WorldWideScience

Sample records for unconditionally secure computers

  1. Scalable and Unconditionally Secure Multiparty Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus

    2007-01-01

    We present a multiparty computation protocol that is unconditionally secure against adaptive and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+poly(nk), where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of the elements of the field...... over which the computation is carried out, D is the multiplicative depth of the circuit, and κ is the security parameter. The corruption threshold is t passive security the corruption threshold is t 

  2. Unconditionally Secure Quantum Signatures

    Directory of Open Access Journals (Sweden)

    Ryan Amiri

    2015-08-01

    Full Text Available Signature schemes, proposed in 1976 by Diffie and Hellman, have become ubiquitous across modern communications. They allow for the exchange of messages from one sender to multiple recipients, with the guarantees that messages cannot be forged or tampered with and that messages also can be forwarded from one recipient to another without compromising their validity. Signatures are different from, but no less important than encryption, which ensures the privacy of a message. Commonly used signature protocols—signatures based on the Rivest–Adleman–Shamir (RSA algorithm, the digital signature algorithm (DSA, and the elliptic curve digital signature algorithm (ECDSA—are only computationally secure, similar to public key encryption methods. In fact, since these rely on the difficulty of finding discrete logarithms or factoring large primes, it is known that they will become completely insecure with the emergence of quantum computers. We may therefore see a shift towards signature protocols that will remain secure even in a post-quantum world. Ideally, such schemes would provide unconditional or information-theoretic security. In this paper, we aim to provide an accessible and comprehensive review of existing unconditionally securesecure signature schemes for signing classical messages, with a focus on unconditionally secure quantum signature schemes.

  3. Unconditionally Secure Constant-Rounds Multi-party Computation for Equality, Comparison, Bits and Exponentiation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Nielsen, Jesper Buus; Toft, Tomas

    2006-01-01

    We show that if a set of players hold shares of a value aFp for some prime p (where the set of shares is written [a] p ), it is possible to compute, in constant rounds and with unconditional security, sharings of the bits of a, i.e., compute sharings [a 0] p , ..., [a ℓ− − 1] p such that ℓ = ⌈ lo...

  4. Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Meldgaard, Sigurd Torkel

    This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

  5. Summary Report on Unconditionally Secure Protocols

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Salvail, Louis; Cachin, Christian

    This document describes the state of the art snd some of the main open problems in the area of unconditionally secure cryptographic protocols. The most essential part of a cryptographic protocol is not its being secure. Imagine a cryptographic protocol which is secure, but where we do not know...... that it is secure. Such a protocol would do little in providing security. When all comes to all, cryptographic security is done for the sake of people, and the essential part of security is for people what it has always been, namely to feel secure. To feel secure employing a given cryptographic protocol we need...... to know that is is secure. I.e. we need a proof that it is secure. Today the proof of security of essentially all practically employed cryptographic protocols relies on computational assumptions. To prove that currently employed ways to communicate securely over the Internet are secure we e.g. need...

  6. Unconditionally verifiable blind quantum computation

    Science.gov (United States)

    Fitzsimons, Joseph F.; Kashefi, Elham

    2017-07-01

    Blind quantum computing (BQC) allows a client to have a server carry out a quantum computation for them such that the client's input, output, and computation remain private. A desirable property for any BQC protocol is verification, whereby the client can verify with high probability whether the server has followed the instructions of the protocol or if there has been some deviation resulting in a corrupted output state. A verifiable BQC protocol can be viewed as an interactive proof system leading to consequences for complexity theory. We previously proposed [A. Broadbent, J. Fitzsimons, and E. Kashefi, in Proceedings of the 50th Annual Symposium on Foundations of Computer Science, Atlanta, 2009 (IEEE, Piscataway, 2009), p. 517] a universal and unconditionally secure BQC scheme where the client only needs to be able to prepare single qubits in separable states randomly chosen from a finite set and send them to the server, who has the balance of the required quantum computational resources. In this paper we extend that protocol with additional functionality allowing blind computational basis measurements, which we use to construct another verifiable BQC protocol based on a different class of resource states. We rigorously prove that the probability of failing to detect an incorrect output is exponentially small in a security parameter, while resource overhead remains polynomial in this parameter. This resource state allows entangling gates to be performed between arbitrary pairs of logical qubits with only constant overhead. This is a significant improvement on the original scheme, which required that all computations to be performed must first be put into a nearest-neighbor form, incurring linear overhead in the number of qubits. Such an improvement has important consequences for efficiency and fault-tolerance thresholds.

  7. Unconditionally Secure and Universally Composable Commitments from Physical Assumptions

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Scafuro, Alessandra

    2013-01-01

    We present a constant-round unconditional black-box compiler that transforms any ideal (i.e., statistically-hiding and statistically-binding) straight-line extractable commitment scheme, into an extractable and equivocal commitment scheme, therefore yielding to UC-security [9]. We exemplify the u...... of unconditional UC-security with (malicious) PUFs and stateless tokens, our compiler can be instantiated with any ideal straight-line extractable commitment scheme, thus allowing the use of various setup assumptions which may better fit the application or the technology available....

  8. Simple proof of the unconditional security of the Bennett 1992 quantum key distribution protocol

    International Nuclear Information System (INIS)

    Zhang Quan; Tang Chaojing

    2002-01-01

    It is generally accepted that quantum key distribution (QKD) could supply legitimate users with unconditional security during their communication. Quite a lot of satisfactory efforts have been achieved on experimentations with quantum cryptography. However, when the eavesdropper has extra-powerful computational ability, has access to a quantum computer, for example, and can carry into execution any eavesdropping measurement that is allowed by the laws of physics, the security against such attacks has not been widely studied and rigorously proved for most QKD protocols. Quite recently, Shor and Preskill proved concisely the unconditional security of the Bennett-Brassard 1984 (BB84) protocol. Their method is highly valued for its clarity of concept and concision of form. In order to take advantage of the Shor-Preskill technique in their proof of the unconditional security of the BB84 QKD protocol, we introduced in this paper a transformation that can translate the Bennett 1992 (B92) protocol into the BB84 protocol. By proving that the transformation leaks no more information to the eavesdropper, we proved the unconditional security of the B92 protocol. We also settled the problem proposed by Lo about how to prove the unconditional security of the B92 protocol with the Shor-Preskill method

  9. Unconditional security of quantum key distribution and the uncertainty principle

    International Nuclear Information System (INIS)

    Koashi, Masato

    2006-01-01

    An approach to the unconditional security of quantum key distribution protocols is presented, which is based on the uncertainty principle. The approach applies to every case that has been treated via the argument by Shor and Preskill, but it is not necessary to find quantum error correcting codes. It can also treat the cases with uncharacterized apparatuses. The proof can be applied to cases where the secret key rate is larger than the distillable entanglement

  10. Unconditionally secure commitment in position-based quantum cryptography.

    Science.gov (United States)

    Nadeem, Muhammad

    2014-10-27

    A new commitment scheme based on position-verification and non-local quantum correlations is presented here for the first time in literature. The only credential for unconditional security is the position of committer and non-local correlations generated; neither receiver has any pre-shared data with the committer nor does receiver require trusted and authenticated quantum/classical channels between him and the committer. In the proposed scheme, receiver trusts the commitment only if the scheme itself verifies position of the committer and validates her commitment through non-local quantum correlations in a single round. The position-based commitment scheme bounds committer to reveal valid commitment within allocated time and guarantees that the receiver will not be able to get information about commitment unless committer reveals. The scheme works for the commitment of both bits and qubits and is equally secure against committer/receiver as well as against any third party who may have interests in destroying the commitment. Our proposed scheme is unconditionally secure in general and evades Mayers and Lo-Chau attacks in particular.

  11. Key Exchange Trust Evaluation in Peer-to-Peer Sensor Networks With Unconditionally Secure Key Exchange

    Science.gov (United States)

    Gonzalez, Elias; Kish, Laszlo B.

    2016-03-01

    As the utilization of sensor networks continue to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. We propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. For a given sensor, the higher the portion of channels with unconditionally secure key exchange the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels.

  12. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  13. Unconditionally Secure Credit/Debit Card Chip Scheme and Physical Unclonable Function

    Science.gov (United States)

    Kish, Laszlo B.; Entesari, Kamran; Granqvist, Claes-Göran; Kwan, Chiman

    The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions (PUFs).

  14. Impossibility of secure two-party classical computation

    International Nuclear Information System (INIS)

    Colbeck, Roger

    2007-01-01

    We present attacks that show that unconditionally secure two-party classical computation is impossible for many classes of function. Our analysis applies to both quantum and relativistic protocols. We illustrate our results by showing the impossibility of oblivious transfer

  15. Quantum cryptography with finite resources: unconditional security bound for discrete-variable protocols with one-way postprocessing.

    Science.gov (United States)

    Scarani, Valerio; Renner, Renato

    2008-05-23

    We derive a bound for the security of quantum key distribution with finite resources under one-way postprocessing, based on a definition of security that is composable and has an operational meaning. While our proof relies on the assumption of collective attacks, unconditional security follows immediately for standard protocols such as Bennett-Brassard 1984 and six-states protocol. For single-qubit implementations of such protocols, we find that the secret key rate becomes positive when at least N approximately 10(5) signals are exchanged and processed. For any other discrete-variable protocol, unconditional security can be obtained using the exponential de Finetti theorem, but the additional overhead leads to very pessimistic estimates.

  16. Unconditionally secure key distillation from multi-photons in a single-photon polarization based quantum key distribution

    CERN Document Server

    Tamaki, K

    2005-01-01

    In this presentation, we show some counter-examples to a naive belief that the security of QKD is based on no-cloning theorem. One example is shown by explicitly proving that one can indeed generate an unconditionally secure key from Alice's two-photon emission part in "SARG04 protocol" proposed by V. Scarani et al, in Phys. Rev. Lett. 92, 057901 (2004). This protocol differs from BB84 only in the classical communication. It is, thus, interesting to see how only the classical communication of QKD protocol might qualitatively change its security. We also show that one can generate an unconditionally secure key from the single to the four-photon part in a generalized SARG04 that uses six states. Finally, we also compare the bit error rate threshold of these protocols with the one in BB84 and the original six-state protocol assuming a depolarizing channel.

  17. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  18. Secure Multiparty Quantum Computation for Summation and Multiplication.

    Science.gov (United States)

    Shi, Run-hua; Mu, Yi; Zhong, Hong; Cui, Jie; Zhang, Shun

    2016-01-21

    As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics.

  19. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  20. Cognitive Computing for Security.

    Energy Technology Data Exchange (ETDEWEB)

    Debenedictis, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Rothganger, Fredrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Aimone, James Bradley [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Marinella, Matthew [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Evans, Brian Robert [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Warrender, Christina E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mickel, Patrick [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-12-01

    Final report for Cognitive Computing for Security LDRD 165613. It reports on the development of hybrid of general purpose/ne uromorphic computer architecture, with an emphasis on potential implementation with memristors.

  1. Computer Security Handbook

    CERN Document Server

    Bosworth, Seymour; Whyne, Eric

    2012-01-01

    The classic and authoritative reference in the field of computer security, now completely updated and revised With the continued presence of large-scale computers; the proliferation of desktop, laptop, and handheld computers; and the vast international networks that interconnect them, the nature and extent of threats to computer security have grown enormously. Now in its fifth edition, Computer Security Handbook continues to provide authoritative guidance to identify and to eliminate these threats where possible, as well as to lessen any losses attributable to them. With seventy-seven chapter

  2. Indirection and computer security.

    Energy Technology Data Exchange (ETDEWEB)

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  3. Center for computer security: Computer Security Group conference. Summary

    Energy Technology Data Exchange (ETDEWEB)

    None

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  4. Secure cloud computing

    CERN Document Server

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  5. Security in cloud computing

    OpenAIRE

    Moreno Martín, Oriol

    2016-01-01

    Security in Cloud Computing is becoming a challenge for next generation Data Centers. This project will focus on investigating new security strategies for Cloud Computing systems. Cloud Computingisarecent paradigmto deliver services over Internet. Businesses grow drastically because of it. Researchers focus their work on it. The rapid access to exible and low cost IT resources on an on-demand fashion, allows the users to avoid planning ahead for provisioning, and enterprises to save money ...

  6. Computer Security Systems Enable Access.

    Science.gov (United States)

    Riggen, Gary

    1989-01-01

    A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

  7. Computer security simulation

    International Nuclear Information System (INIS)

    Schelonka, E.P.

    1979-01-01

    Development and application of a series of simulation codes used for computer security analysis and design are described. Boolean relationships for arrays of barriers within functional modules are used to generate composite effectiveness indices. The general case of multiple layers of protection with any specified barrier survival criteria is given. Generalized reduction algorithms provide numerical security indices in selected subcategories and for the system as a whole. 9 figures, 11 tables

  8. Computer Security: Competing Concepts

    OpenAIRE

    Nissenbaum, Helen; Friedman, Batya; Felten, Edward

    2001-01-01

    This paper focuses on a tension we discovered in the philosophical part of our multidisciplinary project on values in web-browser security. Our project draws on the methods and perspectives of empirical social science, computer science, and philosophy to identify values embodied in existing web-browser security and also to prescribe changes to existing systems (in particular, Mozilla) so that values relevant to web-browser systems are better served than presently they are. The tension, which ...

  9. Cloud Computing Security

    OpenAIRE

    Ngongang, Guy

    2011-01-01

    This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

  10. A Portable Computer Security Workshop

    Science.gov (United States)

    Wagner, Paul J.; Phillips, Andrew T.

    2006-01-01

    We have developed a computer security workshop designed to instruct post-secondary instructors who want to start a course or laboratory exercise sequence in computer security. This workshop has also been used to provide computer security education to IT professionals and students. It is effective in communicating basic computer security principles…

  11. Security Dynamics of Cloud Computing

    OpenAIRE

    Khan, Khaled M.

    2009-01-01

    This paper explores various dimensions of cloud computing security. It argues that security concerns of cloud computing need to be addressed from the perspective of individual stakeholder. Security focuses of cloud computing are essentially different in terms of its characteristics and business model. Conventional way of viewing as well as addressing security such as ‘bolting-in’ on the top of cloud computing may not work well. The paper attempts to portray the security spectrum necessary for...

  12. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  13. New computer security campaign

    CERN Multimedia

    Alizée Dauvergne

    2010-01-01

    A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

  14. Computer Security: the security marathon, part 2

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

  15. Computer Security Day

    CERN Multimedia

    CERN Bulletin

    2010-01-01

      Viruses, phishing, malware and cyber-criminals can all threaten your computer and your data, even at CERN! Experts will share their experience with you and offer solutions to keep your computer secure. Thursday, 10 June 2010, 9.30, Council Chamber Make a note in your diary! Presentations in French and English: How do hackers break into your computer? Quels sont les enjeux et conséquences des attaques informatiques contre le CERN ? How so criminals steal your money on the Internet? Comment utiliser votre ordinateur de manière sécurisée ? and a quiz: test your knowledge and win one of the many prizes that will be on offer! For more information and to follow the day's events via a live webcast go to: http://cern.ch/SecDay.  

  16. CLOUD COMPUTING SECURITY ISSUES

    Directory of Open Access Journals (Sweden)

    Florin OGIGAU-NEAMTIU

    2012-01-01

    Full Text Available The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality is that cloud computing has simplified some technical aspects of building computer systems, but the myriad challenges facing IT environment still remain. Organizations which consider adopting cloud based services must also understand the many major problems of information policy, including issues of privacy, security, reliability, access, and regulation. The goal of this article is to identify the main security issues and to draw the attention of both decision makers and users to the potential risks of moving data into “the cloud”.

  17. New computer security measures

    CERN Multimedia

    IT Department

    2008-01-01

    As a part of the long-term strategy to improve computer security at CERN, and especially given the attention focused to CERN by the start-up of the LHC, two additional security measures concerning DNS and Tor will shortly be introduced. These are described in the following texts and will affect only a small number of users. "PHISHING" ATTACKS CONTINUE CERN computer users continue to be subjected to attacks by people trying to infect our machines and obtain passwords and other confidential information by social engineering trickery. Recent examples include an e-mail message sent from "La Poste" entitled "Colis Postal" on 21 August, a fake mail sent from web and mail services on 8 September, and an e-mail purporting to come from Hallmark Cards announcing the arrival of an electronic postcard. However, there are many other examples and there are reports of compromised mail accounts being used for more realistic site-specific phishing attempts. Given the increased publicity rela...

  18. CLOUD COMPUTING SECURITY

    Directory of Open Access Journals (Sweden)

    Ştefan IOVAN

    2016-05-01

    Full Text Available Cloud computing reprentes the software applications offered as a service online, but also the software and hardware components from the data center.In the case of wide offerd services for any type of client, we are dealing with a public cloud. In the other case, in wich a cloud is exclusively available for an organization and is not available to the open public, this is consider a private cloud [1]. There is also a third type, called hibrid in which case an user or an organization might use both services available in the public and private cloud. One of the main challenges of cloud computing are to build the trust and ofer information privacy in every aspect of service offerd by cloud computingle. The variety of existing standards, just like the lack of clarity in sustenability certificationis not a real help in building trust. Also appear some questions marks regarding the efficiency of traditionsecurity means that are applied in the cloud domain. Beside the economic and technology advantages offered by cloud, also are some advantages in security area if the information is migrated to cloud. Shared resources available in cloud includes the survey, use of the "best practices" and technology for advance security level, above all the solutions offered by the majority of medium and small businesses, big companies and even some guvermental organizations [2].

  19. Security in hybrid cloud computing

    OpenAIRE

    Koudelka, Ondřej

    2016-01-01

    This bachelor thesis deals with the area of hybrid cloud computing, specifically with its security. The major aim of the thesis is to analyze and compare the chosen hybrid cloud providers. For the minor aim this thesis compares the security challenges of hybrid cloud as opponent to other deployment models. In order to accomplish said aims, this thesis defines the terms cloud computing and hybrid cloud computing in its theoretical part. Furthermore the security challenges for cloud computing a...

  20. Security basics for computer architects

    CERN Document Server

    Lee, Ruby B

    2013-01-01

    Design for security is an essential aspect of the design of future computers. However, security is not well understood by the computer architecture community. Many important security aspects have evolved over the last several decades in the cryptography, operating systems, and networking communities. This book attempts to introduce the computer architecture student, researcher, or practitioner to the basic concepts of security and threat-based design. Past work in different security communities can inform our thinking and provide a rich set of technologies for building architectural support fo

  1. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  2. Computer Security at Nuclear Facilities

    International Nuclear Information System (INIS)

    Cavina, A.

    2013-01-01

    This series of slides presents the IAEA policy concerning the development of recommendations and guidelines for computer security at nuclear facilities. A document of the Nuclear Security Series dedicated to this issue is on the final stage prior to publication. This document is the the first existing IAEA document specifically addressing computer security. This document was necessary for 3 mains reasons: first not all national infrastructures have recognized and standardized computer security, secondly existing international guidance is not industry specific and fails to capture some of the key issues, and thirdly the presence of more or less connected digital systems is increasing in the design of nuclear power plants. The security of computer system must be based on a graded approach: the assignment of computer system to different levels and zones should be based on their relevance to safety and security and the risk assessment process should be allowed to feed back into and influence the graded approach

  3. Reminder: Mandatory Computer Security Course

    CERN Multimedia

    IT Department

    2011-01-01

    Just like any other organization, CERN is permanently under attack – even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Therefore, a new dedicated basic computer security course has been designed informing you about the “Do’s” and “Dont’s” when using CERN's computing facilities. This course is mandatory for all person owning a CERN computer account and must be followed once every three years. Users who have never done the course, or whose course needs to be renewe...

  4. New Mandatory Computer Security Course

    CERN Multimedia

    CERN Bulletin

    2010-01-01

    Just like any other organization, CERN is permanently under attack - even right now. Consequently it's important to be vigilant about security risks, protecting CERN's reputation - and your work. The availability, integrity and confidentiality of CERN's computing services and the unhindered operation of its accelerators and experiments come down to the combined efforts of the CERN Security Team and you. In order to remain par with the attack trends, the Security Team regularly reminds CERN users about the computer security risks, and about the rules for using CERN’s computing facilities. Since 2007, newcomers have to follow a dedicated basic computer security course informing them about the “Do’s” and “Dont’s” when using CERNs computing facilities. This course has recently been redesigned. It is now mandatory for all CERN members (users and staff) owning a CERN computer account and must be followed once every three years. Members who...

  5. Cloud Computing Security: A Survey

    Directory of Open Access Journals (Sweden)

    Issa M. Khalil

    2014-02-01

    Full Text Available Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.

  6. Cloud Computing Security Issue: Survey

    Science.gov (United States)

    Kamal, Shailza; Kaur, Rajpreet

    2011-12-01

    Cloud computing is the growing field in IT industry since 2007 proposed by IBM. Another company like Google, Amazon, and Microsoft provides further products to cloud computing. The cloud computing is the internet based computing that shared recourses, information on demand. It provides the services like SaaS, IaaS and PaaS. The services and recourses are shared by virtualization that run multiple operation applications on cloud computing. This discussion gives the survey on the challenges on security issues during cloud computing and describes some standards and protocols that presents how security can be managed.

  7. Security and policy driven computing

    CERN Document Server

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  8. Secure computing on reconfigurable systems

    OpenAIRE

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

  9. An Overview of Computer security

    OpenAIRE

    Annam, Shireesh Reddy

    2001-01-01

    As more business activities are being automated and an increasing number of computers are being used to store vital and sensitive information the need for secure computer systems becomes more apparent. These systems can be achieved only through systematic design; they cannot be achieved through haphazard seat-of-the-pants methods.This paper introduces some known threats to the computer security, categorizes the threats, and analyses protection mechanisms and techniques for countering the thre...

  10. Security Problems in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Rola Motawie

    2016-12-01

    Full Text Available Cloud is a pool of computing resources which are distributed among cloud users. Cloud computing has many benefits like scalability, flexibility, cost savings, reliability, maintenance and mobile accessibility. Since cloud-computing technology is growing day by day, it comes with many security problems. Securing the data in the cloud environment is most critical challenges which act as a barrier when implementing the cloud. There are many new concepts that cloud introduces, such as resource sharing, multi-tenancy, and outsourcing, create new challenges for the security community. In this work, we provide a comparable study of cloud computing privacy and security concerns. We identify and classify known security threats, cloud vulnerabilities, and attacks.

  11. Computer and information security handbook

    CERN Document Server

    Vacca, John R

    2012-01-01

    The second edition of this comprehensive handbook of computer and information security provides the most complete view of computer security and privacy available. It offers in-depth coverage of security theory, technology, and practice as they relate to established technologies as well as recent advances. It explores practical solutions to many security issues. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective areas of expertise. The book is organized into 10 parts comprised of 70 contributed

  12. Understanding computer security

    NARCIS (Netherlands)

    Etalle, Sandro; Zannone, N.

    2014-01-01

    Few things in society and everyday life have changed in the last 10 years as much as the concept of security. From bank robberies to wars, what used to imply a great deal of violence is now silently happening on the Internet. Perhaps more strikingly, the very idea of privacy – a concept closely

  13. Security Architecture of Cloud Computing

    OpenAIRE

    V.KRISHNA REDDY; Dr. L.S.S.REDDY

    2011-01-01

    The Cloud Computing offers service over internet with dynamically scalable resources. Cloud Computing services provides benefits to the users in terms of cost and ease of use. Cloud Computing services need to address the security during the transmission of sensitive data and critical applications to shared and public cloud environments. The cloud environments are scaling large for data processing and storage needs. Cloud computing environment have various advantages as well as disadvantages o...

  14. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  15. Cloud Computing Security: A Survey

    OpenAIRE

    Khalil, Issa; Khreishah, Abdallah; Azeem, Muhammad

    2014-01-01

    Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing a...

  16. CLOUD COMPUTING SECURITY ISSUES

    OpenAIRE

    Florin OGIGAU-NEAMTIU

    2012-01-01

    The term “cloud computing” has been in the spotlights of IT specialists the last years because of its potential to transform this industry. The promised benefits have determined companies to invest great sums of money in researching and developing this domain and great steps have been made towards implementing this technology. Managers have traditionally viewed IT as difficult and expensive and the promise of cloud computing leads many to think that IT will now be easy and cheap. The reality ...

  17. Insecurity of quantum secure computations

    Science.gov (United States)

    Lo, Hoi-Kwong

    1997-08-01

    It had been widely claimed that quantum mechanics can protect private information during public decision in, for example, the so-called two-party secure computation. If this were the case, quantum smart-cards, storing confidential information accessible only to a proper reader, could prevent fake teller machines from learning the PIN (personal identification number) from the customers' input. Although such optimism has been challenged by the recent surprising discovery of the insecurity of the so-called quantum bit commitment, the security of quantum two-party computation itself remains unaddressed. Here I answer this question directly by showing that all one-sided two-party computations (which allow only one of the two parties to learn the result) are necessarily insecure. As corollaries to my results, quantum one-way oblivious password identification and the so-called quantum one-out-of-two oblivious transfer are impossible. I also construct a class of functions that cannot be computed securely in any two-sided two-party computation. Nevertheless, quantum cryptography remains useful in key distribution and can still provide partial security in ``quantum money'' proposed by Wiesner.

  18. On distributed key distribution centers and unconditionally secure proactive verifiable secret sharing schemes based on general access structure

    NARCIS (Netherlands)

    Nikov, V.S.; Nikova, S.I.; Preneel, B.; Vandewalle, J.; Menezes, A.; Sarkar, P.

    2002-01-01

    A Key Distribution Center of a network is a server enabling private communications within groups of users. A Distributed Key Distribution Center is a set of servers that jointly realizes a Key Distribution Center. In this paper we build a robust Distributed Key Distribution Center Scheme secure

  19. Efficient Secure Multiparty Subset Computation

    Directory of Open Access Journals (Sweden)

    Sufang Zhou

    2017-01-01

    Full Text Available Secure subset problem is important in secure multiparty computation, which is a vital field in cryptography. Most of the existing protocols for this problem can only keep the elements of one set private, while leaking the elements of the other set. In other words, they cannot solve the secure subset problem perfectly. While a few studies have addressed actual secure subsets, these protocols were mainly based on the oblivious polynomial evaluations with inefficient computation. In this study, we first design an efficient secure subset protocol for sets whose elements are drawn from a known set based on a new encoding method and homomorphic encryption scheme. If the elements of the sets are taken from a large domain, the existing protocol is inefficient. Using the Bloom filter and homomorphic encryption scheme, we further present an efficient protocol with linear computational complexity in the cardinality of the large set, and this is considered to be practical for inputs consisting of a large number of data. However, the second protocol that we design may yield a false positive. This probability can be rapidly decreased by reexecuting the protocol with different hash functions. Furthermore, we present the experimental performance analyses of these protocols.

  20. Computer Security: professionalism in security, too

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    At CERN, we apply a great deal of dedication and professionalism to all the work we do. This is necessary because of the complexity and sophistication of the devices we deal with. However, when it comes to computer security, we can all agree that there is room for improvement.   In some cases, we’ve observed devices that are connected to our Intranet networks without the adequate level of protection. Also, in order to allow it to be disseminated easily with peers, information is often disclosed on public webpages, sometimes without appropriate consideration of important security-related aspects. Program code is lost due to a lack of proper version control or the use of central storage systems. Systems are brought down by “finger trouble”, confusing the right and wrong IP addresses. Software or system development is done directly on production devices, impinging on their proper operation up to the point where the system grinds to a halt. Applications full of useful fe...

  1. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  2. The myth of secure computing.

    Science.gov (United States)

    Austin, Robert D; Darby, Christopher A

    2003-06-01

    Few senior executives pay a whole lot of attention to computer security. They either hand off responsibility to their technical people or bring in consultants. But given the stakes involved, an arm's-length approach is extremely unwise. According to industry estimates, security breaches affect 90% of all businesses every year and cost some $17 billion. Fortunately, the authors say, senior executives don't need to learn about the more arcane aspects of their company's IT systems in order to take a hands-on approach. Instead, they should focus on the familiar task of managing risk. Their role should be to assess the business value of their information assets, determine the likelihood that those assets will be compromised, and then tailor a set of risk abatement processes to their company's particular vulnerabilities. This approach, which views computer security as an operational rather than a technical challenge, is akin to a classic quality assurance program in that it attempts to avoid problems rather than fix them and involves all employees, not just IT staffers. The goal is not to make computer systems completely secure--that's impossible--but to reduce the business risk to an acceptable level. This article looks at the types of threats a company is apt to face. It also examines the processes a general manager should spearhead to lessen the likelihood of a successful attack. The authors recommend eight processes in all, ranging from deciding how much protection each digital asset deserves to insisting on secure software to rehearsing a response to a security breach. The important thing to realize, they emphasize, is that decisions about digital security are not much different from other cost-benefit decisions. The tools general managers bring to bear on other areas of the business are good models for what they need to do in this technical space.

  3. Secure multiparty computation goes live

    NARCIS (Netherlands)

    Bogetoft, P.; Christensen, D.L.; Damgard, Ivan; Geisler, M.; Jakobsen, T.; Kroigaard, M.; Nielsen, J.D.; Nielsen, J.B.; Nielsen, K.; Pagter, J.; Schwartzbach, M.; Toft, T.; Dingledine, R.; Golle, Ph.

    2009-01-01

    In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used. This work was supported by the Danish Strategic Research Council and the European

  4. Secure multiparty computation goes live

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Christensen, Dan Lund; Damgård, Ivan Bjerre

    2009-01-01

    In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used. This work was supported by the Danish Strategic Research Council and the European...

  5. Lock It Up! Computer Security.

    Science.gov (United States)

    Wodarz, Nan

    1997-01-01

    The data contained on desktop computer systems and networks pose security issues for virtually every district. Sensitive information can be protected by educating users, altering the physical layout, using password protection, designating access levels, backing up data, reformatting floppy disks, using antivirus software, and installing encryption…

  6. Autonomic computing meets SCADA security

    OpenAIRE

    Nazir, S; Patel, S; Patel, D

    2017-01-01

    © 2017 IEEE. National assets such as transportation networks, large manufacturing, business and health facilities, power generation, and distribution networks are critical infrastructures. The cyber threats to these infrastructures have increasingly become more sophisticated, extensive and numerous. Cyber security conventional measures have proved useful in the past but increasing sophistication of attacks dictates the need for newer measures. The autonomic computing paradigm mimics the auton...

  7. Computer access security code system

    Science.gov (United States)

    Collins, Earl R., Jr. (Inventor)

    1990-01-01

    A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

  8. Conducting Computer Security Assessments at Nuclear Facilities

    International Nuclear Information System (INIS)

    2016-06-01

    Computer security is increasingly recognized as a key component in nuclear security. As technology advances, it is anticipated that computer and computing systems will be used to an even greater degree in all aspects of plant operations including safety and security systems. A rigorous and comprehensive assessment process can assist in strengthening the effectiveness of the computer security programme. This publication outlines a methodology for conducting computer security assessments at nuclear facilities. The methodology can likewise be easily adapted to provide assessments at facilities with other radioactive materials

  9. About Security Solutions in Fog Computing

    Directory of Open Access Journals (Sweden)

    Eugen Petac

    2016-01-01

    Full Text Available The key for improving a system's performance, its security and reliability is to have the dataprocessed locally in remote data centers. Fog computing extends cloud computing through itsservices to devices and users at the edge of the network. Through this paper it is explored the fogcomputing environment. Security issues in this area are also described. Fog computing providesthe improved quality of services to the user by complementing shortages of cloud in IoT (Internet ofThings environment. Our proposal, named Adaptive Fog Computing Node Security Profile(AFCNSP, which is based security Linux solutions, will get an improved security of fog node withrich feature sets.

  10. The importance of trust in computer security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2014-01-01

    The computer security community has traditionally regarded security as a “hard” property that can be modelled and formally proven under certain simplifying assumptions. Traditional security technologies assume that computer users are either malicious, e.g. hackers or spies, or benevolent, competent...... and well informed about the security policies. Over the past two decades, however, computing has proliferated into all aspects of modern society and the spread of malicious software (malware) like worms, viruses and botnets have become an increasing threat. This development indicates a failure in some...... of the fundamental assumptions that underpin existing computer security technologies and that a new view of computer security is long overdue. In this paper, we examine traditionalmodels, policies and mechanisms of computer security in order to identify areas where the fundamental assumptions may fail. In particular...

  11. Security and Privacy in Fog Computing: Challenges

    OpenAIRE

    Mukherjee, Mithun; Matam, Rakesh; Shu, Lei; Maglaras, Leandros; Ferrag, Mohamed Amine; Choudhry, Nikumani; Kumar, Vikas

    2017-01-01

    open access article Fog computing paradigm extends the storage, networking, and computing facilities of the cloud computing toward the edge of the networks while offloading the cloud data centers and reducing service latency to the end users. However, the characteristics of fog computing arise new security and privacy challenges. The existing security and privacy measurements for cloud computing cannot be directly applied to the fog computing due to its features, such as mobility, heteroge...

  12. Knowledge-based computer security advisor

    International Nuclear Information System (INIS)

    Hunteman, W.J.; Squire, M.B.

    1991-01-01

    The rapid expansion of computer security information and technology has included little support to help the security officer identify the safeguards needed to comply with a policy and to secure a computing system. This paper reports that Los Alamos is developing a knowledge-based computer security system to provide expert knowledge to the security officer. This system includes a model for expressing the complex requirements in computer security policy statements. The model is part of an expert system that allows a security officer to describe a computer system and then determine compliance with the policy. The model contains a generic representation that contains network relationships among the policy concepts to support inferencing based on information represented in the generic policy description

  13. Security Management Model in Cloud Computing Environment

    OpenAIRE

    Ahmadpanah, Seyed Hossein

    2016-01-01

    In the cloud computing environment, cloud virtual machine (VM) will be more and more the number of virtual machine security and management faced giant Challenge. In order to address security issues cloud computing virtualization environment, this paper presents a virtual machine based on efficient and dynamic deployment VM security management model state migration and scheduling, study of which virtual machine security architecture, based on AHP (Analytic Hierarchy Process) virtual machine de...

  14. Computer Security: drive-bye

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Like a lion waiting to ambush gazelles at a waterhole, malware can catch you by surprise.    As some of you might have noticed, the Computer Security Team had to block the news site “20min.ch” a while ago, as it was found to be distributing malware. This block comes after similar incidents at other Swiss organizations. Our blocking is protective in order to safeguard your computers, laptops, tablets and smartphones. Unfortunately, this is not the first time we have seen these so-called drive-by/waterhole attacks: once you have visited an affected website, embedded third-party malicious code is downloaded to your computer and subsequently infects it (if running Windows or Android as well as, less likely, Mac operating systems). Hence the name “drive-by”. As “20min.ch” is a very frequented website among CERN staff members and users, it makes it a perfect source for attacks against CERN (or other Geneva-based organisations): inste...

  15. Computer Security: SAHARA - Security As High As Reasonably Achievable

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    History has shown us time and again that our computer systems, computing services and control systems have digital security deficiencies. Too often we deploy stop-gap solutions and improvised hacks, or we just accept that it is too late to change things.    In my opinion, this blatantly contradicts the professionalism we show in our daily work. Other priorities and time pressure force us to ignore security or to consider it too late to do anything… but we can do better. Just look at how “safety” is dealt with at CERN! “ALARA” (As Low As Reasonably Achievable) is the objective set by the CERN HSE group when considering our individual radiological exposure. Following this paradigm, and shifting it from CERN safety to CERN computer security, would give us “SAHARA”: “Security As High As Reasonably Achievable”. In other words, all possible computer security measures must be applied, so long as ...

  16. Computers, business, and security the new role for security

    CERN Document Server

    Schweitzer, James A

    1987-01-01

    Computers, Business, and Security: The New Role for Security addresses the professional security manager's responsibility to protect all business resources, with operating environments and high technology in mind. This book discusses the technological aspects of the total security programs.Organized into three parts encompassing 10 chapters, this book begins with an overview of how the developing information age is affecting business management, operations, and organization. This text then examines a number of vulnerabilities that arise in the process of using business computing and communicat

  17. Advanced topics in security computer system design

    International Nuclear Information System (INIS)

    Stachniak, D.E.; Lamb, W.R.

    1989-01-01

    The capability, performance, and speed of contemporary computer processors, plus the associated performance capability of the operating systems accommodating the processors, have enormously expanded the scope of possibilities for designers of nuclear power plant security computer systems. This paper addresses the choices that could be made by a designer of security computer systems working with contemporary computers and describes the improvement in functionality of contemporary security computer systems based on an optimally chosen design. Primary initial considerations concern the selection of (a) the computer hardware and (b) the operating system. Considerations for hardware selection concern processor and memory word length, memory capacity, and numerous processor features

  18. A Computer Security Course in the Undergraduate Computer Science Curriculum.

    Science.gov (United States)

    Spillman, Richard

    1992-01-01

    Discusses the importance of computer security and considers criminal, national security, and personal privacy threats posed by security breakdown. Several examples are given, including incidents involving computer viruses. Objectives, content, instructional strategies, resources, and a sample examination for an experimental undergraduate computer…

  19. Securing the Cloud Cloud Computer Security Techniques and Tactics

    CERN Document Server

    Winkler, Vic (JR)

    2011-01-01

    As companies turn to cloud computing technology to streamline and save money, security is a fundamental concern. Loss of certain control and lack of trust make this transition difficult unless you know how to handle it. Securing the Cloud discusses making the move to the cloud while securing your peice of it! The cloud offers felxibility, adaptability, scalability, and in the case of security-resilience. This book details the strengths and weaknesses of securing your company's information with different cloud approaches. Attacks can focus on your infrastructure, communications network, data, o

  20. Computer-Based Testing: Test Site Security.

    Science.gov (United States)

    Rosen, Gerald A.

