WorldWideScience

Sample records for computer security research

  1. Managing computer security: How can research help

    Energy Technology Data Exchange (ETDEWEB)

    Bailey, D.J.

    1990-01-01

    This paper points out significant problems in managing the security of large systems. Addressed to the research community, it suggests research questions whose solution would benefit the people charged with protecting actual systems, and, hence, would create real improvements in system security. The problems of managing connection-rich distributed systems are discussed, and a research direction leading to a solution for the problems of distributed systems is suggested.

  2. Ethical Guidelines for Computer Security Researchers: "Be Reasonable"

    Science.gov (United States)

    Sassaman, Len

    For most of its existence, the field of computer science has been lucky enough to avoid ethical dilemmas by virtue of its relatively benign nature. The subdisciplines of programming methodology research, microprocessor design, and so forth have little room for the greater questions of human harm. Other, more recently developed sub-disciplines, such as data mining, social network analysis, behavioral profiling, and general computer security, however, open the door to abuse of users by practitioners and researchers. It is therefore the duty of the men and women who chart the course of these fields to set rules for themselves regarding what sorts of actions on their part are to be considered acceptable and what should be avoided or handled with caution out of ethical concerns. This paper deals solely with the issues faced by computer security researchers, be they vulnerability analysts, privacy system designers, malware experts, or reverse engineers.

  3. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  4. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  5. Computer science security research and human subjects: emerging considerations for research ethics boards.

    Science.gov (United States)

    Buchanan, Elizabeth; Aycock, John; Dexter, Scott; Dittrich, David; Hvizdak, Erin

    2011-06-01

    This paper explores the growing concerns with computer science research, and in particular, computer security research and its relationship with the committees that review human subjects research. It offers cases that review boards are likely to confront, and provides a context for appropriate consideration of such research, as issues of bots, clouds, and worms enter the discourse of human subjects review.

  6. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  7. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  8. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  9. Security approaches in using tablet computers for primary data collection in clinical research.

    Science.gov (United States)

    Wilcox, Adam B; Gallagher, Kathleen; Bakken, Suzanne

    2013-01-01

    Next-generation tablets (iPads and Android tablets) may potentially improve the collection and management of clinical research data. The widespread adoption of tablets, coupled with decreased software and hardware costs, has led to increased consideration of tablets for primary research data collection. When using tablets for the Washington Heights/Inwood Infrastructure for Comparative Effectiveness Research (WICER) project, we found that the devices give rise to inherent security issues associated with the potential use of cloud-based data storage approaches. This paper identifies and describes major security considerations for primary data collection with tablets; proposes a set of architectural strategies for implementing data collection forms with tablet computers; and discusses the security, cost, and workflow of each strategy. The paper briefly reviews the strategies with respect to their implementation for three primary data collection activities for the WICER project.

  10. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  11. Los Alamos Center for Computer Security formal computer security model

    Energy Technology Data Exchange (ETDEWEB)

    Dreicer, J.S.; Hunteman, W.J.; Markin, J.T.

    1989-01-01

    This paper provides a brief presentation of the formal computer security model currently being developed at the Los Alamos Department of Energy (DOE) Center for Computer Security (CCS). The need to test and verify DOE computer security policy implementation first motivated this effort. The actual analytical model was a result of the integration of current research in computer security and previous modeling and research experiences. The model is being developed to define a generic view of the computer and network security domains, to provide a theoretical basis for the design of a security model, and to address the limitations of present formal mathematical models for computer security. The fundamental objective of computer security is to prevent the unauthorized and unaccountable access to a system. The inherent vulnerabilities of computer systems result in various threats from unauthorized access. The foundation of the Los Alamos DOE CCS model is a series of functionally dependent probability equations, relations, and expressions. The model is undergoing continued discrimination and evolution. We expect to apply the model to the discipline of the Bell and LaPadula abstract sets of objects and subjects. 6 refs.

  12. Security in Computer Applications

    CERN Document Server

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  13. Cognitive Computing for Security.

    Energy Technology Data Exchange (ETDEWEB)

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  14. Computer Security Handbook

    CERN Document Server

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  15. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  16. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-08-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  17. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  18. CLOUD COMPUTING SECURITY ISSUES

    Directory of Open Access Journals (Sweden)

    Florin OGIGAU-NEAMTIU

    2012-01-01

    Full Text Available The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality is that cloud computing has simplified some technical aspects of building computer systems, but the myriad challenges facing IT environment still remain. Organizations which consider adopting cloud based services must also understand the many major problems of information policy, including issues of privacy, security, reliability, access, and regulation. The goal of this article is to identify the main security issues and to draw the attention of both decision makers and users to the potential risks of moving data into “the cloud”.

  19. Secure cloud computing

    CERN Document Server

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  20. Research on Cloud Computing Security%云计算安全研究

    Institute of Scientific and Technical Information of China (English)

    庄金莲; 周志平

    2014-01-01

    为解决云计算平台的安全问题,对云计算的安全架构进行了系统的研究。针对云计算平台跨区域模糊边界、虚拟化服务、数据保密的安全威胁特点,从虚拟化技术、可信云计算、可信访问控制机制三个层面深入分析云计算安全框架,并提出云计算平台的安全策略与建议,满足云计算安全框架的建设需求。%This paper systematically studied the security architecture of cloud computing,so as to solve the security problem of cloud computing platform.Security threats of cloud computing platform are characterized by the fuzzy boundary across the region,virtualization service and data security. According to the above characteristics,this thesis analyses detailedly the cloud computing security framework from the virtualization technology,the trusted cloud computing and the trusted access control mechanism,and puts forward the security strategies and suggestions of cloud computing to meet the construction demand of cloud computing security framework.

  1. CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    DANISH JAMIL,

    2011-04-01

    Full Text Available It is no secret that cloud computing is becoming more and more popular today and is ever increasing inpopularity with large companies as they share valuable resources in a cost effective way. Due to this increasingdemand for more clouds there is an ever growing threat of security becoming a major issue. This paper shalllook at ways in which security threats can be a danger to cloud computing and how they can be avoided.

  2. 云计算安全性研究%Research on Cloud Computing Security

    Institute of Scientific and Technical Information of China (English)

    班增辉

    2016-01-01

    虽然就目前来看,对云计算尚未有明确的界定,但是在社会的各个领域都对云计算有广泛的应用。在用户选择云计算时,需要考虑云计算的安全性,保证云计算的安全性也是实现其稳定、健康发展的重--素。文章以云计算的概念与特征为切入点,分析云计算在其应用中存在的安全问题,探讨云计算的安全性问题与云计算的安全策略与建议。%Although the cloud computing has not yet have a clear deifnition, but in every ifeld of society have wide application on cloud computing. When the user select the cloud, it is necessary to consider the security of cloud computing, ensure the security of cloud computing and achieve the stable and healthy development of the important factors. Based on the concept and characteristics of cloud computing as the breakthrough point, analysis of the application of cloud computing in its security problems, probing into the security issues of cloud computing and cloud computing security strategies and Suggestions.

  3. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  4. CLOUD COMPUTING AND SECURITY

    Directory of Open Access Journals (Sweden)

    Asharani Shinde

    2015-10-01

    Full Text Available This document gives an insight into Cloud Computing giving an overview of key features as well as the detail study of exact working of Cloud computing. Cloud Computing lets you access all your application and documents from anywhere in the world, freeing you from the confines of the desktop thus making it easier for group members in different locations to collaborate. Certainly cloud computing can bring about strategic, transformational and even revolutionary benefits fundamental to future enterprise computing but it also offers immediate and pragmatic opportunities to improve efficiencies today while cost effectively and systematically setting the stage for the strategic change. As this technology makes the computing, sharing, networking easy and interesting, we should think about the security and privacy of information too. Thus the key points we are going to be discussed are what is cloud, what are its key features, current applications, future status and the security issues and the possible solutions.

  5. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  6. Security Dynamics of Cloud Computing

    OpenAIRE

    Khaled M. Khan

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  7. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  8. New computer security campaign

    CERN Multimedia

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  9. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  10. Computer Security for Commercial Nuclear Power Plants - Literature Review for Korea Hydro Nuclear Power Central Research Institute

    Energy Technology Data Exchange (ETDEWEB)

    Duran, Felicia Angelica [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). Security Systems Analysis Dept.; Waymire, Russell L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States). Security Systems Analysis Dept.

    2013-10-01

    Sandia National Laboratories (SNL) is providing training and consultation activities on security planning and design for the Korea Hydro and Nuclear Power Central Research Institute (KHNPCRI). As part of this effort, SNL performed a literature review on computer security requirements, guidance and best practices that are applicable to an advanced nuclear power plant. This report documents the review of reports generated by SNL and other organizations [U.S. Nuclear Regulatory Commission, Nuclear Energy Institute, and International Atomic Energy Agency] related to protection of information technology resources, primarily digital controls and computer resources and their data networks. Copies of the key documents have also been provided to KHNP-CRI.

  11. Computer Network Security Research%计算机网络安全研究

    Institute of Scientific and Technical Information of China (English)

    李小瓦

    2012-01-01

    本文就从计算机网络安全的特点入手,对计算机网络安全的结构及病毒的传播方式进行分析,找出当前计算机网络中存在的问题;通过现代的密码技术、防火墙技术等提出了行之有效的解决措施。%In this paper, starting from the characteristics of computer network security, and to analyze the structure of the computer network security and the spread of the virus,to identify problems in the current computer network;modem cryptographic techniques and firewall technology effective solutions.

  12. Computer Security Day

    CERN Multimedia

    CERN Bulletin

    2010-01-01

      Viruses, phishing, malware and cyber-criminals can all threaten your computer and your data, even at CERN! Experts will share their experience with you and offer solutions to keep your computer secure. Thursday, 10 June 2010, 9.30, Council Chamber Make a note in your diary! Presentations in French and English: How do hackers break into your computer? Quels sont les enjeux et conséquences des attaques informatiques contre le CERN ? How so criminals steal your money on the Internet? Comment utiliser votre ordinateur de manière sécurisée ? and a quiz: test your knowledge and win one of the many prizes that will be on offer! For more information and to follow the day's events via a live webcast go to: http://cern.ch/SecDay.  

  13. Cloud computing security.

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Dongwan; Claycomb, William R.; Urias, Vincent E.

    2010-10-01

    Cloud computing is a paradigm rapidly being embraced by government and industry as a solution for cost-savings, scalability, and collaboration. While a multitude of applications and services are available commercially for cloud-based solutions, research in this area has yet to fully embrace the full spectrum of potential challenges facing cloud computing. This tutorial aims to provide researchers with a fundamental understanding of cloud computing, with the goals of identifying a broad range of potential research topics, and inspiring a new surge in research to address current issues. We will also discuss real implementations of research-oriented cloud computing systems for both academia and government, including configuration options, hardware issues, challenges, and solutions.

  14. CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    Ştefan IOVAN

    2016-05-01

    Full Text Available Cloud computing reprentes the software applications offered as a service online, but also the software and hardware components from the data center.In the case of wide offerd services for any type of client, we are dealing with a public cloud. In the other case, in wich a cloud is exclusively available for an organization and is not available to the open public, this is consider a private cloud [1]. There is also a third type, called hibrid in which case an user or an organization might use both services available in the public and private cloud. One of the main challenges of cloud computing are to build the trust and ofer information privacy in every aspect of service offerd by cloud computingle. The variety of existing standards, just like the lack of clarity in sustenability certificationis not a real help in building trust. Also appear some questions marks regarding the efficiency of traditionsecurity means that are applied in the cloud domain. Beside the economic and technology advantages offered by cloud, also are some advantages in security area if the information is migrated to cloud. Shared resources available in cloud includes the survey, use of the "best practices" and technology for advance security level, above all the solutions offered by the majority of medium and small businesses, big companies and even some guvermental organizations [2].

  15. New computer security measures

    CERN Multimedia

    IT Department

    2008-01-01

    As a part of the long-term strategy to improve computer security at CERN, and especially given the attention focused to CERN by the start-up of the LHC, two additional security measures concerning DNS and Tor will shortly be introduced. These are described in the following texts and will affect only a small number of users. "PHISHING" ATTACKS CONTINUE CERN computer users continue to be subjected to attacks by people trying to infect our machines and obtain passwords and other confidential information by social engineering trickery. Recent examples include an e-mail message sent from "La Poste" entitled "Colis Postal" on 21 August, a fake mail sent from web and mail services on 8 September, and an e-mail purporting to come from Hallmark Cards announcing the arrival of an electronic postcard. However, there are many other examples and there are reports of compromised mail accounts being used for more realistic site-specific phishing attempts. Given the increased publicity rela...

  16. Secure multiparty computation goes live

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Christensen, Dan Lund; Damgård, Ivan Bjerre

    2009-01-01

    Commision. Tomas Toft’s work was partially performed at Aarhus University. In Holland, he was supported by the research program Sentinels, financed by Technology Foundation STW, the Netherlands Organization for Scientific Research (NWO), and the Dutch Ministry of Economic Affairs.......In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used. This work was supported by the Danish Strategic Research Council and the European...

  17. Mobile security and trusted computing

    OpenAIRE

    Mitchell, Chris J.

    2006-01-01

    Some of the most significant security issues arising in the context of ubiquitous mobile computing are reviewed. Emerging technologies which may be able to help overcome these security problems are also described; in particular we consider methods for secure 'imprinting' of mobile devices, techniques proposed for establishing trust between devices with no prior relationship, and finally the relevence of trusted computing technology to mobile security issues.

  18. Secure computing on reconfigurable systems

    NARCIS (Netherlands)

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the

  19. Secure computing on reconfigurable systems

    NARCIS (Netherlands)

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the a

  20. Security Architecture of Cloud Computing

    Directory of Open Access Journals (Sweden)

    V.KRISHNA REDDY

    2011-09-01

    Full Text Available The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages on the data security of service consumers. This paper aims to emphasize the main security issues existing in cloud computing environments. The security issues at various levels of cloud computing environment is identified in this paper and categorized based on cloud computing architecture. This paper focuses on the usage of Cloud services and security issues to build these cross-domain Internet-connected collaborations.

  1. New Mandatory Computer Security Course

    CERN Multimedia

    CERN Bulletin

    2010-01-01

    Just like any other organization, CERN is permanently under attack - even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Since 2007, newcomers have to follow a dedicated basic computer security course informing them about the “Do’s” and “Dont’s” when using CERNs computing facilities. This course has recently been redesigned. It is now mandatory for all CERN members (users and staff) owning a CERN computer account and must be followed once every three years. Members who...

  2. Reminder: Mandatory Computer Security Course

    CERN Multimedia

    IT Department

    2011-01-01

    Just like any other organization, CERN is permanently under attack – even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Therefore, a new dedicated basic computer security course has been designed informing you about the “Do’s” and “Dont’s” when using CERN's computing facilities. This course is mandatory for all person owning a CERN computer account and must be followed once every three years. Users who have never done the course, or whose course needs to be renewe...

  3. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  4. Research on Cloud Computing Security Based on Windows Azure%基于Azure的云安全研究

    Institute of Scientific and Technical Information of China (English)

    朱圣才

    2013-01-01

    随着云计算的进一步推进和发展,云计算面临的安全问题变得越来越突出,特别是在云计算带来的诸多利益下,如何满足用户在云计算环境下对用户数据的机密性、完整性等相关性能的需求,已成为云计算安全的首要难题。文中以微软Azure平台为基础,从云安全分析入手,针对Windows Azure云安全进行分析研究。在Azure架构下,探讨Azure云安全解决方案,分别从IaaS、PaaS、SaaS三个角度对微软Azure云平台安全方案给出应对措施,为进一步对微软Azure云平台进行更深层次的测评分析提供技术支持。%With further promotion and development of cloud computing,the security problems faced by cloud computing are becoming more and more prominent,in particular,under the benefits of cloud computing,how to satisfy user requirement about the confidentiality and integrality of user data,and correlative capability in the cloud computing environment has become the primary security problem of cloud computing. Based on the Microsoft Azure platform,starting from the cloud security,research the security of the Windows Azure cloud. In the Azure architecture,to explore Azure cloud security solutions,respectively from three angles of IaaS,PaaS,SaaS on Microsoft Azure cloud platform security solution give the response measures,providing technical support for Microsoft's Azure cloud platform for a deeper evaluation analysis.

  5. International Conference on Computational Intelligence, Cyber Security, and Computational Models

    CERN Document Server

    Ramasamy, Vijayalakshmi; Sheen, Shina; Veeramani, C; Bonato, Anthony; Batten, Lynn

    2016-01-01

    This book aims at promoting high-quality research by researchers and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security, and Computational Models ICC3 2015 organized by PSG College of Technology, Coimbatore, India during December 17 – 19, 2015. This book enriches with innovations in broad areas of research like computational modeling, computational intelligence and cyber security. These emerging inter disciplinary research areas have helped to solve multifaceted problems and gained lot of attention in recent years. This encompasses theory and applications, to provide design, analysis and modeling of the aforementioned key areas.

  6. Security Problems in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Rola Motawie

    2016-12-01

    Full Text Available Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sharing, multi-tenancy, and outsourcing, create new challenges for the security community. In this work, we provide a comparable study of cloud computing privacy and security concerns. We identify and classify known security threats, cloud vulnerabilities, and attacks.

  7. Security and policy driven computing

    CERN Document Server

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  8. Security Problems in Cloud Computing

    OpenAIRE

    Rola Motawie; Mahmoud M. El-Khouly; Samir Abou El-Seoud

    2016-01-01

    Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sh...

  9. Computer and information security handbook

    CERN Document Server

    Vacca, John R

    2012-01-01

    The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

  10. Tools for Computer Security

    CERN Document Server

    Lecoeuche, Denis

    2015-01-01

    This report describes several scripts developed in order to facilitate and automate security-related tests and tasks for the CMS Group at CERN. They will be integrated in the release cycle of specific web services.

  11. A common language for computer security incidents

    Energy Technology Data Exchange (ETDEWEB)

    John D. Howard; Thomas A Longstaff

    1998-10-01

    Much of the computer security information regularly gathered and disseminated by individuals and organizations cannot currently be combined or compared because a common language has yet to emerge in the field of computer security. A common language consists of terms and taxonomies (principles of classification) which enable the gathering, exchange and comparison of information. This paper presents the results of a project to develop such a common language for computer security incidents. This project results from cooperation between the Security and Networking Research Group at the Sandia National Laboratories, Livermore, CA, and the CERT{reg_sign} Coordination Center at Carnegie Mellon University, Pittsburgh, PA. This Common Language Project was not an effort to develop a comprehensive dictionary of terms used in the field of computer security. Instead, the authors developed a minimum set of high-level terms, along with a structure indicating their relationship (a taxonomy), which can be used to classify and understand computer security incident information. They hope these high-level terms and their structure will gain wide acceptance, be useful, and most importantly, enable the exchange and comparison of computer security incident information. They anticipate, however, that individuals and organizations will continue to use their own terms, which may be more specific both in meaning and use. They designed the common language to enable these lower-level terms to be classified within the common language structure.

  12. Research on Cloud Computing and Cloud Security%云计算和云安全研究综述

    Institute of Scientific and Technical Information of China (English)

    曹立勇; 徐贺平; 詹吉吉

    2016-01-01

    随着互联网技术的不断发展,云计算得到了快速的发展和广泛的应用。本文从云计算的概念入手,分析了云计算系统的体系结构和实现云计算的相关技术,并阐述了云技术安全问题及解决思路,为进一步地研究云计算提供了参考。%Cloud computing has been rapidly developed and has been widely used with the continuous development of the Internet technology. Starting from the concept of cloud computing,this paper analyzes the architecture of cloud computing system and the related technologies to achieve cloud computing. It also describes the cloud security issues and solutions. It provides reference for further research in cloud computing.

  13. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  14. Privacy and Security issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Anita Kumari Nanda , Brojo Kishore Mishra

    2012-12-01

    Full Text Available “Cloud computing” – a relatively recent term, defines the paths ahead in computer science world. Being built on decades of research it utilizes all recent achievements in virtualization, distributed computing, utility computing, and networking. It implies a service oriented architecture through offering software and platforms as services, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on demand services and many other things. Security concerns the confidentiality, availability and integrity of data or information. Security may also include authentication and non-repudiation. This paper is a brief survey based on readings of “cloud” computing and it tries to address related research topics, privacy and security issues ahead and possible solution.

  15. New mechanism for Cloud Computing Storage Security

    Directory of Open Access Journals (Sweden)

    Almokhtar Ait El Mrabti

    2016-07-01

    Full Text Available Cloud computing, often referred to as simply the cloud, appears as an emerging computing paradigm which promises to radically change the way computer applications and services are constructed, delivered, managed and finally guaranteed as dynamic computing environments for end users. The cloud is the delivery of on-demand computing resources - everything from applications to data centers - over the Internet on a pay-for-use basis. The revolution of cloud computing has provided opportunities for research in all aspects of cloud computing. Despite the big progress in cloud computing technologies, funding concerns in cloud, security may limit a broader adoption. This paper presents a technique to tolerate both accidental and intentional faults, which is fragmentation-redundancy-scattering (FRS. The possibility to use the FRS technique as an intrusion tolerance one is investigated for providing secure and dependable storage in the cloud environment. Also a cloud computing security (CCS based on the FRS technique is proposed to explore how this proposal can then be used via several scenarios. To demonstrate the robustness of the proposal, we formalize our design and we carry out a security as well as performance evaluations of the approach and we compare it with the classical model. The paper concludes by strongly suggesting future research proposals for the CCS framework.

  16. Los Alamos CCS (Center for Computer Security) formal computer security model

    Energy Technology Data Exchange (ETDEWEB)

    Dreicer, J.S.; Hunteman, W.J. (Los Alamos National Lab., NM (USA))

    1989-01-01

    This paper provides a brief presentation of the formal computer security model currently being developed at the Los Alamos Department of Energy (DOE) Center for Computer Security (CCS). The initial motivation for this effort was the need to provide a method by which DOE computer security policy implementation could be tested and verified. The actual analytical model was a result of the integration of current research in computer security and previous modeling and research experiences. The model is being developed to define a generic view of the computer and network security domains, to provide a theoretical basis for the design of a security model, and to address the limitations of present models. Formal mathematical models for computer security have been designed and developed in conjunction with attempts to build secure computer systems since the early 70's. The foundation of the Los Alamos DOE CCS model is a series of functionally dependent probability equations, relations, and expressions. The mathematical basis appears to be justified and is undergoing continued discrimination and evolution. We expect to apply the model to the discipline of the Bell-Lapadula abstract sets of objects and subjects. 5 refs.

  17. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  18. Computer Security: professionalism in security, too

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  19. 云安全管理体系和建设研究%Research on the Cloud Computing Security Management System and Its Construction

    Institute of Scientific and Technical Information of China (English)

    汪芳; 张云勇; 房秉毅

    2012-01-01

    云安全是云计算和云服务发展面临的重要挑战,云安全所涉及的技术和管理方面的问题也是多方面的.本文对云安全管理体系和建设提出建议,首先分析云计算的安全需求,提出云安全管理体系建议,并对云计算不同发展阶段的重点项目提出安全保障建议.%Security is an important challenge to the development of cloud computing and cloud services.Cloud computing security technology and management issues are multi-faceted.In this paper, cloud computing security management system and construction were researched.Firstly the security needs of cloud computing were analyzed.Then a sound cloud computing security management system was recommended.Lastly, the proposals for the different stages to construct the security management system were focused.

  20. Change of Computer Security Officer

    CERN Multimedia

    IT Department

    2008-01-01

    After many years of successfully protecting the CERN site in her role as Computer Security Officer (CSO), Denise Heagerty is being assigned to a new role within the IT Department. David Myers has been appointed to the position of CSO for one year from 1st September. W. von Rüden, IT Department Head

  1. Research on Cloud Computing, SDN and Security Technology%云计算及SDN与安全技术研究

    Institute of Scientific and Technical Information of China (English)

    胡章丰; 郭春梅; 毕学尧

    2013-01-01

    文章重点围绕云计算、SDN及安全这3方面的内容展开讨论,深入分析和研究了3者之间的相互关系,并提出了一种基于SDN的云计算安全架构。%This paper investigates the internal relationships between cloud computing, SDN and security technology, and then proposes a SDN-based security architecture for cloud computing.

  2. REVIEW PAPER ON MOBILE CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    Priyanka d. Raut

    2015-10-01

    Full Text Available Nowadays smart-phones are being capable of supporting a broad range of applications, many of which demand an increasing computational power. This leads to a challenge because smart-phones are resource-constrained devices with finite computation power, memory, storage, and energy. With the development of mobility and cloud computing, mobile cloud computing (MCC has introduced and become a point of research. With the need of extendibility and on-demand self-service, it can provide the good infrastructure, platform and software services in a cloud to mobile clients through the mobile network. Therefore, Cloud computing is anticipated to bring an innovation in mobile computing, where the mobile devices can make use of clouds for data processing, storage and other intensive operations. Despite the surprising advancement achieved by MCC, the clients of MCC are still below expectations due to the related risks in terms of security and confidentiality. The more and more information is placed onto the cloud by individuals and enterprises, the more the security issue begins to grow. This paper presents the various security issues that arise about how secure the mobile cloud computing environment is.

  3. Cloud computing security requirements: a systematic review

    NARCIS (Netherlands)

    Iankoulova, Iliana; Daneva, Maya; Rolland, C.; Castro, J.; Pastor, O.

    2012-01-01

    Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide

  4. 云计算信息安全问题探讨%Research on information security issues of cloud computing

    Institute of Scientific and Technical Information of China (English)

    侯洪凤; 王璨; 王立娟

    2012-01-01

    云计算是继个人计算机、互联网之后的第三次信息化革命,给整个信息产业带来巨大的推动力。但是,安全性已经成为云计算面临的最大挑战,它关系着用户对云计算应用的信心。针对目前云计算存在的诸多安全问题,文中提出信息安全风险链条主要包括终端用户、服务商和网络传输3个环节,并着重分析各环节存在的安全问题,最后给出云计算的信息安全框架,以期引起人们对于云计算信息安全问题的重视,并为更好地推进云计算应用提供有效保障。%Cloud computing is the third informationization revolution after personal computer and internet,bring the huge driving force for the whole information industry.But,security has become the greatest challege faced by Cloud computing,which is related to the user's confidence on the cloud computing applications.Aiming at information security issues of cloud computing,firstly ,the paper presents that the risk chain of the information security include of three links which are the teminal users,service providers and network transmission. Secondly,it emphatically analyzes the security issues existing in the each link. Lastly,in order to let the people pay attention to information security issues of cloud computing,it provides the frame of the information security of cloud computing, which can provide effective protection for promoting the applications of cloud computing.

  5. The importance of trust in computer security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2014-01-01

    The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent...... of the fundamental assumptions that underpin existing computer security technologies and that a new view of computer security is long overdue. In this paper, we examine traditionalmodels, policies and mechanisms of computer security in order to identify areas where the fundamental assumptions may fail. In particular...

  6. Computational security of quantum encryption

    NARCIS (Netherlands)

    Alagic, G.; Broadbent, A.; Fefferman, B.; Gagliardoni, T.; Schaffner, C.; St. Jules, M.; Nascimento, A.C.A.; Barreto, P.

    2016-01-01

    Quantum-mechanical devices have the potential to transform cryptography. Most research in this area has focused either on the information-theoretic advantages of quantum protocols or on the security of classical cryptographic schemes against quantum attacks. In this work, we initiate the study of

  7. Research on framework of security service cloud computing%安全服务云框架研究

    Institute of Scientific and Technical Information of China (English)

    孙磊; 戴紫珊

    2012-01-01

    在分析云计算环境面临的安全问题基础上,基于云计算服务模式提出了安全服务云框架,分析了安全服务云框架基本工作原理和应用模式,提出了基于安全服务器状态进行多点择优部署的安全服务云调度算法.通过仿真实验表明,所提算法在服务响应时间、系统负载均衡方面明显优于随机调度算法.%Following the analysis of cloud computing security in the paper, a framework of security service cloud computing was proposed based on cloud computing service pattern, which provided consistent standard model. Furthermore, the mechanism of the framework was introduced and analyzed, and a deployment algorithm of security service was proposed based on selection of the best computing server. The simulation results show that the proposed algorithm is better than random algorithm in terms of system load balance and service time.

  8. Audit and Evaluation of Computer Security. Computer Science and Technology.

    Science.gov (United States)

    Ruthberg, Zella G.

    This is a collection of consensus reports, each produced at a session of an invitational workshop sponsored by the National Bureau of Standards. The purpose of the workshop was to explore the state-of-the-art and define appropriate subjects for future research in the audit and evaluation of computer security. Leading experts in the audit and…

  9. Soft computing techniques in voltage security analysis

    CERN Document Server

    Chakraborty, Kabir

    2015-01-01

    This book focuses on soft computing techniques for enhancing voltage security in electrical power networks. Artificial neural networks (ANNs) have been chosen as a soft computing tool, since such networks are eminently suitable for the study of voltage security. The different architectures of the ANNs used in this book are selected on the basis of intelligent criteria rather than by a “brute force” method of trial and error. The fundamental aim of this book is to present a comprehensive treatise on power system security and the simulation of power system security. The core concepts are substantiated by suitable illustrations and computer methods. The book describes analytical aspects of operation and characteristics of power systems from the viewpoint of voltage security. The text is self-contained and thorough. It is intended for senior undergraduate students and postgraduate students in electrical engineering. Practicing engineers, Electrical Control Center (ECC) operators and researchers will also...

  10. Research on Security Issues of Cloud Computing%云计算安全问题研究

    Institute of Scientific and Technical Information of China (English)

    谭天; 袁嵩; 肖洁

    2016-01-01

    根据ENISA提出的云计算安全问题,参考目前主要的云计算提供商对于云计算安全问题的解决方法,引入SOA架构理念,将云计算的安全问题细分为物理资源层安全、资源抽象与控制层安全、资源架构层安全、开发平台层安全以及应用服务层安全五个架构层次,并且根据数据资源的私密性将云进行安全评级,分为重要性高、敏感度高的“私有云”与资源较不敏感的“公有云”两个部分。针对不同的架构层次提出了相应的安全保障方法与建议,并根据“公有云”与“私有云”在数据重要性上的差异提出了多种保障方法以满足不同客户对于各种数据的不同需求。最后针对云计算处理大数据过程中的安全问题,分析了在架构层次上解决具体云计算应用问题的可行性并提出了解决思路,以期达到“安全即服务”的目的。%According to the cloud computing security issues raised by ENISA,referring to the solutions of the current main cloud compu-ting providers,introducing the concept of SOA,the cloud computing security issues are subdivided into five architecture layers which con-sist of physical resource layer security,resource abstraction and control layer security,resource architecture layer security,development platform layer security and application service layer security. According to the privacy of data resources,the clouds are divided into two security levels,more important and high sensitive “private cloud” and less sensitive “public cloud”. Aiming at the different architecture layer,corresponding security methods and suggestions are put forward. According to the differences in data importance between “public clouds” and“private clouds”,many kinds of protection methods are proposed to meet the different needs of different customers for a va-riety of data. Finally,in allusion to the cloud computing security issues in processing big

  11. Maritime Cyber Security University Research

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security ...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

  12. Research on Security Issues of Cloud Computing%云计算若干安全问题的研究

    Institute of Scientific and Technical Information of China (English)

    朱变; 任国恒

    2014-01-01

    With the rapid development of cloud computing , more and more companies and individuals rely on cloud tech-nology to achieve their storage and computational requirements .The security problem of cloud computing is always the key problem in the current focus .This thesis first introduces the system structure and the characteristics of cloud computing . Then the paper also presents detailed analysis on the cloud computing security architecture .%随着云计算的快速发展,更多的企业和个人依赖于云技术实现他们的存储和计算需求。云计算的安全问题一直是当前研究者关注的重点问题。论文首先介绍云计算的体系结构及其特点。然后针对云计算体系结构中的安全问题作重点详细分析。

  13. Secure information transfer based on computing reservoir

    Science.gov (United States)

    Szmoski, R. M.; Ferrari, F. A. S.; de S. Pinto, S. E.; Baptista, M. S.; Viana, R. L.

    2013-04-01

    There is a broad area of research to ensure that information is transmitted securely. Within this scope, chaos-based cryptography takes a prominent role due to its nonlinear properties. Using these properties, we propose a secure mechanism for transmitting data that relies on chaotic networks. We use a nonlinear on-off device to cipher the message, and the transfer entropy to retrieve it. We analyze the system capability for sending messages, and we obtain expressions for the operating time. We demonstrate the system efficiency for a wide range of parameters. We find similarities between our method and the reservoir computing.

  14. The importance of trust in computer security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2014-01-01

    The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent...

  15. About Security Solutions in Fog Computing

    Directory of Open Access Journals (Sweden)

    Eugen Petac

    2016-01-01

    Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

  16. Cloud Security A Comprehensive Guide to Secure Cloud Computing

    CERN Document Server

    Krutz, Ronald L

    2010-01-01

    Well-known security experts decipher the most challenging aspect of cloud computing-security. Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable book tackles the most common security challenges that cloud computing faces. The authors offer you years of unpa

  17. The importance of trust in computer security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2014-01-01

    The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent...... and well informed about the security policies. Over the past two decades, however, computing has proliferated into all aspects of modern society and the spread of malicious software (malware) like worms, viruses and botnets have become an increasing threat. This development indicates a failure in some...... of the fundamental assumptions that underpin existing computer security technologies and that a new view of computer security is long overdue. In this paper, we examine traditionalmodels, policies and mechanisms of computer security in order to identify areas where the fundamental assumptions may fail. In particular...

  18. A Security Kernel Architecture Based Trusted Computing Platform

    Institute of Scientific and Technical Information of China (English)

    CHEN You-lei; SHEN Chang-xiang

    2005-01-01

    A security kernel architecture built on trusted computing platform in the light of thinking about trusted computing is presented. According to this architecture, a new security module TCB (Trusted Computing Base) is added to the operation system kernel and two operation interface modes are provided for the sake of self-protection. The security kernel is divided into two parts and trusted mechanism is separated from security functionality. The TCB module implements the trusted mechanism such as measurement and attestation,while the other components of security kernel provide security functionality based on these mechanisms. This architecture takes full advantage of functions provided by trusted platform and clearly defines the security perimeter of TCB so as to assure self-security from architectural vision. We also present function description of TCB and discuss the strengths and limitations comparing with other related researches.

