gupta, Nidhi

    People steal mobile devices with the intention of making money either by selling the mobile or by taking the sensitive information stored inside it. Mobile thefts are rising even with existing deterrents in place. This is because; they are ineffective, as they generate unnecessary alerts and might require expensive hardware equipments. In this paper a novel framework termed as InfoSec-MobCop is proposed which secures a mobile user’s data and discovers theft by detecting any anomaly in the user behavior. The anomaly of the user is computed by extracting and monitoring user specific details (typing pattern and usage history). The result of any intrusion attempt by a masquerader is intimated to the service provider through an SMS. Effectiveness of the used approach is discussed using FAR and FRR graphs. The experimental system uses both real users and simulated studies to quantify the effectiveness of the InfoSec-MobCop (Information Security Mobile Cop).

  7. Darwin inside the machines: Malware evolution and the consequences for computer security

    CERN Document Server

    Iliopoulos, D; Szor, P

    2011-01-01

    Recent advances in anti-malware technologies have steered the security industry away from maintaining vast signature databases and into newer defence technologies such as behaviour blocking, application whitelisting and others. Most would agree that the reasoning behind this is to keep up with the arms race established between malware writers and the security community almost three decades ago. Still, malware writers have not as yet created new paradigms. Indeed, malicious code development is still largely limited to code pattern changes utilizing polymorphic and metamorphic engines, as well as executable packer and wrapper technologies. Each new malware instance retains the exact same core functionality as its ancestor and only alters the way it looks. What if, instead, malware were able to change its function or behaviour autonomously? What if, in the absence of human intervention, computer viruses resembled biological viruses in their ability to adapt to new defence technologies as soon as they came into e...

  8. Security Models and Management in Cloud Computing%云计算安全模型与管理

    Institute of Scientific and Technical Information of China (English)

    虞慧群; 范贵生

    2013-01-01

    安全问题是云计算应用最受关注的问题之一,云计算的资源虚拟化、分布性和动态性等特性使得云安全成为具有挑战性的课题.从云计算的结构特征分析出发,对云计算安全模型的结构和构件进行了剖析,从预防、监控、响应等3个阶段阐述了云安全管理模式,并对云数据安全策略的粘性管理机制进行分析.%Security problem is one of the most concerned issues in cloud computing application.Features of cloud computing such as resource virtualization,distributed locations,behavioral dynamics,make its security a challenging problem.This paper addresses security models and management in cloud computing.Characteristics of cloud computing architectures are analyzed.A security framework of cloud computing and its components are proposed.Three phases of security management mode in cloud computing,i.e.,protection,monitoring and response,are presented.A sticky cloud data security policy model and its management mechanisms are articulated as well.

  9. 个人计算机网络安全防护策略%Personal Computer Network Security Strategy

    Institute of Scientific and Technical Information of China (English)

    付曙光

    2011-01-01

    This article mainly elaborated on the definition of network security and network security against the content of.Discusses the threat of network security factors and how to protect personal computer network security and need to do prevention measures.%本文主要阐述了网络安全的定义及危害网络安全所表现的内容。论述了威胁网络安全的因素及怎样保障个人计算机的网络安全及煎要做的防范措施。

  10. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm.

    Science.gov (United States)

    Abdulhamid, Shafi'i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques.

  11. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

    Science.gov (United States)

    Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239

  12. Methodology for assessing the security risks associated with computer sites and networks. Part 1: development of a formal questionnaire for collecting security information

    Energy Technology Data Exchange (ETDEWEB)

    Corynen, G.C.

    1982-06-23

    A new methodology has been developed for the assessment of security risks associated with the operation of computer complexes. It is designed to assist computer security managers and their risk assessment teams in obtaining an overall risk figure for their computer site or network. This report emphasizes the determination of harms to computation assets due to various natural and human threats. Natural threats include earthquakes, floods, fires, and other disasters. Human threats include intentional harms such as asset theft or data modification, and unintentional harms such as errors and omissions. A group of individuals assisting each other in reaching a collective goal is also discussed. In addition to asset damages, the effects of damaging the countermeasures protecting the assets, or the supports which allow the operation of the assets, can be determined. The effects of damage to countermeasures which protect other countermeasures or supports can be analyzed also.

  13. Data Security Technology of Cloud Computing%云计算数据安全技术探讨

    Institute of Scientific and Technical Information of China (English)

    吴绘萍

    2014-01-01

    计算机技术发展的过程中,数据安全问题一直是一个重要课题,云计算概念的提出为计算机数据安全工作提供了新的解决办法。文章根据目前计算机网络安全的现状,对云计算数据安全技术的相关工作进行探讨。%The process of development of computer technology, data security issue has been an important topic, proposed the concept of cloud computing computer data safe work provides a new solution to. According to the article the current status of computer network security, cloud computing data security technologies related work are discussed.

  14. Information Security Analysis in Cloud Computing Environment%云计算环境下信息安全分析

    Institute of Scientific and Technical Information of China (English)

    张慧; 邢培振

    2011-01-01

    基于互联网的云计算被认为是当今互联网发展的方向,近年来引起人们的广泛关注,如何构建安全的云计算环境成为当前计算机学科研究的热点问题之一.文中从云计算的发展现状人手,介绍了NIST推出的云计算规范、五个本质特征和云计算服务模型,分析了CSA云计算安全参考模型和Jericho Forum的云立方体模型,并从安全边界、数据安全、应用安全三个方面讨论了当前云计算环境下存在的信息安全问题,最后给出了云计算环境下保证信息安全的解决方案.%Internet-based cloud computing is considered to be the direction of development of the Internet today, has attracted much attention, how to build secure computer cloud computing environments become one of hot research subjects. In this paper,from the status quo of the development of cloud computing, first introduced the launch of the cloud NIST standard, the five essential characteristics and cloud computing services model, and then analyzed the CSA cloud computing model and the Jericho Forum security reference cube model of the cloud, and from the security boundary , data security, application security discussed the information security problem of the current cloud computing environment, given the security solutions in cloud computing environment to ensure information.