    Computer-based testing places great burdens on all involved parties to ensure test security. A task analysis of test site security might identify the areas of protecting the test, protecting the data, and protecting the environment as essential issues in test security. Protecting the test involves transmission of the examinations, identifying the…

  1. Secure computing, economy, and trust

    DEFF Research Database (Denmark)

    Bogetoft, Peter; Damgård, Ivan B.; Jakobsen, Thomas

    In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, cryptography and security engineering and develop and implement secure auctions for practical real-world problems. In essence this paper is an o...

  2. Challenges and Security in Cloud Computing

    Science.gov (United States)

    Chang, Hyokyung; Choi, Euiin

    People who live in this world want to solve any problems as they happen then. An IT technology called Ubiquitous computing should help the situations easier and we call a technology which makes it even better and powerful cloud computing. Cloud computing, however, is at the stage of the beginning to implement and use and it faces a lot of challenges in technical matters and security issues. This paper looks at the cloud computing security.

  3. Visualization Tools for Teaching Computer Security

    Science.gov (United States)

    Yuan, Xiaohong; Vega, Percy; Qadah, Yaseen; Archer, Ricky; Yu, Huiming; Xu, Jinsheng

    2010-01-01

    Using animated visualization tools has been an important teaching approach in computer science education. We have developed three visualization and animation tools that demonstrate various information security concepts and actively engage learners. The information security concepts illustrated include: packet sniffer and related computer network…

  4. Applied computation and security systems

    CERN Document Server

    Saeed, Khalid; Choudhury, Sankhayan; Chaki, Nabendu

    2015-01-01

    This book contains the extended version of the works that have been presented and discussed in the First International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2014) held during April 18-20, 2014 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland and University of Calcutta, India. The Volume I of this double-volume book contains fourteen high quality book chapters in three different parts. Part 1 is on Pattern Recognition and it presents four chapters. Part 2 is on Imaging and Healthcare Applications contains four more book chapters. The Part 3 of this volume is on Wireless Sensor Networking and it includes as many as six chapters. Volume II of the book has three Parts presenting a total of eleven chapters in it. Part 4 consists of five excellent chapters on Software Engineering ranging from cloud service design to transactional memory. Part 5 in Volume II is on Cryptography with two book...

  5. Data Security and Privacy in Cloud Computing

    OpenAIRE

    Yunchuan Sun; Junsheng Zhang; Yongping Xiong; Guangyu Zhu

    2014-01-01

    Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more impo...

  6. Analysis On Security Of Cloud Computing

    Directory of Open Access Journals (Sweden)

    Muhammad Zunnurain Hussain

    2017-01-01

    Full Text Available In this paper Author will be discussing the security issues and challenges faced by the industry in securing the cloud computing and how these problems can be tackled. Cloud computing is modern technique of sharing resources like data sharing file sharing basically sharing of resources without launching own infrastructure and using some third party resources to avoid huge investment . It is very challenging these days to secure the communication between two users although people use different encryption techniques 1.

  7. DATA SECURITY ISSUES IN CLOUD COMPUTING: REVIEW

    Directory of Open Access Journals (Sweden)

    Hussam Alddin Shihab Ahmed

    2016-02-01

    Full Text Available Cloud computing is an internet based model that empower on demand ease of access and pay for the usage of each access to shared pool of networks. It is yet another innovation that fulfills a client's necessity for computing resources like systems, stockpiling, servers, administrations and applications. Securing the Data is considered one of the principle significant challenges and concerns for cloud computing. This persistent problem is getting more affective due to the changes in improving cloud computing technology. From the perspective of the Clients, cloud computing is a security hazard especially when it comes to assurance affirmation issues and data security, remain the most basically which backs off for appropriation of Cloud Computing administrations. This paper audits and breaks down the essential issue of cloud computing and depicts the information security and protection of privacy issues in cloud.

  8. Why SCADA security is NOT like Computer Centre Security

    CERN Multimedia

    CERN. Geneva

    2014-01-01

    Today, the industralized world lives in symbiosis with control systems (aka SCADA systems): it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and discuss the differences (or not) between computer center cyber-security and control system cyber-security.

  9. Motivating Contributions for Home Computer Security

    Science.gov (United States)

    Wash, Richard L.

    2009-01-01

    Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

  10. Leakage Resilient Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Hazay, Carmit; Patra, Arpita

    2012-01-01

    we initiate the study of {\\em secure two-party computation in the presence of leakage}, where on top of corrupting one of the parties the adversary obtains leakage from the content of the secret memory of the honest party. Our study involves the following contributions: \\BE \\item {\\em Security...... and returns its result. Almost independently of secure computation, the area of {\\em leakage resilient cryptography} has recently been evolving intensively, studying the question of designing cryptographic primitives that remain secure even when some information about the secret key is leaked. In this paper...

  11. Review your Computer Security Now and Frequently!

    CERN Multimedia

    IT Department

    2009-01-01

    The start-up of LHC is foreseen to take place in the autumn and we will be in the public spotlight again. This increases the necessity to be vigilant with respect to computer security and the defacement of an experiment’s Web page in September last year shows that we should be particularly attentive. Attackers are permanently probing CERN and so we must all do the maximum to reduce future risks. Security is a hierarchical responsibility and requires to balance the allocation of resources between making systems work and making them secure. Thus all of us, whether users, developers, system experts, administrators, or managers are responsible for securing our computing assets. These include computers, software applications, documents, accounts and passwords. There is no "silver bullet" for securing systems, which can only be achieved by a painstaking search for all possible vulnerabilities followed by their mitigation. Additional advice on particular topics can be obtained from the relevant I...

  12. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  13. Incorporating lab experience into computer security courses

    NARCIS (Netherlands)

    Ben Othmane, L.; Bhuse, V.; Lilien, L.T.

    2013-01-01

    We describe our experience with teaching computer security labs at two different universities. We report on the hardware and software lab setups, summarize lab assignments, present the challenges encountered, and discuss the lessons learned. We agree with and emphasize the viewpoint that security

  14. Bibliography for computer security, integrity, and safety

    Science.gov (United States)

    Bown, Rodney L.

    1991-01-01

    A bibliography of computer security, integrity, and safety issues is given. The bibliography is divided into the following sections: recent national publications; books; journal, magazine articles, and miscellaneous reports; conferences, proceedings, and tutorials; and government documents and contractor reports.

  15. Adaptive security protocol selection for mobile computing

    NARCIS (Netherlands)

    Pontes Soares Rocha, B.; Costa, D.N.O.; Moreira, R.A.; Rezende, C.G.; Loureiro, A.A.F.; Boukerche, A.

    2010-01-01

    The mobile computing paradigm has introduced new problems for application developers. Challenges include heterogeneity of hardware, software, and communication protocols, variability of resource limitations and varying wireless channel quality. In this scenario, security becomes a major concern for

  16. Cloud Computing and Security Issues

    OpenAIRE

    Rohan Jathanna; Dhanamma Jagli

    2017-01-01

    Cloud computing has become one of the most interesting topics in the IT world today. Cloud model of computing as a resource has changed the landscape of computing as it promises of increased greater reliability, massive scalability, and decreased costs have attracted businesses and individuals alike. It adds capabilities to Information Technology’s. Over the last few years, cloud computing has grown considerably in Information Technology. As more and more information of individuals and compan...

  17. A methodology for performing computer security reviews

    International Nuclear Information System (INIS)

    Hunteman, W.J.

    1991-01-01

    DOE Order 5637.1, ''Classified Computer Security,'' requires regular reviews of the computer security activities for an ADP system and for a site. Based on experiences gained in the Los Alamos computer security program through interactions with DOE facilities, we have developed a methodology to aid a site or security officer in performing a comprehensive computer security review. The methodology is designed to aid a reviewer in defining goals of the review (e.g., preparation for inspection), determining security requirements based on DOE policies, determining threats/vulnerabilities based on DOE and local threat guidance, and identifying critical system components to be reviewed. Application of the methodology will result in review procedures and checklists oriented to the review goals, the target system, and DOE policy requirements. The review methodology can be used to prepare for an audit or inspection and as a periodic self-check tool to determine the status of the computer security program for a site or specific ADP system. 1 tab

  18. A methodology for performing computer security reviews

    International Nuclear Information System (INIS)

    Hunteman, W.J.

    1991-01-01

    This paper reports on DIE Order 5637.1, Classified Computer Security, which requires regular reviews of the computer security activities for an ADP system and for a site. Based on experiences gained in the Los Alamos computer security program through interactions with DOE facilities, the authors have developed a methodology to aid a site or security officer in performing a comprehensive computer security review. The methodology is designed to aid a reviewer in defining goals of the review (e.g., preparation for inspection), determining security requirements based on DOE policies, determining threats/vulnerabilities based on DOE and local threat guidance, and identifying critical system components to be reviewed. Application of the methodology will result in review procedures and checklists oriented to the review goals, the target system, and DOE policy requirements. The review methodology can be used to prepare for an audit or inspection and as a periodic self-check tool to determine the status of the computer security program for a site or specific ADP system

  19. Computer Security at Nuclear Facilities (French Edition)

    International Nuclear Information System (INIS)

    2013-01-01

    category of the IAEA Nuclear Security Series, and deals with computer security at nuclear facilities. It is based on national experience and practices as well as publications in the fields of computer security and nuclear security. The guidance is provided for consideration by States, competent authorities and operators. The preparation of this publication in the IAEA Nuclear Security Series has been made possible by the contributions of a large number of experts from Member States. An extensive consultation process with all Member States included consultants meetings and open-ended technical meetings. The draft was then circulated to all Member States for 120 days to solicit further comments and suggestions. The comments received from Member States were reviewed and considered in the final version of the publication.

  20. Analysis on the security of cloud computing

    Science.gov (United States)

    He, Zhonglin; He, Yuhua

    2011-02-01

    Cloud computing is a new technology, which is the fusion of computer technology and Internet development. It will lead the revolution of IT and information field. However, in cloud computing data and application software is stored at large data centers, and the management of data and service is not completely trustable, resulting in safety problems, which is the difficult point to improve the quality of cloud service. This paper briefly introduces the concept of cloud computing. Considering the characteristics of cloud computing, it constructs the security architecture of cloud computing. At the same time, with an eye toward the security threats cloud computing faces, several corresponding strategies are provided from the aspect of cloud computing users and service providers.

  1. Guidelines for computer security in general practice.

    Science.gov (United States)

    Schattner, Peter; Pleteshner, Catherine; Bhend, Heinz; Brouns, Johan

    2007-01-01

    As general practice becomes increasingly computerised, data security becomes increasingly important for both patient health and the efficient operation of the practice. To develop guidelines for computer security in general practice based on a literature review, an analysis of available information on current practice and a series of key stakeholder interviews. While the guideline was produced in the context of Australian general practice, we have developed a template that is also relevant for other countries. Current data on computer security measures was sought from Australian divisions of general practice. Semi-structured interviews were conducted with general practitioners (GPs), the medical software industry, senior managers within government responsible for health IT (information technology) initiatives, technical IT experts, divisions of general practice and a member of a health information consumer group. The respondents were asked to assess both the likelihood and the consequences of potential risks in computer security being breached. The study suggested that the most important computer security issues in general practice were: the need for a nominated IT security coordinator; having written IT policies, including a practice disaster recovery plan; controlling access to different levels of electronic data; doing and testing backups; protecting against viruses and other malicious codes; installing firewalls; undertaking routine maintenance of hardware and software; and securing electronic communication, for example via encryption. This information led to the production of computer security guidelines, including a one-page summary checklist, which were subsequently distributed to all GPs in Australia. This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making

  2. Practical Computer Security through Cryptography

    Science.gov (United States)

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  3. Computational security of quantum encryption

    NARCIS (Netherlands)

    Alagic, G.; Broadbent, A.; Fefferman, B.; Gagliardoni, T.; Schaffner, C.; St. Jules, M.; Nascimento, A.C.A.; Barreto, P.

    2016-01-01

    Quantum-mechanical devices have the potential to transform cryptography. Most research in this area has focused either on the information-theoretic advantages of quantum protocols or on the security of classical cryptographic schemes against quantum attacks. In this work, we initiate the study of

  4. Cloud Computing Security Latest Issues amp Countermeasures

    Directory of Open Access Journals (Sweden)

    Shelveen Pandey

    2015-08-01

    Full Text Available Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shared resources over the years security on the cloud is a growing concern. In this review paper the current cloud security issues and practices are described and a few innovative solutions are proposed that can help improve cloud computing security in the future.

  5. Computer Security: Mac security – nothing for old versions

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software – or, in computer lingo: patching, patching, patching.   Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help… Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their &ldq...

  6. Emerging Cloud Computing Security Threats

    OpenAIRE

    Ahmat, Kamal

    2015-01-01

    Cloud computing is one of the latest emerging innovations of the modern internet and technological landscape. With everyone from the White house to major online technological leaders like Amazon and Google using or offering cloud computing services it is truly presents itself as an exciting and innovative method to store and use data on the internet.

  7. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  8. International Conference on Computational Intelligence, Cyber Security, and Computational Models

    CERN Document Server

    Ramasamy, Vijayalakshmi; Sheen, Shina; Veeramani, C; Bonato, Anthony; Batten, Lynn

    2016-01-01

    This book aims at promoting high-quality research by researchers and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security, and Computational Models ICC3 2015 organized by PSG College of Technology, Coimbatore, India during December 17 – 19, 2015. This book enriches with innovations in broad areas of research like computational modeling, computational intelligence and cyber security. These emerging inter disciplinary research areas have helped to solve multifaceted problems and gained lot of attention in recent years. This encompasses theory and applications, to provide design, analysis and modeling of the aforementioned key areas.

  9. Elections with unconditionally-secret ballots and disruption equivalent to breaking RSA

    NARCIS (Netherlands)

    D. Chaum (David)

    1988-01-01

    textabstractElection protocols embodying robustness, verifiability of returns by voters, and unconditional security for voters’ privacy have been presented. The techniques also allow untraceable payments and credentials.

  10. Security in cloud computing and virtual environments

    OpenAIRE

    Aarseth, Raymond

    2015-01-01

    Cloud computing is a big buzzwords today. Just watch the commercials on TV and I can promise that you will hear the word cloud service at least once. With the growth of cloud technology steadily rising, and everything from cellphones to cars connected to the cloud, how secure is cloud technology? What are the caveats of using cloud technology? And how does it all work? This thesis will discuss cloud security and the underlying technology called Virtualization to ...

  11. OSE inspection of computer security: Review

    International Nuclear Information System (INIS)

    Jaehne, E.M.

    1987-01-01

    The inspection process within the Department of Energy (DOE) serves the function of analyzing and reporting on the performance of security measures and controls in specific areas at sites throughout DOE. Three aspects of this process are discussed based on experience in computer security: Policy basis of performance inspections; Role and form of standards and criteria in inspections; and Conducting an inspection using the standards and criteria. Inspections are based on DOE and other applicable policy in each area. These policy statements have a compliance orientation in which the paper trail is often more clearly discernible than the security intention. The relationship of policy to performance inspections is discussed. To facilitate bridging the gap between the paper trail and the security intention defined by policy, standards and criteria were developed in each area. The consensus process and structure of the resulting product for computer security are discussed. Standards and criteria are inspection tools that support the site in preparing for an inspection and the inspector in conducting one. They form a systematic approach that facilitates consistency in the analysis and reporting of inspection results. Experience using the computer security standards and criteria is discussed

  12. Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

    CERN Multimedia

    2012-01-01

    Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

  13. Computer Security Incident Response Planning at Nuclear Facilities

    International Nuclear Information System (INIS)

    2016-06-01

    The purpose of this publication is to assist Member States in developing comprehensive contingency plans for computer security incidents with the potential to impact nuclear security and/or nuclear safety. It provides an outline and recommendations for establishing a computer security incident response capability as part of a computer security programme, and considers the roles and responsibilities of the system owner, operator, competent authority, and national technical authority in responding to a computer security incident with possible nuclear security repercussions

  14. Computer-aided proofs for multiparty computation with active security

    DEFF Research Database (Denmark)

    Haagh, Helene; Karbyshev, Aleksandr; Oechsner, Sabine

    2018-01-01

    Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering, and secure...... teleconference. Given its importance, it is crucial that the protocols are specified and implemented correctly. In the programming language community it has become good practice to use computer proof assistants to verify correctness proofs. In the field of cryptography, EasyCrypt is the state of the art proof...... public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer's MPC protocol for secure...

  15. Computation, cryptography, and network security

    CERN Document Server

    Rassias, Michael

    2015-01-01

    Analysis, assessment, and data management are core competencies for operation research analysts. This volume addresses a number of issues and developed methods for improving those skills. It is an outgrowth of a conference held in April 2013 at the Hellenic Military Academy, and brings together a broad variety of mathematical methods and theories with several applications. It discusses directions and pursuits of scientists that pertain to engineering sciences. It is also presents the theoretical background required for algorithms and techniques applied to a large variety of concrete problems. A number of open questions as well as new future areas are also highlighted.   This book will appeal to operations research analysts, engineers, community decision makers, academics, the military community, practitioners sharing the current “state-of-the-art,” and analysts from coalition partners. Topics covered include Operations Research, Games and Control Theory, Computational Number Theory and Information Securi...

  16. Computer Security: Geneva, Suisse Romande and beyond

    CERN Multimedia

    Computer Security Team

    2014-01-01

    To ensure good computer security, it is essential for us to keep in close contact and collaboration with a multitude of official and unofficial, national and international bodies, agencies, associations and organisations in order to discuss best practices, to learn about the most recent (and, at times, still unpublished) vulnerabilities, and to handle jointly any security incident. A network of peers - in particular a network of trusted peers - can provide important intelligence about new vulnerabilities or ongoing attacks much earlier than information published in the media. In this article, we would like to introduce a few of the official peers we usually deal with.*   Directly relevant for CERN are SWITCH, our partner for networking in Switzerland, and our contacts within the WLCG, i.e. the European Grid Infrastructure (EGI), and the U.S. Open Science Grid (OSG). All three are essential partners when discussing security implementations and resolving security incidents. SWITCH, in...

  17. The Role of Trust in Computer Security

    DEFF Research Database (Denmark)

    Jensen, Christian D.

    2012-01-01

    technologies and show how many of them concern the placement of trust on human or system agents. We argue that making such assumptions about trust explicit is an essential requirement for the future of system security and argue why the formalisation of computational trust is necessary when we wish to reason...

  18. LEGO for Two-Party Secure Computation

    DEFF Research Database (Denmark)

    Nielsen, Jesper Buus; Orlandi, Claudio

    2009-01-01

    This paper continues the recent line of work of making Yao’s garbled circuit approach to two-party computation secure against an active adversary. We propose a new cut-and-choose based approach called LEGO (Large Efficient Garbled-circuit Optimization): It is specifically aimed at large circuits...

  19. Guidelines for computer security in general practice

    Directory of Open Access Journals (Sweden)

    Peter Schattner

    2007-06-01

    Conclusions This paper maps out a process for developing computer security guidelines for general practice. The specific content will vary in different countries according to their levels of adoption of IT, and cultural, technical and other health service factors. Making these guidelines relevant to local contexts should help maximise their uptake.

  20. Cloud computing security requirements: a systematic review

    NARCIS (Netherlands)

    Iankoulova, Iliana; Daneva, Maia; Rolland, C; Castro, J.; Pastor, O

    Many publications have dealt with various types of security requirements in cloud computing but not all types have been explored in sufficient depth. It is also hard to understand which types of requirements have been under-researched and which are most investigated. This paper's goal is to provide

  1. Computer Security: Computer security threats, vulnerabilities and attacks (3/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Antonio Perez Perez works in the Computer Security Team doing software development, sysadmin tasks and operations. He is also involved on grid security and does 1st line security support at CERN on ROTA. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have shown several successful attacks against e.g. Sony, PBS, UNESCO, RSAsecurity, Citibank, and others. Credit card information of hundreds of thousands of people got exposed. Affected companies not only lost their assets and data, also their reputation has suffered. Thus, proper computer security measures are essential. Without question, security must even more become an inherent ingredient when developing, deploying, and operating applications, web sites, and computing services. These lectures shall give an ove...

  2. Security for small computer systems a practical guide for users

    CERN Document Server

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  3. OT-Combiners Via Secure Computation

    DEFF Research Database (Denmark)

    Harnik, Danny; Ishai, Yuval; Kushilevitz, Eyal

    2008-01-01

    of faulty candidates (t = Ω(n)). Previous OT-combiners required either ω(n) or poly(k) calls to the n candidates, where k is a security parameter, and produced only a single secure OT. We demonstrate the usefulness of the latter result by presenting several applications that are of independent interest......An OT-combiner implements a secure oblivious transfer (OT) protocol using oracle access to n OT-candidates of which at most t may be faulty. We introduce a new general approach for combining OTs by making a simple and modular use of protocols for secure computation. Specifically, we obtain an OT......, strengthen the security, and improve the efficiency of previous OT-combiners. In particular, we obtain the first constant-rate OT-combiners in which the number of secure OTs being produced is a constant fraction of the total number of calls to the OT-candidates, while still tolerating a constant fraction...

  4. Software For Computer-Security Audits

    Science.gov (United States)

    Arndt, Kate; Lonsford, Emily

    1994-01-01

    Information relevant to potential breaches of security gathered efficiently. Automated Auditing Tools for VAX/VMS program includes following automated software tools performing noted tasks: Privileged ID Identification, program identifies users and their privileges to circumvent existing computer security measures; Critical File Protection, critical files not properly protected identified; Inactive ID Identification, identifications of users no longer in use found; Password Lifetime Review, maximum lifetimes of passwords of all identifications determined; and Password Length Review, minimum allowed length of passwords of all identifications determined. Written in DEC VAX DCL language.

  5. Secure information transfer based on computing reservoir

    Energy Technology Data Exchange (ETDEWEB)

    Szmoski, R.M.; Ferrari, F.A.S. [Department of Physics, Universidade Estadual de Ponta Grossa, 84030-900, Ponta Grossa (Brazil); Pinto, S.E. de S, E-mail: desouzapinto@pq.cnpq.br [Department of Physics, Universidade Estadual de Ponta Grossa, 84030-900, Ponta Grossa (Brazil); Baptista, M.S. [Institute for Complex Systems and Mathematical Biology, SUPA, University of Aberdeen, Aberdeen (United Kingdom); Viana, R.L. [Department of Physics, Universidade Federal do Parana, 81531-990, Curitiba, Parana (Brazil)

    2013-04-01

    There is a broad area of research to ensure that information is transmitted securely. Within this scope, chaos-based cryptography takes a prominent role due to its nonlinear properties. Using these properties, we propose a secure mechanism for transmitting data that relies on chaotic networks. We use a nonlinear on–off device to cipher the message, and the transfer entropy to retrieve it. We analyze the system capability for sending messages, and we obtain expressions for the operating time. We demonstrate the system efficiency for a wide range of parameters. We find similarities between our method and the reservoir computing.

  6. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  7. SECURITY AND PRIVACY ISSUES IN CLOUD COMPUTING

    Directory of Open Access Journals (Sweden)

    Amina AIT OUAHMAN

    2014-10-01

    Full Text Available Today, cloud computing is defined and talked about across the ICT industry under different contexts and with different definitions attached to it. It is a new paradigm in the evolution of Information Technology, as it is one of the biggest revolutions in this field to have taken place in recent times. According to the National Institute for Standards and Technology (NIST, “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services that can be rapidly provisioned and released with minimal management effort or service provider interaction” [1]. The importance of Cloud Computing is increasing and it is receiving a growing attention in the scientific and industrial communities. A study by Gartner [2] considered Cloud Computing as the first among the top 10 most important technologies and with a better prospect in successive years by companies and organizations. Clouds bring out tremendous benefits for both individuals and enterprises. Clouds support economic savings, outsourcing mechanisms, resource sharing, any-where any-time accessibility, on-demand scalability, and service flexibility. Clouds minimize the need for user involvement by masking technical details such as software upgrades, licenses, and maintenance from its customers. Clouds could also offer better security advantages over individual server deployments. Since a cloud aggregates resources, cloud providers charter expert security personnel while typical companies could be limited with a network administrator who might not be well versed in cyber security issues. The new concepts introduced by the clouds, such as computation outsourcing, resource sharing, and external data warehousing, increase the security and privacy concerns and create new security challenges. Moreover, the large scale of the clouds, the proliferation of mobile access devices (e

  8. Teaching Computer Security with a Hands-On Component

    OpenAIRE

    Murthy , Narayan

    2011-01-01

    Part 2: WISE 7; International audience; To address national needs for computer security education, many universities have incorporated computer and security courses into their undergraduate and graduate curricula. Our department has introduced computer security courses at both the undergraduate and the graduate level. This paper describes our approach, our experiences, and lessons learned in teaching a Computer Security Overview course.There are two key elements in the course: Studying comput...

  9. Computer Security: better code, fewer problems

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    The origin of many security incidents is negligence or unintentional mistakes made by web developers or programmers. In the rush to complete the work, due to skewed priorities, or just to ignorance, basic security principles can be omitted or forgotten.   The resulting vulnerabilities lie dormant until the evil side spots them and decides to hit hard. Computer security incidents in the past have put CERN’s reputation at risk due to websites being defaced with negative messages about the Organization, hash files of passwords being extracted, restricted data exposed… And it all started with a little bit of negligence! If you check out the Top 10 web development blunders, you will see that the most prevalent mistakes are: Not filtering input, e.g. accepting “<“ or “>” in input fields even if only a number is expected.  Not validating that input: you expect a birth date? So why accept letters? &...

  10. Improving computer security by health smart card.

    Science.gov (United States)

    Nisand, Gabriel; Allaert, François-André; Brézillon, Régine; Isphording, Wilhem; Roeslin, Norbert

    2003-01-01

    The University hospitals of Strasbourg have worked for several years on the computer security of the medical data and have of this fact be the first to use the Health Care Professional Smart Card (CPS). This new tool must provide security to the information processing systems and especially to the medical data exchanges between the partners who collaborate to the care of the Beyond the purely data-processing aspects of the functions of safety offered by the CPS, safety depends above all on the practices on the users, their knowledge concerning the legislation, the risks and the stakes, of their adhesion to the procedures and protections installations. The aim of this study is to evaluate this level of knowledge, the practices and the feelings of the users concerning the computer security of the medical data, to check the relevance of the step taken, and if required, to try to improve it. The survey by questionnaires involved 648 users. The practices of users in terms of data security are clearly improved by the implementation of the security server and the use of the CPS system, but security breaches due to bad practices are not however completely eliminated. That confirms that is illusory to believe that data security is first and foremost a technical issue. Technical measures are of course indispensable, but the greatest efforts are required after their implementation and consist in making the key players [2], i.e. users, aware and responsible. However, it must be stressed that the user-friendliness of the security interface has a major effect on the results observed. For instance, it is highly probable that the bad practices continued or introduced upon the implementation of the security server and CPS scheme are due to the complicated nature or functional defects of the proposed solution, which must therefore be improved. Besides, this is only the pilot phase and card holders can be expected to become more responsible as time goes by, along with the gradual

  11. Audit and Evaluation of Computer Security. Computer Science and Technology.

    Science.gov (United States)

    Ruthberg, Zella G.

    This is a collection of consensus reports, each produced at a session of an invitational workshop sponsored by the National Bureau of Standards. The purpose of the workshop was to explore the state-of-the-art and define appropriate subjects for future research in the audit and evaluation of computer security. Leading experts in the audit and…

  12. Computer security inspection: An inspectee perspective

    International Nuclear Information System (INIS)

    Penny, S.K.; Caldwell, R.J.

    1987-01-01

    The inspection process within the Department of Energy (DOE) is intended to be an independent monitor and reporter of the status of security programs in various areas, such as computer security. It is one of several quality controls on the security process within the DOE's structure. When it works well, it contributes to a standard of performance for security across DOE sites. When it works badly, it results in embarrassment to DOE and potentially contributes to a misalignment of priorities. When the process works well, the site describes how its security controls function within the organization and mission of the site for the purpose of external analysis and verification. The Standards and Criteria represent a compromise between Headquarters and the DOE field organizations regarding issues and priorities to be reviewed and serve as a mutual basis in preparing for and conducting an inspection. The result is an independent analysis that can be factored into the local decision process. The paper discusses this interaction. The process becomes dangerous if its results are taken out of context. This happens if the results are prematurely released outside of DOE and receive national or congressional attention prior to their internal adjudication. Another danger exists of reacting to findings rather than using them to find solutions.. When this happens, a misalignment of priorities and expenditures frequently occurs. This paper discusses these dangers and ways to avoid them

  13. Secure Cloud Computing Using Homomorphic Encryption

    Directory of Open Access Journals (Sweden)

    Alexander Olegovich Zhirov

    2013-02-01

    Full Text Available The question of cloud security has become more significant with growing popularity of cloud computing. This article is dedicated to fully homomorphic encryption which is one of the most promising methods to reach the necessary level of privacy. In this article we consider the basic ideas on homomorphic encryption proposed by C. Gentry, make generalization of them and propose three new fully homomorphic encryption schemes based on polynomial rings.

  14. Computer Security: Introduction to information and computer security (1/4)

    CERN Multimedia

    CERN. Geneva

    2012-01-01

    Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

  15. Handbook for the Computer Security Certification of Trusted Systems

    National Research Council Canada - National Science Library

    Weissman, Clark

    1995-01-01

    Penetration testing is required for National Computer Security Center (NCSC) security evaluations of systems and products for the B2, B3, and A1 class ratings of the Trusted Computer System Evaluation Criteria (TCSEC...

  16. FAA computer security : recommendations to address continuing weaknesses

    Science.gov (United States)

    2000-12-01

    In September, testimony before the Committee on Science, House of Representatives, focused on the Federal Aviation Administration's (FAA) computer security program. In brief, we reported that FAA's agency-wide computer security program has serious, p...

  17. Extreme Scale Computing to Secure the Nation

    Energy Technology Data Exchange (ETDEWEB)

    Brown, D L; McGraw, J R; Johnson, J R; Frincke, D

    2009-11-10

    Since the dawn of modern electronic computing in the mid 1940's, U.S. national security programs have been dominant users of every new generation of high-performance computer. Indeed, the first general-purpose electronic computer, ENIAC (the Electronic Numerical Integrator and Computer), was used to calculate the expected explosive yield of early thermonuclear weapons designs. Even the U. S. numerical weather prediction program, another early application for high-performance computing, was initially funded jointly by sponsors that included the U.S. Air Force and Navy, agencies interested in accurate weather predictions to support U.S. military operations. For the decades of the cold war, national security requirements continued to drive the development of high performance computing (HPC), including advancement of the computing hardware and development of sophisticated simulation codes to support weapons and military aircraft design, numerical weather prediction as well as data-intensive applications such as cryptography and cybersecurity U.S. national security concerns continue to drive the development of high-performance computers and software in the U.S. and in fact, events following the end of the cold war have driven an increase in the growth rate of computer performance at the high-end of the market. This mainly derives from our nation's observance of a moratorium on underground nuclear testing beginning in 1992, followed by our voluntary adherence to the Comprehensive Test Ban Treaty (CTBT) beginning in 1995. The CTBT prohibits further underground nuclear tests, which in the past had been a key component of the nation's science-based program for assuring the reliability, performance and safety of U.S. nuclear weapons. In response to this change, the U.S. Department of Energy (DOE) initiated the Science-Based Stockpile Stewardship (SBSS) program in response to the Fiscal Year 1994 National Defense Authorization Act, which requires, 'in the

  18. SEED: A Suite of Instructional Laboratories for Computer Security Education

    Science.gov (United States)

    Du, Wenliang; Wang, Ronghua

    2008-01-01

    The security and assurance of our computing infrastructure has become a national priority. To address this priority, higher education has gradually incorporated the principles of computer and information security into the mainstream undergraduate and graduate computer science curricula. To achieve effective education, learning security principles…

  19. 48 CFR 952.204-77 - Computer security.

    Science.gov (United States)

    2010-10-01

    ... 48 Federal Acquisition Regulations System 5 2010-10-01 2010-10-01 false Computer security. 952.204... SOLICITATION PROVISIONS AND CONTRACT CLAUSES Text of Provisions and Clauses 952.204-77 Computer security. As prescribed in 904.404(d)(7), the following clause shall be included: Computer Security (AUG 2006) (a...

  20. Securing Embedded Smart Cameras with Trusted Computing

    Directory of Open Access Journals (Sweden)

    Winkler Thomas

    2011-01-01

    Full Text Available Camera systems are used in many applications including video surveillance for crime prevention and investigation, traffic monitoring on highways or building monitoring and automation. With the shift from analog towards digital systems, the capabilities of cameras are constantly increasing. Today's smart camera systems come with considerable computing power, large memory, and wired or wireless communication interfaces. With onboard image processing and analysis capabilities, cameras not only open new possibilities but also raise new challenges. Often overlooked are potential security issues of the camera system. The increasing amount of software running on the cameras turns them into attractive targets for attackers. Therefore, the protection of camera devices and delivered data is of critical importance. In this work we present an embedded camera prototype that uses Trusted Computing to provide security guarantees for streamed videos. With a hardware-based security solution, we ensure integrity, authenticity, and confidentiality of videos. Furthermore, we incorporate image timestamping, detection of platform reboots, and reporting of the system status. This work is not limited to theoretical considerations but also describes the implementation of a prototype system. Extensive evaluation results illustrate the practical feasibility of the approach.

  1. Practical Secure Computation with Pre-Processing

    DEFF Research Database (Denmark)

    Zakarias, Rasmus Winther

    Secure Multiparty Computation has been divided between protocols best suited for binary circuits and protocols best suited for arithmetic circuits. With their MiniMac protocol in [DZ13], Damgård and Zakarias take an important step towards bridging these worlds with an arithmetic protocol tuned...... space for pre-processing material than computing the non-linear parts online (depends on the quality of circuit of course). Surprisingly, even for our optimized AES-circuit this is not the case. We further improve the design of the pre-processing material and end up with only 10 megabyes of pre...... a protocol for small field arithmetic to do fast large integer multipli- cations. This is achieved by devising pre-processing material that allows the Toom-Cook multiplication algorithm to run between the parties with linear communication complexity. With this result computation on the CPU by the parties...

  2. On technical security issues in cloud computing

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Gruschka, Nils

    2009-01-01

    , however, there are still some challenges to be solved. Amongst these are security and trust issues, since the user's data has to be released to the Cloud and thus leaves the protection sphere of the data owner. Most of the discussions on this topics are mainly driven by arguments related to organisational......The Cloud Computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure (CapEx) and operational expenditure (OpEx). In order for this to become reality...... means. This paper focusses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations....

  3. Unconditionally stable microwave Si-IMPATT amplifiers

    International Nuclear Information System (INIS)

    Seddik, M.M.

    1986-07-01

    The purpose of this investigation has been the development of an improved understanding of the design and analysis of microwave reflection amplifiers employing the negative resistance property of the IMPATT devices. Unconditionally stable amplifier circuit using a Silicon IMPATT diode is designed. The problems associated with the design procedures and the stability criterion are discussed. A computer program is developed to perform the computations. The stable characteristics of a reflection-type Si-IMPATT amplifier, such as gain, frequency and bandwidth are examined. It was found that at large signal drive levels, 7 dB gain with bandwidth of 800 MHz at 22,5 mA was obtained. (author)

  4. Cloud Computing Security in Openstack Architecture: General Overview

    Directory of Open Access Journals (Sweden)

    Gleb Igorevich Shakulo

    2015-10-01

    Full Text Available The subject of article is cloud computing security. Article begins with author analyzing cloud computing advantages and disadvantages, factors of growth, both positive and negative. Among latter, security is deemed one of the most prominent. Furthermore, author takes architecture of OpenStack project as an example for study: describes its essential components and their interconnection. As conclusion, author raises series of questions as possible areas of further research to resolve security concerns, thus making cloud computing more secure technology.

  5. Towards Information Security Metrics Framework for Cloud Computing

    OpenAIRE

    Muhammad Imran Tariq

    2012-01-01

    Cloud computing has recently emerged as new computing paradigm which basically aims to provide customized, reliable, dynamic services over the internet.  Cost and security are influential issues to deploy cloud computing in large enterprise.  Privacy and security are very important issues in terms of user trust and legal compliance. Information Security (IS) metrics are best tool used to measure the efficiency, performance, effectiveness and impact of the security constraints. It is very hard...

