Sample records for secure distributed applications

  1. Application distribution model and related security attacks in VANET

    NASA Astrophysics Data System (ADS)

    Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

    2013-03-01

    In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

  2. Secure Distributed Data-Mining and Its Application to Large-Scale Network Measurements

    E-print Network

    Roughan, Matthew

    Secure Distributed Data-Mining and Its Application to Large-Scale Network Measurements Matthew Secure Distributed Data-mining, Secure Distributed Summation, Network Measurement, Network Management 1-Communications Networks]: Network Opera- tions--network monitoring, network management; H.2.8 [Database Management

  3. An Immunological Model of Distributed Detection and Its Application to Computer Security

    E-print Network

    Forrest, Stephanie

    An Immunological Model of Distributed Detection and Its Application to Computer Security By Steven vii #12;#12;An Immunological Model of Distributed Detection and Its Application to Computer Security By Steven Andrew Hofmeyr Doctor of Philosophy Computer Science May 1999 #12;#12;An Immunological Model

  4. Application Distribution Model and Related Security Attacks in Navid Nikaein, Soumya Kanti Datta, Irshad Marecar, Christian Bonnet

    E-print Network

    Gesbert, David

    Application Distribution Model and Related Security Attacks in VANET Navid Nikaein, Soumya Kanti distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack

  5. Security of Quantum Key Distribution

    E-print Network

    Renato Renner

    2006-01-11

    We propose various new techniques in quantum information theory, including a de Finetti style representation theorem for finite symmetric quantum states. As an application, we give a proof for the security of quantum key distribution which applies to arbitrary protocols.

  6. An access control model with high security for distributed workflow and real-time application

    NASA Astrophysics Data System (ADS)

    Han, Ruo-Fei; Wang, Hou-Xiang

    2007-11-01

    The traditional mandatory access control policy (MAC) is regarded as a policy with strict regulation and poor flexibility. The security policy of MAC is so compelling that few information systems would adopt it at the cost of facility, except some particular cases with high security requirement as military or government application. However, with the increasing requirement for flexibility, even some access control systems in military application have switched to role-based access control (RBAC) which is well known as flexible. Though RBAC can meet the demands for flexibility but it is weak in dynamic authorization and consequently can not fit well in the workflow management systems. The task-role-based access control (T-RBAC) is then introduced to solve the problem. It combines both the advantages of RBAC and task-based access control (TBAC) which uses task to manage permissions dynamically. To satisfy the requirement of system which is distributed, well defined with workflow process and critically for time accuracy, this paper will analyze the spirit of MAC, introduce it into the improved T&RBAC model which is based on T-RBAC. At last, a conceptual task-role-based access control model with high security for distributed workflow and real-time application (A_T&RBAC) is built, and its performance is simply analyzed.

  7. Application Security Models for Mobile Agent Systems

    Microsoft Academic Search

    J. Todd Mcdonald; Alec Yasinsac

    2006-01-01

    Mobile agents are a distributed computing paradigm based on mobile autonomous programs. Mobile applications must balance security requirements with available security mechanisms in order to meet application level security goals. We introduce a trust framework to reason about application security requirements, trust expression, and agent protection mechanisms. We develop application security models that capture initial trust relationships and consider their

  8. Coupling Lemma and Its Application to The Security Analysis of Quantum Key Distribution

    E-print Network

    Kentaro Kato

    2015-05-23

    It is known that the coupling lemma provides a useful tool in the study of probability theory and its related areas. It describes the relation between the variational distance of two probability distributions and the probability that outcomes from the two random experiments associated with each distribution are not identical. In this paper, the failure probability interpretation problem that has been presented by Yuen and Hirota is discussed from the viewpoint of the application of the coupling lemma. First, we introduce the coupling lemma, and investigate properties of it. Next, it is shown that the claims for this problem in the literatures are justified by using the coupling lemma. Consequently, we see that the failure probability interpretation is not adequate in the security analysis of quantum key distribution.

  9. Web application security engineering

    Microsoft Academic Search

    J. D. Meier

    2006-01-01

    Integrating security throughout the life cycle can improve overall Web application security. With a detailed review of the steps involved in applying security-specific activities throughout the software development life cycle, the author walks practitioners through effective, efficient application design, development, and testing. With this article, the author shares a way to improve Web application security by integrating security throughout the

  10. A smart card-based secure software distribution scheme for mobile application market

    Microsoft Academic Search

    Ya-Jun Fan; Qiao-Yan Wen

    2012-01-01

    Nowadays, with the rapid development of the wireless mobile networks and the related technologies, the range of interpersonal collaboration and communication has been expanded to almost all corners of the world. And the applications in the mobile application markets greatly enrich the functions of mobile devices in wireless mobile networks. In general, the applications with collaborative functions require the secure

  11. Secure Distributed Human Computation

    Microsoft Academic Search

    Craig Gentry; Zulfikar Ramzan; Stuart G. Stubblebine

    2005-01-01

    This paper is a preliminary exploration of secure distributed computation. We consider the general paradigm of using large-scale distributed computation to solve difficult problems, but where humans can act as agents and provide candidate solutions. We are especially motivated by problem classes that appear to be difficult for computers to solve effectively, but are easier for humans; e.g., image analysis,

  12. Secure distributed human computation

    Microsoft Academic Search

    Craig Gentry; Zulfikar Ramzan; Stuart Stubblebine

    2005-01-01

    This paper is a preliminary exploration of secure distributed human computation. We consider the general paradigm of using large-scale distributed computation to solve difficult problems, but where humans can act as agents and provide candidate solutions. We are especially motivated by problem classes that appear to be difficult for computers to solve effectively, but are easier for humans; e.g., image

  13. Secure Distributed Human Computation

    Microsoft Academic Search

    Craig Gentry; Zulfikar Ramzan; Stuart G. Stubblebine

    2006-01-01

    Abstract. This paper introduces a line of research on secure distributed human,computation. We consider the general paradigm of using large-scale distributed computation to solve di?cult problems, but where humans,can act as agents and provide candidate solutions. We are especially motivated by problem classes that appear to be di?cult for computers to solve efiectively, but are easier for humans to solve;

  14. Android Applications Security

    Microsoft Academic Search

    Paul POCATILU

    2011-01-01

    The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how

  15. End-to-End Web Application Security

    Microsoft Academic Search

    Úlfar Erlingsson; V. Benjamin Livshits; Yinglian Xie

    2007-01-01

    Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-to- end argument that the client and server must collaborate to achieve security goals, to eliminate common security exploits, and to secure the emerging class of rich, cross- domain Web applications referred to as Web 2.0. In order to support end-to-end

  16. Application commerce: Security challenges and workflows

    Microsoft Academic Search

    Vijay Anand; Jafar Saniie; Erdal Oruklu

    2011-01-01

    Application commerce refers to the economics related to the creation and distribution of software applications to the users of a computing platform. The need for a security infrastructure by the Application Programming Interface (API) makers for application commerce is necessitated by i) user privacy and trust concerns for the application, ii) the warranty concerns of the application maker, iii) the

  17. Application Security Automation

    ERIC Educational Resources Information Center

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  18. Distributed Internet Security and Measurement

    E-print Network

    Forrest, Stephanie

    #12;Distributed Internet Security and Measurement by Josh Karlin B.A., Computer Science and Mathematics, Hendrix College, 2002 DISSERTATION Submitted in Partial Fulfillment of the Requirements Internet Security and Measurement by Josh Karlin ABSTRACT OF DISSERTATION Submitted in Partial Fulfillment

  19. Secure Quantum Key Distribution

    E-print Network

    Hoi-Kwong Lo; Marcos Curty; Kiyoshi Tamaki

    2015-05-20

    Secure communication plays a crucial role in the Internet Age. Quantum mechanics may revolutionise cryptography as we know it today. In this Review Article, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After a brief introduction to recent experimental progress and challenges, we survey the latest developments in quantum hacking and counter-measures against it.

  20. Web application security White paper

    E-print Network

    . The purpose of this paper is to compare these two methods. Evolving testing techniques Manual security security: automated scanning versus manual penetration testing. Page 2 #12;Web application security: automated scanning versus manual penetration testing. Page 3 security problems. In the late 1990s, companies

  1. Information SecurityInformation Security--Applications andApplications and

    E-print Network

    Ahmed, Farid

    Information SecurityInformation Security-- Applications andApplications and Techniques about? InformationInformation SecuritySecurity Information SecurityInformation Security What?What? Why of Information SecuritySecurity Network SecurityNetwork Security PGP, SSL,PGP, SSL, IPsecIPsec Data Security

  2. Design and applications of a secure and decentralized Distributed Hash Table

    E-print Network

    Lesniewski-Laas, Christopher T. (Christopher Tur), 1980-

    2011-01-01

    Distributed Hash Tables (DHTs) are a powerful building block for highly scalable decentralized systems. They route requests over a structured overlay network to the node responsible for a given key. DHTs are subject to the ...

  3. Quantum key distribution with delayed privacy amplification and its application to the security proof of a two-way deterministic protocol

    NASA Astrophysics Data System (ADS)

    Fung, Chi-Hang Fred; Ma, Xiongfeng; Chau, H. F.; Cai, Qing-Yu

    2012-03-01

    Privacy amplification (PA) is an essential postprocessing step in quantum key distribution (QKD) for removing any information an eavesdropper may have on the final secret key. In this paper, we consider delaying PA of the final key after its use in one-time pad encryption and prove its security. We prove that the security and the key generation rate are not affected by delaying PA. Delaying PA has two applications: it serves as a tool for significantly simplifying the security proof of QKD with a two-way quantum channel, and also it is useful in QKD networks with trusted relays. To illustrate the power of the delayed PA idea, we use it to prove the security of a qubit-based two-way deterministic QKD protocol which uses four states and four encoding operations.

  4. Web application security assessment tools

    Microsoft Academic Search

    Mark Curphey; Rudolph Arawo

    2006-01-01

    Security testing a Web application or Web site requires careful thought and planning due to both tool and industry immaturity. Finding the right tools involves several steps, including analyzing the development environment and process, business needs, and the Web application's complexity. Here, we describe the different technology types for analyzing Web applications and Web services for security vulnerabilities, along with

  5. Secure Architectures for Mobile Applications

    Microsoft Academic Search

    Cristian TOMA

    2007-01-01

    The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

  6. The Digital Distributed System Security Architecture

    Microsoft Academic Search

    Andy Goldstein; Butler Lampson; Charlie Kaufman; Morrie Gasser

    1989-01-01

    The Digital Distributed System Security Architecture is a comprehensive specification for security in a distributed system that employs state-of-the-art concepts to address the needs of both commercial and government environments. The architecture covers user and system authentication, mandatory and discretionary security, secure initialization and loading, and delegation in a general-purpose computing environment of heterogeneous systems where there are no central

  7. Security and Privacy for Distributed Multimedia Sensor Networks

    Microsoft Academic Search

    Deepa Kundur; William Luh; Unoma Ndili Okorafor; Takis Zourntos

    2008-01-01

    There is a critical need to provide privacy and security assurances for distributed multimedia sensor networking in applications including military surveillance and healthcare monitoring. Such guarantees enable the widespread adoption of such information systems, leading to large-scale societal benefit. To effectively address protection and reliability issues, secure communications and processing must be considered from system inception. Due to the emerging

  8. Web application security management White paper

    E-print Network

    Web application security management White paper January 2008 Understanding Web application security Web applications, these com- plex entities grow more difficult to secure. Most companies equip their Web sites with firewalls, Secure Sockets Layer (SSL), and network and host security, but the majority

  9. Application Instructions for: Cyber Security Fundamentals Certificate

    E-print Network

    Application Instructions for: Cyber Security Fundamentals Certificate Naval Postgraduate School Center for Information Systems Security Studies and Research (CISR) Monterey, CA 93943 cyber@nps.edu #12;Cyber Security Fundamentals Certificate - Online Application Instructions 1. Go to https

  10. Architectural Patterns for Enabling Application Security

    Microsoft Academic Search

    Joseph Yoder

    1997-01-01

    Making an application secure is much harder than just adding a password protected login screen. Thispaper contains a collection of patterns to be used when dealing with application security. Secure AccessLayer provides an interface for applications to use the security of the systems on which they are built.Single Access Point limits entry into the application through one single point. Check

  11. Architectural Patterns for Enabling Application Security

    Microsoft Academic Search

    Joseph Yoder; Jeffrey Barcalow

    1998-01-01

    Making an application secure is much harder than just adding a password protected login screen. This paper contains a collection of patterns to be used when dealing with application security. Secure Access Layer provides an interface for applications to use the security of the systems on which they are built. Single Access Point limits entry into the application through one

  12. Advancing Assurance for Secure Distributed Communications

    Microsoft Academic Search

    Giampaolo Bella; Stefano Bistarelli

    2002-01-01

    Securing distributed communications from ma- licious tampering is of capital importance. There exist a number of techniques addressing this issue but, to the best of our knowledge, an account for what Information Assur- ance means in this context is currently unavailable. A no- tion is advanced in this paper reducing Information Assur- ance for secure distributed communications to a threefold

  13. INSTITUTE FOR CYBER SECURITY Application-Centric Security Models

    E-print Network

    Sandhu, Ravi

    INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio July 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu #12;INSTITUTE FOR CYBER SECURITY Dr. Robert W. Gracy Vice President

  14. SOCIAL SECURITY ADMINISTRATION Application for a Social Security Card

    E-print Network

    Li, Mo

    /ethnic background. We use this information for statistical reports on how Social Security programs affect people. We Security number before), you must show us proof of : AGE, IDENTITY, and U.S. CITIZENSHIP or LAWFUL ALIENSOCIAL SECURITY ADMINISTRATION Application for a Social Security Card Applying for a Social

  15. Providing Secure Environments for Untrusted Network Applications

    E-print Network

    Lee, Ruby B.

    Providing Secure Environments for Untrusted Network Applications ----With Case Studies using Workstation is a suitable platform to provide a secure environment that can contain most existing network from doing business on the Internet. Various network security solutions provide different protection

  16. Helping Developers Construct Secure Mobile Applications

    E-print Network

    Chin, Erika Michelle

    2013-01-01

    on Cyber Security Experimentation and Test, 2011. [62] D.requirements. If a test case throws a security exceptiontest their applications, false positives would likely be relatively harmless. This approach achieves full compatibility, but security

  17. Integrating security in a group oriented distributed system

    NASA Technical Reports Server (NTRS)

    Reiter, Michael; Birman, Kenneth; Gong, LI

    1992-01-01

    A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

  18. Security seal. [Patent application

    DOEpatents

    Gobeli, G.W.

    1981-11-17

    Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to fingerprints are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

  19. Homeland Security and Defense Applications

    SciTech Connect

    None

    2014-11-06

    Homeland Security and Defense Applications personnel are the best in the world at detecting and locating dirty bombs, loose nukes, and other radiological sources. The site trains the Nation's emergency responders, who would be among the first to confront a radiological or nuclear emergency. Homeland Security and Defense Applications highly training personnel, characterize the threat environment, produce specialized radiological nuclear detection equipment, train personnel on the equipment and its uses, test and evaluate the equipment, and develop different kinds of high-tech equipment to defeat terrorists. In New York City for example, NNSS scientists assisted in characterizing the radiological nuclear environment after 9/11, and produced specialized radiological nuclear equipment to assist local officials in their Homeland Security efforts.

  20. Homeland Security and Defense Applications

    ScienceCinema

    None

    2015-01-09

    Homeland Security and Defense Applications personnel are the best in the world at detecting and locating dirty bombs, loose nukes, and other radiological sources. The site trains the Nation's emergency responders, who would be among the first to confront a radiological or nuclear emergency. Homeland Security and Defense Applications highly training personnel, characterize the threat environment, produce specialized radiological nuclear detection equipment, train personnel on the equipment and its uses, test and evaluate the equipment, and develop different kinds of high-tech equipment to defeat terrorists. In New York City for example, NNSS scientists assisted in characterizing the radiological nuclear environment after 9/11, and produced specialized radiological nuclear equipment to assist local officials in their Homeland Security efforts.

  1. Security bounds for efficient decoy-state quantum key distribution

    E-print Network

    Marco Lucamarini; James F. Dynes; Bernd Fröhlich; Zhiliang Yuan; Andrew J. Shields

    2015-03-25

    Information-theoretical security of quantum key distribution (QKD) has been convincingly proven in recent years and remarkable experiments have shown the potential of QKD for real world applications. Due to its unique capability of combining high key rate and security in a realistic finite-size scenario, the efficient version of the BB84 QKD protocol endowed with decoy states has been subject of intensive research. Its recent experimental implementation finally demonstrated a secure key rate beyond 1 Mbps over a 50 km optical fiber. However the achieved rate holds under the restrictive assumption that the eavesdropper performs collective attacks. Here, we review the protocol and generalize its security. We exploit a map by Ahrens to rigorously upper bound the Hypergeometric distribution resulting from a general eavesdropping. Despite the extended applicability of the new protocol, its key rate is only marginally smaller than its predecessor in all cases of practical interest.

  2. Journal: Computer Networks Title: Securing Distributed Adaptation

    E-print Network

    California at Los Angeles, University of

    14419 Califa St, Apt 1 Van Nuys, CA 91401, USA #12;` 1 Securing Distributed Adaptation Jun Li Mark be contacted at {lijun, yarvis, reiher}@cs.ucla.edu. #12;` 2 could be used by attackers to damage or destroy

  3. Mobile Security for Internet Applications

    Microsoft Academic Search

    Roger Kehr; Joachim Posegga; Roland Schmitz; Peter Windirsch

    2001-01-01

    The WebSIM is a technology for interfacing GSM SIMs with the Internet, by implementing a Web server inside a SIM. This paper discusses how this technology can be used for securing services over the Internet and describes several concrete application scenarios.

  4. Security Framework for Mobile Applications

    Microsoft Academic Search

    Nicolai Munk Petersen; Deborah Estrin

    2008-01-01

    In this paper we describe a Kerberos and Public Private key enabled security system. The system is tailored to be used with pervasive, widely available, and mobile sensor devices such as cell phones. Third-party applications can access the data using a simplistic access control schema. The system has build-in support for single-sign on and easy application front-end integration.

  5. Distributed Orchestration of Web Services under Security Constraints

    E-print Network

    Paris-Sud XI, Université de

    Distributed Orchestration of Web Services under Security Constraints Tigran Avanesov1 , Yannick industry and academia. Keywords: Web services, automatic composition, security, distributed orchestration to describe, especially if some security constraints are to be respected. Mainly two approaches to Web service

  6. Specifying Secure Mobile Applications

    Microsoft Academic Search

    Andrew Phillips; Susan Eisenbach; Bashar Nuseibeh; Nobuko Yoshida

    Ambient calculi are a promising formalism for specifying mo- bile computation, which benefit from a range of analysis techniques. How- ever, Ambient calculi have been designed mostly as minimal models for mobility, rather than as specification languages for mobile applications. This paper describes a variant of Ambients, the Channel Ambient calcu- lus, which is designed to be at a level

  7. Application Instructions for: Cyber Security Defense Certificate

    E-print Network

    Application Instructions for: Cyber Security Defense Certificate Naval Postgraduate School Center for Information Systems Security Studies and Research (CISR) Monterey, CA 93943 cyber@nps.edu #12;Cyber Security ­ Cyber Security Defense iv. Academic Year/ Quarter: SELECT THE FOLLOWING START DATE: a. Quarter 3 Start

  8. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    SciTech Connect

    Not Available

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  9. Network and Application Security in Mobile e-Health Applications

    Microsoft Academic Search

    Ramon Martí; Jaime Delgado; Xavier Perramon

    2004-01-01

    \\u000a Different IT applications require different network and application security services. We have been working in the area of\\u000a e-health applications in mobile environments, and we have needed to integrate security services therein. This paper presents\\u000a a specification of such network and application security services for mobile e-health applications and how we have implemented\\u000a them. First, various security threats specific of e-health

  10. Scalability, Security Technologies and Mobile Applications

    Microsoft Academic Search

    Larry Korba; Ronggong Song

    2004-01-01

    \\u000a Multi-agent applications are expected to take an important role in the future of e-business applications. However, security\\u000a for multi-agent applications has become a critical issue. Unfortunately, effective security technologies often tend to require\\u000a considerable computational and network resources, leading to scalability issues. Thus, scalability of the security technologies\\u000a is a vital issue when developing practical agent-based applications. In this paper,

  11. Virtual Cyber-Security Testing Capability for Large Scale Distributed Information Infrastructure Protection

    Microsoft Academic Search

    Perry Pederson; D. Lee; Guoqiang Shu; Dongluo Chen; Zhijun Liu; Na Li; Lifeng Sang

    2008-01-01

    Security, reliability and interoperability are indispensable in today's distributed heterogeneous information infrastructure. For government and military applications, it is crucial to conduct effective and efficient testing of security properties for newly developed systems, which are to be integrated into existing information system. Yet little progress has been made in the technology advancement of rigorous and automated security testing. In this

  12. DASR: Distributed Anonymous Secure Routing with Good Scalability for Mobile Ad Hoc Networks

    Microsoft Academic Search

    Lanjun Dang; Jie Xu; Hui Li; Nan Dang

    2010-01-01

    Security, anonymity, and scalability are important issues for mobile ad hoc network routing protocols, especially in private-vital practical applications. Although there are several papers on anonymous secure routing in mobile ad hoc networks, few research works can achieve sufficient anonymity and strong security, and at the same time provide good scalability. Therefore, in this paper, we present a new distributed

  13. "Secure" Logistic Regression of Horizontally and Vertically Partitioned Distributed Databases

    E-print Network

    Smith, Adam D.

    "Secure" Logistic Regression of Horizontally and Vertically Partitioned Distributed Databases a "secure" logistic regression on pooled data collected separately by several parties without directly combining their databases. We describe "secure" Newton- Raphson protocol for binary logistic regression

  14. Multimedia Security System for Security and Medical Applications

    ERIC Educational Resources Information Center

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  15. Integrating security in a large distributed system

    Microsoft Academic Search

    Mahadev Satyanarayanan

    1989-01-01

    Andrew is a distributed computing environment that is a synthesis of the personal computing and timesharing paradigms. When mature, it is expected to encompass over 5,000 workstations spanning the Carnegie Mellon University campus. This paper examines the security issues that arise in such an environment and describes the mechanisms that have been developed to address them. These mechanisms include the

  16. Development of security metrics for a distributed messaging system

    Microsoft Academic Search

    Reijo M. Savola; Habtamu Abie

    2009-01-01

    Carefully designed security metrics of practical relevance can be used to provide evidence of the security behavior of the system under development or operation. This study investigates a practical development of security metrics for a distributed messaging system based on threat and vulnerability analysis and security requirements. Our approach is thus requirement-centric. The high-level security requirements are expressed in terms

  17. Secure Coprocessors in Electronic Commerce Applications

    Microsoft Academic Search

    Bennet Yee J. D. Tygar

    1995-01-01

    Many researchers believe electronic wallets (secure storagedevices that maintain account balances) are the solutionto electronic commerce challenges. This paper arguesfor a more powerful model --- a secure coprocessor --- thatcan run a small operating system, run application programs,and also keep secure storage for cryptographickeys and balance information.We have built a system called Dyad, on top of a port ofthe Mach

  18. Secure Coprocessors in Electronic Commerce Applications

    Microsoft Academic Search

    Bennet Yee; J. D. Tygar

    1996-01-01

    Many researchers believe electronic wallets (secure stor- age devices that maintain account balances) are the solu- tion to electronic commerce challenges. This paper argues for a more powerful model — a secure coprocessor — that can run a small operating system, run application pro- grams, and also keep secure storage for cryptographic keys and balance information. We have built a

  19. Duke University Graduate School Application Data Security Policy

    E-print Network

    Zhou, Pei

    , including but not limited to transportation, administration, and review, must have on file a signed copyDuke University Graduate School Application Data Security Policy Revision Date: September 2, 2014 information about student applicants and distributes and transmits that information to many administrative

  20. HASS: Highly Available, Scalable and Secure Distributed Data Storage Systems

    Microsoft Academic Search

    Zhiqian Xu; Hai Jiang

    2009-01-01

    As computers become pervasive and data size increases dramatically, data management systems' security, scalability and availability features turn into major design issues, especially in distributed computing environments. This paper proposes a highly available, scalable and secure distributed data storage system (HASS) for high performance and secure data management. Distributed and parallel data storage or file systems such as Object-based Storage

  1. Representation and evaluation of security policies for distributed system services

    Microsoft Academic Search

    Tatyana Ryutov; Clifford Neuman

    2000-01-01

    We present a new model for authorization that integrates both local and distributed access control policies and that is extensible across applications and administrative domains. We introduce a general mechanism that is capable of implementing several security policies including role-based access control, Clark-Wilson, ACLs, capabilities, and lattice-based access controls. The generic authorization and access-control API (GAA API) provides a generic

  2. Secure distributed programming with value-dependent types

    Microsoft Academic Search

    Nikhil Swamy; Juan Chen; Cédric Fournet; Pierre-Yves Strub; Karthikeyan Bharagavan; Jean Yang

    2011-01-01

    Distributed applications are difficult to program reliably and securely. Dependently typed functional languages promise to prevent broad classes of errors and vulnerabilities, and to enable program verification to proceed side-by-side with development. However, as recursion, effects, and rich libraries are added, using types to reason about programs, specifications, and proofs becomes challenging. We present F*, a full-fledged design and implementation

  3. Derived virtual devices: a secure distributed file system mechanism

    NASA Technical Reports Server (NTRS)

    VanMeter, Rodney; Hotz, Steve; Finn, Gregory

    1996-01-01

    This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g., read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.

  4. Abstracting application-level web security

    Microsoft Academic Search

    David Scott; Richard Sharp

    2002-01-01

    Application-level web security refers to vulnerabilities inherent in the code of a web-application itself (irrespective of the technologies in which it is implemented or the security of the web-server\\/back-end database on which it is built). In the last few months application-level vulnerabilities have been exploited with serious consequences: hackers have tricked e-commerce sites into shipping goods for no charge, user-names

  5. Secure coprocessing applications and research issues

    SciTech Connect

    Smith, S.W.