  15. 图书馆计算机网络的安全管理%Security management of library computer network

    Institute of Scientific and Technical Information of China (English)

    柳胜国

    2001-01-01

    Security management of library computer network is an important part of library management.The not secure factor in computer network,including the system factor,management factor,environment factor,computer viris is described.The way of solving not secure factor from security system,manipulate technology,equipment management is raised.%图书馆计算机网络系统的安全管理是图书馆管理中的重要组成部分。 论述了在计算机网络管理中的不安全因素,包括系统因素、管理因素、环境因素、计算机病毒;提出了从安全制度、操作技术、设备管理方面解决不安全因素的办法。

  16. 云计算数据安全策略研究%Study of Data Security Strategy of Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    穆成新; 张长伦

    2013-01-01

      云计算作为当前流行的信息技术,已受到了学术和企业界的广泛关注。从云计算的特点入手,分析了其所面临的数据安全问题,提出了基于公共密钥基础设施PKI和授权管理基础设施PMI的安全身份认证和访问控制策略。%As the current popular technology, cloud computing is drawing great attention from both industry and academia fields. This paper reviews the main characters of cloud computing, and then analyzes the security of the data security. Finally, security strategy of authentication and access control based on PKI and PMI are proposed to enhance the data security of cloud computing.

  17. 基于云计算的网络安全评估%Network security evaluation based on cloud computing

    Institute of Scientific and Technical Information of China (English)

    黄海军

    2016-01-01

    The network security assessment is the use of the network security perception technology for the security of network data contains information of multi-source heterogeneous analysis, in order to realize the escort for the safe operation of the network. In big data and cloud computing application in the aspect of network security evaluation, the use of big data structured or semi-structured data mining and the characteristics of the advantages of cloud computing is a distributed and parallel computing, solve the problem of network security evaluation ability, has certain feasibility. Therefore, in this paper, the study of network security evaluation based on cloud computing, based on the definition, characteristics, classification of cloud computing and cloud security the core technology and cloud computing network security risk analysis, from the perspective of different levels of design model of network security evaluation based on cloud computing, for network security involves all aspects of the evaluation, in order to give the right cloud computing network security solution.%网络安全评估是利用网络安全感知技术对网络数据中蕴含的安全性信息进行多源异构分析,以实现为网络安全运行保驾护航。在大数据、云计算应用在网络安全评估方面,利用大数据结构化或半结构化数据挖掘的特点和云计算分布式、并行式计算的优势,解决网络安全评估能力弱的问题,具有一定的可行性。因此,本文对基于云计算的网络安全评估进行研究,通过对云计算的定义、特点、分类及云安全核心技术和云计算网络安全风险进行分析,从不同层次的角度设计基于云计算的网络安全评估模型,对网络安全所涉及到的各个方面进行评估,以便于给出正确的云计算网络安全问题解决办法。

  18. Understanding the Value of a Computer Emergency Response Capability for Nuclear Security

    Energy Technology Data Exchange (ETDEWEB)

    Gasper, Peter Donald [Idaho National Laboratory; Rodriguez, Julio Gallardo [Idaho National Laboratory

    2015-06-01

    The international nuclear community has a great understanding of the physical security needs relating to the prevention, detection, and response of malicious acts associated with nuclear facilities and radioactive material. International Atomic Energy Agency (IAEA) Nuclear Security Recommendations (INFCIRC_225_Rev 5) outlines specific guidelines and recommendations for implementing and maintaining an organization’s nuclear security posture. An important element for inclusion into supporting revision 5 is the establishment of a “Cyber Emergency Response Team (CERT)” focused on the international communities cybersecurity needs to maintain a comprehensive nuclear security posture. Cybersecurity and the importance of nuclear cybersecurity require that there be a specific focus on developing an International Nuclear CERT (NS-CERT). States establishing contingency plans should have an understanding of the cyber threat landscape and the potential impacts to systems in place to protect and mitigate malicious activities. This paper will outline the necessary components, discuss the relationships needed within the international community, and outline a process by which the NS-CERT identifies, collects, processes, and reports critical information in order to establish situational awareness (SA) and support decision-making

  19. The use of information technology security assessment criteria to protect specialized computer systems

    Energy Technology Data Exchange (ETDEWEB)

    Lykov, V.A.; Shein, A.V. [Atominform of Russia (Russian Federation); Piskarev, A.S. [Atomzashchitinform of Russia (Russian Federation); Devaney, D.M.; Melton, R.B. [Pacific Northwest National Lab., Richland, WA (United States); Hunteman, W.J.; Prommel, J.M. [Los Alamos National Lab., NM (United States); Rothfuss, J.S. [Lawrence Livermore National Lab., CA (United States)

    1997-10-01

    The purpose of this paper is to discuss the information security assessment criteria used in Russia and compare it with that used in the United States. The computer system security assessment criteria utilized by the State Technical Commission of Russia and similar criteria utilized by the US Department of Defense (TCSEC) are intended for the development and implementation of proven methods for achieving a required level of information security. These criteria are utilized, first and foremost, when conducting certification assessments of general purpose systems. The Russian Federation is creating specialized systems for nuclear material control and accountancy (MC and A) within the framework of the international laboratory-to-laboratory collaboration. Depending on the conditions in which the MC and A system is intended to operate, some of the criteria and the attendant certification requirements may exceed those established or may overlap the requirements established for attestation of such systems. In this regard it is possible to modify the certification and attestation requirements depending on the conditions in which a system will operate in order to achieve the ultimate goal--implementation of the systems in the industry.