  6. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  7. Secure medical information sharing in cloud computing.

    Science.gov (United States)

    Shao, Zhiyi; Yang, Bo; Zhang, Wenzheng; Zhao, Yi; Wu, Zhenqiang; Miao, Meixia

    2015-01-01

    Medical information sharing is one of the most attractive applications of cloud computing, where searchable encryption is a fascinating solution for securely and conveniently sharing medical data among different medical organizers. However, almost all previous works are designed in symmetric key encryption environment. The only works in public key encryption do not support keyword trapdoor security, have long ciphertext related to the number of receivers, do not support receiver revocation without re-encrypting, and do not preserve the membership of receivers. In this paper, we propose a searchable encryption supporting multiple receivers for medical information sharing based on bilinear maps in public key encryption environment. In the proposed protocol, data owner stores only one copy of his encrypted file and its corresponding encrypted keywords on cloud for multiple designated receivers. The keyword ciphertext is significantly shorter and its length is constant without relation to the number of designated receivers, i.e., for n receivers the ciphertext length is only twice the element length in the group. Only the owner knows that with whom his data is shared, and the access to his data is still under control after having been put on the cloud. We formally prove the security of keyword ciphertext based on the intractability of Bilinear Diffie-Hellman problem and the keyword trapdoor based on Decisional Diffie-Hellman problem.

  8. Computer Security: transparent monitoring for your protection

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Computer security can be handled in one of two ways: in secrecy, behind a black curtain; or out in the open, subject to scrutiny and with full transparency. We believe that the latter is the only right way for CERN, and have always put that belief into practice. In keeping with this spirit, here is a reminder of how we monitor (your) CERN activities in order to guarantee timely responses to computer security incidents.   We monitor all network traffic coming into and going out of CERN. Automatic tools look for suspicious patterns like connections to known malicious IP addresses, web pages or domains. They check for malicious files being downloaded and make statistical analyses of connections in order to identify unusual behaviour. The automatic analysis of the logs from the CERN Domain Name Servers complements this and provides a redundant means of detection. We also constantly scan the CERN office network and keep an inventory of the individual network services running on each device: w...

  9. Science and Technology Resources on the Internet: Computer Security.

    Science.gov (United States)

    Kinkus, Jane F.

    2002-01-01

    Discusses issues related to computer security, including confidentiality, integrity, and authentication or availability; and presents a selected list of Web sites that cover the basic issues of computer security under subject headings that include ethics, privacy, kids, antivirus, policies, cryptography, operating system security, and biometrics.…

  10. Computer security incident response team effectiveness : A needs assessment

    NARCIS (Netherlands)

    Kleij, R. van der; Kleinhuis, G.; Young, H.J.

    2017-01-01

    Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad-hoc basis, in close cooperation with other teams, and in

  11. Unconditional lower bounds against advice

    NARCIS (Netherlands)

    Buhrman, H.; Fortnow, L.; Santhanam, R.

    2009-01-01

    We show several unconditional lower bounds for exponential time classes against polynomial time classes with advice, including: (1) For any constant c, NEXP not in P^{NP[n^c]} (2) For any constant c, MAEXP not in MA/n^c (3) BPEXP not in BPP/n^{o(1)}. It was previously unknown even whether NEXP in

  12. Detailed Information Security in Cloud Computing

    OpenAIRE

    Pavel Valerievich Ivonin

    2013-01-01

    The object of research in this article is technology of public clouds, structure and security system of clouds. Problems of information security in clouds are considered, elements of security system in public clouds are described.

  13. Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety

    Science.gov (United States)

    1998-05-01

    Given the paramount importance of computer security of Air Traffic Control (ATC) systems, Congress asked the General Accounting Office to determine (1) whether the Fedcral Aviation Administration (FAA) is effectively managing physical security at ATC...

  14. Strengthening Capacity to Respond to Computer Security Incidents ...

    International Development Research Centre (IDRC) Digital Library (Canada)

    ... in the form of spam, improper access to confidential data and cyber theft. ... These teams are usually known as computer security incident response teams ... regional capacity for preventing and responding to cyber security incidents in Latin ...

  15. Restricted access processor - An application of computer security technology

    Science.gov (United States)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  16. Computer Security: is your code sane?

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    How many of us write code? Software? Programs? Scripts? How many of us are properly trained in this and how well do we do it? Do we write functional, clean and correct code, without flaws, bugs and vulnerabilities*? In other words: are our codes sane?   Figuring out weaknesses is not that easy (see our quiz in an earlier Bulletin article). Therefore, in order to improve the sanity of your code, prevent common pit-falls, and avoid the bugs and vulnerabilities that can crash your code, or – worse – that can be misused and exploited by attackers, the CERN Computer Security team has reviewed its recommendations for checking the security compliance of your code. “Static Code Analysers” are stand-alone programs that can be run on top of your software stack, regardless of whether it uses Java, C/C++, Perl, PHP, Python, etc. These analysers identify weaknesses and inconsistencies including: employing undeclared variables; expressions resu...

  17. Computer Security: Your privacy at CERN matters

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Congrats to all those who spotted that our last contribution to the CERN Bulletin (“CERN Secure Password Competition” – see here) was an April Fools’ Day hoax. Of course, there is no review and no jury and there won’t be any competition. Consequently, we are sorry to say that we cannot announce any winners. The extension of the password history rule and the initiative of finding password duplicates are absolute nonsense too.   In fact, the Computer Security team, just like the CERN Account Management service, the Single Sign-On team and the ServiceDesk, does not know and has no need to know your password. Passwords are actually salted and hashed using the SHA256 cryptographic hash function. Thus, there is no literal password database and no way that anyone apart from you can know your password – unless you have given it away intentionally or inadvertently… Remember, your password is yours and only yours, so please do not...

  18. Computer Security: WWW censorship? Not at CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Whoops! We received a number of critical responses to our previous article on the upcoming DNS firewall (“DNS to the rescue!” - see here). While they were mostly constructive, the main question was “How dare we censor Internet access?” Let us clarify this.   Computer security at CERN must always find the right balance between CERN’s academic environment, its operations and security itself. Of course we can easily overdo it one way or another, but that would kill our academic freedom and bring the Organization to a halt. That certainly isn’t in our interest. On the other hand, CERN is permanently under attack and we have to do everything possible to ensure that those attacks are kept at bay. Otherwise they could impact CERN’s operations… So, have we found the right balance? Concerning access to the Internet and in particular to the web, we have not and will not block random websites because of their content unless &a...

  19. Security policies and trust in ubiquitous computing.

    Science.gov (United States)

    Joshi, Anupam; Finin, Tim; Kagal, Lalana; Parker, Jim; Patwardhan, Anand

    2008-10-28

    Ubiquitous environments comprise resource-constrained mobile and wearable devices and computational elements embedded in everyday artefacts. These are connected to each other using both infrastructure-based as well as short-range ad hoc networks. Limited Internet connectivity limits the use of conventional security mechanisms such as public key infrastructures and other forms of server-centric authentication. Under these circumstances, peer-to-peer interactions are well suited for not just information interchange, but also managing security and privacy. However, practical solutions for protecting mobile devices, preserving privacy, evaluating trust and determining the reliability and accuracy of peer-provided data in such interactions are still in their infancy. Our research is directed towards providing stronger assurances of the reliability and trustworthiness of information and services, and the use of declarative policy-driven approaches to handle the open and dynamic nature of such systems. This paper provides an overview of some of the challenges and issues, and points out directions for progress.

  20. Java parallel secure stream for grid computing

    International Nuclear Information System (INIS)

    Chen, J.; Akers, W.; Chen, Y.; Watson, W.

    2001-01-01

    The emergence of high speed wide area networks makes grid computing a reality. However grid applications that need reliable data transfer still have difficulties to achieve optimal TCP performance due to network tuning of TCP window size to improve the bandwidth and to reduce latency on a high speed wide area network. The authors present a pure Java package called JPARSS (Java Parallel Secure Stream) that divides data into partitions that are sent over several parallel Java streams simultaneously and allows Java or Web applications to achieve optimal TCP performance in a gird environment without the necessity of tuning the TCP window size. Several experimental results are provided to show that using parallel stream is more effective than tuning TCP window size. In addition X.509 certificate based single sign-on mechanism and SSL based connection establishment are integrated into this package. Finally a few applications using this package will be discussed

  1. Computer Security: The dilemma of fractal defence

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Aren’t mathematical fractals just beautiful? The Mandelbrot set and the Julia set, the Sierpinski gasket, the Menger sponge, the Koch curve (see here)… Based on very simple mathematical rules, they quickly develop into a mosaic of facets slightly different from each other. More and more features appear the closer you zoom into a fractal and expose similar but not identical features of the overall picture.   Computer security is like these fractals, only much less pretty: simple at first glance, but increasingly complex and complicated when you look more closely at the details. The deeper you dig, the more and more possibilities open up for malicious people as the attack surface grows, just like that of “Koch’s snowflakes”, where the border length grows exponentially. Consequently, the defensive perimeter also increases when we follow the bits and bytes layer by layer from their processing in the CPU, trickling up the software stack thro...

  2. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  3. Computer security of NPP instrumentation and control systems: categorization

    International Nuclear Information System (INIS)

    Klevtsov, A.L.; Simonov, A.A.; Trubchaninov, S.A.

    2016-01-01

    The paper is devoted to studying categorization of NPP instrumentation and control (I&C) systems from the point of view of computer security and to consideration of the computer security levels and zones used by the International Atomic Energy Agency (IAEA). The paper also describes the computer security degrees and zones regulated by the International Electrotechnical Commission (IEC) standard. The computer security categorization of the systems used by the U.S. Nuclear Regulatory Commission (NRC) is presented. The experts analyzed the main differences in I&C systems computer security categorization accepted by the IAEA, IEC and U.S. NRC. The approaches to categorization that should be advisably used in Ukraine during the development of regulation on NPP I&C systems computer security are proposed in the paper

  4. Deployment Models: Towards Eliminating Security Concerns From Cloud Computing

    OpenAIRE

    Zhao, Gansen; Chunming, Rong; Jaatun, Martin Gilje; Sandnes, Frode Eika

    2010-01-01

    Cloud computing has become a popular choice as an alternative to investing new IT systems. When making decisions on adopting cloud computing related solutions, security has always been a major concern. This article summarizes security concerns in cloud computing and proposes five service deployment models to ease these concerns. The proposed models provide different security related features to address different requirements and scenarios and can serve as reference models for deployment. D...

  5. Teaching introductory computer security at a Department of Defense university

    OpenAIRE

    Irvine, Cynthia E.

    1997-01-01

    The Naval Postgraduate School Center for Information Systems Security (INFOSEC) Studies and Research (NPS CISR) has developed an instructional program in computer security. Its objective is to insure that students not only understand practical aspects of computer security associated with current technology, but also learn the fundamental principles that can be applied to the development of systems for which high confidence in policy enforcement can be achieved. Introduction to Computer Sec...

  6. Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

    Science.gov (United States)

    Edwards, Keith

    2015-01-01

    Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

  7. Computer Security: oops, there it goes...

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Do you love riddles, hide and seek or picture puzzles a la “Where’s Wally”? Then take a look at the photo below, and try to spot the error.   It is hard to spot: the yellow sticker on the computer screen shows a password providing access to the web application running on the screen. Surprising! Fortunately, this sticker was quickly removed by the corresponding system owners and the password changed. However, we can all make improvements: passwords must never be written down and definitely not on stickers attached to screens, keyboards, or desks. Remember: your password is your “toothbrush” - a toothbrush you do not share and you change regularly. Neither your colleagues, your supervisor, the Service Desk or the Computer Security Team have any valid reason to ask for it. They should not and will never do so. The same is valid for any external company: UBS, Paypal, Amazon, Facebook or Google will never ask you for your pass...

  8. Computer-aided support for Secure Tropos

    NARCIS (Netherlands)

    Massacci, F.; Mylopoulos, J.; Zannone, N.

    2007-01-01

    In earlier work, we have introduced Secure Tropos, a requirements engineering methodology that extends the Tropos methodology and is intended for the design and analysis of security requirements. This paper briefly recaps the concepts proposed for capturing security aspects, and presents an

  9. Secure system design and trustable computing

    CERN Document Server

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  10. Implementation of computer security at nuclear facilities in Germany

    Energy Technology Data Exchange (ETDEWEB)

    Lochthofen, Andre; Sommer, Dagmar [Gesellschaft fuer Anlagen- und Reaktorsicherheit mbH (GRS), Koeln (Germany)

    2013-07-01

    In recent years, electrical and I and C components in nuclear power plants (NPPs) were replaced by software-based components. Due to the increased number of software-based systems also the threat of malevolent interferences and cyber-attacks on NPPs has increased. In order to maintain nuclear security, conventional physical protection measures and protection measures in the field of computer security have to be implemented. Therefore, the existing security management process of the NPPs has to be expanded to computer security aspects. In this paper, we give an overview of computer security requirements for German NPPs. Furthermore, some examples for the implementation of computer security projects based on a GRS-best-practice-approach are shown. (orig.)

  11. Implementation of computer security at nuclear facilities in Germany

    International Nuclear Information System (INIS)

    Lochthofen, Andre; Sommer, Dagmar

    2013-01-01

    In recent years, electrical and I and C components in nuclear power plants (NPPs) were replaced by software-based components. Due to the increased number of software-based systems also the threat of malevolent interferences and cyber-attacks on NPPs has increased. In order to maintain nuclear security, conventional physical protection measures and protection measures in the field of computer security have to be implemented. Therefore, the existing security management process of the NPPs has to be expanded to computer security aspects. In this paper, we give an overview of computer security requirements for German NPPs. Furthermore, some examples for the implementation of computer security projects based on a GRS-best-practice-approach are shown. (orig.)

  12. Secure Two-Party Computation with Low Communication

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Faust, Sebastian; Hazay, Carmit

    2011-01-01

    We propose a 2-party UC-secure computation protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic...

  13. A Novel Cloud Computing Algorithm of Security and Privacy

    Directory of Open Access Journals (Sweden)

    Chih-Yung Chen

    2013-01-01

    Full Text Available The emergence of cloud computing has simplified the flow of large-scale deployment distributed system of software suppliers; when issuing respective application programs in a sharing clouds service to different user, the management of material becomes more complex. Therefore, in multitype clouds service of trust environment, when enterprises face cloud computing, what most worries is the issue of security, but individual users are worried whether the privacy material will have an outflow risk. This research has mainly analyzed several different construction patterns of cloud computing, and quite relevant case in the deployment construction security of cloud computing by fit and unfit quality, and proposed finally an optimization safe deployment construction of cloud computing and security mechanism of material protection calculating method, namely, Global Authentication Register System (GARS, to reduce cloud material outflow risk. We implemented a system simulation to test the GARS algorithm of availability, security and performance. By experimental data analysis, the solutions of cloud computing security, and privacy derived from the research can be effective protection in cloud information security. Moreover, we have proposed cloud computing in the information security-related proposals that would provide related units for the development of cloud computing security practice.

  14. Computer Security: “New_invoice.zip”

    CERN Document Server

    Stefan Lueders, Computer Security Team

    2015-01-01

    Thanks for reading this. But I wonder, what do you expect? Why did this generic title catch your interest? Of course, you might read our articles on a regular basis and it is the “Computer Security:” that brought you here. But still, was there anything else? You should stop reading here... unless you believe this text is meant for you. Or if you are curious. Or if you expect to learn something. Actually, that’s it. “New_invoice.zip” taught more than 40 people at CERN a lesson... the hard way.   “New_invoice.zip” was the name of an attachment to a rather blunt e-mail sent directly to many of our dear colleagues. Others received the e-mail via mailing lists like “it-dep”. The subject of the mail was “invoice” and its message read “Check the document” (see Image 1). The recipient list was vast and full of many different, not necessarily connected names. Clicking on t...

  15. Cloud Computing Security in Openstack Architecture: General Overview

    OpenAIRE

    Gleb Igorevich Shakulo

    2015-01-01

    The subject of article is cloud computing security. Article begins with author analyzing cloud computing advantages and disadvantages, factors of growth, both positive and negative. Among latter, security is deemed one of the most prominent. Furthermore, author takes architecture of OpenStack project as an example for study: describes its essential components and their interconnection. As conclusion, author raises series of questions as possible areas of further research to resolve security c...

  16. Security in Service Level Agreements for Cloud Computing

    OpenAIRE

    Bernsmed, Karin; JAATUN, Martin Gilje; Undheim, Astrid

    2011-01-01

    The Cloud computing paradigm promises reliable services, accessible from anywhere in the world, in an on-demand manner. Insufficient security has been identified as a major obstacle to adopting Cloud services. To deal with the risks associated with outsourcing data and applications to the Cloud, new methods for security assurance are urgently needed. This paper presents a framework for security in Service Level Agreements for Cloud computing. The purpose is twofold; to help potential Cloud cu...

  17. Food Security Strategy Based on Computer Innovation

    OpenAIRE

    Ruihui Mu

    2015-01-01

    Case analysis to identify innovative strategies for food security occurred in the Oriental Hotel, voluntarily implement food safety control. Food security strategy investigation and the reasons for their use of multiple data sources, including accommodation and catering industry to implement and document interviews with key decision makers in the hotel performed to observe the business environment were examined. This finding suggests that addressing food security, not only is the food control...

  18. Security Implications of Typical Grid Computing Usage Scenarios

    International Nuclear Information System (INIS)

    Humphrey, Marty; Thompson, Mary R.

    2001-01-01

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing

  19. Security Implications of Typical Grid Computing Usage Scenarios

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.

    2001-06-05

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing.

  20. A Novel Computer Virus Propagation Model under Security Classification

    Directory of Open Access Journals (Sweden)

    Qingyi Zhu

    2017-01-01

    Full Text Available In reality, some computers have specific security classification. For the sake of safety and cost, the security level of computers will be upgraded with increasing of threats in networks. Here we assume that there exists a threshold value which determines when countermeasures should be taken to level up the security of a fraction of computers with low security level. And in some specific realistic environments the propagation network can be regarded as fully interconnected. Inspired by these facts, this paper presents a novel computer virus dynamics model considering the impact brought by security classification in full interconnection network. By using the theory of dynamic stability, the existence of equilibria and stability conditions is analysed and proved. And the above optimal threshold value is given analytically. Then, some numerical experiments are made to justify the model. Besides, some discussions and antivirus measures are given.

  1. Security of fixed and wireless computer networks

    NARCIS (Netherlands)

    Verschuren, J.; Degen, A.J.G.; Veugen, P.J.M.

    2003-01-01

    A few decades ago, most computers were stand-alone machines: they were able to process information using their own resources. Later, computer systems were connected to each other enabling a computer system to exchange data with another computer and to use resources of another computer. With the

  2. Ethical Responsibility Key to Computer Security.

    Science.gov (United States)

    Lynn, M. Stuart

    1989-01-01

    The pervasiveness of powerful computers and computer networks has raised the specter of new forms of abuse and of concomitant ethical issues. Blurred boundaries, hackers, the Computer Worm, ethical issues, and implications for academic institutions are discussed. (MLW)

  3. Guidelines for development of NASA (National Aeronautics and Space Administration) computer security training programs

    Science.gov (United States)

    Tompkins, F. G.

    1983-01-01

    The report presents guidance for the NASA Computer Security Program Manager and the NASA Center Computer Security Officials as they develop training requirements and implement computer security training programs. NASA audiences are categorized based on the computer security knowledge required to accomplish identified job functions. Training requirements, in terms of training subject areas, are presented for both computer security program management personnel and computer resource providers and users. Sources of computer security training are identified.

  4. Security issues of cloud computing environment in possible military applications

    OpenAIRE

    Samčović, Andreja B.

    2013-01-01

    The evolution of cloud computing over the past few years is potentially one of major advances in the history of computing and telecommunications. Although there are many benefits of adopting cloud computing, there are also some significant barriers to adoption, security issues being the most important of them. This paper introduces the concept of cloud computing; looks at relevant technologies in cloud computing; takes into account cloud deployment models and some military applications. Addit...

  5. Small but effective: India's targeted unconditional cash transfers

    OpenAIRE

    Puja Dutta; Stephen Howes; Rinku Murgai

    2010-01-01

    India's approach to social security stresses the provision of subsidized food and public works. Targeted, unconditional cash transfers are little used, and have been little evaluated. An evaluation of cash transfers for the elderly and widows based on national household survey data and surveys on social pension utilization in two of India's states, Karnataka and Rajasthan, reveal that these social pension schemes work reasonably well. Levels of leakage (corruption) are low, funds flow disprop...

  6. Security Issues Model on Cloud Computing: A Case of Malaysia

    OpenAIRE

    Komeil Raisian; Jamaiah Yahaya

    2015-01-01

    By developing the cloud computing, viewpoint of many people regarding the infrastructure architectures, software distribution and improvement model changed significantly. Cloud computing associates with the pioneering deployment architecture, which could be done through grid calculating, effectiveness calculating and autonomic calculating. The fast transition towards that, has increased the worries regarding a critical issue for the effective transition of cloud computing. From the security v...

  7. Securing the Data Storage and Processing in Cloud Computing Environment

    Science.gov (United States)

    Owens, Rodney

    2013-01-01

    Organizations increasingly utilize cloud computing architectures to reduce costs and energy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth…

  8. Computer Security: Cryptography and authentication (2/4)

    CERN Multimedia

    CERN. Geneva

    2012-01-01

    Remi Mollon studied computer security at University and he first worked on Grids, with the EGEE project, for a French Bioinformatics institute. Information security being crucial in that field, he developed an encrypted file management system on top of Grid middleware, and he contributed in integrating legacy applications with Grids. Then, he was hired by CERN as a Grid Data Management developer, and he joined the Grid Operational Security Coordination Team. Remi has now moved to CERN Computer Security Team. Remi is involved in the daily security operations, in addition to be responsible to design Team's computer infrastructure, and to participate to several projects, like multi-factor authentication at CERN. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have s...

  9. Computer security at ukrainian nuclear facilities: interface between nuclear safety and security

    International Nuclear Information System (INIS)

    Chumak, D.; Klevtsov, O.

    2015-01-01

    Active introduction of information technology, computer instrumentation and control systems (I and C systems) in the nuclear field leads to a greater efficiency and management of technological processes at nuclear facilities. However, this trend brings a number of challenges related to cyber-attacks on the above elements, which violates computer security as well as nuclear safety and security of a nuclear facility. This paper considers regulatory support to computer security at the nuclear facilities in Ukraine. The issue of computer and information security considered in the context of physical protection, because it is an integral component. The paper focuses on the computer security of I and C systems important to nuclear safety. These systems are potentially vulnerable to cyber threats and, in case of cyber-attacks, the potential negative impact on the normal operational processes can lead to a breach of the nuclear facility security. While ensuring nuclear security of I and C systems, it interacts with nuclear safety, therefore, the paper considers an example of an integrated approach to the requirements of nuclear safety and security

  10. A security model for saas in cloud computing

    International Nuclear Information System (INIS)

    Abbas, R.; Farooq, A.

    2016-01-01

    Cloud computing is a type of computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications. It has many service modes like Software as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS). In SaaS model, service providers install and activate the applications in cloud and cloud customers access the software from cloud. So, the user does not have the need to purchase and install a particular software on his/her machine. While using SaaS model, there are multiple security issues and problems like Data security, Data breaches, Network security, Authentication and authorization, Data integrity, Availability, Web application security and Backup which are faced by users. Many researchers minimize these security problems by putting in hard work. A large work has been done to resolve these problems but there are a lot of issues that persist and need to overcome. In this research work, we have developed a security model that improves the security of data according to the desire of the End-user. The proposed model for different data security options can be helpful to increase the data security through which trade-off between functionalities can be optimized for private and public data. (author)

  11. Legal, privacy, security, access and regulatory issues in cloud computing

    CSIR Research Space (South Africa)

    Dlodlo, N

    2011-04-01

    Full Text Available a gap on reporting are on are legal , privacy, security, access and regulatory issues. This paper raises an awareness of legal, privacy, security, access and regulatory issues that are associated with the advent of cloud computing. An in...

  12. 78 FR 57839 - Request for Information on Computer Security Incident Coordination (CSIC)

    Science.gov (United States)

    2013-09-20

    ...-02] Request for Information on Computer Security Incident Coordination (CSIC) AGENCY: National... Computer Security Incident Coordination. NIST experienced technical difficulties with receiving email... Technology (NIST) announced that it was soliciting comments relating to Computer Security Incident...

  13. Cloud Computing Security Latest Issues amp Countermeasures

    OpenAIRE

    Shelveen Pandey; Mohammed Farik

    2015-01-01

    Abstract Cloud computing describes effective computing services provided by a third-party organization known as cloud service provider for organizations to perform different tasks over the internet for a fee. Cloud service providers computing resources are dynamically reallocated per demand and their infrastructure platform and software and other resources are shared by multiple corporate and private clients. With the steady increase in the number of cloud computing subscribers of these shar...

  14. Subversion: The Neglected Aspect of Computer Security.

    Science.gov (United States)

    1980-06-01

    it into the memory of the computer . These are called flows on covert channels... A simple covert channel is the running time of a program . Because... program and, in doing so, gives it ’permission’ to perform its covert functions. Not only will most computer systems not prevent the employment of such a...R. Schell, Major, USAF, June 1974. 109 11. Lackey, R.p., "Penetration of Computer Systems, an Overviev , Honeywell Computer Journal, Vol. 8, no. 21974

  15. Secure multiparty computation with a dishonest majority via quantum means

    International Nuclear Information System (INIS)

    Loukopoulos, Klearchos; Browne, Daniel E.

    2010-01-01

    We introduce a scheme for secure multiparty computation utilizing the quantum correlations of entangled states. First we present a scheme for two-party computation, exploiting the correlations of a Greenberger-Horne-Zeilinger state to provide, with the help of a third party, a near-private computation scheme. We then present a variation of this scheme which is passively secure with threshold t=2, in other words, remaining secure when pairs of players conspire together provided they faithfully follow the protocol. Furthermore, we show that the passively secure variant can be modified to be secure when cheating parties are allowed to deviate from the protocol. We show that this can be generalized to computations of n-party polynomials of degree 2 with a threshold of n-1. The threshold achieved is significantly higher than the best known classical threshold, which satisfies the bound t< n/2. Our schemes, each complying with a different definition of security, shed light on which physical assumptions are necessary in order to achieve quantum secure multiparty computation.

  16. Computer Security: Bye, Bye, Windows XP security... Welcome infections!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Rest in peace, Windows XP. Since your birth on 25 October 2001, you have struggled hard to survive this harsh Internet world. You fell prey to “Melissa”, “Sasser” and “Conficker”, and brought CERN its last large-scale infection with “Blaster” in 2004.    After being upgraded to “SP2”, you discovered software development lifecycles, regular “Patch Tuesdays” and a local firewall that rejected everything by default. In the end, you outlived your weird brother “Vista” and survived as the ugly duckling cousin to the beautiful Mr. Mac. But all your ups and downs are over now. On 8 April 2014, you were given your very last security updates. These life-sustaining measures will be stopped now. Game over. From now on, you are a zombie: presumed dead, but still kept running by your master/owner/user. They might not even understand that you now pose a risk ...

  17. Computer-aided proofs for multiparty computation with active security

    DEFF Research Database (Denmark)

    Spitters, Bas

    2018-01-01

    public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer’s MPC protocol for secure...

  18. Distributed Scheme to Authenticate Data Storage Security in Cloud Computing

    OpenAIRE

    B. Rakesh; K. Lalitha; M. Ismail; H. Parveen Sultana

    2017-01-01

    Cloud Computing is the revolution in current generation IT enterprise. Cloud computing displaces database and application software to the large data centres, where the management of services and data may not be predictable, where as the conventional solutions, for IT services are under proper logical, physical and personal controls. This aspect attribute, however comprises different security challenges which have not been well understood. It concentrates on cloud data storage security which h...

  19. Computer security threats faced by small businesses in Australia

    OpenAIRE

    Hutchings, Alice

    2012-01-01

    In this paper, an overview is provided of computer security threats faced by small businesses. Having identified the threats, the implications for small business owners are described, along with countermeasures that can be adopted to prevent incidents from occurring. The results of the Australian Business Assessment of Computer User Security (ABACUS) survey, commissioned by the Australian Institute of Criminology (AIC), are drawn upon to identify key risks (Challice 2009; Richards 2009). Addi...

  20. A Secure Authenticate Framework for Cloud Computing Environment

    OpenAIRE

    Nitin Nagar; Pradeep k. Jatav

    2014-01-01

    Cloud computing has an important aspect for the companies to build and deploy their infrastructure and application. Data Storage service in the cloud computing is easy as compare to the other data storage services. At the same time, cloud security in the cloud environment is challenging task. Security issues ranging from missing system configuration, lack of proper updates, or unwise user actions from remote data storage. It can expose user’s private data and information to unwanted access. i...

  1. Computer Security at Nuclear Facilities. Reference Manual (Arabic Edition)

    International Nuclear Information System (INIS)

    2011-01-01

    category of the IAEA Nuclear Security Series, and deals with computer security at nuclear facilities. It is based on national experience and practices as well as publications in the fields of computer security and nuclear security. The guidance is provided for consideration by States, competent authorities and operators. The preparation of this publication in the IAEA Nuclear Security Series has been made possible by the contributions of a large number of experts from Member States. An extensive consultation process with all Member States included consultants meetings and open-ended technical meetings. The draft was then circulated to all Member States for 120 days to solicit further comments and suggestions. The comments received from Member States were reviewed and considered in the final version of the publication.

  2. Computer Security at Nuclear Facilities. Reference Manual (Russian Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    category of the IAEA Nuclear Security Series, and deals with computer security at nuclear facilities. It is based on national experience and practices as well as publications in the fields of computer security and nuclear security. The guidance is provided for consideration by States, competent authorities and operators. The preparation of this publication in the IAEA Nuclear Security Series has been made possible by the contributions of a large number of experts from Member States. An extensive consultation process with all Member States included consultants meetings and open-ended technical meetings. The draft was then circulated to all Member States for 120 days to solicit further comments and suggestions. The comments received from Member States were reviewed and considered in the final version of the publication.

  3. Computer Security at Nuclear Facilities. Reference Manual (Chinese Edition)

    International Nuclear Information System (INIS)

    2012-01-01

    category of the IAEA Nuclear Security Series, and deals with computer security at nuclear facilities. It is based on national experience and practices as well as publications in the fields of computer security and nuclear security. The guidance is provided for consideration by States, competent authorities and operators. The preparation of this publication in the IAEA Nuclear Security Series has been made possible by the contributions of a large number of experts from Member States. An extensive consultation process with all Member States included consultants meetings and open-ended technical meetings. The draft was then circulated to all Member States for 120 days to solicit further comments and suggestions. The comments received from Member States were reviewed and considered in the final version of the publication.

  4. Auditing cloud computing a security and privacy guide

    CERN Document Server

    Halpert, Ben

    2011-01-01

    The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment Many organizations are reporting or projecting a significant cost savings through the use of cloud computing-utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among othe

  5. Complete Fairness in Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Gordon, S. Dov; Hazay, Carmit; Katz, Jonathan

    2011-01-01

    In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees, informa...... for such functions must have round complexity super-logarithmic in the security parameter. Our results demonstrate that the question of completely fair secure computation without an honest majority is far from closed.......In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness which guarantees......-party setting. We demonstrate that this folklore belief is false by showing completely fair protocols for various nontrivial functions in the two-party setting based on standard cryptographic assumptions. We first show feasibility of obtaining complete fairness when computing any function over polynomial...

  6. Collaboration using roles. [in computer network security

    Science.gov (United States)

    Bishop, Matt

    1990-01-01

    Segregation of roles into alternative accounts is a model which provides not only the ability to collaborate but also enables accurate accounting of resources consumed by collaborative projects, protects the resources and objects of such a project, and does not introduce new security vulnerabilities. The implementation presented here does not require users to remember additional passwords and provides a very simple consistent interface.

  7. Security and privacy in billing services in cloud computing

    OpenAIRE

    Μακρή, Ελένη - Λασκαρίνα

    2013-01-01

    The purpose of this master thesis is to define cloud computing and to introduce its basic principles. Firstly, the history of cloud computing will be briefly discussed, starting from the past and ending up to the current and future situation. Furthermore, the most important characteristics of cloud computing, such as security, privacy and cost, will be analyzed. Moreover the three service and three deployment models of cloud computing will be defined and analyzed with examples. Finally, the a...

  8. Cloud Computing Security Issues and Challenges

    OpenAIRE

    Kuyoro S. O.; Ibikunle F; Awodele O

    2011-01-01

    Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services w...

  9. Security and Privacy Issues in Cloud Computing

    OpenAIRE

    Sen, Jaydip

    2013-01-01

    Today, cloud computing is defined and talked about across the ICT industry under different contexts and with different definitions attached to it. It is a new paradigm in the evolution of Information Technology, as it is one of the biggest revolutions in this field to have taken place in recent times. According to the National Institute for Standards and Technology (NIST), “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing ...

  10. Cloud Computing Security Issues - Challenges and Opportunities

    OpenAIRE

    Vaikunth, Pai T.; Aithal, P. S.

    2017-01-01

    Cloud computing services enabled through information communication technology delivered to a customer as services over the Internet on a leased basis have the capability to extend up or down their service requirements or needs. In this model, the infrastructure is owned by a third party vendor and the cloud computing services are delivered to the requested customers. Cloud computing model has many advantages including scalability, flexibility, elasticity, efficiency, and supports outsourcing ...

  11. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  12. Security personnel training using a computer-based game

    International Nuclear Information System (INIS)

    Ralph, J.; Bickner, L.

    1987-01-01

    Security personnel training is an integral part of a total physical security program, and is essential in enabling security personnel to perform their function effectively. Several training tools are currently available for use by security supervisors, including: textbook study, classroom instruction, and live simulations. However, due to shortcomings inherent in each of these tools, a need exists for the development of low-cost alternative training methods. This paper discusses one such alternative: a computer-based, game-type security training system. This system would be based on a personal computer with high-resolution graphics. Key features of this system include: a high degree of realism; flexibility in use and maintenance; high trainee motivation; and low cost

  13. Reviews on Security Issues and Challenges in Cloud Computing

    Science.gov (United States)

    An, Y. Z.; Zaaba, Z. F.; Samsudin, N. F.

    2016-11-01

    Cloud computing is an Internet-based computing service provided by the third party allowing share of resources and data among devices. It is widely used in many organizations nowadays and becoming more popular because it changes the way of how the Information Technology (IT) of an organization is organized and managed. It provides lots of benefits such as simplicity and lower costs, almost unlimited storage, least maintenance, easy utilization, backup and recovery, continuous availability, quality of service, automated software integration, scalability, flexibility and reliability, easy access to information, elasticity, quick deployment and lower barrier to entry. While there is increasing use of cloud computing service in this new era, the security issues of the cloud computing become a challenges. Cloud computing must be safe and secure enough to ensure the privacy of the users. This paper firstly lists out the architecture of the cloud computing, then discuss the most common security issues of using cloud and some solutions to the security issues since security is one of the most critical aspect in cloud computing due to the sensitivity of user's data.

  14. Analyzing the security of an existing computer system

    Science.gov (United States)

    Bishop, M.

    1986-01-01

    Most work concerning secure computer systems has dealt with the design, verification, and implementation of provably secure computer systems, or has explored ways of making existing computer systems more secure. The problem of locating security holes in existing systems has received considerably less attention; methods generally rely on thought experiments as a critical step in the procedure. The difficulty is that such experiments require that a large amount of information be available in a format that makes correlating the details of various programs straightforward. This paper describes a method of providing such a basis for the thought experiment by writing a special manual for parts of the operating system, system programs, and library subroutines.

  15. Use of computer programs to evaluate effectiveness of security systems

    International Nuclear Information System (INIS)

    Harris, L. Jr.; Goldman, L.A.; Mc Daniel, T.L.

    1987-01-01

    Thirty or more computer programs for security vulnerability analysis were developed from 1975 through 1980. Most of these programs are intended for evaluating security system effectiveness against outsider threats, but at least six programs are primarily oriented to insider threats. Some strengths and weaknesses of these programs are described. Six of these programs, four for outsider threats and two for insider threats, have been revised and adapted for use with IBM personal computers. The vulnerability analysis process is discussed with emphasis on data collection. The difference between design data and operational data is described. For performance-type operational data, such as detection probabilities and barrier delay times, the difference between unstressed and stressed performance data is discussed. Stressed performance data correspond to situations where an adversary attempts to weaken a security system by mitigating certain security measures. Suggestions are made on the combined use of manual analysis and computer analysis

  16. Computer Security: improve software, avoid blunder

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Recently, a severe vulnerability has been made public about how Apple devices are wrongly handling encryption. This vulnerability rendered SSL/TLS protection useless, and permitted attackers checking out a wireless network to capture or modify data in encrypted sessions.   In other words, all confidential data like passwords, banking information, etc. could have been siphoned off by a targeted attack. While Apple has been quick in providing adequate security patches for iOS devices and Macs, it is an excellent example of how small mistakes can lead to big security holes. Here is the corresponding code from Apple’s Open Source repository. Can you spot the issue? 1 static OSStatus 2 SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) 3 { 4              OSStatus &nb...