  19. 计算机数据库安全管理研究%Research on Security Management of Computer Database

    Institute of Scientific and Technical Information of China (English)

    石玉芳

    2015-01-01

    近年来,随着科学技术的快速发展,计算机的广泛应用给人们的日常生活工作带来翻天覆地的变化,但计算机自身系统也在不断地完善,存在着一定的缺陷与问题,尤其是技术及数据库的安全问题。计算机数据库作为计算机系统操作数据以及存储的形式,作为计算机数据系统的重要组成环节,它的安全问题直接关系到整个计算机数据系统未来的发展。该文从计算机数据库安全管理等方面入手,针对目前计算机数据库安全管理的现状以及存在的问题,提出几点有效的建议和措施,从而提高计算机数据库安全管理水平。%in recent years, with the rapid development of science and technology, the extensive application of the computer to the people's daily life and work bring earth shaking changes, but the computer system also in the continuous improvement, there is a certain defects and problems, especially the problem of database technology and safety. Computer database as a computer system data manipulation and storage form, as an important part of the computer data system and its security problems directly related to the computer data of the future development of the system. The from the computer database security management of aiming at the status quo and the existing problems of safety management of computer database, puts forward some effective suggestions and mea⁃sures, so as to improve the safety management level of computer database.

  20. Secure coprocessing applications and research issues

    Energy Technology Data Exchange (ETDEWEB)

    Smith, S.W.

    1996-08-01

    The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

  1. Managing Security in Advanced Computational Infrastructure

    Institute of Scientific and Technical Information of China (English)

    2001-01-01

    Proposed by Education Ministry of China, Advanced Computational Infrastructure (ACI) aims at sharing geographically distributed high-performance computing and huge-capacity data resource among the universities of China. With the fast development of large-scale applications in ACI, the security requirements become more and more urgent. The special security needs in ACI is first analyzed in this paper, and security management system based on ACI is presented. Finally, the realization of security management system is discussed.

  2. Security Management Model in Cloud Computing Environment

    OpenAIRE

    2016-01-01

    In the cloud computing environment, cloud virtual machine (VM) will be more and more the number of virtual machine security and management faced giant Challenge. In order to address security issues cloud computing virtualization environment, this paper presents a virtual machine based on efficient and dynamic deployment VM security management model state migration and scheduling, study of which virtual machine security architecture, based on AHP (Analytic Hierarchy Process) virtual machine de...

  3. Computer Security: drive-bye

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Like a lion waiting to ambush gazelles at a waterhole, malware can catch you by surprise.    As some of you might have noticed, the Computer Security Team had to block the news site “20min.ch” a while ago, as it was found to be distributing malware. This block comes after similar incidents at other Swiss organizations. Our blocking is protective in order to safeguard your computers, laptops, tablets and smartphones. Unfortunately, this is not the first time we have seen these so-called drive-by/waterhole attacks: once you have visited an affected website, embedded third-party malicious code is downloaded to your computer and subsequently infects it (if running Windows or Android as well as, less likely, Mac operating systems). Hence the name “drive-by”. As “20min.ch” is a very frequented website among CERN staff members and users, it makes it a perfect source for attacks against CERN (or other Geneva-based organisations): inste...

  4. Computer Security: SAHARA - Security As High As Reasonably Achievable

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  5. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  6. Securing the Cloud Cloud Computer Security Techniques and Tactics

    CERN Document Server

    Winkler, Vic (JR)

    2011-01-01

    As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

  7. The research on the security architecture based on cloud computing%基于云计算安全体系架构的研究

    Institute of Scientific and Technical Information of China (English)

    曾凌静

    2015-01-01

    With the development of computer and Internet,cloud computing and Internet of things,Smart planet,and so on are in the same concern.At present,cloud computing has been developed from generation to the substantive stage,so the security issues of cloud computing has attracted much attention.In recent years,it becomes a hot research topic in the field of computer science.Under this background,this paper firstly introduces the concept,characteristics,service models of cloud computing.Based on this,it summari-zes the security problems faced by cloud computing.Finally,it puts forward the solutions to ensure the in-formation security during cloud computing.%随着计算机与互联网的发展,云计算与物联网、智慧地球等概念一样备受关注。目前云计算已从产生到实质发展阶段,因此云计算的安全问题备受关注,近年来成为计算机学科领域的研究热点。在此背景下,首先介绍了云计算的概念、特点及服务模式,并在此基础上总结了云计算所面临的安全隐患,最后提出了云计算中确保信息安全的解决方案。

  8. A Computer Security Course in the Undergraduate Computer Science Curriculum.

    Science.gov (United States)

    Spillman, Richard

    1992-01-01

    Discusses the importance of computer security and considers criminal, national security, and personal privacy threats posed by security breakdown. Several examples are given, including incidents involving computer viruses. Objectives, content, instructional strategies, resources, and a sample examination for an experimental undergraduate computer…

  9. Research on security of computer information system%计算机信息系统安全研究

    Institute of Scientific and Technical Information of China (English)

    张英莉

    2012-01-01

    The safety of computer information system faces so many challenges, such as network hacker attacks,network virus damages,risk of information transmission. The administrative regulations is not strong enough to control the behaviors harming the security of computer information system. In view of this, the relevant laws have intruded the behavior such as illegal entry into important computer information system and destroying the function, data and application programme, produc tion, dissemination of the damaging programs.%计算机信息系统安全面临网络黑客攻击、网络病毒破坏、信息传输风险等多重挑战.对于危害计算机信息系统安全的行为,仅以行政法规不足以规制.鉴于此,有关法律对非法侵入重要计算机信息系统的行为以及破坏计算机信息系统功能、数据和应用程序、制作、传播破坏性程序的行为予以规定.

  10. Scalable and Unconditionally Secure Multiparty Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus

    2007-01-01

    We present a multiparty computation protocol that is unconditionally secure against adaptive and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+poly(nk), where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of the elements of the field...... over which the computation is carried out, D is the multiplicative depth of the circuit, and κ is the security parameter. The corruption threshold is t security the corruption threshold is t secure......, the protocol has so called everlasting security....

  11. OT-Combiners Via Secure Computation

    DEFF Research Database (Denmark)

    Harnik, Danny; Ishai, Yuval; Kushilevitz, Eyal

    2008-01-01

    An OT-combiner implements a secure oblivious transfer (OT) protocol using oracle access to n OT-candidates of which at most t may be faulty. We introduce a new general approach for combining OTs by making a simple and modular use of protocols for secure computation. Specifically, we obtain an OT......, in a network consisting of a single OT-channel. Our approach applies both to the “semi-honest” and the “malicious” models of secure computation, yielding the corresponding types of OT-combiners. Instantiating our general approach with secure computation protocols from the literature, we conceptually simplify......-combiner from any instantiation of the following two ingredients: (1) a t-secure n-party protocol for the OT functionality, in a network consisting of secure point-to-point channels and a broadcast primitive; and (2) a secure two-party protocol for a functionality determined by the former multiparty protocol...

  12. Secure computing, economy, and trust

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Damgård, Ivan B.; Jakobsen, Thomas

    In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, cryptography and security engineering and develop and implement secure auctions for practical real-world problems. In essence this paper is an o...

  13. Visualization Tools for Teaching Computer Security

    Science.gov (United States)

    Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

    2010-01-01

    Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

  14. Data Security and Privacy in Cloud Computing

    OpenAIRE

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  15. Why SCADA security is NOT like Computer Centre Security

    CERN Document Server

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  16. A Framework for Secure Cloud Computing

    Directory of Open Access Journals (Sweden)

    Ahmed E. Youssef

    2012-07-01

    Full Text Available Cloud computing is one of the most discussed topics today in the field of information technology. It introduces a new Internet-based environment for on-demand, dynamic provision of reconfigurable computing resources. The biggest challenge in cloud computing is the security and privacy problems caused by its multi-tenancy nature and the outsourcing of infrastructure, sensitive data and critical applications. In this paper, we propose a framework that identifies security and privacy challenges in cloud computing. It highlights cloud-specific attacks and risks and clearly illustrates their mitigations and countermeasures. We also propose a generic cloud computing security model that helps satisfy security and privacy requirements in the clouds and protect them against various vulnerabilities. The purpose of this work is to advise on security and privacy considerations that should be taken and solutions that might be considered when using the cloud environment by individuals and organizations.

  17. Applied computation and security systems

    CERN Document Server

    Saeed, Khalid; Choudhury, Sankhayan; Chaki, Nabendu

    2015-01-01

    This book contains the extended version of the works that have been presented and discussed in the First International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2014) held during April 18-20, 2014 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland and University of Calcutta, India. The Volume I of this double-volume book contains fourteen high quality book chapters in three different parts. Part 1 is on Pattern Recognition and it presents four chapters. Part 2 is on Imaging and Healthcare Applications contains four more book chapters. The Part 3 of this volume is on Wireless Sensor Networking and it includes as many as six chapters. Volume II of the book has three Parts presenting a total of eleven chapters in it. Part 4 consists of five excellent chapters on Software Engineering ranging from cloud service design to transactional memory. Part 5 in Volume II is on Cryptography with two book...

  18. Computation, cryptography, and network security

    CERN Document Server

    Rassias, Michael

    2015-01-01

    Analysis, assessment, and data management are core competencies for operation research analysts. This volume addresses a number of issues and developed methods for improving those skills. It is an outgrowth of a conference held in April 2013 at the Hellenic Military Academy, and brings together a broad variety of mathematical methods and theories with several applications. It discusses directions and pursuits of scientists that pertain to engineering sciences. It is also presents the theoretical background required for algorithms and techniques applied to a large variety of concrete problems. A number of open questions as well as new future areas are also highlighted.   This book will appeal to operations research analysts, engineers, community decision makers, academics, the military community, practitioners sharing the current “state-of-the-art,” and analysts from coalition partners. Topics covered include Operations Research, Games and Control Theory, Computational Number Theory and Information Securi...

  19. Motivating Contributions for Home Computer Security

    Science.gov (United States)

    Wash, Richard L.

    2009-01-01

    Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

  20. FORMATION OF A COMPUTER SECURITY POLICY BOARD

    CERN Multimedia

    2001-01-01

    In view of the increasing number of security incidents at CERN, the Directorate has set up a Computer Security Policy Board. Information about the mandate and the meetings of the Board is linked from http://cern.ch/security which is the entry point for computer security information at CERN. File Services Computing Rule The use of CERN's Computing facilities are governed by Operational Circular No 5 and its subsidiary rules. To protect file servers at CERN from unauthorised use, the Organization has issued a new subsidiary rule related to file services. Details hereof and of the complete set of rules applicable to the use of CERN computing facilities are available at http://cern.ch/ComputingRules

  1. FORMATION OF A COMPUTER SECURITY POLICY BOARD

    CERN Multimedia

    2001-01-01

    In view of the increasing number of security incidents at CERN, the Directorate has set up a Computer Security Policy Board. Information about the mandate and the meetings of the Board is linked from http://cern.ch/security, which is the entry point for computer security information at CERN. FILE SERVICES COMPUTING RULE The use of CERN's Computing facilities are governed by Operational Circular No 5 and its subsidiary rules. To protect file servers at CERN from unauthorised use, the Organization has issued a new subsidiary rule related to file services. Details hereof and of the complete set of rules applicable to the use of CERN computing facilities are available at http://cern.ch/ComputingRules.

  2. Leakage Resilient Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Hazay, Carmit; Patra, Arpita

    2012-01-01

    Definitions.} We formalize the notion of secure two-party computation in the presence of leakage and introduce security definitions in the {\\em ideal/real framework}. Our formalization induces two types of adversarial attacks. We further study the feasibility of our definitions in the computational setting......In the traditional {\\em secure function evaluation} setting, some set of distrusting parties jointly compute a function of their respective inputs {\\em securely} as if the computation is executed in an ideal setting where the parties send inputs to a trusted party that performs the computation...... and explore some of the conditions under which these definitions are met. \\item {\\em Composition Theorems.} We provide compositions theorems for our new modelings. Our results provide compositions theorems for the case where the inputs of the parties are sampled from a min-entropy source distribution. \\item...

  3. Secure Two-Party Computational Geometry

    Institute of Scientific and Technical Information of China (English)

    Shun-Dong Li; Yi-Qi Dai

    2005-01-01

    Secure Multi-party Computation has been a research focus in international cryptographic community in recent years. In this paper the authors investigate how some computational geometric problems could be solved in a cooperative environment, where two parties need to solve a geometric problem based on their joint data, but neither wants to disclose its private data to the other party. These problems are the distance between two private points, the relation between a private point and a circle area, the relation between a private point and an ellipse area and the shortest distance between two point sets. The paper gives solutions to these specific geometric problems, and in doing so a building block is developed,the protocol for the distance between two private points, that is also useful in the solutions to other geometric problems and combinatorial problems.

  4. Review your Computer Security Now and Frequently!

    CERN Multimedia

    IT Department

    2009-01-01

    The start-up of LHC is foreseen to take place in the autumn and we will be in the public spotlight again. This increases the necessity to be vigilant with respect to computer security and the defacement of an experiment’s Web page in September last year shows that we should be particularly attentive. Attackers are permanently probing CERN and so we must all do the maximum to reduce future risks. Security is a hierarchical responsibility and requires to balance the allocation of resources between making systems work and making them secure. Thus all of us, whether users, developers, system experts, administrators, or managers are responsible for securing our computing assets. These include computers, software applications, documents, accounts and passwords. There is no "silver bullet" for securing systems, which can only be achieved by a painstaking search for all possible vulnerabilities followed by their mitigation. Additional advice on particular topics can be obtained from the relevant I...

  5. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  6. Research on Security Strategy of the Multimedia Computer%多媒体计算机的安全策略研究

    Institute of Scientific and Technical Information of China (English)

    杨云春; 胥良; 赵卿; 李海雁

    2014-01-01

    计算机是多媒体教室系统中的关键设备,如果计算机出现故障,就会导致多媒体教室系统无法正常工作。对多媒体计算机的安全策略研究结果表明,利用硬盘分区策略、硬盘保护策略、病毒防护策略能够实现计算机系统的长期安全运行。同时,具体给出多媒体计算机的硬盘分区策略,并分析了常用硬盘保护工具性能和优缺点。%The computer is a vital device in the multimedia classroom system.If the computer fails,it will lead to disorder of multime-dia system.After the research on the security strategy of the multimedia computer,the results show that the application of the fixed disk partition strategy,HDD protection strategy and virus protection strategy get a long period security operation.Meaning while,we provide the specific fixed disk partition strategy and analyze the advantage and disadvantage of the active fixed disk protection tool performance.

  7. Development of Trusted Computing Research

    Institute of Scientific and Technical Information of China (English)

    ZHANG Huanguo; LUO Jie; JIN Gang; ZHU Zhiqiang; YU Fajiang; YAN Fei

    2006-01-01

    Trusted computing is the new trend of information security today. This paper surveys the theory and technology of trusted computing. The development history of trusted computing, and the development of trusted computing in China are introduced in this paper,and then it analyzes some problems of trusted computing at present which are delay in theory research, some key technologies to be developed and lack of trusted software system. Some fields are worthy to be explored on are pointed out including key technology, basic theory and application in trusted computing.

  8. Current Computer Network Security Issues/Threats

    National Research Council Canada - National Science Library

    Ammar Yassir; Alaa A K Ismaeel

    2016-01-01

    Computer network security has been a subject of concern for a long period. Many efforts have been made to address the existing and emerging threats such as viruses and Trojan among others without any significant success...

  9. A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE

    Directory of Open Access Journals (Sweden)

    Arijit Ukil

    2013-09-01

    Full Text Available In a typical cloud computing diverse facilitating components like hardware, software, firmware,networking, and services integrate to offer different computational facilities, while Internet or a privatenetwork (or VPN provides the required backbone to deliver the services. The security risks to the cloud system delimit the benefits of cloud computing like “on-demand, customized resource availability and performance management”. It is understood that current IT and enterprise security solutions are not adequate to address the cloud security issues. This paper explores the challenges and issues of security concerns of cloud computing through different standard and novel solutions. We propose analysis and architecture for incorporating different security schemes, techniques and protocols for cloud computing,particularly in Infrastructure-as-a-Service (IaaS and Platform-as-a-Service (PaaS systems. The proposedarchitecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and is not coupled with the underlying backbone. This would facilitate to manage the cloud system more effectively and provide the administrator to include the specific solution to counter the threat. We have also shown using experimental data how a cloud service provider can estimate the charging based on the security service it provides and security-related cost-benefit analysis can be estimated.

  10. Secure system design and trustable computing

    CERN Document Server

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  11. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  12. Current Cloud Computing Security Concerns from Consumer Perspective

    Institute of Scientific and Technical Information of China (English)

    Hafiz Gulfam Ahmad; Zeeshan Ahmad

    2013-01-01

    In recent years cloud computing is the subject of extensive research in the emerging field of information technology and has become a promising business.The reason behind this widespread interest is its abilityto increase the capacity and capability of enterprises,having no investment for new infrastructure,no software license requirement and no need of any training. Security concern is the main limitation factor in the growth of this new born technology.The secur-ity responsibilities of both,the provider and the consumer greatly differ between cloud service models.In this paper we discuss a variety of security risks,authentication issues,trust,and legal regularity in cloud environment with consumer perspective.Early research focused only on techni-cal and business consequences of cloud computing and ignored consumer perspective.There-fore,this paper discusses the consumer security and privacy preferences.

  13. Securing medical research: a cybersecurity point of view.

    Science.gov (United States)

    Schneier, Bruce

    2012-06-22

    The problem of securing biological research data is a difficult and complicated one. Our ability to secure data on computers is not robust enough to ensure the security of existing data sets. Lessons from cryptography illustrate that neither secrecy measures, such as deleting technical details, nor national solutions, such as export controls, will work.

  14. Practical Computer Security through Cryptography

    Science.gov (United States)

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  15. Security Issues related with cloud computing

    Directory of Open Access Journals (Sweden)

    Manju,

    2014-04-01

    Full Text Available The term CLOUD means Common Location Independent Online Utility on Demand. It‟s an emerging technology in IT industries. Cloud technologies are improving day by day and now it become a need for all small and large scale industries. Companies like Google, Amazon, Microsoft etc. is providing virtualized environment for user by which it omits the need for physical storage and others. But as the advantage of cloud computing is increasing day by day the issues are also threatening the IT industries. These issues related with the security of the data. The basic idea of this review paper is to elaborate the security issues related with cloud computing and what methods are implemented to improve these security. Certain algorithms like RSA, DES, and Ceaser Cipher etc. implemented to improve the security issues. In this paper we have implemented Identity based mRSA algorithm in this paper for improving security of data.

  16. Computer Security: Mac security – nothing for old versions

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software – or, in computer lingo: patching, patching, patching.   Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help… Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their &ldq...

  17. Cloud Computing Security Latest Issues amp Countermeasures

    Directory of Open Access Journals (Sweden)

    Shelveen Pandey

    2015-08-01

    Full Text Available Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shared resources over the years security on the cloud is a growing concern. In this review paper the current cloud security issues and practices are described and a few innovative solutions are proposed that can help improve cloud computing security in the future.

  18. The National Homeland Security Research Center

    Data.gov (United States)

    Federal Laboratory Consortium — The National Homeland Security Research Center advances our nation's security by providing scientific products and expertise to improve the ability to respond to and...

  19. Computational social networks security and privacy

    CERN Document Server

    2012-01-01

    Presents the latest advances in security and privacy issues in computational social networks, and illustrates how both organizations and individuals can be protected from real-world threats Discusses the design and use of a wide range of computational tools and software for social network analysis Provides experience reports, survey articles, and intelligence techniques and theories relating to specific problems in network technology

  20. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  1. INFORMATION SECURITY IN COMPUTER NETWORKS

    OpenAIRE

    Мехед, Д. Б.

    2016-01-01

    The article deals with computer networks, types of construction, the analysis of the advantages and disadvantages of different types of networks. The basic types of information transmission, highlighted their advantages and disadvantages, losing information and methods of protection.

  2. Cloud Computing Security in Business Information Systems

    CERN Document Server

    Ristov, Sasko; Kostoska, Magdalena

    2012-01-01

    Cloud computing providers' and customers' services are not only exposed to existing security risks, but, due to multi-tenancy, outsourcing the application and data, and virtualization, they are exposed to the emergent, as well. Therefore, both the cloud providers and customers must establish information security system and trustworthiness each other, as well as end users. In this paper we analyze main international and industrial standards targeting information security and their conformity with cloud computing security challenges. We evaluate that almost all main cloud service providers (CSPs) are ISO 27001:2005 certified, at minimum. As a result, we propose an extension to the ISO 27001:2005 standard with new control objective about virtualization, to retain generic, regardless of company's type, size and nature, that is, to be applicable for cloud systems, as well, where virtualization is its baseline. We also define a quantitative metric and evaluate the importance factor of ISO 27001:2005 control objecti...

  3. The university computer network security system

    Institute of Scientific and Technical Information of China (English)

    张丁欣

    2012-01-01

    With the development of the times, advances in technology, computer network technology has been deep into all aspects of people's lives, it plays an increasingly important role, is an important tool for information exchange. Colleges and universities is to cultivate the cradle of new technology and new technology, computer network Yulu nectar to nurture emerging technologies, and so, as institutions of higher learning should pay attention to the construction of computer network security system.

  4. European perspectives on security research

    CERN Document Server

    2011-01-01

    Europe’s networked societies of today are shaped by a growing interconnection in almost all areas of life. The complexity of our infrastructures and the concurrent accessibility to means of destruction by terrorist groups and individual perpetrators call for innovative security solutions. However, such evolving innovations inevitably raise fundamental questions of concern in our societies. How do we balance the imperatives of securing our citizens and infrastructures on the one hand, and of protecting of our sacredly held civil liberties on the other? The topical network ‘Safety and Security’ of acatech – the German Academy of Science and Engineering – invited experts from the science academies of various European countries to share their perspectives on security research and the aspect of safety during a two-day workshop hosted by the Fraunhofer Institute for High-Speed Dynamics, Ernst-Mach-Institut in March 2010. This publication is a compilation of contributions made during the workshop.

  5. Levels of Security Issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    R. Charanya

    2013-04-01

    Full Text Available Nowadays, Cloud computing is booming in most of the IT industry. Most of the organizations are moving to cloud computing due to various reasons. It provide elastic architecture accessible through internet and also it eliminate the setting up of high cost computing infrastructure for the IT based solutions and services. Cloud computing is pay-per-use model, on-demand network access to a sharedpool of configurable computing resources like Application-as a service, Platform as a services and infrastructure as a services. In this paper, survey of security issues at different levels such as application level, host level and network level is presented.

  6. Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

    CERN Multimedia

    2012-01-01

    Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

  7. Safeguards technology and computer security training

    Energy Technology Data Exchange (ETDEWEB)

    Hunteman, W.J.; Zack, N.R.

    1992-01-01

    The Los Alamos National Laboratory Safeguards Systems Group provides a variety of training services to the federal government and its contractors. The US Department of Energy sponsors a Safeguards Technology Training Program at Los Alamos in which seminars are offered concerning materials accounting for nuclear safeguards, measurement control for materials accounting, and variance propagation and systems analysis. These seminars provide guidance and techniques for accounting for nuclear material, developing and quantifying quality nuclear material measurements, and assessing overall accounting system performance. The Safeguards Systems Group also provides training in computer and data security applications; i.e., a workshop and the Los Alamos Vulnerability/Risk Assessment System (LAVA), computer system security officer training, and nuclear material safeguards for managers training, which are available on request. This paper describes the purpose, content, and expected benefits of the training activities that can be applied at nuclear materials facilities or where there are computer and/or data security concerns.

  8. Safeguards technology and computer security training

    Energy Technology Data Exchange (ETDEWEB)

    Hunteman, W.J.; Zack, N.R.

    1992-09-01

    The Los Alamos National Laboratory Safeguards Systems Group provides a variety of training services to the federal government and its contractors. The US Department of Energy sponsors a Safeguards Technology Training Program at Los Alamos in which seminars are offered concerning materials accounting for nuclear safeguards, measurement control for materials accounting, and variance propagation and systems analysis. These seminars provide guidance and techniques for accounting for nuclear material, developing and quantifying quality nuclear material measurements, and assessing overall accounting system performance. The Safeguards Systems Group also provides training in computer and data security applications; i.e., a workshop and the Los Alamos Vulnerability/Risk Assessment System (LAVA), computer system security officer training, and nuclear material safeguards for managers training, which are available on request. This paper describes the purpose, content, and expected benefits of the training activities that can be applied at nuclear materials facilities or where there are computer and/or data security concerns.

  9. Security and Fault aware Scheduling in Computational Grid

    Directory of Open Access Journals (Sweden)

    Mansour Noshfar

    2013-09-01

    Full Text Available Grid Computation is an issue that has received much attention from researchers in recent years. Its aim is to use the computational power of idle resources which have been distributed in different places and under different policies and security conditions. Therefore, one of the challenges facing this technology is the issue of security of jobs and the computational sites. Distributed jobs in computational sites may become problematic due to some infections and malwares. As a result, the risks and security levels should be considered; computing resources must be evaluated by resource owners for task execution, and scheduling should be based on requested users' security levels. This is the matter that has been ignored in the previous scheduling algorithms, which leads to waste of time and overhead. In this paper, a new method based on a combination of Genetic and Imperialism Competitive algorithm is presented to implement a security-aware scheduling and failure algorithm. The proposed method is compared with the previous methods such as Min-Min, Suffrage and genetic algorithms, has become near optimal and led to reduce the overhead caused by violation of security conditions. Additionally, Due to the usage of fault tolerance mechanisms, the performance of these mechanisms has been evaluated and it was found that the replication mechanism had the lowest failure rate and the check point mechanism had a direct effect on the performance and it should be fully supervised and be smart.

  10. Overview of Security issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Ajey Singh

    2012-03-01

    Full Text Available Cloud computing may be defined as management and provision of resources, software, applications and information as services over the cloud (internet on demand. Cloud computing comes into focus only when you think about what IT always needs: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. "Cloud computing continues to gain acceptance as a critical way to deliver on-demand information and resources to customers,” The cloud architecture is implemented in such a way that it provides you the flexibility to share application as well as other network resources (hardware etc[1]. This will lead to a need based flexible architecture where the resources will expand or contract with a little configuration changes. Cloud computing is often provided "as a service" over the Internet, typically in the form of infrastructure as a service (IaaS, platform as a service (PaaS, or software as a service (SaaS.From an end users perspective, you don’t need to care for the OS, the plug-ins, web security or the software platform[2]. Everything should be in place without any worry. This paper focuses on technical security issues in cloud computing, cloud computing has various benefits in an enterprise but major concern is how security is implemented in cloud computing.

  11. 研究计算机网络的信息安全防护策略%Research on Computer Network Information Security Protection Strategy

    Institute of Scientific and Technical Information of China (English)

    张毅

    2015-01-01

    along with the computer network technology application degree deepening, information security is more important. The paper in a hurry the computer network information security threat, combined with its protective factors, and analysis of computer network information security protection strategy.%随着计算机网络技术应用程度进一步深化,信息安全防护也就更为重要。本文拟匆匆计算机网络信息安全存在的威胁入手,结合其保护性因素,从而分析开展计算机网络信息安全的防护策略。

  12. Computer Security: Geneva, Suisse Romande and beyond

    CERN Multimedia

    Computer Security Team

    2014-01-01

    To ensure good computer security, it is essential for us to keep in close contact and collaboration with a multitude of official and unofficial, national and international bodies, agencies, associations and organisations in order to discuss best practices, to learn about the most recent (and, at times, still unpublished) vulnerabilities, and to handle jointly any security incident. A network of peers - in particular a network of trusted peers - can provide important intelligence about new vulnerabilities or ongoing attacks much earlier than information published in the media. In this article, we would like to introduce a few of the official peers we usually deal with.*   Directly relevant for CERN are SWITCH, our partner for networking in Switzerland, and our contacts within the WLCG, i.e. the European Grid Infrastructure (EGI), and the U.S. Open Science Grid (OSG). All three are essential partners when discussing security implementations and resolving security incidents. SWITCH, in...

  13. LEGO for Two-Party Secure Computation

    DEFF Research Database (Denmark)

    Nielsen, Jesper Buus; Orlandi, Claudio

    2009-01-01

    This paper continues the recent line of work of making Yao’s garbled circuit approach to two-party computation secure against an active adversary. We propose a new cut-and-choose based approach called LEGO (Large Efficient Garbled-circuit Optimization): It is specifically aimed at large circuits...

  14. The Role of Trust in Computer Security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2012-01-01

    technologies and show how many of them concern the placement of trust on human or system agents. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason...

  15. Guidelines for computer security in general practice

    Directory of Open Access Journals (Sweden)

    Peter Schattner

    2007-06-01

    Conclusions This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

  16. Overview of Security issues in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Mr. Ajey Singh

    2012-03-01

    Full Text Available Cloud computing may be defined as management andprovision of resources, software, applications andinformation as services over the cloud (internet on demand.Cloud computing comes into focus only when you thinkabout what IT always needs: a way to increase capacity oradd capabilities on the fly without investing in newinfrastructure, training new personnel, or licensing newsoftware. "Cloud computing continues to gain acceptanceas a critical way to deliver on-demand information andresources to customers,” The cloud architecture isimplemented in such a way that it provides you the flexibilityto share application as well as other network resources(hardware etc[1]. This will lead to a need based flexiblearchitecture where the resources will expand or contractwith a little configuration changes. Cloud computing isoften provided "as a service" over the Internet, typically inthe form of infrastructure as a service (IaaS, platform as aservice (PaaS, or software as a service (SaaS.From an endusers perspective, you don’t need to care for the OS, theplug-ins, web security or the software platform[2].Everything should be in place without any worry. This paperfocuses on technical security issues in cloud computing,cloud computing has various benefits in an enterprise butmajor concern is how security is implemented in cloudcomputing.

  17. Security for small computer systems a practical guide for users

    CERN Document Server

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  18. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  19. ATIP Report: Cyber Security Research in China

    Science.gov (United States)

    2015-06-05

    networks such as telecommunications ( telecom ) carrier backbone networks has improved, but domain name systems remains the weak link concerning security...analysis, cloud security, mobile security, and security of wireless sensor networks in China, and an overview of these research achievements is...provided within. KEYWORDS: Government S&T Policy / Funding, Information Technology / IT, Mathematics, Telecommunications / Networking COUNTRY

  20. Secure Arithmetic Computation with No Honest Majority

    CERN Document Server

    Ishai, Yuval; Sahai, Amit

    2008-01-01

    We study the complexity of securely evaluating arithmetic circuits over finite rings. This question is motivated by natural secure computation tasks. Focusing mainly on the case of two-party protocols with security against malicious parties, our main goals are to: (1) only make black-box calls to the ring operations and standard cryptographic primitives, and (2) minimize the number of such black-box calls as well as the communication overhead. We present several solutions which differ in their efficiency, generality, and underlying intractability assumptions. These include: 1. An unconditionally secure protocol in the OT-hybrid model which makes a black-box use of an arbitrary ring $R$, but where the number of ring operations grows linearly with (an upper bound on) $\\log|R|$. 2. Computationally secure protocols in the OT-hybrid model which make a black-box use of an underlying ring, and in which the number of ring operations does not grow with the ring size. These results extend a previous approach of Naor an...

  1. Security in Fog Computing through Encryption

    Directory of Open Access Journals (Sweden)

    Akhilesh Vishwanath

    2016-05-01

    Full Text Available Cloud computing is considered as one of the most exciting technology because of its flexibility and scalability. The main problem that occurs in cloud is security. To overcome the problems or issues of security, a new technique called fog-computing is evolved. As there are security issues in fog even after getting the encrypted data from cloud, we implemented the process of encryption using AES algorithm to check how it works for the fog. So far, to our analysis AES algorithm is the most secured process of encryption for security. Three datasets of different types are considered and applied the analysed encryption technique over those datasets. On validation, entire data over datasets is being accurately encrypted and decrypted back as well. We took android mobile as an edge device and deployed the encryption over datasets into it. Further, performance of encryption is evaluated over selected datasets for accuracy if the entire data is correctly encrypted and decrypted along with the time, User load, Response time, Memory Utilization over file size. Further best and worst cases among the datasets are analysed thereby evaluating the suitability of AES in fog.

  2. Security Techniques for protecting data in Cloud Computing

    OpenAIRE

    2012-01-01

    Context: From the past few years, there has been a rapid progress in Cloud Computing. With the increasing number of companies resorting to use resources in the Cloud, there is a necessity for protecting the data of various users using centralized resources. Some major challenges that are being faced by Cloud Computing are to secure, protect and process the data which is the property of the user. Aims and Objectives: The main aim of this research is to understand the security threats and ident...

  3. Extreme Scale Computing to Secure the Nation

    Energy Technology Data Exchange (ETDEWEB)

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  4. Software For Computer-Security Audits

    Science.gov (United States)

    Arndt, Kate; Lonsford, Emily

    1994-01-01

    Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

  5. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  6. Security Issues in Cloud Computing - A Review

    Directory of Open Access Journals (Sweden)

    Irfan Hussain

    2014-09-01

    Full Text Available Cloud Computing is the most emerging trend in Information Technology now days. It is attracting the organizations due to its advantages of scalability, throughput, easy and cheap access and on demand up and down grading of SaaS, PaaS and IaaS. Besides all the salient features of cloud environment, there are the big challenges of privacy and security. In this paper, a review of different security issues like trust, confidentiality, authenticity, encryption, key management and resource sharing are presented along with the efforts made on how to overcome these issues.

  7. Key Technologies and Applications of Secure Multiparty Computation

    Directory of Open Access Journals (Sweden)

    Xiaoqiang Guo

    2013-07-01

    Full Text Available With the advent of the information age, the network security is particularly important. The secure multiparty computation is a very important branch of cryptography. It is a hotspot in the field of information security. It expanded the scope of the traditional distributed computing and information security, provided a new computing model for the network collaborative computing. First we introduced several key technologies of secure multiparty computation: secret sharing and verifiable secret sharing, homomorphic public key cryptosystem, mix network, zero knowledge proof, oblivious transfer, millionaire protocol. Second we discussed the applications of secure multiparty computation in electronic voting, electronic auctions, threshold signature, database queries, data mining, mechanical engineering and other fields.