  20. TeleMed: Wide-area, secure, collaborative object computing with Java and CORBA for healthcare

    Energy Technology Data Exchange (ETDEWEB)

    Forslund, D.W.; George, J.E.; Gavrilov, E.M.

    1998-12-31

    Distributed computing is becoming commonplace in a variety of industries with healthcare being a particularly important one for society. The authors describe the development and deployment of TeleMed in a few healthcare domains. TeleMed is a 100% Java distributed application build on CORBA and OMG standards enabling the collaboration on the treatment of chronically ill patients in a secure manner over the Internet. These standards enable other systems to work interoperably with TeleMed and provide transparent access to high performance distributed computing to the healthcare domain. The goal of wide scale integration of electronic medical records is a grand-challenge scale problem of global proportions with far-reaching social benefits.

  1. Peer—to—Peer Computing for secure High Performance Data Copying

    Institute of Scientific and Technical Information of China (English)

    AndrewHanushevsky; ArtemTrunov; 等

    2001-01-01

    The BaBar Copy Program(bbcp) is an excellent representative of peer-to-peer(P2P) computing.It is also a pioneering application of its type in the p2p arena.Built upon the foundation of its predecessor,Secure Fast Copy(sfctp),bbcp incorporates significant improvements performance and usability,As with sfcp,bbcp usec ssh for authentication;providing an elegant and simple working model-if you can ssh to a location, you can copy files to or from that location.To fully support this notion,bbcp transparently supports 3rd party copy operations.The program also incorporates several mechanism to deal with firewall security;the bane of P2P computing,To achieve high performance in a wide area network,bbcp allows a user to independently specily,the number of parallel network streams,tcp window size,and the file I/O blocking factor.Using these parameters data is pipelined from source to target to provide a uniform traffic pattern that maximizes router efficiency.For improved recoveralbiltiy,bbcp also keeps track of copy operations so that an operation can be restarted from the point of failure at a later time;minimizing the amount of network traffic in the event of a copy failure,Here,we preset the bbcp architecture,it's various features,and the reasons for their inclusion.

  2. Computer Security: you’re a summer student? Some tips to get you started

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Welcome to CERN. For the next couple of weeks, you will be able to breathe in the free academic world of CERN. You will have the chance to learn thanks to in-depth lectures, enjoy the freedom of exploring your preferred or assigned research topic, and form your own network of peers during your evening hours. However, “academic freedom” does not imply that there are no boundaries. At CERN, academic freedom also comes with responsibility. Below are some hints on how best to assume that responsibility securely.   You are the primary person responsible for the security of your laptop, smartphone and computer; for your account and your password; for your data; and for the programs, computing systems and services you are developing, so stop and think before acting. If you are working on a project developing code, get the appropriate training first so that your software is “free” of bugs and vulnerabilities that may spoil the functionality of your code and your p...

  3. Availability, Pharmaceutics, Security, Pharmacokinetics, and Pharmacological Activities of Patchouli Alcohol

    Directory of Open Access Journals (Sweden)

    Guanying Hu

    2017-01-01

    Full Text Available Patchouli alcohol (PA, a tricyclic sesquiterpene, is one of the critical bioactive ingredients and is mainly isolated from aerial part of Pogostemon cablin (known as guanghuoxiang in China belonging to Labiatae. So far, PA has been widely applied in perfume industries. This review was written with the use of reliable information published between 1974 and 2016 from libraries and electronic researches including NCKI, PubMed, Reaxys, ACS, ScienceDirect, Springer, and Wiley-Blackwell, aiming at presenting comprehensive outline of security, pharmacokinetics, and bioactivities of PA and at further providing a potential guide in exploring the PA and its use in various medical fields. We found that PA maybe was a low toxic drug that was acquired numerously through vegetable oil isolation and chemical synthesis and its stability and low water dissolution were improved in pharmaceutics. It also possessed specific pharmacokinetic characteristics, such as two-compartment open model, first-order kinetic elimination, and certain biometabolism and biotransformation process, and was shown to have multiple biological activities, that is, immunomodulatory, anti-inflammatory, antioxidative, antitumor, antimicrobial, insecticidal, antiatherogenic, antiemetic, whitening, and sedative activity. However, the systematic evaluations of preparation, pharmaceutics, toxicology, pharmacokinetics, and bioactivities underlying molecular mechanisms of action also required further investigation prior to practices of PA in clinic.

  4. Computer Security: Your iPhone as a key-logger

    CERN Multimedia

    Computer Security Team

    2014-01-01

    In the past, we have repeatedly elaborated on the computer security risk of using smartphones. Today, something new for the paranoid: did you know your smart phone can be used to spy on your PC’s keyboard?!    In fact, the tiny accelerometer, gyroscope and orientation sensors that your smartphone uses to determine its tilt and movements can also determine the letters you type on your computer. Thus, it acts as a hardware “key-logger”! It only requires your smartphone to be put close to your computer keyboard and to run a corresponding, malicious app. The rest is done by the highly precise sensors which can record keyboard vibrations and subsequently the letters you type. In a dedicated study, students of the Georgia Tech College of Computing were able to decipher complete sentences with up to 80 percent accuracy using an iPhone*. In a nice twist, the same feature can also be used to “to infer the occurrence of tap events on the touchscreen as w...