  17. Dynamic Security Assessment Of Computer Networks In Siem-Systems

    Directory of Open Access Journals (Sweden)

    Elena Vladimirovna Doynikova

    2015-10-01

    Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.

  18. Intelligent cloud computing security using genetic algorithm as a computational tools

    Science.gov (United States)

    Razuky AL-Shaikhly, Mazin H.

    2018-05-01

    An essential change had occurred in the field of Information Technology which represented with cloud computing, cloud giving virtual assets by means of web yet awesome difficulties in the field of information security and security assurance. Currently main problem with cloud computing is how to improve privacy and security for cloud “cloud is critical security”. This paper attempts to solve cloud security by using intelligent system with genetic algorithm as wall to provide cloud data secure, all services provided by cloud must detect who receive and register it to create list of users (trusted or un-trusted) depend on behavior. The execution of present proposal has shown great outcome.

  19. Information Security in the Age of Cloud Computing

    Science.gov (United States)

    Sims, J. Eric

    2012-01-01

    Information security has been a particularly hot topic since the enhanced internal control requirements of Sarbanes-Oxley (SOX) were introduced in 2002. At about this same time, cloud computing started its explosive growth. Outsourcing of mission-critical functions has always been a gamble for managers, but the advantages of cloud computing are…

  20. MULTI TENANCY SECURITY IN CLOUD COMPUTING

    OpenAIRE

    Manjinder Singh*, Charanjit Singh

    2017-01-01

    The word Cloud is used as a metaphor for the internet, based on standardised use of a cloud like shape to denote a network. Cloud Computing is advanced technology for resource sharing through network with less cost as compare to other technologies. Cloud infrastructure supports various models IAAS, SAAS, PAAS. The term virtualization in cloud computing is very useful today. With the help of virtualization, more than one operating system is supported with all resources on single H/W. We can al...

  1. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  2. Computer Security: the value of your password

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Of course, your passwords have a value to you as they allow you to access your computer and your Facebook page, to buy on Amazon, to create a Twitter feed, and to use a multitude of computing services provided by CERN. But have you ever thought of their value to the malicious people of this world?    With your account password, I can take over your computer. I can install software allowing me to enable your microphone and listen to your communications and what is happening around you as long as your computer is turned on. I can take regular screenshots and monitor you while you work. With that, I can try to determine your working habits, your online behaviour, the way you write e-mails… Useful, if I want to impersonate you believably (e.g. to attack CERN and the systems you are working on at CERN). What’s more, with access to your computer, I can install a keylogger to record your every keystroke – including when you type all your other passwords: ...

  3. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  4. Design of large scale applications of secure multiparty computation : secure linear programming

    NARCIS (Netherlands)

    Hoogh, de S.J.A.

    2012-01-01

    Secure multiparty computation is a basic concept of growing interest in modern cryptography. It allows a set of mutually distrusting parties to perform a computation on their private information in such a way that as little as possible is revealed about each private input. The early results of

  5. National Computer Security Conference Proceedings (10th): Computer Security--From Principles to Practices, 21-24 September 1987

    Science.gov (United States)

    1987-09-24

    conference ; heme -- Computer Securitj,." From Principles to Practices -- reflects the growth of computer security awareness and a maturation of the...Limited. current (North American) systems do not check whether de- clared functions are well-defined. An clemeitary example of an ill- defint -d function is

  6. Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

    Science.gov (United States)

    Caruso, Ronald D

    2003-01-01

    Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

  7. Computer Security: your car, my control

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    We have discussed the Internet of Things (IoT) and its security implications already in past issues of the CERN Bulletin, for example in “Today’s paranoia, tomorrow’s reality” (see here). Unfortunately, tomorrow has come. At this years's Black Hat conference researchers presented their findings on how easily your car can be hacked and controlled remotely. Sigh.   While these researchers have just shown that they can wirelessly hijack a Jeep Cherokee, others have performed similar studies with SmartCars, Fords, a Tesla, a Corvette, BMWs, Chryslers and Mercedes! With the increasing computerisation of cars, the engine management system, air conditioning, anti-lock braking system, electronic stability programme, etc. are linked to the infotainment, navigation and communication systems, opening the door for these vehicles to be hacked remotely. The now prevalent Bluetooth connection with smartphones is one entry vector to attack your car remotely...

  8. Computer Security: in the name of CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    This summer, the American/Canadian dating website Ashley Madison was successfully compromised by a group of hackers (see here) who subsequently published tons of confidential information: addresses, dates of birth, e-mail addresses, ethnicities, genders, names, passwords, payment histories, phone numbers, security questions, sexual preferences, usernames and website activity.   Initially, these attackers blackmailed Ashley Madison and requested that the service be shut down. Later, however, they just made their stolen data public on the Internet. More than 30 million unique e-mail addresses – a hallelujah for miscreants. What can they do with this data? One possibility is blackmailing the people whose e-mail addresses were exposed by threatening to tell their spouses (“Pay me X bitcoins or I will tell your spouse that you are looking for a date!”). Another is targeting those people who have registered with their company e-...

  9. Computer Security: downloading films is no peccadillo

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Dear Summer Students, within the Organization, you have many possibilities to pursue your natural curiosity and acquire as much new knowledge as you can siphon into your brain. CERN provides you with the academic freedom to do so, with almost no limitations. But hold on: “free” and “no limitations” don’t mean that you can do whatever you want…   Please note that, when using CERN’s computing facilities, when sending e-mails from your CERN e-mail address, when using your laptop/smartphone/computer, you must follow a basic framework of rules, the CERN Computing Rules. I would like to focus on one particular aspect of those rules: that of accessing music, videos, films or computer games from popular websites like ThePirateBay or using Bittorrent.  CERN has an awesome connection to the Internet, lots of bandwidth and a high capacity for web downloads. However, this does not mean that downloading music, videos...

  10. Secure cloud computing: benefits, risks and controls

    CSIR Research Space (South Africa)

    Carroll, M

    2011-08-01

    Full Text Available Cloud computing presents a new model for IT service delivery and it typically involves over-a-network, on-demand, self-service access, which is dynamically scalable and elastic, utilising pools of often virtualized resources. Through these features...

  11. Secure Two-Party Computation with Low Communication

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Kölker, Jonas; Faust, Sebastian

    2012-01-01

    We propose a 2-party UC-secure protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic in the size...... on the knowledge of exponent in an RSA group, and build succinct zero-knowledge arguments in the CRS model....

  12. The New Trend of Security in Cloud Computing

    OpenAIRE

    Xiangdong Li

    2012-01-01

    The use of services of cloud computing has been growing widely in industry, organizations and institutions recently, due to its tempting benefits, for example, the scalability, efficiency, flexibility and lower cost. The security issues have been studied and analyzed extensively. In order to understand the risk issues existing in today’s cloud, we discuss the new trend of security of cloud in this paper. The preventing methods are also discussed.

  13. A Domain-Specific Programming Language for Secure Multiparty Computation

    DEFF Research Database (Denmark)

    Nielsen, Janus Dam; Schwartzbach, Michael Ignatieff

    2007-01-01

    We present a domain-specific programming language for Secure Multiparty Computation (SMC). Information is a resource of vital importance and considerable economic value to individuals, public administration, and private companies. This means that the confidentiality of information is crucial...... on secret values and results are only revealed according to specific protocols. We identify the key linguistic concepts of SMC and bridge the gap between high-level security requirements and low-level cryptographic operations constituting an SMC platform, thus improving the efficiency and security of SMC...

  14. A new data collaboration service based on cloud computing security

    Science.gov (United States)

    Ying, Ren; Li, Hua-Wei; Wang, Li na

    2017-09-01

    With the rapid development of cloud computing, the storage and usage of data have undergone revolutionary changes. Data owners can store data in the cloud. While bringing convenience, it also brings many new challenges to cloud data security. A key issue is how to support a secure data collaboration service that supports access and updates to cloud data. This paper proposes a secure, efficient and extensible data collaboration service, which prevents data leaks in cloud storage, supports one to many encryption mechanisms, and also enables cloud data writing and fine-grained access control.

  15. A Secure Framework for Location Verification in Pervasive Computing

    Science.gov (United States)

    Liu, Dawei; Lee, Moon-Chuen; Wu, Dan

    The way people use computing devices has been changed in some way by the relatively new pervasive computing paradigm. For example, a person can use a mobile device to obtain its location information at anytime and anywhere. There are several security issues concerning whether this information is reliable in a pervasive environment. For example, a malicious user may disable the localization system by broadcasting a forged location, and it may impersonate other users by eavesdropping their locations. In this paper, we address the verification of location information in a secure manner. We first present the design challenges for location verification, and then propose a two-layer framework VerPer for secure location verification in a pervasive computing environment. Real world GPS-based wireless sensor network experiments confirm the effectiveness of the proposed framework.

  16. Security Audit Compliance for Cloud Computing

    OpenAIRE

    Doelitzscher, Frank

    2014-01-01

    Cloud computing has grown largely over the past three years and is widely popular amongst today's IT landscape. In a comparative study between 250 IT decision makers of UK companies they said, that they already use cloud services for 61% of their systems. Cloud vendors promise "infinite scalability and resources" combined with on-demand access from everywhere. This lets cloud users quickly forget, that there is still a real IT infrastructure behind a cloud. Due to virtualization and multi-ten...

  17. Security and Trust in Mobile Cloud Computing

    OpenAIRE

    Le Vinh , Thinh

    2017-01-01

    As living in the cyber era, we admit that a dozen of new technologies have been born every day with the promises that making a human life be more comfortable, convenient and safe. In the forest of new technologies, mobile computing is raise as an essential part of human life. Normally, mobile devices have become the best companions in daily activities. They have served us from the simple activities like entertainment to the complicated one as business operations. As playing the important role...

  18. Computer Security: posting and mis-posting

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    This is what can happen at CERN if you don't lock your computer screen...   “Hi, I am looking for a partner either male or female to attend salsa lessons. I have a great body and enjoy rubbing it against other people on the dance floor. I would consider dinner after with the right person. If you think you can keep up with me and enjoy getting sweaty send me a reply. Stay sexy…” This is the original text of a recent posting on the CERN Market webpage. Some people might find this appealing, some people think this is funny. Personally, I couldn’t care less. But professionally, we had to follow up as this text can be perceived as inappropriate and, thus, in violation of the Terms of Usage of the CERN Market as well as the CERN Computing Rules and its annex on private usage of the CERN computing facilities. We remind you that the CERN Market is a public website that can be used by people within but also outside CERN. All posts are visible world...

  19. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    Science.gov (United States)

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  20. Computer Security: what is your identity?

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    In the physical world this is fairly clear; your sense of self is multi-faceted and highly complex but the entity of “you” is well defined.  You can prove your identity simply, typically by showing your ID card or by having someone vouch for you. You are a being layered with attributes. Other people may request some of these attributes: your first name at Starbucks or your shoe size at the bowling alley. But only your most trusted contacts are granted access to your entire set of attributes… or maybe you never expose your identity entirely!   Online, your identity is a very different beast. It is fragmented. Each piece of your identity is typically verified by its own username and password. Occasionally pieces are forgotten or lost to the depths of the Internet. The hundreds of accounts that identify “you” present a security problem. Can you keep track of these accounts and is it even realistic to use unique, non-trivial passwords for ea...

  1. Computer Security: White hats for CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    CERN is under attack. Permanently. Even right now. In particular, the CERN web environment, with its thousands of websites and millions of webpages, is a popular target for evil-doers as well as for security researchers.   Usually, their attacks are unsuccessful and fade away over time. Sometimes, however, they are successful and manage to break into a CERN website or web server… It is imperative that we learn about our weaknesses before others do – and fix them! Hackers with bad intentions are usually named “black hats” as they misuse their power to cause destruction or downtime via any weakness they can find. “Grey hats” are more moderate and might just have some fun with the weaknesses they find, for example by putting naked teddy bears or a personal message (such as “I hacked U”) on the compromised website. Last but not least, “white hats” report their findings directly to us and suggest that...

  2. Computer Security: Our life in symbiosis*

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2014-01-01

    Do you recall our Bulletin articles on control system cyber-security (“Hacking control systems, switching lights off!” and “Hacking control systems, switching... accelerators off?”) from early 2013? Let me shed some light on this issue from a completely different perspective.   I was raised in Europe during the 80s. With all the conveniences of a modern city, my environment made me a cyborg - a human entangled with technology - supported but also dependent on software and hardware. Since my childhood, I have eaten food packaged by machines and shipped through a sophisticated network of ships and lorries, keeping it fresh or frozen until it arrives in supermarkets. I heat my house with the magic of nuclear energy provided to me via a complicated electrical network. In fact, many of the amenities and gadgets I use are based on electricity and I just need to tap a power socket. When on vacation, I travel by taxi, train and airplane. And I enjoy the beautifu...

  3. Security Techniques for protecting data in Cloud Computing

    OpenAIRE

    Maddineni, Venkata Sravan Kumar; Ragi, Shivashanker

    2012-01-01

    Context: From the past few years, there has been a rapid progress in Cloud Computing. With the increasing number of companies resorting to use resources in the Cloud, there is a necessity for protecting the data of various users using centralized resources. Some major challenges that are being faced by Cloud Computing are to secure, protect and process the data which is the property of the user. Aims and Objectives: The main aim of this research is to understand the security threats and ident...

  4. Secure Enclaves: An Isolation-centric Approach for Creating Secure High Performance Computing Environments

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological Univ., Cookeville, TN (United States); Caldwell, Blake A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hicks, Susan Elaine [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Koch, Scott M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Naughton, III, Thomas J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pelfrey, Daniel S. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Pogge, James R [Tennessee Technological Univ., Cookeville, TN (United States); Scott, Stephen L [Tennessee Technological Univ., Cookeville, TN (United States); Shipman, Galen M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Sorrillo, Lawrence [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2017-01-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture. This approach places significant restrictions on the users of the system even when processing data at a lower security level and exposes data at higher levels of confidentiality to a much broader population than otherwise necessary. The traditional approach of isolation, while effective in establishing security enclaves poses significant challenges for the use of shared infrastructure in HPC environments. This report details current state-of-the-art in virtualization, reconfigurable network enclaving via Software Defined Networking (SDN), and storage architectures and bridging techniques for creating secure enclaves in HPC environments.

  5. Computer Security: DNS to the rescue!

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Why you should be grateful to the Domain Name System at CERN.   Incidents involving so-called “drive-by” infections and “ransomware” are on the rise. Whilst an up-to-date and fully patched operating system is essential; whilst running anti-virus software with current virus signature files is a must; whilst “stop --- think --- don’t click” surely helps, we can still go one step further in better protecting your computers: DNS to the rescue. The DNS, short for Domain Name System, translates the web address you want to visit (like “http://cern.ch”) to a machine-readable format (the IP address, here: “188.184.9.234”). For years, we have automatically monitored the DNS translation requests made by your favourite web browser (actually by your operating system, but that doesn’t matter here), and we have automatically informed you if your computer tried to access a website known to hos...

  6. Secure data exchange between intelligent devices and computing centers

    Science.gov (United States)

    Naqvi, Syed; Riguidel, Michel

    2005-03-01

    The advent of reliable spontaneous networking technologies (commonly known as wireless ad-hoc networks) has ostensibly raised stakes for the conception of computing intensive environments using intelligent devices as their interface with the external world. These smart devices are used as data gateways for the computing units. These devices are employed in highly volatile environments where the secure exchange of data between these devices and their computing centers is of paramount importance. Moreover, their mission critical applications require dependable measures against the attacks like denial of service (DoS), eavesdropping, masquerading, etc. In this paper, we propose a mechanism to assure reliable data exchange between an intelligent environment composed of smart devices and distributed computing units collectively called 'computational grid'. The notion of infosphere is used to define a digital space made up of a persistent and a volatile asset in an often indefinite geographical space. We study different infospheres and present general evolutions and issues in the security of such technology-rich and intelligent environments. It is beyond any doubt that these environments will likely face a proliferation of users, applications, networked devices, and their interactions on a scale never experienced before. It would be better to build in the ability to uniformly deal with these systems. As a solution, we propose a concept of virtualization of security services. We try to solve the difficult problems of implementation and maintenance of trust on the one hand, and those of security management in heterogeneous infrastructure on the other hand.

  7. Dissecting the Security and Protection Issues in Pervasive Computing

    Directory of Open Access Journals (Sweden)

    Qaisar Javaid

    2018-04-01

    Full Text Available Human beings reflect nomadic behaviour as they keep on travelling place to place whole day for personal or organizational purposes. The inception of modern networking technologies and the advent of wide range of applications in terms of services and resources have facilitated the users in many ways. The advancements in numerous areas such as embedded systems, WN (Wireless Networks, mobile and context-aware computing, anticipated pervasive computing dominated the human communication at large. Pervasive computing refers to the environment where information is accessible anywhere and anytime while existing system is invisible to the user. On the other hand, the invisibility of pervasive computing is also a problem in its adoption as users are unaware when and what devices collect their personal data and how it is being used. It has caused new security chaos as the more information about user is collected the more privacy and security concerns it raises, thus, the pervasive computing applications became key concern for user. This paper is aimed at analyzing the security and protection issues that arise while traveling from place to place connected with wireless mobile networks. The paper reviews many existing systems that offer possible security to pervasive users. An easy, precise and relative analysis and evaluation of surveyed pervasive systems are presented and some future directions are highlighted.

  8. Computer-Aided Sensor Development Focused on Security Issues

    Directory of Open Access Journals (Sweden)

    Andrzej Bialas

    2016-05-01

    Full Text Available The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

  9. Computer-Aided Sensor Development Focused on Security Issues.

    Science.gov (United States)

    Bialas, Andrzej

    2016-05-26

    The paper examines intelligent sensor and sensor system development according to the Common Criteria methodology, which is the basic security assurance methodology for IT products and systems. The paper presents how the development process can be supported by software tools, design patterns and knowledge engineering. The automation of this process brings cost-, quality-, and time-related advantages, because the most difficult and most laborious activities are software-supported and the design reusability is growing. The paper includes a short introduction to the Common Criteria methodology and its sensor-related applications. In the experimental section the computer-supported and patterns-based IT security development process is presented using the example of an intelligent methane detection sensor. This process is supported by an ontology-based tool for security modeling and analyses. The verified and justified models are transferred straight to the security target specification representing security requirements for the IT product. The novelty of the paper is to provide a patterns-based and computer-aided methodology for the sensors development with a view to achieving their IT security assurance. The paper summarizes the validation experiment focused on this methodology adapted for the sensors system development, and presents directions of future research.

  10. A security mechanism based on evolutionary game in fog computing.

    Science.gov (United States)

    Sun, Yan; Lin, Fuhong; Zhang, Nan

    2018-02-01

    Fog computing is a distributed computing paradigm at the edge of the network and requires cooperation of users and sharing of resources. When users in fog computing open their resources, their devices are easily intercepted and attacked because they are accessed through wireless network and present an extensive geographical distribution. In this study, a credible third party was introduced to supervise the behavior of users and protect the security of user cooperation. A fog computing security mechanism based on human nervous system is proposed, and the strategy for a stable system evolution is calculated. The MATLAB simulation results show that the proposed mechanism can reduce the number of attack behaviors effectively and stimulate users to cooperate in application tasks positively.

  11. A security mechanism based on evolutionary game in fog computing

    Directory of Open Access Journals (Sweden)

    Yan Sun

    2018-02-01

    Full Text Available Fog computing is a distributed computing paradigm at the edge of the network and requires cooperation of users and sharing of resources. When users in fog computing open their resources, their devices are easily intercepted and attacked because they are accessed through wireless network and present an extensive geographical distribution. In this study, a credible third party was introduced to supervise the behavior of users and protect the security of user cooperation. A fog computing security mechanism based on human nervous system is proposed, and the strategy for a stable system evolution is calculated. The MATLAB simulation results show that the proposed mechanism can reduce the number of attack behaviors effectively and stimulate users to cooperate in application tasks positively.

  12. Computer Security: Hacking CERN - a win-win for all

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    The first round of the CERN WhiteHat Challenge has finished (see here). At the end of March, CERN was "attacked" by a dozen students from the St. Pölten University of Applied Sciences, Austria.   These attacks were part of their Master's degree in computer science and computer security, where they study penetration testing and vulnerability scanning, i.e. finding weaknesses in computing systems: techniques, tools, approaches and ethics. Usually, such studies are done against mock-ups like “Google Gruyere”, the “Damn Vulnerable Web Application” or OWASP’s “WebGoat” and “Hackademic”. However, while those mock-ups are in principle useful, they rarely resemble the operational reality of the Internet. CERN has offered computer security professors an alternative: the opportunity to use CERN’s web-ecosystem and all other systems open to th...

  13. Secure and Resilient Cloud Computing for the Department of Defense

    Science.gov (United States)

    2015-07-21

    scalability of resource usage. Lincoln Laboratory is developing technology that will strengthen the security and resilience of cloud computing so that the...capabilities are outsourced to a provider that delivers services to a cloud user (also called a tenant). The DoD is looking to the cloud computing model...hardware. Today’s cloud providers and the technology that underpins them are focused on the availability and scalability of services and not on DoD

  14. Placing computer security at the heart of learning

    OpenAIRE

    Richards, Mike; Price, Blaine A.; Nuseibeh, Bashar

    2008-01-01

    In this paper we present the approach adopted at the UK’s Open University for teaching computer security to large numbers of students at a distance through supported open learning. We discuss how the production of learning materials at the university has had to change to reflect the ever-increasing rate of technological, legislative and social change within the computing discipline, and how the university has had to rethink the role of the academic in the course development process. We argue ...

  15. Diamond High Assurance Security Program: Trusted Computing Exemplar

    Science.gov (United States)

    2002-09-01

    computing component, the Embedded MicroKernel Prototype. A third-party evaluation of the component will be initiated during development (e.g., once...target technologies and larger projects is a topic for future research. Trusted Computing Reference Component – The Embedded MicroKernel Prototype We...Kernel The primary security function of the Embedded MicroKernel will be to enforce process and data-domain separation, while providing primitive

  16. Security Considerations and Recommendations in Computer-Based Testing

    Directory of Open Access Journals (Sweden)

    Saleh M. Al-Saleem

    2014-01-01

    Full Text Available Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT. However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password in order to check the identity and authenticity of the examinee.

  17. Security considerations and recommendations in computer-based testing.

    Science.gov (United States)

    Al-Saleem, Saleh M; Ullah, Hanif

    2014-01-01

    Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT). However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password) in order to check the identity and authenticity of the examinee.

  18. Computer Security: USB sticks - the silent killers

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    You've just found a USB stick in Restaurant 1. You'd like to return it … but who is the owner? Maybe the contents can tell you? Connect it to your laptop, and you might figure it out. But hold on, what if its content is dangerous…?   USB sticks are an excellent vehicle for infecting countless PCs and laptops. Years ago, several dozen laptops were infected during a conference when someone passed around a USB stick with flight departure information. Unfortunately, this stick was infected. Similarly, we have seen a domino effect of infections in the FP and EN departments after some USB sticks made the rounds, infecting one PC after another. In the end, a massive number of PCs had to be reinstalled. Some USB sticks are even worse. They pretend to be “just a keyboard” (named “RubberDucky”) and, once inserted, they execute a pre-programmed sequence of keystrokes intended to extract information from your computer or take ...

  19. Computer Security: protect CERN - respect copyrights

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Are you a physicist who does complex mathematical calculations? Are you a webmaster who regularly embeds visual contents? Do you regularly present to large audiences? Are you an engineer who does sophisticated simulations of heat transfers, structural stability or electric circuits? Are you a technician who often uses CAD software? Do you like listening to music while being at CERN? Go ahead!   But make sure that you have legitimately obtained the software/images/music/videos you are using and hold valid licenses to run your software. Using illegal or pirated software/images/music/videos is not a trivial offense. It violates the CERN Computing Rules (OC5) and puts the Organization at risk! Vendors deserve credit and compensation. So make sure to buy your software via legitimate channels and use a valid and honestly obtained license. This also applies to “shareware” and software under open licenses, which might also come with a cost. Usually, only “freeware&rd...

  20. Computer Security: one click and BOOM…

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    Browsing the World Wide Web is not as easy as it seems… One wrong click and all your passwords (CERN, Facebook, PayPal, Amazon, etc.) could be stolen; all your activities could be clandestinely monitored (mouse movements and clicks, words typed, screenshots, microphone and webcam recordings, etc.); confidential documents could be stolen; and an attack path (a so-called back-door) into CERN could be opened…    As a result, you would have to reinstall your computer from scratch and change all your passwords! One of our colleagues learned this the hard way. One wrong click in summer 2015 permitted malicious attackers to infiltrate CERN but, fortunately, no real damage was done. Still, the cost of investigating the incident ran to several tens of thousands of Swiss francs and a lot of time was wasted trying to understand the attacker’s intent and the extent of the infiltration... With the goal of increasing more awareness of the risk of clicking on li...

  1. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions ...

  2. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Centre. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour course designed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  3. CERN Technical Training: new courses on computer security

    CERN Multimedia

    HR Department

    2009-01-01

    Two new trainings are available at CERN concerning computer security. • How to create secure software? The "Developing secure software" course (3.5 hours) is designed for software programmers, both for regular software and Web applications. It covers main aspects of security in different phases of the software development lifecycle. The last, optional hour discusses security issues of Web application developers. This course, although not hands-on, is interactive and full of real-life examples. The first session of this course will take place, in English, on 21 April in the CERN Technical Training Center. More sessions will be scheduled in 2009. • How to safely navigate and send mails? The "Secure e-mail and Web browsing" course is an entry-level 1.5-hour training aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. The first sessions o...

  4. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    DEFF Research Database (Denmark)

    Hazay, Carmit; Toft, Tomas

    2014-01-01

    for important variations of the secure pattern matching problem that are significantly more efficient than the current state of art solutions: First, we deal with secure pattern matching with wildcards. In this variant the pattern may contain wildcards that match both 0 and 1. Our protocol requires O......We propose a protocol for the problem of secure two-party pattern matching, where Alice holds a text t∈{0,1}∗ of length n, while Bob has a pattern p∈{0,1}∗ of length m. The goal is for Bob to (only) learn where his pattern occurs in Alice’s text, while Alice learns nothing. Private pattern matching...... is an important problem that has many applications in the area of DNA search, computational biology and more. Our construction guarantees full simulation in the presence of malicious, polynomial-time adversaries (assuming the hardness of DDH assumption) and exhibits computation and communication costs of O...

  5. Computer Security: How to succeed in software deployment

    CERN Multimedia

    Computer Security Team

    2014-01-01

    The summer student period has ended and we would like to congratulate all those who successfully accomplished their project! In particular, well done to those who managed to develop and deploy sophisticated web applications in the short summer season. Unfortunately, not all web applications made the final cut, moved into production and became visible on the Internet. We had to reject some... let me explain why.   Making a web application visible on the Internet requires an opening in the CERN outer perimeter firewall. Such a request is usually made through the CERN WebReq web interface. As standard procedure, the CERN Computer Security team reviews every request and performs a security assessment. This is where you, your supervisee and the Computer Security team all start to get frustrated. Many summer students delivered awesome web applications with great new functions and a good “look and feel” following precise use cases, using modern web technologies, dashboards, integr...

  6. Investigation of a Markov Model for Computer System Security Threats

    Directory of Open Access Journals (Sweden)

    Alexey A. A. Magazev

    2017-01-01

    Full Text Available In this work, a model for computer system security threats formulated in terms of Markov processes is investigated. In the framework of this model the functioning of the computer system is considered as a sequence of failures and recovery actions which appear as results of information security threats acting on the system. We provide a detailed description of the model: the explicit analytical formulas for the probabilities of computer system states at any arbitrary moment of time are derived, some limiting cases are discussed, and the long-run dynamics of the system is analysed. The dependence of the security state probability (i.e. the state for which threats are absent on the probabilities of threats is separately investigated. In particular, it is shown that this dependence is qualitatively different for odd and even moments of time. For instance, in the case of one threat the security state probability demonstrates non-monotonic dependence on the probability of threat at even moments of time; this function admits at least one local minimum in its domain of definition. It is believed that the mentioned feature is important because it allows to locate the most dangerous areas of threats where the security state probability can be lower then the permissible level. Finally, we introduce an important characteristic of the model, called the relaxation time, by means of which we construct the permitting domain of the security parameters. Also the prospects of the received results application to the problem of finding the optimal values of the security parameters is discussed.

  7. Towards a security model for computational puzzle schemes

    NARCIS (Netherlands)

    Tang, Qiang; Jeckmans, Arjan

    2011-01-01

    In the literature, computational puzzle schemes have been considered as a useful tool for a number of applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from denial-of-service attacks. However, there is a lack of a general security

  8. Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

    DEFF Research Database (Denmark)

    Hazay, Carmit; Toft, Tomas

    2010-01-01

    simulation in the presence of malicious, polynomial-time adversaries (assuming that ElGamal encryption is semantically secure) and exhibits computation and communication costs of O(n + m) in a constant round complexity. In addition to the above, we propose a collection of protocols for variations...

  9. Use of Computer-Generated Holograms in Security Hologram Applications

    Directory of Open Access Journals (Sweden)

    Bulanovs A.

    2016-10-01

    Full Text Available The article discusses the use of computer-generated holograms (CGHs for the application as one of the security features in the relief-phase protective holograms. An improved method of calculating CGHs is presented, based on ray-tracing approach in the case of interference of parallel rays.

  10. Individual versus Organizational Computer Security and Privacy Concerns in Journalism

    Directory of Open Access Journals (Sweden)

    McGregor Susan E.

    2016-10-01

    Full Text Available A free and open press is a critical piece of the civil-society infrastructure that supports both established and emerging democracies. However, as the professional activities of reporting and publishing are increasingly conducted by digital means, computer security and privacy risks threaten free and independent journalism around the globe. Through interviews with 15 practicing journalists and 14 organizational stakeholders (supervising editors and technologists, we reveal the distinct - and sometimes conflicting-computer security concerns and priorities of different stakeholder groups within journalistic institutions, as well as unique issues in journalism compared to other types of organizations. As these concerns have not been deeply studied by those designing computer security practices or technologies that may benefit journalism, this research offers insight into some of the practical and cultural constraints that can limit the computer security and privacy practices of the journalism community as a whole. Based on these findings, we suggest paths for future research and development that can bridge these gaps through new tools and practices.

  11. Secure Multiparty Computation for Cooperative Cyber Risk Assessment

    Science.gov (United States)

    2016-11-01

    that the organizations can compute relevant statistics and analyses on the global infrastructure while still keeping the details of their local...mitigation. In Australasian Conference on Information Security and Privacy, pages 391–401. Springer Berlin Heidelberg, 2004. [5] Fabrizio Smeraldi and Pasquale

  12. A Compact Unconditionally Stable Method for Time-Domain Maxwell's Equations

    Directory of Open Access Journals (Sweden)

    Zhuo Su

    2013-01-01

    Full Text Available Higher order unconditionally stable methods are effective ways for simulating field behaviors of electromagnetic problems since they are free of Courant-Friedrich-Levy conditions. The development of accurate schemes with less computational expenditure is desirable. A compact fourth-order split-step unconditionally-stable finite-difference time-domain method (C4OSS-FDTD is proposed in this paper. This method is based on a four-step splitting form in time which is constructed by symmetric operator and uniform splitting. The introduction of spatial compact operator can further improve its performance. Analyses of stability and numerical dispersion are carried out. Compared with noncompact counterpart, the proposed method has reduced computational expenditure while keeping the same level of accuracy. Comparisons with other compact unconditionally-stable methods are provided. Numerical dispersion and anisotropy errors are shown to be lower than those of previous compact unconditionally-stable methods.

  13. Secure Dynamic access control scheme of PHR in cloud computing.

    Science.gov (United States)

    Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

    2012-12-01

    With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

  14. Computer Security Issues in Online Banking: An Assessment from the Context of Usable Security

    Science.gov (United States)

    Mahmadi, FN; Zaaba, ZF; Osman, A.

    2016-11-01

    Today's online banking is a convenient mode of finance management. Despite the ease of doing online banking, there are people that still sceptical in utilizing it due to perception and its security. This paper highlights the subject of online banking security in Malaysia, especially from the perspective of the end-users. The study is done by assessing human computer interaction, usability and security. An online survey utilising 137 participants was previously conducted to gain preliminary insights on security issues of online banking in Malaysia. Following from those results, 37 participants were interviewed to gauge deeper understanding about end-users perception on online banking within the context of usable security. The results suggested that most of the end-users are continuingly experiencing significant difficulties especially in relation to the technical terminologies, security features and other technical issues. Although the security features are provided to provide a shield or protection, users are still incapable to cope with the technical aspects of such implementation.

  15. Ethical Guidelines for Computer Security Researchers: "Be Reasonable"

    Science.gov (United States)

    Sassaman, Len

    For most of its existence, the field of computer science has been lucky enough to avoid ethical dilemmas by virtue of its relatively benign nature. The subdisciplines of programming methodology research, microprocessor design, and so forth have little room for the greater questions of human harm. Other, more recently developed sub-disciplines, such as data mining, social network analysis, behavioral profiling, and general computer security, however, open the door to abuse of users by practitioners and researchers. It is therefore the duty of the men and women who chart the course of these fields to set rules for themselves regarding what sorts of actions on their part are to be considered acceptable and what should be avoided or handled with caution out of ethical concerns. This paper deals solely with the issues faced by computer security researchers, be they vulnerability analysts, privacy system designers, malware experts, or reverse engineers.

  16. Data security and risk assessment in cloud computing

    Directory of Open Access Journals (Sweden)

    Li Jing

    2018-01-01

    Full Text Available Cloud computing has attracted more and more attention as it reduces the cost of IT infrastructure of organizations. In our country, business Cloud services, such as Alibaba Cloud, Huawei Cloud, QingCloud, UCloud and so on are gaining more and more uses, especially small or median organizations. In the cloud service scenario, the program and data are migrating into cloud, resulting the lack of trust between customers and cloud service providers. However, the recent study on Cloud computing is mainly focused on the service side, while the data security and trust have not been sufficiently studied yet. This paper investigates into the data security issues from data life cycle which includes five steps when an organization uses Cloud computing. A data management framework is given out, including not only the data classification but also the risk management framework. Concretely, the data is divided into two varieties, business and personal information. And then, four classification levels (high, medium, low, normal according to the different extent of the potential adverse effect is introduced. With the help of classification, the administrators can identify the application or data to implement corresponding security controls. At last, the administrators conduct the risk assessment to alleviate the risk of data security. The trust between customers and cloud service providers will be strengthen through this way.

  17. Information Security Scheme Based on Computational Temporal Ghost Imaging.

    Science.gov (United States)

    Jiang, Shan; Wang, Yurong; Long, Tao; Meng, Xiangfeng; Yang, Xiulun; Shu, Rong; Sun, Baoqing

    2017-08-09

    An information security scheme based on computational temporal ghost imaging is proposed. A sequence of independent 2D random binary patterns are used as encryption key to multiply with the 1D data stream. The cipher text is obtained by summing the weighted encryption key. The decryption process can be realized by correlation measurement between the encrypted information and the encryption key. Due to the instinct high-level randomness of the key, the security of this method is greatly guaranteed. The feasibility of this method and robustness against both occlusion and additional noise attacks are discussed with simulation, respectively.

  18. Computer Security: today’s paranoia, tomorrow’s reality

    CERN Multimedia

    Computer Security Team

    2014-01-01

    When the Internet opened its gates to academia in the late 80s and, together with the World Wide Web a few years later, to the general public, computer security was considered somehow irrelevant. People pointing to vulnerabilities and security risks (“hackers”) were labelled as paranoid. But they woke to reality during the outbreak of the “ILOVEYOU” virus in 2000, which caused large scale infections of Windows PCs (including many at CERN).    Similarly, warnings about weaknesses and insecure control systems, issued by CERN and others (see our Bulletin article “Hacking control systems, switching lights off!"), were ignored until the “Stuxnet” attack against control systems in Iran proved them right in 2010. Reality beat 'paranoia' again. Last year, the paranoid fear of many security experts that our whole IT infrastructure might have been infiltrated and spied on turned real, if you believe ...