    1996-08-01

    The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

  6. IBM Software IBM Security AppScan: Application

    E-print Network

    solutions specific to the challenges of application security that go beyond basic security testing to manageScan portfolio combines advanced security testing with the strengths of the IBM Rational® Application Lifecycle Security AppScan solutions to identify the latest threats with advanced security testing for application

  7. Secure and Robust Overlay Content Distribution

    ERIC Educational Resources Information Center

    Kang, Hun Jeong

    2010-01-01

    With the success of applications spurring the tremendous increase in the volume of data transfer, efficient and reliable content distribution has become a key issue. Peer-to-peer (P2P) technology has gained popularity as a promising approach to large-scale content distribution due to its benefits including self-organizing, load-balancing, and…

  8. Web Applications and Security Web protocol overview

    E-print Network

    Massachusetts at Amherst, University of

    Web Applications and Security Web protocol overview Web forms Cookies Attacks against Web>University of Massachusetts Amherst #12;Basic Web scripting There are two basic HTTP request methods, GET and POST descriptor. #12;Securing basic web apps is easy DON'T TRUST USER INPUT, EVER... Never execute code provide

  9. A Secure Real-Time Concurrency Control Protocol for Mobile Distributed Real-Time Databases

    Microsoft Academic Search

    Yingyuan Xiao; Yunsheng Liu; Guoqiong Liao

    2007-01-01

    Summary A class of security-critical applications with the requirements of timing constraints, such as wireless stock trading, power network scheduling, real-time traffic information management, etc., demand the support of mobile distributed real-time database systems. For the class of applications, mobile distributed real-time database systems must simultaneously satisfy two requirements in guaranteeing data security and minimizing the missing deadlines ratio of

  10. Security Violation Detection for RBAC Based Interoperation in Distributed Environment

    NASA Astrophysics Data System (ADS)

    Wang, Xinyu; Sun, Jianling; Yang, Xiaohu; Huang, Chao; Wu, Di

    This paper proposes a security violation detection method for RBAC based interoperation to meet the requirements of secure interoperation among distributed systems. We use role mappings between RBAC systems to implement trans-system access control,, analyze security violation of interoperation with role mappings, and formalize definitions of secure interoperation. A minimum detection method according to the feature of RBAC system in distributed environment is introduced in detail. This method reduces complexity by decreasing the amount of roles involved in detection. Finally, we analyze security violation further based on the minimum detection method to help administrators eliminate security violation.

  11. Secure voice for mobile satellite applications

    NASA Technical Reports Server (NTRS)

    Vaisnys, Arvydas; Berner, Jeff

    1990-01-01

    The initial system studies are described which were performed at JPL on secure voice for mobile satellite applications. Some options are examined for adapting existing Secure Telephone Unit III (STU-III) secure telephone equipment for use over a digital mobile satellite link, as well as for the evolution of a dedicated secure voice mobile earth terminal (MET). The work has included some lab and field testing of prototype equipment. The work is part of an ongoing study at JPL for the National Communications System (NCS) on the use of mobile satellites for emergency communications. The purpose of the overall task is to identify and enable the technologies which will allow the NCS to use mobile satellite services for its National Security Emergency Preparedness (NSEP) communications needs. Various other government agencies will also contribute to a mobile satellite user base, and for some of these, secure communications will be an essential feature.

  12. Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography ?

    E-print Network

    Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography VSS scheme. Although adaptive security was already addressed by Feldman in the original paper's commitment scheme, an adaptively-secure Pedersen VSS scheme (as a committed VSS), or distributed-veri#12;er

  13. Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography

    E-print Network

    Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography threshold Cramer-Shoup cryptosystem. Our results are based on a new adaptively-secure Feldman VSS scheme, an adaptively-secure Pedersen VSS scheme (as a committed VSS), or distributed-verifier proofs for proving

  14. Adaptively Secure Feldman VSS and Applications to UniversallyComposable Threshold Cryptography #

    E-print Network

    Fehr, Serge

    Adaptively Secure Feldman VSS and Applications to Universally­Composable Threshold Cryptography VSS scheme. Although adaptive security was already addressed by Feldman in the original paper's commitment scheme, an adaptively­secure Pedersen VSS scheme (as a committed VSS), or distributed

  15. In Proceedings of the Annual Computer Security Applications Conference, Phoenix, Arizona, U.S.A., December 6-10, 1999 A Resource Access Decision Service for CORBA-based Distributed Systems

    E-print Network

    British Columbia, University of

    application systems to be aware of security. Such security models currently require applica- tion systemIn Proceedings of the Annual Computer Security Applications Conference, Phoenix, Arizona, U Beznosov Baptist Health Systems of South Florida 6855 Red Road, Miami, FL 33176 konstanb@bhssf.org Yi Deng

  16. Information security control in the application of grid security

    Microsoft Academic Search

    Yuan Jia-bin; Gu Kai-kai

    2007-01-01

    To improve the security of the information system, the information security control theory is studied. This paper introduces information security and automatic control theory, presents the information security control theory, traverses the characteristic of the information security control theory. This paper also analyses the security grid technology, introduces the information security control theory into the grid system, builds the security

  17. Analysis of Policy Anomalies on Distributed Network Security Setups

    E-print Network

    Garcia-Alfaro, Joaquin

    Analysis of Policy Anomalies on Distributed Network Security Setups J. G. Alfaro1,2, F. Cuppens1.Garcia-Alfaro@deic.uab.es Abstract: The use of different network security components, such as firewalls and network intrusion corporate networks. On the one hand, firewalls are traditional security components which provide means

  18. A new model of security for distributed systems

    Microsoft Academic Search

    Wm A. Wulf; Chenxi Wang; Darrell Kienzle

    1996-01-01

    With the rapid growth of the information age, electronic activities of many kinds are becoming more common. The need for protection and security in this environment has never been greater . The conventional approach to security has been to enforce a system-wide policy , but this approach will not work for large distributed systems where entirely new security issues and

  19. Model-based Security Engineering of Distributed Information Systems

    E-print Network

    Jurjens, Jan

    Abuse frames Security requirements Risk analysis External review Design Test plans Code Test results Field feedback Risk-based Security tests Static analysis (tools) Risk analysis Penetration testingModel-based Security Engineering of Distributed Information Systems using UMLsec Bastian Best, Jan

  20. Information Security Assessment and Reporting: Distributed Defense

    Microsoft Academic Search

    D. S. Bhilare; A. K. Ramani; Sanjay Tanwani

    2008-01-01

    Network Managers of Higher Educational Institutes, are well aware of general Information Security issues, related to Campus Networks. There are well developed security metrics, giving exhaustive list of security controls, required to mitigate different risks. Accordingly, various security measures and technologies are being deployed. However, at present, not enough attention is being paid on measuring the effectiveness of these controls

  1. Ontology-Based Secure XML Content Distribution

    NASA Astrophysics Data System (ADS)

    Rahaman, Mohammad Ashiqur; Roudier, Yves; Miseldine, Philip; Schaad, Andreas

    This paper presents an ontology-driven secure XML content distribution scheme. This scheme first relies on a semantic access control model for XML documents that achieves three objectives: (1) representing flexible and evolvable policies, (2) providing a high-level mapping and interoperable interface to documents, and (3) automating the granting of fine-grained access rights by inferring on content semantics. A novel XML document parsing mechanism is defined to delegate document access control enforcement to a third party without leaking the document XML schema to it. The Encrypted Breadth First Order Labels (EBOL) encoding is used to bind semantic concepts with XML document nodes and to check the integrity of a document.

  2. A correct security evaluation of quantum key distribution

    E-print Network

    Osamu Hirota

    2014-09-21

    There is no doubt that quantum key distribution is an excellent result as a science. However, this paper presents a view on quantum key distribution (QKD) wherein QKD may have a difficulty to provide a sufficient security and good communication performance in real world networks. In fact, a one-time pad forwarded by QKD model with $\\bar{\\epsilon}=10^{-6}$ may be easily decrypted by key estimation. Despite that researchers know several criticisms on the theoretical incompleteness on the security evaluation, Portmann and Rennner, and others still avert from the discussion on criticism, and experimental groups tend to make exaggerated claims about their own work by making it seems that QKD is applicable to commercial communication systems. All such claims are based on a misunderstanding of the meaning of criteria of information theoretic security in cryptography. A severe situation has arisen as a result, one that will impair a healthy development of quantum information science (QIS). Thus, the author hopes that this paper will help to stimulate discussions on developing a more detailed theory.

  3. Implementing a secure client/server application

    SciTech Connect

    Kissinger, B.A.

    1994-08-01

    There is an increasing rise in attacks and security breaches on computer systems. Particularly vulnerable are systems that exchange user names and passwords directly across a network without encryption. These kinds of systems include many commercial-off-the-shelf client/server applications. A secure technique for authenticating computer users and transmitting passwords through the use of a trusted {open_quotes}broker{close_quotes} and public/private keys is described in this paper.

  4. Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing

    E-print Network

    Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing Mihir) and secure outsourcing (Gennaro, Gentry, Parno 2010)-- need adaptive security, where x may depend on F. We for one- time programs and secure outsourcing, with privacy being the goal in the first case

  5. Evaluation of Classifiers: Practical Considerations for Security Applications

    E-print Network

    Baras, John S.

    Evaluation of Classifiers: Practical Considerations for Security Applications Alvaro A. C, biometrics and multimedia forensics. Measur- ing the security performance of these classifiers, or for comparing multiple classifiers. There are however relevant con- siderations for security related problems

  6. A DRM Framework for Secure Distribution of Mobile Contents

    Microsoft Academic Search

    Kwon Il Lee; Kouichi Sakurai; Jun Seok Lee; Jae-cheol Ryou

    2004-01-01

    \\u000a DRM technology allows content to be distributed in a controlled manner. Therefore, appropriate security mechanism is required.\\u000a The Mobile DRM System is same as the general DRM system. Encryption technology is in use digital contents packaging. In case\\u000a of Mobile DRM system, secure distribution and store of packaging encryption key is important. In this paper, we propose a DRM\\u000a framework, SDRM (Secure

  7. Guest Editorial: Special Section on Security in Distributed Computing Systems

    Microsoft Academic Search

    Wei Zhao

    2003-01-01

    has always been of utmost importance, particularly in recent years as orchestrated attacks have sought to cripple critical infrastructures. Security issues in distributed com-puting systems involve reducing vulnerabilities as well as giving system management the insight and control needed to defend distributed information systems. All aspects of business and government operations and services are dependent upon the security and integrity

  8. A Generic Security Proof for Quantum Key Distribution

    Microsoft Academic Search

    Matthias Christandl; Renato Renner; Artur Ekert

    2004-01-01

    Quantum key distribution allows two parties, traditionally known as Alice and Bob, to establish a secure random cryptographic key if, firstly, they have access to a quantum communication channel, and secondly, they can exchange classical public messages which can be monitored but not altered by an eavesdropper, Eve. Quantum key distribution provides perfect security because, unlike its classical counterpart, it

  9. Towards Practical Security Monitors of UML Policies for Mobile Applications

    Microsoft Academic Search

    Fabio Massacci; Katsiaryna Naliuka

    2007-01-01

    There is increasing demand for running interacting applications in a secure and controllable way on mobile devices. Such demand is not fully supported by the Java\\/.NET security model based on trust domains nor by current security monitors or language-based security approaches. We propose an approach that allows security policies that are i) expressive enough to capture multiple sessions and interacting

  10. Generic Support for Distributed Applications

    Microsoft Academic Search

    Jean Bacon; Ken Moody; John Bates; Richard Hayton; Chaoying Ma; Andrew Mcneil; Oliver Seidel; Mark D. Spiteri

    2000-01-01

    to distributed applications. Current middleware platforms for distributed applications are based on the following software model and architecture. Distributed-software model Whatever the physical architecture of a distributed system, we must establish a software model that defines the entities that comprise the distributed system, how they interoperate, and how to specify their behavior. The object model, which underpins all recent middleware

  11. Web Services Security Issues in Healthcare Applications

    Microsoft Academic Search

    Shelly Sachdeva; Saphina Mchome; Subhash Bhalla

    2010-01-01

    Many research efforts are in progress for developing unified standards for Electronic Health Records. Such records can be shared for provisions of health care and research. Significant benefits can be realized when the proposed systems are used widely. Additional security requirements are crucial for their wide adoption. Patients want privacy and confidentiality. These systems will be deployed in distributed databases

  12. MEMS and MOEMS for national security applications

    NASA Astrophysics Data System (ADS)

    Scott, Marion W.

    2003-01-01

    Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

  13. Security Ontology Proposal for Mobile Applications

    Microsoft Academic Search

    Sofien Beji; Nabil El-Kadhi

    2009-01-01

    Mobility is an emerging area that comes up with several technologies and stakeholders. Dealing with the security requirement for mobile applications means acquiring all the knowledge and the available technologies for the design and deployment of a reliable and usable countermeasure. Not only the field lacks of standards but also requires several quality constraints. To assist developers to face such

  14. Photonic sensor applications in transportation security

    Microsoft Academic Search

    David A. Krohn

    2007-01-01

    There is a broad range of security sensing applications in transportation that can be facilitated by using fiber optic sensors and photonic sensor integrated wireless systems. Many of these vital assets are under constant threat of being attacked. It is important to realize that the threats are not just from terrorism but an aging and often neglected infrastructure. To specifically

  15. Video motion detection for physical security applications

    SciTech Connect

    Matter, J.C.

    1990-01-01

    Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost effectiveness. In recent years significant advances in image processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Currently Sandia is developing several advanced systems that employ image processing techniques for a broader set of safeguards and security applications. TCATS (Target Cueing and Tracking System) uses a set of powerful, flexible, modular algorithms and software to alarm on purposeful target motion. Custom TCATS hardware optimized for perimeter security applications is currently being evaluated with video input. VISDTA (Video Imaging System for Detection, Tracking, and Assessment) uses some of the same TCATS algorithms and operates with a thermal imager input. In the scan mode, VISDTA detects changes in a scene from the previous image at a given scan point; in the stare mode, VISDTA detects purposeful motion similar to TCATS.

  16. Paper ID # 900041 DISTRIBUTED CERTIFICATE AND APPLICATION ARCHITECTURE FOR VANETs

    E-print Network

    Zou, Cliff C.

    1 of 7 Paper ID # 900041 DISTRIBUTED CERTIFICATE AND APPLICATION ARCHITECTURE FOR VANETs Baber (VANET) applications. A lot of solutions have been presented to address these issues. However of VANET. In this paper, we present a distributed security architecture for VANET that does not rest

  17. Irradiation applications for homeland security

    NASA Astrophysics Data System (ADS)

    Desrosiers, Marc F.

    2004-09-01

    In October 2001, first-class mail laced with anthrax was sent to political and media targets resulting in several deaths, illnesses, significant mail-service disruption, and economic loss. The White House Office of Science and Technology Policy established a technical task force on mail decontamination that included three key agencies: National Institute of Standards and Technology with responsibility for radiation dosimetry and coordinating and performing experiments at industrial accelerator facilities; the Armed Forces Radiobiology Research Institute with responsibility for radiobiology; and the US Postal Service with responsibility for radiation-processing quality assurance and quality control. An overview of the anthrax attack decontamination events will be presented as well as expectations for growth in this area and the prospects of other homeland security areas where irradiation technology can be applied.

  18. Towards Practical Security Monitors of UML Policies for Mobile Applications

    E-print Network

    Massacci, Fabio

    Towards Practical Security Monitors of UML Policies for Mobile Applications Fabio Massacci to the applications after it read some sensitive information. Equipping every mobile device with a security system@dit.unitn.it Abstract--There is increasing demand for running interacting applications in a secure and controllable way

  19. Security Protocols against Cyber Attacks in the Distribution Automation System

    Microsoft Academic Search

    I. H. Lim; S. Hong; M. S. Choi; S. J. Lee; T. W. Kim; B. N. Ha

    2008-01-01

    As a communication technology plays an integral part in a power system, security issues become major concerns. This paper deals with the security problems in the distribution automation system (DAS) which has an inherent vulnerability to cyber attacks due to its high dependency on the communication and geographically widely spread terminal devices. We analyze the types of cyber threats in

  20. Security Protocols Against Cyber Attacks in the Distribution Automation System

    Microsoft Academic Search

    I. H. Lim; S. Hong; M. S. Choi; S. J. Lee; T. W. Kim; B. N. Ha

    2010-01-01

    As a communication technology plays an integral part in a power system, security issues become major concerns. This paper deals with the security problems in the distribution automation system (DAS) which has an inherent vulnerability to cyber attacks due to its high dependency on the communication and geographically widely spread terminal devices. We analyze the types of cyber threats in

  1. Distributed service control technique for detecting security attacks

    Microsoft Academic Search

    Udaya Tupakula; Vijay Varadharajan

    2012-01-01

    We propose Distributed Service Control (DSC) technique for securing critical services. One of the main aims of DSC is to deal with the attacks by minimising the attack surface between two hosts. In our model, light weight security policies are enforced at the client machines to ensure that the client can access the services using legitimate traffic only. This will

  2. Incident response requirements for distributed security information management systems

    Microsoft Academic Search

    Sarandis Mitropoulos; Dimitrios Patsos; Christos Douligeris

    2007-01-01

    Purpose – Security information management systems (SIMs) have been providing a unified distributed platform for the efficient management of security information produced by corresponding mechanisms within an organization. However, these systems currently lack the capability of producing and enforcing response policies, mainly due to their limited incident response (IR) functionality. This paper explores the nature of SIMs while proposing a

  3. Photonic sensor applications in transportation security

    NASA Astrophysics Data System (ADS)

    Krohn, David A.

    2007-09-01

    There is a broad range of security sensing applications in transportation that can be facilitated by using fiber optic sensors and photonic sensor integrated wireless systems. Many of these vital assets are under constant threat of being attacked. It is important to realize that the threats are not just from terrorism but an aging and often neglected infrastructure. To specifically address transportation security, photonic sensors fall into two categories: fixed point monitoring and mobile tracking. In fixed point monitoring, the sensors monitor bridge and tunnel structural health and environment problems such as toxic gases in a tunnel. Mobile tracking sensors are being designed to track cargo such as shipboard cargo containers and trucks. Mobile tracking sensor systems have multifunctional sensor requirements including intrusion (tampering), biochemical, radiation and explosives detection. This paper will review the state of the art of photonic sensor technologies and their ability to meet the challenges of transportation security.

  4. Women's secure hospital services: national bed numbers and distribution

    PubMed Central

    Harty, Mari; Somers, Nadia; Bartlett, Annie

    2012-01-01

    A mapping exercise as part of a pathway study of women in secure psychiatric services in the England and Wales was conducted. It aimed to (i) establish the extent and range of secure service provision for women nationally and (ii) establish the present and future care needs and pathways of care of women mentally disordered offenders (MDO) currently in low, medium and enhanced medium secure care. The study identified 589 medium secure beds, 46 enhanced medium secure beds (WEMSS) and 990 low secure beds for women nationally. Of the 589 medium secure beds, the majority (309, 52%) are in the NHS and under half (280, 48%) are in the independent sector (IS). The distribution of low secure beds is in the opposite direction, the majority (745, 75%) being in the IS and 254 (25%) in the NHS. Medium secure provision for women has grown over the past decade, but comparative data for low secure provision are not available. Most women are now in single sex facilities although a small number of mixed sex units remain. The findings have implications for the future commissioning of secure services for women. PMID:23236263

  5. Efficient Sensor Placement Optimization for Securing Large Water Distribution Networks

    E-print Network

    Pratt, Vaughan

    Efficient Sensor Placement Optimization for Securing Large Water Distribution Networks Andreas Abstract: The problem of deploying sensors in a large water distribution network is considered, in order drinking water distribution system of greater than 21,000 nodes, is presented. DOI: 10.1061/ ASCE 0733

  6. SOME COMPARTMENTALIZED SECURE TASK ASSIGNMENT MODELS FOR DISTRIBUTED SYSTEMS

    E-print Network

    Lee, Daniel C.

    SOME COMPARTMENTALIZED SECURE TASK ASSIGNMENT MODELS FOR DISTRIBUTED SYSTEMS Daniel C. Lee , Member) in a distributed system with a goal that they can perform its global task efficiently. The paper models the distributed system with a graph that describes the communication capabilities of the constituting agents

  7. Audit Trails in the Aeolus Distributed Security Platform

    E-print Network

    Popic, Victoria

    2010-09-29

    This thesis provides a complete design and implementation of audit trail collection and storage for Aeolus, a distributed security platform based on information flow control. An information flow control system regulates ...

  8. Key Dependent Message Security: Recent Results and Applications

    E-print Network

    Malkin, Tal

    protocols. For instance, this notion is used in an anonymous credential system [17], where a KDM secureKey Dependent Message Security: Recent Results and Applications Tal Malkin Columbia University tal) secure if it is secure even against an attacker who has access to encryptions of messages which depend

  9. Security strategy of EPR type protocol of quantum key distribution

    NASA Astrophysics Data System (ADS)

    Xiang, Chong; Yang, Li

    2008-03-01

    Ekert91 protocol of quantum key distribution is an important protocol of key distribution that based on the quantum mechanics. According to it, we first discuss the variance functions of Bell inequality test and error rate comparison, and then define the sensitivities of two security strategies based on Bell inequality test and error rate comparison respectively. Finally we give out the eavesdropper's optimal attack strategy and compare the sensitivities of two security strategies.

  10. Video motion detection for physical security applications

    SciTech Connect

    Matter, J.C. (Sandia National Lab., Albuquerque, NM (United States))

    1990-01-01

    Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost-effectiveness. In recent years, significant advances in image-processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Early video motion detectors (VMDs) were useful for interior applications of volumetric sensing. Success depended on having a relatively well-controlled environment. Attempts to use these systems outdoors frequently resulted in an unacceptable number of nuisance alarms. Currently, Sandia National Laboratories (SNL) is developing several advanced systems that employ image-processing techniques for a broader set of safeguards and security applications. The Target Cueing and Tracking System (TCATS), the Video Imaging System for Detection, Tracking, and Assessment (VISDTA), the Linear Infrared Scanning Array (LISA); the Mobile Intrusion Detection and Assessment System (MIDAS), and the Visual Artificially Intelligent Surveillance (VAIS) systems are described briefly.

  11. 20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ...false Application for security deposit determination; information to be submitted; other... Insurance Carrier Security Deposit Requirements...203 Application for security deposit determination; information to be submitted;...

  12. 20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ...false Application for security deposit determination; information to be submitted; other... Insurance Carrier Security Deposit Requirements...203 Application for security deposit determination; information to be submitted;...

  13. 20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ...false Application for security deposit determination; information to be submitted; other... Insurance Carrier Security Deposit Requirements...203 Application for security deposit determination; information to be submitted;...

  14. Pervasive Home Security: An Intelligent Domotics Application

    Microsoft Academic Search

    Vincenza Carchiolo; Alessandro Longheu; Michele Malgeri; Giuseppe Mangioni; Danilo Torrisi

    \\u000a The pervasive computing paradigm promotes new applications in several scenarios. Among these, domotics is receiving a considerable\\u000a attention. This work presents an intelligent and pervasive surveillance system for home and corporate security based on the\\u000a ZigBee protocol which detects and classifies intrusions discarding false positives, also providing remote control and cameras\\u000a live streaming. Results of tests in different environments show

  15. Architectures for Inlining Security Monitors in Web Applications

    E-print Network

    Sabelfeld, Andrei

    Architectures for Inlining Security Monitors in Web Applications Jonas Magazinius, Daniel Hedin policies to be enforced in web applications. This paper focuses on securing JavaScript code by inlining architectures for inlining security monitors for JavaScript: via browser extension, via web proxy, via suffix

  16. INSTITUTE FOR CYBER SECURITY Application-Centric Security

    E-print Network

    Sandhu, Ravi

    .g. vulnerability analysis, penetration testing, protocol proofs, security properties, etc.) Layered software stacks protocols, etc. in a real Enforcement level security analysis (e.g. safe approximations with respect to network latency, protocol proofs, security properties, etc.) Technologies and standards such as SOA, Cloud

  17. Security Certificate Revocation List Distribution for VANET Kenneth P. Laberteaux

    E-print Network

    Hu, Yih-Chun

    Security Certificate Revocation List Distribution for VANET Kenneth P. Laberteaux Toyota Technical.uiuc.edu, yihchun@crhc.uiuc.edu ABSTRACT In a VANET, a certificate authority issues keys and certifi- cates to vehicles. Each vehicle distributes these certificates to other VANET participants and subsequently signs

  18. ReDiSen: Reputation-based Secure Cooperative Sensing in Distributed Cognitive Radio Networks

    E-print Network

    Li, Zongpeng

    ReDiSen: Reputation-based Secure Cooperative Sensing in Distributed Cognitive Radio Networks Calgary, Alberta, Canada T2N 1N4 {tozhang, rei, zongpeng}@ucalgary.ca Abstract--Cognitive radio techniques channel, and is therefore more applicable in dynamic cognitive radio networks. Index Terms--Cognitive

  19. A suite of algorithms for key distribution and authentication in centralized secure multicast environments

    Microsoft Academic Search

    J. A. M. Naranjo; N. Antequera; L. G. Casado; J. A. López-Ramos

    The Extended Euclidean algorithm provides a fast solution to the problem of finding the greatest common divisor of two numbers. In this paper, we present three applications of the algorithm to the security and privacy field. The first one allows one to privately distribute a secret to a set of recipients with only one multicast communication. It can be used

  20. Security of Trusted Repeater Quantum Key Distribution Networks

    E-print Network

    Louis Salvail; Momtchil Peev; Eleni Diamanti; Romain Alleaume; Norbert Lutkenhaus; Thomas Laenger

    2009-04-27

    A Quantum Key Distribution (QKD) network is an infrastructure capable of performing long-distance and high-rate secret key agreement with information-theoretic security. In this paper we study security properties of QKD networks based on trusted repeater nodes. Such networks can already be deployed, based on current technology. We present an example of a trusted repeater QKD network, developed within the SECOQC project. The main focus is put on the study of secure key agreement over a trusted repeater QKD network, when some nodes are corrupted. We propose an original method, able to ensure the authenticity and privacy of the generated secret keys.