  5. 计算机网络安全漏洞及解决措施%Network security vulnerabilities and solutions of computer

    Institute of Scientific and Technical Information of China (English)

    赵博

    2015-01-01

    Hackers attacks from the link,session data chain attack, attack surface physics, and other aspects of interoperability protocol attacks start, illegal and criminal activities. Computer network security vulnerabilities, the development of people's privacy or business has caused an adverse effect. Computer use and maintenance personnel, through the strengthening of computer systems maintenance, strengthening computer virus prevention, effective measures such as encryption to protect the information on your computer, to eliminate computer network security risks, safeguard the normal use of the computer network.%黑客主要从链路连接攻击、会话数据链攻击、物理表层攻击、互通协议攻击等方面下手,进行非法犯罪活动。计算机网络中的安全漏洞,对人们的隐私或企业的发展造成了十分不利的影响。计算机的使用人员和维护人员,通过加强对计算机系统的维护、加强对计算机病毒的预防、对计算机信息进行加密保护等有效措施,杜绝计算机网络中的安全隐患,保障计算机网络的正常使用。

  6. [Computer Science and Telecommunications Board activities

    Energy Technology Data Exchange (ETDEWEB)

    Blumenthal, M.S.

    1993-02-23

    The board considers technical and policy issues pertaining to computer science, telecommunications, and associated technologies. Functions include providing a base of expertise for these fields in NRC, monitoring and promoting health of these fields, initiating studies of these fields as critical resources and sources of national economic strength, responding to requests for advice, and fostering interaction among the technologies and the other pure and applied science and technology. This document describes its major accomplishments, current programs, other sponsored activities, cooperative ventures, and plans and prospects.

  7. National Computer Security Conference (15th) held in Baltimore, Maryland on October 13-16, 1992. Volume 1: Proceedings

    Science.gov (United States)

    1992-10-16

    Security, Inc. XEROX Information Systems AT&T Bell Laboratories Referees Professor Sushil Jajodia John Keenan Dr. Richard Kemmerer Dr. Steven Kent...congratulate all who have earned these awards. in 15th National Computer Security Conference Table of Contents Refereed Papers 1 Accreditation: Is it...rules]. Eric Leighninger of DRC recommends the Backus Naur Form (BNF) for policy representation. Our earlier work[1] sketched several possible

  8. Enhancing Security in Cloud Computing for Third Party Auditor by Self-destruction Mechanism

    Directory of Open Access Journals (Sweden)

    Muzammil H. Mohammed

    2014-07-01

    Full Text Available The main aim study in cloud computing system, large amount of data can be maintained in the cloud storage system and it can be used for application based services for client. The bulk amount of data privacy will not be properly maintained by the cloud service provider. Without knowledge of authorized client, data can be viewed by another user with the permission of Cloud Service Provider (CSP. Many cryptography technique can be used for data privacy in the TPA (Third Party Auditor which is the trusted authority to audit and verify the integrity in cloud. The cloud loaded data can be viewed by authorized user and copy of data can be in tag based data placed in TPA and data privacy can be affected in TPA system. In the proposed system, data privacy can be maintained in the TPA view by using self destruction mechanism to destroy the data after the view point of data for particular time and then the viewed data copy can be destruction in TPA. The cloud service provider can be securely loading the data in cloud via TPA Server. The main advantage of the self destruction mechanism security for the data in cloud via TPA server without the permission of the particular authenticated client other user cannot viewed the individual client data. Then data privacy can be perfectly maintained in the cloud service.

  9. Computer Network Security Protection Technology Analysis%计算机网络安全防护技术探析

    Institute of Scientific and Technical Information of China (English)

    宋朋鸽

    2015-01-01

    本文以计算机网络安全隐患以及网络安全特点作为出发点,分析了影响计算机网络安全的主要因素,并从加密技术、入侵检测技术、病毒防范技术等方面探讨了优化计算机网络安全保护途径,以期为构建计算机网络安全防护体系提供参考。%This article to computer network security risks and characteristics of network security as the starting point, analyzes the main factors that affect computer network security, and explore optimization of computer network security protection by encryp-tion technology, intrusion detection technology, virus protection technology. This paper hopes to provide reference for construction of computer network security protection system.

  10. On the computer network communication security%浅谈计算机网络通信安全

    Institute of Scientific and Technical Information of China (English)

    杨军; 毕萍

    2012-01-01

    With the rapid development of information technology, computer network has spread to all walks of life, information security threats are increasing, causing a serious threat to computer communications. This paper by describing computer network security risks, analyzed the features of the computer communications network attacks in detail, as weU as the reasons for the formation, further analyzed the computer network communication security technology threats, and proposed to strengthen the computer network communications security protection measures. In today's complex environment, information network security situation is very serious, The network information security is particularly important.%随着信息技术的迅猛发展,计算机网络已普及到各行各业,信息安全威胁也随之不断增加,对计算机通信造成了严重的威胁。文中通过阐述计算机网络存在的安全隐患,详细分析了计算机通信网络攻击的特点以及形成的原因,深刻剖析了计算机网络通信安全技术面临的威胁,并提出了加强计算机网络通信安全的防护措施。在当今复杂的应用环境下,信息网络安全面临的形势非常严峻,网络信息的安全防护显得尤为重要。

  11. A Secure Trust Model for P2P Systems Based on Trusted Computing

    Institute of Scientific and Technical Information of China (English)

    HAO Li-ming; YANG Shu-tang; LU Song-nian; CHEN Gong-liang

    2008-01-01

    Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflictwith trustworthiness that is based on the knowledge related to the peer's identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%, the service selection failure rate is less than 0.15.

  12. Supporting Human Activities - Exploring Activity-Centered Computing

    DEFF Research Database (Denmark)

    Christensen, Henrik Bærbak; Bardram, Jakob

    2002-01-01

    In this paper we explore an activity-centered computing paradigm that is aimed at supporting work processes that are radically different from the ones known from office work. Our main inspiration is healthcare work that is characterized by an extreme degree of mobility, many interruptions, ad...... objects. We also present an exploratory prototype design and first implementation and present some initial results from evaluations in a healthcare environment....