  19. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Science.gov (United States)

    Wen, Qiaoyan; Zhang, Hua; Jin, Zhengping; Li, Wenmin

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function. PMID:24982949

  20. Two-cloud-servers-assisted secure outsourcing multiparty computation.

    Science.gov (United States)

    Sun, Yi; Wen, Qiaoyan; Zhang, Yudong; Zhang, Hua; Jin, Zhengping; Li, Wenmin

    2014-01-01

    We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users' public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  1. Two-Cloud-Servers-Assisted Secure Outsourcing Multiparty Computation

    Directory of Open Access Journals (Sweden)

    Yi Sun

    2014-01-01

    Full Text Available We focus on how to securely outsource computation task to the cloud and propose a secure outsourcing multiparty computation protocol on lattice-based encrypted data in two-cloud-servers scenario. Our main idea is to transform the outsourced data respectively encrypted by different users’ public keys to the ones that are encrypted by the same two private keys of the two assisted servers so that it is feasible to operate on the transformed ciphertexts to compute an encrypted result following the function to be computed. In order to keep the privacy of the result, the two servers cooperatively produce a custom-made result for each user that is authorized to get the result so that all authorized users can recover the desired result while other unauthorized ones including the two servers cannot. Compared with previous research, our protocol is completely noninteractive between any users, and both of the computation and the communication complexities of each user in our solution are independent of the computing function.

  2. FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

    Directory of Open Access Journals (Sweden)

    Yunsick Sung

    2016-09-01

    Full Text Available Software Defined Networking (SDN has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT infrastructure. For Future Sustainability Computing (FSC, SDN needs to deliver on many information technology commitments—more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

  3. FAA computer security : concerns remain due to personnel and other continuing weaknesses

    Science.gov (United States)

    2000-08-01

    FAA has a history of computer security weaknesses in a number of areas, including its physical security management at facilities that house air traffic control (ATC) systems, systems security for both operational and future systems, management struct...

  4. A novel quantum scheme for secure two-party distance computation

    Science.gov (United States)

    Peng, Zhen-wan; Shi, Run-hua; Zhong, Hong; Cui, Jie; Zhang, Shun

    2017-12-01

    Secure multiparty computational geometry is an essential field of secure multiparty computation, which computes a computation geometric problem without revealing any private information of each party. Secure two-party distance computation is a primitive of secure multiparty computational geometry, which computes the distance between two points without revealing each point's location information (i.e., coordinate). Secure two-party distance computation has potential applications with high secure requirements in military, business, engineering and so on. In this paper, we present a quantum solution to secure two-party distance computation by subtly using quantum private query. Compared to the classical related protocols, our quantum protocol can ensure higher security and better privacy protection because of the physical principle of quantum mechanics.

  5. An Annotated and Cross-Referenced Bibliography on Computer Security and Access Control in Computer Systems.

    Science.gov (United States)

    Bergart, Jeffrey G.; And Others

    This paper represents a careful study of published works on computer security and access control in computer systems. The study includes a selective annotated bibliography of some eighty-five important published results in the field and, based on these papers, analyzes the state of the art. In annotating these works, the authors try to be…

  6. HOMOMORPHIC ENCRYPTION: CLOUD COMPUTING SECURITY AND OTHER APPLICATIONS (A SURVEY

    Directory of Open Access Journals (Sweden)

    A. I. Trubei

    2015-01-01

    Full Text Available Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on cipher text and to obtain an encrypted result which matches the result of operations performed on the plain text. The article presents a basic concept of the homomorphic encryption and various encryption algorithms in accordance with the fundamental properties of the homomorphic encryption. The examples of various principles and properties of homomorphic encryption, some homomorphic algorithms using asymmetric key systems such as RSA, ElGamal, Paillier algorithms as well as various homomorphic encryption schemes are given. Prospects of homomorphic encryption application in the field of secure cloud computing, electronic voting, cipher text searching, encrypted mail filtering, mobile cipher and secure feedback systems are considered.

  7. A Framework for Security Transparency in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Umar Mukhtar Ismail

    2016-02-01

    Full Text Available Individuals and corporate users are persistently considering cloud adoption due to its significant benefits compared to traditional computing environments. The data and applications in the cloud are stored in an environment that is separated, managed and maintained externally to the organisation. Therefore, it is essential for cloud providers to demonstrate and implement adequate security practices to protect the data and processes put under their stewardship. Security transparency in the cloud is likely to become the core theme that underpins the systematic disclosure of security designs and practices that enhance customer confidence in using cloud service and deployment models. In this paper, we present a framework that enables a detailed analysis of security transparency for cloud based systems. In particular, we consider security transparency from three different levels of abstraction, i.e., conceptual, organisation and technical levels, and identify the relevant concepts within these levels. This allows us to provide an elaboration of the essential concepts at the core of transparency and analyse the means for implementing them from a technical perspective. Finally, an example from a real world migration context is given to provide a solid discussion on the applicability of the proposed framework.

  8. Information security: where computer science, economics and psychology meet.

    Science.gov (United States)

    Anderson, Ross; Moore, Tyler

    2009-07-13

    Until ca. 2000, information security was seen as a technological discipline, based on computer science but with mathematics helping in the design of ciphers and protocols. That perspective started to change as researchers and practitioners realized the importance of economics. As distributed systems are increasingly composed of machines that belong to principals with divergent interests, incentives are becoming as important to dependability as technical design. A thriving new field of information security economics provides valuable insights not just into 'security' topics such as privacy, bugs, spam and phishing, but into more general areas of system dependability and policy. This research programme has recently started to interact with psychology. One thread is in response to phishing, the most rapidly growing form of online crime, in which fraudsters trick people into giving their credentials to bogus websites; a second is through the increasing importance of security usability; and a third comes through the psychology-and-economics tradition. The promise of this multidisciplinary research programme is a novel framework for analysing information security problems-one that is both principled and effective.

  9. Secure Multiparty Computation vs. Fair Exchange - Bridging the Gap

    OpenAIRE

    Garbinato , Benoît; Rickebusch , Ian

    2013-01-01

    International audience; In this paper, we propose a comparison of fair exchange and secure multiparty computation. Despite their apparent similarity, these two problems arise respectively from the elds of distributed systems and of modern cryptography. The wide di erences of description and approach in these research elds render hazardous a straightforward comparison of the various results and solutions. By introducing a common speci cation framework for the two problems, we examine the di er...

  10. Optimizing security of cloud computing within the DoD

    OpenAIRE

    Antedomenico, Noemi

    2010-01-01

    Approved for public release; distribution is unlimited What countermeasures best strengthen the confidentiality, integrity and availability (CIA) of the implementation of cloud computing within the DoD? This question will be answered by analyzing threats and countermeasures within the context of the ten domains comprising the Certified Information System Security Professional (CISSP) Common Body of Knowledge (CBK). The ten domains that will be used in this analysis include access control; ...

  11. Center for Computer Security newsletter. Volume 2, Number 3

    Energy Technology Data Exchange (ETDEWEB)

    None

    1983-05-01

    The Fifth Computer Security Group Conference was held November 16 to 18, 1982, at the Knoxville Hilton in Knoxville, Tennessee. Attending were 183 people, representing the Department of Energy, DOE contractors, other government agencies, and vendor organizations. In these papers are abridgements of most of the papers presented in Knoxville. Less than half-a-dozen speakers failed to furnish either abstracts or full-text papers of their Knoxville presentations.

  12. Minimizing Overhead for Secure Computation and Fully Homomorphic Encryption: Overhead

    Science.gov (United States)

    2015-11-01

    application for this technology is mobile devices: the preparation work can be performed while the phone is plugged into a power source, then it can later...handle large realistic security parameters. Therefore, we looked into the possibility of augmenting the SAGE system with a backend that could handle...limited mobile devices and yet have ready access to cloud-based computing resources. The techniques we propose form part of a growing line of work aimed

  13. Prerequisites for building a computer security incident response capability

    CSIR Research Space (South Africa)

    Mooi, M

    2015-08-01

    Full Text Available . 1]. 2) Handbook for Computer Security Incident Response Teams (CSIRTs) [18] (CMU-SEI): Providing guidance on building and running a CSIRT, this handbook has a particular focus on the incident handling service [18, p. xv]. In addition, a basic CSIRT... stream_source_info Mooi_2015.pdf.txt stream_content_type text/plain stream_size 41092 Content-Encoding UTF-8 stream_name Mooi_2015.pdf.txt Content-Type text/plain; charset=UTF-8 Prerequisites for building a computer...

  14. Automated procedure for performing computer security risk analysis

    International Nuclear Information System (INIS)

    Smith, S.T.; Lim, J.J.

    1984-05-01

    Computers, the invisible backbone of nuclear safeguards, monitor and control plant operations and support many materials accounting systems. Our automated procedure to assess computer security effectiveness differs from traditional risk analysis methods. The system is modeled as an interactive questionnaire, fully automated on a portable microcomputer. A set of modular event trees links the questionnaire to the risk assessment. Qualitative scores are obtained for target vulnerability, and qualitative impact measures are evaluated for a spectrum of threat-target pairs. These are then combined by a linguistic algebra to provide an accurate and meaningful risk measure. 12 references, 7 figures

  15. Securing Cloud Computing from Different Attacks Using Intrusion Detection Systems

    Directory of Open Access Journals (Sweden)

    Omar Achbarou

    2017-03-01

    Full Text Available Cloud computing is a new way of integrating a set of old technologies to implement a new paradigm that creates an avenue for users to have access to shared and configurable resources through internet on-demand. This system has many common characteristics with distributed systems, hence, the cloud computing also uses the features of networking. Thus the security is the biggest issue of this system, because the services of cloud computing is based on the sharing. Thus, a cloud computing environment requires some intrusion detection systems (IDSs for protecting each machine against attacks. The aim of this work is to present a classification of attacks threatening the availability, confidentiality and integrity of cloud resources and services. Furthermore, we provide literature review of attacks related to the identified categories. Additionally, this paper also introduces related intrusion detection models to identify and prevent these types of attacks.

  16. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  17. 16th Department of Energy Computer Security Group Training Conference: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1994-04-01

    Various topic on computer security are presented. Integrity standards, smartcard systems, network firewalls, encryption systems, cryptography, computer security programs, multilevel security guards, electronic mail privacy, the central intelligence agency, internet security, and high-speed ATM networking are typical examples of discussed topics. Individual papers are indexed separately.

  18. NINJA: a noninvasive framework for internal computer security hardening

    Science.gov (United States)

    Allen, Thomas G.; Thomson, Steve

    2004-07-01

    Vulnerabilities are a growing problem in both the commercial and government sector. The latest vulnerability information compiled by CERT/CC, for the year ending Dec. 31, 2002 reported 4129 vulnerabilities representing a 100% increase over the 2001 [1] (the 2003 report has not been published at the time of this writing). It doesn"t take long to realize that the growth rate of vulnerabilities greatly exceeds the rate at which the vulnerabilities can be fixed. It also doesn"t take long to realize that our nation"s networks are growing less secure at an accelerating rate. As organizations become aware of vulnerabilities they may initiate efforts to resolve them, but quickly realize that the size of the remediation project is greater than their current resources can handle. In addition, many IT tools that suggest solutions to the problems in reality only address "some" of the vulnerabilities leaving the organization unsecured and back to square one in searching for solutions. This paper proposes an auditing framework called NINJA (acronym for Network Investigation Notification Joint Architecture) for noninvasive daily scanning/auditing based on common security vulnerabilities that repeatedly occur in a network environment. This framework is used for performing regular audits in order to harden an organizations security infrastructure. The framework is based on the results obtained by the Network Security Assessment Team (NSAT) which emulates adversarial computer network operations for US Air Force organizations. Auditing is the most time consuming factor involved in securing an organization's network infrastructure. The framework discussed in this paper uses existing scripting technologies to maintain a security hardened system at a defined level of performance as specified by the computer security audit team. Mobile agents which were under development at the time of this writing are used at a minimum to improve the noninvasiveness of our scans. In general, noninvasive

  19. Call for participation first ACM workshop on education in computer security

    OpenAIRE

    Irvine, Cynthia; Orman, Hilarie

    1997-01-01

    Taken from the NPS website. The security of information systems and networks is a growing concern. Experts are needed to design and organize the protection mechanisms for these systems. Both government and industry increasingly seek individuals with knowledge and skills in computer security. In the past, most traditional computer science curricula bypassed formal studies in computer security altogether. An understanding of computer security was achieved largely through on-the-job ...

  20. Unconditionally stable integration of Maxwell's equations

    NARCIS (Netherlands)

    Verwer, J.G.; Bochev, Mikhail A.

    Numerical integration of Maxwell's equations is often based on explicit methods accepting a stability step size restriction. In literature evidence is given that there is also a need for unconditionally stable methods, as exemplified by the successful alternating direction implicit finite difference

  1. Unconditionally stable integration of Maxwell's equations

    NARCIS (Netherlands)

    J.G. Verwer (Jan); M.A. Botchev

    2008-01-01

    htmlabstractNumerical integration of Maxwell''s equations is often based on explicit methods accepting a stability step size restriction. In literature evidence is given that there is also a need for unconditionally stable methods, as exemplified by the successful alternating direction

  2. Unconditionally stable integration of Maxwell's equations

    NARCIS (Netherlands)

    J.G. Verwer (Jan); M.A. Botchev

    2009-01-01

    textabstractNumerical integration of Maxwell’s equations is often based on explicit methods accepting a stability step size restriction. In literature evidence is given that there is also a need for unconditionally stable methods, as exemplified by the successful alternating direction implicit –

  3. Writing Across the Curriculum -- An Online Course in Computer Security

    Directory of Open Access Journals (Sweden)

    Neelu Sinha, Ph.D.

    2006-07-01

    Full Text Available Writing fosters both critical thinking and student learning, serving as one of the most effective ways to understand a topic. Writing across the Curriculum (WAC began in the late 1970’s, as a pedagogical reform movement in response to a perceived deficiency in literacy among college students. Over the past two decades universities have worked to broaden the scope of student writing from composition classes to classes in the students’ major. This paper chronicles the application of WAC into the discipline of Computer Science. The purpose of this study is to develop an online Computer Security course (for sophomores and juniors in Computer Science, under the umbrella of WAC, to help improve the students’ writing overall and focus on skills students require in upper level courses in the major. Developing this course as an online course (rather than a traditional face-to-face course offers flexible configurability and scalability, features that are useful to prepare students for constantly changing real world security challenges. This paper includes all aspects of course design and insight into lessons learned. Results indicate that both the faculty and students benefit from such a writing intensive course. Reading and responding to the students’ writing enables faculty to gain valuable insights into the students’ thoughts, ideas, problems, and other issues. Students reported increased knowledge and comprehension of the subject material, deeper understanding of the conventions within Computer Science, improved analysis and reporting skills, ability to understand and present abstract concepts effectively, and skill in producing professional documents.

  4. Cryptographically Secure Multiparty Computation and Distributed Auctions Using Homomorphic Encryption

    Directory of Open Access Journals (Sweden)

    Anunay Kulshrestha

    2017-12-01

    Full Text Available We introduce a robust framework that allows for cryptographically secure multiparty computations, such as distributed private value auctions. The security is guaranteed by two-sided authentication of all network connections, homomorphically encrypted bids, and the publication of zero-knowledge proofs of every computation. This also allows a non-participant verifier to verify the result of any such computation using only the information broadcasted on the network by each individual bidder. Building on previous work on such systems, we design and implement an extensible framework that puts the described ideas to practice. Apart from the actual implementation of the framework, our biggest contribution is the level of protection we are able to guarantee from attacks described in previous work. In order to provide guidance to users of the library, we analyze the use of zero knowledge proofs in ensuring the correct behavior of each node in a computation. We also describe the usage of the library to perform a private-value distributed auction, as well as the other challenges in implementing the protocol, such as auction registration and certificate distribution. Finally, we provide performance statistics on our implementation of the auction.

  5. Computing security strategies in finite horizon repeated Bayesian games

    KAUST Repository

    Lichun Li

    2017-07-10

    This paper studies security strategies in two-player zero-sum repeated Bayesian games with finite horizon. In such games, each player has a private type which is independently chosen according to a publicly known a priori probability. Players\\' types are fixed all through the game. The game is played for finite stages. At every stage, players simultaneously choose their actions which are observed by the public. The one-stage payoff of player 1 (or penalty to player 2) depends on both players types and actions, and is not directly observed by any player. While player 1 aims to maximize the total payoff over the game, player 2 wants to minimize it. This paper provides each player two ways to compute the security strategy, i.e. the optimal strategy in the worst case. First, a security strategy that directly depends on both players\\' history actions is derived by refining the sequence form. Noticing that history action space grows exponentially with respect to the time horizon, this paper further presents a security strategy that depends on player\\'s fixed sized sufficient statistics. The sufficient statistics is shown to consist of the belief on one\\'s own type, the regret on the other player\\'s type, and the stage, and is independent of the other player\\'s strategy.

  6. Computer Security Incident Response Team Effectiveness: A Needs Assessment.

    Science.gov (United States)

    Van der Kleij, Rick; Kleinhuis, Geert; Young, Heather

    2017-01-01

    Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued that under these working conditions CSIRTs would be likely to encounter problems. A needs assessment was done to see to which extent this argument holds true. We constructed an incident response needs model to assist in identifying areas that require improvement. We envisioned a model consisting of four assessment categories: Organization, Team, Individual and Instrumental. Central to this is the idea that both problems and needs can have an organizational, team, individual, or technical origin or a combination of these levels. To gather data we conducted a literature review. This resulted in a comprehensive list of challenges and needs that could hinder or improve, respectively, the performance of CSIRTs. Then, semi-structured in depth interviews were held with team coordinators and team members of five public and private sector Dutch CSIRTs to ground these findings in practice and to identify gaps between current and desired incident handling practices. This paper presents the findings of our needs assessment and ends with a discussion of potential solutions to problems with performance in incident response.

  7. Computer Security Incident Response Team Effectiveness: A Needs Assessment

    Directory of Open Access Journals (Sweden)

    Rick Van der Kleij

    2017-12-01

    Full Text Available Computer security incident response teams (CSIRTs respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued that under these working conditions CSIRTs would be likely to encounter problems. A needs assessment was done to see to which extent this argument holds true. We constructed an incident response needs model to assist in identifying areas that require improvement. We envisioned a model consisting of four assessment categories: Organization, Team, Individual and Instrumental. Central to this is the idea that both problems and needs can have an organizational, team, individual, or technical origin or a combination of these levels. To gather data we conducted a literature review. This resulted in a comprehensive list of challenges and needs that could hinder or improve, respectively, the performance of CSIRTs. Then, semi-structured in depth interviews were held with team coordinators and team members of five public and private sector Dutch CSIRTs to ground these findings in practice and to identify gaps between current and desired incident handling practices. This paper presents the findings of our needs assessment and ends with a discussion of potential solutions to problems with performance in incident response.

  8. Computer Security of NPP Instrumentation and Control Systems: Cyber Threats

    International Nuclear Information System (INIS)

    Klevtsov, A.L.; Trubchaninov, S.A.

    2015-01-01

    The paper is devoted to cyber threats, as one of the aspects in computer security of instrumentation and control systems for nuclear power plants (NPP). The basic concepts, terms and definitions are shortly addressed. The paper presents a detailed analysis of potential cyber threats during the design and operation of NPP instrumentation and control systems. Eleven major types of threats are considered, including: the malicious software and hardware Trojans (in particular, in commercial-off-the-shelf software and hardware), computer attacks through data networks and intrusion of malicious software from an external storage media and portable devices. Particular attention is paid to the potential use of lower safety class software as a way of harmful effects (including the intrusion of malicious fragments of code) on higher safety class software. The examples of actual incidents at various nuclear facilities caused by intentional cyber attacks or unintentional computer errors during the operation of software of systems important to NPP safety.

  9. Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

    Science.gov (United States)

    Kraemer, Sara; Carayon, Pascale

    2007-03-01

    This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

  10. Recent advances in computational intelligence in defense and security

    CERN Document Server

    Falcon, Rafael; Zincir-Heywood, Nur; Abbass, Hussein

    2016-01-01

    This volume is an initiative undertaken by the IEEE Computational Intelligence Society’s Task Force on Security, Surveillance and Defense to consolidate and disseminate the role of CI techniques in the design, development and deployment of security and defense solutions. Applications range from the detection of buried explosive hazards in a battlefield to the control of unmanned underwater vehicles, the delivery of superior video analytics for protecting critical infrastructures or the development of stronger intrusion detection systems and the design of military surveillance networks. Defense scientists, industry experts, academicians and practitioners alike will all benefit from the wide spectrum of successful applications compiled in this volume. Senior undergraduate or graduate students may also discover uncharted territory for their own research endeavors.

  11. A Survey On Biometric Security Technologies From Cloud Computing Perspective

    Directory of Open Access Journals (Sweden)

    Shivashish Ratnam

    2015-08-01

    Full Text Available Cloud computing is one of the rising technologies that takes set of connections users to the next level. Cloud is a technology where resources are paid as per usage rather than owned. One of the major challenges in this technology is Security. Biometric systems provide the answer to ensure that the rendered services are accessed only by a legal user or an authorized user and no one else. Biometric systems recognize users based on behavioral or physiological characteristics. The advantages of such systems over traditional validation methods such as passwords and IDs are well known and hence biometric systems are progressively gaining ground in terms of usage. This paper brings about a new replica of a security system where in users have to offer multiple biometric finger prints during Enrollment for a service. These templates are stored at the cloud providers section. The users are authenticated based on these finger print designed templates which have to be provided in the order of arbitrary numbers or imaginary numbers that are generated every time continuously. Both finger prints templates and images are present and they provided every time duration are encrypted or modified for enhanced security.

  12. Secure OpenID Authentication Model by Using Trusted Computing

    Directory of Open Access Journals (Sweden)

    E. Ghazizadeh

    2014-01-01

    Full Text Available The growth of Internet online services has been very quick in recent years. Each online service requires Internet users to create a new account to use the service. The problem can be seen when each user usually needs more than one service and, consequently, has numerous accounts. These numerous accounts have to be managed in a secure and simple way to be protected against identity theft. Single sign-on (SSO and OpenID have been used to decrease the complexity of managing numerous accounts required in the Internet identity environment. Trusted Platform Module (TPM and Trust Multitenancy are great trusted computing-based technologies to solve security concerns in the Internet identity environment. Since trust is one of the pillars of security in the cloud, this paper analyzes the existing cloud identity techniques in order to investigate their strengths and weaknesses. This paper proposes a model in which One Time Password (OTP, TPM, and OpenID are used to provide a solution against phishing as a common identity theft in cloud environment.

  13. Security Framework for Agent-Based Cloud Computing

    Directory of Open Access Journals (Sweden)

    K Venkateshwaran

    2015-06-01

    Full Text Available Agent can play a key role in bringing suitable cloud services to the customer based on their requirements. In agent based cloud computing, agent does negotiation, coordination, cooperation and collaboration on behalf of the customer to make the decisions in efficient manner. However the agent based cloud computing have some security issues like (a. addition of malicious agent in the cloud environment which could demolish the process by attacking other agents, (b. denial of service by creating flooding attacks on other involved agents. (c. Some of the exceptions in the agent interaction protocol such as Not-Understood and Cancel_Meta protocol can be misused and may lead to terminating the connection of all the other agents participating in the negotiating services. Also, this paper proposes algorithms to solve these issues to ensure that there will be no intervention of any malicious activities during the agent interaction.

  14. The neural basis of unconditional love.

    Science.gov (United States)

    Beauregard, Mario; Courtemanche, Jérôme; Paquette, Vincent; St-Pierre, Evelyne Landry

    2009-05-15

    Functional neuroimaging studies have shown that romantic love and maternal love are mediated by regions specific to each, as well as overlapping regions in the brain's reward system. Nothing is known yet regarding the neural underpinnings of unconditional love. The main goal of this functional magnetic resonance imaging study was to identify the brain regions supporting this form of love. Participants were scanned during a control condition and an experimental condition. In the control condition, participants were instructed to simply look at a series of pictures depicting individuals with intellectual disabilities. In the experimental condition, participants were instructed to feel unconditional love towards the individuals depicted in a series of similar pictures. Significant loci of activation were found, in the experimental condition compared with the control condition, in the middle insula, superior parietal lobule, right periaqueductal gray, right globus pallidus (medial), right caudate nucleus (dorsal head), left ventral tegmental area and left rostro-dorsal anterior cingulate cortex. These results suggest that unconditional love is mediated by a distinct neural network relative to that mediating other emotions. This network contains cerebral structures known to be involved in romantic love or maternal love. Some of these structures represent key components of the brain's reward system.

  15. Security and computer forensics in web engineering education

    OpenAIRE

    Glisson, W.; Welland, R.; Glisson, L.M.

    2010-01-01

    The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security shou...

  16. A computer model for identifying security system upgrades

    International Nuclear Information System (INIS)

    Lamont, A.

    1988-01-01

    This paper describes a prototype safeguards analysis tool that automatically identifies system weaknesses against an insider adversary and suggest possible upgrades to improve the probability that the adversary will be detected. The tool is based on this premise: as the adversary acts, he or she creates a set of facts that can be detected by safeguards components. Whenever an adversary's planned set of actions create a set of facts which the security personnel would consider irregular or unusual, we can improve the security system by implementing safeguards that detect those facts. Therefore, an intelligent computer program can suggest upgrades to the facility if we construct a knowledge base that contains information about: (1) the facts created by each possible adversary action, (2) the facts that each possible safeguard can detect, and (3) groups of facts which will be considered irregular whenever they occur together. The authors describe the structure of the knowledge base and show how the above information can be represented in it. They also describe the procedures that a computer program can use to identify missing or weak safeguards and to suggest upgrades

  17. What then do we do about computer security?

    Energy Technology Data Exchange (ETDEWEB)

    Suppona, Roger A.; Mayo, Jackson R.; Davis, Christopher Edward; Berg, Michael J.; Wyss, Gregory Dane

    2012-01-01

    This report presents the answers that an informal and unfunded group at SNL provided for questions concerning computer security posed by Jim Gosler, Sandia Fellow (00002). The primary purpose of this report is to record our current answers; hopefully those answers will turn out to be answers indeed. The group was formed in November 2010. In November 2010 Jim Gosler, Sandia Fellow, asked several of us several pointed questions about computer security metrics. Never mind that some of the best minds in the field have been trying to crack this nut without success for decades. Jim asked Campbell to lead an informal and unfunded group to answer the questions. With time Jim invited several more Sandians to join in. We met a number of times both with Jim and without him. At Jim's direction we contacted a number of people outside Sandia who Jim thought could help. For example, we interacted with IBM's T.J. Watson Research Center and held a one-day, videoconference workshop with them on the questions.

  18. Close the Gate, Lock the Windows, Bolt the Doors: Securing Library Computers. Online Treasures

    Science.gov (United States)

    Balas, Janet

    2005-01-01

    This article, written by a systems librarian at the Monroeville Public Library, discusses a major issue affecting all computer users, security. It indicates that while, staying up-to-date on the latest security issues has become essential for all computer users, it's more critical for network managers who are responsible for securing computer…

  19. A novel quantum solution to secure two-party distance computation

    Science.gov (United States)

    Peng, Zhen-wan; Shi, Run-hua; Wang, Pan-hong; Zhang, Shun

    2018-06-01

    Secure Two-Party Distance Computation is an important primitive of Secure Multiparty Computational Geometry that it involves two parties, where each party has a private point, and the two parties want to jointly compute the distance between their points without revealing anything about their respective private information. Secure Two-Party Distance Computation has very important and potential applications in settings of high secure requirements, such as privacy-preserving Determination of Spatial Location-Relation, Determination of Polygons Similarity, and so on. In this paper, we present a quantum protocol for Secure Two-Party Distance Computation by using QKD-based Quantum Private Query. The security of the protocol is based on the physical principles of quantum mechanics, instead of difficulty assumptions, and therefore, it can ensure higher security than the classical related protocols.

  20. "Glitch Logic" and Applications to Computing and Information Security

    Science.gov (United States)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  1. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    OpenAIRE

    Sun Qiong; Min Liu; Shiming Pang

    2013-01-01

    With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...

  2. FREQUENCY OPTIMIZATION FOR SECURITY MONITORING OF COMPUTER SYSTEMS

    Directory of Open Access Journals (Sweden)

    Вogatyrev V.A.

    2015-03-01

    Full Text Available The subject areas of the proposed research are monitoring facilities for protection of computer systems exposed to destructive attacks of accidental and malicious nature. The interval optimization model of test monitoring for the detection of hazardous states of security breach caused by destructive attacks is proposed. Optimization function is to maximize profit in case of requests servicing in conditions of uncertainty, and intensity variance of the destructive attacks including penalties when servicing of requests is in dangerous conditions. The vector task of system availability maximization and minimization of probabilities for its downtime and dangerous conditions is proposed to be reduced to the scalar optimization problem based on the criterion of profit maximization from information services (service of requests that integrates these private criteria. Optimization variants are considered with the definition of the averaged periodic activities of monitoring and adapting of these periods to the changes in the intensity of destructive attacks. Adaptation efficiency of the monitoring frequency to changes in the activity of the destructive attacks is shown. The proposed solutions can find their application for optimization of test monitoring intervals to detect hazardous conditions of security breach that makes it possible to increase the system effectiveness, and specifically, to maximize the expected profit from information services.

  3. Evaluation of Secure Computation in a Distributed Healthcare Setting.

    Science.gov (United States)

    Kimura, Eizen; Hamada, Koki; Kikuchi, Ryo; Chida, Koji; Okamoto, Kazuya; Manabe, Shirou; Kuroda, Tomohiko; Matsumura, Yasushi; Takeda, Toshihiro; Mihara, Naoki

    2016-01-01

    Issues related to ensuring patient privacy and data ownership in clinical repositories prevent the growth of translational research. Previous studies have used an aggregator agent to obscure clinical repositories from the data user, and to ensure the privacy of output using statistical disclosure control. However, there remain several issues that must be considered. One such issue is that a data breach may occur when multiple nodes conspire. Another is that the agent may eavesdrop on or leak a user's queries and their results. We have implemented a secure computing method so that the data used by each party can be kept confidential even if all of the other parties conspire to crack the data. We deployed our implementation at three geographically distributed nodes connected to a high-speed layer two network. The performance of our method, with respect to processing times, suggests suitability for practical use.

  4. Unconditionally energy stable numerical schemes for phase-field vesicle membrane model

    Science.gov (United States)

    Guillén-González, F.; Tierra, G.

    2018-02-01

    Numerical schemes to simulate the deformation of vesicles membranes via minimizing the bending energy have been widely studied in recent times due to its connection with many biological motivated problems. In this work we propose a new unconditionally energy stable numerical scheme for a vesicle membrane model that satisfies exactly the conservation of volume constraint and penalizes the surface area constraint. Moreover, we extend these ideas to present an unconditionally energy stable splitting scheme decoupling the interaction of the vesicle with a surrounding fluid. Finally, the well behavior of the proposed schemes are illustrated through several computational experiments.

  5. Practical quantum computing on encrypted data

    OpenAIRE

    Marshall, Kevin; Jacobsen, Christian S.; Schafermeier, Clemens; Gehring, Tobias; Weedbrook, Christian; Andersen, Ulrik L.

    2016-01-01

    The ability to perform computations on encrypted data is a powerful tool for protecting a client's privacy, especially in today's era of cloud and distributed computing. In terms of privacy, the best solutions that classical techniques can achieve are unfortunately not unconditionally secure in the sense that they are dependent on a hacker's computational power. Here we theoretically investigate, and experimentally demonstrate with Gaussian displacement and squeezing operations, a quantum sol...

  6. An Analysis of Cloud Model-Based Security for Computing Secure Cloud Bursting and Aggregation in Real Environment

    OpenAIRE

    Pritesh Jain; Vaishali Chourey; Dheeraj Rane

    2011-01-01

    Cloud Computing has emerged as a major information and communications technology trend and has been proved as a key technology for market development and analysis for the users of several field. The practice of computing across two or more data centers separated by the Internet is growing in popularity due to an explosion in scalable computing demands. However, one of the major challenges that faces the cloud computing is how to secure and protect the data and processes the data of the user. ...

  7. CERN Computing Colloquium | Computer Security in 2016: Where are we and what to expect | 8 February

    CERN Multimedia

    2016-01-01

    Computer Security in 2016: Where are we and what to expect  by Sebastian Lopienski, CERN-IT Monday 8 February from 11 a.m. to 12 p.m http://cseminar.web.cern.ch/cseminar/ at CERN, Council Chamber (503-1-001)  Description: Attacks against computer systems, belonging both to individuals and organisations, are an everyday reality. How many times have we heard about supposedly well protected companies and online services at the mercy of cyber criminals, or governments accusing other nation states of cyber espionage. Only the most serious breaches and biggest data leaks continue to make the headlines. But really, how secure is our data, computers and networks? What is happening behind the scenes? Is it actually possible to avoid the vulnerabilities, or detect the resulting exploits? This talk will address these questions and provide a high-level overview of security trends in the last year or two. It will include information on emerging typ...

  8. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  9. Computer Security: When a person leaves - access rights remain!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    We have been contacted recently by an embarrassed project manager who just figured out that a student who left at the end of 2013 still had access rights to read the whole project folder in February 2014: “How can that be?! In any other company, access rights would be purged at the same time as an employment contract terminates." Not so at CERN.   CERN has always been an open site with an open community. Physical access to the site is lightweight and you just need to have your CERN access card at hand. Further restrictions have only been put in place where safety or security really require them, and CERN does not require you to keep your access card on display. The same holds for the digital world. Once registered at CERN - either by contract, via your experiment or through the Users' office - you own a computing account that provides you with access to a wide variety of computing services. For example, last year 9,730 students/technicians/engineers/researchers/sta...

  10. Review of Enabling Technologies to Facilitate Secure Compute Customization

    Energy Technology Data Exchange (ETDEWEB)

    Aderholdt, Ferrol [Tennessee Technological University; Caldwell, Blake A [ORNL; Hicks, Susan Elaine [ORNL; Koch, Scott M [ORNL; Naughton, III, Thomas J [ORNL; Pelfrey, Daniel S [ORNL; Pogge, James R [Tennessee Technological University; Scott, Stephen L [Tennessee Technological University; Shipman, Galen M [ORNL; Sorrillo, Lawrence [ORNL

    2014-12-01

    High performance computing environments are often used for a wide variety of workloads ranging from simulation, data transformation and analysis, and complex workflows to name just a few. These systems may process data for a variety of users, often requiring strong separation between job allocations. There are many challenges to establishing these secure enclaves within the shared infrastructure of high-performance computing (HPC) environments. The isolation mechanisms in the system software are the basic building blocks for enabling secure compute enclaves. There are a variety of approaches and the focus of this report is to review the different virtualization technologies that facilitate the creation of secure compute enclaves. The report reviews current operating system (OS) protection mechanisms and modern virtualization technologies to better understand the performance/isolation properties. We also examine the feasibility of running ``virtualized'' computing resources as non-privileged users, and providing controlled administrative permissions for standard users running within a virtualized context. Our examination includes technologies such as Linux containers (LXC [32], Docker [15]) and full virtualization (KVM [26], Xen [5]). We categorize these different approaches to virtualization into two broad groups: OS-level virtualization and system-level virtualization. The OS-level virtualization uses containers to allow a single OS kernel to be partitioned to create Virtual Environments (VE), e.g., LXC. The resources within the host's kernel are only virtualized in the sense of separate namespaces. In contrast, system-level virtualization uses hypervisors to manage multiple OS kernels and virtualize the physical resources (hardware) to create Virtual Machines (VM), e.g., Xen, KVM. This terminology of VE and VM, detailed in Section 2, is used throughout the report to distinguish between the two different approaches to providing virtualized execution

  11. Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

    DEFF Research Database (Denmark)

    Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

    2012-01-01

    Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

  12. Security Certification Challenges in a Cloud Computing Delivery Model

    Science.gov (United States)

    2010-04-27

    Relevant Security Standards, Certifications, and Guidance  NIST SP 800 series  ISO /IEC 27001 framework  Cloud Security Alliance  Statement of...CSA Domains / Cloud Features ISO 27001 Cloud Service Provider Responsibility Government Agency Responsibility Analyze Security gaps Compensating

  13. Security prospects through cloud computing by adopting multiple clouds

    DEFF Research Database (Denmark)

    Jensen, Meiko; Schwenk, Jörg; Bohli, Jens Matthias

    2011-01-01

    Clouds impose new security challenges, which are amongst the biggest obstacles when considering the usage of cloud services. This triggered a lot of research activities in this direction, resulting in a quantity of proposals targeting the various security threats. Besides the security issues coming...... with the cloud paradigm, it can also provide a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the same time....

  14. Preaching What We Practice: Teaching Ethical Decision-Making to Computer Security Professionals

    Science.gov (United States)

    Fleischmann, Kenneth R.

    The biggest challenge facing computer security researchers and professionals is not learning how to make ethical decisions; rather it is learning how to recognize ethical decisions. All too often, technology development suffers from what Langdon Winner terms technological somnambulism - we sleepwalk through our technology design, following past precedents without a second thought, and fail to consider the perspectives of other stakeholders [1]. Computer security research and practice involves a number of opportunities for ethical decisions. For example, decisions about whether or not to automatically provide security updates involve tradeoffs related to caring versus user autonomy. Decisions about online voting include tradeoffs between convenience and security. Finally, decisions about routinely screening e-mails for spam involve tradeoffs of efficiency and privacy. It is critical that these and other decisions facing computer security researchers and professionals are confronted head on as value-laden design decisions, and that computer security researchers and professionals consider the perspectives of various stakeholders in making these decisions.