  8. SECURITY AND PRIVACY ISSUES IN CLOUD COMPUTING

    Directory of Open Access Journals (Sweden)

    Amina AIT OUAHMAN

    2014-10-01

    Full Text Available Today, cloud computing is defined and talked about across the ICT industry under different contexts and with different definitions attached to it. It is a new paradigm in the evolution of Information Technology, as it is one of the biggest revolutions in this field to have taken place in recent times. According to the National Institute for Standards and Technology (NIST, “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services that can be rapidly provisioned and released with minimal management effort or service provider interaction” [1]. The importance of Cloud Computing is increasing and it is receiving a growing attention in the scientific and industrial communities. A study by Gartner [2] considered Cloud Computing as the first among the top 10 most important technologies and with a better prospect in successive years by companies and organizations. Clouds bring out tremendous benefits for both individuals and enterprises. Clouds support economic savings, outsourcing mechanisms, resource sharing, any-where any-time accessibility, on-demand scalability, and service flexibility. Clouds minimize the need for user involvement by masking technical details such as software upgrades, licenses, and maintenance from its customers. Clouds could also offer better security advantages over individual server deployments. Since a cloud aggregates resources, cloud providers charter expert security personnel while typical companies could be limited with a network administrator who might not be well versed in cyber security issues. The new concepts introduced by the clouds, such as computation outsourcing, resource sharing, and external data warehousing, increase the security and privacy concerns and create new security challenges. Moreover, the large scale of the clouds, the proliferation of mobile access devices (e

  9. Computer Security: better code, fewer problems

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    The origin of many security incidents is negligence or unintentional mistakes made by web developers or programmers. In the rush to complete the work, due to skewed priorities, or just to ignorance, basic security principles can be omitted or forgotten.   The resulting vulnerabilities lie dormant until the evil side spots them and decides to hit hard. Computer security incidents in the past have put CERN’s reputation at risk due to websites being defaced with negative messages about the Organization, hash files of passwords being extracted, restricted data exposed… And it all started with a little bit of negligence! If you check out the Top 10 web development blunders, you will see that the most prevalent mistakes are: Not filtering input, e.g. accepting “<“ or “>” in input fields even if only a number is expected.  Not validating that input: you expect a birth date? So why accept letters? &...

  10. Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

    Energy Technology Data Exchange (ETDEWEB)

    Sheldon, Frederick T [ORNL; Krings, Axel [ORNL; Yoo, Seong-Moo [ORNL; Mili, Ali [ORNL; Trien, Joseph P [ORNL

    2006-01-01

    The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglected or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .

  11. Computer Security: Introduction to information and computer security (1/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  12. Research on Security Protection Technology of Distributed Storage Based on Cloud Computing%基于云计算的分布式存储安全保护技术研究

    Institute of Scientific and Technical Information of China (English)

    陈克明

    2016-01-01

    In this paper,through cloud computing environment safety threat and the cloud computing distributed storage security protection technology research status analysis,research on Design of cloud computing in distributed data storage security protection technology of three security protocols,in cloud computing distributed storage security protection technology research and design continue to improve and make a contribution.%文章通过对云计算环境下安全隐患的威胁和云计算分布式存储安全保护技术研究现状进行分析,进行对云计算中分布式存储数据安全保护技术的3个安全协议方案的设计研究,以期在云计算下分布式存储安全保护技术的设计研究中不断进行完善并做出贡献。

  13. 云计算安全总体框架与关键技术研究%Research on General Security Framework and Key Technology of Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    张显龙

    2013-01-01

    随着云计算的快速发展,安全已成为云计算领域亟待突破的重要问题,其重要性与紧迫性已不容忽视。文章首先分析了云计算的概念和应用模式;接着提出了云计算安全总体参考框架,分析了云计算各个层面(IaaS、PaaS、SaaS)面临的安全风险及采取的关键措施;最后针对云计算的几大关键技术给出了自己的见解。%With the rapid development of cloud computing, security issue has become the primary issue to be solved,with the increasing importance and urgency .The article ifrstly analyzes the concept and the application model of cloud computing;Then proposes the general security reference framework of cloud computing,and analyzes the security risks that IaaS、PaaS and SaaS are facing and the key countermeasures;Finally gives some opinions pointing at a few key technologies of cloud computing.

  14. Individual versus Organizational Computer Security and Privacy Concerns in Journalism

    Directory of Open Access Journals (Sweden)

    McGregor Susan E.

    2016-10-01

    Full Text Available A free and open press is a critical piece of the civil-society infrastructure that supports both established and emerging democracies. However, as the professional activities of reporting and publishing are increasingly conducted by digital means, computer security and privacy risks threaten free and independent journalism around the globe. Through interviews with 15 practicing journalists and 14 organizational stakeholders (supervising editors and technologists, we reveal the distinct - and sometimes conflicting-computer security concerns and priorities of different stakeholder groups within journalistic institutions, as well as unique issues in journalism compared to other types of organizations. As these concerns have not been deeply studied by those designing computer security practices or technologies that may benefit journalism, this research offers insight into some of the practical and cultural constraints that can limit the computer security and privacy practices of the journalism community as a whole. Based on these findings, we suggest paths for future research and development that can bridge these gaps through new tools and practices.

  15. Soft Computing - A step towards building Secure Cognitive WLAN

    CERN Document Server

    Lingareddy, S C; Babu, Dr Vinaya; Dhruve, Kashyap

    2010-01-01

    Wireless Networks rendering varied services has not only become the order of the day but the demand of a large pool of customers as well. Thus, security of wireless networks has become a very essential design criterion. This paper describes our research work focused towards creating secure cognitive wireless local area networks using soft computing approaches. The present dense Wireless Local Area Networks (WLAN) pose a huge threat to network integrity and are vulnerable to attacks. In this paper we propose a secure Cognitive Framework Architecture (CFA). The Cognitive Security Manager (CSM) is the heart of CFA. The CSM incorporates access control using Physical Architecture Description Layer (PADL) and analyzes the operational matrices of the terminals using multi layer neural networks, acting accordingly to identify authorized access and unauthorized usage patterns.

  16. Research and Application of Secure Multi-Party Computation%安全多方计算技术研究与应用

    Institute of Scientific and Technical Information of China (English)

    张卷美; 徐荣华

    2016-01-01

    认为同态密码的本质是通过密文运算,实现相对应的明文运算。基于同态密码、格理论密码,分别设计了安全多方计算协议,解决了安全两方线段求解直线相交问题和聚类分析中一种经常遇到的加权平均问题。认为目前安全多方计算的实际应用比较滞后,但随着其理论的不断成熟以及各种密码理论基础技术的不断发展,安全多方计算最终会为新时代下的信息安全提供服务。%The essence of homomorphic encryption is to realize the corresponding plaintext operation by calculating cipher text. In this paper, we propose some secure multi-party computation schemes based on homomorphic encryption and lattice theory. With these protocols, the secure two-party line segment intersection problem and weighted-average problem, which are often encountered when solving the problem of clustering analysis, are solved. Practical application of secure multi-party computation is lagging, but with the continuous development of its theory and various kinds of cryptography, secure multi-party computation wil increase information security in the future.

  17. Extreme Scale Computing to Secure the Nation

    Energy Technology Data Exchange (ETDEWEB)

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  18. SEED: A Suite of Instructional Laboratories for Computer Security Education

    Science.gov (United States)

    Du, Wenliang; Wang, Ronghua

    2008-01-01

    The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

  19. SEED: A Suite of Instructional Laboratories for Computer Security Education

    Science.gov (United States)

    Du, Wenliang; Wang, Ronghua

    2008-01-01

    The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

  20. 48 CFR 952.204-77 - Computer security.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006)...

  1. Case Study: Creation of a Degree Program in Computer Security. White Paper.

    Science.gov (United States)

    Belon, Barbara; Wright, Marie

    This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

  2. Computer-Aided Sensor Development Focused on Security Issues

    Directory of Open Access Journals (Sweden)

    Andrzej Bialas

    2016-05-01

    Full Text Available The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

  3. Computer-Aided Sensor Development Focused on Security Issues.

    Science.gov (United States)

    Bialas, Andrzej

    2016-05-26

    The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

  4. 基于云计算的数据安全研究%Research on Data Security on Account of Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    林军

    2013-01-01

    With the further im plem entation of cloud com puting,cloud computing security issues become the one of the focus of attention.A ccording to the concept of cloud com puting, service mode or architecture re-search,this article focuses on threats and counterm easures of data security in the cloud computing environm ent.%随着云计算的深入应用,云计算安全问题成为最引人关注的焦点之一。本文在对云计算的概念、服务模式、体系架构的研究基础上,重点分析了数据安全在云计算环境下面对的威胁以及相应的防护对策。

  5. 移动云计算领域的网络安全策略研究%Mobile Cloud Computing Research on Network Security Policy

    Institute of Scientific and Technical Information of China (English)

    王琮; 吴帆; 闫莅

    2015-01-01

    移动云计算(Mobile Cloud Computing),作为云计算和移动互联网相互融合的产物,是指通过移动网络以按需、可扩展的模式获取所需的网络、服务器、存储、应用和服务等IT资源的一种交付模式。然而,移动云计算这一新技术的应用,也引发了一系列新的安全问题。本文介绍了移动云计算的基本概念,分析了移动云计算环境中所面临的网络安全挑战,结合“云-管-端”的架构与特点,提出了一套“云层”“终端”和“管道”的分层次的安全策略,以期提供一种移动云计算领域的安全防护思路。%Mobile cloud computing, is a product of cloud computing and mobile Internet integration, is a kind of mode of delivery through the mobile network to on-demand, scalable model for obtaining the required network, servers, storage, applications and services and other IT resources. However, the application of mobile cloud computing is a new technology, has initiated a series of new problems of network security. This paper introduces the basic concept of mobile cloud computing, analyzes the mobile network security challenges facing cloud computing environments, combined with "Cloud - Pipe - End" architecture and features, proposed a "Cloud", "Pipe" and "End" of layered security strategy, in order to provide an idea of mobile cloud computing securityfi eld.

  6. Research on the problems and prevention method of computer network security%计算机网络安全问题与防范方式研究

    Institute of Scientific and Technical Information of China (English)

    党倩

    2014-01-01

    With the wide application of our country in recent years,computer technology and science to continuously improve the level of social progress. China cannot do without the extensive use of computer technology.Along with the computer application range more widely and computer coverage area is more and more big,the security problems in the process of application of computer network is gradually exposed,the widespread attention in the present computer security problems,because the calculation itself particularity and irreplaceable, vital for the computer network security problem.Computer network security is not only related to the homes in our country,but also in all walks of life in China,business and has great significance to the national military defense above all.%随着我们国家近些年来计算机技术的广泛应用和科学水平不断提高,我国社会进步离不开对计算机技术的广泛应用。随着我国计算机应用范围愈来愈广泛和计算机覆盖范围越来越大,计算机网络应用过程中存在的安全问题也逐渐暴露出来,在我国目前来看计算机安全问题得到普遍重视,因为计算机其本身的特殊性与不可替代性,决定计算机网络安全问题至关重要。计算机网络安全不仅关系到我国千家万户,还在我国各行各业生产,经营与国家军事国防上面都有着重要意义。

  7. Securing Embedded Smart Cameras with Trusted Computing

    Directory of Open Access Journals (Sweden)

    Winkler Thomas

    2011-01-01

    Full Text Available Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only open new possibilities but also raise new challenges. Often overlooked are potential security issues of the camera system. The increasing amount of software running on the cameras turns them into attractive targets for attackers. Therefore, the protection of camera devices and delivered data is of critical importance. In this work we present an embedded camera prototype that uses Trusted Computing to provide security guarantees for streamed videos. With a hardware-based security solution, we ensure integrity, authenticity, and confidentiality of videos. Furthermore, we incorporate image timestamping, detection of platform reboots, and reporting of the system status. This work is not limited to theoretical considerations but also describes the implementation of a prototype system. Extensive evaluation results illustrate the practical feasibility of the approach.

  8. Preaching What We Practice: Teaching Ethical Decision-Making to Computer Security Professionals

    Science.gov (United States)

    Fleischmann, Kenneth R.

    The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism - we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders [1]. Computer security research and practice involves a number of opportunities for ethical decisions. For example, decisions about whether or not to automatically provide security updates involve tradeoffs related to caring versus user autonomy. Decisions about online voting include tradeoffs between convenience and security. Finally, decisions about routinely screening e-mails for spam involve tradeoffs of efficiency and privacy. It is critical that these and other decisions facing computer security researchers and professionals are confronted head on as value-laden design decisions, and that computer security researchers and professionals consider the perspectives of various stakeholders in making these decisions.

  9. Flexible And Secure Access To Computing Clusters

    Directory of Open Access Journals (Sweden)

    Jan Meizner

    2010-01-01

    Full Text Available The investigation presented in this paper was prompted by the need to provide a manageablesolution for secure access to computing clusters with a federated authentication framework.This requirement is especially important for scientists who need direct access to computingnodes in order to run their applications (e.g. chemical or medical simulations with proprietary,open-source or custom-developed software packages. Our existing software, whichenables non-Web clients to use Shibboleth-secured services, has been extended to providedirect SSH access to cluster nodes using the Linux Pluggable Authentication Modules mechanism.This allows Shibboleth users to run the required software on clusters. Validationand performance comparison with existing SSH authentication mechanisms confirm that thepresented tools satisfy the stated requirements.

  10. On technical security issues in cloud computing

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils

    2009-01-01

    The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality......, however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations. © 2009 IEEE....

  11. On technical security issues in cloud computing

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils

    2009-01-01

    The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality......, however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations....

  12. A German Perspective on Security Research

    Science.gov (United States)

    Thoma, Klaus; Hiller, Daniel; Leismann, Tobias; Drees, Birgit

    Prior to 2007, there was no coherent federal approach to conceptualise and fund security research in Germany. This changed with the initiation of the national program for civil security research, managed by the German Ministry for Education and Research (BMBF). Over the course of only four years a continuous build-up of national capacities on civil security was established to better protect German citizens, commodities and infrastructures against terrorism, organised crime and the effects of man-made and natural disasters.

  13. Privacy and Security issues in Cloud Computing

    OpenAIRE

    Anita Kumari Nanda , Brojo Kishore Mishra

    2012-01-01

    “Cloud computing” – a relatively recent term, defines the paths ahead in computer science world. Being built on decades of research it utilizes all recent achievements in virtualization, distributed computing, utility computing, and networking. It implies a service oriented architecture through offering software and platforms as services, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on demand services and many other things. Sec...

  14. 基于云计算的安全服务研究%Research Based on Security Services of Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    盖玲

    2011-01-01

    互联网应用的迅猛发展丰富和方便了人们的生产生活,亦为入侵者提供了大量的机会.不断变化和演进的攻击手段,使得传统的企业安全防护体系面临着前所未有的严峻挑战.随着云计算在各个领域的成功落地,基于云计算的安全服务已经从概念阶段过渡到了完善和推广阶段.云安全服务可以很好地解决诸多安全威胁和挑战,并在包括运营商的很多领域得到广泛的应用.%The rapid development of Internet applications facilitates people's work and lif e, as well as provides a broad space for invaders. Constantly changing and evolving methods of attack, which make the traditional enterprise security system facing unprecedented challenges. As cloud computing's success in landing areas, cloud-based security services has moved from concept stage to the improvement and extension phase. Cloud security services can solve many security threats and challenges,including the telecom operators in many fields within a wide range of applications.

  15. Security Issues Associated with Big Data in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Venkata Narasimha Inukollu

    2014-06-01

    Full Text Available In this paper, we discuss security issues for cloud computing, Big data, Map Reduce and Hadoop environment. The main focus is on security issues in cloud computing that are associated with big data. Big data applications are a great benefit to organizations, business, companies and many large scale and small scale industries.We also discuss various possible solutions for the issues in cloud computing security and Hadoop. Cloud computing security is developing at a rapid pace which includes computer security, network security, information security, and data privacy. Cloud computing plays a very vital role in protecting data, applications and the related infrastructure with the help of policies, technologies, controls, and big data tools Moreover, cloud computing, big data and its applications, advantages are likely to represent the most promising new frontiers in science.

  16. Security Risk Scoring Incorporating Computers' Environment

    Directory of Open Access Journals (Sweden)

    Eli Weintraub

    2016-04-01

    Full Text Available A framework of a Continuous Monitoring System (CMS is presented, having new improved capabilities. The system uses the actual real-time configuration of the system and environment characterized by a Configuration Management Data Base (CMDB which includes detailed information of organizational database contents, security and privacy specifications. The Common Vulnerability Scoring Systems' (CVSS algorithm produces risk scores incorporating information from the CMDB. By using the real updated environmental characteristics the system enables achieving accurate scores compared to existing practices. Framework presentation includes systems' design and an illustration of scoring computations.

  17. Information security: where computer science, economics and psychology meet.

    Science.gov (United States)

    Anderson, Ross; Moore, Tyler

    2009-07-13

    Until ca. 2000, information security was seen as a technological discipline, based on computer science but with mathematics helping in the design of ciphers and protocols. That perspective started to change as researchers and practitioners realized the importance of economics. As distributed systems are increasingly composed of machines that belong to principals with divergent interests, incentives are becoming as important to dependability as technical design. A thriving new field of information security economics provides valuable insights not just into 'security' topics such as privacy, bugs, spam and phishing, but into more general areas of system dependability and policy. This research programme has recently started to interact with psychology. One thread is in response to phishing, the most rapidly growing form of online crime, in which fraudsters trick people into giving their credentials to bogus websites; a second is through the increasing importance of security usability; and a third comes through the psychology-and-economics tradition. The promise of this multidisciplinary research programme is a novel framework for analysing information security problems-one that is both principled and effective.

  18. Computer Network Security: Best Practices for Alberta School Jurisdictions.

    Science.gov (United States)

    Alberta Dept. of Education, Edmonton.

    This paper provides a snapshot of the computer network security industry and addresses specific issues related to network security in public education. The following topics are covered: (1) security policy, including reasons for establishing a policy, risk assessment, areas to consider, audit tools; (2) workstations, including physical security,…

  19. Secure medical information sharing in cloud computing.

    Science.gov (United States)

    Shao, Zhiyi; Yang, Bo; Zhang, Wenzheng; Zhao, Yi; Wu, Zhenqiang; Miao, Meixia

    2015-01-01

    Medical information sharing is one of the most attractive applications of cloud computing, where searchable encryption is a fascinating solution for securely and conveniently sharing medical data among different medical organizers. However, almost all previous works are designed in symmetric key encryption environment. The only works in public key encryption do not support keyword trapdoor security, have long ciphertext related to the number of receivers, do not support receiver revocation without re-encrypting, and do not preserve the membership of receivers. In this paper, we propose a searchable encryption supporting multiple receivers for medical information sharing based on bilinear maps in public key encryption environment. In the proposed protocol, data owner stores only one copy of his encrypted file and its corresponding encrypted keywords on cloud for multiple designated receivers. The keyword ciphertext is significantly shorter and its length is constant without relation to the number of designated receivers, i.e., for n receivers the ciphertext length is only twice the element length in the group. Only the owner knows that with whom his data is shared, and the access to his data is still under control after having been put on the cloud. We formally prove the security of keyword ciphertext based on the intractability of Bilinear Diffie-Hellman problem and the keyword trapdoor based on Decisional Diffie-Hellman problem.

  20. Optimize the Security Performance of the Computing Environment of IHEP

    Institute of Scientific and Technical Information of China (English)

    Rong-shengXU; Bao-XuLIU

    2001-01-01

    This paper gives a background of crackers,then some attack events that have happened in IHEP networks are enumerated and introduced.At last a highly efficient defence system that integrates author's experience,research results and have put in practice in IHEP networks environment is described in detail,This paper also gives network and information security advice and process for high energy physics computing environment in the Institute of High Energy Physics that will implement in the future.

  1. Secure Data Sharing in Cloud Computing using Hybrid cloud

    Directory of Open Access Journals (Sweden)

    Er. Inderdeep Singh

    2015-06-01

    Full Text Available Cloud computing is fast growing technology that enables the users to store and access their data remotely. Using cloud services users can enjoy the benefits of on-demand cloud applications and data with limited local infrastructure available with them. While accessing the data from cloud, different users may have relationship among them depending on some attributes, and thus sharing of data along with user privacy and data security becomes important to get effective results. Most of the research has been done to secure the data authentication so that user’s don’t lose their private data stored on public cloud. But still data sharing is a significant hurdle to overcome by researchers. Research is going on to provide secure data sharing with enhanced user privacy and data access security. In this paper various research and challenges in this area are discussed in detail. It will definitely help the cloud users to understand the topic and researchers to develop a method to overcome these challenges.

  2. An Overview Of The Security Concerns In Enterprise Cloud Computing

    OpenAIRE

    Anthony Bisong; Rahman, Syed M

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud comp...

  3. An Overview of the Security Concerns in Enterprise Cloud Computing

    OpenAIRE

    Bisong, Anthony; Syed; Rahman, M.

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud co...

  4. Science and Technology Resources on the Internet: Computer Security.

    Science.gov (United States)

    Kinkus, Jane F.

    2002-01-01

    Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

  5. Cloud Security: Issues and Research Directions

    Science.gov (United States)

    2014-11-18

    al. present two storage isolation schemes that enable cloud users with high security requirements to verify that their disk storage is isolated from...Proof of Isolation for Cloud Storage Zhan Wang, Kun Sun, Sushil Jajodia, and Jiwu Jing 6. Selective and Fine-Grained Access to Data in the Cloud ... Cloud Security: Issues and Research Directions We organized an invitational workshop at George Mason University on Cloud Security: Issues and Research

  6. Computer Security: transparent monitoring for your protection

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Computer security can be handled in one of two ways: in secrecy, behind a black curtain; or out in the open, subject to scrutiny and with full transparency. We believe that the latter is the only right way for CERN, and have always put that belief into practice. In keeping with this spirit, here is a reminder of how we monitor (your) CERN activities in order to guarantee timely responses to computer security incidents.   We monitor all network traffic coming into and going out of CERN. Automatic tools look for suspicious patterns like connections to known malicious IP addresses, web pages or domains. They check for malicious files being downloaded and make statistical analyses of connections in order to identify unusual behaviour. The automatic analysis of the logs from the CERN Domain Name Servers complements this and provides a redundant means of detection. We also constantly scan the CERN office network and keep an inventory of the individual network services running on each device: w...

  7. 认知计算在网络安全态势感知中的应用研究%Research on the application of cognitive computing in network security situation awareness

    Institute of Scientific and Technical Information of China (English)

    肖晓飞; 贾颖

    2014-01-01

    This paper summarizes the cognitive computing research literature of foreign scholars and domestic scholars, analyses the research hot spot in the field of cognitive computing, summarizes the situation of its application in network security situation awareness, and constructs the network security situation based on multi-ring MACDE cognitive model.%文章总结了认知计算领域国外学者和国内学者的研究文献,对认知计算的热点研究领域做了分析,对其在网络安全态势感知中的应用情况进行了回顾和总结,并构建了基于多MACDE环的网络安全态势认知计算模型。

  8. Research in computer science

    Science.gov (United States)

    Ortega, J. M.

    1986-01-01

    Various graduate research activities in the field of computer science are reported. Among the topics discussed are: (1) failure probabilities in multi-version software; (2) Gaussian Elimination on parallel computers; (3) three dimensional Poisson solvers on parallel/vector computers; (4) automated task decomposition for multiple robot arms; (5) multi-color incomplete cholesky conjugate gradient methods on the Cyber 205; and (6) parallel implementation of iterative methods for solving linear equations.

  9. Research Challenges for Enterprise Cloud Computing

    CERN Document Server

    Khajeh-Hosseini, Ali; Sriram, Ilango

    2010-01-01

    Cloud computing represents a shift away from computing as a product that is purchased, to computing as a service that is delivered to consumers over the internet from large-scale data centers - or "clouds". This paper discusses some of the research challenges for cloud computing from an enterprise or organizational perspective, and puts them in context by reviewing the existing body of literature in cloud computing. Various research challenges relating to the following topics are discussed: the organizational changes brought about by cloud computing; the economic and organizational implications of its utility billing model; the security, legal and privacy issues that cloud computing raises. It is important to highlight these research challenges because cloud computing is not simply about a technological improvement of data centers but a fundamental change in how IT is provisioned and used. This type of research has the potential to influence wider adoption of cloud computing in enterprise, and in the consumer...

  10. Computer Science Research: Computation Directorate

    Energy Technology Data Exchange (ETDEWEB)

    Durst, M.J. (ed.); Grupe, K.F. (ed.)

    1988-01-01

    This report contains short papers in the following areas: large-scale scientific computation; parallel computing; general-purpose numerical algorithms; distributed operating systems and networks; knowledge-based systems; and technology information systems.

  11. Restricted access processor - An application of computer security technology

    Science.gov (United States)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  12. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  13. Lilith: A scalable secure tool for massively parallel distributed computing

    Energy Technology Data Exchange (ETDEWEB)

    Armstrong, R.C.; Camp, L.J.; Evensky, D.A.; Gentile, A.C.

    1997-06-01

    Changes in high performance computing have necessitated the ability to utilize and interrogate potentially many thousands of processors. The ASCI (Advanced Strategic Computing Initiative) program conducted by the United States Department of Energy, for example, envisions thousands of distinct operating systems connected by low-latency gigabit-per-second networks. In addition multiple systems of this kind will be linked via high-capacity networks with latencies as low as the speed of light will allow. Code which spans systems of this sort must be scalable; yet constructing such code whether for applications, debugging, or maintenance is an unsolved problem. Lilith is a research software platform that attempts to answer these questions with an end toward meeting these needs. Presently, Lilith exists as a test-bed, written in Java, for various spanning algorithms and security schemes. The test-bed software has, and enforces, hooks allowing implementation and testing of various security schemes.

  14. A Research Agenda for Security Engineering

    Directory of Open Access Journals (Sweden)

    Rich Goyette

    2013-08-01

    Full Text Available Despite nearly 30 years of research and application, the practice of information system security engineering has not yet begun to exhibit the traits of a rigorous scientific discipline. As cyberadversaries have become more mature, sophisticated, and disciplined in their tradecraft, the science of security engineering has not kept pace. The evidence of the erosion of our digital security – upon which society is increasingly dependent – appears in the news almost daily. In this article, we outline a research agenda designed to begin addressing this deficit and to move information system security engineering toward a mature engineering discipline. Our experience suggests that there are two key areas in which this movement should begin. First, a threat model that is actionable from the perspectives of risk management and security engineering should be developed. Second, a practical and relevant security-measurement framework should be developed to adequately inform security-engineering and risk-management processes. Advances in these areas will particularly benefit business/government risk assessors as well as security engineers performing security design work, leading to more accurate, meaningful, and quantitative risk analyses and more consistent and coherent security design decisions. Threat modelling and security measurement are challenging activities to get right – especially when they need to be applied in a general context. However, these are decisive starting points because they constitute the foundation of a scientific security-engineering practice. Addressing these challenges will require stronger and more coherent integration between the sub-disciplines of risk assessment and security engineering, including new tools to facilitate that integration. More generally, changes will be required in the way security engineering is both taught and practiced to take into account the holistic approach necessary from a mature, scientific

  15. 基于数字证书的云计算安全认证平台的研究%The Research of Cloud Computing Security Authentication Platform based on Digital Certificate

    Institute of Scientific and Technical Information of China (English)

    徐祺

    2013-01-01

    The cloud computing security authentication platform based on digital certificate was researched according to the security problems of the current cloud computing facing. First of al, the safety status of cloud computing was introduced in this paper. Application of digital certificate in China was analyzed with the electronic signature law's promulgation and implementation. A solution for computing security authentication based on digital certificate was designed cloud in the light of four safety problems existing in cloud computing combined with the digital certificate application. The encryption communication process was analysed that customers and cloud services platform using digital certificate. The scheme provided some models and the reference for cloud computing security authentication platform based on digital.%根据目前云计算面临的安全问题,对基于数字证书的云计算安全认证平台进行了研究。首先介绍了云计算的安全现状,分析了随着《电子签名法》的颁布实施,我国数字证书的应用情况,针对云计算存在的四个方面安全问题,结合数字证书的实际应用场景,设计了一种基于数字证书的云计算安全认证解决方案,并对客户利用数字证书与云服务平台加密通信的过程进行了分析,为基于数字证书的云计算安全认证平台建设提供了借鉴和参考。

  16. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Directory of Open Access Journals (Sweden)

    Yi Sun

    2014-01-01

    Full Text Available We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  17. Two-cloud-servers-assisted secure outsourcing multiparty computation.

    Science.gov (United States)

    Sun, Yi; Wen, Qiaoyan; Zhang, Yudong; Zhang, Hua; Jin, Zhengping; Li, Wenmin

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  18. Computer Security: is your code sane?

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    How many of us write code? Software? Programs? Scripts? How many of us are properly trained in this and how well do we do it? Do we write functional, clean and correct code, without flaws, bugs and vulnerabilities*? In other words: are our codes sane?   Figuring out weaknesses is not that easy (see our quiz in an earlier Bulletin article). Therefore, in order to improve the sanity of your code, prevent common pit-falls, and avoid the bugs and vulnerabilities that can crash your code, or – worse – that can be misused and exploited by attackers, the CERN Computer Security team has reviewed its recommendations for checking the security compliance of your code. “Static Code Analysers” are stand-alone programs that can be run on top of your software stack, regardless of whether it uses Java, C/C++, Perl, PHP, Python, etc. These analysers identify weaknesses and inconsistencies including: employing undeclared variables; expressions resu...

  19. Computer Security: Your privacy at CERN matters

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Congrats to all those who spotted that our last contribution to the CERN Bulletin (“CERN Secure Password Competition” – see here) was an April Fools’ Day hoax. Of course, there is no review and no jury and there won’t be any competition. Consequently, we are sorry to say that we cannot announce any winners. The extension of the password history rule and the initiative of finding password duplicates are absolute nonsense too.   In fact, the Computer Security team, just like the CERN Account Management service, the Single Sign-On team and the ServiceDesk, does not know and has no need to know your password. Passwords are actually salted and hashed using the SHA256 cryptographic hash function. Thus, there is no literal password database and no way that anyone apart from you can know your password – unless you have given it away intentionally or inadvertently… Remember, your password is yours and only yours, so please do not...

  20. Computer Security: WWW censorship? Not at CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Whoops! We received a number of critical responses to our previous article on the upcoming DNS firewall (“DNS to the rescue!” - see here). While they were mostly constructive, the main question was “How dare we censor Internet access?” Let us clarify this.   Computer security at CERN must always find the right balance between CERN’s academic environment, its operations and security itself. Of course we can easily overdo it one way or another, but that would kill our academic freedom and bring the Organization to a halt. That certainly isn’t in our interest. On the other hand, CERN is permanently under attack and we have to do everything possible to ensure that those attacks are kept at bay. Otherwise they could impact CERN’s operations… So, have we found the right balance? Concerning access to the Internet and in particular to the web, we have not and will not block random websites because of their content unless &a...

  1. Computer Security: The dilemma of fractal defence

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Aren’t mathematical fractals just beautiful? The Mandelbrot set and the Julia set, the Sierpinski gasket, the Menger sponge, the Koch curve (see here)… Based on very simple mathematical rules, they quickly develop into a mosaic of facets slightly different from each other. More and more features appear the closer you zoom into a fractal and expose similar but not identical features of the overall picture.   Computer security is like these fractals, only much less pretty: simple at first glance, but increasingly complex and complicated when you look more closely at the details. The deeper you dig, the more and more possibilities open up for malicious people as the attack surface grows, just like that of “Koch’s snowflakes”, where the border length grows exponentially. Consequently, the defensive perimeter also increases when we follow the bits and bytes layer by layer from their processing in the CPU, trickling up the software stack thro...

  2. Information security assurance lifecycle research

    Institute of Scientific and Technical Information of China (English)

    XIE Cheng-shan; XUJIA Gu-yue; WANG Li

    2007-01-01

    This article proposes that problems of information security are mainly caused by the ineffective integration of people, operation, and technology, and not merely by the poor use of technology. Based on the information lifecycle, a model of the information security assurance lifecycle is presented. The crucial parts of the model are further discussed, with the information risk value and protect level, and the solution in each step of the lifecycle is presented with an ensured information risk level, in term of the integration of people, operation, and technology.

  3. An Overview of the Security Concerns in Enterprise Cloud Computing

    CERN Document Server

    Bisong, Anthony; Rahman, M; 10.5121/ijnsa.2011.3103

    2011-01-01

    Deploying cloud computing in an enterprise infrastructure bring significant security concerns. Successful implementation of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  4. An Overview Of The Security Concerns In Enterprise Cloud Computing

    Directory of Open Access Journals (Sweden)

    Anthony Bisong

    2011-01-01

    Full Text Available Deploying cloud computing in an enterprise infrastructure bring significant security concerns.Successful implementation of cloud computing in an enterprise requires proper planning andunderstanding of emerging risks, threats, vulnerabilities, and possible countermeasures. We believe enterprise should analyze the company/organization security risks, threats, and available countermeasures before adopting this technology. In this paper, we have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risksand protect their resources. We have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management.

  5. Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

    Science.gov (United States)

    Edwards, Keith

    2015-01-01

    Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

  6. Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

    Science.gov (United States)

    Edwards, Keith

    2015-01-01

    Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

  7. Computer Security: your car, my control

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    We have discussed the Internet of Things (IoT) and its security implications already in past issues of the CERN Bulletin, for example in “Today’s paranoia, tomorrow’s reality” (see here). Unfortunately, tomorrow has come. At this years's Black Hat conference researchers presented their findings on how easily your car can be hacked and controlled remotely. Sigh.   While these researchers have just shown that they can wirelessly hijack a Jeep Cherokee, others have performed similar studies with SmartCars, Fords, a Tesla, a Corvette, BMWs, Chryslers and Mercedes! With the increasing computerisation of cars, the engine management system, air conditioning, anti-lock braking system, electronic stability programme, etc. are linked to the infotainment, navigation and communication systems, opening the door for these vehicles to be hacked remotely. The now prevalent Bluetooth connection with smartphones is one entry vector to attack your car remotely...

  8. Research in Computational Astrobiology

    Science.gov (United States)

    Chaban, Galina; Colombano, Silvano; Scargle, Jeff; New, Michael H.; Pohorille, Andrew; Wilson, Michael A.

    2003-01-01

    We report on several projects in the field of computational astrobiology, which is devoted to advancing our understanding of the origin, evolution and distribution of life in the Universe using theoretical and computational tools. Research projects included modifying existing computer simulation codes to use efficient, multiple time step algorithms, statistical methods for analysis of astrophysical data via optimal partitioning methods, electronic structure calculations on water-nuclei acid complexes, incorporation of structural information into genomic sequence analysis methods and calculations of shock-induced formation of polycylic aromatic hydrocarbon compounds.