  13. Research on Cloud Computing, SDN and Security Technology%云计算及SDN与安全技术研究

    Institute of Scientific and Technical Information of China (English)

    胡章丰; 郭春梅; 毕学尧

    2013-01-01

    文章重点围绕云计算、SDN及安全这3方面的内容展开讨论,深入分析和研究了3者之间的相互关系,并提出了一种基于SDN的云计算安全架构。%This paper investigates the internal relationships between cloud computing, SDN and security technology, and then proposes a SDN-based security architecture for cloud computing.

  14. 计算机网络安全与技术防范%Computer Network Security and Technical Precautions

    Institute of Scientific and Technical Information of China (English)

    耿皆龙

    2011-01-01

    现在的计算机网络技术发展很快,就显得网络安全问题日益突出起来。本文从计算机的网络安全与技术防范来展开,阐述了目前常见的几种网络攻击及其防御方法。%The present rapid dovelopment of computer network technology,network security becomes increasingly prominent.In this paper, computer network security and technical precautions to expand,describes the current common types of network attacks and defenses.

  15. The Handicap Principle for Trust in Computer Security, the Semantic Web and Social Networking

    Science.gov (United States)

    Ma, Zhanshan (Sam); Krings, Axel W.; Hung, Chih-Cheng

    computer science, especially secure and resilient computing, the semantic web, and social networking. One important thread unifying the three aspects is the evolutionary game theory modeling or its extensions with survival analysis and agreement algorithms [19][20], which offer powerful game models for describing time-, space-, and covariate-dependent frailty (uncertainty and vulnerability) and deception (honesty).

  16. Proceedings of National Computer Security Conference Held in Washington, DC on 15-18 September 1986 (Computer Security - for Today and for Tomorrow

    Science.gov (United States)

    1986-09-18

    System Security Requirements, Dr. J. Campbell, Ms. D. Denning, Mr. K. Eggers, Dr. R. Schell & Mr. C, Testa ........ .............. 234 Panel Discussion...authentication. procedures for the PPD are be~ter *r the long run. In practice, the key points to stress are that vendor-suppl ied USERIDs should reye be 0...to an even more difficult area: database security. The Charles J. Testa , Infosystems Technology, primary guidance that the Center and vendors Inc. nave

  17. A Novel Cloud Computing Security Model to Detect and Prevent DoS and DDoS Attack

    Directory of Open Access Journals (Sweden)

    Masudur Rahman

    2014-07-01

    Full Text Available Cloud computing has been considered as one of the crucial and emerging networking technology, which has been changed the architecture of computing in last few years. Despite the security concerns of protecting data or providing continuous service over cloud, many organisations are considering different types cloud services as potential solution for their business. We are researching on cloud computing security issues and potential cost effective solution for cloud service providers. In our first paper we have revealed number of security risks for cloud computing environment, which has focused on lack of awareness of cloud service providers. In our second paper, we have investigated on technical security issues involved in cloud service environment, where it’s been revealed that DoS or DDoS is one of the common and significant dangers for cloud computing environment. In this paper, we have investigated on different techniques that can be used for DoS or DDoS attack, have recommended hardware based watermarking framework technology to protect the organisation from these threats.

  18. Analysis of Key Technologies on Cloud Computing Security%云计算安全关键技术分析

    Institute of Scientific and Technical Information of China (English)

    郭瑞鹏

    2012-01-01

    The emergence of cloud computing enables the enterprises and individuals through the network to use computing resources and storage resources conveniently, cloud computing in data security issues are also increasingly attracted widespread attention. This paper discusses the objectives and requirements of cloud computing security, and analyzes the cloud computing user access, encryption technology, access control, virtualization security and other critical security technologies.%云计算的出现使企业与个人可以通过网络方便地使用云中的计算资源和存储资源,云计算中数据安全问题也越来越引起人们的广泛关注.本文讨论云计算安全的目标和要求,对云计算中的用户接入、加密技术、访问控制、虚拟化安全等关键安全技术进行分析.

  19. The Innovative Activity of Enterprises in the Context of Providing Information Security

    Directory of Open Access Journals (Sweden)

    Sazonets Olga M.

    2015-03-01

    Full Text Available The aim of the article is to study the peculiarities of the innovative activity in the context of providing the enterprise information security. By analyzing, systematizing and summarizing the scientific works of many scientists the essence of the concept of «information security» has been considered and components of the innovation development process from the standpoint of providing information security have been identified. The article discusses issues of providing information security on the basis of introducing innovations, which will allow achieving a state in which there would be realized a sustainable, protected from threats, development of the enterprise. It has been proved that the formation of the innovative enterprise policy should include measures to ensure information security. As a result of the study the types of threats to the enterprise information security have been identified. It has been determined that the innovation process in the field of information security is provided by means of research, administrative, industrial, technological and commercial activities leading to the emergence and commercialization of innovations. The prospect for further research in this area is determining a system of indicators for forecasting the integral innovation indicator of economic information security. The system of indicators for diagnostics of the enterprise information security level enables monitoring the indicators of the state of the enterprise innovation and information activity in order to prevent the emergence of threats.

  20. Assessment of computer science knowledge, achieved with »Computer Science Unplugged« activities

    OpenAIRE

    Zaviršek, Manca

    2015-01-01

    The master thesis discusses assessment of computer science knowledge, which students achieved with »Computer Science Unplugged« activities. First off we define what exactly computer science knowledge is and what the computer science concepts are. Then we get over to the modern approaches of teaching computer science, where the emphasis is problem solving. These approaches can be realized with »CS Unplugged« activities and Bebras tasks. The aim of the empirical part is to research whether asse...