  15. Guns, guards, gates and geeks: Romania strengthens computer security at nuclear installations

    International Nuclear Information System (INIS)

    Gil, Laura

    2016-01-01

    A cyberattack could swipe all the information stored on your computer or even prevent it from working. That’s bad enough. But a cyberattack on a nuclear power plant could lead to sabotage or theft of nuclear material. Computer security, concerned with the protection of digital data and the defence of systems and networks against malicious acts, is a critical component of nuclear security. “The advance of computers and their use in all aspects of nuclear operations has changed the security paradigm,” said Donald Dudenhoeffer, Information Technology Security Officer at the IAEA. “Information and computer security must be considered as components in the overall nuclear security plan.”

  16. 78 FR 38949 - Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response

    Science.gov (United States)

    2013-06-28

    ... exposed to various forms of cyber attack. In some cases, attacks can be thwarted through the use of...-3383-01] Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response... systems will be successfully attacked. When a successful attack occurs, the job of a Computer Security...

  17. 77 FR 43639 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-07-25

    ... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2011-0090] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Department of Veterans Affairs (VA.... SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-503...

  18. 77 FR 54943 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-09-06

    ... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2012-0016] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA)/Department of Veterans Affairs (VA.... SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-503...

  19. 75 FR 5166 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration...

    Science.gov (United States)

    2010-02-01

    ... SOCIAL SECURITY ADMINISTRATION [Docket No. SSA 2009-0043] Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration/Railroad Retirement Board (SSA/RRB))-- Match... INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 Public Law (Pub. L.) 100-503...

  20. Case Study: Creation of a Degree Program in Computer Security. White Paper.

    Science.gov (United States)

    Belon, Barbara; Wright, Marie

    This paper reports on research into the field of computer security, and undergraduate degrees offered in that field. Research described in the paper reveals only one computer security program at the associate's degree level in the entire country. That program, at Texas State Technical College in Waco, is a 71-credit-hour program leading to an…

  1. Fast and maliciously secure two-party computation using the GPU

    DEFF Research Database (Denmark)

    Frederiksen, Tore Kasper; Nielsen, Jesper Buus

    2013-01-01

    We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two-party compu......-party computation in a financially feasible and practical setting by using a consumer grade CPU and GPU. Our protocol further uses some novel constructions in order to combine garbled circuits and an OT extension in a parallel and maliciously secure setting.......We describe, and implement, a maliciously secure protocol for two-party computation in a parallel computational model. Our protocol is based on Yao’s garbled circuit and an efficient OT extension. The implementation is done using CUDA and yields fast results for maliciously secure two...

  2. Organization of the secure distributed computing based on multi-agent system

    Science.gov (United States)

    Khovanskov, Sergey; Rumyantsev, Konstantin; Khovanskova, Vera

    2018-04-01

    Nowadays developing methods for distributed computing is received much attention. One of the methods of distributed computing is using of multi-agent systems. The organization of distributed computing based on the conventional network computers can experience security threats performed by computational processes. Authors have developed the unified agent algorithm of control system of computing network nodes operation. Network PCs is used as computing nodes. The proposed multi-agent control system for the implementation of distributed computing allows in a short time to organize using of the processing power of computers any existing network to solve large-task by creating a distributed computing. Agents based on a computer network can: configure a distributed computing system; to distribute the computational load among computers operated agents; perform optimization distributed computing system according to the computing power of computers on the network. The number of computers connected to the network can be increased by connecting computers to the new computer system, which leads to an increase in overall processing power. Adding multi-agent system in the central agent increases the security of distributed computing. This organization of the distributed computing system reduces the problem solving time and increase fault tolerance (vitality) of computing processes in a changing computing environment (dynamic change of the number of computers on the network). Developed a multi-agent system detects cases of falsification of the results of a distributed system, which may lead to wrong decisions. In addition, the system checks and corrects wrong results.

  3. Measuring Human Performance within Computer Security Incident Response Teams

    Energy Technology Data Exchange (ETDEWEB)

    McClain, Jonathan T. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Silva, Austin Ray [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Avina, Glory Emmanuel [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Forsythe, James C. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-09-01

    Human performance has become a pertinen t issue within cyber security. However, this research has been stymied by the limited availability of expert cyber security professionals. This is partly attributable to the ongoing workload faced by cyber security professionals, which is compound ed by the limited number of qualified personnel and turnover of p ersonnel across organizations. Additionally, it is difficult to conduct research, and particularly, openly published research, due to the sensitivity inherent to cyber ope rations at most orga nizations. As an alternative, the current research has focused on data collection during cyb er security training exercises. These events draw individuals with a range of knowledge and experience extending from seasoned professionals to recent college gradu ates to college students. The current paper describes research involving data collection at two separate cyber security exercises. This data collection involved multiple measures which included behavioral performance based on human - machine transactions and questionnaire - based assessments of cyber security experience.

  4. Unconditional Regard Buffers Children’s Negative Self-Feelings

    NARCIS (Netherlands)

    Brummelman, E.; Thomaes, S.; Walton, G.M.; Poorthuis, A.M.G.; Overbeek, G.; Orobio de Castro, B.; Bushman, B.J.

    2014-01-01

    BACKGROUND: Unconditional regard refers to the feeling that one is accepted and valued by others without conditions. Psychological theory suggests that experiences of unconditional regard lead children to feel that they are valuable despite setbacks. We hypothesized that reflecting on experiences of

  5. Proposal for a security management in cloud computing for health care.

    Science.gov (United States)

    Haufe, Knut; Dzombeta, Srdan; Brandis, Knud

    2014-01-01

    Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  6. Proposal for a Security Management in Cloud Computing for Health Care

    Directory of Open Access Journals (Sweden)

    Knut Haufe

    2014-01-01

    Full Text Available Cloud computing is actually one of the most popular themes of information systems research. Considering the nature of the processed information especially health care organizations need to assess and treat specific risks according to cloud computing in their information security management system. Therefore, in this paper we propose a framework that includes the most important security processes regarding cloud computing in the health care sector. Starting with a framework of general information security management processes derived from standards of the ISO 27000 family the most important information security processes for health care organizations using cloud computing will be identified considering the main risks regarding cloud computing and the type of information processed. The identified processes will help a health care organization using cloud computing to focus on the most important ISMS processes and establish and operate them at an appropriate level of maturity considering limited resources.

  7. The Battle to Secure Our Public Access Computers

    Science.gov (United States)

    Sendze, Monique

    2006-01-01

    Securing public access workstations should be a significant part of any library's network and information-security strategy because of the sensitive information patrons enter on these workstations. As the IT manager for the Johnson County Library in Kansas City, Kan., this author is challenged to make sure that thousands of patrons get the access…

  8. Vulnerabilities and responsibilities: dealing with monsters in computer security

    NARCIS (Netherlands)

    Pieters, Wolter; Consoli, L.

    2009-01-01

    Purpose – The purpose of this paper is to analyze information security assessment in terms of cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security vulnerabilities, as well as to enable a proactive attitude towards preventing such

  9. Multilevel classification of security concerns in cloud computing

    Directory of Open Access Journals (Sweden)

    Syed Asad Hussain

    2017-01-01

    Full Text Available Threats jeopardize some basic security requirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider.

  10. A REVIEW ON SECURITY AND PRIVACY ISSUES IN CLOUD COMPUTING

    OpenAIRE

    Gulshan Kumar*, Dr.Vijay Laxmi

    2017-01-01

    Cloud computing is an upcoming paradigm that offers tremendous advantages in economical aspects, such as reduced time to market, flexible computing capabilities, and limitless computing power. To use the full potential of cloud computing, data is transferred, processed and stored by external cloud providers. However, data owners are very skeptical to place their data outside their own control sphere. Cloud computing is a new development of grid, parallel, and distributed computing with visual...

  11. EMRlog method for computer security for electronic medical records with logic and data mining.

    Science.gov (United States)

    Martínez Monterrubio, Sergio Mauricio; Frausto Solis, Juan; Monroy Borja, Raúl

    2015-01-01

    The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  12. EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

    Directory of Open Access Journals (Sweden)

    Sergio Mauricio Martínez Monterrubio

    2015-01-01

    Full Text Available The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.

  13. The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)

    Science.gov (United States)

    Clarke, Marlon

    2011-01-01

    As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors…

  14. Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems.

    Science.gov (United States)

    Wu, Jun; Su, Zhou; Wang, Shen; Li, Jianhua

    2017-07-30

    Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on "friend" relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems.

  15. Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems

    Directory of Open Access Journals (Sweden)

    Jun Wu

    2017-07-01

    Full Text Available Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on “friend” relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems.

  16. Crowd Sensing-Enabling Security Service Recommendation for Social Fog Computing Systems

    Science.gov (United States)

    Wu, Jun; Su, Zhou; Li, Jianhua

    2017-01-01

    Fog computing, shifting intelligence and resources from the remote cloud to edge networks, has the potential of providing low-latency for the communication from sensing data sources to users. For the objects from the Internet of Things (IoT) to the cloud, it is a new trend that the objects establish social-like relationships with each other, which efficiently brings the benefits of developed sociality to a complex environment. As fog service become more sophisticated, it will become more convenient for fog users to share their own services, resources, and data via social networks. Meanwhile, the efficient social organization can enable more flexible, secure, and collaborative networking. Aforementioned advantages make the social network a potential architecture for fog computing systems. In this paper, we design an architecture for social fog computing, in which the services of fog are provisioned based on “friend” relationships. To the best of our knowledge, this is the first attempt at an organized fog computing system-based social model. Meanwhile, social networking enhances the complexity and security risks of fog computing services, creating difficulties of security service recommendations in social fog computing. To address this, we propose a novel crowd sensing-enabling security service provisioning method to recommend security services accurately in social fog computing systems. Simulation results show the feasibilities and efficiency of the crowd sensing-enabling security service recommendation method for social fog computing systems. PMID:28758943

  17. CTF: Computer security competitions for learning and fun

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    CTF hacking competitions condense practical security knowledge in short and measurable challenges, in short: education, fun, prizes and fame! This talk is an introduction to these type of competitions from a player perspective over the years.

  18. Increasing Security for Cloud Computing By Steganography in Image Edges

    Directory of Open Access Journals (Sweden)

    Hassan Hadi Saleh

    2017-03-01

    Full Text Available The security of data storage in “cloud” is big challenge because the data keep within resources that may be accessed by particular machines. The managing of these data and services may not be high reliable. Therefore, the security of data is highly challenging. To increase the security of data in data center of cloud, we have introduced good method to ensure data security in “cloud computing” by methods of data hiding using color images which is called steganography. The fundamental objective of this paper is to prevent "Data Access” by unauthorized or opponent users. This scheme stores data at data centers within edges of color images and retrieves data from it when it is wanted.

  19. Design of advanced primitives for secure multiparty computation : special shuffles and integer comparison

    NARCIS (Netherlands)

    Villegas Bautista, J.A.

    2010-01-01

    In modern cryptography, the problem of secure multiparty computation is about the cooperation between mutually distrusting parties computing a given function. Each party holds some private information that should remain secret as much as possible throughout the computation. A large body of research

  20. 77 FR 74913 - Privacy Act of 1974, as Amended; Computer Matching Program (Social Security Administration (SSA...

    Science.gov (United States)

    2012-12-18

    ...; Computer Matching Program (Social Security Administration (SSA)/Office of Personnel Management (OPM.... SUPPLEMENTARY INFORMATION: A. General The Computer Matching and Privacy Protection Act of 1988 (Public Law (Pub... computer matching involving the Federal government could be performed and adding certain protections for...

  1. Toward Practical Verification of Outsourced Computations Using Probabilistically Checkable Proofs (PCPs)

    Science.gov (United States)

    2010-07-12

    Germany, 1999. [8] L. Babai, L. Fortnow, L. A. Levin, and M. Szegedy. Checking Computations in Polylogarithmic Time. In STOC, 1991. [9] A. Ben- David ...their work. J. ACM, 42(1):269–291, 1995. [12] D. Chaum , C. Crépeau, and I. Damgard. Multiparty unconditionally secure protocols. In STOC, 1988. [13

  2. Comment on ''Secure multiparty computation with a dishonest majority via quantum means''

    International Nuclear Information System (INIS)

    Li Yanbing; Wen Qiaoyan; Qin Sujuan

    2011-01-01

    In a recent paper [K. Loukopoulos and D. E. Browne, Phys. Rev. A 81, 062336 (2010)], five schemes for secure multiparty computation utilizing the Greenberger-Horne-Zeilinger (GHZ) quantum correlation were presented, which were claimed to be secure in some kinds of security models. However, this study points out that schemes C and D2 could be attacked by corrupted parties replacing photon and exchanging classical information.

  3. Toward Confirming a Framework for Securing the Virtual Machine Image in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Raid Khalid Hussein

    2017-04-01

    Full Text Available The concept of cloud computing has arisen thanks to academic work in the fields of utility computing, distributed computing, virtualisation, and web services. By using cloud computing, which can be accessed from anywhere, newly-launched businesses can minimise their start-up costs. Among the most important notions when it comes to the construction of cloud computing is virtualisation. While this concept brings its own security risks, these risks are not necessarily related to the cloud. The main disadvantage of using cloud computing is linked to safety and security. This is because anybody which chooses to employ cloud computing will use someone else’s hard disk and CPU in order to sort and store data. In cloud environments, a great deal of importance is placed on guaranteeing that the virtual machine image is safe and secure. Indeed, a previous study has put forth a framework with which to protect the virtual machine image in cloud computing. As such, the present study is primarily concerned with confirming this theoretical framework so as to ultimately secure the virtual machine image in cloud computing. This will be achieved by carrying out interviews with experts in the field of cloud security.

  4. Computer Security in the Introductory Business Information Systems Course: An Exploratory Study of Textbook Coverage

    Science.gov (United States)

    Sousa, Kenneth J.; MacDonald, Laurie E.; Fougere, Kenneth T.

    2005-01-01

    The authors conducted an evaluation of Management Information Systems (MIS) textbooks and found that computer security receives very little in-depth coverage. The textbooks provide, at best, superficial treatment of security issues. The research results suggest that MIS faculty need to provide material to supplement the textbook to provide…

  5. Information Systems Security and Computer Crime in the IS Curriculum: A Detailed Examination

    Science.gov (United States)

    Foltz, C. Bryan; Renwick, Janet S.

    2011-01-01

    The authors examined the extent to which information systems (IS) security and computer crime are covered in information systems programs. Results suggest that IS faculty believe security coverage should be increased in required, elective, and non-IS courses. However, respondent faculty members are concerned that existing curricula leave little…

  6. Computer Security Primer: Systems Architecture, Special Ontology and Cloud Virtual Machines

    Science.gov (United States)

    Waguespack, Leslie J.

    2014-01-01

    With the increasing proliferation of multitasking and Internet-connected devices, security has reemerged as a fundamental design concern in information systems. The shift of IS curricula toward a largely organizational perspective of security leaves little room for focus on its foundation in systems architecture, the computational underpinnings of…

  7. Exploring Hardware-Based Primitives to Enhance Parallel Security Monitoring in a Novel Computing Architecture

    National Research Council Canada - National Science Library

    Mott, Stephen

    2007-01-01

    .... In doing this, we propose a novel computing architecture, derived from a contemporary shared memory architecture, that facilitates efficient security-related monitoring in real-time, while keeping...

  8. VA INFORMATION SYSTEMS: Computer Security Weaknesses Persist at the Veterans Health Administration

    National Research Council Canada - National Science Library

    2000-01-01

    .... To determine the status of computer security within VHA, we (1) evaluated information system general controls at the VA Maryland Health Cafe System, the New Mexico VA Health Care System, and the VA North Texas Health Care System and (2...

  9. Secure data structures based on multi-party computation

    DEFF Research Database (Denmark)

    Toft, Tomas

    2011-01-01

    to be realized using MPC primitives, however, by focusing on a specific example -- a priority queue -- it is shown that it is possible to achieve much better results than the generic solutions can provide. Moreover, the techniques differ significantly from existing ORAM constructions. Indeed it has recently been...... shown that any information theoretically secure ORAM with n memory locations requires at least log n random bits per read/write to hide the access pattern. In contrast, the present construction achieves security with a completely deterministic access pattern....

  10. A computer science approach to managing security in health care.

    Science.gov (United States)

    Asirelli, P; Braccini, G; Caramella, D; Coco, A; Fabbrini, F

    2002-09-01

    The security of electronic medical information is very important for health care organisations, which have to ensure confidentiality, integrity and availability of the information provided. This paper will briefly outline the legal measures adopted by the European Community, Italy and the United States to regulate the use and disclosure of medical records. It will then go on to highlight how information technology can help to address these issues with special reference to the management of organisation policies. To this end, we will present a modelling example for the security policy of a radiological department.

  11. Security, Privacy, Threats and Risks in Cloud Computing ― A Vital Review

    OpenAIRE

    Goyal, Sumit

    2016-01-01

    Cloud computing is a multi million dollar business. As more and more enterprises are adopting cloud services for their businesses, threat of security has become a big concern for these enterprises and cloud users. This review describes the latest threats and risks associated with cloud computing and suggests techniques for better privacy and security of data in cloud environment. Threats and risks associated with cloud service models (SaaS, PaaS and IaaS) along with cloud deployment models (p...

  12. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  13. Teaching Hands-On Linux Host Computer Security

    Science.gov (United States)

    Shumba, Rose

    2006-01-01

    In the summer of 2003, a project to augment and improve the teaching of information assurance courses was started at IUP. Thus far, ten hands-on exercises have been developed. The exercises described in this article, and presented in the appendix, are based on actions required to secure a Linux host. Publicly available resources were used to…

  14. Computing security strategies in finite horizon repeated Bayesian games

    KAUST Repository

    Lichun Li; Langbort, Cedric; Shamma, Jeff S.

    2017-01-01

    in the worst case. First, a security strategy that directly depends on both players' history actions is derived by refining the sequence form. Noticing that history action space grows exponentially with respect to the time horizon, this paper further presents a

  15. New Approaches to Practical Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Nordholt, Peter Sebastian

    all practical protocols with malicious security were based on Yao’s garbled circuits. We report on an implementation of this protocol demonstrating its high efficiency. For larger circuits it evaluates 20000 Boolean gates per second. As an example, evaluating one oblivious AES encryption (around 34000...

  16. Computer Security: “Heartbleed” - a disaster for privacy

    CERN Multimedia

    Computer Security Team

    2014-01-01

    "On a scale of 1 to 10, this is an 11,” claimed the famous security expert Bruce Schneier (see here). Indeed, the serious vulnerability dubbed “Heartbleed” affects everyone who relies on secure and private Internet communication. You cannot avoid it, so let’s see how it affects you.   “Heartbleed” is the name that's been given to a vulnerability for OpenSSL (CVE-2014-0160). This software implements “the Secure Socket Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptography library”. SSL and TLS protocols are used to encrypt any communication between a client and a server, and to ensure that your communication is safe from eavesdropping or spying - that is, until 2012, when this bug was introduced. It allows the extraction of the first 64 kB from the memory of a server or client using OpenSSL (not necessarily web servers), and can potent...

  17. A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

    Directory of Open Access Journals (Sweden)

    Geylani KARDAŞ

    2008-01-01

    Full Text Available In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication and mobility to the system architecture. A real implementation of the proposed architecture which utilizes the JavaCard technology is also discussed in this study.

  18. The method of a joint intraday security check system based on cloud computing

    Science.gov (United States)

    Dong, Wei; Feng, Changyou; Zhou, Caiqi; Cai, Zhi; Dan, Xu; Dai, Sai; Zhang, Chuancheng

    2017-01-01

    The intraday security check is the core application in the dispatching control system. The existing security check calculation only uses the dispatch center’s local model and data as the functional margin. This paper introduces the design of all-grid intraday joint security check system based on cloud computing and its implementation. To reduce the effect of subarea bad data on the all-grid security check, a new power flow algorithm basing on comparison and adjustment with inter-provincial tie-line plan is presented. And the numerical example illustrated the effectiveness and feasibility of the proposed method.

  19. An Australian Perspective On The Challenges For Computer And Network Security For Novice End-Users

    Directory of Open Access Journals (Sweden)

    Patryk Szewczyk

    2012-12-01

    Full Text Available It is common for end-users to have difficulty in using computer or network security appropriately and thus have often been ridiculed when misinterpreting instructions or procedures. This discussion paper details the outcomes of research undertaken over the past six years on why security is overly complex for end-users. The results indicate that multiple issues may render end-users vulnerable to security threats and that there is no single solution to address these problems. Studies on a small group of senior citizens has shown that educational seminars can be beneficial in ensuring that simple security aspects are understood and used appropriately.

  20. High-performance secure multi-party computation for data mining applications

    DEFF Research Database (Denmark)

    Bogdanov, Dan; Niitsoo, Margus; Toft, Tomas

    2012-01-01

    Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real...... operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit...

  1. Features of the Synthesis of Performance Security Information in Computer Systems

    Directory of Open Access Journals (Sweden)

    V. K. Dzhogan

    2011-12-01

    Full Text Available Synthesis of a scorecard is a gradual process of composition, since the set of elements that reflect the original, systematized their condition, and, through a series of intermediates, linking them in a single bound to the structure ends with one element that reflects the purpose of the system. The hierarchical structure of the system performance of information security in computer systems is a structure with regard to “one to many”. The article reflects the extent of information security tools capabilities influence at the security of information resources of computer systems (from indirect — Class 1, to direct — Class 4.

  2. Computer Security: “Hello World” - Welcome to CERN

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Welcome to the open, liberal and free academic computing environment at CERN. Thanks to your new (or long-established!) affiliation with CERN, you are eligible for a CERN computing account, which enables you to register your devices: computers, laptops, smartphones, tablets, etc. It provides you with plenty of disk space and an e-mail address. It allows you to create websites, virtual machines and databases on demand.   You can now access most of the computing services provided by the GS and IT departments: Indico, for organising meetings and conferences; EDMS, for the approval of your engineering specifications; TWiki, for collaboration with others; and the WLCG computing grid. “Open, liberal, and free”, however, does not mean that you can do whatever you like. While we try to make your access to CERN's computing facilities as convenient and easy as possible, there are a few limits and boundaries to respect. These boundaries protect both the Organization'...

  3. Enhancing Security by System-Level Virtualization in Cloud Computing Environments

    Science.gov (United States)

    Sun, Dawei; Chang, Guiran; Tan, Chunguang; Wang, Xingwei

    Many trends are opening up the era of cloud computing, which will reshape the IT industry. Virtualization techniques have become an indispensable ingredient for almost all cloud computing system. By the virtual environments, cloud provider is able to run varieties of operating systems as needed by each cloud user. Virtualization can improve reliability, security, and availability of applications by using consolidation, isolation, and fault tolerance. In addition, it is possible to balance the workloads by using live migration techniques. In this paper, the definition of cloud computing is given; and then the service and deployment models are introduced. An analysis of security issues and challenges in implementation of cloud computing is identified. Moreover, a system-level virtualization case is established to enhance the security of cloud computing environments.

  4. Discussion on the Technology and Method of Computer Network Security Management

    Science.gov (United States)

    Zhou, Jianlei

    2017-09-01

    With the rapid development of information technology, the application of computer network technology has penetrated all aspects of society, changed people's way of life work to a certain extent, brought great convenience to people. But computer network technology is not a panacea, it can promote the function of social development, but also can cause damage to the community and the country. Due to computer network’ openness, easiness of sharing and other characteristics, it had a very negative impact on the computer network security, especially the loopholes in the technical aspects can cause damage on the network information. Based on this, this paper will do a brief analysis on the computer network security management problems and security measures.

  5. Computer Security: Virus Highlights Need for Improved Internet Management

    Science.gov (United States)

    1989-06-01

    Kingdom. Page 47 GAO/IMTEC-89-57 Internet Computer Virus Appendix III Major Contributors to This Report Information Management and Technology ...resources; disrupts the intended use of the Internet ; or wastes resources, destroys the integrity of computer -based information , or compromises users...and information from the other party in order to assist in preparation for trial. Page 32 GAO/IMTEC-89-57 Internet Computer Virus Chapter 3 Factors

  6. Survey on Security Issues in File Management in Cloud Computing Environment

    Science.gov (United States)

    Gupta, Udit

    2015-06-01

    Cloud computing has pervaded through every aspect of Information technology in past decade. It has become easier to process plethora of data, generated by various devices in real time, with the advent of cloud networks. The privacy of users data is maintained by data centers around the world and hence it has become feasible to operate on that data from lightweight portable devices. But with ease of processing comes the security aspect of the data. One such security aspect is secure file transfer either internally within cloud or externally from one cloud network to another. File management is central to cloud computing and it is paramount to address the security concerns which arise out of it. This survey paper aims to elucidate the various protocols which can be used for secure file transfer and analyze the ramifications of using each protocol.

  7. Cloud Computing: Virtual Clusters, Data Security, and Disaster Recovery

    Science.gov (United States)

    Hwang, Kai

    Dr. Kai Hwang is a Professor of Electrical Engineering and Computer Science and Director of Internet and Cloud Computing Lab at the Univ. of Southern California (USC). He received the Ph.D. in Electrical Engineering and Computer Science from the Univ. of California, Berkeley. Prior to joining USC, he has taught at Purdue Univ. for many years. He has also served as a visiting Chair Professor at Minnesota, Hong Kong Univ., Zhejiang Univ., and Tsinghua Univ. He has published 8 books and over 210 scientific papers in computer science/engineering.

  8. Blind Quantum Signature with Blind Quantum Computation

    Science.gov (United States)

    Li, Wei; Shi, Ronghua; Guo, Ying

    2017-04-01

    Blind quantum computation allows a client without quantum abilities to interact with a quantum server to perform a unconditional secure computing protocol, while protecting client's privacy. Motivated by confidentiality of blind quantum computation, a blind quantum signature scheme is designed with laconic structure. Different from the traditional signature schemes, the signing and verifying operations are performed through measurement-based quantum computation. Inputs of blind quantum computation are securely controlled with multi-qubit entangled states. The unique signature of the transmitted message is generated by the signer without leaking information in imperfect channels. Whereas, the receiver can verify the validity of the signature using the quantum matching algorithm. The security is guaranteed by entanglement of quantum system for blind quantum computation. It provides a potential practical application for e-commerce in the cloud computing and first-generation quantum computation.

  9. Main control computer security model of closed network systems protection against cyber attacks

    Science.gov (United States)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  10. A Trust-Based Model for Security Cooperating in Vehicular Cloud Computing

    Directory of Open Access Journals (Sweden)

    Zhipeng Tang

    2016-01-01

    Full Text Available VCC is a computing paradigm which consists of vehicles cooperating with each other to realize a lot of practical applications, such as delivering packages. Security cooperation is a fundamental research topic in Vehicular Cloud Computing (VCC. Because of the existence of malicious vehicles, the security cooperation has become a challenging issue in VCC. In this paper, a trust-based model for security cooperating, named DBTEC, is proposed to promote vehicles’ security cooperation in VCC. DBTEC combines the indirect trust estimation in Public board and the direct trust estimation in Private board to compute the trust value of vehicles when choosing cooperative partners; a trustworthy cooperation path generating scheme is proposed to ensure the safety of cooperation and increase the cooperation completion rates in VCC. Extensive experiments show that our scheme improves the overall cooperation completion rates by 6~7%.

  11. Towards a Game Theoretic View of Secure Computation

    DEFF Research Database (Denmark)

    Asharov, Gilad; Canetti, Ran; Hazay, Carmit

    2011-01-01

    We demonstrate how Game Theoretic concepts and formalism can be used to capture cryptographic notions of security. In the restricted but indicative case of two-party protocols in the face of malicious fail-stop faults, we first show how the traditional notions of secrecy and correctness of protoc......We demonstrate how Game Theoretic concepts and formalism can be used to capture cryptographic notions of security. In the restricted but indicative case of two-party protocols in the face of malicious fail-stop faults, we first show how the traditional notions of secrecy and correctness...... of protocols can be captured as properties of Nash equilibria in games for rational players. Next, we concentrate on fairness. Here we demonstrate a Game Theoretic notion and two different cryptographic notions that turn out to all be equivalent. In addition, we provide a simulation based notion that implies...

  12. An Empirical Measure of Computer Security Strength for Vulnerability Remediation

    Science.gov (United States)

    Villegas, Rafael

    2010-01-01

    Remediating all vulnerabilities on computer systems in a timely and cost effective manner is difficult given that the window of time between the announcement of a new vulnerability and an automated attack has decreased. Hence, organizations need to prioritize the vulnerability remediation process on their computer systems. The goal of this…

  13. Cyber Security on Nuclear Power Plant's Computer Systems

    International Nuclear Information System (INIS)

    Shin, Ick Hyun

    2010-01-01

    Computer systems are used in many different fields of industry. Most of us are taking great advantages from the computer systems. Because of the effectiveness and great performance of computer system, we are getting so dependable on the computer. But the more we are dependable on the computer system, the more the risk we will face when the computer system is unavailable or inaccessible or uncontrollable. There are SCADA, Supervisory Control And Data Acquisition, system which are broadly used for critical infrastructure such as transportation, electricity, water management. And if the SCADA system is vulnerable to the cyber attack, it is going to be nation's big disaster. Especially if nuclear power plant's main control systems are attacked by cyber terrorists, the results may be huge. Leaking of radioactive material will be the terrorist's main purpose without using physical forces. In this paper, different types of cyber attacks are described, and a possible structure of NPP's computer network system is presented. And the paper also provides possible ways of destruction of the NPP's computer system along with some suggestions for the protection against cyber attacks

  14. Optimizing Security of Cloud Computing within the DoD

    Science.gov (United States)

    2010-12-01

    expediency in new service roll out, availability (a loss of one component will not disconnect all components), and mobility (the ability to telecommute ).30...practices as well as oversight of administrative privileges and access.129  Scarce federal security guidance/procurement strategy. Comprehensive...systems; the intent of the program is to provide oversight without duplication of effort.258 The CCAC president is calling FedRAMP a “unified, risk

  15. Quantum Digital Signatures for Unconditional Safe Authenticity Protection of Medical Documentation

    Directory of Open Access Journals (Sweden)

    Arkadiusz Liber

    2015-12-01

    Full Text Available Modern medical documentation appears most often in an online form which requires some digital methods to ensure its confidentiality, integrity and authenticity. The document authenticity may be secured with the use of a signature. A classical handwritten signature is directly related to its owner by his/her psychomotor character traits. Such a signature is also connected with the material it is written on, and a writing tool. Because of these properties, a handwritten signature reflects certain close material bonds between the owner and the document. In case of modern digital signatures, the document authentication has a mathematical nature. The verification of the authenticity becomes the verification of a key instead of a human. Since 1994 it has been known that classical digital signature algorithms may not be safe because of the Shor’s factorization algorithm. To implement the modern authenticity protection of medical data, some new types of algorithms should be used. One of the groups of such algorithms is based on the quantum computations. In this paper, the analysis of the current knowledge status of Quantum Digital Signature protocols, with its basic principles, phases and common elements such as transmission, comparison and encryption, was outlined. Some of the most promising protocols for signing digital medical documentation, that fulfill the requirements for QDS, were also briefly described. We showed that, a QDS protocol with QKD components requires the equipment similar to the equipment used for a QKD, for its implementation, which is already commercially available. If it is properly implemented, it provides the shortest lifetime of qubits in comparison to other protocols. It can be used not only to sign classical messages but probably it could be well adopted to implement unconditionally safe protection of medical documentation in the nearest future, as well.

  16. Modeling hemoglobin at optical frequency using the unconditionally stable fundamental ADI-FDTD method.

    Science.gov (United States)

    Heh, Ding Yu; Tan, Eng Leong

    2011-04-12

    This paper presents the modeling of hemoglobin at optical frequency (250 nm - 1000 nm) using the unconditionally stable fundamental alternating-direction-implicit finite-difference time-domain (FADI-FDTD) method. An accurate model based on complex conjugate pole-residue pairs is proposed to model the complex permittivity of hemoglobin at optical frequency. Two hemoglobin concentrations at 15 g/dL and 33 g/dL are considered. The model is then incorporated into the FADI-FDTD method for solving electromagnetic problems involving interaction of light with hemoglobin. The computation of transmission and reflection coefficients of a half space hemoglobin medium using the FADI-FDTD validates the accuracy of our model and method. The specific absorption rate (SAR) distribution of human capillary at optical frequency is also shown. While maintaining accuracy, the unconditionally stable FADI-FDTD method exhibits high efficiency in modeling hemoglobin.

  17. Advances in computers dependable and secure systems engineering

    CERN Document Server

    Hurson, Ali

    2012-01-01

    Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field. In-depth surveys and tutorials on new computer technologyWell-known authors and researchers in the fieldExtensive bibliographies with m

  18. Business Administration and Computer Science Degrees: Earnings, Job Security, and Job Satisfaction

    Science.gov (United States)

    Mehta, Kamlesh; Uhlig, Ronald

    2017-01-01

    This paper examines the potential of business administration vs. computer science degrees in terms of earnings, job security, and job satisfaction. The paper focuses on earnings potential five years and ten years after the completion of business administration and computer science degrees. Moreover, the paper presents the income changes with…

  19. hPIN/hTAN: Low-Cost e-Banking Secure against Untrusted Computers

    Science.gov (United States)

    Li, Shujun; Sadeghi, Ahmad-Reza; Schmitz, Roland

    We propose hPIN/hTAN, a low-cost token-based e-banking protection scheme when the adversary has full control over the user's computer. Compared with existing hardware-based solutions, hPIN/hTAN depends on neither second trusted channel, nor secure keypad, nor computationally expensive encryption module.

  20. Computer science security research and human subjects: emerging considerations for research ethics boards.

    Science.gov (United States)

    Buchanan, Elizabeth; Aycock, John; Dexter, Scott; Dittrich, David; Hvizdak, Erin

    2011-06-01

    This paper explores the growing concerns with computer science research, and in particular, computer security research and its relationship with the committees that review human subjects research. It offers cases that review boards are likely to confront, and provides a context for appropriate consideration of such research, as issues of bots, clouds, and worms enter the discourse of human subjects review.

  1. Secure grid-based computing with social-network based trust management in the semantic web

    Czech Academy of Sciences Publication Activity Database

    Špánek, Roman; Tůma, Miroslav

    2006-01-01

    Roč. 16, č. 6 (2006), s. 475-488 ISSN 1210-0552 R&D Projects: GA AV ČR 1ET100300419; GA MŠk 1M0554 Institutional research plan: CEZ:AV0Z10300504 Keywords : semantic web * grid computing * trust management * reconfigurable networks * security * hypergraph model * hypergraph algorithms Subject RIV: IN - Informatics, Computer Science

  2. Secure cloud computing implementation study for Singapore military operations

    OpenAIRE

    Guoquan, Lai

    2016-01-01

    Approved for public release; distribution is unlimited Cloud computing benefits organizations in many ways. With characteristics such as resource pooling, broad network access, on-demand self-service, and rapid elasticity, an organization's overall IT management can be significantly reduced (in terms of labor, software, and hardware) and its work processes made more efficient. However, is cloud computing suitable for the Singapore Armed Forces (SAF)? How can the SAF migrate its traditional...

  3. Secure Cloud Computing Implementation Study For Singapore Military Operations

    Science.gov (United States)

    2016-09-01

    50 Figure 7. Basic Military Cloud Features Integrated into the OODA Loop Figure 8. Process...demand via the network” to cloud users [2]. International Business Machines (IBM) defines it as “the delivery of on-demand computing resources...to Statista [6], the public cloud computing market has shown continuous revenue growth in cloud services, beginning with a notable increase in 5

  4. Informatics in Radiology (infoRAD): personal computer security: part 2. Software Configuration and file protection.

    Science.gov (United States)

    Caruso, Ronald D

    2004-01-01

    Proper configuration of software security settings and proper file management are necessary and important elements of safe computer use. Unfortunately, the configuration of software security options is often not user friendly. Safe file management requires the use of several utilities, most of which are already installed on the computer or available as freeware. Among these file operations are setting passwords, defragmentation, deletion, wiping, removal of personal information, and encryption. For example, Digital Imaging and Communications in Medicine medical images need to be anonymized, or "scrubbed," to remove patient identifying information in the header section prior to their use in a public educational or research environment. The choices made with respect to computer security may affect the convenience of the computing process. Ultimately, the degree of inconvenience accepted will depend on the sensitivity of the files and communications to be protected and the tolerance of the user. Copyright RSNA, 2004

  5. Meeting the security requirements of electronic medical records in the ERA of high-speed computing.

    Science.gov (United States)

    Alanazi, H O; Zaidan, A A; Zaidan, B B; Kiah, M L Mat; Al-Bakri, S H

    2015-01-01

    This study has two objectives. First, it aims to develop a system with a highly secured approach to transmitting electronic medical records (EMRs), and second, it aims to identify entities that transmit private patient information without permission. The NTRU and the Advanced Encryption Standard (AES) cryptosystems are secured encryption methods. The AES is a tested technology that has already been utilized in several systems to secure sensitive data. The United States government has been using AES since June 2003 to protect sensitive and essential information. Meanwhile, NTRU protects sensitive data against attacks through the use of quantum computers, which can break the RSA cryptosystem and elliptic curve cryptography algorithms. A hybrid of AES and NTRU is developed in this work to improve EMR security. The proposed hybrid cryptography technique is implemented to secure the data transmission process of EMRs. The proposed security solution can provide protection for over 40 years and is resistant to quantum computers. Moreover, the technique provides the necessary evidence required by law to identify disclosure or misuse of patient records. The proposed solution can effectively secure EMR transmission and protect patient rights. It also identifies the source responsible for disclosing confidential patient records. The proposed hybrid technique for securing data managed by institutional websites must be improved in the future.