  9. 云计算数据安全支撑平台架构研究%The Research of Cloud Computing Data Security Support Platform Architecture

    Institute of Scientific and Technical Information of China (English)

    张大朋; 蔡克; 张敏; 徐震

    2011-01-01

    As cloud providers have priority access to data, it is difficult to guarantee the confidentiality and integrity of users' data. For this problem the paper presents an architecture to protect user data security by encryption. Searching cipher text and integrity verification will be used to ensure the availability and integrity of users' data. This mechanism provides reliable security support for the massive data in the cloud computing system.%由于云服务提供商拥有对数据的优先访问权,用户数据的机密性和完整性很难得到保证.针对此问题构建了一种使用加密机制保护云数据安全的体系结构.使用密文检索和完整性验证来保证云用户数据的可用性和完整性,为云计算系统中海量数据提供用户可信赖的安全支撑.

  10. Research on Computer Network Information Security and Protection Strategy%计算机网络信息安全及其防护策略研究

    Institute of Scientific and Technical Information of China (English)

    张富

    2016-01-01

    计算机网络已经是我们生活中的一部分,网络安全越来越受到关注。在互联网的时代,我们基本上办任何事情,都要通过网络。因此不管是个人信息、企业信息还是国家信息都存在安全隐患和信息泄密的威胁。文章通过分析威胁网络信息安全的因素,结合近几年计算机网络信息安全的案例提出信息安全的防护策略。%computer network has already became a part in our life, and the issue of internet security raise more and more concerns. In the age of internet, we basically do anything go through the internet. Therefore, there are exist troubles and threats to personal information, corporate information and national information. This paper analyzed the reasons of threats to the internet information security, and put forward some safety protection strategies according to the cases happened in recent years.

  11. Computer Security: oops, there it goes...

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Do you love riddles, hide and seek or picture puzzles a la “Where’s Wally”? Then take a look at the photo below, and try to spot the error.   It is hard to spot: the yellow sticker on the computer screen shows a password providing access to the web application running on the screen. Surprising! Fortunately, this sticker was quickly removed by the corresponding system owners and the password changed. However, we can all make improvements: passwords must never be written down and definitely not on stickers attached to screens, keyboards, or desks. Remember: your password is your “toothbrush” - a toothbrush you do not share and you change regularly. Neither your colleagues, your supervisor, the Service Desk or the Computer Security Team have any valid reason to ask for it. They should not and will never do so. The same is valid for any external company: UBS, Paypal, Amazon, Facebook or Google will never ask you for your pass...

  12. On the Power of Correlated Randomness in Secure Computation

    DEFF Research Database (Denmark)

    Ishai, Yuval; Kushilevitz, Eyal; Meldgaard, Sigurd Torkel

    2013-01-01

    We investigate the extent to which correlated secret randomness can help in secure computation with no honest majority. It is known that correlated randomness can be used to evaluate any circuit of size s with perfect security against semi-honest parties or statistical security against malicious ...

  13. Technology Foundations for Computational Evaluation of Software Security Attributes

    Science.gov (United States)

    2006-12-01

    Technology Foundations for Computational Evaluation of Software Security Attributes Gwendolyn H. Walton Thomas A. Longstaff Richard C...security attributes to the functional behavior of the software . The emergence of CERT’s new function extraction (FX) technology , unavailable to previous... software meets security requirements if they have been specified in behavioral terms. FX technology prescribes effective means to create and record

  14. A Novel Open Security Framework for Cloud Computing

    Directory of Open Access Journals (Sweden)

    Devki Gaurav Pal

    2012-06-01

    Full Text Available The evolution of cloud computing enables organizations to reduce their expenditure on IT infrastructure and is advantageous to both the serving and served organizations. But security issue is major concern in adoption of cloud. This paper focuses on the problem of lack of security considerations in Service Level Agreements and top security threats and vulnerability which are suggested by security experts. The Security framework for end to end security in cloud computing has also been proposed in the present work. This paper also draws attention on need of Open Security Framework. Proposed framework is developed by collective participation of security experts, practitioners, Cloud Service Providers and Clients. It is in line with various government policies, legislation and standards like ISO 27000 series, SOX, HIPPA, COBIT, ITIL etc. to comply with them. This step will boost mutual trust and privacy of participants.

  15. The Research on Mobile-agent Security

    Institute of Scientific and Technical Information of China (English)

    2002-01-01

    Mobile agent technology offers a new computing paradigm in which a program, in the form of a software agent, can suspend its execution in a host computer, transfer itself to another agent-enabled host in the network, and resume execution of the new host. As the sophistication of mobile software has increased with the time, so have the associated threats to security. This paper provides an overview of the range of threats facing the designers of mobile agent. The paper also identifies generic security objectives, and a range of measures for countering the identified threats.

  16. A European Perspective on Security Research

    Science.gov (United States)

    Liem, Khoen; Hiller, Daniel; Castex, Christoph

    Tackling the complexity and interdependence of today's security environment in the globalized world of the 21st century is an everlasting challenge. Whereas the end of the Cold War presented a caesura of global dimension for the political and economic architecture and a realignment of power distribution and international relations between former adversaries, September 11th of 2001 may be seen as another caesura. Since then, specifically among countries of the Western hemisphere, traditional security paradigms and theories have been critically questioned and the different security cultures and perceptions have resulted in diverse security and defence policies as well as in security research efforts of individual countries. Consensus, it seems, exists on the question of what the threats are that our modern interconnected societies are facing. Whether looking at international terrorism, organized crime, climate change, the illegal trafficking of goods and people or naturally caused catastrophes, these phenomena all have in common that they are in most cases of transnational nature. Formerly existing dividing lines between internal and external security continue to fade, presenting an enormous challenge for those in charge of designing security policy and even more so for the various institutions safeguarding European security. That is why dissent often revolves around the question on how to get hold of these complex problems. Geographic location, cultural background, ethical make-up of society as well as relations with neighbouring countries are all important aspects to be considered when assessing the security culture and policy of individual countries.

  17. Proposal for a Security Management in Cloud Computing for Health Care

    OpenAIRE

    Knut Haufe; Srdan Dzombeta; Knud Brandis

    2014-01-01

    Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general info...

  18. Deliberate Secure Grid Computing Blueprint Design in Indian Context

    Directory of Open Access Journals (Sweden)

    Sanjeev Puri

    2012-06-01

    Full Text Available The novel concept of grid computing, clusters of computational power is constructed from a network of many small and widespread different computers servers or workstations into a single resource. We now proceed to translate the grid security problem into specific grid security requirements. The purpose of Grid technologies is to support the secure sharing and scalable coordinated use of diverse resources in dynamic, distributed VOs. We propose a secure blueprint design for grid systems that addresses requirements for single sign-on, interoperability with local policies of any grid city of India, with dynamically varying resource demands.

  19. Secure Multiparty Computation for Cooperative Cyber Risk Assessment

    Science.gov (United States)

    2016-11-01

    Secure Multiparty Computation for Cooperative Cyber Risk Assessment Kyle Hogan, Noah Luther, Nabil Schear, Emily Shen, Sophia Yakoubov, Arkady...Malacaria. How to spend it: Optimal investment for cyber security . In Proceedings of the 1st International Workshop on Agents and CyberSecurity...common problem organizations face is determining which security updates to perform and patches to apply to minimize the risk of potential vulnerabilities

  20. Computer Security and the Data Encryption Standard. Proceedings of the Conference on Computer Security and the Data Encryption Standard.

    Science.gov (United States)

    Branstad, Dennis K., Ed.

    The 15 papers and summaries of presentations in this collection provide technical information and guidance offered by representatives from federal agencies and private industry. Topics discussed include physical security, risk assessment, software security, computer network security, and applications and implementation of the Data Encryption…

  1. The Westinghouse Hanford Company Unclassified Computer Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Gurth, R.J.

    1994-02-01

    This paper describes the evolution of the Westinghouse Hanford Company (WHC) Unclassified Computer Security (UCS) Program over the past seven years. The intent has been to satisfy the requirements included in the DOE Order 1360.2B (DOE 1992) for Unclassified Computer Security in the most efficient and cost-effective manner.

  2. Recent advances in computational intelligence in defense and security

    CERN Document Server

    Falcon, Rafael; Zincir-Heywood, Nur; Abbass, Hussein

    2016-01-01

    This volume is an initiative undertaken by the IEEE Computational Intelligence Society’s Task Force on Security, Surveillance and Defense to consolidate and disseminate the role of CI techniques in the design, development and deployment of security and defense solutions. Applications range from the detection of buried explosive hazards in a battlefield to the control of unmanned underwater vehicles, the delivery of superior video analytics for protecting critical infrastructures or the development of stronger intrusion detection systems and the design of military surveillance networks. Defense scientists, industry experts, academicians and practitioners alike will all benefit from the wide spectrum of successful applications compiled in this volume. Senior undergraduate or graduate students may also discover uncharted territory for their own research endeavors.

  3. Computer Security: “New_invoice.zip”

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Thanks for reading this. But I wonder, what do you expect? Why did this generic title catch your interest? Of course, you might read our articles on a regular basis and it is the “Computer Security:” that brought you here. But still, was there anything else? You should stop reading here... unless you believe this text is meant for you. Or if you are curious. Or if you expect to learn something. Actually, that’s it. “New_invoice.zip” taught more than 40 people at CERN a lesson... the hard way.   “New_invoice.zip” was the name of an attachment to a rather blunt e-mail sent directly to many of our dear colleagues. Others received the e-mail via mailing lists like “it-dep”. The subject of the mail was “invoice” and its message read “Check the document” (see Image 1). The recipient list was vast and full of many different, not necessarily connected names. Clicking on t...

  4. Quantum-Classical Complexity-Security Tradeoff In Secure Multi-Party Computation

    OpenAIRE

    Chau, HF

    1999-01-01

    I construct a secure multi-party scheme to compute a classical function by a succinct use of a specially designed fault-tolerant random polynomial quantum error correction code. This scheme is secure provided that (asymptotically) strictly greater than five-sixths of the players are honest. Moreover, the security of this scheme follows directly from the theory of quantum error correcting code, and hence is valid without any computational assumption. I also discuss the quantum-classical comple...

  5. Food Security Strategy Based on Computer Innovation

    OpenAIRE

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  6. On the Power of Correlated Randomness in Secure Computation

    DEFF Research Database (Denmark)

    Ishai, Yuval; Kushilevitz, Eyal; Meldgaard, Sigurd Torkel

    2013-01-01

    We investigate the extent to which correlated secret randomness can help in secure computation with no honest majority. It is known that correlated randomness can be used to evaluate any circuit of size s with perfect security against semi-honest parties or statistical security against malicious...... positive and negative results on unconditionally secure computation with correlated randomness. Concretely, we obtain the following results. Minimizing communication. Any multiparty functionality can be realized, with perfect security against semi-honest parties or statistical security against malicious...... parties, where the communication complexity grows linearly with s. This leaves open two natural questions: (1) Can the communication complexity be made independent of the circuit size? (2) Is it possible to obtain perfect security against malicious parties? We settle the above questions, obtaining both...

  7. Proposal for a Security Management in Cloud Computing for Health Care

    Directory of Open Access Journals (Sweden)

    Knut Haufe

    2014-01-01

    Full Text Available Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  8. Proposal for a security management in cloud computing for health care.

    Science.gov (United States)

    Haufe, Knut; Dzombeta, Srdan; Brandis, Knud

    2014-01-01

    Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  9. Peer-to-Peer Secure Multi-Party Numerical Computation

    CERN Document Server

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2008-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and numerous other tasks, where the computing nodes would like to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we examine several possible approaches and discuss their feasibility. Among the possible approaches, we identify a single approach which is both scalable and theoretically secure. An additional novel contribution is that we show how to compute the neighborhood based collaborative filtering, a state-of-the-art collaborative filtering algorithm, winner of the Netflix progress ...

  10. Computer Security in the Introductory Business Information Systems Course: An Exploratory Study of Textbook Coverage

    Science.gov (United States)

    Sousa, Kenneth J.; MacDonald, Laurie E.; Fougere, Kenneth T.

    2005-01-01

    The authors conducted an evaluation of Management Information Systems (MIS) textbooks and found that computer security receives very little in-depth coverage. The textbooks provide, at best, superficial treatment of security issues. The research results suggest that MIS faculty need to provide material to supplement the textbook to provide…

  11. Security, Privacy and Trust Challenges in Cloud Computing and Solutions

    Directory of Open Access Journals (Sweden)

    Seyyed Yasser hashemi

    2014-07-01

    Full Text Available Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing recently emerged as a promising solution to information technology (IT management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. As much as the technological benefits, cloud computing also has risks involved. In this paper Cloud Computing security challenges will be discussed and proposed many new recommendations to increase security and trust also maintaining privacy.

  12. Research on computer virus database management system

    Science.gov (United States)

    Qi, Guoquan

    2011-12-01

    The growing proliferation of computer viruses becomes the lethal threat and research focus of the security of network information. While new virus is emerging, the number of viruses is growing, virus classification increasing complex. Virus naming because of agencies' capture time differences can not be unified. Although each agency has its own virus database, the communication between each other lacks, or virus information is incomplete, or a small number of sample information. This paper introduces the current construction status of the virus database at home and abroad, analyzes how to standardize and complete description of virus characteristics, and then gives the information integrity, storage security and manageable computer virus database design scheme.

  13. A Novel Computer Virus Propagation Model under Security Classification

    Directory of Open Access Journals (Sweden)

    Qingyi Zhu

    2017-01-01

    Full Text Available In reality, some computers have specific security classification. For the sake of safety and cost, the security level of computers will be upgraded with increasing of threats in networks. Here we assume that there exists a threshold value which determines when countermeasures should be taken to level up the security of a fraction of computers with low security level. And in some specific realistic environments the propagation network can be regarded as fully interconnected. Inspired by these facts, this paper presents a novel computer virus dynamics model considering the impact brought by security classification in full interconnection network. By using the theory of dynamic stability, the existence of equilibria and stability conditions is analysed and proved. And the above optimal threshold value is given analytically. Then, some numerical experiments are made to justify the model. Besides, some discussions and antivirus measures are given.

  14. Security Implications of Typical Grid Computing Usage Scenarios

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.

    2001-06-05

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing.

  15. Food Security Strategy Based on Computer Innovation

    Directory of Open Access Journals (Sweden)

    Ruihui Mu

    2015-04-01

    Full Text Available Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control strategy, when the issue of marketing and business strategy is very important. The results of this study also demonstrated the relationship between reward and food security strategies. Interview analysis showed that the attitude of senior management in the hotel's food security policy, the company's ability to significantly dependent on the corporate image.

  16. Computer Security: White hats for CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    CERN is under attack. Permanently. Even right now. In particular, the CERN web environment, with its thousands of websites and millions of webpages, is a popular target for evil-doers as well as for security researchers.   Usually, their attacks are unsuccessful and fade away over time. Sometimes, however, they are successful and manage to break into a CERN website or web server… It is imperative that we learn about our weaknesses before others do – and fix them! Hackers with bad intentions are usually named “black hats” as they misuse their power to cause destruction or downtime via any weakness they can find. “Grey hats” are more moderate and might just have some fun with the weaknesses they find, for example by putting naked teddy bears or a personal message (such as “I hacked U”) on the compromised website. Last but not least, “white hats” report their findings directly to us and suggest that...

  17. Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

    Science.gov (United States)

    Tompkins, F. G.

    1983-01-01

    The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

  18. Robust Security System for Critical Computers

    Directory of Open Access Journals (Sweden)

    Preet Inder Singh

    2012-06-01

    Full Text Available Among the various means of available resource protection including biometrics, password based system is most simple, user friendly, cost effective and commonly used, but this system having high sensitivity with attacks. Most of the advanced methods for authentication based on password encrypt the contents of password before storing or transmitting in physical domain. But all conventional cryptographic based encryption methods are having its own limitations, generally either in terms of complexity, efficiency or in terms of security. In this paper a simple method is developed that provide more secure and efficient means of authentication, at the same time simple in design for critical systems. Apart from protection, a step toward perfect security has taken by adding the feature of intruder detection along with the protection system. This is possible by merging various security systems with each other i.e password based security with keystroke dynamic, thumb impression with retina scan associated with the users. This new method is centrally based on user behavior and users related security system, which provides the robust security to the critical systems with intruder detection facilities.

  19. Security of fixed and wireless computer networks

    NARCIS (Netherlands)

    Verschuren, J.; Degen, A.J.G.; Veugen, P.J.M.

    2003-01-01

    A few decades ago, most computers were stand-alone machines: they were able to process information using their own resources. Later, computer systems were connected to each other enabling a computer system to exchange data with another computer and to use resources of another computer. With the coup

  20. Security of fixed and wireless computer networks

    NARCIS (Netherlands)

    Verschuren, J.; Degen, A.J.G.; Veugen, P.J.M.

    2003-01-01

    A few decades ago, most computers were stand-alone machines: they were able to process information using their own resources. Later, computer systems were connected to each other enabling a computer system to exchange data with another computer and to use resources of another computer. With the coup

  1. Secure Two-Party Computation with Low Communication

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Faust, Sebastian; Hazay, Carmit

    2011-01-01

    We propose a 2-party UC-secure computation protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly......-logarithmic in the size of the circuit. This implies, for instance, delegatable computation that requires no expensive off-line phase and remains secure even if the server learns whether the client accepts its results. To achieve this, we define a notion of extractable hash functions, propose an instantiation based...

  2. Ethical Responsibility Key to Computer Security.

    Science.gov (United States)

    Lynn, M. Stuart

    1989-01-01

    The pervasiveness of powerful computers and computer networks has raised the specter of new forms of abuse and of concomitant ethical issues. Blurred boundaries, hackers, the Computer Worm, ethical issues, and implications for academic institutions are discussed. (MLW)

  3. Measuring Human Performance within Computer Security Incident Response Teams

    Energy Technology Data Exchange (ETDEWEB)

    McClain, Jonathan T. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Silva, Austin Ray [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Avina, Glory Emmanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Forsythe, James C. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. These events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.

  4. A survey on top security threats in cloud computing

    Directory of Open Access Journals (Sweden)

    Muhammad Kazim

    2015-03-01

    Full Text Available Cloud computing enables the sharing of resources such as storage, network, applications and software through internet. Cloud users can lease multiple resources according to their requirements, and pay only for the services they use. However, despite all cloud benefits there are many security concerns related to hardware, virtualization, network, data and service providers that act as a significant barrier in the adoption of cloud in the IT industry. In this paper, we survey the top security concerns related to cloud computing. For each of these security threats we describe, i how it can be used to exploit cloud components and its effect on cloud entities such as providers and users, and ii the security solutions that must be taken to prevent these threats. These solutions include the security techniques from existing literature as well as the best security practices that must be followed by cloud administrators.

  5. Computer Security: Cryptography and authentication (2/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Remi Mollon studied computer security at University and he first worked on Grids, with the EGEE project, for a French Bioinformatics institute. Information security being crucial in that field, he developed an encrypted file management system on top of Grid middleware, and he contributed in integrating legacy applications with Grids. Then, he was hired by CERN as a Grid Data Management developer, and he joined the Grid Operational Security Coordination Team. Remi has now moved to CERN Computer Security Team. Remi is involved in the daily security operations, in addition to be responsible to design Team's computer infrastructure, and to participate to several projects, like multi-factor authentication at CERN. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have s...

  6. Analysis on Cloud Computing Information Security Problems and the Countermeasures

    Institute of Scientific and Technical Information of China (English)

    2012-01-01

    Cloud computing is one of the most popular terms in the present IT industry, as well as one of the most prosperous technology. This paper introduces the concept, principle and characteristics of cloud computing, analyzes information security problems resulted from cloud computing, and puts forward corresponding solutions.

  7. Securing the Data Storage and Processing in Cloud Computing Environment

    Science.gov (United States)

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  8. Securing the Data Storage and Processing in Cloud Computing Environment

    Science.gov (United States)

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  9. A Novel Trusted Computing Model for Network Security Authentication

    Directory of Open Access Journals (Sweden)

    Ling Xing

    2014-02-01

    Full Text Available Network information poses great threats from malicious attacks due to the openness and virtuality of network structure. Traditional methods to ensure infor- mation security may fail when both integrity and source authentication for information are required. Based on the security of data broadcast channel, a novel Trusted Com- puting Model (TCM of network security authentication is proposed to enhance the security of network information. In this model, a method of Uniform content locator security Digital Certificate (UDC, which is capable of fully and uniquely index network information, is developed. Standard of MPEG-2 Transport Streams (TS is adopted to pack UDC data. Additionally, a UDC hashing algorithm (UHA512 is designed to compute the integrity and security of data infor- mation . Experimental results show that the proposed model is feasible and effective to network security authentication. 

  10. Permanently Secure Quantum Bit Commitment from a Temporary Computation Bound

    CERN Document Server

    Kent, A

    1997-01-01

    Alice is a private citizen whose computational resources are modest. Bob represents a large organisation at the forefront of computational and cryptological research. Bob's computational and cryptanalytic power is unknown to Alice, but Bob can confidently estimate a bound on Alice's ability to carry out a computation that would break a classical bit commitment. Alice wishes to commit a bit to Bob. She requires that he will never be able to decode it unless she chooses to reveal it, but also that if she does he will be confident that her commitment was genuine. We describe here a simple quantum bit commitment scheme which satisfies these criteria. By iterating the scheme, we obtain quantum bit commitment schemes which allow either Alice or Bob to commit bits to the other. These schemes do not contradict Mayers' and Lo and Chau's no-go results: they rely on a temporary computability bound. However, they are permanently secure against cheating by either party, provided only that Alice was not able to break Bob's...

  11. [Biological research and security institutes].

    Science.gov (United States)

    Darsie, G; Falczuk, A J; Bergmann, I E

    2006-04-01

    The threat of using biological material for ago-bioterrorist ends has risen in recent years, which means that research and diagnostic laboratories, biological agent banks and other institutions authorised to carry out scientific activities have had to implement biosafety and biosecurity measures to counter the threat, while carrying out activities to help prevent and monitor the accidental or intentional introduction of exotic animal diseases. This article briefly sets outthe basic components of biosafety and biosecurity, as well as recommendations on organisational strategies to consider in laboratories that support agro-bioterrorist surveillance and prevention programs.

  12. Current research directions definition of economic security

    Directory of Open Access Journals (Sweden)

    Anna Falovych

    2013-05-01

    Full Text Available The article features the topical issue of the established level of the enterprise's economic security. The objective of this article is to research, to base and to supplement the tendency for generalization of the categorical system in order to clarify the matter meaning of the enterprise's economic security. The systematized analyses of the matter meaning of the enterprise's economic security were done by domestic and foreign scientists-economists. The results of the study were expounded and also some vital approaches to the definition of the enterprise's economic security were presented and proved particularly: strategically, resource-functional, marketable, combined, deductive, systematic and criminal.Based on the analyzed content-conceptual interpretations and detailed characteristics of each approach to the definition of this meaning, there was proposed its own meaning of the interpretation of the enterprise's economic security. A systematic approach was adopted due to the matters concerning enterprise's economic security. As in this approach the vital economic interests of thee enterprise were stipulated, also gained the topicality in the current crisis economic conditions

  13. Prerequisites for building a computer security incident response capability

    CSIR Research Space (South Africa)

    Mooi, M

    2015-08-01

    Full Text Available There are a number of considerations before one can commence with establishing a Computer Security Incident Response Team (CSIRT). This paper presents the results of a structured literature review investigating the business requirements...

  14. 基于加密机制的云计算数据可靠存储方案研究%Research on the Secure Storage Scheme of Cloud Computing Based on Encryption Mechanism

    Institute of Scientific and Technical Information of China (English)

    赵莉; 王魁祎

    2014-01-01

    为了克服因收发双方都使用同样钥匙导致的其安全性不高等缺点,引入深度加密机制,与AES ( Advanced Encryption Standard)算法耦合,设计了基于双级加密的云计算数据可靠存储方案。先采用AES对用户数据客户端进行对称加密,到达云资源管理器后,采用分布式重组的方法进行深度加密,构造了“初级-深度”双级加密的云计算数据可靠存储结构,并完成了基于加密的云计算数据安全存储加密和解密操作流程。借助Eclipse与Java语言,建立了云计算安全模块。结果表明:该系统的加密效率高,拥有较高的安全性且界面操作简单。%In order to overcome the defects such as low security resulting by both using the same key for sending and receiving, the depth encryption mechanism was introduced, and taking it coupling the AES algorithm to propose the secure storage system of cloud computation based on the encryption mechanism. Basing on the analysis of previous research on the security of cloud storage, the symmetric encryption for the user data was used in the client, when the data reached the cloud resource management device, the method of distributed restructuring was used to operate depth encryption;and the security storage structure of “initial encryption-depth encryption” was constructed; and then the encryption and decryption process of data safety storage was finished. Based on the eclipse simulation platform, the de-sign and implementation were done for the cloud computing security module. The results showed that the encryption ef-ficiency and security of this system was high and simple interface.

  15. Effective Ways of Secure Private and Trusted Cloud Computing

    Directory of Open Access Journals (Sweden)

    Pardeep Kumar

    2011-05-01

    Full Text Available Cloud computing is an Internet-based computing, where shared resources, software and information, are provided to computers and devices on-demand. It provides people the way to share distributed resources and services that belong to different organization. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. In this paper we assess how can cloud providers earn their customers' trust and provide the security, privacy and reliability, when a third party is processing sensitive data in a remote machine located in various countries? A concept of utility cloud has been represented to provide the various services to the users. Emerging technologies can help address the challenges of Security, Privacy and Trust in cloud computing.

  16. A Compendium Over Cloud Computing Cryptographic Algorithms and Security Issues

    Directory of Open Access Journals (Sweden)

    Neha Mishra

    2015-01-01

    Full Text Available Cloud computing is an emerging and revolutionary approach towards the computing and becoming more risk prone than ever before. It is an evolutionary approach of using resources and services on demand and as per need of consumers. Cloud computing providing a platform rose on the Internet for usage of IT services and flexible infrastructure to the consumers and business. Deployment and management of services or resources are maintained by the third party. Whereas there are innumerable advantages to approaching the cloud computing, it also contains various issues such as confidentiality, Integrity, Authenticity and Privacy. One of the prominent barrier to adopt the cloud computing is security. This paper comprises the elaborated study on various security issues allied to cloud computing are presented by consolidating literature reviews on cryptographic algorithms used for data security.

  17. An Information Security Education Initiative for Engineering and Computer Science

    Science.gov (United States)

    2007-11-02

    Security Problem" by the National Research Council in its book, Cryptog- raphy’s Role in Securing the Information Society , [40]. Today’s information age...skills appropriate to each role in the " information society " must be identified. There is a need for technical literacy among decision makers within...Science and National Research Council Telecommunications Board. Cryptography’s Role in Securing the Information Society . National Academy Press, 1996. [41

  18. What then do we do about computer security?

    Energy Technology Data Exchange (ETDEWEB)

    Suppona, Roger A.; Mayo, Jackson R.; Davis, Christopher Edward; Berg, Michael J.; Wyss, Gregory Dane

    2012-01-01

    This report presents the answers that an informal and unfunded group at SNL provided for questions concerning computer security posed by Jim Gosler, Sandia Fellow (00002). The primary purpose of this report is to record our current answers; hopefully those answers will turn out to be answers indeed. The group was formed in November 2010. In November 2010 Jim Gosler, Sandia Fellow, asked several of us several pointed questions about computer security metrics. Never mind that some of the best minds in the field have been trying to crack this nut without success for decades. Jim asked Campbell to lead an informal and unfunded group to answer the questions. With time Jim invited several more Sandians to join in. We met a number of times both with Jim and without him. At Jim's direction we contacted a number of people outside Sandia who Jim thought could help. For example, we interacted with IBM's T.J. Watson Research Center and held a one-day, videoconference workshop with them on the questions.

  19. Research on Comparison of Cloud Computing and Grid Computing

    OpenAIRE

    Liu Yuxi; Wang Jianhua

    2012-01-01

    The development of computer industry is promoted by the progress of distributed computing, parallel computing and grid computing, so the cloud computing movement rises. This study describes the types of cloud computing services, the similarities and differences of cloud computing and grid computing, meanwhile discusses the better aspect of cloud computing than grid computing, and refers the common problems faced to the both computing, and some security issues.

  20. Computer Security: Bye, Bye, Windows XP security... Welcome infections!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Rest in peace, Windows XP. Since your birth on 25 October 2001, you have struggled hard to survive this harsh Internet world. You fell prey to “Melissa”, “Sasser” and “Conficker”, and brought CERN its last large-scale infection with “Blaster” in 2004.    After being upgraded to “SP2”, you discovered software development lifecycles, regular “Patch Tuesdays” and a local firewall that rejected everything by default. In the end, you outlived your weird brother “Vista” and survived as the ugly duckling cousin to the beautiful Mr. Mac. But all your ups and downs are over now. On 8 April 2014, you were given your very last security updates. These life-sustaining measures will be stopped now. Game over. From now on, you are a zombie: presumed dead, but still kept running by your master/owner/user. They might not even understand that you now pose a risk ...

  1. Application of Intelligent Data Mining Approach in Securing the Cloud Computing

    Directory of Open Access Journals (Sweden)

    Hanna M. Said

    2016-09-01

    Full Text Available Cloud computing is a modern term refers to a model for emerging computing, where it is possible to use machines in large data centers for delivering services in a scalable manner, so corporations has become in need for large scale inexpensive computing. Recently, several governments have begun to utilize cloud computing architectures, applications and platforms for meeting the needs of their constituents and delivering services. Security occupies the first rank of obstacles that face cloud computing for governmental agencies and businesses. Cloud computing is surrounded by many risks that may have major effects on services and information supported via this technology. Also, Cloud Computing is one of the promising technology in which the scientific community has recently encountered. Cloud computing is related to other research areas such as distributed and grid computing, Service-Oriented Architecture, and virtualization, as cloud computing inherited their limitations and advancements. It is possible to exploit new opportunities for security. This paper aim is to discuss and analyze how achieve mitigation for cloud computing security risks as a basic step towards obtaining secure and safe environment for cloud computing. The results showed that, Using a simple decision tree model Chaid algorithm security rating for classifying approach is a robust technique that enables the decision-maker to measure the extent of cloud securing, and the provided services. It was proved throughout this paper that policies, standards, and controls are critical in management process to safeguard and protect the systems as well as data. The management process should analyze and understand cloud computing risks for protecting systems and data from security exploits

  2. Maritime Cyber Security University Research: Phase 1

    Science.gov (United States)

    2016-05-01

    the global economy . The vulnerabilities associated with reliance on digital systems in the maritime environment must be continuously examined. System...2016 TABLE OF CONTENTS   APPENDIX A.  INFORMATION SHARING FOR MARITIME CYBER RISK MANAGEMENT...al. Public | May 2016 APPENDIX A. INFORMATION SHARING FOR MARITIME CYBER RISK MANAGEMENT Maritime Cyber Security University Research

  3. Security prospects through cloud computing by adopting multiple clouds

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Bohli, Jens Matthias

    2011-01-01

    Clouds impose new security challenges, which are amongst the biggest obstacles when considering the usage of cloud services. This triggered a lot of research activities in this direction, resulting in a quantity of proposals targeting the various security threats. Besides the security issues coming...... with the cloud paradigm, it can also provide a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the same time....

  4. Security prospects through cloud computing by adopting multiple clouds

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Bohli, Jens Matthias

    2011-01-01

    Clouds impose new security challenges, which are amongst the biggest obstacles when considering the usage of cloud services. This triggered a lot of research activities in this direction, resulting in a quantity of proposals targeting the various security threats. Besides the security issues coming...... with the cloud paradigm, it can also provide a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the same time...

  5. 大数据与云计算环境下个人信息安全协同保护研究%Research on Collaborative Protection of Personal Information Security Under Big Data and Cloud Computing Environment

    Institute of Scientific and Technical Information of China (English)

    张新刚; 于波; 程新党; 王保平

    2016-01-01

    大数据与云计算环境下,个人信息安全问题越来越受到人们的重视。首先阐述了我国个人信息安全保护存在的问题,分析了其成因,接着介绍了国外个人信息安全保护的典型经验和做法,最后从管理机制、法律体系、技术研发、监管自律、人才队伍、宣传教育等六个方面提出了构建个人信息安全立体协同保护体系的方案。%The problem of personal information security under big data and cloud computing environment aroused widespread concern today. Start by describing the existed problems of personal information security protection and its causes in China, the paper introduces typical foreign experiences and practices, and then proposes collaborative protection scheme of establishing ste-reo personal information security, which are formed on aspects of administrative mechanism, legal system, technology research and development, supervision and self-discipline, talent team and publicity education.

  6. An overview of computer viruses in a research environment

    Science.gov (United States)

    Bishop, Matt

    1991-01-01

    The threat of attack by computer viruses is in reality a very small part of a much more general threat, specifically threats aimed at subverting computer security. Here, computer viruses are examined as a malicious logic in a research and development environment. A relation is drawn between the viruses and various models of security and integrity. Current research techniques aimed at controlling the threats posed to computer systems by threatening viruses in particular and malicious logic in general are examined. Finally, a brief examination of the vulnerabilities of research and development systems that malicious logic and computer viruses may exploit is undertaken.

  7. Auditing cloud computing a security and privacy guide

    CERN Document Server

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  8. Cloud Computing Security Latest Issues amp Countermeasures

    OpenAIRE

    Shelveen Pandey; Mohammed Farik

    2015-01-01

    Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shar...

  9. Secure Two-Party Computation with Low Communication

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Kölker, Jonas; Faust, Sebastian

    2012-01-01

    We propose a 2-party UC-secure protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic in the size...... of the circuit. This implies, for instance, delegatable computation that requires no expensive off-line phase and remains secure even if the server learns whether the client accepts its results. To achieve this, we define two new notions of extractable hash functions, propose an instantiation based...

  10. Strategies for safeguarding security of mobile computing.

    Science.gov (United States)

    Green, Hays

    2013-02-01

    An effective mobile health strategy should comprise, in the very least, six key steps: Conduct a mobile security risk assessment. Establish policies and procedures. Develop a training program. Implement measures to prevent unauthorized access. Perform a clinical workflow analysis. Establish the organization's approach for responding to a breach.

  11. Collaboration using roles. [in computer network security

    Science.gov (United States)

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  12. Computer Science Research in India.