  1. Design of a Robust, Computation-Efficient and Secure 3P-EKE Protocol using Analogous Message Transmission

    Directory of Open Access Journals (Sweden)

    Archana Raghuvamshi

    2016-05-01

    Full Text Available In this modern era of digital communication even a trivial task needs to be performed over internet which is not secure. Many cryptographic algorithms existed to provide security which facilitates secure communication through internet. As these algorithms need a secret session key, it is required to interchange this key in a secure way. In two-party communication, two clients initially share a low random (entropy password through a secure channel to establish a secret session key. But this paradigm necessitates high maintenance of passwords, since each communicating pair requires separate passwords to establish a secure session key. In three-party communication network, each communication party shares a password with the trusted third-party (server to exchange a secret session key. The beauty of this setting is that, even a server does not know the session key. The Password Authenticated Encrypted Key Exchange (PA-EKE protocols have attracted a lot of curiosity to authors to propose various two-party and three-party PA-EKE protocols. Security flaws in various protocols proposed by Chang-Chang, Yoon-Yoo, PSRJ and Raj et al. inspired to design a robust, computationally efficient and highly secure protocol. This paper is an attempt to propose a secure and novel Password Authenticated 3P-EKE protocol using XOR operations and analogous (parallel message transmission. The proposed protocol is easy to design and more secured against all types of attacks like password guessing, replay, pre-play, server spoofing etc. which made this protocol special.

  2. Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks

    DEFF Research Database (Denmark)

    Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

    2012-01-01

    and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, MAC layer attacks are considered....... The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of aWSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure......Applications of wireless sensor networks (WSNs) are growing tremendously in the domains of habitat, tele-health, industry monitoring, vehicular networks, home automation and agriculture. This trend is a strong motivation for malicious users to increase their focus on WSNs and to develop...

  3. Thermal noise informatics: Totally secure communication via a wire; Zero-power communication; and Thermal noise driven computing

    CERN Document Server

    Kish, Laszlo B; gingl, Zoltan

    2007-01-01

    Very recently, it has been shown that Gaussian thermal noise and its artificial versions (Johnson-like noises) can be utilized as an information carrier with peculiar properties therefore it may be proper to call this topic Thermal Noise Informatics. Zero Power (Stealth) Communication, Thermal Noise Driven Computing, and Totally Secure Classical Communication are relevant examples. In this paper, while we will briefly describe the first and the second subjects, we shall focus on the third subject, the secure classical communication via wire. This way of secure telecommunication utilizes the properties of Johnson(-like) noise and those of a simple Kirchhoff's loop. The communicator is unconditionally secure at the conceptual (circuit theoretical) level and this property is (so far) unique in communication systems based on classical physics. The communicator is superior to quantum alternatives in all known aspects, except the need of using a wire.

  4. A Secure Behavior Modification Sensor System for Physical Activity Improvement

    Science.gov (United States)

    Price, Alan

    2011-01-01

    Today, advances in wireless sensor networks are making it possible to capture large amounts of information about a person and their interaction within their home environment. However, what is missing is how to ensure the security of the collected data and its use to alter human behavior for positive benefit. In this research, exploration was…

  5. Security strategy of computer virus%计算机病毒的安全防御策略

    Institute of Scientific and Technical Information of China (English)

    邢娜

    2015-01-01

    随着网络信息时代的到来,计算机技术已经应用到了社会生活的方方面面,在各个领域因为计算机互联网技术而获得方便、高效、进步的同时,计算机网络的安全问题也成为了当前计算机领域的一个重要问题。计算机病毒,成为了威胁计算机网络安全的一个重要隐患,我们在享受计算机所给我们带来的便利同时,也要面对计算机病毒所带给我们的困难和挑战;由于计算机病毒具有寄生性、传染性、潜伏性、隐蔽性等特征,使得计算机病毒无法完全根治,又由于计算机病毒也随会随着计算机的发展而不断更新发展,这使得计算机病毒安全防御工作难题不断,本文便试图讨论计算机病毒的安全防御策略。%With the coming of the information age,computer technology has been applied to all aspects of social life,in all fields and obtain convenient,efficient,progress at the same time because the computer Internet technology,computer network security problem also becomes an important problem in the field of computer.Computer virus,has become an important hidden danger threatening the security of computer network,we enjoy in the computer give us convenience brings at the same time,also to face the computer virus to our difficulties and challenges;due to parasitic,infectious,latent,hidden features such as computer virus,the computer virus can not completely cure because of the computer virus,and also with the development of computer development and renewal,this makes the virus defense security computer constant problems,this paper attempts to discuss the security strategy of computer virus.

  6. Computer and Network Security in Small Libraries: A Guide for Planning.

    Science.gov (United States)

    Williams, Robert L.

    This manual is intended to provide a free resource on essential network security concepts for non-technical managers of small libraries. Managers of other small nonprofit or community organizations will also benefit from it. An introduction defines network security; outlines three goals of network security; discusses why a library should be…

  7. 云计算安全防范及对策研究%Protection and Countermeasure on the Security of Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    李亚方; 俞国红

    2013-01-01

    This paper describes the concept and characteristics of cloud computing, analyzes the security situation of cloud com-puting platform.From two aspects of security vulnerabilities and security,analyzes the cloud data security problem of cloud com-puting.Facing the cloud computing security risks , The article puts forward to solve the security of cloud computing based scheme.%该文描述了云计算的概念及特征,分析了云计算的安全现状,着重从云计算平台安全漏洞和云数据安全两个方面分析了云计算的安全问题,针对云计算面临的安全隐患,提出了基于云计算的安全解决方案。

  8. 云计算信息安全问题探讨%Research on information security issues of cloud computing

    Institute of Scientific and Technical Information of China (English)