  1. Application of Security Metrics in Auditing Computer Network Security: A Case Study

    Microsoft Academic Search

    Upeka Premaratne; Jagath Samarabandu; Tarlochan Sidhu; Bob Beresh; Jian-Cheng Tan

    2008-01-01

    This paper presents a case study of the application of security metrics to a computer network. A detailed survey is conducted on existing security metric schemes. The Mean Time to Compromise (MTTC) metric and VEA-bility metric are selected for this study. The input data for both metrics are obtained from a network security tool. The results are used to determine

  2. Accelerators for Discovery Science and Security applications

    NASA Astrophysics Data System (ADS)

    Todd, A. M. M.; Bluem, H. P.; Jarvis, J. D.; Park, J. H.; Rathke, J. W.; Schultheiss, T. J.

    2015-05-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15-50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 ? mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 ?s. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug-cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection.

  3. Mobile Applications for Public Sector: Balancing Usability and Security

    Microsoft Academic Search

    Yuri NATCHETOI; Viktor KAUFMAN; Konstantin BEZNOSOV

    2008-01-01

    Development of mobile software applications for use in specific domains such as Public Security must conform to stringent security requirements. While mobile devices have many known limitations, assuring complex fine-grained security policies poses an additional challenge to quality mobile services and raises usability concerns. We address these challenges by means of a novel approach to authentication and gradual multi-factor authorization

  4. AProSec: an Aspect for Programming Secure Web Applications

    E-print Network

    Paris-Sud XI, Université de

    AProSec: an Aspect for Programming Secure Web Applications Gabriel Hermosillo - Roberto Gomez describe related work on security and AOP. 1. INTRODUCTION Companies and organizations use Web servers, or to mislead them later so that they provide these data to the attacker. Security techniques used by most web

  5. Big Ideas Paper: Enforcing End-to-end Application Security

    E-print Network

    Paris-Sud XI, Université de

    Big Ideas Paper: Enforcing End-to-end Application Security in the Cloud Jean Bacon1 , David Evans1 the risk of exacerbating an impedance mismatch with the security middleware. Not only do we want cloud failures. Fears about security can come from a lack of isolation. It is understood that cloud providers

  6. The Reality of Applying Security in Web Applications in Academia

    Microsoft Academic Search

    Mohamed Al-Ibrahim; Yousef Shams Al-Deen

    2014-01-01

    Web applications are used in academic institutions, such as universities, for variety of purposes. Since these web pages contain critical information, securing educational systems is as important as securing any banking system. It has been found that many academic institutions have not fully secured their web pages against some class of vulnerabilities. In this empirical study, these vulnerabilities are focused

  7. Secure quantum cryptographic network based on quantum key distribution

    E-print Network

    Sora Choi; Soojoon Lee; Dong Pyo Chi

    2004-03-24

    We present a protocol for quantum cryptographic network consisting of a quantum network center and many users, in which any pair of parties with members chosen from the whole users on request can secure a quantum key distribution by help of the center. The protocol is based on the quantum authentication scheme given by Barnum et al. [Proc. 43rd IEEE Symp. FOCS'02, p. 449 (2002)]. We show that exploiting the quantum authentication scheme the center can safely make two parties share nearly perfect entangled states used in the quantum key distribution. This implies that the quantum cryptographic network protocol is secure against all kinds of eavesdropping.

  8. Towards Practical Security Monitors of UML Policies for Mobile Applications

    Microsoft Academic Search

    Fabio Massacci; Katsiaryna Naliuka

    2008-01-01

    Abstract—There is increasing demand,for running,interacting applications in a secure and,controllable way,on mobile,devices. Such demand,is not fully supported,by the Java\\/.NET security model,based on trust domains,nor by current security monitors or language-based,security approaches. We propose,an approach that allows,security,policies that are i) expressive,enough,to capture multiple sessions and interacting applications, ii) suitable for efficient monitoring, iii) convenient for a developer to specify them. Since

  9. Security for Automated, Distributed Configuration Management

    Microsoft Academic Search

    P. Devanbu; M. Gertz; S. Stubblebine

    1999-01-01

    Installation, configuration, and administration of desktop software is a non-trivial process. Even a simple application can have numerous dependencies on hardware, device drivers, op- erating system versions, dynamically linked libraries, and even on other applications. These dependencies can cause surprising failures during the normal process of installations, updates and re-configurations. Diagnosing and resolving such failures involves detailed knowledge of the

  10. Security certificate revocation list distribution for vanet

    Microsoft Academic Search

    Kenneth P. Laberteaux; Jason J. Haas; Yih-chun Hu

    2008-01-01

    In a VANET, a certificate authority issues keys and certifi- cates to vehicles. Each vehicle distributes these certificates to other VANET participants and subsequently signs mes- sages against these certificates. If the certificate authority needs to revoke a certificate (e.g. due to a breach of trust), it universally distributes a certificate revocation list. We pro- pose a method for car-to-car

  11. 76 FR 17158 - Assumption Buster Workshop: Distributed Data Schemes Provide Security

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-03-28

    ...assumptions that underlie current security architectures. Challenging those assumptions both...Provide Security''. Distributed data architectures, such as cloud computing, offer very...much discussion about securing such architectures, and it is generally felt that...

  12. Placement of distributed generators and reclosers for distribution network security and reliability

    Microsoft Academic Search

    D. H. Popovi?; J. A. Greatbanks; M. Begovi?; A. Pregelj

    2005-01-01

    Electricity market restructuring, advances in energy generation technology and agreements on the reduction of global greenhouse gas emissions have paved the way for an increase in the use of distributed generation. This paper formulates and discusses a methodology for the optimal siting of distributed generators and reclosers a security and reliability constrained distribution network can accept. Optimal siting is determined

  13. Analysis of security protocols for authentication in distributed systems

    Microsoft Academic Search

    H. A. Eneh; O. Gemikonakli

    2005-01-01

    Research works on the analysis and the development of authentication protocols frequently adopt the linear software development approach and are based on certain non-extensible assumptions (Tobler and Hutchison 2004), (Grob 2003), (Harbitter and Menasce 2002). This paper is part of an ongoing work regarding the development of a pre-emptive security mechanism for networks and distributed systems. We present in this

  14. Collusion-Traceable Secure Multimedia Distribution Based on Controllable Modulation

    Microsoft Academic Search

    Shiguo Lian; Zhiquan Wang

    2008-01-01

    In this paper, a secure multimedia distribution scheme resistant to collusion attacks is proposed. In this scheme, the multimedia content is modulated by n pseudorandom sequences at the server side, which generates the unintelligible multimedia content, and then demodulated under the control of the fingerprint code at the customer side, which produces the multimedia content contains a unique code. The

  15. Enabling secure distribution of digital media to SD-cards

    Microsoft Academic Search

    Dulce B. Ponceleon; Stefan Nusser; Vladimir Zbarsky; Julian A. Cerruti; Sigfredo I. Nin

    2006-01-01

    As the marketplace for digital media increases we witness the rise of new media distribution models where timely delivery, convenience, privacy and personalization are essential features of competitive offerings. Consumers are looking for innovative ways to access content in a service-oriented manner that suits their mobile life style. This paper describes a prototype standard-based system that allows the secure and

  16. Secure Distributed Cluster Formation in Wireless Sensor Networks

    Microsoft Academic Search

    Kun Sun; Pai Peng; Peng Ning; Cliff Wang

    2006-01-01

    In wireless sensor networks, clustering sensor nodes into small groups is an effective technique to achieve scalabili ty, self-organization, power saving, channel access, routing , etc. A number of cluster formation protocols have been proposed recently. However, most existing protocols assume benign environments, and are vulnerable to attacks from malicious nodes. In this paper, we propose a secure distributed cluste

  17. Security proof for quantum key distribution using qudit systems

    SciTech Connect

    Sheridan, Lana [Centre for Quantum Technologies, National University of Singapore (Singapore); Scarani, Valerio [Centre for Quantum Technologies, National University of Singapore (Singapore); Department of Physics, National University of Singapore (Singapore)

    2010-09-15

    We provide security bounds against coherent attacks for two families of quantum key distribution protocols that use d-dimensional quantum systems. In the asymptotic regime, both the secret key rate for fixed noise and the robustness to noise increase with d. The finite key corrections are found to be almost insensitive to d < or approx. 20.

  18. A virtualization approach for distributed resources security in network manufacturing

    Microsoft Academic Search

    Lei Ren; Yabin Zhang; Yongliang Luo; Lin Zhang

    2010-01-01

    Network manufacturing technology has proven an effective approach to achieving integration of the distributed manufacturing resources over Internet. The nature of high interoperability of network manufacturing results in a variety of security threats due to the ultimate dependence upon operating system. Virtualization technology, allowing a monitor and control layer running between operating system and underlying infrastructure, could provide a promising

  19. KEY DISTRIBUTION PROTOCOLS FOR SECURE MULTICAST COMMUNICATION SURVIVABLE IN MANETs.(*)

    E-print Network

    Baras, John S.

    that are robust enough to survive or tolerate frequent node failures, network partitions and merges, delays1 KEY DISTRIBUTION PROTOCOLS FOR SECURE MULTICAST COMMUNICATION SURVIVABLE IN MANETs.(*) Maria, distance between nodes and various other factors result in unreliable links or excessive delay

  20. Radiation Detection for Homeland Security Applications

    NASA Astrophysics Data System (ADS)

    Ely, James

    2008-05-01

    In the past twenty years or so, there have been significant changes in the strategy and applications for homeland security. Recently there have been significant at deterring and interdicting terrorists and associated organizations. This is a shift in the normal paradigm of deterrence and surveillance of a nation and the `conventional' methods of warfare to the `unconventional' means that terrorist organizations resort to. With that shift comes the responsibility to monitor international borders for weapons of mass destruction, including radiological weapons. As a result, countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments at land, rail, air, and sea ports of entry in the US and in European and Asian countries. Radioactive signatures of concern include radiation dispersal devices (RDD), nuclear warheads, and special nuclear material (SNM). Radiation portal monitors (RPMs) are used as the main screening tool for vehicles and cargo at borders, supplemented by handheld detectors, personal radiation detectors, and x-ray imaging systems. This talk will present an overview of radiation detection equipment with emphasis on radiation portal monitors. In the US, the deployment of radiation detection equipment is being coordinated by the Domestic Nuclear Detection Office within the Department of Homeland Security, and a brief summary of the program will be covered. Challenges with current generation systems will be discussed as well as areas of investigation and opportunities for improvements. The next generation of radiation portal monitors is being produced under the Advanced Spectroscopic Portal program and will be available for deployment in the near future. Additional technologies, from commercially available to experimental, that provide additional information for radiation screening, such as density imaging equipment, will be reviewed. Opportunities for further research and development to improve the current equipment and methodologies for radiation detection for the important task of homeland security will be the final topic to be discussed.

  1. Design of Secure Mobile Application on Cellular Phones

    Microsoft Academic Search

    Masahiro Kuroda; Mariko Yoshida; Shoji Sakurai; Tatsuji Munaka

    2002-01-01

    Cellular data services have become popular in Japan. These services are based on the first generation security model for cellular\\u000a phones. The model has server authentication, data encryption, application integrity check and user authentication. This paper\\u000a discusses the security functions and evaluates the security features of an application on cellular phones. The evaluation\\u000a shows that real usage is important to

  2. Tools for distributed application management

    NASA Technical Reports Server (NTRS)

    Marzullo, Keith; Cooper, Robert; Wood, Mark; Birman, Kenneth P.

    1990-01-01

    Distributed application management consists of monitoring and controlling an application as it executes in a distributed environment. It encompasses such activities as configuration, initialization, performance monitoring, resource scheduling, and failure response. The Meta system (a collection of tools for constructing distributed application management software) is described. Meta provides the mechanism, while the programmer specifies the policy for application management. The policy is manifested as a control program which is a soft real-time reactive program. The underlying application is instrumented with a variety of built-in and user-defined sensors and actuators. These define the interface between the control program and the application. The control program also has access to a database describing the structure of the application and the characteristics of its environment. Some of the more difficult problems for application management occur when preexisting, nondistributed programs are integrated into a distributed application for which they may not have been intended. Meta allows management functions to be retrofitted to such programs with a minimum of effort.

  3. Tools for distributed application management

    NASA Technical Reports Server (NTRS)

    Marzullo, Keith; Wood, Mark; Cooper, Robert; Birman, Kenneth P.

    1990-01-01

    Distributed application management consists of monitoring and controlling an application as it executes in a distributed environment. It encompasses such activities as configuration, initialization, performance monitoring, resource scheduling, and failure response. The Meta system is described: a collection of tools for constructing distributed application management software. Meta provides the mechanism, while the programmer specifies the policy for application management. The policy is manifested as a control program which is a soft real time reactive program. The underlying application is instrumented with a variety of built-in and user defined sensors and actuators. These define the interface between the control program and the application. The control program also has access to a database describing the structure of the application and the characteristics of its environment. Some of the more difficult problems for application management occur when pre-existing, nondistributed programs are integrated into a distributed application for which they may not have been intended. Meta allows management functions to be retrofitted to such programs with a minimum of effort.

  4. Java-based Open Platform for distributed health telematics applications.

    PubMed

    Hoepner, Petra; Eckert, Klaus-Peter

    2003-01-01

    Within the European HARP project, a Java-based Open Platform has been specified and implemented to support trustworthy distributed applications for health. Emphasis was put on security services for enabling both communication and application security. The Open Platform is Web-based and comprises the Client environment, Web/Application server, as well as Database and Archive servers. Servlets composed and executed according to the user's authorisation create signed XML messages. From those messages, user-role-related applets are generated. The technical details of the realisation are presented. Possible future enhancements for user-centric, adaptable services based on next-generation mobile service environments are outlined. PMID:15061527

  5. Scheduling Security-Critical Real-Time Applications on Clusters

    E-print Network

    Xie, Tao

    Scheduling Security-Critical Real-Time Applications on Clusters Tao Xie, Member, IEEE, and Xiao Qin performance. In recognition that many applications running on clusters demand both real-time performance strategy for clusters (SAREC), which integrates security requirements into the scheduling for real- time

  6. : A Vehicular Surveillance and Sensing System for Security Applications

    E-print Network

    Tseng, Yu-Chee

    VS3 : A Vehicular Surveillance and Sensing System for Security Applications Lien-Wu Chen, Kun-based mobile device for car security applications. On the car side, it consists of a CO2 sensor, a camera to transmit SMS, MMS, or interactive video call to the vehicle owner, who can then monitor the car situation

  7. Web Application Security Standards and Practices Page 1 of 13 Web Application Security Standard Operating Environment (SOE) V1.2

    E-print Network

    Yang, Junfeng

    Web Application Security Standards and Practices Page 1 of 13 Web Application Security Standard Operating Environment (SOE) V1.2 Columbia University Web Application Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Application Security Standards and Practices

  8. Web Application Security Standards and Practices Page 1 of 13 Web Application Security Standard Operating Environment (SOE) V1 1 (2).

    E-print Network

    Grishok, Alla

    Web Application Security Standards and Practices Page 1 of 13 Web Application Security Standard Operating Environment (SOE) V1 1 (2). Columbia University Web Application Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Application Security Standards and Practices

  9. Drop-in Security for Distributed and Portable Computing Elements.

    ERIC Educational Resources Information Center

    Prevelakis, Vassilis; Keromytis, Angelos

    2003-01-01

    Proposes the use of a special purpose drop-in firewall/VPN gateway called Sieve, that can be inserted between the mobile workstation and the network to provide individualized security services for that particular station. Discusses features and advantages of the system and demonstrates how Sieve was used in various application areas such as at…

  10. Improving Routing Security Using a Decentralized Public Key Distribution Algorithm

    Microsoft Academic Search

    Jeremy C. Goold; Mark Clement

    2007-01-01

    Today's society has developed a reliance on networking infrastructures. Health, financial, and many other institutions deploy mission critical and even life critical applications on local networks and the global Internet. The security of this infrastructure has been called into question over the last decade. In particular, the protocols directing traffic through the network have been found to be vulnerable. One

  11. Security Applications Of Computer Motion Detection

    NASA Astrophysics Data System (ADS)

    Bernat, Andrew P.; Nelan, Joseph; Riter, Stephen; Frankel, Harry

    1987-05-01

    An important area of application of computer vision is the detection of human motion in security systems. This paper describes the development of a computer vision system which can detect and track human movement across the international border between the United States and Mexico. Because of the wide range of environmental conditions, this application represents a stringent test of computer vision algorithms for motion detection and object identification. The desired output of this vision system is accurate, real-time locations for individual aliens and accurate statistical data as to the frequency of illegal border crossings. Because most detection and tracking routines assume rigid body motion, which is not characteristic of humans, new algorithms capable of reliable operation in our application are required. Furthermore, most current detection and tracking algorithms assume a uniform background against which motion is viewed - the urban environment along the US-Mexican border is anything but uniform. The system works in three stages: motion detection, object tracking and object identi-fication. We have implemented motion detection using simple frame differencing, maximum likelihood estimation, mean and median tests and are evaluating them for accuracy and computational efficiency. Due to the complex nature of the urban environment (background and foreground objects consisting of buildings, vegetation, vehicles, wind-blown debris, animals, etc.), motion detection alone is not sufficiently accurate. Object tracking and identification are handled by an expert system which takes shape, location and trajectory information as input and determines if the moving object is indeed representative of an illegal border crossing.

  12. Protocols with Security Proofs for Mobile Applications

    Microsoft Academic Search

    Yiu Shing Terry Tin; Harikrishna Vasanta; Colin Boyd; Juan Manuel González Nieto

    2004-01-01

    The Canetti-Krawczyk (CK) model is useful for building reusable components that lead to rapid development of secure proto- cols, especially for engineers working outside of the security community. We work in the CK model and obtain a new secure authenticated key transport protocol with three parties. This protocol is constructed with two newly developed components in the CK model, thus

  13. Testing Security Policies for Web Applications

    Microsoft Academic Search

    Wissam Mallouli; Gerardo Morales; Ana Cavalli

    2008-01-01

    Due to the increasing complexity of Web systems, security testing is becoming a critical activity to guarantee the respect of such systems to their security requirements. To challenge this issue, we rely in this paper on model based active testing. We first specify the Web system behavior using IF formalism. Second, we integrate security rules -modeled in Nomad language- within

  14. Advances in Adaptive Secure Message-Oriented Middleware for Distributed Business-Critical Systems

    NASA Astrophysics Data System (ADS)

    Abie, Habtamu; Savola, Reijo M.; Wang, Jinfu; Rotondi, Domenico

    2010-09-01

    Distributed business-critical systems are often implemented using distributed messaging infrastructures with increasingly stringent requirements with regard to resilience, security, adaptability, intelligence and scalability. Current systems have limited ability in meeting these requirements. This paper describes advances in adaptive security, security metrics, anomaly detection and resilience, and authentication architecture in such distributed messaging systems.

  15. Scoring recognizability of faces for security applications

    NASA Astrophysics Data System (ADS)

    Bianco, Simone; Ciocca, Gianluigi; Guarnera, Giuseppe Claudio; Scaggiante, Andrea; Schettini, Raimondo

    2014-03-01

    In security applications the human face plays a fundamental role, however we have to assume non-collaborative subjects. A face can be partially visible or occluded due to common-use accessories such as sunglasses, hats, scarves and so on. Also the posture of the head influence the face recognizability. Given a video sequence in input, the proposed system is able to establish if a face is depicted in a frame, and to determine its degree of recognizability in terms of clearly visible facial features. The system implements features filtering scheme combined with a skin-based face detection to improve its the robustness to false positives and cartoon-like faces. Moreover the system takes into account the recognizability trend over a customizable sliding time window to allow a high level analysis of the subject behaviour. The recognizability criteria can be tuned for each specific application. We evaluate our system both in qualitative and quantitative terms, using a data set of manually annotated videos. Experimental results confirm the effectiveness of the proposed system.

  16. From Trusted to Secure: Building and Executing Applications That Enforce System Security

    Microsoft Academic Search

    Boniface Hicks; Sandra Rueda; Trent Jaeger; Patrick Drew Mcdaniel

    2007-01-01

    Commercial operating systems have recently introduced mandatory access controls (MAC) that can be used to ensure system-wide data confidentiality and integrity. These protections rely on restricting the flow of infor- mation between processes based on security levels. The problem is, there are many applications that defy simple classification by security level, some of them essential for system operation. Surprisingly, the

  17. Recent applications of thermal imagers for security assessment

    SciTech Connect

    Bisbee, T.L.

    1997-06-01

    This paper discusses recent applications by Sandia National Laboratories of cooled and uncooled thermal infrared imagers to wide-area security assessment systems. Thermal imagers can solve many security assessment problems associated with the protection of high-value assets at military bases, secure installations, and commercial facilities. Thermal imagers can provide surveillance video from security areas or perimeters both day and night without expensive security lighting. Until fairly recently, thermal imagers required open-loop cryogenic cooling to operate. The high cost of these systems and associated maintenance requirements restricted their widespread use. However, recent developments in reliable, closed-loop, linear drive cryogenic coolers and uncooled infrared imagers have dramatically reduced maintenance requirements, extended MTBF, and are leading to reduced system cost. These technology developments are resulting in greater availability and practicality for military as well as civilian security applications.

  18. Specifying and Enforcing Application-Level Web Security Policies

    Microsoft Academic Search

    David Scott; Richard Sharp

    2003-01-01

    Application-level Web security refers to vulnerabilities inherent in the code of a Web-application itself (irrespective of the technologies in which it is implemented or the security of the Web-server\\/back-end database on which it is built). In the last few months, application-level vulnerabilities have been exploited with serious consequences: Hackers have tricked e-commerce sites into shipping goods for no charge, usernames

  19. BSS: A Distributed Top-k Processing in Mobile BusNet for Security Surveillance

    Microsoft Academic Search

    Xu Li; Jiajun Hu; Hongyu Huang; Jialiang Lu; Wei Shu; Minglu Li; Min-You Wu

    2010-01-01

    We consider distributed top-k processing problem in a mobile scenario. Specially, we focus on a real application of a bus network (N nodes), where buses are equipped with cameras for real-time security surveillance. Due to the limited number of screens (k, k<;<;N) at the traffic management center, how to select k bus nodes with most passengers to upload image data

  20. On the Security of Interferometric Quantum Key Distribution

    E-print Network

    Ran Gelles; Tal Mor

    2011-10-30

    Photonic quantum key distribution is commonly implemented using interferometers, devices that inherently cause the addition of vacuum ancillas, thus enlarging the quantum space in use. This enlargement sometimes exposes the implemented protocol to new kinds of attacks that have not yet been analyzed. We consider several quantum key distribution implementations that use interferometers, and analyze the enlargement of the quantum space caused by the interferometers. While we prove that some interferometric implementations are robust (against simple attacks), we also show that several other implementations used in QKD experiments are totally insecure. This result is somewhat surprising since although we assume ideal devices and an underlying protocol which is proven secure (e.g., the Bennett-Brassard QKD), the realization is insecure. Our novel attack demonstrates the risks of using practical realizations without performing an extensive security analysis regarding the specific setup in use.

  1. Web application security assessment by fault injection and behavior monitoring

    Microsoft Academic Search

    Yao-Wen Huang; Shih-Kun Huang; Tsung-Po Lin; Chung-Hung Tsai

    2003-01-01

    As a large and complex application platform, the World Wide Web is capable of delivering a broad range of sophisticated applications. However, many Web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Here we analyze the design of Web application security assessment mechanisms in order to identify poor coding practices that

  2. Optical Imaging Sensors and Systems for Homeland Security Applications

    NASA Astrophysics Data System (ADS)

    Javidi, Bahram

    Optical and photonic systems and devices have significant potential for homeland security. "Optical Imaging Sensors and Systems for Homeland Security Applications" presents original and significant technical contributions from leaders of industry, government, and academia in the field of optical and photonic sensors, systems and devices for detection, identification, prevention, sensing, security, verification and anti-counterfeiting. The chapters have recent and technically significant results, ample illustrations, figures, and key references.

  3. Securing a Quantum Key Distribution Network Using Secret Sharing

    E-print Network

    Stephen M. Barnett; Simon J. D. Phoenix

    2012-03-03

    We present a simple new technique to secure quantum key distribution relay networks using secret sharing. Previous techniques have relied on creating distinct physical paths in order to create the shares. We show, however, how this can be achieved on a single physical path by creating distinct logical channels. The technique utilizes a random 'drop-out' scheme to ensure that an attacker must compromise all of the relays on the channel in order to access the key.

  4. A secure and efficient conference key distribution system

    Microsoft Academic Search

    Mike Burmester; Yvo Desmedt

    We present practical conference key distribution systems based on public keys, which authenticate the users and which are\\u000a ‘proven’ secure provided the Diffie-Hellman problem is intractable. A certain number of interactions is needed but the overall\\u000a cost is low. There is a complexity tradeoff. Depending on the network used, we either have a constant (in the number of conference\\u000a participants)

  5. Application-level simulation for network security

    Microsoft Academic Search

    Rainer Bye; Stephan Schmidt; Katja Luther; Sahin Albayrak

    2008-01-01

    We introduce and describe a novel network simulation tool called NeSSi (Network Security Simulator). NeSSi incorporates a vari- ety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profile- based automated attack generation, traffic analysis and interface support for the plug-in of detection algorithms allow it to be used for security research and

  6. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    SciTech Connect

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  7. The Data and Application Security and Privacy (DASPY) Challenge

    E-print Network

    Sandhu, Ravi

    taught cyber security not studied as a success story missing technologies highly regarded by academia Computer security Information security = Computer security + Communications security Information Computer security Information security = Computer security + Communications security Information

  8. Simon's Intelligence Phase for Security Risk Assessment in Web Applications

    Microsoft Academic Search

    Brunil Romero; Marianella Villegas; Marina Meza

    2008-01-01

    Organizations in this digital era use automated information technology systems to process their information in order to support their missions. Web applications (WA) offer services for business processes that imply handling organization valuable information. Their requirements have become more complex so as to guarantee information security. Security risk assessment (SRA) plays a critical role in protecting an organization's information assets.