    Science.gov (United States)

    1995-10-07

    This paper begins with a discussion of the nature of Computer Science Research in India. The type of institutions in which Computer Science research...Finally we study the influence on Indian Computer Science research of the phenomenal growth in exports by the Indian software industry and the arrival

  13. An Australian Perspective On The Challenges For Computer And Network Security For Novice End-Users

    Directory of Open Access Journals (Sweden)

    Patryk Szewczyk

    2012-12-01

    Full Text Available It is common for end-users to have difficulty in using computer or network security appropriately and thus have often been ridiculed when misinterpreting instructions or procedures. This discussion paper details the outcomes of research undertaken over the past six years on why security is overly complex for end-users. The results indicate that multiple issues may render end-users vulnerable to security threats and that there is no single solution to address these problems. Studies on a small group of senior citizens has shown that educational seminars can be beneficial in ensuring that simple security aspects are understood and used appropriately.

  14. OS friendly microprocessor architecture: Hardware level computer security

    Science.gov (United States)

    Jungwirth, Patrick; La Fratta, Patrick

    2016-05-01

    We present an introduction to the patented OS Friendly Microprocessor Architecture (OSFA) and hardware level computer security. Conventional microprocessors have not tried to balance hardware performance and OS performance at the same time. Conventional microprocessors have depended on the Operating System for computer security and information assurance. The goal of the OS Friendly Architecture is to provide a high performance and secure microprocessor and OS system. We are interested in cyber security, information technology (IT), and SCADA control professionals reviewing the hardware level security features. The OS Friendly Architecture is a switched set of cache memory banks in a pipeline configuration. For light-weight threads, the memory pipeline configuration provides near instantaneous context switching times. The pipelining and parallelism provided by the cache memory pipeline provides for background cache read and write operations while the microprocessor's execution pipeline is running instructions. The cache bank selection controllers provide arbitration to prevent the memory pipeline and microprocessor's execution pipeline from accessing the same cache bank at the same time. This separation allows the cache memory pages to transfer to and from level 1 (L1) caching while the microprocessor pipeline is executing instructions. Computer security operations are implemented in hardware. By extending Unix file permissions bits to each cache memory bank and memory address, the OSFA provides hardware level computer security.

  15. On Some Security Issues in Pervasive Computing - Light Weight Cryptography

    Directory of Open Access Journals (Sweden)

    Rukma Rekha N

    2012-02-01

    Full Text Available Pervasive Computing Environment is a world where technologies fadeout into the background. The technology is invisible to the user and he is least distracted by the technology. This paper tries to focus on the issues of pervasive computing and reveals the security issues in pervasive computing. We try to find out the role of light weight cryptography in pervasive computing and a comparison between traditional and light weight cryptographic approaches was made.

  16. Reviews on Security Issues and Challenges in Cloud Computing

    Science.gov (United States)

    An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

    2016-11-01

    Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

  17. Security Scheme and Its Application towards Vehicular Computing

    Directory of Open Access Journals (Sweden)

    Maria baby

    2014-04-01

    Full Text Available Cloud computing is a colloquial expression used to describe a variety of different types of computing that involves a large number of computers that are connected through real time communication network. Cloud computing is a ability to run a program on many connected computers at the same time. Another technology VANET uses moving car as nodes in a network to create a mobile network, allowing a car approximately 100 to 300 meters each other to connectand in turn, create a network with a wide range. Vehicular Computing is a similar toVANET, which have 2 types: infrastructure based VCand autonomous VC. This work is using infrastructure based VC; drivers will be able to access services by network communications involving the roadside infrastructure. Security challenges, which provides the most extensive analysis of the document in the public arena. Although security issues have received attention in cloud computing and vehicular network and identify security challenges that are specific to VCs. E.g.: challenges interface, tangled identifies and locations and the complexity of establishing trust relationships among multiple players caused by intermittent short- range communications. We provide a privacy and security in cloud computing in this paper for vehicular computing

  18. Computer Security: improve software, avoid blunder

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

  19. Guidelines for Security of Computer Applications

    Science.gov (United States)

    2007-11-02

    RUTHZ 77], [RUTHZ 78], [EDPAF 77], [ IIASA 77], [SGCCA 75B], [MAIRW 76] are effective in meeting all three security objectives; however, some are...and [ IIASA 77]. * Fields can be checked for: − legitimate characters (format checks), − proper sequences with respect to corresponding fields in...MAIRW 76], [JANCE 74], and [ IIASA 77] referenced above. * Integrated Test Facility (ITF). The ITF allows the performance of the application system

  20. Research progress in dynamic security assessment

    Energy Technology Data Exchange (ETDEWEB)

    1982-12-01

    Areas discussed are power system modeling, state estimation, structure decomposition, state forecasting, clustering and security measure development. A detailed dynamic model of a multi-machine power system has been developed. A process state estimator was developed to estimate the long-term dynamic behavior of the power system. The algorithm is identical to the extended Kalman filter but has a modified process noise driving term. A two-stage structure estimation technique was proposed for identifying the power system network configuration. Two approaches to structure decomposition were investigated. A time-scale decomposition of the system equations, based on a singular perturbation approach, was evaluated using a detailed model of a generating system. Spatial decomposition was examined by applying an optimal network decomposition technique to a 39-bus test system. Stochastic approximation based approaches to estimator simplification were examined. Explicit expressions were obtained for the evolution of the first and second moments of the system state. Research into security measures proceeded in three directions. The first area involves viewing the security assessment problem as a hyperplane crossing problem for a stochastic process. The second approach examined the stability of an unforced linear system where the system coefficients are subject to future jumps. The third area of research has led to the formulation of a security measure suitable for on-line assessment of transient stability.

  1. Information Security in the Age of Cloud Computing

    Science.gov (United States)

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  2. Information Security in the Age of Cloud Computing

    Science.gov (United States)

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  3. Security issues occur in Cloud Computing and there Solutions

    Directory of Open Access Journals (Sweden)

    Karamjit Singh

    2012-05-01

    Full Text Available Cloud computing is a recent advancement wherein IT infrastructure and applications are provided as “services” to end-users under a usage-based payment model. Many organizations, such as Google, Amazon, IBM and many others, accelerate their paces in developing Cloud computing systems and providing services to user with best affords but there phases many difficulties regarding securityproblem and users also afraid toward security of own data i.e. whether cloud providers able to maintain data integrity ,confidentiality as well as authentication. To resolve the security issues in cloud computing, this paper presents various solutions for different issues.

  4. A cancellable and fuzzy fingerprint scheme for mobile computing security

    Science.gov (United States)

    Yang, Wencheng; Xi, Kai; Li, Cai

    2012-09-01

    Fingerprint recognition provides an effective user authentication solution for mobile computing systems. However, as a fingerprint template protection scheme, fingerprint fuzzy vault is subject to cross-matching attacks, since the same finger might be registered for various applications. In this paper, we propose a fingerprint-based biometric security scheme named the cancellable and fuzzy fingerprint scheme, which combines a cancellable non-linear transformation with the client/server version of fuzzy vault, to address the cross-matching attack in a mobile computing system. Experimental results demonstrate that our scheme can provide reliable and secure protection to the mobile computing system while achieving an acceptable matching performance.

  5. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  6. Cloud Computing : Research Issues and Implications

    Directory of Open Access Journals (Sweden)

    Marupaka Rajenda Prasad

    2013-01-01

    Full Text Available Cloud computing is a rapidly developing and excellent promising technology. It has aroused the concern of the computer society of whole world. Cloud computing is Internet-based computing, whereby shared information, resources, and software, are provided to terminals and portable devices on-demand, like the energy grid. Cloud computing is the product of the combination of grid computing, distributed computing, parallel computing, and ubiquitous computing. It aims to build and forecast sophisticated service environment with powerful computing capabilities through an array of relatively low-cost computing entity, and using the advanced deployment models like SaaS (Software as a Service, PaaS (Platform as a Service, IaaS (Infrastructure as a Service,HaaS (Hardware as a Service to distribute the powerful computing capacity to end-users. This paper will explore the background and service models and also presents the existing research issues and implications in cloud computing such as security, reliability, privacy, and so on.

  7. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  8. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  9. Review of Cloud Computing Security%云计算安全研究综述

    Institute of Scientific and Technical Information of China (English)

    房晶; 吴昊; 白松林

    2011-01-01

    With the development of cloud computing, the security issues of cloud computing are being more and more focused.In this paper, some types of security-related problems and their solutions of cloud computing are being comprehensively analyzed. Firstly, this paper describes the architecture of cloud computing and then compares the difference of cloud computing socurity and the traditional security, focusing on the technology of cloud computing security, and finally elaborate the key research areas and results of current cloud computing security from the perspective of cloud computing standard organizations and products.%随着云计算的发展,云计算的安全问题越来越受到关注.本文将全面分析云计算中与安全有关的各类问题及其解决方案.文中首先介绍了云计算的体系架构,接着比较了云计算安全和传统安全的区别,重点介绍了云计算的安全技术,最后从云计算的标准组织和产品的角度阐述了现阶段云计算安全的重点研究领域和成果.

  10. Cloud Computing for Network Security Intrusion Detection System

    Directory of Open Access Journals (Sweden)

    Jin Yang

    2013-01-01

    Full Text Available In recent years, as a new distributed computing model, cloud computing has developed rapidly and become the focus of academia and industry. But now the security issue of cloud computing is a main critical problem of most enterprise customers faced. In the current network environment, that relying on a single terminal to check the Trojan virus is considered increasingly unreliable. This paper analyzes the characteristics of current cloud computing, and then proposes a comprehensive real-time network risk evaluation model for cloud computing based on the correspondence between the artificial immune system antibody and pathogen invasion intensity. The paper also combines assets evaluation system and network integration evaluation system, considering from the application layer, the host layer, network layer may be factors that affect the network risks. The experimental results show that this model improves the ability of intrusion detection and can support for the security of current cloud computing.

  11. FREQUENCY OPTIMIZATION FOR SECURITY MONITORING OF COMPUTER SYSTEMS

    Directory of Open Access Journals (Sweden)

    Вogatyrev V.A.

    2015-03-01

    Full Text Available The subject areas of the proposed research are monitoring facilities for protection of computer systems exposed to destructive attacks of accidental and malicious nature. The interval optimization model of test monitoring for the detection of hazardous states of security breach caused by destructive attacks is proposed. Optimization function is to maximize profit in case of requests servicing in conditions of uncertainty, and intensity variance of the destructive attacks including penalties when servicing of requests is in dangerous conditions. The vector task of system availability maximization and minimization of probabilities for its downtime and dangerous conditions is proposed to be reduced to the scalar optimization problem based on the criterion of profit maximization from information services (service of requests that integrates these private criteria. Optimization variants are considered with the definition of the averaged periodic activities of monitoring and adapting of these periods to the changes in the intensity of destructive attacks. Adaptation efficiency of the monitoring frequency to changes in the activity of the destructive attacks is shown. The proposed solutions can find their application for optimization of test monitoring intervals to detect hazardous conditions of security breach that makes it possible to increase the system effectiveness, and specifically, to maximize the expected profit from information services.

  12. Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

    Science.gov (United States)

    Caruso, Ronald D

    2003-01-01

    Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort.

  13. IT security risk management perceived it security risks in the context of cloud computing

    CERN Document Server

    Ackermann, Tobias

    2014-01-01

    This book provides a comprehensive conceptualization of perceived IT security risk in the Cloud Computing context that is based on six distinct risk dimensions grounded on a structured literature review, Q-sorting, expert interviews, and analysis of data collected from 356 organizations. Additionally, the effects of security risks on negative and positive attitudinal evaluations in IT executives' Cloud Computing adoption decisions are examined. The book's second part presents a mathematical risk quantification framework that can be used to support the IT risk management process of Cloud Comput

  14. Research on Computer network security management system%计算机内网安全管理系统研究

    Institute of Scientific and Technical Information of China (English)

    赵保华

    2014-01-01

    Based on the importance of network security management analysis, this paper P2DR theoretical model is proposed based on the internal network security management system design, internal network security manage-ment system involved in security policy, management support, policy enforcement, monitoring response audit of five aspects of the content of the analysis, and then choose a viable development tool for client programs and server pro-grams were designed to process such analysis, the final analysis of the communication structure of the message. Nothing herein may be related to the theoretical analysis of reference.%基于内网安全管理的重要性分析,本文在P2DR模型的理论基础上,提出了内部网络安全管理系统的设计方案,对内网安全管理系统所涉及的安全策略、管理支持、策略执行、监控响应、审计共5个环节的内容进行了分析,之后选择了可行的开发工具,对客户端程序以及服务器程序的流程等进行了设计分析,最后分析了通信消息的结构。本文所述内容可为相关的理论分析提供参考。

  15. Optimizing Security of Cloud Computing within the DoD

    Science.gov (United States)

    2010-12-01

    governmental use of cloud computing,” Government Information Quarterly , Vol. 27, Issue 3 (July 2010). 34 Frictionless registration processes. Frictionless...cloud computing,” Government Information Quarterly , Vol. 27, Issue 3 (July 2010). 347 Ibid. 348 Ibid. 65 impair availability for all users of...with governmental use of cloud computing,” Government Information Quarterly , Vol. 27, Issue 3 (July 2010) 354 Brunette and Mogull, “Security Guidance

  16. A Trust-Based Model for Security Cooperating in Vehicular Cloud Computing

    Directory of Open Access Journals (Sweden)

    Zhipeng Tang

    2016-01-01

    Full Text Available VCC is a computing paradigm which consists of vehicles cooperating with each other to realize a lot of practical applications, such as delivering packages. Security cooperation is a fundamental research topic in Vehicular Cloud Computing (VCC. Because of the existence of malicious vehicles, the security cooperation has become a challenging issue in VCC. In this paper, a trust-based model for security cooperating, named DBTEC, is proposed to promote vehicles’ security cooperation in VCC. DBTEC combines the indirect trust estimation in Public board and the direct trust estimation in Private board to compute the trust value of vehicles when choosing cooperative partners; a trustworthy cooperation path generating scheme is proposed to ensure the safety of cooperation and increase the cooperation completion rates in VCC. Extensive experiments show that our scheme improves the overall cooperation completion rates by 6~7%.

  17. Quality Function Deployment (QFD House of Quality for Strategic Planning of Computer Security of SMEs

    Directory of Open Access Journals (Sweden)

    Jorge A. Ruiz-Vanoye

    2013-01-01

    Full Text Available This article proposes to implement the Quality Function Deployment (QFD House of Quality for strategic planning of computer security for Small and Medium Enterprises (SME. The House of Quality (HoQ applied to computer security of SME is a framework to convert the security needs of corporate computing in a set of specifications to improve computer security.

  18. The New Trend of Security in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Xiangdong Li

    2012-12-01

    Full Text Available The use of services of cloud computing has been growing widely in industry, organizations and institutions recently, due to its tempting benefits, for example, the scalability, efficiency, flexibility and lower cost. The security issues have been studied and analyzed extensively. In order to understand the risk issues existing in today’s cloud, we discuss the new trend of security of cloud in this paper. The preventing methods are also discussed.

  19. Secure and Stability Practical Outsourcing in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Mr.V.Sudarshan

    2012-09-01

    Full Text Available Cloud computing has great potential of providing robust computational power to the society at reduced cost. It enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation. Treating the cloud as an intrinsically insecure computing platform from the viewpoint of the cloud customers, we must design mechanisms that not only protect sensitive information by enabling computations with encrypted data, but also protect customers from malicious behaviors by enabling the validation of the computation result. Such a mechanism of general secure computation outsourcing was recently shown to be feasible in theory, but to design mechanisms that are practically efficient remains a very challenging problem. Focusing on engineering computing and optimization tasks, this paper investigates secure outsourcing of widely applicable linear programming (LP computations. In order to achieve practical efficiency, our mechanism design explicitly decomposes the LP computation outsourcing into public LP solvers running on the cloud and private LP parameters owned by the customer. The resulting flexibility allows us to explore appropriate security efficiency tradeoff via higher-level abstraction of LP computations than the general circuit representation. In particular, by formulating private data owned by the customer for LP problem as a set of matrices and vectors, we are able to develop a set of efficient privacy-preserving problem transformation techniques, which allow customers to transform original LP problem into some arbitrary one

  20. Computer Security: the value of your password

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Of course, your passwords have a value to you as they allow you to access your computer and your Facebook page, to buy on Amazon, to create a Twitter feed, and to use a multitude of computing services provided by CERN. But have you ever thought of their value to the malicious people of this world?    With your account password, I can take over your computer. I can install software allowing me to enable your microphone and listen to your communications and what is happening around you as long as your computer is turned on. I can take regular screenshots and monitor you while you work. With that, I can try to determine your working habits, your online behaviour, the way you write e-mails… Useful, if I want to impersonate you believably (e.g. to attack CERN and the systems you are working on at CERN). What’s more, with access to your computer, I can install a keylogger to record your every keystroke – including when you type all your other passwords: ...

  1. Computer Security: in the name of CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    This summer, the American/Canadian dating website Ashley Madison was successfully compromised by a group of hackers (see here) who subsequently published tons of confidential information: addresses, dates of birth, e-mail addresses, ethnicities, genders, names, passwords, payment histories, phone numbers, security questions, sexual preferences, usernames and website activity.   Initially, these attackers blackmailed Ashley Madison and requested that the service be shut down. Later, however, they just made their stolen data public on the Internet. More than 30 million unique e-mail addresses – a hallelujah for miscreants. What can they do with this data? One possibility is blackmailing the people whose e-mail addresses were exposed by threatening to tell their spouses (“Pay me X bitcoins or I will tell your spouse that you are looking for a date!”). Another is targeting those people who have registered with their company e-...

  2. Complete Fairness in Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Gordon, S. Dov; Hazay, Carmit; Katz, Jonathan

    2011-01-01

    In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees, informa......In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees......, informally, that if one party receives its output, then the other party does too. Cleve [1986] showed that complete fairness cannot be achieved in general without an honest majority. Since then, the accepted folklore has been that nothing non-trivial can be computed with complete fairness in the two......-party setting. We demonstrate that this folklore belief is false by showing completely fair protocols for various nontrivial functions in the two-party setting based on standard cryptographic assumptions. We first show feasibility of obtaining complete fairness when computing any function over polynomial...

  3. SecureMed: Secure Medical Computation using GPU-Accelerated Homomorphic Encryption Scheme.

    Science.gov (United States)

    Khedr, Alhassan; Gulak, Glenn

    2017-01-23

    Sharing the medical records of individuals among healthcare providers and researchers around the world can accelerate advances in medical research. While the idea seems increasingly practical due to cloud data services, maintaining patient privacy is of paramount importance. Standard encryption algorithms help protect sensitive data from outside attackers but they cannot be used to compute on this sensitive data while being encrypted. Homomorphic Encryption (HE) presents a very useful tool that can compute on encrypted data without the need to decrypt it. In this work, we describe an optimized NTRUbased implementation of the GSW homomorphic encryption scheme. Our results show a factor of 58 × improvement in CPU performance compared to other recent work on encrypted medical data under the same security settings. Our system is built to be easily portable to GPUs resulting in an additional speedup of up to a factor of 104 × (and 410 × ) to offer an overall speedup of 6085 × (and 24011 × ) using a single GPU (or four GPUs), respectively.

  4. 云计算关键技术之云安全问题认知研究%Research on the cognition of cloud security issues-one of the key technology of cloud computing

    Institute of Scientific and Technical Information of China (English)

    龚强

    2014-01-01

    云计算面临的最大挑战是安全问题。云计算应用的无边界性、流动性等特点,较之传统的IT模式有很大差异。在云计算环境下,服务方式发生变化,安全的责任主体也发生了根本改变。作为云计算服务提供商,需要建立安全的云计算平台,为云安全服务提供保障;同时,服务一定是开放的、安全的,要保护云用户敏感信息的安全。整合桌面安全管理技术是行之有效的。云安全应用研究主要是从云计算平台系统安全和网络安全设备、安全基础设施的“云化”突破。%The security issue is the biggest challenge for cloud computing .There is a great difference between the characteristics of cloud computing applications including unboundedness and liquidity etc . and the traditional IT model .In the cloud computing environment , service method has changed ,the main responsibility for safety has also undergone a fundamental change .As cloud computing service providers , they need to establish safe cloud computing platform and provide guarantee for cloud security service ;meanwhile , the service must be open and safe to protect the security of cloud users ’ sensitive information.Integrating desktop security management technology is effective .This paper can make breakthrough from the system security of cloud computing platform and the “cloud” of network security equipment and security infrastructure .

  5. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    Science.gov (United States)

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  6. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    Energy Technology Data Exchange (ETDEWEB)

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  7. Legal, privacy, security, access and regulatory issues in cloud computing

    CSIR Research Space (South Africa)

    Dlodlo, N

    2011-04-01

    Full Text Available around the issues of policy interventions, standards, privacy and data protection, traffic and congestion management, business continuity planning, security and regulation. This research is an advancement of knowledge in that field and is meant...

  8. Computer Security: downloading films is no peccadillo

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Dear Summer Students, within the Organization, you have many possibilities to pursue your natural curiosity and acquire as much new knowledge as you can siphon into your brain. CERN provides you with the academic freedom to do so, with almost no limitations. But hold on: “free” and “no limitations” don’t mean that you can do whatever you want…   Please note that, when using CERN’s computing facilities, when sending e-mails from your CERN e-mail address, when using your laptop/smartphone/computer, you must follow a basic framework of rules, the CERN Computing Rules. I would like to focus on one particular aspect of those rules: that of accessing music, videos, films or computer games from popular websites like ThePirateBay or using Bittorrent.  CERN has an awesome connection to the Internet, lots of bandwidth and a high capacity for web downloads. However, this does not mean that downloading music, videos...

  9. Secure cloud computing: benefits, risks and controls

    CSIR Research Space (South Africa)

    Carroll, M

    2011-08-01

    Full Text Available Services - New Market Report Published. Available: http://www.companiesandmarkets.com/r.ashx?id=41AETZYHJ28917 3&prk=ecb8413c602cb89051067456b636c7b9 [4] I. Berger. (2010, 6 May 2010). Keeping Cloud Computing's Prospects Safe and Sunny. Available...

  10. The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)

    Science.gov (United States)

    Clarke, Marlon

    2011-01-01

    As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors…

  11. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2017-01-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

  12. NASA's computer science research program

    Science.gov (United States)

    Larsen, R. L.

    1983-01-01

    Following a major assessment of NASA's computing technology needs, a new program of computer science research has been initiated by the Agency. The program includes work in concurrent processing, management of large scale scientific databases, software engineering, reliable computing, and artificial intelligence. The program is driven by applications requirements in computational fluid dynamics, image processing, sensor data management, real-time mission control and autonomous systems. It consists of university research, in-house NASA research, and NASA's Research Institute for Advanced Computer Science (RIACS) and Institute for Computer Applications in Science and Engineering (ICASE). The overall goal is to provide the technical foundation within NASA to exploit advancing computing technology in aerospace applications.

  13. Addressing Security Challenges in Pervasive Computing Applications

    Science.gov (United States)

    2010-10-10

    Conference on Engineering of Complex Computer Systems, Auckland, New Zealand, July 2007. 5. Kyriakos Anastasakis, Behzad Bordbar, Geri Georg and...tending Database Technology, Saint-Petersburg, Russia, March 2009. 24. Geri Georg, Indrakshi Ray, Kyriakos Anastasakis, Behzad Bordbar, Manachai...and Behzad Bor- dbar, "Ensuring Spatio-Temporal Access Control for Real-World Applications", Proceed- ings of the 14 th ACM Symposium on Access

  14. Privacy-preserving microbiome analysis using secure computation.

    Science.gov (United States)

    Wagner, Justin; Paulson, Joseph N; Wang, Xiao; Bhattacharjee, Bobby; Corrada Bravo, Héctor

    2016-06-15

    Developing targeted therapeutics and identifying biomarkers relies on large amounts of research participant data. Beyond human DNA, scientists now investigate the DNA of micro-organisms inhabiting the human body. Recent work shows that an individual's collection of microbial DNA consistently identifies that person and could be used to link a real-world identity to a sensitive attribute in a research dataset. Unfortunately, the current suite of DNA-specific privacy-preserving analysis tools does not meet the requirements for microbiome sequencing studies. To address privacy concerns around microbiome sequencing, we implement metagenomic analyses using secure computation. Our implementation allows comparative analysis over combined data without revealing the feature counts for any individual sample. We focus on three analyses and perform an evaluation on datasets currently used by the microbiome research community. We use our implementation to simulate sharing data between four policy-domains. Additionally, we describe an application of our implementation for patients to combine data that allows drug developers to query against and compensate patients for the analysis. The software is freely available for download at: http://cbcb.umd.edu/∼hcorrada/projects/secureseq.html Supplementary data are available at Bioinformatics online. hcorrada@umiacs.umd.edu. © The Author 2016. Published by Oxford University Press.

  15. Computer Security: posting and mis-posting

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    This is what can happen at CERN if you don't lock your computer screen...   “Hi, I am looking for a partner either male or female to attend salsa lessons. I have a great body and enjoy rubbing it against other people on the dance floor. I would consider dinner after with the right person. If you think you can keep up with me and enjoy getting sweaty send me a reply. Stay sexy…” This is the original text of a recent posting on the CERN Market webpage. Some people might find this appealing, some people think this is funny. Personally, I couldn’t care less. But professionally, we had to follow up as this text can be perceived as inappropriate and, thus, in violation of the Terms of Usage of the CERN Market as well as the CERN Computing Rules and its annex on private usage of the CERN computing facilities. We remind you that the CERN Market is a public website that can be used by people within but also outside CERN. All posts are visible world...

  16. Research on cloud computing solutions

    Directory of Open Access Journals (Sweden)

    Liudvikas Kaklauskas

    2015-07-01

    Full Text Available Cloud computing can be defined as a new style of computing in which dynamically scala-ble and often virtualized resources are provided as a services over the Internet. Advantages of the cloud computing technology include cost savings, high availability, and easy scalability. Voas and Zhang adapted six phases of computing paradigms, from dummy termi-nals/mainframes, to PCs, networking computing, to grid and cloud computing. There are four types of cloud computing: public cloud, private cloud, hybrid cloud and community. The most common and well-known deployment model is Public Cloud. A Private Cloud is suited for sensitive data, where the customer is dependent on a certain degree of security.According to the different types of services offered, cloud computing can be considered to consist of three layers (services models: IaaS (infrastructure as a service, PaaS (platform as a service, SaaS (software as a service. Main cloud computing solutions: web applications, data hosting, virtualization, database clusters and terminal services. The advantage of cloud com-puting is the ability to virtualize and share resources among different applications with the objective for better server utilization and without a clustering solution, a service may fail at the moment the server crashes.DOI: 10.15181/csat.v2i2.914

  17. Computer Security: Our life in symbiosis*

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2014-01-01

    Do you recall our Bulletin articles on control system cyber-security (“Hacking control systems, switching lights off!” and “Hacking control systems, switching... accelerators off?”) from early 2013? Let me shed some light on this issue from a completely different perspective.   I was raised in Europe during the 80s. With all the conveniences of a modern city, my environment made me a cyborg - a human entangled with technology - supported but also dependent on software and hardware. Since my childhood, I have eaten food packaged by machines and shipped through a sophisticated network of ships and lorries, keeping it fresh or frozen until it arrives in supermarkets. I heat my house with the magic of nuclear energy provided to me via a complicated electrical network. In fact, many of the amenities and gadgets I use are based on electricity and I just need to tap a power socket. When on vacation, I travel by taxi, train and airplane. And I enjoy the beautifu...

  18. Computer Security: what is your identity?

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    In the physical world this is fairly clear; your sense of self is multi-faceted and highly complex but the entity of “you” is well defined.  You can prove your identity simply, typically by showing your ID card or by having someone vouch for you. You are a being layered with attributes. Other people may request some of these attributes: your first name at Starbucks or your shoe size at the bowling alley. But only your most trusted contacts are granted access to your entire set of attributes… or maybe you never expose your identity entirely!   Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for ea...

  19. Developing on-demand secure high-performance computing services for biomedical data analytics.

    Science.gov (United States)

    Robison, Nicholas; Anderson, Nick

    2013-01-01

    We propose a technical and process model to support biomedical researchers requiring on-demand high performance computing on potentially sensitive medical datasets. Our approach describes the use of cost-effective, secure and scalable techniques for processing medical information via protected and encrypted computing clusters within a model High Performance Computing (HPC) environment. The process model supports an investigator defined data analytics platform capable of accepting secure data migration from local clinical research data silos into a dedicated analytic environment, and secure environment cleanup upon completion. We define metrics to support the evaluation of this pilot model through performance and stability tests, and describe evaluation of its suitability towards enabling rapid deployment by individual investigators.

  20. Computer Security: When a person leaves - access rights remain!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    We have been contacted recently by an embarrassed project manager who just figured out that a student who left at the end of 2013 still had access rights to read the whole project folder in February 2014: “How can that be?! In any other company, access rights would be purged at the same time as an employment contract terminates." Not so at CERN.   CERN has always been an open site with an open community. Physical access to the site is lightweight and you just need to have your CERN access card at hand. Further restrictions have only been put in place where safety or security really require them, and CERN does not require you to keep your access card on display. The same holds for the digital world. Once registered at CERN - either by contract, via your experiment or through the Users' office - you own a computing account that provides you with access to a wide variety of computing services. For example, last year 9,730 students/technicians/engineers/researchers/sta...

  1. 计算机网络安全技术%Security Technologies of Computer Network

    Institute of Scientific and Technical Information of China (English)

    罗明宇; 卢锡城; 卢泽新; 韩亚欣

    2000-01-01

    With the development of computer network,requirements of computer network security have been more and more urgent. In tills paper, goals of network security are reviewed. Several network attack methods,such as interruption,interception, modification, fabrication,are studied. Network security technologies,such as security mechan!sm,encryption,security detection,firewall,were discussed.

  2. Patterns of Behavior-based Computer Security Strategy Research%基于行为模式的计算机安全策略研究

    Institute of Scientific and Technical Information of China (English)

    张会彦; 马宗亚; 张慧娟

    2013-01-01

      This paper aims at studying the behavior patterns of the virus, by an act that prevents the main virus database into behavior libraries, and the behavior patterns implementing the control, taking advantage of the total and ultimate realization of the Information Security, behavior patterns, by which method can achieve the goal of reducing the hardware and software upgrade effectively,real-time tracking of patterns of behavior, and gradually set the level of security and detection of virus in a variety of attacks, the utilizing of current artificial intelligent technology, effective monitoring of the behavior of the virus, and thus the implementation of auto-immune%  文章的目的就是研究病毒的行为模式,通过行为防范为主,把病毒库变成行为库,利用行为模式来实施控制,最终实现信息安全,通过行为模式进行方法能够有效的减少软硬件的升级工作,根据对行为模式的实时跟踪,逐步设定安全等级并且检测病毒的各种攻击行为,利用当前人工智能技术,对病毒行为进行有效监控,从而实施自动免疫。

  3. Engineering Secure Two-Party Computation Protocols Design, Optimization, and Applications of Efficient Secure Function Evaluation

    CERN Document Server

    Schneider, Thomas

    2012-01-01

    Secure two-party computation, called secure function evaluation (SFE), enables two mutually mistrusting parties, the client and server, to evaluate an arbitrary function on their respective private inputs while revealing nothing but the result. Originally the technique was considered to be too inefficient for practical privacy-preserving applications, but in recent years rapid speed-up in computers and communication networks, algorithmic improvements, automatic generation, and optimizations have enabled their application in many scenarios. The author offers an extensive overview of the most pr

  4. Computer Security: DNS to the rescue!

    CERN Document Server

    Stefan Lueders, Computer Security Team

    2016-01-01

    Why you should be grateful to the Domain Name System at CERN.   Incidents involving so-called “drive-by” infections and “ransomware” are on the rise. Whilst an up-to-date and fully patched operating system is essential; whilst running anti-virus software with current virus signature files is a must; whilst “stop --- think --- don’t click” surely helps, we can still go one step further in better protecting your computers: DNS to the rescue. The DNS, short for Domain Name System, translates the web address you want to visit (like “http://cern.ch”) to a machine-readable format (the IP address, here: “188.184.9.234”). For years, we have automatically monitored the DNS translation requests made by your favourite web browser (actually by your operating system, but that doesn’t matter here), and we have automatically informed you if your computer tried to access a website known to hos...

  5. Privacy, security, and the public health researcher in the era of electronic health record research.

    Science.gov (United States)

    Goldstein, Neal D; Sarwate, Anand D

    2016-01-01

    Health data derived from electronic health records are increasingly utilized in large-scale population health analyses. Going hand in hand with this increase in data is an increasing number of data breaches. Ensuring privacy and security of these data is a shared responsibility between the public health researcher, collaborators, and their institutions. In this article, we review the requirements of data privacy and security and discuss epidemiologic implications of emerging technologies from the computer science community that can be used for health data. In order to ensure that our needs as researchers are captured in these technologies, we must engage in the dialogue surrounding the development of these tools.

  6. Computer Security: Hacking CERN - a win-win for all

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    The first round of the CERN WhiteHat Challenge has finished (see here). At the end of March, CERN was "attacked" by a dozen students from the St. Pölten University of Applied Sciences, Austria.   These attacks were part of their Master's degree in computer science and computer security, where they study penetration testing and vulnerability scanning, i.e. finding weaknesses in computing systems: techniques, tools, approaches and ethics. Usually, such studies are done against mock-ups like “Google Gruyere”, the “Damn Vulnerable Web Application” or OWASP’s “WebGoat” and “Hackademic”. However, while those mock-ups are in principle useful, they rarely resemble the operational reality of the Internet. CERN has offered computer security professors an alternative: the opportunity to use CERN’s web-ecosystem and all other systems open to th...

  7. Security considerations and recommendations in computer-based testing.

    Science.gov (United States)

    Al-Saleem, Saleh M; Ullah, Hanif

    2014-01-01

    Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT). However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password) in order to check the identity and authenticity of the examinee.

  8. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions ...

  9. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  10. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Center. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour training aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  11. Academic Information Security Researchers: Hackers or Specialists?

    Science.gov (United States)

    Dadkhah, Mehdi; Lagzian, Mohammad; Borchardt, Glenn

    2017-04-10

    In this opinion piece, we present a synopsis of our findings from the last 2 years concerning cyber-attacks on web-based academia. We also present some of problems that we have faced and try to resolve any misunderstandings about our work. We are academic information security specialists, not hackers. Finally, we present a brief overview of our methods for detecting cyber fraud in an attempt to present general guidelines for researchers who would like to continue our work. We believe that our work is necessary for protecting the integrity of scholarly publishing against emerging cybercrime.

  12. A Novel Cloud Computing Algorithm of Security and Privacy

    OpenAIRE

    Chih-Yung Chen; Jih-Fu Tu

    2013-01-01

    The emergence of cloud computing has simplified the flow of large-scale deployment distributed system of software suppliers; when issuing respective application programs in a sharing clouds service to different user, the management of material becomes more complex. Therefore, in multitype clouds service of trust environment, when enterprises face cloud computing, what most worries is the issue of security, but individual users are worried whether the privacy material will have an outflow risk...