  6. Determining the efficacy of nuclear security through computer simulation

    Energy Technology Data Exchange (ETDEWEB)

    Chornobo, N.; Waller, E., E-mail: nicholas.chornoboy@uoit.ca [University of Ontario Institute of Technology, Oshawa, ON (Canada)

    2015-07-01

    Currently when creating new security regimes or analyzing current ones it is difficult to determine how effective they are or will be. This leads to many decisions being made using subjective expert opinion or expensive live exercises. While these are useful for determining the effectiveness it would be ideal to have an easy way to simulate and attack through software in order to allow rapid testing of many different scenarios simply. This work focuses on modifying the force on force simulator stage to run these kinds of tests. (author)

  7. Demonstration of blind quantum computing.

    Science.gov (United States)

    Barz, Stefanie; Kashefi, Elham; Broadbent, Anne; Fitzsimons, Joseph F; Zeilinger, Anton; Walther, Philip

    2012-01-20

    Quantum computers, besides offering substantial computational speedups, are also expected to preserve the privacy of a computation. We present an experimental demonstration of blind quantum computing in which the input, computation, and output all remain unknown to the computer. We exploit the conceptual framework of measurement-based quantum computation that enables a client to delegate a computation to a quantum server. Various blind delegated computations, including one- and two-qubit gates and the Deutsch and Grover quantum algorithms, are demonstrated. The client only needs to be able to prepare and transmit individual photonic qubits. Our demonstration is crucial for unconditionally secure quantum cloud computing and might become a key ingredient for real-life applications, especially when considering the challenges of making powerful quantum computers widely available.

  8. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing.

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-07-24

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

  9. A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

    Science.gov (United States)

    Fan, Kai; Wang, Junxiong; Wang, Xin; Li, Hui; Yang, Yintang

    2017-01-01

    With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient. PMID:28737733

  10. Computer Security: IT or not IT, that is the question

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Following on from our recent Bulletin article on “How to succeed in software deployment” (see here), we repeatedly face the problem that “standard” IT services are replicated within CERN or even outsourced to external companies.   Past experience has shown that such non-centrally managed systems are more prone to security risks and, in the long run, are less well managed – that is, if they’re not eventually orphaned completely. If hosted outside CERN, there is also the risk that sensitive data from the Organization could be leaked and that CERN would not be able to intervene in the event of a security problem. Imagine, for example, a slide show created by an external consultant and hosted in the cloud… While this might have been convenient for the consultant, a regular user of that cloud service, the content was lost once the consultant’s job was done and nobody at CERN took responsibility for the slide show. Or...

  11. Security and Privacy of Sensitive Data in Cloud Computing: A Survey of Recent Developments

    OpenAIRE

    Gholami, Ali; Laure, Erwin

    2016-01-01

    Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation and scalability. This paradigm shift raises a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviews the existing technologies and a wide array of both earlier and state-of...

  12. A PROFICIENT MODEL FOR HIGH END SECURITY IN CLOUD COMPUTING

    Directory of Open Access Journals (Sweden)

    R. Bala Chandar

    2014-01-01

    Full Text Available Cloud computing is an inspiring technology due to its abilities like ensuring scalable services, reducing the anxiety of local hardware and software management associated with computing while increasing flexibility and scalability. A key trait of the cloud services is remotely processing of data. Even though this technology had offered a lot of services, there are a few concerns such as misbehavior of server side stored data , out of control of data owner's data and cloud computing does not control the access of outsourced data desired by the data owner. To handle these issues, we propose a new model to ensure the data correctness for assurance of stored data, distributed accountability for authentication and efficient access control of outsourced data for authorization. This model strengthens the correctness of data and helps to achieve the cloud data integrity, supports data owner to have control on their own data through tracking and improves the access control of outsourced data.

  13. Fair Secure Computation with Reputation Assumptions in the Mobile Social Networks

    Directory of Open Access Journals (Sweden)

    Yilei Wang

    2015-01-01

    Full Text Available With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

  14. Risk in the Clouds?: Security Issues Facing Government Use of Cloud Computing

    Science.gov (United States)

    Wyld, David C.

    Cloud computing is poised to become one of the most important and fundamental shifts in how computing is consumed and used. Forecasts show that government will play a lead role in adopting cloud computing - for data storage, applications, and processing power, as IT executives seek to maximize their returns on limited procurement budgets in these challenging economic times. After an overview of the cloud computing concept, this article explores the security issues facing public sector use of cloud computing and looks to the risk and benefits of shifting to cloud-based models. It concludes with an analysis of the challenges that lie ahead for government use of cloud resources.

  15. Implementation of a data and computer security application | Bibu ...

    African Journals Online (AJOL)

    If you would like more information about how to print, save, and work with PDFs, Highwire Press provides a helpful Frequently Asked Questions about PDFs. Alternatively, you can download the PDF file directly to your computer, from where it can be opened using a PDF reader. To download the PDF, click the Download link ...

  16. Security in Cloud Computing For Service Delivery Models: Challenges and Solutions

    OpenAIRE

    Preeti Barrow; Runni Kumari; Prof. Manjula R

    2016-01-01

    Cloud computing, undoubtedly, is a path to expand the limits or add powerful capabilities on-demand with almost no investment in new framework, training new staff, or authorizing new software. Though today everyone is talking about cloud but, organizations are still in dilemma whether it’s safe to deploy their business on cloud. The reason behind it; is nothing but Security. No cloud service provider provides 100% security assurance to its customers and therefore, businesses are h...

  17. Security and Privacy Implications of Cloud Computing – Lost in the Cloud

    OpenAIRE

    Tchifilionova , Vassilka

    2010-01-01

    Part 4: Security for Clouds; International audience; Cloud computing - the new paradigm, the future for IT consumer utility, the economy of scale approach, the illusion of un infinite resources availability, yet the debate over security and privacy issues is still undergoing and a common policy framework is missing. Research confirms that users are concern when presented with scenarios in which companies may put their data to uses of which they may not be aware. Therefore, privacy and securit...

  18. Validation of Computer Models for Homeland Security Purposes

    International Nuclear Information System (INIS)

    Schweppe, John E.; Ely, James; Kouzes, Richard T.; McConn, Ronald J.; Pagh, Richard T.; Robinson, Sean M.; Siciliano, Edward R.; Borgardt, James D.; Bender, Sarah E.; Earnhart, Alison H.

    2005-01-01

    At Pacific Northwest National Laboratory, we are developing computer models of radiation portal monitors for screening vehicles and cargo. Detailed models of the radiation detection equipment, vehicles, cargo containers, cargos, and radioactive sources have been created. These are used to determine the optimal configuration of detectors and the best alarm algorithms for the detection of items of interest while minimizing nuisance alarms due to the presence of legitimate radioactive material in the commerce stream. Most of the modeling is done with the Monte Carlo code MCNP to describe the transport of gammas and neutrons from extended sources through large, irregularly shaped absorbers to large detectors. A fundamental prerequisite is the validation of the computational models against field measurements. We describe the first step of this validation process, the comparison of the models to measurements with bare static sources

  19. 77 FR 32709 - Privacy Act of 1974, as Amended; Computer Matching Program (SSA/Department of Homeland Security...

    Science.gov (United States)

    2012-06-01

    ...; Computer Matching Program (SSA/ Department of Homeland Security (DHS))--Match Number 1010 AGENCY: Social Security Administration (SSA). ACTION: Notice of a renewal of an existing computer matching program that... amended by the Computer Matching and Privacy Protection Act of 1988, as amended, and the regulations and...

  20. A Study on Cloud Computing and its Security Issues

    OpenAIRE

    Mr. Venkata Sreedhar Ventrapragada; Daniel Ravuri; G Jyothi

    2013-01-01

    “Cloud computing” was coined for what happens whenservices and applications are propelled into the internet“cloud.” Cloud computing refers to the many different types ofservices and applications being delivered in the internet cloud,and the devices used to access these services and applicationsdo not require any special applications. Advances in serviceoriented architecture (SOA) have brought the world close tothe once imaginary vision of establishing and running a virtualbusiness, a business...

  1. PHANTOM: Practical Oblivious Computation in a Secure Processor

    Science.gov (United States)

    2014-05-16

    competitive relationship between the cloud provider and the client. For example, Netflix is hosted on Amazon’s EC2 cloud infrastructure, while Amazon is a...unilever/ (visited on 03/21/2013). [7] Charles Babcock. Cloud Connect: Netflix Finds Home In Amazon EC2. Retrieved Sep 16, 2013. url: http...www.informationweek.com/cloud-computing/infrast ructure/cloud-connect- netflix -finds-home-in-amaz/229300547. [8] Jonathan Bachrach et al. “Chisel: Constructing

  2. Secure Computation, I/O-Efficient Algorithms and Distributed Signatures

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Kölker, Jonas; Toft, Tomas

    2012-01-01

    values of form r, gr for random secret-shared r ∈ ℤq and gr in a group of order q. This costs a constant number of exponentiation per player per value generated, even if less than n/3 players are malicious. This can be used for efficient distributed computing of Schnorr signatures. We further develop...... the technique so we can sign secret data in a distributed fashion at essentially the same cost....

  3. Operation, Management, Security and Sustainability for Cloud Computing

    Directory of Open Access Journals (Sweden)

    WESTPHAL, C. B.

    2014-06-01

    Full Text Available This paper presents some scope, context, proposals and solutions related with the following topics: Decision-Theoretic Planning for Cloud Computing; An Architecture for Risk Analysis in Cloud; Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation; Challenges of Operationalizing PACS on Cloud Over Wireless Networks; Environment, Services and Network Management for Green Clouds; Provisioning and Resource Allocation for Green Clouds; and Optimizing Green Clouds through Legacy Network Infrastructure Management.

  4. Protecting intellectual property in space; Proceedings of the Aerospace Computer Security Conference, McLean, VA, March 20, 1985

    Science.gov (United States)

    1985-01-01

    The primary purpose of the Aerospace Computer Security Conference was to bring together people and organizations which have a common interest in protecting intellectual property generated in space. Operational concerns are discussed, taking into account security implications of the space station information system, Space Shuttle security policies and programs, potential uses of probabilistic risk assessment techniques for space station development, key considerations in contingency planning for secure space flight ground control centers, a systematic method for evaluating security requirements compliance, and security engineering of secure ground stations. Subjects related to security technologies are also explored, giving attention to processing requirements of secure C3/I and battle management systems and the development of the Gemini trusted multiple microcomputer base, the Restricted Access Processor system as a security guard designed to protect classified information, and observations on local area network security.

  5. 2nd International Doctoral Symposium on Applied Computation and Security Systems

    CERN Document Server

    Cortesi, Agostino; Saeed, Khalid; Chaki, Nabendu

    2016-01-01

    The book contains the extended version of the works that have been presented and discussed in the Second International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2015) held during May 23-25, 2015 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland; Ca’ Foscari University, Venice, Italy and University of Calcutta, India. The book is divided into volumes and presents dissertation works in the areas of Image Processing, Biometrics-based Authentication, Soft Computing, Data Mining, Next Generation Networking and Network Security, Remote Healthcare, Communications, Embedded Systems, Software Engineering and Service Engineering.

  6. A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

    Directory of Open Access Journals (Sweden)

    Siniša Tomović

    2016-01-01

    Full Text Available The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

  7. COMPREHENSIVE REVIEW OF AES AND RSA SECURITY ALGORITHMS IN CLOUD COMPUTING

    OpenAIRE

    Shubham Kansal*, Harkiran Kaur

    2017-01-01

    Cloud Computing referred as revolutionary approach which has changed the IT and business integration. It has benefits to almost every type of IT requirement, it can be used by enterprises to cut their IT costs, and it can be used by individual to use it as a storage solution with a disaster recovery solution. One major problem that exists with Cloud Computing, in the present scenario, is security and privacy of the data. Encryption is the most important part of the security if you own a priva...

  8. Multiparty Computation from Somewhat Homomorphic Encryption

    DEFF Research Database (Denmark)

    Damgård, Ivan Bjerre; Pastro, Valerio; Smart, Nigel

    2011-01-01

    independent of the function to be computed and of the inputs, and a much more efficient online phase where the actual computation takes place. The online phase is unconditionally secure and has total computational (and communication) complexity linear in $n$, the number of players, where earlier work......We propose a general multiparty computation protocol secure against an active adversary corrupting up to $n-1$ of the $n$ players. The protocol may be used to compute securely arithmetic circuits over any finite field $\\F_{p^k}$. Our protocol consists of a preprocessing phase that is both...... was quadratic in $n$. Hence, the work done by each player in the online phase is independent of $n$ and moreover is only a small constant factor larger than what one would need to compute the circuit in the clear. It is the first protocol in the preprocessing model with these properties. We show a lower bound...

  9. Pengujian Konsep Psikoterapi Unconditional Positive Regard Pada Mahasiswa Perempuan

    Directory of Open Access Journals (Sweden)

    Beatriks Novianti Kiling-Bunga

    2016-06-01

    Full Text Available One of the psychotheraphy approaches that has given positive contributions to the psychiatry is Carl Rogers’ Client-Centered approach. On of three main conditions that Rogers emphasizes in the approach is Unconditional positive regard. The main condition is called as the curative factor of client-centered theraphy. The article is discussing the study process of unconditional positive regard concept in a person which the sample is the female students. Questions and process flow scheme are also discussed in this article. The study concept is regarded to be able to contribute knowedge to the counseling practitioners in case of facing the student’s problem

  10. Computer Modeling of Radiation Portal Monitors for Homeland Security Applications

    International Nuclear Information System (INIS)

    Pagh, Richard T.; Kouzes, Richard T.; McConn, Ronald J.; Robinson, Sean M.; Schweppe, John E.; Siciliano, Edward R.

    2005-01-01

    Radiation Portal Monitors (RPMs) are currently being used at our nation's borders to detect potential nuclear threats. At the Pacific Northwest National Laboratory (PNNL), realistic computer models of RPMs are being developed to simulate the screening of vehicles and cargo. Detailed models of the detection equipment, vehicles, cargo containers, cargos, and radioactive sources are being used to determine the optimal configuration of detectors. These models can also be used to support work to optimize alarming algorithms so that they maximize sensitivity for items of interest while minimizing nuisance alarms triggered by legitimate radioactive material in the commerce stream. Proposed next-generation equipment is also being modeled to quantify performance and capability improvements to detect potential nuclear threats. A discussion of the methodology used to perform computer modeling for RPMs will be provided. In addition, the efforts to validate models used to perform these scenario analyses will be described. Finally, areas where improved modeling capability is needed will be discussed as a guide to future development efforts

  11. State of the Art of Network Security Perspectives in Cloud Computing

    Science.gov (United States)

    Oh, Tae Hwan; Lim, Shinyoung; Choi, Young B.; Park, Kwang-Roh; Lee, Heejo; Choi, Hyunsang

    Cloud computing is now regarded as one of social phenomenon that satisfy customers' needs. It is possible that the customers' needs and the primary principle of economy - gain maximum benefits from minimum investment - reflects realization of cloud computing. We are living in the connected society with flood of information and without connected computers to the Internet, our activities and work of daily living will be impossible. Cloud computing is able to provide customers with custom-tailored features of application software and user's environment based on the customer's needs by adopting on-demand outsourcing of computing resources through the Internet. It also provides cloud computing users with high-end computing power and expensive application software package, and accordingly the users will access their data and the application software where they are located at the remote system. As the cloud computing system is connected to the Internet, network security issues of cloud computing are considered as mandatory prior to real world service. In this paper, survey and issues on the network security in cloud computing are discussed from the perspective of real world service environments.

  12. Efficient Server-Aided Secure Two-Party Function Evaluation with Applications to Genomic Computation

    Directory of Open Access Journals (Sweden)

    Blanton Marina

    2016-10-01

    Full Text Available Computation based on genomic data is becoming increasingly popular today, be it for medical or other purposes. Non-medical uses of genomic data in a computation often take place in a server-mediated setting where the server offers the ability for joint genomic testing between the users. Undeniably, genomic data is highly sensitive, which in contrast to other biometry types, discloses a plethora of information not only about the data owner, but also about his or her relatives. Thus, there is an urgent need to protect genomic data. This is particularly true when the data is used in computation for what we call recreational non-health-related purposes. Towards this goal, in this work we put forward a framework for server-aided secure two-party computation with the security model motivated by genomic applications. One particular security setting that we treat in this work provides stronger security guarantees with respect to malicious users than the traditional malicious model. In particular, we incorporate certified inputs into secure computation based on garbled circuit evaluation to guarantee that a malicious user is unable to modify her inputs in order to learn unauthorized information about the other user’s data. Our solutions are general in the sense that they can be used to securely evaluate arbitrary functions and offer attractive performance compared to the state of the art. We apply the general constructions to three specific types of genomic tests: paternity, genetic compatibility, and ancestry testing and implement the constructions. The results show that all such private tests can be executed within a matter of seconds or less despite the large size of one’s genomic data.

  13. Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

    Science.gov (United States)

    Pathak, Rohit; Joshi, Satyadhar

    With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP

  14. Computer Security: Join the CERN WhiteHat Challenge!

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Over the past couple of months, several CERN users have reported vulnerabilities they have found in computing services and servers running at CERN. All were relevant, many were interesting and a few even surprising. Spotting weaknesses and areas for improvement before malicious people can exploit them is paramount. It helps protect the operation of our accelerators and experiments as well as the reputation of the Organization. Therefore, we would like to express our gratitude to those people for having reported these weaknesses! Great job and well done!   Seizing the opportunity, we would like to reopen the hunt for bugs, vulnerabilities and insecure configurations of CERN applications, websites and devices. You might recall we ran a similar initiative (“Hide & Seek”) in 2012 where we asked you to sift through CERN’s webpages and send us those that hold sensitive and confidential information. Quite a number of juicy documents were found and subsequently remov...

  15. Computer Security: Social Media - Dos and Don’ts

    CERN Multimedia

    Computer Security Team

    2014-01-01

    Do you blog frequently? Send tweets about what you've done? Keep a lively Facebook profile? Comment regularly on interactive forums? Many of us do.    "Social media", i.e. Twitter, Facebook, public blogs, interactive forums and public commenting functions on websites, are widely used for sharing information, outreach and contact with the world. While you can make use of social media for many different purposes, the lines between private and public, personal and professional are often blurred. Consequently, it is often difficult to get the balance right. As a social animal, you want to be frank, open and communicative and share your knowledge, experiences, opinions, feelings and life with your peers. On the other hand, while working at or for CERN, you cannot act in the void but have to respect CERN’s Code of Conduct, CERN’s Computing Rules and, for CERN personnel, the Staff Rules and Regulations. Therefore, if your posts include mention ...

  16. Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography

    Science.gov (United States)

    Yan, Liang; Rong, Chunming; Zhao, Gansen

    More and more companies begin to provide different kinds of cloud computing services for Internet users at the same time these services also bring some security problems. Currently the majority of cloud computing systems provide digital identity for users to access their services, this will bring some inconvenience for a hybrid cloud that includes multiple private clouds and/or public clouds. Today most cloud computing system use asymmetric and traditional public key cryptography to provide data security and mutual authentication. Identity-based cryptography has some attraction characteristics that seem to fit well the requirements of cloud computing. In this paper, by adopting federated identity management together with hierarchical identity-based cryptography (HIBC), not only the key distribution but also the mutual authentication can be simplified in the cloud.

  17. Computer Security: ransomware - when it is too late...

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2016-01-01

    “Ransomware is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction.    Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying...” (Source: https://en.wikipedia.org/wiki/Ransomware) It is not unusual to see devices falling prey to ransomware. PCs and laptops, in particular those running the Windows operating system, can easily be infected with ransomware if the user is inattentive. For example, if they open an attachment to an unsolicited mail (see some hints to detect bad emails here), or click on the link to a malicious website (see our articles on our clicking campaign). So what can you do if you have already ...

  18. The application of data encryption technology in computer network communication security

    Science.gov (United States)

    Gong, Lina; Zhang, Li; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-04-01

    With the rapid development of Intemet and the extensive application of computer technology, the security of information becomes more and more serious, and the information security technology with data encryption technology as the core has also been developed greatly. Data encryption technology not only can encrypt and decrypt data, but also can realize digital signature, authentication and authentication and other functions, thus ensuring the confidentiality, integrity and confirmation of data transmission over the network. In order to improve the security of data in network communication, in this paper, a hybrid encryption system is used to encrypt and decrypt the triple DES algorithm with high security, and the two keys are encrypted with RSA algorithm, thus ensuring the security of the triple DES key and solving the problem of key management; At the same time to realize digital signature using Java security software, to ensure data integrity and non-repudiation. Finally, the data encryption system is developed by Java language. The data encryption system is simple and effective, with good security and practicality.

  19. CS651 Computer Systems Security Foundations 3d Imagination Cyber Security Management Plan

    Energy Technology Data Exchange (ETDEWEB)

    Nielsen, Roy S. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-03-02

    3d Imagination is a new company that bases its business on selling and improving 3d open source related hardware. The devices that they sell include 3d imagers, 3d printers, pick and place machines and laser etchers. They have a fast company intranet for ease in sharing, storing and printing large, complex 3d designs. They have an employee set that requires a variety of operating systems including Windows, Mac and a variety of Linux both for running business services as well as design and test machines. There are a wide variety of private networks for testing transfer rates to and from the 3d devices, without interference with other network tra c. They do video conferencing conferencing with customers and other designers. One of their machines is based on the project found at delta.firepick.org(Krassenstein, 2014; Biggs, 2014), which in future, will perform most of those functions. Their devices all include embedded systems, that may have full blown operating systems. Most of their systems are designed to have swappable parts, so when a new technology is born, it can be quickly adopted by people with 3d Imagination hardware. This company is producing a fair number of systems and components, however to get the funding they need to mass produce quality parts, so they are preparing for an IPO to raise the funds they need. They would like to have a cyber-security audit performed so they can give their investors con dence that they are protecting their data, customers information and printers in a proactive manner.

  20. Towards Securing the Home Computer: a modification of the USB Port

    African Journals Online (AJOL)

    Hundreds of millions of people use the home computer everyday for different purposes. These systems use the universal serial bus (USB) disk for day to day transfer of data, communication and other applications. The USB as a flexible tool for data transfer raises security concerns relatively to a potential loss of assets.

  1. Relationship between Trustworthiness, Transparency, and Security in Cloud Computing Environments: A Regression Analysis

    Science.gov (United States)

    Ibrahim, Sara

    2017-01-01

    The insider security threat causes new and dangerous dimensions in cloud computing. Those internal threats are originated from contractors or the business partners' input that have access to the systems. A study of trustworthiness and transparency might assist the organizations to monitor employees' activity more cautiously on cloud technologies…

  2. Macintosh Computer Classroom and Laboratory Security: Preventing Unwanted Changes to the System.

    Science.gov (United States)

    Senn, Gary J.; Smyth, Thomas J. C.

    Because of the graphical interface and "openness" of the operating system, Macintosh computers are susceptible to undesirable changes by the user. This presentation discusses the advantages and disadvantages of software packages that offer protection for the Macintosh system. The two basic forms of software security packages include a…

  3. Enabling analytics on sensitive medical data with secure multi-party computation

    NARCIS (Netherlands)

    M. Veeningen (Meilof); S. Chatterjea (Supriyo); A.Z. Horváth (Anna Zsófia); G. Spindler (Gerald); E. Boersma (Eric); P. van der Spek (Peter); O. van der Galiën (Onno); J. Gutteling (Job); W. Kraaij (Wessel); P.J.M. Veugen (Thijs)

    2018-01-01

    textabstractWhile there is a clear need to apply data analytics in the healthcare sector, this is often difficult because it requires combining sensitive data from multiple data sources. In this paper, we show how the cryptographic technique of secure multiparty computation can enable such data

  4. Conditional and unconditional QTL mapping of drought-tolerance ...

    Indian Academy of Sciences (India)

    For discovering the quantitative trait loci (QTLs) contributing to early seedling growth and drought tolerance during germination, conditional and unconditional analyses of 12 traits of wheat seedlings: coleoptile length, seedling height, longest root length, root number, seedling fresh weight, stem and leaves fresh weight, root ...

  5. Unconditionally stable integration of Maxwell’s equations

    NARCIS (Netherlands)

    Verwer, J.G.; Botchev, M.A.

    2009-01-01

    Numerical integration of Maxwell’s equations is often based on explicit methods accepting a stability step size restriction. In literature evidence is given that there is also a need for unconditionally stable methods, as exemplified by the successful alternating direction implicit - finite

  6. Unconditional conservatism in Brazilian public companies and tax neutrality

    Directory of Open Access Journals (Sweden)

    Juliana Pinhata Sanches do Vale

    2017-03-01

    Full Text Available ABSTRACT Law n. 11,638/2007 legitimized the International Financial Reporting Standards (IFRS adoption process in Brazil and introduced an accounting system detached from tax purposes in the country. This law aims to reduce the influence of tax law on accounting standards and improve the quality of financial reporting, as IFRS are considered to be higher quality standards. International literature shows a reduction in earnings quality in environments where accounting and tax rules are strongly linked. Moreover, the influence of tax legislation on financial accounting is seen to encourage unconditional conservatism, a bias with no advantages for financial market efficiency. Thus, tax neutrality is expected to provide a more favorable institutional environment for quality financial reporting by detaching corporate accounting from tax accounting. In light of the above, this study aims to verify whether the advent of tax neutrality influences unconditional conservatism in Brazilian public companies. The methodology used involves panel data regressions. The sample consists of non-financial publicly-traded companies with information published in Economática® covering 2002 to 2014. The results show differences in the relationship between taxation and financial reporting between firms that are subject to different levels of monitoring in the Brazilian stock market. Evidence of unconditional conservatism is only found in companies that are subject to greater market monitoring. In this group, it is observed that taxation does not induce unconditional conservatism in reported earnings, which is expected in a tax neutrality context.

  7. The evolution of unconditional strategies via the 'multiplier effect'.

    Science.gov (United States)

    McNamara, John M; Dall, Sasha R X

    2011-03-01

    Ostensibly, it makes sense in a changeable world to condition behaviour and development on information when it is available. Nevertheless, unconditional behavioural and life history strategies are widespread. Here, we show how intergenerational effects can limit the evolutionary value of responding to reliable environmental cues, and thus favour the evolutionary persistence of otherwise paradoxical unconditional strategies. While cue-ignoring genotypes do poorly in the wrong environments, in the right environment they will leave many copies of themselves, which will themselves leave many copies, and so on, leading genotypes to accumulate in habitats in which they do well. We call this 'The Multiplier Effect'. We explore the consequences of the multiplier effect by focussing on the ecologically important phenomenon of natal philopatry. We model the environment as a large number of temporally varying breeding sites connected by natal dispersal between sites. Our aim is to identify which aspects of an environment promote the multiplier effect. We show, if sites remain connected through some background level of 'accidental' dispersal, unconditional natal philopatry can evolve even when there is density dependence (with its accompanying kin competition effects), and cues that are only mildly erroneous. Thus, the multiplier effect may underpin the evolution and maintenance of unconditional strategies such as natal philopatry in many biological systems. © 2011 Blackwell Publishing Ltd/CNRS.

  8. Securing SIFT: Privacy-preserving Outsourcing Computation of Feature Extractions Over Encrypted Image Data.

    Science.gov (United States)

    Hu, Shengshan; Wang, Qian; Wang, Jingjun; Qin, Zhan; Ren, Kui

    2016-05-13

    Advances in cloud computing have greatly motivated data owners to outsource their huge amount of personal multimedia data and/or computationally expensive tasks onto the cloud by leveraging its abundant resources for cost saving and flexibility. Despite the tremendous benefits, the outsourced multimedia data and its originated applications may reveal the data owner's private information, such as the personal identity, locations or even financial profiles. This observation has recently aroused new research interest on privacy-preserving computations over outsourced multimedia data. In this paper, we propose an effective and practical privacy-preserving computation outsourcing protocol for the prevailing scale-invariant feature transform (SIFT) over massive encrypted image data. We first show that previous solutions to this problem have either efficiency/security or practicality issues, and none can well preserve the important characteristics of the original SIFT in terms of distinctiveness and robustness. We then present a new scheme design that achieves efficiency and security requirements simultaneously with the preservation of its key characteristics, by randomly splitting the original image data, designing two novel efficient protocols for secure multiplication and comparison, and carefully distributing the feature extraction computations onto two independent cloud servers. We both carefully analyze and extensively evaluate the security and effectiveness of our design. The results show that our solution is practically secure, outperforms the state-of-theart, and performs comparably to the original SIFT in terms of various characteristics, including rotation invariance, image scale invariance, robust matching across affine distortion, addition of noise and change in 3D viewpoint and illumination.

  9. ORGANIZATION OF ACTIVITIES IN THE COMPUTER LAB AT THE SECONDARY EDUCATIONAL ESTABLISHMENTS IN VIEW OF MEASURES OF INFORMATION SECURITY.

    Directory of Open Access Journals (Sweden)

    V.N. Kovalchuk

    2010-11-01

    Full Text Available The paper the organizational activities of informational security in the secondary school are considered In particular the planning of organizational activities on stages of the lifecycle of the system of information security of educational computer complex is proposed. There are purified the methods of unification for the software installed at the pupils’ workstations. There is developed the tentative calendar plan of regular activities and main approaches to the management of system of informational security of educational computer complex on the basis of hardware-software level and the organization of antivirus security in computer lab is described.

  10. Enhanced Survey and Proposal to secure the data in Cloud Computing Environment

    OpenAIRE

    MR.S.SUBBIAH; DR.S.SELVA MUTHUKUMARAN; DR.T.RAMKUMAR

    2013-01-01

    Cloud computing have the power to eliminate the cost of setting high end computing infrastructure. It is a promising area or design to give very flexible architecture, accessible through the internet. In the cloud computing environment the data will be reside at any of the data centers. Due to that, some data center may leak the data stored on there, beyond the reach and control of the users. For this kind of misbehaving data centers, the service providers should take care of the security and...

  11. Data mining technique for a secure electronic payment transaction using MJk-RSA in mobile computing

    Science.gov (United States)

    G. V., Ramesh Babu; Narayana, G.; Sulaiman, A.; Padmavathamma, M.

    2012-04-01

    Due to the evolution of the Electronic Learning (E-Learning), one can easily get desired information on computer or mobile system connected through Internet. Currently E-Learning materials are easily accessible on the desktop computer system, but in future, most of the information shall also be available on small digital devices like Mobile, PDA, etc. Most of the E-Learning materials are paid and customer has to pay entire amount through credit/debit card system. Therefore, it is very important to study about the security of the credit/debit card numbers. The present paper is an attempt in this direction and a security technique is presented to secure the credit/debit card numbers supplied over the Internet to access the E-Learning materials or any kind of purchase through Internet. A well known method i.e. Data Cube Technique is used to design the security model of the credit/debit card system. The major objective of this paper is to design a practical electronic payment protocol which is the safest and most secured mode of transaction. This technique may reduce fake transactions which are above 20% at the global level.

  12. Security Risks of Cloud Computing and Its Emergence as 5th Utility Service

    Science.gov (United States)

    Ahmad, Mushtaq

    Cloud Computing is being projected by the major cloud services provider IT companies such as IBM, Google, Yahoo, Amazon and others as fifth utility where clients will have access for processing those applications and or software projects which need very high processing speed for compute intensive and huge data capacity for scientific, engineering research problems and also e- business and data content network applications. These services for different types of clients are provided under DASM-Direct Access Service Management based on virtualization of hardware, software and very high bandwidth Internet (Web 2.0) communication. The paper reviews these developments for Cloud Computing and Hardware/Software configuration of the cloud paradigm. The paper also examines the vital aspects of security risks projected by IT Industry experts, cloud clients. The paper also highlights the cloud provider's response to cloud security risks.

  13. THE STATUS OF INFORMATION SECURITY COMPETENCE FORMEDNESS OF FUTURE COMPUTER SCIENCE TEACHERS

    Directory of Open Access Journals (Sweden)

    Vasyl P. Oleksiuk

    2017-12-01

    Full Text Available In the article there are explored the concepts of cybersecurity and information security. It is proved that cybersecurity can’t be fully ensured without teaching to principles and rules of information security. The authors have analyzed the specificity of the future computer science teachers' study in the context of developing of their competences necessary for safe students’ activity in the computer networks and Internet. Particular attention is paid to the threats arising after introduction cloud technologies various service models into the educational process. The article focuses on methods and stages of the pedagogical investigation of correlation between the operational and reflective components of the professional competencies of future computer science teachers.

  14. The Internet and Security: Do We need a Man With A Red Flag To Walk In Front of Computers?

    OpenAIRE

    Edwards, Lilian

    2007-01-01

    This editorial focusses on the topic of internet security; its real, or perceived threats to individuals, and the regulatory framework in place to deal with cybercrime. Edwards suggests some obligations for computer owners as an attempt to ensure the security of their computer.

  15. Privacy and Data Security under Cloud Computing Arrangements: The Legal Framework and Practical Do's and Don'ts

    Science.gov (United States)

    Buckman, Joel; Gold, Stephanie

    2012-01-01

    This article outlines privacy and data security compliance issues facing postsecondary education institutions when they utilize cloud computing and concludes with a practical list of do's and dont's. Cloud computing does not change an institution's privacy and data security obligations. It does involve reliance on a third party, which requires an…

  16. An Efficient and Secure m-IPS Scheme of Mobile Devices for Human-Centric Computing

    Directory of Open Access Journals (Sweden)

    Young-Sik Jeong

    2014-01-01

    Full Text Available Recent rapid developments in wireless and mobile IT technologies have led to their application in many real-life areas, such as disasters, home networks, mobile social networks, medical services, industry, schools, and the military. Business/work environments have become wire/wireless, integrated with wireless networks. Although the increase in the use of mobile devices that can use wireless networks increases work efficiency and provides greater convenience, wireless access to networks represents a security threat. Currently, wireless intrusion prevention systems (IPSs are used to prevent wireless security threats. However, these are not an ideal security measure for businesses that utilize mobile devices because they do not take account of temporal-spatial and role information factors. Therefore, in this paper, an efficient and secure mobile-IPS (m-IPS is proposed for businesses utilizing mobile devices in mobile environments for human-centric computing. The m-IPS system incorporates temporal-spatial awareness in human-centric computing with various mobile devices and checks users’ temporal spatial information, profiles, and role information to provide precise access control. And it also can extend application of m-IPS to the Internet of things (IoT, which is one of the important advanced technologies for supporting human-centric computing environment completely, for real ubiquitous field with mobile devices.

  17. Simple steps to data encryption a practical guide to secure computing

    CERN Document Server

    Loshin, Peter

    2013-01-01

    Everyone wants privacy and security online, something that most computer users have more or less given up on as far as their personal data is concerned. There is no shortage of good encryption software, and no shortage of books, articles and essays that purport to be about how to use it. Yet there is precious little for ordinary users who want just enough information about encryption to use it safely and securely and appropriately--WITHOUT having to become experts in cryptography. Data encryption is a powerful tool, if used properly. Encryption turns ordinary, readable data into what

  18. BelleII@home: Integrate volunteer computing resources into DIRAC in a secure way

    Science.gov (United States)

    Wu, Wenjing; Hara, Takanori; Miyake, Hideki; Ueda, Ikuo; Kan, Wenxiao; Urquijo, Phillip

    2017-10-01

    The exploitation of volunteer computing resources has become a popular practice in the HEP computing community as the huge amount of potential computing power it provides. In the recent HEP experiments, the grid middleware has been used to organize the services and the resources, however it relies heavily on the X.509 authentication, which is contradictory to the untrusted feature of volunteer computing resources, therefore one big challenge to utilize the volunteer computing resources is how to integrate them into the grid middleware in a secure way. The DIRAC interware which is commonly used as the major component of the grid computing infrastructure for several HEP experiments proposes an even bigger challenge to this paradox as its pilot is more closely coupled with operations requiring the X.509 authentication compared to the implementations of pilot in its peer grid interware. The Belle II experiment is a B-factory experiment at KEK, and it uses DIRAC for its distributed computing. In the project of BelleII@home, in order to integrate the volunteer computing resources into the Belle II distributed computing platform in a secure way, we adopted a new approach which detaches the payload running from the Belle II DIRAC pilot which is a customized pilot pulling and processing jobs from the Belle II distributed computing platform, so that the payload can run on volunteer computers without requiring any X.509 authentication. In this approach we developed a gateway service running on a trusted server which handles all the operations requiring the X.509 authentication. So far, we have developed and deployed the prototype of BelleII@home, and tested its full workflow which proves the feasibility of this approach. This approach can also be applied on HPC systems whose work nodes do not have outbound connectivity to interact with the DIRAC system in general.