  9. Application of evolutionary programming to security constrained economic dispatch

    Microsoft Academic Search

    P. Somasundaram; K. Kuppusamy

    2005-01-01

    This paper presents an algorithm, for solving security constrained economic dispatch (SCED) problem, through the application of evolutionary programming (EP). The controllable system quantities in the base case state are optimized, to minimize some defined objective function, subject to the base case operating constraints as well as the contingency case security constraints. Two representative systems: 10-bus [10] and adapted IEEE

  10. Composable Security Proof for Continuous-Variable Quantum Key Distribution with Coherent States

    NASA Astrophysics Data System (ADS)

    Leverrier, Anthony

    2015-02-01

    We give the first composable security proof for continuous-variable quantum key distribution with coherent states against collective attacks. Crucially, in the limit of large blocks the secret key rate converges to the usual value computed from the Holevo bound. Combining our proof with either the de Finetti theorem or the postselection technique then shows the security of the protocol against general attacks, thereby confirming the long-standing conjecture that Gaussian attacks are optimal asymptotically in the composable security framework. We expect that our parameter estimation procedure, which does not rely on any assumption about the quantum state being measured, will find applications elsewhere, for instance, for the reliable quantification of continuous-variable entanglement in finite-size settings.

  11. Manifest Security for Distributed Information Karl Crary Robert Harper Frank Pfenning

    E-print Network

    Pierce, Benjamin C.

    Manifest Security for Distributed Information Karl Crary Robert Harper Frank Pfenning Carnegie whose type system ensures compliance with security policies through the use of proofs in a formal logic that are manifestly secure. Manifest security means that the trust relationships, access control and information flow

  12. Electronic Distribution of Airplane Software and the Impact of Information Security on Airplane Safety

    E-print Network

    Poovendran, Radha

    Electronic Distribution of Airplane Software and the Impact of Information Security on Airplane of airplane health reports. On the other hand, airplane safety may be heavily dependent on the security to address these security threats. This paper explores the role of information security in emerging

  13. 75 FR 47320 - Millington Securities, Inc., et al.; Notice of Application

    Federal Register 2010, 2011, 2012, 2013, 2014

    2010-08-05

    ...Secretary, Securities and Exchange...o Millington Securities, Inc., 222...summary of the application. The complete application may be obtained...Commission's Web site by searching...registered under the Securities Exchange...

  14. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ... false Registration of securities information processors: form of application...609 Registration of securities information processors: form of application...for the registration of a securities information processor shall be...

  15. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ... false Registration of securities information processors: form of application...609 Registration of securities information processors: form of application...for the registration of a securities information processor shall be...

  16. 17 CFR 242.609 - Registration of securities information processors: form of application and amendments.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ... false Registration of securities information processors: form of application...609 Registration of securities information processors: form of application...for the registration of a securities information processor shall be...

  17. Distributing Secret Keys with Quantum Continuous Variables: Principle, Security and Implementations

    E-print Network

    Eleni Diamanti; Anthony Leverrier

    2015-06-09

    The ability to distribute secret keys between two parties with information-theoretic security, that is, regardless of the capacities of a malevolent eavesdropper, is one of the most celebrated results in the field of quantum information processing and communication. Indeed, quantum key distribution illustrates the power of encoding information on the quantum properties of light and has far reaching implications in high-security applications. Today, quantum key distribution systems operate in real-world conditions and are commercially available. As with most quantum information protocols, quantum key distribution was first designed for qubits, the individual quanta of information. However, the use of quantum continuous variables for this task presents important advantages with respect to qubit based protocols, in particular from a practical point of view, since it allows for simple implementations that require only standard telecommunication technology. In this review article, we describe the principle of continuous-variable quantum key distribution, focusing in particular on protocols based on coherent states. We discuss the security of these protocols and report on the state-of-the-art in experimental implementations, including the issue of side-channel attacks. We conclude with promising perspectives in this research field.

  18. Secure Bike Storage Rental Application Rental Periods

    E-print Network

    Thompson, Michael

    is rentable based on the academic term schedule. All rental periods expire on the last day of the arranged be purchased at the cost of $5.00. Any cards reported lost or stolen will be deactivated. Should you notice any suspicious activity around the Secure Bike Storage facility, you can reach Security Services 24/7 by calling

  19. Profiling and accelerating string matching algorithms in three network content security applications

    Microsoft Academic Search

    Po-ching Lin; Zhi-xiang Li; Ying-dar Lin; Yuan-cheng Lai; Frank C. Lin

    2006-01-01

    The efficiency of string matching algorithms is essential for network con- tent security applications, such as intrusion detection systems, anti-virus sys- tems, and Web content filters. This work reviews typical algorithms and profiles their performance under various situations to study the influence of the number, the length, and the character distribution of the signatures on performance. This profiling can reveal

  20. From client-side encryption to secure web applications

    E-print Network

    Stark, Emily (Emily Margarete)

    2013-01-01

    This thesis presents an approach for designing secure web applications that use client-side encryption to keep user data private in the face of arbitrary web server compromises, as well as a set of tools, called CryptFrame, ...

  1. Distributions of the Kullback-Leibler divergence with applications.

    PubMed

    Belov, Dmitry I; Armstrong, Ronald D

    2011-05-01

    The Kullback-Leibler divergence (KLD) is a widely used method for measuring the fit of two distributions. In general, the distribution of the KLD is unknown. Under reasonable assumptions, common in psychometrics, the distribution of the KLD is shown to be asymptotically distributed as a scaled (non-central) chi-square with one degree of freedom or a scaled (doubly non-central) F. Applications of the KLD for detecting heterogeneous response data are discussed with particular emphasis on test security. PMID:21492134

  2. An Application-Driven Perspective on Wireless Sensor Network Security

    E-print Network

    Kang, Kyoung-Don

    (WSNs) have recently attracted a lot of interest due to the range of applications they en- able. Unfortunately, WSNs are exposed to numerous secu- rity threats that can adversely affect the success of impor- tant applications. Securing WSNs is challenging due to their unique nature as an application

  3. Information Flow for Secure Distributed Applications

    E-print Network

    Cheng, Winnie Wing-Yee

    2009-08-27

    Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage ...

  4. Information flow for secure distributed applications

    E-print Network

    Cheng, Winnie Wing-Yee

    2009-01-01

    Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage ...

  5. A microwave imaging spectrometer for security applications

    NASA Astrophysics Data System (ADS)

    Jirousek, Matthias; Peichl, Markus; Suess, Helmut

    2010-04-01

    In recent years the security of people and critical infrastructures is of increasing interest. Passive microwave sensors in the range of 1 - 100 GHz are suitable for the detection of concealed objects and wide-area surveillance through poor weather and at day and night time. The enhanced extraction of significant information about an observed object is enabled by the use of a spectral sensitive system. For such a spectral radiometer in the microwave range also some depth information can be extracted. The usable frequency range is thereby dependent on the application. For through-wall imaging or detection of covert objects such as for example landmines, the lower microwave range is best suited. On the other hand a high spatial resolution requires higher frequencies or instruments with larger physical dimensions. The drawback of a large system is the required movement of a mirror or a deflecting plate in the case of a mechanical scanner system, or a huge amount of receivers in a fully-electronic instrument like a focal plane array. An innovative technique to overcome these problems is the application of aperture synthesis using a highly thinned array. The combination of spectral radiometric measurements within a wide frequency band, at a high resolution, and requiring a minimum of receivers and only minor moving parts led to the development of the ANSAS instrument (Abbildendes Niederfrequenz-Spektrometer mit Apertursynthese). ANSAS is a very flexible aperture synthesis technology demonstrator for the analysis of main features and interactions concerning high spatial resolution and spectral sensing within a wide frequency range. It consists of a rotated linear thinned array and thus the spatial frequency spectrum is measured on concentric circles. Hence the number of receivers and correlators is reduced considerably compared to a fully two-dimensional array, and measurements still can be done in a reasonable time. In this paper the basic idea of ANSAS and its setup are briefly introduced. Some first imaging results showing the basic capabilities are illustrated. Possible error sources and their impacts are discussed by simulation and compared to the measured data.

  6. Application of models in information security management

    Microsoft Academic Search

    Danijel Milicevic; Matthias Goeken

    2011-01-01

    The impact of information technology on business operations is widely recognized and its role in the emergence of new business models is well-known. In order to leverage the benefits of IT-supported business processes the security of the underlying information systems must be managed. Various so- called best-practice models and information security standards have positioned themselves as generic solutions for a

  7. Security Aspects of FPGAs in Cryptographic Applications

    Microsoft Academic Search

    Thomas Wollinger; Christof Paar

    This contribution provides a state-of-the-art description of security issues on FPGAs from a system perspective.We consider the potential security problems of FPGAs and propose some countermeasure for the existing drawbacks of FPGAs. Even though there have been many contributions dealing with the algorithmic aspects of cryptographic schemes implemented on FPGAs, this contribution is one of the few investigations of system

  8. Lilith: A scalable secure tool for massively parallel distributed computing

    SciTech Connect

    Armstrong, R.C.; Camp, L.J.; Evensky, D.A.; Gentile, A.C.

    1997-06-01

    Changes in high performance computing have necessitated the ability to utilize and interrogate potentially many thousands of processors. The ASCI (Advanced Strategic Computing Initiative) program conducted by the United States Department of Energy, for example, envisions thousands of distinct operating systems connected by low-latency gigabit-per-second networks. In addition multiple systems of this kind will be linked via high-capacity networks with latencies as low as the speed of light will allow. Code which spans systems of this sort must be scalable; yet constructing such code whether for applications, debugging, or maintenance is an unsolved problem. Lilith is a research software platform that attempts to answer these questions with an end toward meeting these needs. Presently, Lilith exists as a test-bed, written in Java, for various spanning algorithms and security schemes. The test-bed software has, and enforces, hooks allowing implementation and testing of various security schemes.

  9. A cooperative model for IS security risk management in distributed environment.

    PubMed

    Feng, Nan; Zheng, Chundong

    2014-01-01

    Given the increasing cooperation between organizations, the flexible exchange of security information across the allied organizations is critical to effectively manage information systems (IS) security in a distributed environment. In this paper, we develop a cooperative model for IS security risk management in a distributed environment. In the proposed model, the exchange of security information among the interconnected IS under distributed environment is supported by Bayesian networks (BNs). In addition, for an organization's IS, a BN is utilized to represent its security environment and dynamically predict its security risk level, by which the security manager can select an optimal action to safeguard the firm's information resources. The actual case studied illustrates the cooperative model presented in this paper and how it can be exploited to manage the distributed IS security risk effectively. PMID:24563626

  10. Topic 7 : Smart Grid Privacy and Security 1Networking and Distributed Systems

    E-print Network

    Mohsenian-Rad, Hamed

    Topic 7 : Smart Grid Privacy and Security 1Networking and Distributed Systems Department Tech UniversityCommunications and Control in Smart Grid 2 · Smart Meter Privacy · Concerns · Possible Solutions · Smart Grid Security · Load Altering Attacks · False Data Injection Attacks · Impact

  11. Consistent cloud computing storage as the basis for distributed applications

    E-print Network

    Anderson, James William

    2011-01-01

    and authentication for security. Currently, cloud servicecloud computing applications share certain com- mon requirements of scalability, performance, availability, reliability, security,security, and e?iciency poses sig- ni?cant challenges. The cloud

  12. A Construction Kit for Modeling the Security of M-Commerce Applications

    E-print Network

    Reif, Wolfgang

    features of the mobile devices result in securing an m-commerce application being a challenging task. #12A Construction Kit for Modeling the Security of M-Commerce Applications Dominik Haneberg, Wolfgang-commerce applications. The security problems that we are addressing are breaches of security due to erroneous

  13. A resilient and secure software platform and architecture for distributed spacecraft

    NASA Astrophysics Data System (ADS)

    Otte, William R.; Dubey, Abhishek; Karsai, Gabor

    2014-06-01

    A distributed spacecraft is a cluster of independent satellite modules flying in formation that communicate via ad-hoc wireless networks. This system in space is a cloud platform that facilitates sharing sensors and other computing and communication resources across multiple applications, potentially developed and maintained by different organizations. Effectively, such architecture can realize the functions of monolithic satellites at a reduced cost and with improved adaptivity and robustness. Openness of these architectures pose special challenges because the distributed software platform has to support applications from different security domains and organizations, and where information flows have to be carefully managed and compartmentalized. If the platform is used as a robust shared resource its management, configuration, and resilience becomes a challenge in itself. We have designed and prototyped a distributed software platform for such architectures. The core element of the platform is a new operating system whose services were designed to restrict access to the network and the file system, and to enforce resource management constraints for all non-privileged processes Mixed-criticality applications operating at different security labels are deployed and controlled by a privileged management process that is also pre-configuring all information flows. This paper describes the design and objective of this layer.

  14. Securing context-aware applications using environment roles

    Microsoft Academic Search

    Michael J. Covington; Wende Long; Srividhya Srinivasan; Anind K. Dev; Mustaque Ahamad

    2001-01-01

    In the future, a largely invisible and ubiquitous computing infrastructure will assist people with a variety of activities in the home and at work. The applications that will be deployed in such systems will create and manipulate private information and will provide access to a variety of other resources. Securing such applications is challenging for a number of reasons. Unlike

  15. Dynamic Analysis and Debugging of Binary Code for Security Applications

    E-print Network

    Wang, Chao

    practice. One example is white-box fuzzing [1], where the goal is to systematically generate test inputs] in a honey-pot. Despite the aforementioned progress, however, there are major limitations in exist- ing is undoubtedly important for applications such as software testing. However, security applications

  16. Big Ideas Paper: Enforcing End-to-end Application Security

    E-print Network

    Pietzuch, Peter

    Big Ideas Paper: Enforcing End-to-end Application Security in the Cloud Jean Bacon1 , David Evans1 techniques that can help form the afore- mentioned trusted code base. Our big idea--cloud-hosted services retarding the evolution of large-scale cloud computing. Keywords: application-level virtualisation

  17. Application of Internet of Things in the Community Security Management

    Microsoft Academic Search

    Jihong Liu; Li Yang

    2011-01-01

    My paper mainly introduces some applications of the technologies of the Internet of Things (IoT) which offer capabilities to identify and connect worldwide physical objects into a unified system. With the rapid development of the construction industries, people are eager to get more intelligent living conditions. The Intelligent Community Security System (ICSS) is becoming one of the biggest applications of

  18. Optimal service distribution in WSN service system subject to data security constraints.

    PubMed

    Wu, Zhao; Xiong, Naixue; Huang, Yannong; Gu, Qiong

    2014-01-01

    Services composition technology provides a flexible approach to building Wireless Sensor Network (WSN) Service Applications (WSA) in a service oriented tasking system for WSN. Maintaining the data security of WSA is one of the most important goals in sensor network research. In this paper, we consider a WSN service oriented tasking system in which the WSN Services Broker (WSB), as the resource management center, can map the service request from user into a set of atom-services (AS) and send them to some independent sensor nodes (SN) for parallel execution. The distribution of ASs among these SNs affects the data security as well as the reliability and performance of WSA because these SNs can be of different and independent specifications. By the optimal service partition into the ASs and their distribution among SNs, the WSB can provide the maximum possible service reliability and/or expected performance subject to data security constraints. This paper proposes an algorithm of optimal service partition and distribution based on the universal generating function (UGF) and the genetic algorithm (GA) approach. The experimental analysis is presented to demonstrate the feasibility of the suggested algorithm. PMID:25093346

  19. Integrated Network Security Protocol Layer for Open-Access Power Distribution Systems

    Microsoft Academic Search

    Todd Mander; Farhad Nabhani; Lin Wang; Richard Cheung

    2007-01-01

    Power distribution system cyber-security concerns are increasing rapidly with growing demands for open accesses to the distribution systems for electricity generation and trading imposed by new government deregulations. This paper proposes a new integrated network security protocol layer, located below the data-link layer of DNP3 - a popular utility protocol, to enhance the data transmission cyber-security for power distribution systems.

  20. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ...Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION...INSURANCE (1950- ) Filing of Applications and Other Forms Applications § 404.611 How do I...application for Social Security benefits? (a) General...

  1. Applying security algorithms against cyber attacks in the distribution automation system

    Microsoft Academic Search

    I. H. Lim; S. Hong; M. S. Choi; S. J. Lee; B. N. Ha

    2008-01-01

    As the communication technology weighs heavily in the power system, so the security issues becomes major concerns. So far most security research has focused on the SCADA system. In this paper we consider the security problems in the network environment of the distribution automation system (DAS) which is much different from the SCADA system. First we analyze the types of

  2. Stealthy pre-attacks against random key pre-distribution security

    E-print Network

    Deng, Jing

    , or embedded and Internet of Things systems. To compromise the security of, e.g., the exchange of encryptedStealthy pre-attacks against random key pre-distribution security Panagiotis Papadimitratos School, in order to achieve efficient security and robustness against limited node compromise. While it is possible

  3. Unconditionally secure quantum key distribution over 50km of standard telecom fibre

    E-print Network

    C. Gobby; Z. L. Yuan; A. J. Shields

    2004-12-22

    We demonstrate a weak pulse quantum key distribution system using the BB84 protocol which is secure against all individual attacks, including photon number splitting. By carefully controlling the weak pulse intensity we demonstrate the maximum secure bit rate as a function of the fibre length. Unconditionally secure keys can be formed for standard telecom fibres exceeding 50 km in length.

  4. SDAR: A Secure Distributed Anonymous Routing Protocol for Wireless and Mobile Ad Hoc Networks

    Microsoft Academic Search

    Azzedine Boukerche; Khalil El-khatib; Li Xu; Larry Korba

    2004-01-01

    Providing security and privacy in mobile ad hoc networks has been a major issue over the last few years. Most research work has so far focused on providing security for routing and data content, but nothing has been done in regard to providing privacy and anonymity over these networks. We propose a novel distributed routing protocol which guarantees security, anonymity

  5. Distributional Effects in a General Equilibrium Analysis of Social Security Laurence J. Kotlikoff

    E-print Network

    Spence, Harlan Ernest

    , when America's aging is considered, the long-run gains to Social Security's privatization are greater losses to transition generations. Second, Social Security's privatization helps the long- run poor evenDistributional Effects in a General Equilibrium Analysis of Social Security by Laurence J

  6. Relating Strand Spaces and Distributed Temporal Logic for Security Protocol Analysis

    Microsoft Academic Search

    Carlos Caleiro; Luca Viganň; David A. Basin

    2005-01-01

    In previous work, we introduced a version of distributed temporal logic that is well-suited both for verifying security protocols and as a metalogic for reasoning about, and relating, different security protocol models. In this paper, we formally investigate the relationship between our approach and strand spaces, which is one of the most successful and widespread formalisms for analyzing security protocols.

  7. Secure and Efficient Data Replay in Distributed eHealthcare Information System

    E-print Network

    Yang, Qing "Ken"

    1 Secure and Efficient Data Replay in Distributed eHealthcare Information System Ken Qing Yang that facilitates secure and efficient data replay in eHelathcare information system. The new architecture uses secured iSCSI protocol and records the parity of every data change to the eHealthcare information system

  8. The Role of Trust Management in Distributed Systems Security?

    E-print Network

    Yang, Junfeng

    powerful and robust tools for handling security at the scale necessary for today's Internet. ? To appear in Secure Internet Programming: Security Issues for Mobile and Dis- tributed Objects," ed. Jan have one thing in common: the need to grant or restrict access to resources according to some security

  9. Robust protocols for securely expanding randomness and distributing keys using untrusted quantum devices

    E-print Network

    Carl A. Miller; Yaoyun Shi

    2015-04-10

    Randomness is a vital resource for modern day information processing, especially for cryptography. A wide range of applications critically rely on abundant, high quality random numbers generated securely. Here we show how to expand a random seed at an exponential rate without trusting the underlying quantum devices. Our approach is secure against the most general adversaries, and has the following new features: cryptographic quality output security, tolerating a constant level of implementation imprecision, requiring only a constant size quantum memory for the honest implementation, and allowing a large natural class of constructions. In conjunct with a recent work by Chung, Shi and Wu (QIP 2014), it also leads to robust unbounded expansion using just 2 multi-part devices. When adapted for distributing cryptographic keys, our method achieves, for the first time, exponential expansion combined with cryptographic security and noise tolerance. The proof proceeds by showing that the Renyi divergence of the outputs of the protocol (for a specific bounding operator) decreases linearly as the protocol iterates. At the heart of the proof are a new uncertainty principle on quantum measurements, and a method for simulating trusted measurements with untrusted devices.

  10. Addressing security issues related to virtual institute distributed activities

    NASA Astrophysics Data System (ADS)

    Stytz, Martin R.; Banks, Sheila B.

    2008-03-01

    One issue confounding the development and experimentation of distributed modeling and simulation environments is the inability of the project team to identify and collaborate with resources, both human and technical, from outside the United States. This limitation is especially significant within the human behavior representation area where areas such as cultural effects research and joint command team behavior modeling require the participation of various cultural and national representatives. To address this limitation, as well as other human behavior representation research issues, NATO Research and Technology Organization initiated a project to develop a NATO virtual institute that enables more effective and more collaborative research into human behavior representation. However, in building and operating a virtual institute one of the chief concerns must be the cyber security of the institute. Because the institute "exists" in cyberspace, all of its activities are susceptible to cyberattacks, subterfuge, denial of service and all of the vulnerabilities that networked computers must face. In our opinion, for the concept of virtual institutes to be successful and useful, their operations and services must be protected from the threats in the cyber environment. A key to developing the required protection is the development and promulgation of standards for cyber security. In this paper, we discuss the types of cyber standards that are required, how new internet technologies can be exploited and can benefit the promulgation, development, maintenance, and robustness of the standards. This paper is organized as follows. Section One introduces the concept of the virtual institutes, the expected benefits, and the motivation for our research and for research in this area. Section Two presents background material and a discussion of topics related to VIs, uman behavior and cultural modeling, and network-centric warfare. Section Three contains a discussion of the security challenges that face the virtual institute and the characteristics of the standards that must be employed. Section Four contains our proposal for documentation of the cybersecurity standards. Section Five contains the conclusion and suggestions for further work.

  11. Simple Proof of Security of the BB84 Quantum Key Distribution Protocol

    SciTech Connect

    Shor, Peter W. [AT and T Labs Research, Florham Park, New Jersey 07932 (United States)] [AT and T Labs Research, Florham Park, New Jersey 07932 (United States); Preskill, John [Lauritsen Laboratory of High Energy Physics, California Institute of Technology, Pasadena, California 91125 (United States)] [Lauritsen Laboratory of High Energy Physics, California Institute of Technology, Pasadena, California 91125 (United States)

    2000-07-10

    We prove that the 1984 protocol of Bennett and Brassard (BB84) for quantum key distribution is secure. We first give a key distribution protocol based on entanglement purification, which can be proven secure using methods from Lo and Chau's proof of security for a similar protocol. We then show that the security of this protocol implies the security of BB84. The entanglement purification based protocol uses Calderbank-Shor-Steane codes, and properties of these codes are used to remove the use of quantum computation from the Lo-Chau protocol. (c) 2000 The American Physical Society.

  12. Secure quantum key distribution network with Bell states and local unitary operations

    E-print Network

    Chun-Yan Li; Hong-Yu Zhou; Yan Wang; Fu-Guo Deng

    2007-05-12

    We propose a theoretical scheme for secure quantum key distribution network following the ideas in quantum dense coding. In this scheme, the server of the network provides the service for preparing and measuring the Bell states, and the users encodes the states with local unitary operations. For preventing the server from eavesdropping, we design a decoy when the particle is transmitted between the users. It has high capacity as one particle carries two bits of information and its efficiency for qubits approaches 100%. Moreover, it is not necessary for the users to store the quantum states, which makes this scheme more convenient for application than others.

  13. Higher-security thresholds for quantum key distribution by improved analysis of dark counts

    NASA Astrophysics Data System (ADS)

    Boileau, J.-C.; Batuwantudawe, J.; Laflamme, R.

    2005-09-01

    We discuss the potential of quantum key distribution (QKD) for long-distance communication by proposing an analysis of the errors caused by dark counts. We give sufficient conditions for a considerable improvement of the key generation rates and the security thresholds of well-known QKD protocols such as the Bennett-Brassard 1984, Phoenix-Barnett-Chefles 2000, and six-state protocols. This analysis is applicable to other QKD protocols like the Bennett 1992 protocol. We examine two scenarios: a sender using a perfect single-photon source and a sender using a Poissonian source.