  13. Computer virus security in the Department of the Navy

    OpenAIRE

    Salters, Michael Jerome

    1992-01-01

    Approved for public release; distribution is unlimited This thesis discusses the growing threat of computer viruses and their impact on Automated Information Systems. In particular, it attempts to show a need to establish sound security programs that properly address computer viruses. A major area of the thesis focuses on current guidance by the Department of Defense and the Department of the Navy and provides recommendation for an effective Navy organization to effectively ...

  14. Computer Security: How to succeed in software deployment

    CERN Multimedia

    Computer Security Team

    2014-01-01

    The summer student period has ended and we would like to congratulate all those who successfully accomplished their project! In particular, well done to those who managed to develop and deploy sophisticated web applications in the short summer season. Unfortunately, not all web applications made the final cut, moved into production and became visible on the Internet. We had to reject some... let me explain why.   Making a web application visible on the Internet requires an opening in the CERN outer perimeter firewall. Such a request is usually made through the CERN WebReq web interface. As standard procedure, the CERN Computer Security team reviews every request and performs a security assessment. This is where you, your supervisee and the Computer Security team all start to get frustrated. Many summer students delivered awesome web applications with great new functions and a good “look and feel” following precise use cases, using modern web technologies, dashboards, integr...

  15. Secure Genomic Computation through Site-Wise Encryption.

    Science.gov (United States)

    Zhao, Yongan; Wang, XiaoFeng; Tang, Haixu

    2015-01-01

    Commercial clouds provide on-demand IT services for big-data analysis, which have become an attractive option for users who have no access to comparable infrastructure. However, utilizing these services for human genome analysis is highly risky, as human genomic data contains identifiable information of human individuals and their disease susceptibility. Therefore, currently, no computation on personal human genomic data is conducted on public clouds. To address this issue, here we present a site-wise encryption approach to encrypt whole human genome sequences, which can be subject to secure searching of genomic signatures on public clouds. We implemented this method within the Hadoop framework, and tested it on the case of searching disease markers retrieved from the ClinVar database against patients' genomic sequences. The secure search runs only one order of magnitude slower than the simple search without encryption, indicating our method is ready to be used for secure genomic computation on public clouds.

  16. A Domain-Specific Programming Language for Secure Multiparty Computation

    DEFF Research Database (Denmark)

    Nielsen, Janus Dam; Schwartzbach, Michael Ignatieff

    2007-01-01

    We present a domain-specific programming language for Secure Multiparty Computation (SMC). Information is a resource of vital importance and considerable economic value to individuals, public administration, and private companies. This means that the confidentiality of information is crucial...... application development. The language is implemented in a prototype compiler that generates Java code exploiting a distributed cryptographic runtime....

  17. Teaching Objectives of a Simulation Game for Computer Security

    Science.gov (United States)

    2007-11-02

    established market and the growing acceptance of computer games in education (Kirriemuir, 2002). The game will simulate a range of scenarios involving...43-58. Sterne, D.F., (1991). On the Buzzword “Security Policy”, Proceedings of the IEEE Symposium on Reseach in Secu- rity and Privacy, Oakland, CA

  18. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    DEFF Research Database (Denmark)

    Hazay, Carmit; Toft, Tomas

    2010-01-01

    simulation in the presence of malicious, polynomial-time adversaries (assuming that ElGamal encryption is semantically secure) and exhibits computation and communication costs of O(n + m) in a constant round complexity. In addition to the above, we propose a collection of protocols for variations...

  19. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  20. Research on Secure Authentication Mechanism of Grid

    Institute of Scientific and Technical Information of China (English)

    2005-01-01

    Based on the analysis on the security mechanism of grid, this paper discusses the advantages of latest techniques of grid security, and presents a secure authentication scheme of grid based on elliptic curve cryptosystem (ECC). The secure authentication scheme may provide reference value for the further application of grid.

  1. Computer Security: one click and BOOM…

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Browsing the World Wide Web is not as easy as it seems… One wrong click and all your passwords (CERN, Facebook, PayPal, Amazon, etc.) could be stolen; all your activities could be clandestinely monitored (mouse movements and clicks, words typed, screenshots, microphone and webcam recordings, etc.); confidential documents could be stolen; and an attack path (a so-called back-door) into CERN could be opened…    As a result, you would have to reinstall your computer from scratch and change all your passwords! One of our colleagues learned this the hard way. One wrong click in summer 2015 permitted malicious attackers to infiltrate CERN but, fortunately, no real damage was done. Still, the cost of investigating the incident ran to several tens of thousands of Swiss francs and a lot of time was wasted trying to understand the attacker’s intent and the extent of the infiltration... With the goal of increasing more awareness of the risk of clicking on li...

  2. Computer Security: protect CERN - respect copyrights

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Are you a physicist who does complex mathematical calculations? Are you a webmaster who regularly embeds visual contents? Do you regularly present to large audiences? Are you an engineer who does sophisticated simulations of heat transfers, structural stability or electric circuits? Are you a technician who often uses CAD software? Do you like listening to music while being at CERN? Go ahead!   But make sure that you have legitimately obtained the software/images/music/videos you are using and hold valid licenses to run your software. Using illegal or pirated software/images/music/videos is not a trivial offense. It violates the CERN Computing Rules (OC5) and puts the Organization at risk! Vendors deserve credit and compensation. So make sure to buy your software via legitimate channels and use a valid and honestly obtained license. This also applies to “shareware” and software under open licenses, which might also come with a cost. Usually, only “freeware&rd...

  3. Computer Security: USB sticks - the silent killers

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    You've just found a USB stick in Restaurant 1. You'd like to return it … but who is the owner? Maybe the contents can tell you? Connect it to your laptop, and you might figure it out. But hold on, what if its content is dangerous…?   USB sticks are an excellent vehicle for infecting countless PCs and laptops. Years ago, several dozen laptops were infected during a conference when someone passed around a USB stick with flight departure information. Unfortunately, this stick was infected. Similarly, we have seen a domino effect of infections in the FP and EN departments after some USB sticks made the rounds, infecting one PC after another. In the end, a massive number of PCs had to be reinstalled. Some USB sticks are even worse. They pretend to be “just a keyboard” (named “RubberDucky”) and, once inserted, they execute a pre-programmed sequence of keystrokes intended to extract information from your computer or take ...

  4. Computer Security Issues in Online Banking: An Assessment from the Context of Usable Security

    Science.gov (United States)

    Mahmadi, FN; Zaaba, ZF; Osman, A.

    2016-11-01

    Today's online banking is a convenient mode of finance management. Despite the ease of doing online banking, there are people that still sceptical in utilizing it due to perception and its security. This paper highlights the subject of online banking security in Malaysia, especially from the perspective of the end-users. The study is done by assessing human computer interaction, usability and security. An online survey utilising 137 participants was previously conducted to gain preliminary insights on security issues of online banking in Malaysia. Following from those results, 37 participants were interviewed to gauge deeper understanding about end-users perception on online banking within the context of usable security. The results suggested that most of the end-users are continuingly experiencing significant difficulties especially in relation to the technical terminologies, security features and other technical issues. Although the security features are provided to provide a shield or protection, users are still incapable to cope with the technical aspects of such implementation.

  5. Computational chemistry research

    Science.gov (United States)

    Levin, Eugene

    1987-01-01

    Task 41 is composed of two parts: (1) analysis and design studies related to the Numerical Aerodynamic Simulation (NAS) Extended Operating Configuration (EOC) and (2) computational chemistry. During the first half of 1987, Dr. Levin served as a member of an advanced system planning team to establish the requirements, goals, and principal technical characteristics of the NAS EOC. A paper entitled 'Scaling of Data Communications for an Advanced Supercomputer Network' is included. The high temperature transport properties (such as viscosity, thermal conductivity, etc.) of the major constituents of air (oxygen and nitrogen) were correctly determined. The results of prior ab initio computer solutions of the Schroedinger equation were combined with the best available experimental data to obtain complete interaction potentials for both neutral and ion-atom collision partners. These potentials were then used in a computer program to evaluate the collision cross-sections from which the transport properties could be determined. A paper entitled 'High Temperature Transport Properties of Air' is included.

  6. Computer Security: a plea to Santa Claus

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Running pirated software or illegal licences, using cracking tools to bypass software activation measures, sharing music and films – these are problems that academic environments unfortunately have to deal with. All violate the copyright of the software/music/film owners, and copyright owners are not Santa Claus...    CERN, like other research organisations and universities, regularly receives allegations from external companies complaining about laptops or PCs running illegal software or sharing their films, videos or music with peers – and thus violating copyright.  Usually, we then contact the owners of the corresponding devices in order to understand whether these allegations are true. Very often such allegations boil down to a laptop whose owner replies “I confirm that a torrent client was left up and running on my device by mistake” or “This is a file that is stored on my personal hard disk.” As if those allegatio...

  7. Computer supported qualitative research

    CERN Document Server

    Reis, Luís; Sousa, Francislê; Moreira, António; Lamas, David

    2017-01-01

    This book contains an edited selection of the papers accepted for presentation and discussion at the first International Symposium on Qualitative Research (ISQR2016), held in Porto, Portugal, July 12th-14th, 2016. The book and the symposium features the four main application fields Education, Health, Social Sciences and Engineering and Technology and seven main subjects: Rationale and Paradigms of Qualitative Research (theoretical studies, critical reflection about epistemological dimensions, ontological and axiological); Systematization of approaches with Qualitative Studies (literature review, integrating results, aggregation studies, meta -analysis, meta- analysis of qualitative meta- synthesis, meta- ethnography); Qualitative and Mixed Methods Research (emphasis in research processes that build on mixed methodologies but with priority to qualitative approaches); Data Analysis Types (content analysis , discourse analysis , thematic analysis , narrative analysis , etc.); Innovative processes of Qualitative ...

  8. Constant-Overhead Secure Computation of Boolean Circuits using Preprocessing

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Zakarias, Sarah Nouhad Haddad

    We present a protocol for securely computing a Boolean circuit $C$ in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming access to a preprocessing functionality that is not given the inputs to compute on. For a large number of players the work done...... by each player is the same as the work needed to compute the circuit in the clear, up to a constant factor. Our protocol is the first to obtain these properties for Boolean circuits. On the technical side, we develop new homomorphic authentication schemes based on asymptotically good codes...... with an additional multiplication property. We also show a new algorithm for verifying the product of Boolean matrices in quadratic time with exponentially small error probability, where previous methods would only give a constant error....

  9. Design and Implementation of Enhanced Secured Cloud Computing

    Directory of Open Access Journals (Sweden)

    M. Gayatri

    2014-03-01

    Full Text Available Cloud computing plays a major role in providing different resources in the form of web services like tax calculation web service, e-banking web service etc., for smooth running of our daily lives. We can rely on cloud computing if these useful web services are really secure enough to use. This paper focuses on analyzing limitations of current cryptographic schemes used in providing security to data on cloud and highlights the usage of Elliptic Curve Cryptography scheme (ECC used in cloud based applications and implements Elliptic curve digital signature algorithm on cloud data and compares its performance with RSA based scheme. The performance of elliptic curve cryptosystem heavily depends on an operation called point multiplication. In this paper a new point multiplication method using modified base representation is used. This method reduces the point addition as well as pint doubling operations thereby increasing the efficiency of computing time in performing encryption and decryption operations

  10. Quantum And Relativistic Protocols For Secure Multi-Party Computation

    CERN Document Server

    Colbeck, Roger

    2009-01-01

    After a general introduction, the thesis is divided into four parts. In the first, we discuss the task of coin tossing, principally in order to highlight the effect different physical theories have on security in a straightforward manner, but, also, to introduce a new protocol for non-relativistic strong coin tossing. This protocol matches the security of the best protocol known to date while using a conceptually different approach to achieve the task. In the second part variable bias coin tossing is introduced. This is a variant of coin tossing in which one party secretly chooses one of two biased coins to toss. It is shown that this can be achieved with unconditional security for a specified range of biases, and with cheat-evident security for any bias. We also discuss two further protocols which are conjectured to be unconditionally secure for any bias. The third section looks at other two-party secure computations for which, prior to our work, protocols and no-go theorems were unknown. We introduce a gene...

  11. Protecting Terminals by Security Domain Mechanism Based on Trusted Computing

    Institute of Scientific and Technical Information of China (English)

    ZHOU Zheng; ZHANG Jun; LI Jian; LIU Yi

    2006-01-01

    Networks are composed with servers and rather larger amounts of terminals and most menace of attack and virus come from terminals. Eliminating malicious code and access or breaking the conditions only under witch attack or virus can be invoked in those terminals would be the most effective way to protect information systems. The concept of trusted computing was first introduced into terminal virus immunity. Then a model of security domain mechanism based on trusted computing to protect computers from proposed from abstracting the general information systems. The principle of attack resistant and venture limitation of the model was demonstrated by means of mathematical analysis, and the realization of the model was proposed.

  12. (Unconditional) Secure Multiparty Computation with Man-in-the-middle Attacks

    CERN Document Server

    Vaya, Shailesh

    2010-01-01

    In secure multi-party computation $n$ parties jointly evaluate an $n$-variate function $f$ in the presence of an adversary which can corrupt up till $t$ parties. Almost all the works that have appeared in the literature so far assume the presence of authenticated channels between the parties. This assumption is far from realistic. Two directions of research have been borne from relaxing this (strong) assumption: (a) The adversary is virtually omnipotent and can control all the communication channels in the network, (b) Only a partially connected topology of authenticated channels is guaranteed and adversary controls a subset of the communication channels in the network. This work introduces a new setting for (unconditional) secure multiparty computation problem which is an interesting intermediate model with respect to the above well studied models from the literature (by sharing a salient feature from both the above models). We consider the problem of (unconditional) secure multi-party computation when 'some...

  13. X.509 Authentication Services to Enhance the Data Security in Cloud Computing

    OpenAIRE

    Surbhi Chauhan; Kamal Kant; Arjun Singh

    2012-01-01

    This paper represents a method to build a Cloud Security by giving concept of X.509 authentication services. We are discussing theory of cloud computing, feature of cloud computing and cloud security .We proposed a X.509 format to enhances data security in cloud (Public). Cloud computing is a new computational paradigm that offers an innovative business model for organization.

  14. 77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-12-18

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM))--Match Number 1307 AGENCY: Social Security Administration....

  15. 75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

    Science.gov (United States)

    2010-02-01

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match Number 1308 AGENCY: Social Security Administration...

  16. Computer Science Research at Langley

    Science.gov (United States)

    Voigt, S. J. (Editor)

    1982-01-01

    A workshop was held at Langley Research Center, November 2-5, 1981, to highlight ongoing computer science research at Langley and to identify additional areas of research based upon the computer user requirements. A panel discussion was held in each of nine application areas, and these are summarized in the proceedings. Slides presented by the invited speakers are also included. A survey of scientific, business, data reduction, and microprocessor computer users helped identify areas of focus for the workshop. Several areas of computer science which are of most concern to the Langley computer users were identified during the workshop discussions. These include graphics, distributed processing, programmer support systems and tools, database management, and numerical methods.

  17. Formulation, computation and improvement of steady state security margins in power systems. Part I: Theoretical framework

    Energy Technology Data Exchange (ETDEWEB)

    Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T. [School of Engineering of Universidad Pontificia Comillas, C/Alberto Aguilera, 23, 28015 Madrid (Spain)

    2011-02-15

    A steady state security margin for a particular operational point can be defined as the distance from this initial point to the secure operational limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. A comprehensive literature survey has shown that these security margins have been studied separately. This fact has suggested to the authors the possibility of researching a common analysis framework valid for all of them. This is the first part of a two-part paper. In part I, a novel mathematical formulation valid to address the study of any steady state security margin is proposed. The developed general approach is presented in three steps: (a) formulation, (b) computation, and (c) improvement of security margins. In part II, the performance of the proposed approach when used to compute and improve the aforementioned steady security margins is illustrated through its application to the Spanish power system. Results denote that this approach can be a useful tool to solve a variety of practical situations in modern real power systems. (author)

  18. FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

    Directory of Open Access Journals (Sweden)

    Yunsick Sung

    2016-09-01

    Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

  19. Risk Based Security Management at Research Reactors

    Energy Technology Data Exchange (ETDEWEB)

    Ek, David R. [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    This presentation provides a background of what led to the international emphasis on nuclear security and describes how nuclear security is effectively implemented so as to preserve the societal benefits of nuclear and radioactive materials.

  20. Research on security vulnerability of chip

    Science.gov (United States)

    Chen, Zhifeng; Li, Qingbao; Li, Zhou

    2013-03-01

    The 21st century is the information era. IC (Integrated Circuit) is the basis of the modern information industry. The security vulnerability or back door of IC is directly related to the entire information system security. From the perspective of information security, security vulnerability of chip is led out through the practical examples and then the importance of security vulnerability of chip is emphasized. By comparing the security vulnerability of chip with the software virus, the characteristics of the chip vulnerabilities are summed up. Moreover, this paper describes the security vulnerability models of different control logic chips, combinational and sequential logic chips models. Finally it puts forward two kinds of detecting methods of security vulnerability of chip against the two models.

  1. A secure multi-party computation solution to intersection problems of sets and rectangles

    Institute of Scientific and Technical Information of China (English)

    LI Shundong; DAI Yiqi; WANG Daoshun; LUO Ping

    2006-01-01

    Secure multi-party computation (SMC) is a research focus in international cryptographic community. At present, there is no SMC solution to the intersection problem of sets. In this paper, we first propose a SMC solution to this problem. Applying Cantor encoding method to computational geometry problems, and based on the solution to set-intersection problem, we further propose solutions to points inclusion problem and intersection problem of rectangles and further prove their privacy-preserving property with widely accepted simulation paradigm. Compared with the known solutions, these new solutions are of less computational complexity and less communication complexity, and have obvious superiority in computational and communication complexity.

  2. Computer Security: today’s paranoia, tomorrow’s reality

    CERN Multimedia

    Computer Security Team

    2014-01-01

    When the Internet opened its gates to academia in the late 80s and, together with the World Wide Web a few years later, to the general public, computer security was considered somehow irrelevant. People pointing to vulnerabilities and security risks (“hackers”) were labelled as paranoid. But they woke to reality during the outbreak of the “ILOVEYOU” virus in 2000, which caused large scale infections of Windows PCs (including many at CERN).    Similarly, warnings about weaknesses and insecure control systems, issued by CERN and others (see our Bulletin article “Hacking control systems, switching lights off!"), were ignored until the “Stuxnet” attack against control systems in Iran proved them right in 2010. Reality beat 'paranoia' again. Last year, the paranoid fear of many security experts that our whole IT infrastructure might have been infiltrated and spied on turned real, if you believe ...

  3. Implementing security in computer based patient records clinical experiences.

    Science.gov (United States)

    Iversen, K R; Heimly, V; Lundgren, T I

    1995-01-01

    In Norway, organizational changes in hospitals and a stronger focus on patient safety have changed the way of organizing and managing paper based patient records. Hospital-wide patient records tend to replace department based records. Since not only clinicians, but also other non-medical staff have access to the paper records, they also have easy access to all the information which is available on a specific patient; such a system has obvious 'side effects' on privacy and security. Computer based patient records (CPRs) can provide the solution to this apparent paradox if the complex aspects of security, privacy, effectiveness, and user friendliness are focused on jointly from the outset in designing such systems. Clinical experiences in Norway show that it is possible to design patient record systems that provide a very useful tool for clinicians and other health care personnel (HCP) while fully complying with comprehensive security and privacy requirements.

  4. Transportation Research & Analysis Computing Center

    Data.gov (United States)

    Federal Laboratory Consortium — The technical objectives of the TRACC project included the establishment of a high performance computing center for use by USDOT research teams, including those from...

  5. Transportation Research & Analysis Computing Center

    Data.gov (United States)

    Federal Laboratory Consortium — The technical objectives of the TRACC project included the establishment of a high performance computing center for use by USDOT research teams, including those from...

  6. Computer Applications in Metallurgical Research

    Directory of Open Access Journals (Sweden)

    V. Madhu

    1994-04-01

    Full Text Available This paper outlines the current efforts in computer applications in metallurgical research at the Defence Metallurgical Research Laboratory, Hyderabad. Work being done on armour penetration studies, optimization of armour profiles for fighting vehicles, computer control of multifunction 2000 tonne forge press, drawing of processing mechanism maps, process modelling of titanium sponge production and methods of curve fitting to experimental data, is described and briefly discussed.

  7. Creativity in Ubiquitous Computing Research

    OpenAIRE

    Silva, Paula Alexandra; Van Laerhoven, Kristof

    2007-01-01

    This paper is concerned with the process of creating and designing research prototypes for augmented objects and applications in ubiquitous computing. We present a range of descriptions and reflections from personal experience in building prototypes for ubiquitous computing research, while students were introduced and guided in this process. This is linked to a rationale of the process as well as the way it affects built-in experience and knowledge and its needs to tra...

  8. Computer science and operations research

    CERN Document Server

    Balci, Osman

    1992-01-01

    The interface of Operation Research and Computer Science - although elusive to a precise definition - has been a fertile area of both methodological and applied research. The papers in this book, written by experts in their respective fields, convey the current state-of-the-art in this interface across a broad spectrum of research domains which include optimization techniques, linear programming, interior point algorithms, networks, computer graphics in operations research, parallel algorithms and implementations, planning and scheduling, genetic algorithms, heuristic search techniques and dat

  9. Wireless networks and security issues, challenges and research trends

    CERN Document Server

    Pathan, Al-Sakib

    2013-01-01

     “Wireless Networks and Security” provides a broad coverage of wireless security issues including cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, epidemics, security performance analysis, security issues in applications. The contributions identify various vulnerabilities in the physical layer, MAC layer, network layer, transport layer, and application layer, and focus on ways of strengthening security mechanisms and services throughout the layers. This carefully edited monograph is targeting  for researchers, post-graduate students in universities, academics, and industry practitioners or professionals.  

  10. 16th Department of Energy Computer Security Group Training Conference: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1994-04-01

    Various topic on computer security are presented. Integrity standards, smartcard systems, network firewalls, encryption systems, cryptography, computer security programs, multilevel security guards, electronic mail privacy, the central intelligence agency, internet security, and high-speed ATM networking are typical examples of discussed topics. Individual papers are indexed separately.

  11. A Framework for Security Transparency in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Umar Mukhtar Ismail

    2016-02-01

    Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

  12. Constant-overhead secure computation of Boolean circuits using preprocessing

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Zakarias, S.

    2013-01-01

    We present a protocol for securely computing a Boolean circuit C in presence of a dishonest and malicious majority. The protocol is unconditionally secure, assuming a preprocessing functionality that is not given the inputs. For a large number of players the work for each player is the same...... as computing the circuit in the clear, up to a constant factor. Our protocol is the first to obtain these properties for Boolean circuits. On the technical side, we develop new homomorphic authentication schemes based on asymptotically good codes with an additional multiplication property. We also show a new...... algorithm for verifying the product of Boolean matrices in quadratic time with exponentially small error probability, where previous methods only achieved constant error....

  13. Detecting Security threats in the Router using Computational Intelligence

    CERN Document Server

    Visumathi, J

    2010-01-01

    nformation security is an issue of global concern. As the Internet is delivering great convenience and benefits to the modern society, the rapidly increasing connectivity and accessibility to the Internet is also posing a serious threat to security and privacy, to individuals, organizations, and nations alike. Finding effective ways to detect, prevent, and respond to intrusions and hacker attacks of networked computers and information systems. This paper presents a knowledge discovery frame work to detect DoS attacks at the boundary controllers (routers). The idea is to use machine learning approach to discover network features that can depict the state of the network connection. Using important network data (DoS relevant features), we have developed kernel machine based and soft computing detection mechanisms that achieve high detection accuracies. We also present our work of identifying DoS pertinent features and evaluating the applicability of these features in detecting novel DoS attacks. Architecture for...

  14. NINJA: a noninvasive framework for internal computer security hardening

    Science.gov (United States)

    Allen, Thomas G.; Thomson, Steve

    2004-07-01

    Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

  15. On Data and Virtualization Security Risks and Solutions of Cloud Computing

    OpenAIRE

    Xiangyang Luo; Lin Yang; Dai Hao; Fenlin Liu; Daoshun Wang

    2014-01-01

    Data security and virtualization security issues are two key bottlenecks restricting the application of cloud computing promoting and applications, especially for the Cloud-based media computing system. In this paper, states of the art of the techniques on cloud computing data security issues, such as data encryption, access control, integrity authentication and other issues is surveyed, on this basis, the key technical issues of the cloud computing data security should concern about and focu...

  16. Call for participation first ACM workshop on education in computer security

    OpenAIRE

    Irvine, Cynthia; Orman, Hilarie

    1997-01-01

    Taken from the NPS website. The security of information systems and networks is a growing concern. Experts are needed to design and organize the protection mechanisms for these systems. Both government and industry increasingly seek individuals with knowledge and skills in computer security. In the past, most traditional computer science curricula bypassed formal studies in computer security altogether. An understanding of computer security was achieved largely through on-the-job ...

  17. 1987 computer science research: Computation directorate

    Energy Technology Data Exchange (ETDEWEB)

    McGraw, J.R.; Grupe, K.F. (eds.)

    1987-01-01

    The topics of research presented here reflect our view of the broad range of issues we need to address in support of our computing environment. Large-scale Scientific Computations represents one of our newest ventures. The goal is to more closely link expertise in the problem domains (e.g., fluid dynamics) with expertise in sophisticated numerical methods, thus allowing for a broader range of solution strategies to get better answers. Parallel Numerical Algorithms focuses more tightly on the development and analysis of numerical techniques for use in parallel computing situations. Issues here include the solution of extremely large partial differential equations, matrix solution techniques, and Monte Carlo programming techniques. In the area of General Numerical Algorithms we recognize the need for a significant amount of research on numerics without the additional complexity of parallelism. This area includes work on partial differential equations, ordinary differential equations, interpolation, and a variety of statistical analysis. Parallel Systems Software addresses issues related to going from a parallel algorithm to its correct and efficient implementation on a particular system. Distributed Operating Systems and Networks describes our efforts to provide a very flexible environment for users to access a diverse set of machines and services in an efficient and simple manner. Expert Systems Software covers another relatively new and expanding area. We are looking at various ways that knowledge engineering ideas can reduce development time for writing new code systems and improve our control over experimental processes. In the section on General Purpose Software we include several projects that span a wide range of topics. The last section, Technology Information Systems, reports the status of a special effort to provide sophisticated methods for allowing users to access remote information centers.

  18. Security Research on Engineering Database System

    Institute of Scientific and Technical Information of China (English)

    2002-01-01

    Engine engineering database system is an oriented C AD applied database management system that has the capability managing distributed data. The paper discusses the security issue of the engine engineering database management system (EDBMS). Through studying and analyzing the database security, to draw a series of securi ty rules, which reach B1, level security standard. Which includes discretionary access control (DAC), mandatory access control (MAC) and audit. The EDBMS implem ents functions of DAC, ...

  19. A review of automated image understanding within 3D baggage computed tomography security screening.

    Science.gov (United States)

    Mouton, Andre; Breckon, Toby P

    2015-01-01

    Baggage inspection is the principal safeguard against the transportation of prohibited and potentially dangerous materials at airport security checkpoints. Although traditionally performed by 2D X-ray based scanning, increasingly stringent security regulations have led to a growing demand for more advanced imaging technologies. The role of X-ray Computed Tomography is thus rapidly expanding beyond the traditional materials-based detection of explosives. The development of computer vision and image processing techniques for the automated understanding of 3D baggage-CT imagery is however, complicated by poor image resolutions, image clutter and high levels of noise and artefacts. We discuss the recent and most pertinent advancements and identify topics for future research within the challenging domain of automated image understanding for baggage security screening CT.

  20. Secure and Dynamic Model for Book Searching on Cloud Computing as Mobile Augmented Reality

    Directory of Open Access Journals (Sweden)

    Adeel Rafiq

    2014-01-01

    Full Text Available Availability of internet on different devices like smart phones like android based, IOs based, windows based and PDA etc. has brought into the evolution of mobile cloud computing, which is a vast side of research nowadays. Internet connectivity has become very easy with the evolution of Wi-Fi, everyone can access the internet using wireless connectivity. A major issue in wireless connectivity is the low level of encryption and low security. This might be a security risk for the sensitive data available on the cloud. There are mobile augmented reality systems based on cloud computing, we want to propose a dynamic framework for the security of cloud and live update data on cloud.

  1. Smart photonic networks and computer security for image data

    Science.gov (United States)

    Campello, Jorge; Gill, John T.; Morf, Martin; Flynn, Michael J.

    1998-02-01

    Work reported here is part of a larger project on 'Smart Photonic Networks and Computer Security for Image Data', studying the interactions of coding and security, switching architecture simulations, and basic technologies. Coding and security: coding methods that are appropriate for data security in data fusion networks were investigated. These networks have several characteristics that distinguish them form other currently employed networks, such as Ethernet LANs or the Internet. The most significant characteristics are very high maximum data rates; predominance of image data; narrowcasting - transmission of data form one source to a designated set of receivers; data fusion - combining related data from several sources; simple sensor nodes with limited buffering. These characteristics affect both the lower level network design and the higher level coding methods.Data security encompasses privacy, integrity, reliability, and availability. Privacy, integrity, and reliability can be provided through encryption and coding for error detection and correction. Availability is primarily a network issue; network nodes must be protected against failure or routed around in the case of failure. One of the more promising techniques is the use of 'secret sharing'. We consider this method as a special case of our new space-time code diversity based algorithms for secure communication. These algorithms enable us to exploit parallelism and scalable multiplexing schemes to build photonic network architectures. A number of very high-speed switching and routing architectures and their relationships with very high performance processor architectures were studied. Indications are that routers for very high speed photonic networks can be designed using the very robust and distributed TCP/IP protocol, if suitable processor architecture support is available.

  2. Secure Learning and Learning for Security: Research in the Intersection

    Science.gov (United States)

    2010-05-13

    dataset. They applied their attack using publicly available movie ratings on IMDB to identify Netflix customers and their previously-private tastes in...rates. In Proceedings of the First International Workshop on Internet and Network Economics ( WINE 2005), volume 3828 of Lecture Notes in Computer

  3. 云计算环境下信息安全保障体系研究%Research on Information Security Assurance System under the Environment of Cloud Computing

    Institute of Scientific and Technical Information of China (English)

    刘晔

    2015-01-01

    在云计算技术已广泛应用于各行各业的时代背景下,如何构建云计算环境下的信息安全保障体系,确保数据的可靠性、准确性、安全性、用户信息的私密性等,成为亟待解决的问题。文章在分析云计算特点的基础上,认为云计算环境下的信息安全保障体系应包含三大块:云端服务商层面、用户层面和国家法律法规层面。%Under the background that Cloud Computing technology has been widely used in all walks of life,Building an information security assurance system under the cloud computing environment to ensure the reliability,accuracy, security of data,user information confidentiality,has become a problem urgently to be solved.Based on the analysis of the cloud computing characteristics,this article believes information security assurance system under the cloud com⁃puting environment includes three blocks:the cloud service provider level,user level and the sate laws and regula⁃tions level.

  4. A Survey on Security Issues in Cloud Computing

    CERN Document Server

    Bhadauria, Rohit; Chaki, Nabendu; Sanyal, Sugata

    2011-01-01

    Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for the IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow many-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims...

  5. Writing Across the Curriculum -- An Online Course in Computer Security

    Directory of Open Access Journals (Sweden)

    Neelu Sinha

    2006-01-01

    Full Text Available Writing fosters both critical thinking and student learning, serving as one of the most effective ways to understand a topic. Writing across the Curriculum (WAC began in the late 1970’s, as a pedagogical reform movement in response to a perceived deficiency in literacy among college students. Over the past two decades universities have worked to broaden the scope of student writing from composition classes to classes in the students’ major. This paper chronicles the application of WAC into the discipline of Computer Science. The purpose of this study is to develop an online Computer Security course (for sophomores and juniors in Computer Science, under the umbrella of WAC, to help improve the students’ writing overall and focus on skills students require in upper level courses in the major. Developing this course as an online course (rather than a traditional face-to-face course offers flexible configurability and scalability, features that are useful to prepare students for constantly changing real world security challenges. This paper includes all aspects of course design and insight into lessons learned. Results indicate that both the faculty and students benefit from such a writing intensive course. Reading and responding to the students’ writing enables faculty to gain valuable insights into the students’ thoughts, ideas, problems, and other issues. Students reported increased knowledge and comprehension of the subject material, deeper understanding of the conventions within Computer Science, improved analysis and reporting skills, ability to understand and present abstract concepts effectively, and skill in producing professional documents.

  6. Research on Application of Network Security and Management Based on Cloud Computing%基于云计算的网络安全及管理应用研究

    Institute of Scientific and Technical Information of China (English)

    倪志宏

    2013-01-01

    Introduction to cloud computing development status, main factor analysis to the development of cloud computing, infor?mation security problems brought by cloud computing, as well as the specific methods and measures to ensure the security of infor?mation. Proposed based on the cloud computing technology, constructing the network management system and safety system, pro?vides the network management service cloud unified identity authentication and access control mechanism based on. Through the calculation of the new network environment on the demand analysis to the cloud, the paper has a detailed discussion on virtual memory, trusted computing technology.%介绍云计算发展现状,分析云计算发展的主要因素,云计算所带来的信息安全问题,以及确保信息安全的具体方法和措施.提出了基于云计算技术,构建网络管理系统及安全体系,提供基于统一身份认证和访问控制管理机制的网络管理云服务.通过对云计算环境下的网络新需求分析,对虚拟存储、可信计算等技术进行了详细探讨.

  7. Computing security strategies in finite horizon repeated Bayesian games

    KAUST Repository

    Lichun Li

    2017-07-10

    This paper studies security strategies in two-player zero-sum repeated Bayesian games with finite horizon. In such games, each player has a private type which is independently chosen according to a publicly known a priori probability. Players\\' types are fixed all through the game. The game is played for finite stages. At every stage, players simultaneously choose their actions which are observed by the public. The one-stage payoff of player 1 (or penalty to player 2) depends on both players types and actions, and is not directly observed by any player. While player 1 aims to maximize the total payoff over the game, player 2 wants to minimize it. This paper provides each player two ways to compute the security strategy, i.e. the optimal strategy in the worst case. First, a security strategy that directly depends on both players\\' history actions is derived by refining the sequence form. Noticing that history action space grows exponentially with respect to the time horizon, this paper further presents a security strategy that depends on player\\'s fixed sized sufficient statistics. The sufficient statistics is shown to consist of the belief on one\\'s own type, the regret on the other player\\'s type, and the stage, and is independent of the other player\\'s strategy.