    侯洪凤; 王璨; 王立娟

    2012-01-01

    云计算是继个人计算机、互联网之后的第三次信息化革命,给整个信息产业带来巨大的推动力。但是,安全性已经成为云计算面临的最大挑战,它关系着用户对云计算应用的信心。针对目前云计算存在的诸多安全问题,文中提出信息安全风险链条主要包括终端用户、服务商和网络传输3个环节,并着重分析各环节存在的安全问题,最后给出云计算的信息安全框架,以期引起人们对于云计算信息安全问题的重视,并为更好地推进云计算应用提供有效保障。%Cloud computing is the third informationization revolution after personal computer and internet,bring the huge driving force for the whole information industry.But,security has become the greatest challege faced by Cloud computing,which is related to the user's confidence on the cloud computing applications.Aiming at information security issues of cloud computing,firstly ,the paper presents that the risk chain of the information security include of three links which are the teminal users,service providers and network transmission. Secondly,it emphatically analyzes the security issues existing in the each link. Lastly,in order to let the people pay attention to information security issues of cloud computing,it provides the frame of the information security of cloud computing, which can provide effective protection for promoting the applications of cloud computing.

  9. Secure Threat Information Exchange across the Internet of Things for Cyber Defense in a Fog Computing Environment

    Directory of Open Access Journals (Sweden)

    Mihai-Gabriel IONITA

    2016-01-01

    Full Text Available Threat information exchange is a critical part of any security system. Decisions regarding security are taken with more confidence and with more results when the whole security context is known. The fog computing paradigm enhances the use cases of the already used cloud computing systems by bringing all the needed resources to the end-users towards the edge of the network. While fog decentralizes the cloud, it is very important to correlate security events which happen in branch offices around the globe for correct and timely decisions. In this article, we propose an infrastructure based on custom locally installed OSSEC agents which communicate with a central AlienVault deployment for event correlation. The agents are based on a neural network which takes actions based on risk assessment inspired by the human immune system. All of the threat information is defined by STIX expressions and a TAXII server can share this information with foreign organizations. The proposed implementation can successfully be implemented in an IoT scenario, with added security for the “brownfiled” devices.

  10. Attachment-security priming attenuates amygdala activation to social and linguistic threat.

    Science.gov (United States)

    Norman, Luke; Lawrence, Natalia; Iles, Andrew; Benattayallah, Abdelmalek; Karl, Anke

    2015-06-01

    A predominant expectation that social relationships with others are safe (a secure attachment style), has been linked with reduced threat-related amygdala activation. Experimental priming of mental representations of attachment security can modulate neural responding, but the effects of attachment-security priming on threat-related amygdala activation remains untested. Using functional magnetic resonance imaging, the present study examined the effects of trait and primed attachment security on amygdala reactivity to threatening stimuli in an emotional faces and a linguistic dot-probe task in 42 healthy participants. Trait attachment anxiety and attachment avoidance were positively correlated with amygdala activation to threatening faces in the control group, but not in the attachment primed group. Furthermore, participants who received attachment-security priming showed attenuated amygdala activation in both the emotional faces and dot-probe tasks. The current findings demonstrate that variation in state and trait attachment security modulates amygdala reactivity to threat. These findings support the potential use of attachment security-boosting methods as interventions and suggest a neural mechanism for the protective effect of social bonds in anxiety disorders.

  11. Preferred computer activities among individuals with dementia: a pilot study.

    Science.gov (United States)

    Tak, Sunghee H; Zhang, Hongmei; Hong, Song Hee

    2015-03-01

    Computers offer new activities that are easily accessible, cognitively stimulating, and enjoyable for individuals with dementia. The current descriptive study examined preferred computer activities among nursing home residents with different severity levels of dementia. A secondary data analysis was conducted using activity observation logs from 15 study participants with dementia (severe = 115 logs, moderate = 234 logs, and mild = 124 logs) who participated in a computer activity program. Significant differences existed in preferred computer activities among groups with different severity levels of dementia. Participants with severe dementia spent significantly more time watching slide shows with music than those with both mild and moderate dementia (F [2,12] = 9.72, p = 0.003). Preference in playing games also differed significantly across the three groups. It is critical to consider individuals' interests and functional abilities when computer activities are provided for individuals with dementia. A practice guideline for tailoring computer activities is detailed.

  12. 云计算时代安全问题浅析%Security Analysis of The Cloud Computing Era

    Institute of Scientific and Technical Information of China (English)

    洪亮

    2011-01-01

    Cloud computing is one of the direction of IT development. This article describes the concepts of cloud computing, analyzes security problem in the cloud computing era, and proposes the solution countermeasure.%云计算技术是当前IT发展的方向之一。本文介绍了云计算的相关概念,分析云计算时代所面,临的安全问题,并提出了相应的解决对策。

  13. An Approach to Keep Credentials Secured in Grid Computing Environment for the Safety of Vital Computing Resources

    Directory of Open Access Journals (Sweden)

    Avijit Bhowmick

    2012-10-01

    Full Text Available Presently security attacks have aimed to vulnerabilities in repetitive-use authentication secrets like static passwords. The passwords are used by user in clients side are vulnerable, as the attackers can gain access to a user's password using different types of viruses as it is being typed. These attacks are directing many Grid sites to explore one-time password solutions for authentication in Grid deployment. We present here a novel mechanism called N-LSB where Grid security will be integrated with modified LSB based steganographic technique in order to meet the higher security demands for Grid credentials.

  14. Final report and documentation for the security enabled programmable switch for protection of distributed internetworked computers LDRD.