  14. A flexible security architecture to support third-party applications on mobile devices

    E-print Network

    Massacci, Fabio

    A flexible security architecture to support third-party applications on mobile devices Dries approach is the notion of "security-by-contract" to protect mobile applications . Mo- bile applications can ABSTRACT The problem of supporting the secure execution of poten- tially malicious third-party applications

  15. Mobile Application Security Framework for the Handheld Devices in Wireless Cellular Networks

    Microsoft Academic Search

    S. Vijay Anand

    The Small, Portable Mobile handheld devices are often left unsecured due to their limited computing power. The approach is also inadequate for mobile applications that require security as a controllable service attribute to maintain various security levels that are acceptable to the users. Hence, we need a tunable and differentiable Application security framework for handheld devices that provides differential security

  16. SECURITY PATTERNS AND SECURITY STANDARDS

    Microsoft Academic Search

    Markus Schumacher

    2003-01-01

    Security should be a mandatory feature of any distributed business application. Nevertheless we can observe that we are far away from an acceptable security level: the same errors are made over and over again. Typical examples are buffer overflows or default passwords. Whereas there are mechanical aids to detect cod-ing errors, there is no such a thing for design errors,

  17. Software and CyberSecurity: Attack Resistant Secure Software Development Survivable Distributed Communication Services (DCS)

    Microsoft Academic Search

    N. J. Fuller; G. Simco

    2008-01-01

    Messaging is a critical prerequisite for the scalability, dependability, and reliability of distributed services. A scalable messaging platform accommodates multiple diverse clients and adapts seamlessly within a heterogeneous environment. A reliable and dependable messaging scheme also offers a specific level of guarantee for the delivery of messages to legitimate services. Application services rely on message transport intermediaries to preserve loosely

  18. Flexible and Secure Secret Updating for Unidirectional Key Distribution in Rfid-Enabled Supply Chains

    Microsoft Academic Search

    Shaoying Cai; Tieyan Li; Changshe Ma; Yingjiu LI; Robert Huijie DENG

    2009-01-01

    In USENIX Security 08, Juels, Pappu and Parno proposed a secret sharing based mechanism to alleviate the key distribution problem in RFID-enabled supply chains. Compared to existing pseudonym based RFID protocols, the secret sharing based solution is more suitable for RFID-enabled supply chains since it does not require a database of keys be distributed among supply chain parties for secure

  19. Power efficiency analysis of multimedia secured mobile applications

    Microsoft Academic Search

    Marius Marcu; Dacian Tudor; Sebastian Fuicu

    2010-01-01

    Multimedia mobile applications using wireless communication and security services become more and more demanding with respect to processing speed and power consumption. Power saving is one of the most important feature that network interface and mobile processor must provide in order to prolong battery lifetime of a mobile device. The multitude and complexity of devices that implement a large spectrum

  20. Using Genetic Algorithms in Secured Business Intelligence Mobile Applications

    Microsoft Academic Search

    Silvia TRIF

    2011-01-01

    The paper aims to assess the use of genetic algorithms for training neural networks used in secured Business Intelligence Mobile Applications. A comparison is made between classic back-propagation method and a genetic algorithm based training. The design of these algorithms is presented. A comparative study is realized for determining the better way of training neural networks, from the point of

  1. Securing J2ME Mobile Application API Using XACML

    Microsoft Academic Search

    Gautham Kasinath; Leisa J Armstrong

    2007-01-01

    Following Moore's law, the numbers of mobile phones and their capabifities have increased exponentially in recent years. The platform of choice for running applications on resource constrained devices such as mobile phones, today, is the Java 2 Micro Edition (J2ME) with Connected Limited Device Configuration (CLDC). This popularity exposes the security risks. These risks include the loss of data, money

  2. Secure Deployment of Applications to Fielded Devices and Smart Cards

    Microsoft Academic Search

    William G. Sirett; John A. Macdonald; Keith Mayes; Constantinos Markantonakis

    2006-01-01

    This work presents a process of deploying applications se- curely to flelded devices with smart cards whilst taking into consider- ation the possibility that the client device could be malicious. Advan- tages of the proposed process include; caching functionality upon the device, optimal use of resources, employment of nested security contexts whilst addressing flelded infrastructures and a homogeneous solution. This

  3. Application of COBIT to Security Management in Information Systems Development

    Microsoft Academic Search

    Shoichi Morimoto

    2009-01-01

    COBIT is a collection of good practices and processes for IT governance. It provides the effective measures, indicators and activities for enterprise. COBIT has also been applied to the other governance, e. g., software process, security governance, IT service management. However, since COBIT is too general-purpose, it requires deep expert knowledge for the implementation of each application. Although the guideline

  4. Security Models and Requirements for Healthcare Application Clouds

    E-print Network

    Liu, Ling

    it helps cutting down the costs drastically. A fundamental step for the success of tapping healthcareSecurity Models and Requirements for Healthcare Application Clouds Rui Zhang 1,2 and Ling Liu 1 1 environment has attracted a lot of attention in both healthcare industry and academic community. Cloud

  5. Auditing cyber security configuration for control system applications

    Microsoft Academic Search

    J. Holcomb

    2009-01-01

    Buried within critical infrastructure control system applications and the operating systems on which they run are hundreds of settings that affect security. It is often difficult for asset owners to identify and audit these settings on their control system servers and workstations. Bandolier, a Digital Bond research project funded by the U.S. Department of Energy, addresses this problem. Digital Bond

  6. Design of Secure and Application-Oriented VANETs

    Microsoft Academic Search

    Yi Qian; Nader Moayeri

    2008-01-01

    Vehicular ad hoc networks (VANETs) are important components of Intelligent Transportation Systems. The main benefit of VANET communication is seen in active safety systems that increase passenger safety by exchanging warning messages between vehicles. Other applications and private services are also permitted in order to lower the cost and to encourage VANET deployment and adoption. Security is one of the

  7. Integrating web application security into the IT curriculum

    Microsoft Academic Search

    James Walden

    2008-01-01

    Attackers are increasingly targeting web applications. Buffer overflows had been the most common vulnerability type since CERT began collecting statistics, but web applica- tion vulnerabilities like cross-site scripting have dominated vulnerability reports since 2005. Despite billions of dol- lars spent on network security, the amount lost to computer crime, much of it the result of the insecurity of web applica-

  8. Privacy and security in biomedical applications of wireless sensor networks

    Microsoft Academic Search

    Ellen Stuart; Melody Moh; Teng-Sheng Moh

    2008-01-01

    Wireless sensor network applications in healthcare and biomedical technology have received increasing attention, while associated security and privacy issues remain open areas of consideration. The relevance of this technology to our growing elderly population, as well as our increasingly over-crowded and attention-drained healthcare systems, is promising. However, prior to the emergence of these systems as a ubiquitous technology, healthcare providers

  9. Nanomaterials and their application to defense and homeland security

    Microsoft Academic Search

    John G. Reynolds; Bradley R. Hart

    2004-01-01

    A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection. This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory to develop nanostructured materials for applications

  10. Distributed Systems Technology for Electronic Commerce Applications

    Microsoft Academic Search

    Winfried Lamersdorf; Michael Merz; M. Tuan Tu

    1998-01-01

    Based on the specific characteristics of electronic commerce (E- Commerce) requirements for an adequate system support, this contribution gives an overview of the respective distributed systems technology which is (or will be shortly) available for open and heterogeneous electronic commerce ap- plications. Starting from basic communication mechanisms this includes (trans- actionally secure) remote procedure call and database access mechanisms, serv-

  11. Part III: AFS - A Secure Distributed File System

    SciTech Connect

    Wachsmann, A.; /SLAC

    2005-06-29

    AFS is a secure distributed global file system providing location independence, scalability and transparent migration capabilities for data. AFS works across a multitude of Unix and non-Unix operating systems and is used at many large sites in production for many years. AFS still provides unique features that are not available with other distributed file systems even though AFS is almost 20 years old. This age might make it less appealing to some but with IBM making AFS available as open-source in 2000, new interest in use and development was sparked. When talking about AFS, people often mention other file systems as potential alternatives. Coda (http://www.coda.cs.cmu.edu/) with its disconnected mode will always be a research project and never have production quality. Intermezzo (http://www.inter-mezzo.org/) is now in the Linux kernel but not available for any other operating systems. NFSv4 (http://www.nfsv4.org/) which picked up many ideas from AFS and Coda is not mature enough yet to be used in serious production mode. This article presents the rich features of AFS and invites readers to play with it.

  12. Analysis of Policy Anomalies on Distributed Network Security Setups

    Microsoft Academic Search

    Joaquín García-alfaro; Frédéric Cuppens; Nora Cuppens-boulahia

    2006-01-01

    The use of different network security components, such as firewalls and network intrusion detection systems(NIDSs), is the dominant method to survey and guarantee the security policy in current corporate networks. On the one hand, firewalls are traditional security components whi ch provide means to filter traffic within corporate networks, as well as to police the incoming and outcoming interaction with

  13. Security of Distributed, Ubiquitous, and Embedded Computing Platforms

    Microsoft Academic Search

    Anthony D. Wood; John A. Stankovic

    As embedded computer systems continue to explode in number and capability, security and privacy challenges abound. We review desirable security properties and the design constraints posed by these systems that make security difficult. We summarize current research by focusing on solutions for ad hoc networks, wireless sensor networks, and RFID tags as representative of the design space. State of the

  14. Muon Fluence Measurements for Homeland Security Applications

    SciTech Connect

    Ankney, Austin S.; Berguson, Timothy J.; Borgardt, James D.; Kouzes, Richard T.

    2010-08-10

    This report focuses on work conducted at Pacific Northwest National Laboratory to better characterize aspects of backgrounds in RPMs deployed for homeland security purposes. Two polyvinyl toluene scintillators were utilized with supporting NIM electronics to measure the muon coincidence rate. Muon spallation is one mechanism by which background neutrons are produced. The measurements performed concentrated on a broad investigation of the dependence of the muon flux on a) variations in solid angle subtended by the detector; b) the detector inclination with the horizontal; c) depth underground; and d) diurnal effects. These tests were conducted inside at Building 318/133, outdoors at Building 331G, and underground at Building 3425 at Pacific Northwest National Laboratory.

  15. Security of continuous-variable quantum key distribution against general attacks

    NASA Astrophysics Data System (ADS)

    Leverrier, Anthony

    2013-03-01

    We prove the security of Gaussian continuous-variable quantum key distribution with coherent states against arbitrary attacks in the finite-size regime. In contrast to previously known proofs of principle (based on the de Finetti theorem), our result is applicable in the practically relevant finite-size regime. This is achieved using a novel proof approach, which exploits phase-space symmetries of the protocols as well as the postselection technique introduced by Christandl, Koenig and Renner (Phys. Rev. Lett. 102, 020504 (2009)). We prove the security of Gaussian continuous-variable quantum key distribution with coherent states against arbitrary attacks in the finite-size regime. In contrast to previously known proofs of principle (based on the de Finetti theorem), our result is applicable in the practically relevant finite-size regime. This is achieved using a novel proof approach, which exploits phase-space symmetries of the protocols as well as the postselection technique introduced by Christandl, Koenig and Renner (Phys. Rev. Lett. 102, 020504 (2009)). This work was supported by the SNF through the National Centre of Competence in Research ``Quantum Science and Technology'' and through Grant No. 200020-135048, the ERC (grant No. 258932), the Humbolt foundation and the F.R.S.-FNRS under project HIPERCOM.

  16. Authenticating and Securing Mobile Applications Using Microlog

    Microsoft Academic Search

    Siddharth Gupta; Sunil Kumar Singh

    \\u000a This paper elucidates the research and implementation of Microlog in J2ME applications. This small yet powerful logging library\\u000a logs all the detailed background transactions, acts as a tool for detecting unauthorized users trying to access the application\\u000a by logging to remote servers and devices via various logging destinations. It also retrieves useful runtime information, such\\u000a as malfunction code and unexpected

  17. Nanomaterials and their application to defense and homeland security

    NASA Astrophysics Data System (ADS)

    Reynolds, John G.; Hart, Bradley R.

    2004-01-01

    A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection. This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory to develop nanostructured materials for applications to forensics and homeland security. Among the many types of nanomaterials reviewed are silica-based materials, molecular imprinted polymers, and silicon platforms. The main aim of the article is to optimize these new classes of materials for the collection concentration and detection of chemical weapons or other related compounds.

  18. Secure and pervasive collaborative platform for medical applications.

    PubMed

    Holub, Petr; Hladká, Eva; Procházka, Michal; Liska, Milos

    2007-01-01

    Providing secure, extensible, pervasive and easy to implement collaborative environment for medical applications poses significant challenge for state-of-the-art computer systems and networks. In this paper, we describe such a collaborative environment developed for Ithanet project, based on Grid authentication mechanisms. Significant effort has been put into developing a system, that is capable of deployment across tightly secured networking environments as implemented in vast majority of hospitals. The environment is extensible enough to incorporate Grid-service based collaborative systems like AccessGrid. PMID:17476065

  19. Tools for monitoring and controlling distributed applications

    NASA Technical Reports Server (NTRS)

    Marzullo, Keith; Wood, Mark D.

    1991-01-01

    The Meta system is a UNIX-based toolkit that assists in the construction of reliable reactive systems, such as distributed monitoring and debugging systems, tool integration systems and reliable distributed applications. Meta provides mechanisms for instrumenting a distributed application and the environment in which it executes, and Meta supplies a service that can be used to monitor and control such an instrumented application. The Meta toolkit is built on top of the ISIS toolkit; they can be used together in order to build fault-tolerant and adaptive, distributed applications.

  20. (Preliminary field evaluation of solid state cameras for security applications)

    SciTech Connect

    Not Available

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. In general, all-solid-state cameras need to be improved in four areas before they can be used as wholesale replacements for tube cameras in exterior security applications: resolution, sensitivity, contrast, and smear. However, with careful design some of the higher performance cameras can be used for perimeter security systems, and all of the cameras have applications where they are uniquely qualified. Many of the cameras are well suited for interior assessment and surveillance uses, and several of the cameras are well designed as robotics and machine vision devices.

  1. A Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Applications

    Microsoft Academic Search

    Silvia TRIF; Adrian VISOIU

    2011-01-01

    This paper present and implement a Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Application. In the developing process is used a Windows Phone 7 application that interact with a WCF Web Service and a database. The types of Business Intelligence Mobile Applications are presented. The Windows mobile devices security and restrictions are presented. The namespaces and security

  2. Solving Some Modeling Challenges when Testing Rich Internet Applications for Security

    E-print Network

    Jourdan, Guy-Vincent

    Solving Some Modeling Challenges when Testing Rich Internet Applications for Security Suryakant benefitting from automated tools for testing web applications. Keywords: Security Testing, Automated Crawling was the development of automated tools for testing web applications for security. There are various commercial

  3. A meta model for authorisations in application security systems and their integration into RBAC administration

    Microsoft Academic Search

    Axel Kern; Martin Kuhlmann; Rainer Kuropka; Andreas Ruthert

    2004-01-01

    This paper presents a new concept for efficient access rights administration and access control. It focuses on the special requirements of application security and reflects experiences from the implementation of security for large industry application systems. Application security shows a considerable inherent complexity due to the large number of combinations of objects and processes for which access rights must be

  4. X-ray imaging for security applications

    NASA Astrophysics Data System (ADS)

    Evans, J. Paul

    2004-01-01

    The X-ray screening of luggage by aviation security personnel may be badly hindered by the lack of visual cues to depth in an image that has been produced by transmitted radiation. Two-dimensional "shadowgraphs" with "organic" and "metallic" objects encoded using two different colors (usually orange and blue) are still in common use. In the context of luggage screening there are no reliable cues to depth present in individual shadowgraph X-ray images. Therefore, the screener is required to convert the 'zero depth resolution' shadowgraph into a three-dimensional mental picture to be able to interpret the relative spatial relationship of the objects under inspection. Consequently, additional cognitive processing is required e.g. integration, inference and memory. However, these processes can lead to serious misinterpretations of the actual physical structure being examined. This paper describes the development of a stereoscopic imaging technique enabling the screener to utilise binocular stereopsis and kinetic depth to enhance their interpretation of the actual nature of the objects under examination. Further work has led to the development of a technique to combine parallax data (to calculate the thickness of a target material) with the results of a basis material subtraction technique to approximate the target's effective atomic number and density. This has been achieved in preliminary experiments with a novel spatially interleaved dual-energy sensor which reduces the number of scintillation elements required by 50% in comparison to conventional sensor configurations.

  5. Wireless structural monitoring for homeland security applications

    NASA Astrophysics Data System (ADS)

    Kiremidjian, Garo K.; Kiremidjian, Anne S.; Lynch, Jerome P.

    2004-07-01

    This paper addresses the development of a robust, low-cost, low power, and high performance autonomous wireless monitoring system for civil assets such as large facilities, new construction, bridges, dams, commercial buildings, etc. The role of the system is to identify the onset, development, location and severity of structural vulnerability and damage. The proposed system represents an enabling infrastructure for addressing structural vulnerabilities specifically associated with homeland security. The system concept is based on dense networks of "intelligent" wireless sensing units. The fundamental properties of a wireless sensing unit include: (a) interfaces to multiple sensors for measuring structural and environmental data (such as acceleration, displacements, pressure, strain, material degradation, temperature, gas agents, biological agents, humidity, corrosion, etc.); (b) processing of sensor data with embedded algorithms for assessing damage and environmental conditions; (c) peer-to-peer wireless communications for information exchange among units(thus enabling joint "intelligent" processing coordination) and storage of data and processed information in servers for information fusion; (d) ultra low power operation; (e) cost-effectiveness and compact size through the use of low-cost small-size off-the-shelf components. An integral component of the overall system concept is a decision support environment for interpretation and dissemination of information to various decision makers.

  6. Distributed Relay Protocol for Probabilistic Information-Theoretic Security in a Randomly-Compromised Network

    E-print Network

    Travis R. Beals; Barry C. Sanders

    2008-08-23

    We introduce a simple, practical approach with probabilistic information-theoretic security to mitigate one of quantum key distribution's major limitations: the short maximum transmission distance (~200 km) possible with present day technology. Our scheme uses classical secret sharing techniques to allow secure transmission over long distances through a network containing randomly-distributed compromised nodes. The protocol provides arbitrarily high confidence in the security of the protocol, with modest scaling of resource costs with improvement of the security parameter. Although some types of failure are undetectable, users can take preemptive measures to make the probability of such failures arbitrarily small.

  7. Noble Gas Excimer Detectors for Security and Safeguards Applications

    SciTech Connect

    Hynes, Michael V.; Lanza, Richard [Nuclear Science and Engineering Department Massachusetts Institute of Technology, Cambridge, MA 02139 (United States); Chandra, Rico; Davatz, Giovanna [Arktis Radiation Detectors, Zurich, CH (Switzerland)

    2011-12-13

    Noble gas excimer detectors are a technology that is common in particle physics research and less common in applications for security and international safeguards. These detectors offer the capability to detect gammas with an energy resolution similar to NaI and to detect neutrons with good energy resolution as well. Depending on the noble gas selected and whether or not it is in a gaseous or liquid state, the sensitivity to gammas and neutrons can be tuned according to the needs of the application. All of this flexibility can be available at a significant cost saving over alternative technologies. This paper will review this detector technology and its applicability to security and safeguards.

  8. THINK: A Secure Distributed Systems Architecture Christophe Rippert Jean-Bernard Stefani

    E-print Network

    Paris-Sud XI, Université de

    THINK: A Secure Distributed Systems Architecture Christophe Rippert Jean-Bernard Stefani LSR Introduction In this paper, we present THINK, our distributed systems architecture, and the research we have The distributed systems architecture THINK is a platform for the development of distributed operating systems ker

  9. Lifetime distributional effects of Social Security retirement benefits.

    PubMed

    Smith, Karen; Toder, Eric; Iams, Howard

    This article presents three measures of the distribution of actual and projected net benefits (benefits minus payroll taxes) from Social Security's Old-Age and Survivors Insurance (OASI) for people born between 1931 and 1960. The results are based on simulations with the Social Security Administration's Model of Income in the Near Term (MINT), which projects retirement income through 2020. The base sample for MINT is the U.S. Census Bureau's Survey of Income and Program Participation panels for 1990 to 1993, matched with Social Security administrative records. The study population is grouped into 5-year birth cohorts and then ranked by economic status in three ways. First, the population is divided into five groups on the basis of individual lifetime covered earnings, and their lifetime present values of OASI benefits received and payroll taxes paid are calculated. By this measure, OASI provides much higher benefits to the lowest quintile of earners than to other groups, but it becomes less redistributive toward lower earners in more recent birth cohorts. Second, people are ranked by shared lifetime covered earnings, and the values of shared benefits received and payroll taxes paid are computed. Individuals are assumed to split covered earnings, benefits, and payroll taxes with their spouses in the years they are married. By the shared covered earnings measure, OASI is still much more favorable to persons in the lower income quintiles, although to a lesser degree than when people are ranked by individual covered earnings. OASI becomes more progressive among recent cohorts, even as net lifetime benefits decline for the entire population. Finally, individuals are ranked on the basis of their shared permanent income from age 62, when they become eligible for early retirement benefits, until death. Their annual Social Security benefits are compared with the benefits they would have received if they had saved their payroll taxes in individual accounts and used the proceeds to buy either of two annuities that provide level payments from age 62 until death: a unisex annuity that is based on the average life expectancy of the birth cohort or an age-adjusted annuity that is based on the worker's own life expectancy. On the permanent income measure, OASI is generally more favorable to people in higher income quintiles. Moreover, it is particularly unfavorable to those in the lowest quintile. Because people in the lowest quintile have a shorter life expectancy, they receive OASI benefits for a shorter period. This group would receive greater benefits in retirement if they invested their payroll taxes in the age-adjusted annuity. OASI is more favorable to them than the unisex annuity, however, OASI is becoming more progressive in that the net benefits it provides drop more rapidly among higher income quintiles than lower ones. This article also examines how OASI affects individuals by educational attainment, race, and sex. On both the lifetime covered earnings and the permanent income measures, OASI is more favorable to workers with less education and more favorable to women. The results by race and ethnicity are mixed. When people are ranked by the present value of their shared lifetime covered earnings, OASI appears more favorable to non-Hispanic blacks and Hispanics than to non-Hispanic whites. When people are ranked by shared permanent income in retirement, however, OASI produces negative returns for both non-Hispanic blacks and non-Hispanic whites in the most recent birth cohorts, with non-Hispanic blacks faring relatively worse. The changes across cohorts occur partly because of changes in tax rates and benefits, but more importantly because of changing demographics and earnings patterns of the workforce. Of particular importance is the increasing share of beneficiaries who receive worker benefits instead of auxiliary benefits as wives or widows. OASI benefits are based on the lifetime covered earnings of current or former married couples, as well as on earned retirement benefits of individuals. The reduced importance of auxil

  10. A security framework for SOA applications in mobile environment

    E-print Network

    Fonseca, Johnneth; Lopes, Denivaldo; Labidi, Sofiane

    2010-01-01

    A Rapid evolution of mobile technologies has led to the development of more sophisticated mobile devices with better storage, processing and transmission power. These factors enable support to many types of application but also give rise to a necessity to find a model of service development. Actually, SOA (Service Oriented Architecture) is a good option to support application development. This paper presents a framework that allows the development of SOA based application in mobile environment. The objective of the framework is to give developers with tools for provision of services in this environment with the necessary security characteristics.

  11. A strategy for the development of secure telemedicine applications.

    PubMed Central

    Raman, R. S.; Reddy, R.; Jagannathan, V.; Reddy, S.; Cleetus, K. J.; Srinivas, K.

    1997-01-01

    Healthcare applications based on computer-supported collaboration technologies have the potential to improve the quality of care delivered to patients. Such applications can help overcome barriers to quality healthcare in the small, scattered populations of rural areas enabling telemedicine to be a part of the practice of medicine. However the growing concern about the potential for abuse through disclosure of personal health information to unauthorized parties has restricted the deployment and adoption of these potentially valuable tools. The authors, who built ARTEMIS--an Intranet healthcare collaboration facility, now describe their approach to develop secure telemedicine applications for rural healthcare practitioners. PMID:9357645

  12. Improving Mobile Application Security via Bridging User Expectations and Application Behaviors

    E-print Network

    Xie, Tao

    , social networking, entertainment, and e-commerce [2]. The increasing popularity of mobile applications of application behaviors and summarize patterns of these security aspects to determine what applications do's be- haviors such as information flows, and attempt to summarize patterns of malicious behaviors from

  13. Secure Middleware for Situation-Aware Naval C2 and Combat Systems In Proc. 9th International Workshop on Future Trends of Distributed Computing Systems FTDCS 2003

    E-print Network

    Secure Middleware for Situation-Aware Naval C2 and Combat Systems In Proc. 9th International and Marine Corps for building distributed situation-aware applications that are rapidly recon gurable and sur for constructing situation-aware Command and Con- trol C2 and combat applications. We pay particu- lar attention

  14. Security of Quantum Key Distribution with Realistic Devices

    E-print Network

    Xiongfeng Ma

    2005-03-05

    We simulate quantum key distribution (QKD) experimental setups and give out some improvement for QKD procedures. A new data post-processing protocol is introduced, mainly including error correction and privacy amplification. This protocol combines the ideas of GLLP and the decoy states, which essentially only requires to turn up and down the source power. We propose a practical way to perform the decoy state method, which mainly follows the idea of Lo's decoy state. A new data post-processing protocol is then developed for the QKD scheme with the decoy state. We first study the optimal expected photon number mu of the source for the improved QKD scheme. We get the new optimal mu=O(1) comparing with former mu=O(eta), where eta is the overall transmission efficiency. With this protocol, we can then improve the key generation rate from quadratic of transmission efficiency O(eta2) to O(eta). Based on the recent experimental setup, we obtain the maximum secure transmission distance of over 140 km.

  15. Secure Online Examination Architecture Based on Distributed Firewall

    Microsoft Academic Search

    Chi-chien Pan; Kai-hsiang Yang; Tzao-lin Lee

    2004-01-01

    Online (Web-based) examination is an effective solution for mass education evaluation. However, due to the incomplete of network security, students can communicate with each other, and we can't prevent the cheating. Therefore, keeping the security of a online examination has become an important issue. This paper focuses on how to implement a secure environment for online-examination in the general academic

  16. Higher Dependability and Security for Mobile Applications

    Microsoft Academic Search

    Hongxia Jin

    2006-01-01

    \\u000a In this paper, we are concerned with the detection software faults and tampering of the mobile application as well as the\\u000a mobile device theft. We want to disable mobile device cryptographically once either of these problems are detected. Basically\\u000a the device needs to receive a new cryptographic key after each pre-set period of time in order to continue function. The

  17. Ensuring ePortfolio data remains personal in next generation distributed and open computing applications

    Microsoft Academic Search

    T. Kirkham; S. Winfield; S. Wood; K. Coolin; A. Smallwood; Q. Reul

    2010-01-01

    Personal data privacy and security is a concern for users and legislators alike. The use of data in social networking and applications that aggregate often personal data in a variety of contexts is expanding. Users need tools and application frameworks to enable the monitoring and control of their personal data in these distributed computing environments. The TAS3 project is developing

  18. Potential National Security Applications of Nuclear Resonance Fluorescence Methods

    SciTech Connect

    Warren, Glen A.; Peplowski, Patrick N.; Caggiano, Joseph A.

    2009-06-09

    The objective of this report is to document the initial investigation into the possible research issues related to the development of NRF-based national security applications. The report discusses several potential applications ranging from measuring uranium enrichment in UF6 canisters to characterization of gas samples. While these applications are varied, there are only a few research issues that need to be addressed to understand the limitation of NRF in solving these problems. These research issues range from source and detector development to measuring small samples. The next effort is to determine how best to answer the research issues, followed by a prioritization of those questions to ensure that the most important are addressed. These issues will be addressed through either analytical calculations, computer simulations, analysis of previous data or collection of new measurements. It will also be beneficial to conduct a thorough examination of a couple of the more promising applications in order to develop concrete examples of how NRF may be applied in specific situations. The goals are to develop an understanding of whether the application of NRF is limited by technology or physics in addressing national security applications, to gain a motivation to explore those possible applications, and to develop a research roadmap so that those possibilities may be made reality.

  19. Quantum key distribution with unconditional security for all optical fiber network

    E-print Network

    Osamu Hirota; Kentaro Kato; Masaki Shoma; Tsuyoshi Sasaki Usuda

    2003-08-01

    In this paper, we present an efficient implementation method of physical layer of Y-00 which can support a secure communication and a quantum key distribution (more generally key expansion) by IMDD(intensity modulation/direct detection) or FSK(frequency shift keying)optical fiber communication network. Although the general proof of the security is not yet given, a brief sketch of security analysis is shown, which involve an entanglement attack.