  8. Multicenter patient records research: security policies and tools.

    Science.gov (United States)

    Behlen, F M; Johnson, S B

    1999-01-01

    The expanding health information infrastructure offers the promise of new medical knowledge drawn from patient records. Such promise will never be fulfilled, however, unless researchers first address policy issues regarding the rights and interests of both the patients and the institutions who hold their records. In this article, the authors analyze the interests of patients and institutions in light of public policy and institutional needs. They conclude that the multicenter study, with Institutional Review Board approval of each study at each site, protects the interests of both. "Anonymity" is no panacea, since patient records are so rich in information that they can never be truly anonymous. Researchers must earn and respect the trust of the public, as responsible stewards of facts about patients' lives. The authors find that computer security tools are needed to administer multicenter patient records studies and describe simple approaches that can be implemented using commercial database products.

  9. Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

    Science.gov (United States)

    Kraemer, Sara; Carayon, Pascale

    2007-03-01

    This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

  10. Research of public security platform cloud computing architecture based on internet of things%基于物联网的公共安全云计算平台

    Institute of Scientific and Technical Information of China (English)

    白蛟; 全春来; 郭镇

    2011-01-01

    Internet of things is introduced into the field of public safety technology, and the applications of the distributed computing, virtualized storage and cloud computing technology are discussed. To overcome the disadvantages of the existing public security platform, Internet of things five layers the public safety platform architecture is designed, and all levels of features and technology application are described, which provides a new way for the future construction of Internet of things for police. In order to achieve the business data sharing and security, based on this architecture the data supporting platform is proposed based on cloud computing, which supports vir-tualization of data storage and management, and meanwhile offers high performance computing power and storage equipment dynamic expansion ability. Security and computing power of Internet of things are improved.%将物联网技术引入到公共安全领域,重点研究了分布式计算和虚拟化存储及云计算的技术特点和应用,针对目前公共安全平台的不足,设计了5层的物联网公共安全平台架构,为以后警用物联网的建设提供了新的思路,同时结合该架构,提出了一种基于云计算的数据支撑平台,为该公共安全平台提供虚拟化的数据存储和管理,以实现各业务数据的共享和安全,提高了物联网应用的安全和计算能力.

  11. Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

    Science.gov (United States)

    Ahmad, Mushtaq

    Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

  12. Security industry standards – a research agenda

    OpenAIRE

    Weaver, Benjamin

    2013-01-01

    The security industry has traditionally been highly fragmented and vendors have opted for proprietary standards that induce customer lockin. Several factors – including absence of network effects, end-user heterogeneity and low barriers of entry – have contributed to the dearth of standards. The shift to digital product platforms did not initially change the structural dynamics that inhibit standards within the industry. However, as the security industry breaks away from vertical integration ...

  13. A Survey on Cloud Computing Security, Challenges and Threats

    Directory of Open Access Journals (Sweden)

    Rajnish Choubey,

    2011-03-01

    Full Text Available Cloud computing is an internet based model that enable convenient, on demand and pay per use access to a pool of shared resources. It is a new technology that satisfies a user’s requirement for computingresources like networks, storage, servers, services and applications, without physically acquiring them. It reduces the overhead of the organization of marinating the large system but it has associated risks and threats also which include – security, data leakage, insecure interface and sharing of resources and inside attacks.

  14. Techniques for Efficiently Ensuring Data Storage Security in Cloud Computing

    DEFF Research Database (Denmark)

    Banoth, Rajkumar

    2011-01-01

    The Cloud Computing is the next generation architecture of IT Enterprise. It moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. Here, focus is on cloud data storage security, an important aspect...... of quality of service. To ensure the correctness of users’ data in the cloud, we propose an effective and flexible distributed scheme with two salient features. By utilizing the homomorphic token with distributed verification of erasure-coded data, the scheme achieves the integration of storage correctness...

  15. Students and Taxes: a Privacy-Preserving Study Using Secure Computation

    Directory of Open Access Journals (Sweden)

    Bogdanov Dan

    2016-07-01

    Full Text Available We describe the use of secure multi-party computation for performing a large-scale privacy-preserving statistical study on real government data. In 2015, statisticians from the Estonian Center of Applied Research (CentAR conducted a big data study to look for correlations between working during university studies and failing to graduate in time. The study was conducted by linking the database of individual tax payments from the Estonian Tax and Customs Board and the database of higher education events from the Ministry of Education and Research. Data collection, preparation and analysis were conducted using the Share-mind secure multi-party computation system that provided end-to-end cryptographic protection to the analysis. Using ten million tax records and half a million education records in the analysis, this is the largest cryptographically private statistical study ever conducted on real data.

  16. Secure OpenID Authentication Model by Using Trusted Computing

    Directory of Open Access Journals (Sweden)

    E. Ghazizadeh

    2014-01-01

    Full Text Available The growth of Internet online services has been very quick in recent years. Each online service requires Internet users to create a new account to use the service. The problem can be seen when each user usually needs more than one service and, consequently, has numerous accounts. These numerous accounts have to be managed in a secure and simple way to be protected against identity theft. Single sign-on (SSO and OpenID have been used to decrease the complexity of managing numerous accounts required in the Internet identity environment. Trusted Platform Module (TPM and Trust Multitenancy are great trusted computing-based technologies to solve security concerns in the Internet identity environment. Since trust is one of the pillars of security in the cloud, this paper analyzes the existing cloud identity techniques in order to investigate their strengths and weaknesses. This paper proposes a model in which One Time Password (OTP, TPM, and OpenID are used to provide a solution against phishing as a common identity theft in cloud environment.

  17. Security Model for Microsoft Based Mobile Sales Management Application in Private Cloud Computing

    Directory of Open Access Journals (Sweden)

    Kuan Chee Houng

    2013-05-01

    Full Text Available The Microsoft-based mobile sales management application is a sales force management application that currently running on Windows Mobile 6.5. It handles sales-related activity and cuts down the administrative task of sales representative. Then, Windows launch a new mobile operating system, Windows Phone and stop providing support to Windows Mobile. This has become an obstacle for Windows Mobile development. From time to time, Windows Mobile will be eliminated from the market due to no support provided by Microsoft. Besides that, Windows Mobile application cannot run on Windows Phone mobile operating system due to lack of compatibility. Therefore, applications those run on Windows Mobile need to find a solution addressing this problem. The rise of cloud computing technology in delivering software as a service becomes a solution. The Microsoft-based mobile sales management application delivers a service to run in a web browser, rather than limited by certain type of mobile that run the Windows Mobile operating system. However, there are some security issues need to concern in order to deliver the Microsoft-based mobile application as a service in private cloud computing. Therefore, security model is needed to answer the security issues in private cloud computing. This research is to propose a security model for the Microsoft-based mobile sales management application in private cloud computing. Lastly, a User Acceptance Test (UAT is carried out to test the compatibility between proposed security model of Microsoft-based mobile sales management application in a private cloud and tablet computers.

  18. Information Technology Convergence, Secure and Trust Computing, and Data Management ITCS 2012 & STA 2012

    CERN Document Server

    Kim, Jongsung; Zou, Deqing; Lee, Yang

    2012-01-01

    ITCS 2012 and STA 2012 address the various theories and practical applications of information technology convergence, secure and trust computing, and data management in future environments. It will present important results of significant value to solve the application services and various problems within the scope of ITCS 2012 & STA 2012. In addition, we expect it will trigger further related research and technology developments which will improve our lives in the future.

  19. SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams

    Directory of Open Access Journals (Sweden)

    Douglas P. Twitchell

    2007-12-01

    Full Text Available A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel.  These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability.  This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams.  Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams.  Studying the effectiveness of the game as a training tool could lead to better training for security teams. 

  20. 移动计算安全性%Mobile Computing Security

    Institute of Scientific and Technical Information of China (English)

    胡健; 刘锦德

    2000-01-01

    In the first,security issues in open system that supports mobile computing are discussed in detail,and then the fundamental principle for building a security system in the environment of mobile computing is given.According to the principle,security issues and policies related to mobile code programming language and mobile agent system are further discussed.

  1. The Security Research of Digital Library Network

    Science.gov (United States)

    Zhang, Xin; Song, Ding-Li; Yan, Shu

    Digital library is a self-development needs for the modern library to meet the development requirements of the times, changing the way services and so on. digital library from the hardware, technology, management and other aspects to objective analysis of the factors of threats to digital library network security. We should face up the problems of digital library network security: digital library network hardware are "not hard", the technology of digital library is relatively lag, digital library management system is imperfect and other problems; the government should take active measures to ensure that the library funding, to enhance the level of network hardware, to upgrade LAN and prevention technology, to improve network control technology, network monitoring technology; to strengthen safety management concepts, to prefect the safety management system; and to improve the level of security management modernization for digital library.

  2. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    DEFF Research Database (Denmark)

    Hazay, Carmit; Toft, Tomas

    2014-01-01

    (n+m) communication and O(1) rounds using O(nm) computation. Then we treat secure approximate pattern matching. In this variant the matches may be approximated, i.e., have Hamming distance less than some threshold, τ. Our protocol requires O(nτ) communication in O(1) rounds using O(nm) computation. Third, we have......We propose a protocol for the problem of secure two-party pattern matching, where Alice holds a text t∈{0,1}∗ of length n, while Bob has a pattern p∈{0,1}∗ of length m. The goal is for Bob to (only) learn where his pattern occurs in Alice’s text, while Alice learns nothing. Private pattern matching......(n+m) group elements in a constant round complexity. This improves over previous work by Gennaro et al. (Public Key Cryptography, pp. 145–160, 2010) whose solution requires overhead of O(nm) group elements and exponentiations in O(m) rounds. In addition to the above, we propose a collection of protocols...

  3. Privacy Enhanced Pervasive Computing Model with Dynamic Trust and Security

    Directory of Open Access Journals (Sweden)

    Geetha Mariappan

    2014-06-01

    Full Text Available The objective of the research work is to propose a policy aware privacy enhancement model using dynamic trust and security management techniques. The different polices of the stakeholders incorporating device manufacturer, service provider, Mobile agents and mobile users are considered to achieve an enhanced privacy for on-demand request. The entities involving direct and indirect trust establishment with all forms of uncertainties like DDoS attacks are considered along with multiple layers of security management operations across varying trusted entities. The focus is to enhance the existing privacy through an efficient, preventive, detective, response mechanisms for those attacks, which will address the problem of DDoS before, during and after an actual attack. The session time and access time are controlled by the privileges and rights for disclosure of information in pervasive environment.

  4. Collaborative Research on Systems and Security

    Science.gov (United States)

    2006-12-31

    Lecture Notes in Computer Science (1999), 515—529, with P. Gastin Models supporting nondeterminism and probabilistic choice, Proceedings of IPDPS, LNCS...probabilistic power domain, ICALP 2002, Lecture Notes in Computer Science 2380 (2002), pp. 463-475 (with K. Martin and J. B. Worrell). Timed CSP = closed...29lh International Colloquium on Automata, Languages and Programming, Lecture Notes in Computer Science 2380

  5. Secured Authorized Data Using Hybrid Encryption in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Dinesh Shinde

    2017-03-01

    Full Text Available In today’s world to provide a security to a public network like a cloud network is become a toughest task however more likely to reduce the cost at the time of providing security using cryptographic technique to delegate the mask of the decryption task to the cloud servers to reduce the computing cost. As a result, attributebased encryption with delegation emerges. Still, there are caveats and questions remaining in the previous relevant works. For to solution to all problems the cloud servers could tamper or replace the delegated cipher text and respond a forged computing result with malicious intent. They may also cheat the eligible users by responding them that they are ineligible for the purpose of cost saving. Furthermore, during the encryption, the access policies may not be flexible enough as well. Since policy for general circuits enables to achieve the strongest form of access control, a construction for realizing circuit cipher text-policy attribute-based hybrid encryption with verifiable delegation has been considered in our work. In such a system, combined with verifiable computation and encrypt-then-mac mechanism, the data confidentiality, the fine-grained access control and the correctness of the delegated computing results are well guaranteed at the same time. Besides, our scheme achieves security against chosen-plaintext attacks under the k-multilinear Decisional Diffie-Hellman assumption. Moreover, an extensive simulation campaign confirms the feasibility and efficiency of the proposed solution. There are two complementary forms of attribute-based encryption. One is key-policy attribute-based encryption (KP-ABE [8], [9], [10], and the other is cipher text-policy attribute-based encryption. In a KP-ABE system, the decision of access policy is made by the key distributor instead of the enciphered, which limits the practicability and usability for the system in practical applicationsthe access policy for general circuits could be

  6. Information Security Issues in Higher Education and Institutional Research

    Science.gov (United States)

    Custer, William L.

    2010-01-01

    Information security threats to educational institutions and their data assets have worsened significantly over the past few years. The rich data stores of institutional research are especially vulnerable, and threats from security breaches represent no small risk. New genres of threat require new kinds of controls if the institution is to prevent…

  7. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data for a variety of users, often requiring strong separation between job allocations. There are many challenges to establishing these secure enclaves within the shared infrastructure of high-performance computing (HPC) environments. The isolation mechanisms in the system software are the basic building blocks for enabling secure compute enclaves. There are a variety of approaches and the focus of this report is to review the different virtualization technologies that facilitate the creation of secure compute enclaves. The report reviews current operating system (OS) protection mechanisms and modern virtualization technologies to better understand the performance/isolation properties. We also examine the feasibility of running ``virtualized'' computing resources as non-privileged users, and providing controlled administrative permissions for standard users running within a virtualized context. Our examination includes technologies such as Linux containers (LXC [32], Docker [15]) and full virtualization (KVM [26], Xen [5]). We categorize these different approaches to virtualization into two broad groups: OS-level virtualization and system-level virtualization. The OS-level virtualization uses containers to allow a single OS kernel to be partitioned to create Virtual Environments (VE), e.g., LXC. The resources within the host's kernel are only virtualized in the sense of separate namespaces. In contrast, system-level virtualization uses hypervisors to manage multiple OS kernels and virtualize the physical resources (hardware) to create Virtual Machines (VM), e.g., Xen, KVM. This terminology of VE and VM, detailed in Section 2, is used throughout the report to distinguish between the two different approaches to providing virtualized execution

  8. 一种基于SDN技术的多区域安全云计算架构研究%Research on Multi-zone Secure Cloud Computing Fabrics Based on SDN Technology

    Institute of Scientific and Technical Information of China (English)

    王刚

    2015-01-01

    文章提出一种在云计算环境中实施云安全防护的方案.方案在原有的业务云之外,用云技术建设安全云,在业务云中部署安全代理,通过软件定义网络(SDN)技术连接业务云、安全云和安全代理,并通过安全代理把业务云动态划分为逻辑隔离的多个业务区域.方案不依赖于业务云的实现方式,除初始近乎零配置的安全代理外,不改变业务云的软硬件结构,具有易部署、易维护、安全性更高等特点.%This paper presents a project of implementing cloud security protection in cloud computing environment, which can build secure cloud by using cloud technology and deploy safety procedure in cloud operation. By using SDN technology, the project can connect cloud operation, secure cloud, and safety procedure, and divides cloud operation into several logic isolation service areas dynamically through safety procedure. The project is independent of cloud operation implementation. Besides the almost zero conifguration safety procedure, the project doesn't change the structures of hardware and software of cloud operation, which has the features that is easy to deploy and maintain and security is high.

  9. 基于可信计算的移动智能终端安全技术研究%Research on Security Technology of Mobile Intelligent Terminal Based on Trusted Computing

    Institute of Scientific and Technical Information of China (English)

    雷贵; 班增辉

    2015-01-01

    With the continuous development of modern science and technology,the computing power of mobile terminal is gradually increasing,but the reasonable use of the security technology in the development process has gradually attracted people’s attention. In addition,with the appearance of the mobile platform open and flexible characteristics,the security of mobile terminal operating environment has been threatened.Therefore,it is necessary to study and discuss the application of the technology.This paper begins with the analysis on the traditional security technology,and expounds the security features of the trusted mobile platform,which aims at promoting the further innovation of the current communication means.%随着现代化科学技术的不断发展,移动终端计算能力逐渐增强,但其发展过程中对安全技术的合理运用也逐渐引起了人们的关注。此外,随着移动平台开放性及灵活性的显现,移动终端运行环境的安全性遭到了一定的威胁,为此,为保障移动终端运行的安全性,对其技术层面的应用展开更为深入的研究与探讨是非常必要的。文章从传统安全技术分析入手,详细阐述了可信移动平台的安全特性,旨在推动当前通信手段的进一步创新。

  10. Selected aspects of security mechanisms for cloud computing – current solutions and development perspectives

    OpenAIRE

    Aneta Poniszewska-Maranda

    2014-01-01

    The security aspects of cloud computing, especially the security of data, become more and more important. It is necessary to find and develop the new mechanisms to secure the cloud. The problem presented in the paper concerns the mechanisms for security of cloud computing with special attention paid to aspects of access control in clouds - the state of the art and the perspectives for the future.

  11. On Data and Virtualization Security Risks and Solutions of Cloud Computing

    Directory of Open Access Journals (Sweden)

    Xiangyang Luo

    2014-03-01

    Full Text Available Data security and virtualization security issues are two key bottlenecks restricting the application of cloud computing promoting and applications, especially for the Cloud-based media computing system. In this paper, states of the art of the techniques on cloud computing data security issues, such as data encryption, access control, integrity authentication and other issues is surveyed, on this basis, the key technical issues of the cloud computing data security should concern about and focus on are indicated, and some corresponding countermeasures and suggestions are presented. For the virtualization security problem introduced by private cloud computing, the security risks induced by virtualization are analyzed and classified, and then based on the divide-conquer idea, for each kind of security risk, some corresponding solutions are presented.

  12. Homeland Security Research and Development Funding, Organization, and Oversight

    Science.gov (United States)

    2006-08-22

    University of Southern California; agro-security at the University of Minnesota and at Texas A&M; on behavioral and sociological aspects of terrorism at the...computational challenges for homeland security. DHS also supports a university fellowship /training program, which plans to train 200 students in 2007, down from...300 in 2006, and up to 15 postdoctoral fellows. Regarding intramural R&D, DHS may use any federal laboratory and may establish a headquarters

  13. Advances in computers dependable and secure systems engineering

    CERN Document Server

    Hurson, Ali

    2012-01-01

    Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field. In-depth surveys and tutorials on new computer technologyWell-known authors and researchers in the fieldExtensive bibliographies with m

  14. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    Directory of Open Access Journals (Sweden)

    Sun Qiong

    2013-07-01

    Full Text Available With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed membership-based cloud service provided selection policy. By exploring the prospects of cloud computing in Internet sales, we try to solve the problem of the security of personal information in this channel.

  15. Special Issue on Entropy-Based Applied Cryptography and Enhanced Security for Ubiquitous Computing

    Directory of Open Access Journals (Sweden)

    James (Jong Hyuk Park

    2016-09-01

    Full Text Available Entropy is a basic and important concept in information theory. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas. Ubiquitous computing (Ubi-comp has emerged rapidly as an exciting new paradigm. In this special issue, we mainly selected and discussed papers related with ore theories based on the graph theory to solve computational problems on cryptography and security, practical technologies; applications and services for Ubi-comp including secure encryption techniques, identity and authentication; credential cloning attacks and countermeasures; switching generator with resistance against the algebraic and side channel attacks; entropy-based network anomaly detection; applied cryptography using chaos function, information hiding and watermark, secret sharing, message authentication, detection and modeling of cyber attacks with Petri Nets, and quantum flows for secret key distribution, etc.

  16. Adoption of information security measures in public research institutes

    Directory of Open Access Journals (Sweden)

    Antonio Eduardo de Albuquerque Junior

    2015-10-01

    Full Text Available There are several Information Security measures recommended by international standards and literature, but the adoption by the organizations should be buoyed by specific needs identified by Information Security Governance structure of each organization, although it may be influenced by forces of the institutional environment in which organizations are inserted. In public research institutes, measures may be adopted as a result of pressure from Government and other organizations that regulate their activities, or by the influence of Information Security professionals, or simply adopting the same measures of leading organizations in the organizational field. This study aimed to investigate whether in public research institutes the adoption of Information Security measures is influenced by organizational factors relating to the Information Security Governance, and by external factors relating to its institutional environment. The results show that these organizations are subject to institutional influences more than organizational influences.

  17. Safeguards and security research and development: Program status report, February-July 1981

    Energy Technology Data Exchange (ETDEWEB)

    Henry, C.N.; Walton, R.B. (comps.)

    1982-04-01

    This report, one of a series of biannual progress reports, describes the status of research and development in the Safeguards and Security Program at Los Alamos from February-July 1981. Most work covered here is sponsored by the Office of Safeguards and Security of the Department of Energy; however, project activities that are technically closely related to nuclear safeguards and security also are included where appropriate for conveying information useful to the nuclear community. The report comprises four major subject areas: Security Development and Support; Nuclear Materials Measurement and Engineering; Nuclear Facility Safeguards Support; and International Safeguards, Technology Transfer, and Training. Some technical topics included in the subject areas are computer and informational security, chemical and nondestructive analysis of nuclear materials, process modeling and analysis, nuclear materials accounting systems, evaluation of prototype measurement instrumentation and procedures in nuclear facilities, design and consultation for facilities, technical exchange, training courses, and international safeguards.

  18. "Glitch Logic" and Applications to Computing and Information Security

    Science.gov (United States)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  19. "Glitch Logic" and Applications to Computing and Information Security

    Science.gov (United States)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  20. Secret Sharing and Secure Computing from Monotone Formulae

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Kölker, Jonas; Miltersen, Peter Bro

    2012-01-01

    We present a construction of log-depth formulae for various threshold functions based on atomic threshold gates of constant size. From this, we build a new family of linear secret sharing schemes that are multiplicative, scale well as the number of players increases and allows to raise a shared...... value to the characteristic of the underlying field without interaction. Some of these schemes are in addition strongly multiplicative. Our formulas can also be used to construct multiparty protocols from protocols for a constant number of parties. In particular we implement black-box multiparty...... computation over non-Abelian groups in a way that is much simpler than previously known and we also show how to get a protocol in this setting that is efficient and actively secure against a constant fraction of corrupted parties, a long standing open problem. Finally, we show a negative result on usage...

  1. Computational Approaches to Vestibular Research

    Science.gov (United States)

    Ross, Muriel D.; Wade, Charles E. (Technical Monitor)

    1994-01-01

    The Biocomputation Center at NASA Ames Research Center is dedicated to a union between computational, experimental and theoretical approaches to the study of neuroscience and of life sciences in general. The current emphasis is on computer reconstruction and visualization of vestibular macular architecture in three-dimensions (3-D), and on mathematical modeling and computer simulation of neural activity in the functioning system. Our methods are being used to interpret the influence of spaceflight on mammalian vestibular maculas in a model system, that of the adult Sprague-Dawley rat. More than twenty 3-D reconstructions of type I and type II hair cells and their afferents have been completed by digitization of contours traced from serial sections photographed in a transmission electron microscope. This labor-intensive method has now been replace d by a semiautomated method developed in the Biocomputation Center in which conventional photography is eliminated. All viewing, storage and manipulation of original data is done using Silicon Graphics workstations. Recent improvements to the software include a new mesh generation method for connecting contours. This method will permit the investigator to describe any surface, regardless of complexity, including highly branched structures such as are routinely found in neurons. This same mesh can be used for 3-D, finite volume simulation of synapse activation and voltage spread on neuronal surfaces visualized via the reconstruction process. These simulations help the investigator interpret the relationship between neuroarchitecture and physiology, and are of assistance in determining which experiments will best test theoretical interpretations. Data are also used to develop abstract, 3-D models that dynamically display neuronal activity ongoing in the system. Finally, the same data can be used to visualize the neural tissue in a virtual environment. Our exhibit will depict capabilities of our computational approaches and

  2. Quantum-Enhanced Cyber Security: Experimental Computation on Quantum-Encrypted Data

    Science.gov (United States)

    2017-03-02

    AFRL-AFOSR-UK-TR-2017-0020 Quantum-Enhanced Cyber Security : Experimental Computation on Quantum-Encrypted Data Philip Walther UNIVERSITT WIEN Final...REPORT TYPE Final 3. DATES COVERED (From - To) 15 Oct 2015 to 31 Dec 2016 4. TITLE AND SUBTITLE Quantum-Enhanced Cyber Security : Experimental Computation...FORM SF 298 Final Report for FA9550-1-6-1-0004 Quantum-enhanced cyber security : Experimental quantum computation with quantum-encrypted data

  3. Fast and maliciously secure two-party computation using the GPU

    DEFF Research Database (Denmark)

    Frederiksen, Tore Kasper; Nielsen, Jesper Buus

    2013-01-01

    We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two-party compu......We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two...

  4. Research on Nontraditional Development Model of Secure Operating Systems%安全操作系统非传统开发模式研究

    Institute of Scientific and Technical Information of China (English)

    石文昌; 孙玉芳

    2003-01-01

    The TCSEC-based traditional development model of secure operating systems is exhibiting more and more obviously inability in the rapidly changing world of computer applications. With an experiment of building a secure operating system in accordance with the philosophy of the international standard for computer security evaluation,i. e.the Common Criteria,research on nontraditional development model of secure operating systems is conducted in this paper.

  5. Information Security Analysis in Cloud Computing Environment%云计算环境下信息安全分析

    Institute of Scientific and Technical Information of China (English)

    张慧; 邢培振

    2011-01-01

    基于互联网的云计算被认为是当今互联网发展的方向,近年来引起人们的广泛关注,如何构建安全的云计算环境成为当前计算机学科研究的热点问题之一.文中从云计算的发展现状人手,介绍了NIST推出的云计算规范、五个本质特征和云计算服务模型,分析了CSA云计算安全参考模型和Jericho Forum的云立方体模型,并从安全边界、数据安全、应用安全三个方面讨论了当前云计算环境下存在的信息安全问题,最后给出了云计算环境下保证信息安全的解决方案.%Internet-based cloud computing is considered to be the direction of development of the Internet today, has attracted much attention, how to build secure computer cloud computing environments become one of hot research subjects. In this paper,from the status quo of the development of cloud computing, first introduced the launch of the cloud NIST standard, the five essential characteristics and cloud computing services model, and then analyzed the CSA cloud computing model and the Jericho Forum security reference cube model of the cloud, and from the security boundary , data security, application security discussed the information security problem of the current cloud computing environment, given the security solutions in cloud computing environment to ensure information.

  6. CERN Computing Colloquium | Computer Security in 2016: Where are we and what to expect | 8 February

    CERN Multimedia

    2016-01-01

    Computer Security in 2016: Where are we and what to expect  by Sebastian Lopienski, CERN-IT Monday 8 February from 11 a.m. to 12 p.m http://cseminar.web.cern.ch/cseminar/ at CERN, Council Chamber (503-1-001)  Description: Attacks against computer systems, belonging both to individuals and organisations, are an everyday reality. How many times have we heard about supposedly well protected companies and online services at the mercy of cyber criminals, or governments accusing other nation states of cyber espionage. Only the most serious breaches and biggest data leaks continue to make the headlines. But really, how secure is our data, computers and networks? What is happening behind the scenes? Is it actually possible to avoid the vulnerabilities, or detect the resulting exploits? This talk will address these questions and provide a high-level overview of security trends in the last year or two. It will include information on emerging typ...

  7. Center for Computing Research Summer Research Proceedings 2015.

    Energy Technology Data Exchange (ETDEWEB)

    Bradley, Andrew Michael [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Parks, Michael L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-18

    The Center for Computing Research (CCR) at Sandia National Laboratories organizes a summer student program each summer, in coordination with the Computer Science Research Institute (CSRI) and Cyber Engineering Research Institute (CERI).

  8. Computational Approaches to Vestibular Research

    Science.gov (United States)

    Ross, Muriel D.; Wade, Charles E. (Technical Monitor)

    1994-01-01

    The Biocomputation Center at NASA Ames Research Center is dedicated to a union between computational, experimental and theoretical approaches to the study of neuroscience and of life sciences in general. The current emphasis is on computer reconstruction and visualization of vestibular macular architecture in three-dimensions (3-D), and on mathematical modeling and computer simulation of neural activity in the functioning system. Our methods are being used to interpret the influence of spaceflight on mammalian vestibular maculas in a model system, that of the adult Sprague-Dawley rat. More than twenty 3-D reconstructions of type I and type II hair cells and their afferents have been completed by digitization of contours traced from serial sections photographed in a transmission electron microscope. This labor-intensive method has now been replace d by a semiautomated method developed in the Biocomputation Center in which conventional photography is eliminated. All viewing, storage and manipulation of original data is done using Silicon Graphics workstations. Recent improvements to the software include a new mesh generation method for connecting contours. This method will permit the investigator to describe any surface, regardless of complexity, including highly branched structures such as are routinely found in neurons. This same mesh can be used for 3-D, finite volume simulation of synapse activation and voltage spread on neuronal surfaces visualized via the reconstruction process. These simulations help the investigator interpret the relationship between neuroarchitecture and physiology, and are of assistance in determining which experiments will best test theoretical interpretations. Data are also used to develop abstract, 3-D models that dynamically display neuronal activity ongoing in the system. Finally, the same data can be used to visualize the neural tissue in a virtual environment. Our exhibit will depict capabilities of our computational approaches and

  9. Ensuring Data Security And Privacy In Cloud Computing Through Transparency as Service Model

    Directory of Open Access Journals (Sweden)

    Afzaal Ahmad

    2014-09-01

    Full Text Available Cloud Computing is hot technology in computer world today. Its getting popular because its inexpensive, provides on demand access when and where needed. It also removes technical staff requirements for maintaining the infrastructure because that is done on the provider side thus significantly reducing organizational costs. It also provides opportunity for scientists to use powerful computing resources for research purposes which are very expensive on rent bases which they normally would not have been able to use due to cost factors.But with these features it has certain problems that discredit the service one of major problems is Data Security and Privacy.Since the only party that has physical access to data storage is provider and to keep track of where data is stored for certain users the providers keep meta-data in their own databases it creates a security and data privacy issue.If meta-data is compromised than unauthorized access to user data is possible.This paper proposes a Transparency Service Model to insure security and privacy of the user data.

  10. 面向企业私有云计算平台的安全构架研究%Research on security framework of enterprise private cloud computing platform

    Institute of Scientific and Technical Information of China (English)

    刘胜娃; 陈思锦; 李卫; 高翔

    2014-01-01

    Cloud computing is an Internet-based emerging application of computer technology. Private cloud is a basic sup-port for setting up the cloud management system in the internal of enterprise private datacenter. It provides a platform of compu-tation,storage and network resource management and control for definition and running of cloud. The enterprise private cloud construction plan is discussed in this paper. The enterprise private cloud construction content,goal and benefit are analyzed. this paper also analyzes The further analysis on security problems of cloud platform are conducted. A security framework for dealing with this problem is proposed. A reference for the enterprise private cloud construction is presented in this paper.%云计算是一种基于互联网的新兴应用计算机技术。私有云是在企业自有数据中心内部搭建云管理环境系统的基础支撑,为定义、运行云应用提供计算、存储和网络资源管控平台。对企业私有云建设方案进行了探讨,介绍和分析了企业私有云建设内容、目标及效益分析,并进一步分析了私有云所面临的安全问题,提出了私有云的安全框架,为企业私有云建设提供参考。

  11. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...

  12. Research Advances of Social Security Problems in China —Visualization Research based on Bibliometrics

    Institute of Scientific and Technical Information of China (English)

    赵琳

    2016-01-01

    This article summarized the research progress and characteristics of Chinese social security issues from 2000 papers, which record in CNKI. We find that, the topic in the field of social security is board and dispersion. Due to the huge system and complex problem of social security, there is no central theme. Through cluster analysis, multi dimensional scaling analysis and social network analysis, we got the high frequency keywords atlas. Then, we summarized the research topic to six parts. They are rural social security, urban and rural social security co-ordination, vulnerable group social security, social security fund management, the social insurance system, and social security system and government responsibility. It summed up the theme of the module, meanwhile, combined the practice analysis.

  13. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data for a variety of users, often requiring strong separation between job allocations. There are many challenges to establishing these secure enclaves within the shared infrastructure of high-performance computing (HPC) environments. The isolation mechanisms in the system software are the basic building blocks for enabling secure compute enclaves. There are a variety of approaches and the focus of this report is to review the different virtualization technologies that facilitate the creation of secure compute enclaves. The report reviews current operating system (OS) protection mechanisms and modern virtualization technologies to better understand the performance/isolation properties. We also examine the feasibility of running ``virtualized'' computing resources as non-privileged users, and providing controlled administrative permissions for standard users running within a virtualized context. Our examination includes technologies such as Linux containers (LXC [32], Docker [15]) and full virtualization (KVM [26], Xen [5]). We categorize these different approaches to virtualization into two broad groups: OS-level virtualization and system-level virtualization. The OS-level virtualization uses containers to allow a single OS kernel to be partitioned to create Virtual Environments (VE), e.g., LXC. The resources within the host's kernel are only virtualized in the sense of separate namespaces. In contrast, system-level virtualization uses hypervisors to manage multiple OS kernels and virtualize the physical resources (hardware) to create Virtual Machines (VM), e.g., Xen, KVM. This terminology of VE and VM, detailed in Section 2, is used throughout the report to distinguish between the two different approaches to providing virtualized execution

  14. Research on computer systems benchmarking

    Science.gov (United States)

    Smith, Alan Jay (Principal Investigator)

    1996-01-01

    This grant addresses the topic of research on computer systems benchmarking and is more generally concerned with performance issues in computer systems. This report reviews work in those areas during the period of NASA support under this grant. The bulk of the work performed concerned benchmarking and analysis of CPUs, compilers, caches, and benchmark programs. The first part of this work concerned the issue of benchmark performance prediction. A new approach to benchmarking and machine characterization was reported, using a machine characterizer that measures the performance of a given system in terms of a Fortran abstract machine. Another report focused on analyzing compiler performance. The performance impact of optimization in the context of our methodology for CPU performance characterization was based on the abstract machine model. Benchmark programs are analyzed in another paper. A machine-independent model of program execution was developed to characterize both machine performance and program execution. By merging these machine and program characterizations, execution time can be estimated for arbitrary machine/program combinations. The work was continued into the domain of parallel and vector machines, including the issue of caches in vector processors and multiprocessors. All of the afore-mentioned accomplishments are more specifically summarized in this report, as well as those smaller in magnitude supported by this grant.