    Energy Technology Data Exchange (ETDEWEB)

    Van Randwyk, Jamie A.; Robertson, Perry J.; Durgin, Nancy Ann; Toole, Timothy J.; Kucera, Brent D.; Campbell, Philip LaRoche; Pierson, Lyndon George

    2010-02-01

    An increasing number of corporate security policies make it desirable to push security closer to the desktop. It is not practical or feasible to place security and monitoring software on all computing devices (e.g. printers, personal digital assistants, copy machines, legacy hardware). We have begun to prototype a hardware and software architecture that will enforce security policies by pushing security functions closer to the end user, whether in the office or home, without interfering with users' desktop environments. We are developing a specialized programmable Ethernet network switch to achieve this. Embodied in this device is the ability to detect and mitigate network attacks that would otherwise disable or compromise the end user's computing nodes. We call this device a 'Secure Programmable Switch' (SPS). The SPS is designed with the ability to be securely reprogrammed in real time to counter rapidly evolving threats such as fast moving worms, etc. This ability to remotely update the functionality of the SPS protection device is cryptographically protected from subversion. With this concept, the user cannot turn off or fail to update virus scanning and personal firewall filtering in the SPS device as he/she could if implemented on the end host. The SPS concept also provides protection to simple/dumb devices such as printers, scanners, legacy hardware, etc. This report also describes the development of a cryptographically protected processor and its internal architecture in which the SPS device is implemented. This processor executes code correctly even if an adversary holds the processor. The processor guarantees both the integrity and the confidentiality of the code: the adversary cannot determine the sequence of instructions, nor can the adversary change the instruction sequence in a goal-oriented way.

  15. A Security-Awareness Virtual Machine Management Scheme Based on Chinese Wall Policy in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Si Yu

    2014-01-01

    Full Text Available Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM management. The security-awareness VMs management scheme (SVMS, a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR and aggressive in ally with relation (AIAR to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

  16. A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing.

    Science.gov (United States)

    Yu, Si; Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

    2014-01-01

    Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

  17. A preliminary analysis of quantifying computer security vulnerability data in "the wild"

    Science.gov (United States)

    Farris, Katheryn A.; McNamara, Sean R.; Goldstein, Adam; Cybenko, George

    2016-05-01

    A system of computers, networks and software has some level of vulnerability exposure that puts it at risk to criminal hackers. Presently, most vulnerability research uses data from software vendors, and the National Vulnerability Database (NVD). We propose an alternative path forward through grounding our analysis in data from the operational information security community, i.e. vulnerability data from "the wild". In this paper, we propose a vulnerability data parsing algorithm and an in-depth univariate and multivariate analysis of the vulnerability arrival and deletion process (also referred to as the vulnerability birth-death process). We find that vulnerability arrivals are best characterized by the log-normal distribution and vulnerability deletions are best characterized by the exponential distribution. These distributions can serve as prior probabilities for future Bayesian analysis. We also find that over 22% of the deleted vulnerability data have a rate of zero, and that the arrival vulnerability data is always greater than zero. Finally, we quantify and visualize the dependencies between vulnerability arrivals and deletions through a bivariate scatterplot and statistical observations.

  18. Multi-level security for computer networking: SAC digital network approach

    Energy Technology Data Exchange (ETDEWEB)

    Griess, W.; Poutre, D.L.

    1983-10-01

    For telecommunications systems simultaneously handling data of different security levels, multilevel secure (MLS) operation permits maximum use of resources by automatically providing protection to users with various clearances and needs-to-know. The strategic air command (SAC) is upgrading the primary record data system used to command and control its strategic forces. The upgrade, called the SAC Digital Network (SACDIN), is designed to provide multilevel security to support users and external interfaces, with allowed accesses ranging from unclassified to top secret. SACDIN implements a security kernel based upon the Bell and Lapadula security model. This study presents an overview of the SACDIN security architecture and describes the basic message flow across the MLS network. 7 references.

  19. AST: Activity-Security-Trust driven modeling of time varying networks.

    Science.gov (United States)

    Wang, Jian; Xu, Jiake; Liu, Yanheng; Deng, Weiwen

    2016-02-18

    Network modeling is a flexible mathematical structure that enables to identify statistical regularities and structural principles hidden in complex systems. The majority of recent driving forces in modeling complex networks are originated from activity, in which an activity potential of a time invariant function is introduced to identify agents' interactions and to construct an activity-driven model. However, the new-emerging network evolutions are already deeply coupled with not only the explicit factors (e.g. activity) but also the implicit considerations (e.g. security and trust), so more intrinsic driving forces behind should be integrated into the modeling of time varying networks. The agents undoubtedly seek to build a time-dependent trade-off among activity, security, and trust in generating a new connection to another. Thus, we reasonably propose the Activity-Security-Trust (AST) driven model through synthetically considering the explicit and implicit driving forces (e.g. activity, security, and trust) underlying the decision process. AST-driven model facilitates to more accurately capture highly dynamical network behaviors and figure out the complex evolution process, allowing a profound understanding of the effects of security and trust in driving network evolution, and improving the biases induced by only involving activity representations in analyzing the dynamical processes.

  20. Research on framework of security service cloud computing%安全服务云框架研究

    Institute of Scientific and Technical Information of China (English)

    孙磊; 戴紫珊

    2012-01-01

    在分析云计算环境面临的安全问题基础上,基于云计算服务模式提出了安全服务云框架,分析了安全服务云框架基本工作原理和应用模式,提出了基于安全服务器状态进行多点择优部署的安全服务云调度算法.通过仿真实验表明,所提算法在服务响应时间、系统负载均衡方面明显优于随机调度算法.%Following the analysis of cloud computing security in the paper, a framework of security service cloud computing was proposed based on cloud computing service pattern, which provided consistent standard model. Furthermore, the mechanism of the framework was introduced and analyzed, and a deployment algorithm of security service was proposed based on selection of the best computing server. The simulation results show that the proposed algorithm is better than random algorithm in terms of system load balance and service time.