  20. The physical underpinning of security proofs for quantum key distribution

    Microsoft Academic Search

    Jean Christian Boileau

    2007-01-01

    The dawn of quantum technology unveils a plethora of new possibilities and challenges in the world of information technology, one of which is the quest for secure information transmission. A breakthrough in classical algorithm or the development of a quantum computer could threaten the security of messages encoded using public key cryptosystems based on one-way function such as RSA. Quantum

  1. 17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ...application for registration as a securities information processor or to amend such...Registration of, and Reporting by Securities Information Processors § 249.1001...application for registration as a securities information processor or to amend...

  2. 17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ...application for registration as a securities information processor or to amend such...Registration of, and Reporting by Securities Information Processors § 249.1001...application for registration as a securities information processor or to amend...

  3. 17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ...application for registration as a securities information processor or to amend such...Registration of, and Reporting by Securities Information Processors § 249.1001...application for registration as a securities information processor or to amend...

  4. Nanomaterials and their application to defense and homeland security

    Microsoft Academic Search

    John G. Reynolds; Bradley R. Hart

    2004-01-01

    A critical issue to homeland security and defense is the development of broad range collectors and detectors of weapons of\\u000a mass destruction. Nanoscience and nanotechnology are increasingly important in the area of such separation and detection.\\u000a This article presents an overview of the research at the Forensic Science Center at Lawrence Livermore National Laboratory\\u000a to develop nanostructured materials for applications

  5. Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

    NASA Astrophysics Data System (ADS)

    Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

    The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

  6. A Web-Based Secure System for the Distributed Printing of Documents and Images

    Microsoft Academic Search

    Ping Wah Wong; Daniel Tretter; Thomas Kite; Qian Lin; Hugh Nguyen

    1999-01-01

    We propose and consider a secure printing system for the distributed printing of documents and images over the World Wide Web. The main feature of the system is that it allows previewing and printing of selected documents and images, where only a certain number of hardcopies can be generated based on an agreed payment. The security of the system resides

  7. Towards Energy-Efficient Secure Communications Using Biometric Key Distribution in Wireless Biomedical Healthcare Networks

    Microsoft Academic Search

    Jinyang Shi; Kwok-Yan Lam; Ming Gu; Mingze Li; Siu-Leung Chung

    2009-01-01

    Wireless body sensor network (WBSN) has gained significant interests as an important infrastructure for the realtime biomedical healthcare system, while the security of the sensitive health information becomes one of the main challenges. Due to the crucial constraints of low power in the sensors, traditional security mechanisms and key distribution schemes are not suitable for WBSN. In this paper, we

  8. An Analysis of Ethics as Foundation of Information Security in Distributed Systems

    Microsoft Academic Search

    Jussipekka Leiwo; Seppo Heikkuri

    1998-01-01

    Security of distributed systems requires both technical and administrative foundations. Technical foundation is based on cryptographic measures and access control models, and is considerable well understood. Administrative foundation is based on several non- technical layers added on top of technical communication protocols. Several models for secure interconnection of information systems suggest common ethics to be the uppermost layer and base

  9. Enforceable and Verifiable Stale-Safe Security Properties in Distributed Systems

    E-print Network

    Texas at San Antonio, University of

    Enforceable and Verifiable Stale-Safe Security Properties in Distributed Systems JIANWEI NIU of authorization state are not globally synchronized. This problem is so intrinsic that it is inevitable an access these SMs can be designed so as to satisfy the stale-safe security properties. Next, we formally verify

  10. Security proof of differential phase shift quantum key distribution in the noiseless case

    Microsoft Academic Search

    Yi-Bo Zhao; Chi-Hang Fred Fung; Zheng-Fu Han; Guang-Can Guo

    2008-01-01

    Differential phase shift quantum key distribution systems have a high potential for achieving high speed key generation. However, its unconditional security proof is still missing, even though it has been proposed for many years. Here, we prove its security against collective attacks with a weak coherent light source in the noiseless case (i.e., no bit error). The only assumptions are

  11. Security proof of differential phase shift quantum key distribution in the noiseless case

    Microsoft Academic Search

    Yi-Bo Zhao

    2009-01-01

    Differential phase shift quantum key distribution systems have a high potential for achieving high speed key generation. However, its unconditional security proof is still missing, even though it has been proposed for many years. Here, we prove its security against collective attacks with a weak coherent light source in the noiseless case (i.e. no bit error). The only assumptions are

  12. Towards a Pattern Language for Security Risk Analysis of Web Applications

    E-print Network

    Střlen, Ketil

    Towards a Pattern Language for Security Risk Analysis of Web Applications Yan Li, SINTEF ICT This article introduces a pattern language for security risk analysis of web applications in an example driven. The pattern language is intended to be used as a guideline to capture the security risk picture of a web

  13. From Languages to Systems: Understanding Practical Application Development in Security-typed Languages

    E-print Network

    McDaniel, Patrick Drew

    in this paper, we have devel- oped the first real-world, security-typed application: a se- cure email systemFrom Languages to Systems: Understanding Practical Application Development in Security Security Laboratory (SIIS) Computer Science and Engineering, Pennsylvania State University {phicks

  14. A Framework for Automated Security Testing of Android Applications on the Cloud

    E-print Network

    Stavrou, Angelos

    A Framework for Automated Security Testing of Android Applications on the Cloud Sam Malek, Naeem of applications submitted to the market. The problem is that security testing is generally a manual, expensive the analysts in testing the security of Android apps. The framework is comprised of a tool-suite that given

  15. Towards a Property-based Testing Environment with Applications to Security-Critical Software

    E-print Network

    California at Davis, University of

    Towards a Property-based Testing Environment with Applications to Security-Critical Software George security are indicated. Security is an im- portant application of property-based testing be- cause g nk@cs.ucdavis.edu Abstract We consider an approach to testing that combines white-box and black

  16. CO3097 Programming Secure and Distributed Systems Credits: 20 Convenor: Dr. S. Yang Semester: 1st

    E-print Network

    Yang, Shengxiang

    CO3097 Programming Secure and Distributed Systems Credits: 20 Convenor: Dr. S. Yang Semester: 1st delivered in lectures with practicals involving students implementing distributed systems in Java. Hence as found in CO2006 will aid the design of distributed systems. Course Description The internet has caused

  17. Transmission pricing of distributed multilateral energy transactions to ensure system security and guide economic dispatch

    E-print Network

    Ilic, Marija D.

    2002-01-01

    In this paper we provide a simulations-based demonstration of a hybrid electricity market that combines the distributed competitive advantages of decentralized markets with the system security guarantees of centralized ...

  18. Enabling Secure Secret Updating for Unidirectional Key Distribution in RFID-Enabled Supply Chains

    Microsoft Academic Search

    Shaoying Cai; Tieyan Li; Changshe Ma; Yingjiu Li; Robert Huijie DENG

    2009-01-01

    In USENIX Security 08, Juels, Pappu and Parno proposed a secret sharing based mechanism to alleviate the key distribution\\u000a problem in RFID-enabled supply chains. Compared to existing pseudonym based RFID protocols, the secret sharing based solution\\u000a is more suitable for RFID-enabled supply chains since it does not require a database of keys be distributed among supply chain\\u000a parties for secure

  19. Integrating CLIPS applications into heterogeneous distributed systems

    NASA Technical Reports Server (NTRS)

    Adler, Richard M.

    1991-01-01

    SOCIAL is an advanced, object-oriented development tool for integrating intelligent and conventional applications across heterogeneous hardware and software platforms. SOCIAL defines a family of 'wrapper' objects called agents, which incorporate predefined capabilities for distributed communication and control. Developers embed applications within agents and establish interactions between distributed agents via non-intrusive message-based interfaces. This paper describes a predefined SOCIAL agent that is specialized for integrating C Language Integrated Production System (CLIPS)-based applications. The agent's high-level Application Programming Interface supports bidirectional flow of data, knowledge, and commands to other agents, enabling CLIPS applications to initiate interactions autonomously, and respond to requests and results from heterogeneous remote systems. The design and operation of CLIPS agents are illustrated with two distributed applications that integrate CLIPS-based expert systems with other intelligent systems for isolating and mapping problems in the Space Shuttle Launch Processing System at the NASA Kennedy Space Center.

  20. Security Applications of Diodes with Unique Current-Voltage Characteristics

    NASA Astrophysics Data System (ADS)

    Rührmair, Ulrich; Jaeger, Christian; Hilgers, Christian; Algasinger, Michael; Csaba, György; Stutzmann, Martin

    Diodes are among the most simple and inexpensive electric components. In this paper, we investigate how random diodes with irregular I(U) curves can be employed for crypto and security purposes. We show that such diodes can be used to build Strong Physical Unclonable Functions (PUFs), Certificates of Authenticity (COAs), and Physically Obfuscated Keys (POKs), making them a broadly usable security tool. We detail how such diodes can be produced by an efficient and inexpensive method known as ALILE process. Furthermore, we present measurement data from real systems and discuss prototypical implementations. This includes the generation of helper data as well as efficient signature generation by elliptic curves and 2D barcode generation for the application of the diodes as COAs.

  1. Preliminary field evaluation of solid state cameras for security applications

    SciTech Connect

    Murray, D.W.

    1987-07-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. The results of these tests as well as a description of the test equipment, test sites, and procedures are presented in this report.

  2. LAVA: Secure Delegation of Mobile Applets: Design, Implementation, and Applications

    Microsoft Academic Search

    Jatin N. Hansoty; Mladen A. Vouk; Shyhtsun Felix Wu

    1997-01-01

    Mobile agents are tasks or processes which can be autonomously delegated or transferred from one network node to another. This distributed computing paradigm is modern and powerful. Many network-based applications have been developed or designed under this model. The application areas include, for example, intelligent agent, network and system management, web-based mobile applets, electronic commerce and more recently, active networking.

  3. Intelligent Facial Recognition Systems: Technology advancements for security applications

    SciTech Connect

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  4. Interactive multimedia streams in distributed applications

    Microsoft Academic Search

    Edouard Lamboray; Aaron Zollinger; Oliver G. Staadt; Markus H. Gross

    2003-01-01

    Distributed multimedia applications typically handle two different types of communication: request\\/reply interaction for control information as well as real-time streaming data. The CORBA Audio\\/Video Stream- ing Service provides a promising framework for the efficient development of such applications. In this paper, we discuss the CORBA-based design and implementation of Campus TV, a distributed television studio architecture. We analyze the performance

  5. WATER DISTRIBUTION SYSTEM OPERATION: APPLICATION OF

    E-print Network

    Mays, Larry W.

    CHAPTER 5 WATER DISTRIBUTION SYSTEM OPERATION: APPLICATION OF SIMULATED ANNEALING Fred E. Goldman Arizona State University, Tempe, Arizona 5.1 INTRODUCTION The operation of water distribution systems affects the water quality in these systems. EPA regulations require that water quality be maintained

  6. Detection of stable properties in distributed applications

    Microsoft Academic Search

    Jean-Michael Helary; Claude Jard; Noël Plouzeau; Michel Raynal

    1987-01-01

    When evaluated to true, a stable property remains true forever. Such a stable property may character- ize important states of a computation. This is the case of deadlocked or terminated computations. In this paper we expose a general algorithm for the dis- tributed detection of stable properties in distributed applications or systems. This distributed algorithm deals with every stable property

  7. Call for Papers Distributed Media Technologies and Applications

    E-print Network

    Lau, W. H. Nynson

    Call for Papers Distributed Media Technologies and Applications Special Issue of IEEE Transactions call for papers that present recent development on distributed media technologies, distributed media for original papers that describe novel distributed media technologies and their applications. We

  8. Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2007-01-01

    This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

  9. Multimedia building blocks for distributed applications

    Microsoft Academic Search

    J. Christian Fritzsche; J. W. Goethe

    1996-01-01

    Building blocks for multimedia integration into distributed applications are special components decorated with three types of interfaces: first, the management interface for access to application management, resource reservation and so on; second, the data interface as data sink or data source for multimedia data communication; third, the user control interface to connect the building block to control the multimedia functions

  10. Application of the Open Software Foundation (OSF)distributed computing environment to global PACS

    NASA Astrophysics Data System (ADS)

    Martinez, Ralph; Alsafadi, Yasser H.; Kim, Jinman

    1994-05-01

    In this paper, we present our approach to developing Global Picture Archiving and Communication System (GPACS) applications using the Open Software Foundation (OSF) Distributed Computing Environment (DCE) services and toolkits. The OSF DCE services include remote procedure calls, naming service, threads service, time service, file management services, and security service. Several OSF DCE toolkits are currently available from computer and software vendors. Designing distributed Global PACS applications using the OSF DCE approach will feature an open architecture, heterogeneity, and technology independence for GPACS remote consultation and diagnosis applications, including synchronized image annotation, and system privacy and security. The applications can communicate through various transport services and communications networks in a Global PACS environment. The use of OSF DCE services for Global PACS will enable us to develop a robust distributed structure and new user services which feature reliability and scalability for Global PACS environments.

  11. A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications

    NASA Astrophysics Data System (ADS)

    Badan, Stephen; Probst, Julien; Jaton, Markus; Vionnet, Damien; Wagen, Jean-Frédéric; Litzistorf, Gérald

    Contact lists, Emails, SMS or custom applications on a professional smartphone could hold very confidential or sensitive information. What could happen in case of theft or accidental loss of such devices? Such events could be detected by the separation between the smartphone and a Bluetooth companion device. This event should typically block the applications and delete personal and sensitive data. Here, a solution is proposed based on a secured framework application running on the mobile phone as a rich client connected to a security server. The framework offers strong and customizable authentication and secured connectivity. A security server manages all security issues. User applications are then loaded via the framework. User data can be secured, synchronized, pushed or pulled via the framework. This contribution proposes a convenient although secured environment based on a client-server architecture using external authentications. Several features of the proposed system are exposed and a practical demonstrator is described.

  12. Using Science Driven Technologies for the Defense and Security Applications

    NASA Technical Reports Server (NTRS)

    Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

    2004-01-01

    For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

  13. Dynamic multi-process information flow tracking for web application security

    Microsoft Academic Search

    Susanta Nanda; Lap-chung Lam; Tzi-cker Chiueh

    2007-01-01

    Although there is a large body of research on detection and prevention of such memory corruption attacks as buer overflow, integer overflow, and format string attacks, the web application security prob- lem receives relatively less attention from the research community by comparison. The majority of web application security problems origi- nate from the fact that web applications fail to perform

  14. Dynamic CPU provisioning for self-managed secure web applications in SMP hosting platforms

    Microsoft Academic Search

    Jordi Guitart; David Carrera; Vicenç Beltran; Jordi Torres; Eduard Ayguadé

    2008-01-01

    Overload control mechanisms such as admission control and connection differentiation have proven effective for pre- venting overload of application servers running secure web applications. However, achieving optimal results in overload prevention is only possible when some kind of resource management is considered in addition to these mechanisms. In this paper we propose an overload control strategy for secure web applications

  15. Secure and Privacy-Preserving Distributed Information Brokering

    ERIC Educational Resources Information Center

    Li, Fengjun

    2010-01-01

    As enormous structured, semi-structured and unstructured data are collected and archived by organizations in many realms ranging from business to health networks to government agencies, the needs for efficient yet secure inter-organization information sharing naturally arise. Unlike early information sharing approaches that only involve a small…

  16. The Security Implication of Multiple Observers in a Distributed System

    Microsoft Academic Search

    Derek P. Ditch; Bruce M. Mcmillin

    2009-01-01

    Confidentiality is an often overlooked, yet crucial point in the security analysis of a system. infrastructures take for granted that confidentiality is maintained through obfuscation by dissemination of information. This dissemination does indeed maintain the confidentiality of the system when only a small portion of the information can be obtained by an outside observer. However, when multiple observers collaboratively make

  17. Design and Implementation of a Secure Distributed Data

    E-print Network

    Garay, Juan A.

    , known as an electronic vault (e­Vault), which stores infor­ mation across a network securely so by a client, the e­Vault returns a receipt to the client which can be used to verify that the document has been properly received by all (correct) servers. The e­Vault disperses information across the servers

  18. A secure distributed key management scheme for ad hoc network

    Microsoft Academic Search

    Yan Xu; Hong Zhong; Xianping Yuan; Jia Yu

    2010-01-01

    An identity-based threshold key management scheme without secure channel is proposed for ad hoc network. The master private key, which is shared among all nodes by the Shamir's secret sharing scheme, is produced by all nodes when network is formed. The nodes' public keys are derived from their identities. In order to get the private key, each node needs to

  19. Secure wireless collection and distribution of commercial airplane health data

    Microsoft Academic Search

    Krishna Sampigethaya; Radha Poovendran; Linda Bushnell; Mingyan Li; Richard Robinson; Scott Lintelman

    2009-01-01

    The introduction of wireless communication capabilities supporting transfer of sensor data and information on-board commercial airplanes as well as between airplanes and supporting ground systems has the potential to significantly improve the safety and efficiency of air travel. The benefits, however, come at the cost of information security vulnerabilities introduced by data networks. Regulatory institutions, including the FAA, are aware

  20. Secure wireless collection and distribution of commercial airplane health data

    Microsoft Academic Search

    Krishna Sampigethaya; Mingyan Li; Radha Poovendran; Richard Robinson; Linda Bushnell; Scott Lintelman

    2007-01-01

    The introduction of wireless communication capabilities supporting transfer of sensor data and information on board commercial airplanes as well as between airplanes and supporting ground systems has the potential to significantly improve the safely and efficiency of air travel. The benefits, however, come at the cost of information security vulnerabilities introduced by data networks. Regulatory institutions, including the FAA, are

  1. Security Metrics Models and Application with SVM in Information Security Management

    Microsoft Academic Search

    Wei Qu; De-Zheng Zhang

    2007-01-01

    In order to understand the achieved information security level in a product, system or organization better, information security managers must be able to get input from security objects. The use of information security metrics in certain enterprise, and its relation to the literature is studied. The techniques used in the implementation and analysis of metrics, as well as their usefulness

  2. Security in the CernVM File System and the Frontier Distributed Database Caching System

    NASA Astrophysics Data System (ADS)

    Dykstra, D.; Blomer, J.

    2014-06-01

    Both the CernVM File System (CVMFS) and the Frontier Distributed Database Caching System (Frontier) distribute centrally updated data worldwide for LHC experiments using http proxy caches. Neither system provides privacy or access control on reading the data, but both control access to updates of the data and can guarantee the authenticity and integrity of the data transferred to clients over the internet. CVMFS has since its early days required digital signatures and secure hashes on all distributed data, and recently Frontier has added X.509-based authenticity and integrity checking. In this paper we detail and compare the security models of CVMFS and Frontier.

  3. Information theoretically secure, enhanced Johnson noise based key distribution over the smart grid with switched filters.

    PubMed

    Gonzalez, Elias; Kish, Laszlo B; Balog, Robert S; Enjeti, Prasad

    2013-01-01

    We introduce a protocol with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional radial networks (chain-like power line) which are typical of the electricity distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions. PMID:23936164

  4. Information Theoretically Secure, Enhanced Johnson Noise Based Key Distribution over the Smart Grid with Switched Filters

    PubMed Central

    2013-01-01

    We introduce a protocol with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional radial networks (chain-like power line) which are typical of the electricity distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions. PMID:23936164

  5. The Public Distribution Systems of Foodgrains and Implications for Food Security

    Microsoft Academic Search

    Zhang-Yue Zhou; Guanghua Wan

    A comparative study of the public distribution systems of foodgrains in India and China is expected to reveal lessons and experiences that are valuable to policymakers. This is particularly important for developing countries in their endeavour to ensure food security. This paper undertakes such an exercise. The main features and developments of the two public distribution systems are first highlighted.

  6. Distributed Security System for Intelligent Building Based on Wireless Communication Network

    Microsoft Academic Search

    Liting Cao; Jingwen Tian; Wei Jiang

    2006-01-01

    A distributed security system based on wireless communication technology is presented in this paper. The system adopts distributed structure, which consists of detect sensors, intelligent terminal, alarm devices and wireless communication network. The intelligent terminal which designed based on embedded system is used to realize acquisition information submitted from detect sensors, control the alarm devices and communicate the information to

  7. Security Analysis and Extensions of the PCB Algorithm for Distributed Key Generation

    E-print Network

    Poovendran, Radha

    Security Analysis and Extensions of the PCB Algorithm for Distributed Key Generation Radha these methods is the distributed key generation method proposed by Poovendran, Corson and Baras in [PCB],which we call the PCB scheme in this paper. The PCB scheme made use of modulo arithmetic and generalized

  8. Data Mining for Security Applications Bhavani Thuraisingham, Latifur Khan, Mohammad M. Masud, Kevin W. Hamlen

    E-print Network

    Hamlen, Kevin W.

    on intrusion detection, and cyber-security research. 1. Introduction Ensuring the integrity of computer for cyber security. These applications include but are not limited to malicious code detection by mining, is a growing concern. Security and defense networks, proprietary research, intellectual property, and data

  9. Forward-Secure Hierarchical IBE with Applications to Broadcast Encryption 1

    E-print Network

    Lu, Chang

    Forward-Secure Hierarchical IBE with Applications to Broadcast Encryption 1 Danfeng (Daphne) YAO a. A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme

  10. IDBased Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption

    E-print Network

    ID­Based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption Danfeng Yao # Nelly Fazio + Yevgeniy Dodis + Anna Lysyanskaya # Abstract A forward­secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has

  11. An integrated application of security testing methodologies to e-voting systems

    E-print Network

    Boyer, Edmond

    An integrated application of security testing methodologies to e-voting systems Marco Ramilli of the most appro- priate security testing procedures for various contexts. Their general ap- plicability effective methodology tailored to suit the peculiar needs related to the security testing of e

  12. Semi-device-independent security of one-way quantum key distribution

    E-print Network

    Marcin Pawlowski; Nicolas Brunner

    2011-07-15

    By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being 'device-independent'. Here we ask whether such a strong form of security could also be established for one-way (prepare and measure) QKD. While fully device-independent security is impossible, we show that security can be guaranteed against individual attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are non-characterized, but the dimensionality of the quantum systems used in the protocol is assumed to be bounded. Our security proof relies on the analogies between one-way QKD, dimension witnesses and random-access codes.

  13. Semi-device-independent security of one-way quantum key distribution

    NASA Astrophysics Data System (ADS)

    Paw?owski, Marcin; Brunner, Nicolas

    2011-07-01

    By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being “device-independent.” Here we ask whether such a strong form of security could also be established for one-way (prepare and measure) QKD. While fully device-independent security is impossible, we show that security can be guaranteed against individual attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are noncharacterized, but the dimensionality of the quantum systems used in the protocol is assumed to be bounded. Our security proof relies on the analogies between one-way QKD, dimension witnesses, and random-access codes.

  14. Semi-device-independent security of one-way quantum key distribution

    E-print Network

    Pawlowski, Marcin

    2011-01-01

    By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being 'device-independent'. Here we ask whether such a strong form of security could also be established for one-way QKD. While fully device-independent security is impossible, we show that security can be guaranteed against collective attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are non-characterized, but the dimensionality of the quantum systems used in the protocol is assumed to be bounded. Our security proof relies on the analogies between one-way QKD, dimension witnesses and random-access codes.

  15. Privacy in Distributed Commercial Applications1 Nicolai Kuntze and Carsten Rudolph

    E-print Network

    Boyer, Edmond

    , bandwidth, accounting information and utilization allow the CPs to analyze the market penetration approaches to commercial applications appearing on the market. Some of these approaches involve third content according to their needs in terms of security and distribution strategies. P2P protocols are used

  16. InkTag: Secure Applications on an Untrusted Operating System

    PubMed Central

    Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

    2014-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  17. InkTag: Secure Applications on an Untrusted Operating System.

    PubMed

    Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

    2013-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  18. Unconditionally Secure Homomorphic Pre-distributed Bit Commitment and Secure Two-Party Computations

    Microsoft Academic Search

    Anderson C. A. Nascimento; Jörn Müller-quade; Akira Otsuka; Goichiro Hanaoka; Hideki Imai

    2003-01-01

    We study the problem of secure function evaluation in the so called commodity based cryptography model as proposed by Beaver in his STOC 97 paper. We propose very efficient protocols for implement- ing addition and multiplication over GF (q). Differently than in previous works, in our protocol each step of the computation is verifiable. More- over, no copying of commitments

  19. Shor and Preskill's and Mayers's security proof for the BB84 quantum key distribution protocol

    Microsoft Academic Search

    D. Mayers

    2002-01-01

    :   We review two security proofs for the BB84 quantum key distribution protocol: Mayers's security proof and the more recent\\u000a proof of Shor and Preskill. We focus on the basic principles and the intuition in Mayers's proof instead of technical details.\\u000a We present a variation on Shor's and Preskill's proof which is convenient for purpose of comparison. We explain the

  20. Information-theoretic security proof for quantum-key-distribution protocols

    Microsoft Academic Search

    Renato Renner; Nicolas Gisin; Barbara Kraus

    2005-01-01

    We present a technique for proving the security of quantum-key-distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols,

  1. Privacy and Security Enhanced Offline Oblivious Transfer for Massive Data Distribution

    Microsoft Academic Search

    Ickjai Lee; Hossein Ghodosi

    2006-01-01

    \\u000a Unauthorized accesses to digital contents are serious threats to international security and informatics. We propose an offline\\u000a oblivious data distribution framework that preserves the sender’s security and the receiver’s privacy using tamper-proof smart\\u000a cards. This framework provides persistent content protections from digital piracy and promises private content consumption.

  2. How to write application code even a security auditor could love

    SciTech Connect

    Barlich, G.L.

    1989-01-01

    In the past the application programmer was frequently isolated from the computer security professional. The target machine might have various access controls and security plans, but when the programmer delivered a new application, it was rarely scrutinized from a security standpoint. Security reviews of application code are now being used to overcome this apparent oversight, but these reviews are often hampered by a lack of knowledge among programmers of techniques that make code secure and facilitate security analysis of the code. This paper informally describes fifteen general principles for producing good code that is easily reviewed. This paper is not a formal guideline, but is intended as an inside view of how one reviewer looks at code from a security standpoint.