  15. Towards quantitative measures of Information Security: A Cloud Computing case study

    Directory of Open Access Journals (Sweden)

    Mouna Jouini

    2015-05-01

    Full Text Available Cloud computing is a prospering technology that most organizations consider as a cost effective strategy to manage Information Technology (IT. It delivers computing services as a public utility rather than a personal one. However, despite the significant benefits, these technologies present many challenges including less control and a lack of security. In this paper, we illustrate the use of a cyber security metrics to define an economic security model for cloud computing system. We, also, suggest two cyber security measures in order to better understand system threats and, thus, propose appropriate counter measure to mitigate them.

  16. IMPLEMENTATION OF PERVASIVE COMPUTING BASED HIGH-SECURE SMART HOME SYSTEM

    OpenAIRE

    Ventylees Raj.S

    2012-01-01

    In recent year, the home environment has seen a rapid introduction of wireless communication network enabled advance computing technologies. In this paper I mainly focus on the monitoring of smart home remotely and providing security when user is away from the home. The proposed security algorithm is combining of Biometrics, public key encryption and SMS based security alarm system. In the proposed security algorithm offered only Authenticate person monitoring home appliances via wireless net...

  17. Water Security Problem in North China: Research and Perspective

    Institute of Scientific and Technical Information of China (English)

    XIA Jun; LIU Meng-Yu; JIA Shao-Feng

    2005-01-01

    This paper addresses the emergence of water security problems in North China with the aim of highlighting key water resources management and water security issues for the long-term development of North China. Three key problems related to water resources and security issues in North China in the 21st century are addressed, namely 1) the water cycle under environmental change, 2) agricultural water saving, and 3) water security. Development of international research related to these issues is also reviewed. The research plan developed recently by the Chinese Academy of Sciences (CAS) is discussed and suggestions on research and development of water resources science in North China are presented.Thanks to focus on experimental catchments and dedicated research stations, a detailed knowledge of the water cycle on North China farmland has been compiled. A range of techniques that include isotope tracers has been used to acquire hydrologic data. Much research has been devoted to developing distributed hydrological models at different scales. In the well irrigation district, five different water saving irrigation regimes have been investigated, and these regimes have had widespread application, and reduced water use 60-150 mm while they increased water use efficiency (WUE) by 20%-30%.Furthermore, preventing water pollution is the most essential step to ensure North China's water security.

  18. A Survey of Voice over IP Security Research

    Science.gov (United States)

    Keromytis, Angelos D.

    We present a survey of Voice over IP security research. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and, and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We also briefly discuss the implications of our findings with respect to actual vulnerabilities reported in a variety VoIP products.

  19. 77 FR 43639 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-07-25

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA.... ACTION: Notice of a renewal of an existing computer matching program that expired on May 10,...

  20. 77 FR 54943 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-09-06

    ... From the Federal Register Online via the Government Publishing Office SOCIAL SECURITY ADMINISTRATION Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA.... ACTION: Notice of a renewal of an existing computer matching program that will expire on October 1,...

  1. 78 FR 38949 - Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response

    Science.gov (United States)

    2013-06-28

    ... National Institute of Standards and Technology Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response AGENCY: National Institute of Standards and Technology, U.S. Department of... Technology (NIST) is seeking information relating to Computer Security Incident Coordination (CSIC). NIST is...

  2. DEVELOPING OF THE SYSTEM INFORMATION SECURITY MODEL FOR COMPUTER TRAINING COMPLEX

    Directory of Open Access Journals (Sweden)

    Viktoriia N. Kovalchuk

    2010-08-01

    Full Text Available The regulatory documents regarding the computer training rooms and information communication technologies in respect to the information safety are being analyzed in the given paper. The model of information security system of the computer training complex is developed. In particular there are considered the requirements to the security system construction, its functioning and the stages of the lifecycle. The analysis of typical risks for the information resources is conducted, the main methods of their information security are offered.

  3. Computer Security Awareness Guide for Department of Energy Laboratories, Government Agencies, and others for use with Lawrence Livermore National Laboratory`s (LLNL): Computer security short subjects videos

    Energy Technology Data Exchange (ETDEWEB)

    1993-12-31

    Lonnie Moore, the Computer Security Manager, CSSM/CPPM at Lawrence Livermore National Laboratory (LLNL) and Gale Warshawsky, the Coordinator for Computer Security Education & Awareness at LLNL, wanted to share topics such as computer ethics, software piracy, privacy issues, and protecting information in a format that would capture and hold an audience`s attention. Four Computer Security Short Subject videos were produced which ranged from 1-3 minutes each. These videos are very effective education and awareness tools that can be used to generate discussions about computer security concerns and good computing practices. Leaders may incorporate the Short Subjects into presentations. After talking about a subject area, one of the Short Subjects may be shown to highlight that subject matter. Another method for sharing them could be to show a Short Subject first and then lead a discussion about its topic. The cast of characters and a bit of information about their personalities in the LLNL Computer Security Short Subjects is included in this report.

  4. Data Mining Research for Information Security

    Science.gov (United States)

    2016-01-29

    analysis using taint propagation on virtual machine monitor." In this paper , a method for dynamically interpreting semantics information using taint...Public Release 13.  SUPPLEMENTARY NOTES 14.  ABSTRACT Machine -learning and Ontology Assisted Assessment of Research Trends (MOAART) advances machine ...learning by developing and testing an ontology-based inferencing engine to filter, sort and rank abstracts in specific research areas. The MOAART reports

  5. Cryptanalysis and security enhancement of optical cryptography based on computational ghost imaging

    Science.gov (United States)

    Yuan, Sheng; Yao, Jianbin; Liu, Xuemei; Zhou, Xin; Li, Zhongyang

    2016-04-01

    Optical cryptography based on computational ghost imaging (CGI) has attracted much attention of researchers because it encrypts plaintext into a random intensity vector rather than complexed-valued function. This promising feature of the CGI-based cryptography reduces the amount of data to be transmitted and stored and therefore brings convenience in practice. However, we find that this cryptography is vulnerable to chosen-plaintext attack because of the linear relationship between the input and output of the encryption system, and three feasible strategies are proposed to break it in this paper. Even though a large number of plaintexts need to be chosen in these attack methods, it means that this cryptography still exists security risks. To avoid these attacks, a security enhancement method utilizing an invertible matrix modulation is further discussed and the feasibility is verified by numerical simulations.

  6. Strategic approach to information security and assurance in health research.

    Science.gov (United States)

    Akazawa, Shunichi; Igarashi, Manabu; Sawa, Hirofumi; Tamashiro, Hiko

    2005-09-01

    Information security and assurance are an increasingly critical issue in health research. Whether health research be in genetics, new drugs, disease outbreaks, biochemistry, or effects of radiation, it deals with information that is highly sensitive and which could be targeted by rogue individuals or groups, corporations, national intelligence agencies, or terrorists, looking for financial, social, or political gains. The advents of the Internet and advances in recent information technologies have also dramatically increased opportunities for attackers to exploit sensitive and valuable information.Government agencies have deployed legislative measures to protect the privacy of health information and developed information security guidelines for epidemiological studies. However, risks are grossly underestimated and little effort has been made to strategically and comprehensively protect health research information by institutions, governments and international communities.There is a need to enforce a set of proactive measures to protect health research information locally and globally. Such measures should be deployed at all levels but will be successful only if research communities collaborate actively, governments enforce appropriate legislative measures at national level, and the international community develops quality standards, concluding treaties if necessary, at the global level.Proactive measures for the best information security and assurance would be achieved through rigorous management process with a cycle of "plan, do, check, and act". Each health research entity, such as hospitals, universities, institutions, or laboratories, should implement this cycle and establish an authoritative security and assurance organization, program and plan coordinated by a designatedChief Security Officer who will ensure implementation of the above process, putting appropriate security controls in place, with key focus areas such aspolicies and best practices, enforcement

  7. NIST Computer Scientist and Researcher Dr. Ron Ross Discusses Cybersecurity During Latest SGL

    OpenAIRE

    2010-01-01

    National Institute of Standards and Technology (NIST) senior computer scientist and information security researcher Dr. Ron Ross presented a lecture to students, staff and faculty on the new challenges in cybersecurity.

  8. Research in Mobile Intelligence Mobile Computing and Computational Intelligence

    CERN Document Server

    Yang, Laurence T

    2010-01-01

    * Focuses on learning patterns and knowledge from data generated by mobile users and mobile technology. * Covers research and application issues in applying computational intelligence applications to mobile computing. * Delivers benefits to a wide range of applications. * Introduces the state of the art of computational intelligence to the mobile paradigm

  9. A secure communications infrastructure for high-performance distributed computing

    Energy Technology Data Exchange (ETDEWEB)

    Foster, I.; Koenig, G.; Tuecke, S. [and others

    1997-08-01

    Applications that use high-speed networks to connect geographically distributed supercomputers, databases, and scientific instruments may operate over open networks and access valuable resources. Hence, they can require mechanisms for ensuring integrity and confidentially of communications and for authenticating both users and resources. Security solutions developed for traditional client-server applications do not provide direct support for the program structures, programming tools, and performance requirements encountered in these applications. The authors address these requirements via a security-enhanced version of the Nexus communication library; which they use to provide secure versions of parallel libraries and languages, including the Message Passing Interface. These tools permit a fine degree of control over what, where, and when security mechanisms are applied. In particular, a single application can mix secure and nonsecure communication, allowing the programmer to make fine-grained security/performance tradeoffs. The authors present performance results that quantify the performance of their infrastructure.

  10. Privacy and Security in Mobile Health (mHealth) Research

    Science.gov (United States)

    Arora, Shifali; Yttri, Jennifer; Nilsen, Wendy

    2014-01-01

    Research on the use of mobile technologies for alcohol use problems is a developing field. Rapid technological advances in mobile health (or mHealth) research generate both opportunities and challenges, including how to create scalable systems capable of collecting unprecedented amounts of data and conducting interventions—some in real time—while at the same time protecting the privacy and safety of research participants. Although the research literature in this area is sparse, lessons can be borrowed from other communities, such as cybersecurity or Internet security, which offer many techniques to reduce the potential risk of data breaches or tampering in mHealth. More research into measures to minimize risk to privacy and security effectively in mHealth is needed. Even so, progress in mHealth research should not stop while the field waits for perfect solutions. PMID:26259009

  11. Privacy and Security in Mobile Health (mHealth) Research.

    Science.gov (United States)

    Arora, Shifali; Yttri, Jennifer; Nilse, Wendy

    2014-01-01

    Research on the use of mobile technologies for alcohol use problems is a developing field. Rapid technological advances in mobile health (or mHealth) research generate both opportunities and challenges, including how to create scalable systems capable of collecting unprecedented amounts of data and conducting interventions-some in real time-while at the same time protecting the privacy and safety of research participants. Although the research literature in this area is sparse, lessons can be borrowed from other communities, such as cybersecurity or Internet security, which offer many techniques to reduce the potential risk of data breaches or tampering in mHealth. More research into measures to minimize risk to privacy and security effectively in mHealth is needed. Even so, progress in mHealth research should not stop while the field waits for perfect solutions.

  12. Defining and Computing a Valued Based Cyber-Security Measure

    Energy Technology Data Exchange (ETDEWEB)

    Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2012-01-01

    In earlier work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  13. Defining and Computing a Value Based Cyber-Security Measure

    Energy Technology Data Exchange (ETDEWEB)

    Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2011-01-01

    In past work, we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities\\; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper we discuss the specification and design of a system that collects, updates and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  14. Cloud Computing and Information Security%云计算与信息安全

    Institute of Scientific and Technical Information of China (English)

    叶加龙; 张公让

    2011-01-01

    This paper surveyed the development of information security. Cloud computing is a new technology, and provided the opportunities and challenges brought by cloud computing to information security. The basic concepts of cloud computing and security problem of cloud computing were explained, and through cloud computing user and service provider to analysis method of information security of cloud computing.%信息安全是当前计算机科学的一个研究热点;云计算是一个新的技术,给信息安全提供了挑战和机遇.介绍了云计算的基本概念、云计算的安全问题,通过云计算用户以及云计算服务提供商两方面分析了云计算中确保信息安全的方法.

  15. Secure multi-party computation solution to Yao's millionaires' problem based on set-inclusion

    Institute of Scientific and Technical Information of China (English)

    LI Shundong; DAI Yiqi; YOU Qiyou

    2005-01-01

    Secure multi-party computation is a focus of international cryptography in recent years. Protocols for Yao's millionaires' problem have become an important building block of many secure multi-party computation protocols. Their efficiency are crucial to the efficiency of many secure multi-party computation protocols. Unfortunately, known protocols for Yao's millionaires' problem have high computational complexity or communication complexity. In this study, based on the 1-out-of-m oblivious transfer and set-inclusion problem, we propose a new protocol to solve this problem. This new protocol is very efficient in terms of both computational and communication complexities. Its privacy-preserving property is also proved by simulation paradigm which is generally accepted in the study of secure multi-party computation. We also compare the information leakage of our new protocol and the known protocols.

  16. A Comprehensive Study about Cloud Computing Security: Issues, Applications and Challenges

    Directory of Open Access Journals (Sweden)

    Sima Ghoflgary

    2014-11-01

    Full Text Available Cloud computing provides facilities for users to save their data or information in servers which are connected through Internet or Intranet. Further, users can run their applications with the help of software provided by cloud computing servers without installing that software in their own personal computers. Since many users access to cloud computing servers for various goals, therefore one of the main problem in this regard is providing security in access, usage, share or running users’ programs by cloud computing sources or servers. This paper attempts to study security issues, applications and its challenges on cloud computing

  17. Cyber Security Research Frameworks For Coevolutionary Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  18. Vulnerabilities and responsibilities: dealing with monsters in computer security

    NARCIS (Netherlands)

    Pieters, W.; Consoli, L.

    2009-01-01

    Purpose – The purpose of this paper is to analyze information security assessment in terms of cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security vulnerabilities, as well as to enable a proactive attitude towards preventing such vulnerabilities

  19. New Approaches to Practical Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Nordholt, Peter Sebastian

    gates) takes 64 seconds, but when repeating the task 27 times it only takes less than 3 seconds per instance. • Second, we revisit the LEGO protocol of Nielsen and Orlandi presented at TCC 2009. Their protocol demonstrated a more efficient technique to get malicious security in secure two...

  20. Multilevel classification of security concerns in cloud computing

    Directory of Open Access Journals (Sweden)

    Syed Asad Hussain

    2017-01-01

    Full Text Available Threats jeopardize some basic security requirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider.

  1. Computational science for energy research

    Science.gov (United States)

    Abgrall, Rémi; Koren, Barry

    2017-09-01

    Computational science complements theory and experiments. It can deliver knowledge and understanding in application areas where the latter two can not. Computational science is particularly important for the simulation of various energy-related processes, ranging from classical energy processes as combustion and subsurface oil-reservoir flows to more modern processes as wind-farm aerodynamics, photovoltaics and - very challenging from a computational perspective - tokamak-plasma physics.

  2. Institute for Scientific Computing Research Annual Report: Fiscal Year 2004

    Energy Technology Data Exchange (ETDEWEB)

    Keyes, D E

    2005-02-07

    Large-scale scientific computation and all of the disciplines that support and help to validate it have been placed at the focus of Lawrence Livermore National Laboratory (LLNL) by the Advanced Simulation and Computing (ASC) program of the National Nuclear Security Administration (NNSA) and the Scientific Discovery through Advanced Computing (SciDAC) initiative of the Office of Science of the Department of Energy (DOE). The maturation of computational simulation as a tool of scientific and engineering research is underscored in the November 2004 statement of the Secretary of Energy that, ''high performance computing is the backbone of the nation's science and technology enterprise''. LLNL operates several of the world's most powerful computers--including today's single most powerful--and has undertaken some of the largest and most compute-intensive simulations ever performed. Ultrascale simulation has been identified as one of the highest priorities in DOE's facilities planning for the next two decades. However, computers at architectural extremes are notoriously difficult to use efficiently. Furthermore, each successful terascale simulation only points out the need for much better ways of interacting with the resulting avalanche of data. Advances in scientific computing research have, therefore, never been more vital to LLNL's core missions than at present. Computational science is evolving so rapidly along every one of its research fronts that to remain on the leading edge, LLNL must engage researchers at many academic centers of excellence. In Fiscal Year 2004, the Institute for Scientific Computing Research (ISCR) served as one of LLNL's main bridges to the academic community with a program of collaborative subcontracts, visiting faculty, student internships, workshops, and an active seminar series. The ISCR identifies researchers from the academic community for computer science and computational science

  3. Computer science research and technology volume 3

    CERN Document Server

    Bauer, Janice P

    2011-01-01

    This book presents leading-edge research from across the globe in the field of computer science research, technology and applications. Each contribution has been carefully selected for inclusion based on the significance of the research to this fast-moving and diverse field. Some topics included are: network topology; agile programming; virtualization; and reconfigurable computing.

  4. Information security governance: business requirements and research directions

    CSIR Research Space (South Africa)

    Höne, K

    2009-01-01

    Full Text Available -aligned with the needs of the business community. The problem that this paper addresses is twofold. Firstly, it addresses the confusion regarding the meaning of Information Security Governance. Secondly, it assesses the gap between research and business communities from...

  5. A Perspective on Research Challenges in Information Security

    Science.gov (United States)

    2011-11-01

    Ben Long, Martin Lucas, Paul Montague, Dean Philp , Simon Windows Command, Control, Communications and Intelligence Division Defence Science and...Abstract (U) 4. AUTHORS Tamas Abraham, David Adie, Angela Billard, Paul Buckland, Michael Frangos, Ben Long, Mar- tin Lucas, Paul Montague, Dean Philp ...UNCLASSIFIED A Perspective on Research Challenges in Information Security Tamas Abraham, David Adie, Angela Billard, Paul Buckland, Michael Frangos

  6. Information Security / 2002 Command & Control Research & Technology Symposium

    OpenAIRE

    Buddenberg, Rex

    2002-01-01

    Approved for public display, distribution unlimited 2002 Command & Control Research & Technology Symposium, Naval Postgraduate School, Code IS/Bu, Monterey,CA,93943 Security in information systems is a complex problem. Single solutions to complex problems don't exist and matching the appropriate solution (or more accurately, a set of solutions) to a requirement is necessary.

  7. EMRlog method for computer security for electronic medical records with logic and data mining.

    Science.gov (United States)

    Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  8. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Directory of Open Access Journals (Sweden)

    Sergio Mauricio Martínez Monterrubio

    2015-01-01

    Full Text Available The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  9. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Science.gov (United States)

    Frausto Solis, Juan; Monroy Borja, Raúl

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system. PMID:26495300

  10. Strategic approach to information security and assurance in health research

    OpenAIRE

    Akazawa, Shunichi; Igarashi, Manabu; Sawa, Hirofumi; Tamashiro, Hiko

    2005-01-01

    Information security and assurance are an increasingly critical issue in health research. Whether health research be in genetics, new drugs, disease outbreaks, biochemistry, or effects of radiation, it deals with information that is highly sensitive and which could be targeted by rogue individuals or groups, corporations, national intelligence agencies, or terrorists, looking for financial, social, or political gains. The advents of the Internet and advances in recent information technologies...

  11. A Novel Cloud Computing Security Model to Detect and Prevent DoS and DDoS Attack

    Directory of Open Access Journals (Sweden)

    Masudur Rahman

    2014-07-01

    Full Text Available Cloud computing has been considered as one of the crucial and emerging networking technology, which has been changed the architecture of computing in last few years. Despite the security concerns of protecting data or providing continuous service over cloud, many organisations are considering different types cloud services as potential solution for their business. We are researching on cloud computing security issues and potential cost effective solution for cloud service providers. In our first paper we have revealed number of security risks for cloud computing environment, which has focused on lack of awareness of cloud service providers. In our second paper, we have investigated on technical security issues involved in cloud service environment, where it’s been revealed that DoS or DDoS is one of the common and significant dangers for cloud computing environment. In this paper, we have investigated on different techniques that can be used for DoS or DDoS attack, have recommended hardware based watermarking framework technology to protect the organisation from these threats.

  12. Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems.

    Science.gov (United States)

    Wu, Jun; Su, Zhou; Wang, Shen; Li, Jianhua

    2017-07-30

    Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on "friend" relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems.

  13. Defining and Computing a Valued Based Cyber Security Measure

    Energy Technology Data Exchange (ETDEWEB)

    Aissa, Anis Ben [University of Tunis, Belvedere, Tunisia; Abercrombie, Robert K [ORNL; Sheldon, Frederick T [ORNL; Mili, Ali [New Jersey Insitute of Technology

    2011-01-01

    In earlier works (Ben-Aissa et al. 2010; Abercrombie et al. 2008; Sheldon et al. 2009), we presented a value based measure of cybersecurity that quantifies the security of a system in concrete terms, specifically, in terms of how much each system stakeholder stands to lose (in dollars per hour of operation) as a result of security threats and system vulnerabilities; our metric varies according to the stakes that each stakeholder has in meeting each security requirement. In this paper, we discuss the specification and design of a system that collects, updates, and maintains all the information that pertains to estimating our cybersecurity measure, and offers stakeholders quantitative means to make security-related decisions.

  14. CTF: Computer security competitions for learning and fun

    CERN Document Server

    CERN. Geneva

    2015-01-01

    CTF hacking competitions condense practical security knowledge in short and measurable challenges, in short: education, fun, prizes and fame! This talk is an introduction to these type of competitions from a player perspective over the years.

  15. Reviews of computing technology: Securing network applications, Kerberos and RSA

    Energy Technology Data Exchange (ETDEWEB)

    Johnson, S.M.

    1992-06-01

    This paper will focus on the first step in establishing network security, authentication, and describe the basic function of both RSA and Kerberos as used to provide authentication and confidential data transfer services. It will also discuss the Digital Signature Standard and the market acceptance of each. Proper identification of the principals involved in a network dialog is a necessary first step in providing network-wide security comparable to that of stand-alone systems.

  16. Activity report of Computing Research Center

    Energy Technology Data Exchange (ETDEWEB)

    1997-07-01

    On April 1997, National Laboratory for High Energy Physics (KEK), Institute of Nuclear Study, University of Tokyo (INS), and Meson Science Laboratory, Faculty of Science, University of Tokyo began to work newly as High Energy Accelerator Research Organization after reconstructing and converting their systems, under aiming at further development of a wide field of accelerator science using a high energy accelerator. In this Research Organization, Applied Research Laboratory is composed of four Centers to execute assistance of research actions common to one of the Research Organization and their relating research and development (R and D) by integrating the present four centers and their relating sections in Tanashi. What is expected for the assistance of research actions is not only its general assistance but also its preparation and R and D of a system required for promotion and future plan of the research. Computer technology is essential to development of the research and can communize for various researches in the Research Organization. On response to such expectation, new Computing Research Center is required for promoting its duty by coworking and cooperating with every researchers at a range from R and D on data analysis of various experiments to computation physics acting under driving powerful computer capacity such as supercomputer and so forth. Here were described on report of works and present state of Data Processing Center of KEK at the first chapter and of the computer room of INS at the second chapter and on future problems for the Computing Research Center. (G.K.)

  17. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...

  18. A Secure Multi-Party Computation Protocol for Malicious Computation Prevention for preserving privacy during Data Mining

    CERN Document Server

    Mishra, Dr Durgesh Kumar; Kapoor, Nikhil; Bahety, Ravish

    2009-01-01

    Secure Multi-Party Computation (SMC) allows parties with similar background to compute results upon their private data, minimizing the threat of disclosure. The exponential increase in sensitive data that needs to be passed upon networked computers and the stupendous growth of internet has precipitated vast opportunities for cooperative computation, where parties come together to facilitate computations and draw out conclusions that are mutually beneficial; at the same time aspiring to keep their private data secure. These computations are generally required to be done between competitors, who are obviously weary of each-others intentions. SMC caters not only to the needs of such parties but also provides plausible solutions to individual organizations for problems like privacy-preserving database query, privacy-preserving scientific computations, privacy-preserving intrusion detection and privacy-preserving data mining. This paper is an extension to a previously proposed protocol Encrytpo_Random, which prese...

  19. Scientific Research in Computer Sciences

    Directory of Open Access Journals (Sweden)

    Arwa al-Yasiry

    2007-09-01

    Full Text Available This paper displays the importance of selection research objective and supervisor; In addition this paper suggested the optimal research methods that help researcher to get to optimal results in efficient way. This paper shows the thesis writing style and arrangement in way that to be readable for reader about reality of type and size of the work. The one important result of this paper it's the successful of scientific research must depend about many features that join together and miss one of the research methods that mean unsuccessful research.

  20. Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

    Science.gov (United States)

    Foltz, C. Bryan; Renwick, Janet S.

    2011-01-01

    The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

  1. Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

    Science.gov (United States)

    Foltz, C. Bryan; Renwick, Janet S.

    2011-01-01

    The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

  2. Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

    Science.gov (United States)

    Waguespack, Leslie J.

    2014-01-01

    With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

  3. PUBLIC LINEAR PROGRAMMING SOLUTION FOR THE DESIGN OF SECURE AND EFFICIENT COMPUTING IN CLOUD

    Directory of Open Access Journals (Sweden)

    Dr.R.V.Krishnaiah

    2013-09-01

    Full Text Available This next generation of computing holds enormous potential to stimulate economic growth and enable governments to reduce costs, increase transparency and expand services to citizens. Cloud computing robust computational power to the society at reduced cost and enables customers with limited computational resources to outsource their large computation workloads to the cloud, and economically enjoy the massive computational power, bandwidth, storage, and even appropriate software that can be shared in a pay-per-use manner. Despite the tremendous benefits, security is the primary obstacle that prevents the wide adoption of this promising computing model, especially for customers when their confidential data are consumed and produced during the computation.

  4. A Dual Perspective on Risks and Security Within Research Assistantships

    Directory of Open Access Journals (Sweden)

    Johannes Petrus Rossouw

    2013-01-01

    Full Text Available Although research assistantships are considered research learning venues in graduate education, there is a scarcity of literature that examines ethical elements attached to the employment of graduate student research assistants or the position of their research supervisors. This article explores the need to implement formal regulations specific to research assistantships in order to increase security and decrease risks for research assistants and research supervisors. Relationships between research assistants and research supervisors have some similarities with regular employment relationships; yet some distinct differences arise due to the educational and developmental nature of research assistantships. The article is written from a dual perspective reflecting the authors’ roles (a research supervisor and a research assistant, respectively and institutional locations (Faculties of Education in South Africa and Canada. The authors draw from existing literature, an analysis of institutional policies and practices at their universities, and their personal and professional experiences to illustrate risks that research assistants and their supervisors may face within research assistantships. They assess the extent to which existing and proposed policies and practices influence working conditions and safeguard experiences within graduate research assistantships. The findings reveal that research assistantships are a unique form of employment focused on educational and professional development that requires specific documentation of expected standards of practice. The authors argue that lack of clear regulations exposes both parties to unnecessary risks and offer recommendations for creating a “Standards of Good Practice” document that will be useful for individuals engaged in research assistantships.

  5. A Newer User Authentication, File encryption and Distributed Server Based Cloud Computing security architecture

    Directory of Open Access Journals (Sweden)

    Kawser Wazed Nafi

    2012-10-01

    Full Text Available The cloud computing platform gives people the opportunity for sharing resources, services and information among the people of the whole world. In private cloud system, information is shared among the persons who are in that cloud. For this, security or personal information hiding process hampers. In this paper we have proposed new security architecture for cloud computing platform. This ensures secure communication system and hiding information from others. AES based file encryption system and asynchronous key system for exchanging information or data is included in this model. This structure can be easily applied with main cloud computing features, e.g. PaaS, SaaS and IaaS. This model also includes onetime password system for user authentication process. Our work mainly deals with the security system of the whole cloud computing platform.

  6. Analytical Investigation on Computer Network Security System of Colleges and Universities

    Institute of Scientific and Technical Information of China (English)

    徐悦

    2013-01-01

    With the development of network technology, computer systems of colleges and universities gradually use network management and services, which provides comprehensive and convenient information access and management conditions. How?ever, in the network environment, the security of the system faces security threats like virus, malicious software and human at?tack, which may make the network data of the computer system damaged and tampered, or even lead to network system paraly?sis, breakdown of system concerning management and payment, missing and stealing of confidential documents. Therefore, it is of important application significance to promote the security of computer network systems of colleges and universities. This paper conducts comprehensive analysis on the security system of computer network systems of colleges and universities, elaborates its R&D and application status and puts forward specific schemes of prevention and solutions, which provides suggestions and refer?ence for its construction.

  7. E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Challenges

    Directory of Open Access Journals (Sweden)

    Maha Attia

    2016-07-01

    Full Text Available In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage, Account, Service, Traffic Hijacking and Unknown Risk Profile

  8. Investigate the Computer Information Network Security Technology and the Development Direction

    OpenAIRE

    Ping Teng

    2017-01-01

    After China’s accession to the WTO, the computer information network security technology of our country has a rapid development, bring many conveniences for the people’s life and work, indirectly changing their daily life and working mode. For the whole development situation of our country, the development direction of informatization is the inevitable trend of development in our country, while the using process of computer information network security technology in the society still exist ma...

  9. Computer Security: you’re a summer student? Some tips to get you started

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Welcome to CERN. For the next couple of weeks, you will be able to breathe in the free academic world of CERN. You will have the chance to learn thanks to in-depth lectures, enjoy the freedom of exploring your preferred or assigned research topic, and form your own network of peers during your evening hours. However, “academic freedom” does not imply that there are no boundaries. At CERN, academic freedom also comes with responsibility. Below are some hints on how best to assume that responsibility securely.   You are the primary person responsible for the security of your laptop, smartphone and computer; for your account and your password; for your data; and for the programs, computing systems and services you are developing, so stop and think before acting. If you are working on a project developing code, get the appropriate training first so that your software is “free” of bugs and vulnerabilities that may spoil the functionality of your code and your p...

  10. Reproducible research in computational science.

    Science.gov (United States)

    Peng, Roger D

    2011-12-02

    Computational science has led to exciting new developments, but the nature of the work has exposed limitations in our ability to evaluate published findings. Reproducibility has the potential to serve as a minimum standard for judging scientific claims when full independent replication of a study is not possible.

  11. A computer science approach to managing security in health care.

    Science.gov (United States)

    Asirelli, P; Braccini, G; Caramella, D; Coco, A; Fabbrini, F

    2002-09-01

    The security of electronic medical information is very important for health care organisations, which have to ensure confidentiality, integrity and availability of the information provided. This paper will briefly outline the legal measures adopted by the European Community, Italy and the United States to regulate the use and disclosure of medical records. It will then go on to highlight how information technology can help to address these issues with special reference to the management of organisation policies. To this end, we will present a modelling example for the security policy of a radiological department.

  12. Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

    CERN Document Server

    Bickson, Danny; Dolev, Danny; Pinkas, Benny

    2009-01-01

    We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a singl...

  13. An Efficient and Secure Protocol for Ensuring Data Storage Security in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Syam Kumar P

    2011-11-01

    Full Text Available Currently, there has been an increasing trend in outsourcing data to remote cloud, where the people outsource their data at Cloud Service Provider(CSP who offers huge storage space with low cost. Thus users can reduce the maintenance and burden of local data storage. Meanwhile, once data goes into cloud they lose control of their data, which inevitably brings new security risks toward integrity and confidentiality. Hence, efficient and effective methods are needed to ensure the data integrity and confidentiality of outsource data on untrusted cloud servers. The previously proposed protocols fail to provide strong security assurance to the users. In this paper, we propose an efficient and secure protocol to address these issues. Our design is based on Elliptic Curve Cryptography and Sobol Sequence (random sampling. Our method allows third party auditor to periodically verify the data integrity stored at CSP without retrieving original data. It generates probabilistic proofs of integrity by challenging random sets of blocks from the server, which drastically reduces the communication and I/O costs. The challenge-response protocol transmits a small, constant amount of data, which minimizes network communication. Most importantly, our protocol is confidential: it never reveals the data contents to the malicious parties. The proposed scheme also considers the dynamic data operations at block level while maintaining the same security assurance. Our solution removes the burden of verification from the user, alleviates both the users and storage services fear about data leakage and data corruptions. Through security analysis, we prove that our method is secure and through performance and experimental results, we also prove that our method is efficient. To compare with existing schemes, our scheme is more secure and efficient.

  14. A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

    Directory of Open Access Journals (Sweden)

    Geylani KARDAŞ

    2008-01-01

    Full Text Available In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication and mobility to the system architecture. A real implementation of the proposed architecture which utilizes the JavaCard technology is also discussed in this study.

  15. The method of a joint intraday security check system based on cloud computing

    Science.gov (United States)

    Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

    2017-01-01

    The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

  16. Security, Privacy and Trust Challenges in Cloud Computing and Solutions

    OpenAIRE

    Seyyed Yasser hashemi; Parisa Sheykhi Hesarlo

    2014-01-01

    Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing recently emerged as a promising solution to information technology (IT) management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. As much as the technologic...

  17. High-performance secure multi-party computation for data mining applications

    DEFF Research Database (Denmark)

    Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas

    2012-01-01

    Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

  18. Computer Science Research in Europe.

    Science.gov (United States)

    1984-08-29

    vECurfITY CLASSIFICATION OF THIS PAGE ( hen Date Entered) ° REPORT DOCUMENTATION PAGEREDNTRCON% ~READ INSTRUCTIONS R DNBEFORE COMPLIF:TING FORM I. REPORT...University of and multiprocessors. Image processing Berlin. This concept has been imple- is of great interest there, and alga - mented in a computer called...function application. The cessor pyramid architecture made of physical bottleneck does not exist since tapered layers of processors in which * data items

  19. Towards a Game Theoretic View of Secure Computation

    DEFF Research Database (Denmark)

    Asharov, Gilad; Canetti, Ran; Hazay, Carmit

    2011-01-01

    We demonstrate how Game Theoretic concepts and formalism can be used to capture cryptographic notions of security. In the restricted but indicative case of two-party protocols in the face of malicious fail-stop faults, we first show how the traditional notions of secrecy and correctness of protoc...

  20. Teaching Hands-On Linux Host Computer Security

    Science.gov (United States)

    Shumba, Rose

    2006-01-01

    In the summer of 2003, a project to augment and improve the teaching of information assurance courses was started at IUP. Thus far, ten hands-on exercises have been developed. The exercises described in this article, and presented in the appendix, are based on actions required to secure a Linux host. Publicly available resources were used to…