  19. Security approaches in using tablet computers for primary data collection in clinical research.

    Science.gov (United States)

    Wilcox, Adam B; Gallagher, Kathleen; Bakken, Suzanne

    2013-01-01

    Next-generation tablets (iPads and Android tablets) may potentially improve the collection and management of clinical research data. The widespread adoption of tablets, coupled with decreased software and hardware costs, has led to increased consideration of tablets for primary research data collection. When using tablets for the Washington Heights/Inwood Infrastructure for Comparative Effectiveness Research (WICER) project, we found that the devices give rise to inherent security issues associated with the potential use of cloud-based data storage approaches. This paper identifies and describes major security considerations for primary data collection with tablets; proposes a set of architectural strategies for implementing data collection forms with tablet computers; and discusses the security, cost, and workflow of each strategy. The paper briefly reviews the strategies with respect to their implementation for three primary data collection activities for the WICER project.

  20. A light weight secure image encryption scheme based on chaos & DNA computing

    Directory of Open Access Journals (Sweden)

    Bhaskar Mondal

    2017-10-01

    Full Text Available This paper proposed a new light weight secure cryptographic scheme for secure image communication. In this scheme the plain image is permuted first using a sequence of pseudo random number (PRN and encrypted by DeoxyriboNucleic Acid (DNA computation. Two PRN sequences are generated by a Pseudo Random Number Generator (PRNG based on cross coupled chaotic logistic map using two sets of keys. The first PRN sequence is used for permuting the plain image whereas the second PRN sequence is used for generating random DNA sequence. The number of rounds of permutation and encryption may be variable to increase security. The scheme is proposed for gray label images but the scheme may be extended for color images and text data. Simulation results exhibit that the proposed scheme can defy any kind of attack.

  1. Formulation, computation and improvement of steady state security margins in power systems. Part II: Results

    International Nuclear Information System (INIS)

    Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T.

    2011-01-01

    A steady state security margin for a particular operating point can be defined as the distance from this initial point to the secure operating limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. This is the second part of a two part paper. Part I has proposed a novel framework of a general model able to formulate, compute and improve any steady state security margin. In Part II the performance of the general model is validated by solving a variety of practical situations in modern real power systems. Actual examples of the Spanish power system will be used for this purpose. The same computation and improvement algorithms outlined in Part I have been applied for the four security margins considered in the study, outlining the convenience of defining a general framework valid for the four of them. The general model is used here in Part II to compute and improve: (a) the power flow feasibility margin (assessing the influence of the reactive power generation limits in the Spanish power system), (b) the contingency feasibility margin (assessing the influence of transmission and generation capacity in maintaining a correct voltage profile), (c) the load margin to voltage collapse (assessing the location and quantity of loads that must be shed in order to be far away from voltage collapse) and (d) the total transfer capability (assessing the export import pattern of electric power between different areas of the Spanish system). (author)

  2. Formulation, computation and improvement of steady state security margins in power systems. Part II: Results

    Energy Technology Data Exchange (ETDEWEB)

    Echavarren, F.M.; Lobato, E.; Rouco, L.; Gomez, T. [School of Engineering of Universidad Pontificia Comillas, C/Alberto Aguilera, 23, 28015 Madrid (Spain)

    2011-02-15

    A steady state security margin for a particular operating point can be defined as the distance from this initial point to the secure operating limits of the system. Four of the most used steady state security margins are the power flow feasibility margin, the contingency feasibility margin, the load margin to voltage collapse, and the total transfer capability between system areas. This is the second part of a two part paper. Part I has proposed a novel framework of a general model able to formulate, compute and improve any steady state security margin. In Part II the performance of the general model is validated by solving a variety of practical situations in modern real power systems. Actual examples of the Spanish power system will be used for this purpose. The same computation and improvement algorithms outlined in Part I have been applied for the four security margins considered in the study, outlining the convenience of defining a general framework valid for the four of them. The general model is used here in Part II to compute and improve: (a) the power flow feasibility margin (assessing the influence of the reactive power generation limits in the Spanish power system), (b) the contingency feasibility margin (assessing the influence of transmission and generation capacity in maintaining a correct voltage profile), (c) the load margin to voltage collapse (assessing the location and quantity of loads that must be shed in order to be far away from voltage collapse) and (d) the total transfer capability (assessing the export import pattern of electric power between different areas of the Spanish system). (author)

  3. A Novel Cloud Computing Security Model to Detect and Prevent DoS and DDoS Attack

    OpenAIRE

    Masudur Rahman; Wah Man Cheung

    2014-01-01

    Cloud computing has been considered as one of the crucial and emerging networking technology, which has been changed the architecture of computing in last few years. Despite the security concerns of protecting data or providing continuous service over cloud, many organisations are considering different types cloud services as potential solution for their business. We are researching on cloud computing security issues and potential cost effective solution for cloud service providers. In our fi...

  4. Service task partition and distribution in star topology computer grid subject to data security constraints

    Energy Technology Data Exchange (ETDEWEB)

    Xiang Yanping [Collaborative Autonomic Computing Laboratory, School of Computer Science, University of Electronic Science and Technology of China (China); Levitin, Gregory, E-mail: levitin@iec.co.il [Collaborative Autonomic Computing Laboratory, School of Computer Science, University of Electronic Science and Technology of China (China); Israel electric corporation, P. O. Box 10, Haifa 31000 (Israel)

    2011-11-15

    The paper considers grid computing systems in which the resource management systems (RMS) can divide service tasks into execution blocks (EBs) and send these blocks to different resources. In order to provide a desired level of service reliability the RMS can assign the same blocks to several independent resources for parallel execution. The data security is a crucial issue in distributed computing that affects the execution policy. By the optimal service task partition into the EBs and their distribution among resources, one can achieve the greatest possible service reliability and/or expected performance subject to data security constraints. The paper suggests an algorithm for solving this optimization problem. The algorithm is based on the universal generating function technique and on the evolutionary optimization approach. Illustrative examples are presented. - Highlights: > Grid service with star topology is considered. > An algorithm for evaluating service reliability and data security is presented. > A tradeoff between the service reliability and data security is analyzed. > A procedure for optimal service task partition and distribution is suggested.

  5. Service task partition and distribution in star topology computer grid subject to data security constraints

    International Nuclear Information System (INIS)

    Xiang Yanping; Levitin, Gregory

    2011-01-01

    The paper considers grid computing systems in which the resource management systems (RMS) can divide service tasks into execution blocks (EBs) and send these blocks to different resources. In order to provide a desired level of service reliability the RMS can assign the same blocks to several independent resources for parallel execution. The data security is a crucial issue in distributed computing that affects the execution policy. By the optimal service task partition into the EBs and their distribution among resources, one can achieve the greatest possible service reliability and/or expected performance subject to data security constraints. The paper suggests an algorithm for solving this optimization problem. The algorithm is based on the universal generating function technique and on the evolutionary optimization approach. Illustrative examples are presented. - Highlights: → Grid service with star topology is considered. → An algorithm for evaluating service reliability and data security is presented. → A tradeoff between the service reliability and data security is analyzed. → A procedure for optimal service task partition and distribution is suggested.

  6. Unconditionally stable difference methods for delay partial differential equations

    OpenAIRE

    Huang, Chengming; Vandewalle, Stefan

    2012-01-01

    This paper is concerned with the numerical solution of parabolic partial differential equations with time-delay. We focus in particular on the delay dependent stability analysis of difference methods that use a non-constrained mesh, i.e., the time step-size is not required to be a submultiple of the delay. We prove that the fully discrete system unconditionally preserves the delay dependent asymptotic stability of the linear test problem under consideration, when the following discretizati...

  7. The QUANTGRID Project (RO)—Quantum Security in GRID Computing Applications

    Science.gov (United States)

    Dima, M.; Dulea, M.; Petre, M.; Petre, C.; Mitrica, B.; Stoica, M.; Udrea, M.; Sterian, R.; Sterian, P.

    2010-01-01

    The QUANTGRID Project, financed through the National Center for Programme Management (CNMP-Romania), is the first attempt at using Quantum Crypted Communications (QCC) in large scale operations, such as GRID Computing, and conceivably in the years ahead in the banking sector and other security tight communications. In relation with the GRID activities of the Center for Computing & Communications (Nat.'l Inst. Nucl. Phys.—IFIN-HH), the Quantum Optics Lab. (Nat.'l Inst. Plasma and Lasers—INFLPR) and the Physics Dept. (University Polytechnica—UPB) the project will build a demonstrator infrastructure for this technology. The status of the project in its incipient phase is reported, featuring tests for communications in classical security mode: socket level communications under AES (Advanced Encryption Std.), both proprietary code in C++ technology. An outline of the planned undertaking of the project is communicated, highlighting its impact in quantum physics, coherent optics and information technology.

  8. 3rd International Doctoral Symposium on Applied Computation and Security Systems

    CERN Document Server

    Saeed, Khalid; Cortesi, Agostino; Chaki, Nabendu

    2017-01-01

    This book presents extended versions of papers originally presented and discussed at the 3rd International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2016) held from August 12 to 14, 2016 in Kolkata, India. The symposium was jointly organized by the AGH University of Science & Technology, Cracow, Poland; Ca’ Foscari University, Venice, Italy; and the University of Calcutta, India. The book is divided into two volumes, Volumes 3 and 4, and presents dissertation works in the areas of Image Processing, Biometrics-based Authentication, Soft Computing, Data Mining, Next-Generation Networking and Network Security, Remote Healthcare, Communications, Embedded Systems, Software Engineering and Service Engineering. The first two volumes of the book published the works presented at the ACSS 2015, which was held from May 23 to 25, 2015 in Kolkata, India.

  9. Special Issue on Entropy-Based Applied Cryptography and Enhanced Security for Ubiquitous Computing

    Directory of Open Access Journals (Sweden)

    James (Jong Hyuk Park

    2016-09-01

    Full Text Available Entropy is a basic and important concept in information theory. It is also often used as a measure of the unpredictability of a cryptographic key in cryptography research areas. Ubiquitous computing (Ubi-comp has emerged rapidly as an exciting new paradigm. In this special issue, we mainly selected and discussed papers related with ore theories based on the graph theory to solve computational problems on cryptography and security, practical technologies; applications and services for Ubi-comp including secure encryption techniques, identity and authentication; credential cloning attacks and countermeasures; switching generator with resistance against the algebraic and side channel attacks; entropy-based network anomaly detection; applied cryptography using chaos function, information hiding and watermark, secret sharing, message authentication, detection and modeling of cyber attacks with Petri Nets, and quantum flows for secret key distribution, etc.

  10. Students and Taxes: a Privacy-Preserving Study Using Secure Computation

    Directory of Open Access Journals (Sweden)

    Bogdanov Dan

    2016-07-01

    Full Text Available We describe the use of secure multi-party computation for performing a large-scale privacy-preserving statistical study on real government data. In 2015, statisticians from the Estonian Center of Applied Research (CentAR conducted a big data study to look for correlations between working during university studies and failing to graduate in time. The study was conducted by linking the database of individual tax payments from the Estonian Tax and Customs Board and the database of higher education events from the Ministry of Education and Research. Data collection, preparation and analysis were conducted using the Share-mind secure multi-party computation system that provided end-to-end cryptographic protection to the analysis. Using ten million tax records and half a million education records in the analysis, this is the largest cryptographically private statistical study ever conducted on real data.

  11. Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving distributed statistical computation.

    Science.gov (United States)

    Yigzaw, Kassaye Yitbarek; Michalas, Antonis; Bellika, Johan Gustav

    2017-01-03

    Techniques have been developed to compute statistics on distributed datasets without revealing private information except the statistical results. However, duplicate records in a distributed dataset may lead to incorrect statistical results. Therefore, to increase the accuracy of the statistical analysis of a distributed dataset, secure deduplication is an important preprocessing step. We designed a secure protocol for the deduplication of horizontally partitioned datasets with deterministic record linkage algorithms. We provided a formal security analysis of the protocol in the presence of semi-honest adversaries. The protocol was implemented and deployed across three microbiology laboratories located in Norway, and we ran experiments on the datasets in which the number of records for each laboratory varied. Experiments were also performed on simulated microbiology datasets and data custodians connected through a local area network. The security analysis demonstrated that the protocol protects the privacy of individuals and data custodians under a semi-honest adversarial model. More precisely, the protocol remains secure with the collusion of up to N - 2 corrupt data custodians. The total runtime for the protocol scales linearly with the addition of data custodians and records. One million simulated records distributed across 20 data custodians were deduplicated within 45 s. The experimental results showed that the protocol is more efficient and scalable than previous protocols for the same problem. The proposed deduplication protocol is efficient and scalable for practical uses while protecting the privacy of patients and data custodians.

  12. Metal artifact removal (MAR) analysis for the security inspections using the X-ray computed tomography

    International Nuclear Information System (INIS)

    Cho, Hyo Sung; Woo, Tae Ho; Park, Chul Kyu

    2016-01-01

    Using the metal artifact property, it is analyzed for the X-ray computed tomography (CT) in the aspect of the security on the examined places like airport and surveillance areas. Since the importance of terror prevention strategy has been increased, the security application of X-ray CT has the significant remark. One shot X-ray image has the limitation to find out the exact shape to property in the closed box, which could be solved by the CT scanning without the tearing off the box in this work. Cleaner images can be obtained by the advanced technology if the CT scanning is utilized in the security purposes on the secured areas. A metal sample is treated by the metal artifact removal (MAR) method for the enhanced image. The mimicked explosive is experimented for the imaging processing application where the cleaner one is obtained. The procedure is explained and the further study is discussed. - Highlights: • The X-ray image is used for the nuclear inspections which are made by the image processing. • Nuclear security has been performed for counterterrorism. • Easy and fast inspections are needed. • Metal shows the characteristics of the noises.

  13. A New Approach to Practical Active-Secure Two-Party Computation

    DEFF Research Database (Denmark)

    Nielsen, Jesper Buus; Nordholt, Peter Sebastian; Orlandi, Claudio

    2012-01-01

    We propose a new approach to practical two-party computation secure against an active adversary. All prior practical protocols were based on Yao’s garbled circuits. We use an OT-based approach and get efficiency via OT extension in the random oracle model. To get a practical protocol we introduce...... a number of novel techniques for relating the outputs and inputs of OTs in a larger construction....

  14. Enhancing Information Security in Cloud Computing Services using SLA based metrics

    OpenAIRE

    , Nia; Mganga, Ramadianti Putri;; Charles, Medard

    2011-01-01

    Context: Cloud computing is a prospering technology that most organizations are considering for adoption as a cost effective strategy for managing IT. However, organizations also still consider the technology to be associated with many business risks that are not yet resolved. Such issues include security, privacy as well as legal and regulatory risks. As an initiative to address such risks, organizations can develop and implement SLA to establish common expectations and goals between the clo...

  15. In Law We Trust? Trusted Computing and Legal Responsibility for Internet Security

    Science.gov (United States)

    Danidou, Yianna; Schafer, Burkhard

    This paper analyses potential legal responses and consequences to the anticipated roll out of Trusted Computing (TC). It is argued that TC constitutes such a dramatic shift in power away from users to the software providers, that it is necessary for the legal system to respond. A possible response is to mirror the shift in power by a shift in legal responsibility, creating new legal liabilities and duties for software companies as the new guardians of internet security.

  16. Dynamic Auditing Protocol for Efficient and Secure Data Storage in Cloud Computing

    OpenAIRE

    J. Noorul Ameen; J. Jamal Mohamed; N. Nilofer Begam

    2014-01-01

    Cloud computing, where the data has been stored on cloud servers and retrieved by users (data consumers) the data from cloud servers. However, there are some security challenges which are in need of independent auditing services to verify the data integrity and safety in the cloud. Until now a numerous methods has been developed for remote integrity checking whichever only serve for static archive data and cannot be implemented to the auditing service if the data in the cloud is being dynamic...

  17. Information Technology Convergence, Secure and Trust Computing, and Data Management ITCS 2012 & STA 2012

    CERN Document Server

    Kim, Jongsung; Zou, Deqing; Lee, Yang

    2012-01-01

    ITCS 2012 and STA 2012 address the various theories and practical applications of information technology convergence, secure and trust computing, and data management in future environments. It will present important results of significant value to solve the application services and various problems within the scope of ITCS 2012 & STA 2012. In addition, we expect it will trigger further related research and technology developments which will improve our lives in the future.

  18. Secure encapsulation and publication of biological services in the cloud computing environment.

    Science.gov (United States)

    Zhang, Weizhe; Wang, Xuehui; Lu, Bo; Kim, Tai-hoon

    2013-01-01

    Secure encapsulation and publication for bioinformatics software products based on web service are presented, and the basic function of biological information is realized in the cloud computing environment. In the encapsulation phase, the workflow and function of bioinformatics software are conducted, the encapsulation interfaces are designed, and the runtime interaction between users and computers is simulated. In the publication phase, the execution and management mechanisms and principles of the GRAM components are analyzed. The functions such as remote user job submission and job status query are implemented by using the GRAM components. The services of bioinformatics software are published to remote users. Finally the basic prototype system of the biological cloud is achieved.

  19. PREVENTIVE SIGNATURE MODEL FOR SECURE CLOUD DEPLOYMENT THROUGH FUZZY DATA ARRAY COMPUTATION

    Directory of Open Access Journals (Sweden)

    R. Poorvadevi

    2017-01-01

    Full Text Available Cloud computing is a resource pool which offers boundless services by the form of resources to its end users whoever heavily depends on cloud service providers. Cloud is providing the service access across the geographic locations in an efficient way. However it is offering numerous services, client end system is not having adequate methods, security policies and other protocols for using the cloud customer secret level transactions and other privacy related information. So, this proposed model brings the solution for securing the cloud user confidential data, Application deployment and also identifying the genuineness of the user by applying the scheme which is referred as fuzzy data array computation. Fuzzy data array computation provides an effective system is called signature retrieval and evaluation system through which customer’s data can be safeguarded along with their application. This signature system can be implemented on the cloud environment using the cloud sim 3.0 simulator tools. It facilitates the security operation over the data centre and cloud vendor locations in an effective manner.

  20. A Security Monitoring Method Based on Autonomic Computing for the Cloud Platform

    Directory of Open Access Journals (Sweden)

    Jingjie Zhang

    2018-01-01

    Full Text Available With the continuous development of cloud computing, cloud security has become one of the most important issues in cloud computing. For example, data stored in the cloud platform may be attacked, and its security is difficult to be guaranteed. Therefore, we must attach weight to the issue of how to protect the data stored in the cloud. To protect data, data monitoring is a necessary process. Based on autonomic computing, we develop a cloud data monitoring system on the cloud platform, monitoring whether the data is abnormal in the cycle and analyzing the security of the data according to the monitored results. In this paper, the feasibility of the scheme can be verified through simulation. The results show that the proposed method can adapt to the dynamic change of cloud platform load, and it can also accurately evaluate the degree of abnormal data. Meanwhile, by adjusting monitoring frequency automatically, it improves the accuracy and timeliness of monitoring. Furthermore, it can reduce the monitoring cost of the system in normal operation process.

  1. VCC-SSF: Service-Oriented Security Framework for Vehicular Cloud Computing

    Directory of Open Access Journals (Sweden)

    Won Min Kang

    2015-02-01

    Full Text Available Recently, as vehicle computing technology has advanced, the paradigm of the vehicle has changed from a simple means of transportation to a smart vehicle for safety and convenience. In addition, the previous functions of the Intelligent Transportation System (ITS such as traffic accident prevention and providing traffic volume information have been combined with cloud computing. ITS services provide user-oriented broad services in the Vehicular Cloud Computing (VCC environment through efficient traffic management, traffic accident prevention, and convenience services. However, existing vehicle services focus on providing services using sensing information inside the vehicle and the system to provide the service through an interface with the external infrastructure is insufficient. In addition, because wireless networks are used in VCC environments, there is a risk of important information leakage from sensors inside the vehicle, such as driver personal identification and payment information at the time of goods purchase. We propose the VCC Service-oriented Security Framework (VCC-SSF to address the limitations and security threats of VCC-based services. The proposed framework considers security for convenient and efficient services of VCC and includes new user-oriented payment management and active accident management services. Furthermore, it provides authentication, encryption, access control, confidentiality, integrity, and privacy protection for user personal information and information inside the vehicle.

  2. Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques

    Science.gov (United States)

    Bhadauria, Rohit; Sanyal, Sugata

    2012-06-01

    Cloud Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet for lightweight portable devices. This would allow multi-fold increase in the capacity or capabilities of the existing and new software. In a cloud computing environment, the entire data reside over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data-centers may lie in any corner of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and taken care of. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be dealt with respect to security and privacy in a cloud computing scenario. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the cloud computing adoption and diffusion affecting the various stake-holders linked to it.

  3. Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

    National Research Council Canada - National Science Library

    Whalen, Timothy

    2001-01-01

    .... As such, our ability to ensure the security of those systems is also increasing in import. Traditional information security measures tend to be system-oriented and often fail to address the human element that is critical to system success...

  4. Security Scenario Generator (SecGen): A Framework for Generating Randomly Vulnerable Rich-scenario VMs for Learning Computer Security and Hosting CTF Events

    OpenAIRE

    Schreuders, ZC; Shaw, T; Shan-A-Khuda, M; Ravichandran, G; Keighley, J; Ordean, M

    2017-01-01

    Computer security students benefit from hands-on experience applying security tools and techniques to attack and defend vulnerable systems. Virtual machines (VMs) provide an effective way of sharing targets for hacking. However, developing these hacking challenges is time consuming, and once created, essentially static. That is, once the challenge has been "solved" there is no remaining challenge for the student, and if the challenge is created for a competition or assessment, the challenge c...

  5. Physical and data-link security techniques for future communication systems

    CERN Document Server

    Tomasin, Stefano

    2016-01-01

     This book focuses on techniques that can be applied at the physical and data-link layers of communication systems in order to secure transmissions against eavesdroppers. Topics ranging from information theory-based security to coding for security and cryptography are discussed, with presentation of cutting-edge research and innovative results from leading researchers. The characteristic feature of all the contributions is their relevance for practical embodiments: detailed consideration is given to applications of security principles to a variety of widely used communication techniques such as multiantenna systems, ultra-wide band communication systems, power line communications, and quantum key distribution techniques. A further distinctive aspect is the attention paid to both unconditional and computational security techniques, providing a bridge between two usually distinct worlds. The book comprises extended versions of contributions delivered at the Workshop on Communication Security, held in Ancona, I...

  6. Proceedings from the conference on high speed computing: High speed computing and national security

    Energy Technology Data Exchange (ETDEWEB)

    Hirons, K.P.; Vigil, M.; Carlson, R. [comps.

    1997-07-01

    This meeting covered the following topics: technologies/national needs/policies: past, present and future; information warfare; crisis management/massive data systems; risk assessment/vulnerabilities; Internet law/privacy and rights of society; challenges to effective ASCI programmatic use of 100 TFLOPs systems; and new computing technologies.

  7. Secure and robust cloud computing for high-throughput forensic microsatellite sequence analysis and databasing.

    Science.gov (United States)

    Bailey, Sarah F; Scheible, Melissa K; Williams, Christopher; Silva, Deborah S B S; Hoggan, Marina; Eichman, Christopher; Faith, Seth A

    2017-11-01

    Next-generation Sequencing (NGS) is a rapidly evolving technology with demonstrated benefits for forensic genetic applications, and the strategies to analyze and manage the massive NGS datasets are currently in development. Here, the computing, data storage, connectivity, and security resources of the Cloud were evaluated as a model for forensic laboratory systems that produce NGS data. A complete front-to-end Cloud system was developed to upload, process, and interpret raw NGS data using a web browser dashboard. The system was extensible, demonstrating analysis capabilities of autosomal and Y-STRs from a variety of NGS instrumentation (Illumina MiniSeq and MiSeq, and Oxford Nanopore MinION). NGS data for STRs were concordant with standard reference materials previously characterized with capillary electrophoresis and Sanger sequencing. The computing power of the Cloud was implemented with on-demand auto-scaling to allow multiple file analysis in tandem. The system was designed to store resulting data in a relational database, amenable to downstream sample interpretations and databasing applications following the most recent guidelines in nomenclature for sequenced alleles. Lastly, a multi-layered Cloud security architecture was tested and showed that industry standards for securing data and computing resources were readily applied to the NGS system without disadvantageous effects for bioinformatic analysis, connectivity or data storage/retrieval. The results of this study demonstrate the feasibility of using Cloud-based systems for secured NGS data analysis, storage, databasing, and multi-user distributed connectivity. Copyright © 2017 Elsevier B.V. All rights reserved.

  8. Security and health protection while working with a computer. Survey into the knowledge of users about legal and other requirements.

    OpenAIRE

    Šmejkalová, Petra

    2005-01-01

    This bachelor thesis is aimed at the knowledge of general computer users with regards to work security and health protection. It summarizes the relevant legislation and recommendations of ergonomic specialists. The practical part analyses results of a survey, which examined the computer workplaces and user habits when working with a computer.

  9. Framework for generating expert systems to perform computer security risk analysis

    International Nuclear Information System (INIS)

    Smith, S.T.; Lim, J.J.

    1985-01-01

    At Los Alamos we are developing a framework to generate knowledge-based expert systems for performing automated risk analyses upon a subject system. The expert system is a computer program that models experts' knowledge about a topic, including facts, assumptions, insights, and decision rationale. The subject system, defined as the collection of information, procedures, devices, and real property upon which the risk analysis is to be performed, is a member of the class of systems that have three identifying characteristics: a set of desirable assets (or targets), a set of adversaries (or threats) desiring to obtain or to do harm to the assets, and a set of protective mechanisms to safeguard the assets from the adversaries. Risk analysis evaluates both vulnerability to and the impact of successful threats against the targets by determining the overall effectiveness of the subject system safeguards, identifying vulnerabilities in that set of safeguards, and determining cost-effective improvements to the safeguards. As a testbed, we evaluate the inherent vulnerabilities and risks in a system of computer security safeguards. The method considers safeguards protecting four generic targets (physical plant of the computer installation, its hardware, its software, and its documents and displays) against three generic threats (natural hazards, direct human actions requiring the presence of the adversary, and indirect human actions wherein the adversary is not on the premises-perhaps using such access tools as wiretaps, dialup lines, and so forth). Our automated procedure to assess the effectiveness of computer security safeguards differs from traditional risk analysis methods

  10. Information security management handbook

    CERN Document Server

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  11. Comment on ''Secure multiparty computation with a dishonest majority via quantum means''

    Energy Technology Data Exchange (ETDEWEB)

    Li Yanbing [State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876 (China); Beijing Electronic Science and Technology Institute, Beijing 100070 (China); Wen Qiaoyan; Qin Sujuan [State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876 (China)

    2011-07-15

    In a recent paper [K. Loukopoulos and D. E. Browne, Phys. Rev. A 81, 062336 (2010)], five schemes for secure multiparty computation utilizing the Greenberger-Horne-Zeilinger (GHZ) quantum correlation were presented, which were claimed to be secure in some kinds of security models. However, this study points out that schemes C and D2 could be attacked by corrupted parties replacing photon and exchanging classical information.

  12. An Intelligent and Secure Health Monitoring Scheme Using IoT Sensor Based on Cloud Computing

    Directory of Open Access Journals (Sweden)

    Jin-Xin Hu

    2017-01-01

    Full Text Available Internet of Things (IoT is the network of physical objects where information and communication technology connect multiple embedded devices to the Internet for collecting and exchanging data. An important advancement is the ability to connect such devices to large resource pools such as cloud. The integration of embedded devices and cloud servers offers wide applicability of IoT to many areas of our life. With the aging population increasing every day, embedded devices with cloud server can provide the elderly with more flexible service without the need to visit hospitals. Despite the advantages of the sensor-cloud model, it still has various security threats. Therefore, the design and integration of security issues, like authentication and data confidentiality for ensuring the elderly’s privacy, need to be taken into consideration. In this paper, an intelligent and secure health monitoring scheme using IoT sensor based on cloud computing and cryptography is proposed. The proposed scheme achieves authentication and provides essential security requirements.

  13. CERTIFICATE REVOCATION SCHEME BASED ON WEIGHTED VOTING GAME AND RATIONAL SECURE MULTIPARTY COMPUTING

    Directory of Open Access Journals (Sweden)

    N Aravinthan

    2017-03-01

    Full Text Available The Mobile Adhoc Network consists of deployed mobile nodes which lead to the frequent changes in network topology. Due to topology changes, required infrastructure is unavailable for communication. Moreover, malicious nodes present in MANET make use of this modification and can easily launch highly vulnerable attacks on the routing path of the network. Hence, Security issue such as removing misbehaving nodes is the primary issue in MANET. Effective certificate revocation scheme was introduced to identify and eliminate the node with malicious activities in the network based on the weighted voting game (ECR-WVG approach. In this approach, weights and quota were two factors, determined for an effective revocation of malicious nodes certificates. However, security during multiparty transmission was not taken into account in ECR-WVG. In Effective Certificate Revocation Scheme based on Weighted Voting Game and Rational Secure Multi-Party Computing (ECR-WVG-RSMPC method, rational secret sharing scheme is introduced along with ECR-WVG approach for securing multiparty transmission. Performance evaluation can be done between ECR-WVG and ECR-WVG-RSMPC in terms of false revocation, malicious node revocation, normalized time for revocation and revocation accuracy ratio.

  14. A Modified AH-FDTD Unconditionally Stable Method Based on High-Order Algorithm

    Directory of Open Access Journals (Sweden)

    Zheng Pan

    2017-01-01

    Full Text Available The unconditionally stable method, Associated-Hermite FDTD, has attracted more and more attentions in computational electromagnetic for its time-frequency compact property. Because of the fewer orders of AH basis needed in signal reconstruction, the computational efficiency can be improved further. In order to further improve the accuracy of the traditional AH-FDTD, a high-order algorithm is introduced. Using this method, the dispersion error induced by the space grid can be reduced, which makes it possible to set coarser grid. The simulation results show that, on the condition of coarse grid, the waveforms obtained from the proposed method are matched well with the analytic result, and the accuracy of the proposed method is higher than the traditional AH-FDTD. And the efficiency of the proposed method is higher than the traditional FDTD method in analysing 2D waveguide problems with fine-structure.

  15. Autonomous Micro-Modular Mobile Data Center Cloud Computing Study for Modeling, Simulation, Information Processing and Cyber-Security Viability

    Data.gov (United States)

    National Aeronautics and Space Administration — Cloud computing environments offer opportunities for malicious users to penetrate security layers and damage, destroy or steal data. This ability can be exploited to...

  16. Unconditional cash transfers for clinical and economic outcomes among HIV-affected Ugandan households: a bayesian randomised trial.

    Science.gov (United States)

    Mills, Edward J; Adhvaryu, Achyuta; Jakiela, Pamela; Birungi, Josephine; Okoboi, Stephen; Chimulwa, Teddy; Wangisi, Jonathan; Achilla, Tina; Popoff, Evan; Golchi, Shirin; Karlan, Dean

    2018-05-28

    HIV infection has profound clinical and economic costs at the household level. This is particularly important in low-income settings, where access to additional sources of income or loans may be limited. While several microfinance interventions have been proposed, unconditional cash grants, a strategy to allow participants to choose how to use finances that may improve household security and health, has not previously been evaluated. We examined the effect of an unconditional cash transfer to HIV-infected individuals using a 2 x 2 factorial randomised trial in two rural districts in Uganda. Our primary outcomes were changes in CD4 cell count, sexual behaviors, and adherence to ART. Secondary outcomes were changes in household food security and adult mental health. We applied a Bayesian approach for our primary analysis. We randomized 2170 patients as participatants, with 1081 receiving a cash grant. We found no important intervention effects on CD4 t-cell counts between groups (mean difference [MD] 35.48, 95% Credible Interval [CrI] -59.9-1131.6), food security (odds ratio [OR] 1.22, 95% CrI: 0.47, 3.02), medication adherence (OR 3.15, 95% CrI: 0.58, 18.15), or sexual behavior (OR 0.45 95% CrI: 0.12, 1.55), or health expenditure in the previous 3 weeks (Mean Difference $2.65, 95% CrI: -9.30, 15.69). In secondary analysis, we detected an effect of mental planning on CD4 change between groups (104.2 cells, 9% CrI: 5.99, 202.16). We did not have data on viral load outcomes. Although all outcomes were associated with favorable point estimates, our trial did not demonstrate important effects of unconditional cash grants on health outcomes.

  17. Quantum Teamwork for Unconditional Multiparty Communication with Gaussian States

    Science.gov (United States)

    Zhang, Jing; Adesso, Gerardo; Xie, Changde; Peng, Kunchi

    2009-08-01

    We demonstrate the capability of continuous variable Gaussian states to communicate multipartite quantum information. A quantum teamwork protocol is presented according to which an arbitrary possibly entangled multimode state can be faithfully teleported between two teams each comprising many cooperative users. We prove that N-mode Gaussian weighted graph states exist for arbitrary N that enable unconditional quantum teamwork implementations for any arrangement of the teams. These perfect continuous variable maximally multipartite entangled resources are typical among pure Gaussian states and are unaffected by the entanglement frustration occurring in multiqubit states.

  18. An Unconditionally Stable Method for Solving the Acoustic Wave Equation

    Directory of Open Access Journals (Sweden)

    Zhi-Kai Fu

    2015-01-01

    Full Text Available An unconditionally stable method for solving the time-domain acoustic wave equation using Associated Hermit orthogonal functions is proposed. The second-order time derivatives in acoustic wave equation are expanded by these orthogonal basis functions. By applying Galerkin temporal testing procedure, the time variable can be eliminated from the calculations. The restriction of Courant-Friedrichs-Levy (CFL condition in selecting time step for analyzing thin layer can be avoided. Numerical results show the accuracy and the efficiency of the proposed method.

  19. Design, implementation and security of a typical educational laboratory computer network

    Directory of Open Access Journals (Sweden)

    Martin Pokorný

    2013-01-01

    Full Text Available Computer network used for laboratory training and for different types of network and security experiments represents a special environment where hazardous activities take place, which may not affect any production system or network. It is common that students need to have administrator privileges in this case which makes the overall security and maintenance of such a network a difficult task. We present our solution which has proved its usability for more than three years. First of all, four user requirements on the laboratory network are defined (access to educational network devices, to laboratory services, to the Internet, and administrator privileges of the end hosts, and four essential security rules are stipulated (enforceable end host security, controlled network access, level of network access according to the user privilege level, and rules for hazardous experiments, which protect the rest of the laboratory infrastructure as well as the outer university network and the Internet. The main part of the paper is dedicated to a design and implementation of these usability and security rules. We present a physical diagram of a typical laboratory network based on multiple circuits connecting end hosts to different networks, and a layout of rack devices. After that, a topological diagram of the network is described which is based on different VLANs and port-based access control using the IEEE 802.1x/EAP-TLS/RADIUS authentication to achieve defined level of network access. In the second part of the paper, the latest innovation of our network is presented that covers a transition to the system virtualization at the end host devices – inspiration came from a similar solution deployed at the Department of Telecommunications at Brno University of Technology. This improvement enables a greater flexibility in the end hosts maintenance and a simultaneous network access to the educational devices as well as to the Internet. In the end, a vision of a

  20. Secure Scientific Applications Scheduling Technique for Cloud Computing Environment Using Global League Championship Algorithm

    Science.gov (United States)

    Abdulhamid, Shafi’i Muhammad; Abd Latiff, Muhammad Shafie; Abdul-Salaam, Gaddafi; Hussain Madni, Syed Hamid

    2016-01-01

    Cloud computing system is a huge cluster of interconnected servers residing in a datacenter and dynamically provisioned to clients on-demand via a front-end interface. Scientific applications scheduling in the cloud computing environment is identified as NP-hard problem due to the dynamic nature of heterogeneous resources. Recently, a number of metaheuristics optimization schemes have been applied to address the challenges of applications scheduling in the cloud system, without much emphasis on the issue of secure global scheduling. In this paper, scientific applications scheduling techniques using the Global League Championship Algorithm (GBLCA) optimization technique is first presented for global task scheduling in the cloud environment. The experiment is carried out using CloudSim simulator. The experimental results show that, the proposed GBLCA technique produced remarkable performance improvement rate on the makespan that ranges between 14.44% to 46.41%. It also shows significant reduction in the time taken to securely schedule applications as parametrically measured in terms of the response time. In view of the experimental results, the proposed technique provides better-quality scheduling solution that is suitable for scientific applications task execution in the Cloud Computing environment than the MinMin, MaxMin, Genetic Algorithm (GA) and Ant Colony Optimization (ACO) scheduling techniques. PMID:27384239