  3. Collective attacks and unconditional security in continuous variable quantum key distribution.

    PubMed

    Grosshans, Frédéric

    2005-01-21

    We present here an information theoretic study of Gaussian collective attacks on the continuous variable key distribution protocols based on Gaussian modulation of coherent states. These attacks, overlooked in previous security studies, give a finite advantage to the eavesdropper in the experimentally relevant lossy channel, but are not powerful enough to reduce the range of the reverse reconciliation protocols. Secret key rates are given for the ideal case where Bob performs optimal collective measurements, as well as for the realistic cases where he performs homodyne or heterodyne measurements. We also apply the generic security proof of Christiandl et al. to obtain unconditionally secure rates for these protocols. PMID:15698157

  4. Unconditional security proof of a deterministic quantum key distribution with a two-way quantum channel

    SciTech Connect

    Lu Hua [State Key Laboratory of Magnetics Resonances and Atomic and Molecular Physics, Wuhan Institute of Physics and Mathematics, Chinese Academy of Sciences, Wuhan 430071 (China); Department of Mathematics and Physics, Hubei University of Technology, Wuhan 430068 (China); Fung, Chi-Hang Fred [Department of Physics and Center of Computational and Theoretical Physics, University of Hong Kong, Pokfulam Road (Hong Kong); Ma Xiongfeng [Center for Quantum Information and Quantum Control, Department of Physics, University of Toronto, Toronto, M5S 1A7 (Canada); Cai Qingyu [State Key Laboratory of Magnetics Resonances and Atomic and Molecular Physics, Wuhan Institute of Physics and Mathematics, Chinese Academy of Sciences, Wuhan 430071 (China)

    2011-10-15

    In a deterministic quantum key distribution (DQKD) protocol with a two-way quantum channel, Bob sends a qubit to Alice who then encodes a key bit onto the qubit and sends it back to Bob. After measuring the returned qubit, Bob can obtain Alice's key bit immediately, without basis reconciliation. Since an eavesdropper may attack the qubits traveling on either the Bob-Alice channel or the Alice-Bob channel, the security analysis of DQKD protocol with a two-way quantum channel is complicated and its unconditional security has been controversial. This paper presents a security proof of a single-photon four-state DQKD protocol against general attacks.

  5. Enabling secure, distributed collaborations for adrenal tumor research.

    PubMed

    Stell, Anthony; Sinnott, Richard; Jiang, Jipu

    2010-01-01

    Many e-Health strategies rely on the secure integration of datasets that have previously resided in isolated locations, but can now in principle be accessed over the Internet. Of paramount importance in the health domain is the need for the security and privacy of data that is transmitted across these networks. One such collaboration, which spans several specialist centres across France, Germany, Italy and the UK, is ENSAT - the European Network for the Study of Adrenal Tumors. The rarity of the tumors under study means the value of accessing, aggregating and comparing data from many centres is great indeed. However this is especially challenging given that ENSAT require clinical and genomic data to be seamlessly linked, but in such a way that the information governance, ethics and privacy concerns of the patients and associated stakeholders involved are visibly satisfied. Key to this is the clear separation of clinical and genomic data sets and support for rigorous patient-identity protecting access control. This is especially challenging when such data sets exist across different organisational boundaries. In this paper we describe a prototype solution offering a security-oriented tailored portal supported by a layered encryption-driven linkage technology (VANGUARD) that offers precisely such patient-privacy protecting capabilities. We describe the architecture, implementation and use to date of this facility to support the ENSAT adrenal cancer research network. PMID:20543447

  6. Secure PVM

    SciTech Connect

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  7. Multilateral Security in Mobile Applications and Location Based Services

    Microsoft Academic Search

    Mario Hoffmann; Jan Peters; Ulrich Pinsdorf

    Due to the many current weaknesses of security mechanisms in mobile technology, location based services essentially depend on security aware middleware and reliable multilateral security concepts. Neither the latest operating systems of mobile devices nor current concepts in wireless communication GPRS, WLAN, or Bluetooth meet the security requirements needed to establish sustainable trust between consumers and producers. This paper presents

  8. The Data and Application Security and Privacy (DASPY) Challenge

    E-print Network

    Sandhu, Ravi

    for Cyber Security Executive Director and Endowed Chair March 29, 2012 ravi.sandhu@utsa.edu www and Privacy (DASPY) Challenge . Ravi Sandhu Institute for Cyber Security 1 and Endowed Chair March 29, 2012 growing But not securable by academically taught cyber security not studied as a success story The ATM

  9. Service for secure and protected applications in Collaborative Learning Environments

    Microsoft Academic Search

    Thiago de Medeiros Gualberto; Sérgio Donizetti Zorzo

    2010-01-01

    This paper presents a service which offers security through Web Services technology and offers its services to meet security requirements of Collaborative Learning environment. The use of Web Services to offer security in Collaborative Learning environments complements the functionalities of such environments, that is, it is not limited to the platforms in which the client system was developed. This security

  10. Game Theory for Security: Lessons Learned from Deployed Applications

    Microsoft Academic Search

    M. Tambe

    2010-01-01

    Security at major locations of economic or political importance or transportation or other infrastructure is a key concern around the world, particularly given the threat of terrorism. Limited security resources prevent full security coverage at all times; instead, these limited resources must be deployed intelligently taking into account differences in priorities of targets requiring security coverage, the responses of the

  11. Security Issues in Wireless Sensor Networks

    Microsoft Academic Search

    Zoran S. Bojkovic; Bojan M. Bakmaz; Miodrag R. Bakmaz

    2008-01-01

    This work deals with some security issues over wireless sensor networks (WSNs). A survey of recent trends in general security requirements, typical security treats, intrusion detection system, key distribution schemes and target localization is presented. In order to facilitate applications that require packet delivery from one or more senders to multiple receivers, provisioning security in group communications is pointed out

  12. T3: Secure, Scalable, Distributed Data Movement and Remote System Control for Enterprise Level Cyber Security

    SciTech Connect

    Thomas, Gregory S.; Nickless, William K.; Thiede, David R.; Gorton, Ian; Pitre, Bill J.; Christy, Jason E.; Faultersack, Elizabeth M.; Mauth, Jeffery A.

    2009-07-20

    Enterprise level cyber security requires the deployment, operation, and monitoring of many sensors across geographically dispersed sites. Communicating with the sensors to gather data and control behavior is a challenging task when the number of sensors is rapidly growing. This paper describes the system requirements, design, and implementation of T3, the third generation of our transport software that performs this task. T3 relies on open source software and open Internet standards. Data is encoded in MIME format messages and transported via NNTP, which provides scalability. OpenSSL and public key cryptography are used to secure the data. Robustness and ease of development are increased by defining an internal cryptographic API, implemented by modules in C, Perl, and Python. We are currently using T3 in a production environment. It is freely available to download and use for other projects.

  13. Web-Based Training Applications in Safeguards and Security

    SciTech Connect

    Lopez, R.L.

    1999-05-21

    The U.S. Department of Energy (DOE) requires all employees who hold a security clearance and have access to classified information and/or special nuclear material to be trained in the area of Safeguards and Security. Since the advent of the World Wide Web, personnel who are responsible for training have capitalized on this communication medium to develop and deliver Web-based training. Unlike traditional computer based training where the student was required to find a workstation where the training program resided, one of Web-based training strongest advantage is that the training can be delivered right to the workers desk top computer. This paper will address reasons for the driving forces behind the utilization of Web-based training at the Laboratory with a brief explanation of the different types of training conducted. Also discussed briefly is the different types of distance learning used in conjunction with Web-based training. The implementation strategy will be addressed and how the Laboratory utilized a Web-Based Standards Committee to develop standards for Web-based training applications. Web-based problems resulting from little or no communication between training personnel across the Laboratory will be touched on and how this was solved. Also discussed is the development of a ''Virtual Training Center'' where personnel can shop on-line for their training needs. Web-based training programs within the Safeguards and Security arena will be briefly discussed. Specifically, Web-based training in the area of Materials Control and Accountability will be explored. A Web-based example of what a student would experience during a training session is also discussed. A short closing statement of what the future of Web-based Training holds in the future is offered.

  14. Security of quantum key distribution with entangled photons against individual attacks Edo Waks, Assaf Zeevi, and Yoshihisa Yamamoto*

    E-print Network

    Waks, Edo

    ,3 . The security of all of these protocols relies on the impossibility of measuring the wave function of a quantum an eavesdropper can observe. A test of Bell's inequality could then provide a statement of security againstSecurity of quantum key distribution with entangled photons against individual attacks Edo Waks

  15. Test of radiation detectors used in homeland security applications.

    PubMed

    Pibida, L; Minniti, R; O'Brien, M; Unterweger, M

    2005-05-01

    This work was performed as part of the National Institute of Standards and Technology (NIST) program to support the development of the new American National Standards Institute (ANSI) standards N42.32-2003 and N42.33-2003 for hand-held detectors, and personal electronic dosimeters, as well as to support the Office of Law Enforcement Standards (OLES) and the Department of Homeland Security (DHS) in testing these types of detectors for their use by first responders. These instruments are required to operate over a photon energy range of 60 keV to 1.33 MeV and over a wide range of air-kerma rates. The performance and response of various radiation detectors, purchased by the NIST, was recorded when placed in 60Co, 137Cs, and x-ray beams at different air-kerma rates. The measurements described in this report were performed at the NIST x-ray and gamma-ray radiation calibration facilities. The instruments' response (exposure or dose rate readings) shows strong energy dependence but almost no dependence to different air-kerma rates. The data here reported provide a benchmark in support of current protocols that are being developed for radiation detection instrumentation used in homeland security applications. A future plan is to test these devices, plus other commercially available detectors, against ANSI standards N42.32-2003 and N42.33-2003. PMID:15824588

  16. Moving from the design of usable security technologies to the design of useful secure applications

    Microsoft Academic Search

    D. K. Smetters; R. E. Grinter

    2002-01-01

    Recent results from usability studies of security systems have shown that end-users find them difficult to adopt and use. In this paper we argue that improving the usability of security technology is only one part of the problem, and that what is missed is the need to design usable and useful systems that provide security to end-users in terms of

  17. Security Checkpoint Optimizer (SCO): an application for simulating the operations of airport security checkpoints

    Microsoft Academic Search

    Diane Wilson; Eric K. Roe; S. Annie So

    2006-01-01

    For most security planners, a key challenge is to continu- ously evaluate how changes or additions to their facilities or procedures impact security effectiveness, operational costs, and passenger throughput. Each change must be analyzed to ensure negative effects do not outweigh the benefits. This paper presents Security Checkpoint Opti- mizer (SCO), a 2-D spatially aware discrete event simula- tion tool

  18. Security Checkpoint Optimizer (SCO): An Application for Simulating the Operations of Airport Security Checkpoints

    Microsoft Academic Search

    D. Wilson; E. K. Roe; S. A. So

    2006-01-01

    For most security planners, a key challenge is to continuously evaluate how changes or additions to their facilities or procedures impact security effectiveness, operational costs, and passenger throughput. Each change must be analyzed to ensure negative effects do not outweigh the benefits. This paper presents security checkpoint optimizer (SCO), a 2-D spatially aware discrete event simulation tool developed by Northrop

  19. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    20 ? Employees' Benefits ? 2 ? 2012-04-01 ? 2012-04-01 ? false ? Applications and other forms used in Social Security Administration programs. ? 422.501 ? Section 422.501 ? Employees' Benefits ? SOCIAL SECURITY ADMINISTRATION ? ORGANIZATION AND PROCEDURES ? Applications and Related Forms ?...

  20. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    20 ? Employees' Benefits ? 2 ? 2014-04-01 ? 2014-04-01 ? false ? Applications and other forms used in Social Security Administration programs. ? 422.501 ? Section 422.501 ? Employees' Benefits ? SOCIAL SECURITY ADMINISTRATION ? ORGANIZATION AND PROCEDURES ? Applications and Related Forms ?...

  1. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    20 ? Employees' Benefits ? 2 ? 2013-04-01 ? 2013-04-01 ? false ? Applications and other forms used in Social Security Administration programs. ? 422.501 ? Section 422.501 ? Employees' Benefits ? SOCIAL SECURITY ADMINISTRATION ? ORGANIZATION AND PROCEDURES ? Applications and Related Forms ?...

  2. Choice of Secure Routing Protocol for Applications in Wireless Sensor Networks

    Microsoft Academic Search

    Jiang Du; Su Peng

    2009-01-01

    Recently, with the development of wireless sensor networks (WSNs), many new routing protocols have been designed for WSNs. Routing protocols in WSNs, however, might differ depending on the application and network architecture. Furthermore, WSNs are exposed to numerous routing security threats. Therefore, it is headachy for us to choose secure routing protocols for application in WSNs. In respect that the

  3. A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker

    Microsoft Academic Search

    Ian Goldberg; David Wagner; Randi Thomas; Eric Brewer

    1996-01-01

    Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises significant security concerns. Therefore, it is desirable to create a secure environment to contain untrusted helper

  4. TR-IIS-05-012 An Application-layer Security

    E-print Network

    Chen, Sheng-Wei

    of Information Science, Academia Sinica, Taiwan in 2004. #12;An Application-layer Security Control for Real, Ming Chuan University wangch@mcu.edu.tw Institute of Information Science, Academia Sinica. hohoTR-IIS-05-012 An Application-layer Security Control for Real-time Video Streaming Chia-Hui Wang

  5. 20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ...20 Employees' Benefits 2 2010-04-01...2010-04-01 false Applications and other forms used in Social...501 Employees' Benefits SOCIAL SECURITY...AND PROCEDURES Applications and Related Forms § 422.501...

  6. Bivariate generalized Poisson distribution with some applications

    Microsoft Academic Search

    Felix Famoye; P. C. Consul

    1995-01-01

    The univariate generalized Poisson probability model has many applications in various areas such as engineering, manufacturing, survival analysis, genetic, shunting accidents, queuing, and branching processes. A correlated bivariate version of the univariate generalized Poisson distribution is defined and studied. Estimation of its parameters and some of its properties are also discussed.

  7. A Geospatial Integrated Problem Solving Environment for Homeland Security Applications

    SciTech Connect

    Koch, Daniel B [ORNL

    2010-01-01

    Effective planning, response, and recovery (PRR) involving terrorist attacks or natural disasters come with a vast array of information needs. Much of the required information originates from disparate sources in widely differing formats. However, one common attribute the information often possesses is physical location. The organization and visualization of this information can be critical to the success of the PRR mission. Organizing information geospatially is often the most intuitive for the user. In the course of developing a field tool for the U.S. Department of Homeland Security (DHS) Office for Bombing Prevention, a geospatial integrated problem solving environment software framework was developed by Oak Ridge National Laboratory. This framework has proven useful as well in a number of other DHS, Department of Defense, and Department of Energy projects. An overview of the software architecture along with application examples are presented.

  8. Reliability of Calderbank-Shor-Steane Codes and Security of Quantum Key Distribution

    E-print Network

    Mitsuru Hamada

    2004-07-23

    After Mayers (1996, 2001) gave a proof of the security of the Bennett-Brassard 1984 (BB84) quantum key distribution protocol, Shor and Preskill (2000) made a remarkable observation that a Calderbank-Shor-Steane (CSS) code had been implicitly used in the BB84 protocol, and suggested its security could be proven by bounding the fidelity, say F(n), of the incorporated CSS code of length n in the form 1-F(n) 0 whenever R Shor and Preskill (2000). The codes in the present work are robust against fluctuations of channel parameters, which fact is needed to establish the security rigorously and was not proved for rates above the Gilbert-Varshamov rate before in the literature. As a byproduct, the security of a modified BB84 protocol against any joint (coherent) attacks is proved quantitatively.

  9. Chaining for Securing Data Provenance in Distributed Information Networks

    E-print Network

    California at Davis, University of

    for information trustworthiness assessment, copyright clearance, data reconciliation, and data replication. While Information networks are networks that use the networking technologies such as the Internet and wireless communication for distributing and sharing information among different in- formation processing entities

  10. Application-Oriented Confidentiality and Integrity Dynamic Union Security Model Based on MLS Policy

    NASA Astrophysics Data System (ADS)

    Xue, Mingfu; Hu, Aiqun; He, Chunlong

    We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.

  11. 76 FR 8755 - Privacy Act of 1974; Department of Homeland Security/ALL-032 Official Passport Application and...

    Federal Register 2010, 2011, 2012, 2013, 2014

    2011-02-15

    ...1974; Department of Homeland Security/ALL--032 Official Passport Application and...Department of Homeland Security/ ALL--032 Official Passport Application and...Washington, DC 20528. Instructions: All submissions received must include the...

  12. The Data and Application Security and Privacy (DASPY) Challenge

    E-print Network

    Sandhu, Ravi

    for Cyber Security Executive Director and Endowed Chair 11/11/11 ravi.sandhu@utsa.edu www.profsandhu.com www) Challenge . Ravi Sandhu Institute for Cyber Security 1 and Endowed Chair 11/11/11 ravi.sandhu@utsa.edu www by academically taught cyber security not studied as a success story The ATM "Paradox" not studied as a success

  13. Automatic Approach of Provable Security and its Application for OAEP+

    E-print Network

    proof; process calculus 1. Introduction Information security is nowadays an important issue. Its the security of cryptographic protocols. However, writing and verifying proofs by hand are prone to errors. This paper introduces the game-based approach of writing security proofs and its automatic technique

  14. Timing the Application of Security Patches for Optimal Uptime

    Microsoft Academic Search

    Steve Beattie; Seth Arnold; Crispin Cowan; Perry Wagle; Chris Wright; Adam Shostack

    2002-01-01

    Security vulnerabilities are discovered, become publicly known, get exploited by attackers, and patches come out. When should one apply security patches? Patch too soon, and you may suffer from instability induced by bugs in the patches. Patch too late, and you get hacked by attackers exploiting the vulnerability. We explore the factors affecting when it is best to apply security

  15. Secure protocol lifecycle and its application in power industry

    Microsoft Academic Search

    Wen Tang; Aifen Sui

    2008-01-01

    With advancing of communication technologies, various protocols have been designed, developed and widely deployed in modern industries, including power industry. And the security issues of these protocol systems which involve the security of national infrastructure have gained more and more concerns. Since protocols are not only communication services, but also evolving developing processes, security vulnerabilities could be introduced at the

  16. Segregate Applications at System Level to Eliminate Security Problems

    Microsoft Academic Search

    Chu J. Jong

    2006-01-01

    Improvements in advanced microprocessor design and cost\\/performance gains in hardware technology have changed the distributed computing paradigm from a homogeneous parallel computation to a heterogeneous cluster one. This new paradigm involves coordinating and sharing computing, application, data, storage, and network resources across dynamic and possibly geographically dispersed organizations. To attract organizations to take advantage of off-the-shelf ready-to-build commodity clusters, substantial

  17. Application of the JDL data fusion process model for cyber security

    NASA Astrophysics Data System (ADS)

    Giacobe, Nicklaus A.

    2010-04-01

    A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

  18. Enabling Distributed Addition of Secure Access to Patient's Records in A Tele-Referring Group

    E-print Network

    Poovendran, Radha

    and networking technolo- gies, vast medical records now exist in digital for- mat. Compared to paper-based records, Electronic Health Records (EHR) are easy to transmit, store and share among medical professionalsEnabling Distributed Addition of Secure Access to Patient's Records in A Tele-Referring Group

  19. Secure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid

    E-print Network

    Shehab, Mohamed

    Secure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid Mohammad: Smart Grid, Energy Consumption Schedule, Privacy. I. INTRODUCTION Energy is critically important varying energy prices, giving incentive for using energy at off-peak hours. Smart grids provide innovative

  20. Cryptographic Security for a High-Performance Distributed File System Roman Pletka

    E-print Network

    Cachin, Christian

    storage systems. Today, storage space is typically provided by complex networked systems. These networksCryptographic Security for a High-Performance Distributed File System Roman Pletka AdNovum Informatik AG CH-8005 Z¨urich, Switerland roman@pletka.ch Christian Cachin IBM Zurich Research Laboratory CH

  1. Cryptographic Security for a HighPerformance Distributed File System Roman Pletka #

    E-print Network

    Cachin, Christian

    storage systems. Today, storage space is typically provided by complex networked systems. These networksCryptographic Security for a High­Performance Distributed File System Roman Pletka # AdNovum Informatik AG CH­8005 ZË?urich, Switerland roman@pletka.ch Christian Cachin IBM Zurich Research Laboratory CH

  2. Enforcing Secure and Privacy-Preserving Information Brokering in Distributed Information

    E-print Network

    Lee, Dongwon

    1 Enforcing Secure and Privacy-Preserving Information Brokering in Distributed Information Sharing as example. Regional Health Information Organization Copyright (c) 2013 IEEE. Personal use of this material an increasing need for information sharing via on-demand access. Information Broker- ing Systems (IBSs) have

  3. Cyber security strategy for future distributed energy delivery system

    Microsoft Academic Search

    Tinton Dwi Atmaja; Fitriana

    2011-01-01

    Energy delivery systems in future manner will be referred to a modernization of delivery system so it monitors, protects and automatically optimize the operation of its interconnected elements. Its contain power generations, transmission network and user automation. It characterized by two way flow of electricity and information to create an automated distributed energy delivery system. From the viewing side of

  4. Distributed security for communications and memories in a multiprocessor architecture

    E-print Network

    Paris-Sud XI, Université de

    systems has strongly increased since several years. Nowadays, it is possible to integrate several architecture of the system. This paper targets this point and proposes a solution with distributed enhancements, smartphones, set-top boxes and other electronic embedded systems are part of our daily life. They contain

  5. Massive Distributed and Parallel Log Analysis For Organizational Security

    E-print Network

    Lu, Chang

    demonstrates the effectiveness of our design and shows the potential of our cloud-based distributed framework explored on multi-core CPU, FPGA, and GPU, e.g., [4]. The first two authors contributed equally outsourced to the cloud [7]. We present a cloud-based framework and protocol for organizations

  6. Adaptively Secure Feldman VSS and Applications to Universally-Composable Threshold Cryptography

    Microsoft Academic Search

    Masayuki Abe; Serge Fehr

    2004-01-01

    We propose the first distributed discrete-log key generation (DLKG) protocol from scratch which is adaptively-secure in the non-erasure model, and at the same time completely avoids the use of interactive zero-knowledge proofs. As a consequence, the protocol can be proven secure in a universally-composable (UC) like framework which prohibits rewinding. We prove the security in what we call the single-inconsistent-player

  7. A versatile digital video engine for safeguards and security applications

    SciTech Connect

    Hale, W.R.; Johnson, C.S. [Sandia National Labs., Albuquerque, NM (United States); DeKeyser, P. [Fast Forward Video, Irvine, CA (United States)

    1996-08-01

    The capture and storage of video images have been major engineering challenges for safeguard and security applications since the video camera provided a method to observe remote operations. The problems of designing reliable video cameras were solved in the early 1980`s with the introduction of the CCD (charged couple device) camera. The first CCD cameras cost in the thousands of dollars but have now been replaced by cameras costing in the hundreds. The remaining problem of storing and viewing video images in both attended and unattended video surveillance systems and remote monitoring systems is being solved by sophisticated digital compression systems. One such system is the PC-104 three card set which is literally a ``video engine`` that can provide power for video storage systems. The use of digital images in surveillance systems makes it possible to develop remote monitoring systems, portable video surveillance units, image review stations, and authenticated camera modules. This paper discusses the video card set and how it can be used in many applications.

  8. Modulated digital images for biometric and other security applications

    NASA Astrophysics Data System (ADS)

    McCarthy, Lawry D.; Lee, Robert A.; Swiegers, Gerhard F.

    2004-06-01

    There are, in general, two ways for an observer to deal with light that is incorrect in some way (e.g. which is partially out of focus). One approach is to correct the error (e.g. by using a lens to selectively bend the light). Another approach employs selective masking to block those portions of the light which are unwanted (e.g. out of focus). The principle of selective masking is used in a number of important industries. However it has not found widespread application in the field of optical security devices. This work describes the selective masking, or modulation, of digital images as a means of creating documents and transparent media containing overt or covert biometric and other images. In particular, we show how animation effects, flash-illumination features, color-shifting patches, information concealment devices, and biometric portraiture in various settings can be incorporated in transparent media like plastic packaging materials, credit cards, and plastic banknotes. We also demonstrate the application of modulated digital images to the preparation of optically variable diffractive foils which are readily customized to display biometric portraits and information. Selective masking is shown to be an important means of creating a diverse range of effects useful in authentication. Such effects can be readily and inexpensively produced without the need, for example, to fabricate lenses on materials which may not be conducive in this respect.

  9. Security engineering: systems engineering of security through the adaptation and application of risk management

    NASA Technical Reports Server (NTRS)

    Gilliam, David P.; Feather, Martin S.

    2004-01-01

    Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

  10. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    PubMed Central

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  11. Security of high-dimensional quantum key distribution protocols using Franson interferometers

    E-print Network

    Thomas Brougham; Stephen M. Barnett; Kevin T. McCusker; Paul G. Kwiat; Daniel J. Gauthier

    2013-05-20

    Franson interferometers are increasingly being proposed as a means of securing high-dimensional energy-time entanglement-based quantum key distribution (QKD) systems. Heuristic arguments have been proposed that purport to demonstrate the security of these schemes. We show, however, that such systems are vulnerable to attacks that localize the photons to several temporally separate locations. This demonstrates that a single pair of Franson interferometers is not a practical approach to securing high-dimensional energy-time entanglement based QKD. This observations leads us to investigate the security of modified Franson-based-protocols, where Alice and Bob have two or more Franson interferometers. We show that such setups can improve the sensitivity against attacks that localize the photons to multiple temporal locations. While our results do not constituting a full security proof, they do show that a single pair of Franson interferometers is not secure and that multiple such interferometers could be a promising candidate for experimentally realizable high-dimensional QKD.

  12. Securing Emergency Response Operations Using Distributed Trust Decisions

    Microsoft Academic Search

    Peter Danner; Daniel Hein; Stefan Kraxberger

    2010-01-01

    Providing access to relevant confidential information during an emergency increases the efficiency of emergency response operations. Existing approaches rely on a centralized on-line authority to regulate access to emergency applications and data. Unfortunately, it cannot be guaranteed that the central authority is available during an incident. Additionally, the central authority must be trusted to manage access to restricted data of

  13. A Secure Distributed Transport Protocol for Wireless Sensor Networks

    E-print Network

    Levente, Buttyán

    -known TCP) are not applicable in WSNs, because they perform poorly in a wireless environment and they are not optimized for energy consumption. Therefore, a number of transport protocols specifically designed for WSNs have been proposed in the literature (see e.g., [2] for a survey). The main design criteria that those

  14. Unit Testing and Action-Level Security Solution of Struts Web Applications Based on MVC

    Microsoft Academic Search

    Qinglin Wu; Yanzhong Hu; Yan Wang

    2010-01-01

    The MVC design pattern is very useful for architecting Web applications, which encourages developers to partition the applications as early as in the design phase. Nowadays, Struts Web applications based on MVC have become more and more popular in various fields, the unit testing and action-level security are the most important method for guaranteeing the applications quality.In this paper, we

  15. Compact, rugged, and intuitive thermal imaging cameras for homeland security and law enforcement applications

    Microsoft Academic Search

    Charles M. Hanson

    2005-01-01

    Low cost, small size, low power uncooled thermal imaging sensors have completely changed the way the world views commercial law enforcement and military applications. Key applications include security, medical, automotive, power generation monitoring, manufacturing and process control, aerospace application, defense, environmental and resource monitoring, maintenance monitoring and night vision. Commercial applications also include law enforcement and military special operations. Each

  16. Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

    NASA Astrophysics Data System (ADS)

    Fathirad, Iraj; Devlin, John; Jiang, Frank

    2012-09-01

    The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

  17. Applicability of ATM to distributed PACS environment

    NASA Astrophysics Data System (ADS)

    Wong, Stephen T. C.; Lemke, Heinz U.; Huang, H. K.

    1995-05-01

    Future medical centers will consist of multiple picture archiving and communication systems (PACS) serving local needs of different specialty sections and departments. This distribution of medical image archives will require high performance broadband networks to ensure effective communication and reliable services. One major stumbling block to this distributed PACS environment is the lack of an appropriate networking technology to integrate individual systems and their services seamlessly. Asynchronous transfer mode (ATM) provides a promising solution to this infrastructure problem. ATM is defined as cell-based switching and multiplexing technology designed to be a general-purpose, connection-oriented transfer mode for a wide range of services. This work investigates the suitability of this new technology for distributed medical PACS applications and discusses the user needs and operational issues accompanying the ATM deployment. It also presents with the design and preliminary throughput results of an ATM based hospital-integrated PACS at the University of California, San Francisco.

  18. On KLJN-based Secure Key Distribution in Vehicular Communication Networks

    NASA Astrophysics Data System (ADS)

    Cao, X.; Saez, Y.; Pesti, G.; Kish, L. B.

    2015-12-01

    In a former paper [Fluct. Noise Lett. 13 (2014) 1450020] we introduced a vehicular communication system with unconditionally secure key exchange based on the Kirchhoff-Law-Johnson-Noise (KLJN) key distribution scheme. In this paper, we address the secure KLJN key donation to vehicles. This KLJN key donation solution is performed lane-by-lane by using roadside key provider equipment embedded in the pavement. A method to compute the lifetime of the KLJN key is also given. This key lifetime depends on the car density and gives an upper limit of the lifetime of the KLJN key for vehicular communication networks.

  19. Enriching healthcare applications with cryptographic mechanisms and XML- based security services.

    PubMed

    Bourka, A; Kaliontzoglou, A; Polemi, D; Georgoulas, A; Sklavos, P

    2003-01-01

    The paper presents the enrichment of an existing e-referral / e-prescription application within a Regional Healthcare Information Network with security functionality, solving current authentication, integrity, non-repudiation and confidentiality issues and thus significantly enhancing the overall system security, operability, applicability and user acceptance. The application makes use of an underlying PKI framework, in order to provide strong authentication, digital signature, encryption and time-stamping services. XML is used for the representation of the healthcare data itself, the encrypted form of this data, as well as the relevant data security information, following W3C standards. PMID:12590159

  20. A wide range of security services may be available to applications in a heterogeneous computer network envi-

    E-print Network

    associated with network security services. 1 Introduction Several efforts are underway to develop middleware Taxonomy of security services Users and applications on the network are presented with various security topographical component of the network in which the security or protection is effec- tive. The taxonomy

  1. Matching Policies with Security Claims of Mobile Applications

    Microsoft Academic Search

    Nataliia Bielova; Marco Dalla; Torre Nicola; Dragoni Id

    The Security-by-Contract (S×C) framework has been recently proposed to address the trust relationship prob- lem of the current security model adopted for mobile devices. The key idea of S×C (similar to the one of Model-Carrying Code) is to augment mobile code with a claim on its security behavior (a contract) that could be matched against a mobile platform policy before

  2. Matching Policies with Security Claims of Mobile Applications

    Microsoft Academic Search

    Nataliia Bielova; Marco Dalla Torre; Nicola Dragoni; Ida Siahaan

    2008-01-01

    Abstract The Security-by-Contract (S×C) framework has been recently proposed to address the trust relationship prob- lem of the current security model adopted for mobile devices. The key idea of S×C (similar to the one of Model-Carrying Code) is to augment mobile code with a claim on its security behavior (a contract) that could be matched against a mobile platform policy

  3. Web Application Security Gateway with Java Non-blocking IO

    Microsoft Academic Search

    Zhenxing Luo; Nuermaimaiti Heilili; Dawei Xu; Chen Zhao; Zuoquan Lin

    2006-01-01

    We present the design and implementation of the WebDaemon Security Gateway (WDSG) with the techniques of event-driving, non-blocking\\u000a IO multiplexing, secure cookies, SSL and caches based on PKI framework and role-based access control (RBAC) policy. It not\\u000a only supports massive concurrency and avoids the pitfalls of traditional block I\\/O based design, but also is able to secure\\u000a all the resources

  4. Overcoming Channel Bandwidth Constraints in Secure SIM Applications

    Microsoft Academic Search

    John A. Macdonald; William G. Sirett; Chris J. Mitchell

    2005-01-01

    In this paper we present an architecture based on a Java (J2SE, J2EE, J2ME and Java Card) platform supporting a secure channel from a Mobile Operator to the SIM card. This channel offers the possibility of end to end security for delivery of large data files to a GSM SIM card. Such a secure channel could be used for delivery

  5. Secure authentication protocol for Internet applications over CATV network

    NASA Astrophysics Data System (ADS)

    Chin, Le-Pond

    1998-02-01

    An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

  6. Foundational Security Principles for Medical Application Platforms* (Extended Abstract)

    PubMed Central

    Vasserman, Eugene Y.; Hatcliff, John

    2014-01-01

    We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals. PMID:25599096

  7. Using of geospatial video surveillance networks for urban security and emergency applications

    Microsoft Academic Search

    Yu Wenshuai; Yu Xuchu; Zhang Pengqiang; Tang Xiong

    2009-01-01

    Geospatial video surveillance network (GVSN) is an effective remote sensing approach for urban security and emergency applications. In this paper, the GVSN system could be separated into four basic functional parts that include change detection, object recognition, target tracking and target positioning. Each part has its special utility to solve the security and emergency problems. When the functions applied in

  8. Application of the JDL data fusion process model for cyber security

    Microsoft Academic Search

    Nicklaus A. Giacobe

    2010-01-01

    A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining

  9. Application of improved PCA in risks assessment technology of enterprise information security

    Microsoft Academic Search

    Qu Zhiming

    2009-01-01

    Mankind has entered the information society, and information breeds risk everywhere. Information security risk assessment will play a crucial role, which is applied to the entire life cycle of information systems, an essential technical mean in determining information system security level and has a very wide range of applications. Improved principal component analysis (IPCFA) process is use to evaluate in

  10. A Security Application of the Warwick Optical Antenna in Wireless Local and Personal Area Networks

    E-print Network

    Haddadi, Hamed

    A Security Application of the Warwick Optical Antenna in Wireless Local and Personal Area Networks any further requirements other than a LOS between the sender and receiver. For Local Area Networks for exchanging information, security can be maintained in any radio communication taking place in the local

  11. Active Millimeter-Wave and Sub-Millimeter-Wave Imaging for Security Applications

    SciTech Connect

    Sheen, David M.; McMakin, Douglas L.; Hall, Thomas E.

    2011-09-02

    Active imaging at millimeter and sub-millimeter wavelengths has been developed for security applications including concealed weapon detection. The physical properties that affect imaging performance are discussed along with a review of the current state-of-the-art and future potential for security imaging systems.

  12. An Empirical Study on the Security of Cross-Domain Policies in Rich Internet Applications

    E-print Network

    Markatos, Evangelos P.

    An Empirical Study on the Security of Cross-Domain Policies in Rich Internet Applications Georgios, in order to enrich user experience, led to the use of cross-domain policies by content providers. Cross-domain on the deployment and security issues of cross-domain policies in the web. Through the examination of a large set

  13. Secure Large-Scale Airport Simulations Using Distributed Computational Resources

    NASA Technical Reports Server (NTRS)

    McDermott, William J.; Maluf, David A.; Gawdiak, Yuri; Tran, Peter; Clancy, Dan (Technical Monitor)

    2001-01-01

    To fully conduct research that will support the far-term concepts, technologies and methods required to improve the safety of Air Transportation a simulation environment of the requisite degree of fidelity must first be in place. The Virtual National Airspace Simulation (VNAS) will provide the underlying infrastructure necessary for such a simulation system. Aerospace-specific knowledge management services such as intelligent data-integration middleware will support the management of information associated with this complex and critically important operational environment. This simulation environment, in conjunction with a distributed network of supercomputers, and high-speed network connections to aircraft, and to Federal Aviation Administration (FAA), airline and other data-sources will provide the capability to continuously monitor and measure operational performance against expected performance. The VNAS will also provide the tools to use this performance baseline to obtain a perspective of what is happening today and of the potential impact of proposed changes before they are introduced into the system.

  14. Practical security bounds against the Trojan-horse attack in quantum key distribution

    E-print Network

    Marco Lucamarini; Iris Choi; Martin B. Ward; James F. Dynes; Zhiliang Yuan; Andrew J. Shields

    2015-06-05

    In the quantum version of a Trojan-horse attack, photons are injected into the optical modules of a quantum key distribution system in an attempt to read information direct from the encoding devices. To stop the Trojan photons, the use of passive optical components has been suggested. However, to date, there is no quantitative bound that specifies such components in relation to the security of the system. Here, we turn the Trojan-horse attack into an information leakage problem. This allows us quantify the system security and relate it to the specification of the optical elements. The analysis is supported by the experimental characterization of reflectivity and transmission of the optical components most relevant to security.

  15. New applications of modulated digital images in document security

    NASA Astrophysics Data System (ADS)

    Lee, Robert A.; Leech, Patrick W.; McCarthy, Lawry D.; Swiegers, Gerhard F.

    2006-02-01

    In previous work we have demonstrated that selective masking, or modulation, of digital images can be used to create documents and transparent media containing covert or optically variable, overt images. In the present work we describe new applications and techniques of such "modulated digital images" (MDI's) in document security. In particular, we demonstrate that multiple hidden images can be imperceptibly concealed within visible, host images by incorporating them as a new, half-tone, printing screen. Half-toned hidden images of this type may contain a variety of novel features that hinder unauthorized copying, including concealed multiple images, and microprinted-, color-, and various fadeeffects. Black-and-white or full color images may be readily used in this respect. We also report a new technique for the embossing of multiple, covert- or optically variable, overt-images into transparent substrates. This method employs an embossing tool that is prepared using a combination of electron beam and greytone lithography. Two approaches may be used: (i) a double-sided "soft" emboss into curable, transparent, lacquer layers, and (ii) a single-sided "hot" emboss in which multiple, dithered images consisting of distinctly-sloped microprisms are impressed into the substrate. Technique (ii) requires a novel, electron-beam-originated master dye.

  16. Recent Advances in Infrasound Science for National Security Applications

    NASA Astrophysics Data System (ADS)

    Arrowsmith, S.; Blom, P. S.; Marcillo, O. E.; Whitaker, R. W.

    2014-12-01

    Infrasound is sound below the frequency-threshold of human hearing, covering the frequency range from 0.01 - 20 Hz. Infrasound science studies the generation, propagation, measurement, and analysis of infrasound. Sources of infrasound include a wide variety of energetic natural and manmade phenomena that include chemical and nuclear explosions, rockets and missiles, and aircraft. The dominant factors influencing the propagation of infrasound are the spatial and temporal variations in temperature, wind speed, and wind direction. In recent years, Infrasound Science has experienced a renaissance due to the installation of an international monitoring system of 60 infrasound arrays for monitoring the Comprehensive Nuclear Test Ban Treaty, and to the demonstrated value of regional infrasound networks for both scientific and applied purposes. Furthermore, in the past decade, significant advances have been made on using measurements of infrasound to invert for these properties of the atmosphere at altitudes where alternative measurement techniques are extremely costly. This presentation provides a review of recent advances in infrasound science as relevant to National Security applications.

  17. Numerically Efficient Water Quality Modeling and Security Applications

    E-print Network

    Mann, Angelica

    2013-02-04

    to consider effective tools and mitigation strategies to improve water network security. This work presents two components that have been integrated into EPA’s Water Security Toolkit, an open-source software package that includes a set of tools to help water...

  18. Hardware Enforcement of Application Security Policies Using Tagged Memory

    Microsoft Academic Search

    Nickolai Zeldovich; Hari Kannan; Michael Dalton; Christos Kozyrakis

    2008-01-01

    Computers are notoriously insecure, in part because ap- plication security policies do not map well onto tradi- tional protection mechanisms such as Unix user accounts or hardware page tables. Recent work has shown that ap- plication policies can be expressed in terms of informa- tion flow restrictions and enforced in an OS kernel, pro- viding a strong assurance of security.

  19. Hardware Enforcement of Application Security Policies Using Tagged Memory

    Microsoft Academic Search

    Nickolai Zeldovich; Hari Kannan; Michael Dalton; Christos Kozyrakis

    Computers are notoriously insecure, in part because ap- plication security policies do not map well onto tradi- tional protection mechanisms such as Unix user accounts or hardware page tables. Recent work has shown that ap- plication policies can be expressed in terms of informa- tion flow restrictions and enforced in an OS kernel, pro- viding a strong assurance of security.

  20. Full security of quantum key distribution from no-signaling constraints

    E-print Network

    Ll. Masanes; R. Renner; M. Christandl; A. Winter; J. Barrett

    2014-09-24

    We analyze a cryptographic protocol for generating a distributed secret key from correlations that violate a Bell inequality by a sufficient amount, and prove its security against eavesdroppers, constrained only by the assumption that any information accessible to them must be compatible with the non-signaling principle. The claim holds with respect to the state-of-the-art security definition used in cryptography, known as universally-composable security. The non-signaling assumption only refers to the statistics of measurement outcomes depending on the choices of measurements; hence security is independent of the internal workings of the devices --- they do not even need to follow the laws of quantum theory. This is relevant for practice as a correct and complete modeling of realistic devices is generally impossible. The techniques developed are general and can be applied to other Bell inequality-based protocols. In particular, we provide a scheme for estimating Bell-inequality violations when the samples are not independent and identically distributed.

  1. Network and Index Coding with Application to Robust and Secure Communications

    E-print Network

    El Rouayheb, Salim Y.

    2011-02-22

    the traditional routing and tree packing techniques. In this dissertation, we study applications of network coding for guarantying reliable and secure information transmission in networks with compromised edges. First, we investigate the construction of robust...

  2. Laser Applications to Chemical, Security, and Environmental Analysis: introduction to the feature issue

    SciTech Connect

    Dreizler, Andreas; Fried, Alan; Gord, James R

    2007-07-01

    This Applied Optics feature issue on Laser Applications to Chemical, Security,and Environmental Analysis (LACSEA) highlights papers presented at theLACSEA 2006 Tenth Topical Meeting sponsored by the Optical Society ofAmerica.

  3. Trajectory Similarity of Network Constrained Moving Objects and Applications to Traffic Security

    Microsoft Academic Search

    Sajimon Abraham; Paulose Sojan Lal

    2010-01-01

    \\u000a Spatio-Temporal data analysis plays a central role in many security-related applications including those relevant to transportation\\u000a infrastructure, border and inland security. In several applications, data objects move on pre-defined spatial networks such\\u000a as road segments, railways, and invisible air routes, which provides the possibility of representing the data in reduced dimension.\\u000a This dimensionality reduction gives additional advantages in spatio-temporal data

  4. BIND: A Fine-Grained Attestation Service for Secure Distributed Systems

    Microsoft Academic Search

    Elaine Shi; Adrian Perrig; Leendert Van Doorn

    2005-01-01

    In this paper, we propose BIND (Binding Instructions aNd Data),1 a fine-grained attestation service for secur- ing distributed systems. Code attestation has recently re- ceived considerable attention in trusted computing. How- ever, current code attestation technology is relatively im- mature. First, due to the great variability in software ver- sions and configurations,verification of the hash is difficult. Second, the time-of-use

  5. Secure, Autonomous, Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.; Paulsen, Phillip E.; Miller, Eric M.; Sage, Steen P.

    2013-01-01

    This report describes a Secure, Autonomous, and Intelligent Controller for Integrating Distributed Emergency Response Satellite Operations. It includes a description of current improvements to existing Virtual Mission Operations Center technology being used by US Department of Defense and originally developed under NASA funding. The report also highlights a technology demonstration performed in partnership with the United States Geological Service for Earth Resources Observation and Science using DigitalGlobe(Registered TradeMark) satellites to obtain space-based sensor data.

  6. Microholographic computer generated holograms for security applications: Microtags

    SciTech Connect

    Sweatt, W.C.; Warren, M.E.; Kravitz, S.H. [and others

    1998-01-01

    We have developed a method for encoding phase and amplitude in microscopic computer-generated holograms (microtags) for security applications. Eight-by-eight-cell and 12 x 12-cell phase-only and phase-and-amplitude microtag designs has been exposed in photoresist using the extreme-ultraviolet (13.4 nm) lithography (EUVL) tool developed at Sandia National Laboratories. Using EUVL, we have also fabricated microtags consisting of 150-nm lines arranged to form 300-nm-period gratings. The microtags described in this report were designed for readout at 632.8 nm and 442 nm. The smallest microtag measures 56 {mu}m x 80 {mu}m when viewed at normal incidence. The largest microtag measures 80 by 160 microns and contains features 0.2 {mu}m wide. The microtag design process uses a modified iterative Fourier-transform algorithm to create either phase-only or phase-and-amplitude microtags. We also report on a simple and compact readout system for recording the diffraction pattern formed by a microtag. The measured diffraction patterns agree very well with predictions. We present the results of a rigorous coupled-wave analysis (RCWA) of microtags. Microtags are CD modeled as consisting of sub-wavelength gratings of a trapezoidal profile. Transverse-electric (TE) and TM readout polarizations are modeled. The objective of our analysis is the determination of optimal microtag-grating design parameter values and tolerances on those parameters. The parameters are grating wall-slope angle, grating duty cycle, grating depth, and metal-coating thickness. Optimal microtag-grating parameter values result in maximum diffraction efficiency. Maximum diffraction efficiency is calculated at 16% for microtag gratings in air and 12% for microtag gratings underneath a protective dielectric coating, within fabrication constraints. TM-microtag gratings. Finally, we suggest several additional microtag concepts, such as two-dimensional microtags and pixel-code microtags.

  7. Security

    ERIC Educational Resources Information Center

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  8. Finite-key security analysis of quantum key distribution with imperfect light sources

    E-print Network

    Akihiro Mizutani; Marcos Curty; Charles Ci Wen Lim; Nobuyuki Imoto; Kiyoshi Tamaki

    2015-04-30

    In recent years, the gap between theory and practice in quantum key distribution (QKD) has been significantly narrowed, particularly for QKD systems with arbitrarily awed optical receivers. The status for QKD systems with imperfect light sources is however less satisfactory, in the sense that the resulting secure key rates are often overly-dependent on the quality of state preparation. This is especially the case when the channel loss is high. Very recently, to overcome this limitation, Tamaki et al proposed a QKD protocol based on the so-called rejected data analysis, and showed that its security|in the limit of infinitely long keys|is almost independent of any encoding flaw in the qubit space, being this protocol compatible with the decoy state method. Here, as a step towards practical QKD, we show that a similar conclusion is reached in the finite-key regime, even when the intensity of the light source is unstable. More concretely, we derive security bounds for a wide class of realistic light sources and show that the bounds are also efficient in the presence of high channel loss. Our results strongly suggest the feasibility of long distance provably-secure communication with imperfect light sources.

  9. Security

    Microsoft Academic Search

    Henry Lee; Eugene Chuvyrov

    \\u000a Because everything about the design and operation of Windows Phone 7 targets consumers, it is only natural that Microsoft\\u000a has carefully thought through the ways to protect consumers from both intended and unintentional harm. Windows Phone 7 ships\\u000a with a compelling set of built-in security features that go towards accomplishing that goal. The capabilities of the Windows\\u000a Phone 7 platform

  10. Secure Optical Networks Based on Quantum Key Distribution and Weakly Trusted Repeaters

    E-print Network

    David Elkouss; Jesus Martinez-Mateo; Alex Ciurana; Vicente Martin

    2013-04-15

    In this paper we explore how recent technologies can improve the security of optical networks. In particular, we study how to use quantum key distribution (QKD) in common optical network infrastructures and propose a method to overcome its distance limitations. QKD is the first technology offering information theoretic secret-key distribution that relies only on the fundamental principles of quantum physics. Point-to-point QKD devices have reached a mature industrial state; however, these devices are severely limited in distance, since signals at the quantum level (e.g. single photons) are highly affected by the losses in the communication channel and intermediate devices. To overcome this limitation, intermediate nodes (i.e. repeaters) are used. Both, quantum-regime and trusted, classical, repeaters have been proposed in the QKD literature, but only the latter can be implemented in practice. As a novelty, we propose here a new QKD network model based on the use of not fully trusted intermediate nodes, referred as weakly trusted repeaters. This approach forces the attacker to simultaneously break several paths to get access to the exchanged key, thus improving significantly the security of the network. We formalize the model using network codes and provide real scenarios that allow users to exchange secure keys over metropolitan optical networks using only passive components. Moreover, the theoretical framework allows to extend these scenarios not only to accommodate more complex trust constraints, but also to consider robustness and resiliency constraints on the network.

  11. Contributions to Human Errors and Breaches in National Security Applications.

    SciTech Connect

    Pond, D. J. (Daniel J.); Houghton, F. K. (Florence Kay); Gilmore, W. E. (Walter E.)

    2002-01-01

    Los Alamos National Laboratory has recognized that security infractions are often the consequence of various types of human errors (e.g., mistakes, lapses, slips) and/or breaches (i.e., deliberate deviations from policies or required procedures with no intention to bring about an adverse security consequence) and therefore has established an error reduction program based in part on the techniques used to mitigate hazard and accident potentials. One cornerstone of this program, definition of the situational and personal factors that increase the likelihood of employee errors and breaches, is detailed here. This information can be used retrospectively (as in accident investigations) to support and guide inquiries into security incidents or prospectively (as in hazard assessments) to guide efforts to reduce the likelihood of error/incident occurrence. Both approaches provide the foundation for targeted interventions to reduce the influence of these factors and for the formation of subsequent 'lessons learned.' Overall security is enhanced not only by reducing the inadvertent releases of classified information but also by reducing the security and safeguards resources devoted to them, thereby allowing these resources to be concentrated on acts of malevolence.

  12. Deploying Complex Applications in Unfriendly Distributed Systems with Parrot

    E-print Network

    Wisconsin at Madison, University of

    Deploying Complex Applications in Unfriendly Distributed Systems with Parrot ((PREPRINT VERSION that are endemic to distributed systems. To solve this problem, we present Parrot, an interposition agent that connects standard, unmodified applications to distributed systems. Parrot makes use of the debugging

  13. Control and Communication for a Secure and Reconfigurable Power Distribution System

    NASA Astrophysics Data System (ADS)

    Giacomoni, Anthony Michael

    A major transformation is taking place throughout the electric power industry to overlay existing electric infrastructure with advanced sensing, communications, and control system technologies. This transformation to a smart grid promises to enhance system efficiency, increase system reliability, support the electrification of transportation, and provide customers with greater control over their electricity consumption. Upgrading control and communication systems for the end-to-end electric power grid, however, will present many new security challenges that must be dealt with before extensive deployment and implementation of these technologies can begin. In this dissertation, a comprehensive systems approach is taken to minimize and prevent cyber-physical disturbances to electric power distribution systems using sensing, communications, and control system technologies. To accomplish this task, an intelligent distributed secure control (IDSC) architecture is presented and validated in silico for distribution systems to provide greater adaptive protection, with the ability to proactively reconfigure, and rapidly respond to disturbances. Detailed descriptions of functionalities at each layer of the architecture as well as the whole system are provided. To compare the performance of the IDSC architecture with that of other control architectures, an original simulation methodology is developed. The simulation model integrates aspects of cyber-physical security, dynamic price and demand response, sensing, communications, intermittent distributed energy resources (DERs), and dynamic optimization and reconfiguration. Applying this comprehensive systems approach, performance results for the IEEE 123 node test feeder are simulated and analyzed. The results show the trade-offs between system reliability, operational constraints, and costs for several control architectures and optimization algorithms. Additional simulation results are also provided. In particular, the advantages of an IDSC architecture are highlighted when an intermittent DER is present on the system.

  14. Security bound of two-basis quantum-key-distribution protocols using qudits

    SciTech Connect

    Nikolopoulos, Georgios M.; Alber, Gernot [Institut fuer Angewandte Physik, Technische Universitaet Darmstadt, 64289 Darmstadt (Germany)

    2005-09-15

    We investigate the security bounds of quantum-cryptographic protocols using d-level systems. In particular, we focus on schemes that use two mutually unbiased bases, thus extending the Bennett-Brassard 1984 quantum-key-distribution scheme to higher dimensions. Under the assumption of general coherent attacks, we derive an analytic expression for the ultimate upper security bound of such quantum-cryptography schemes. This bound is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions such an equivalence is generally no longer valid.

  15. Security and Fault-tolerance in Distributed Systems ETHZ, Spring 2013 Christian Cachin, IBM Research -Zurich www.zurich.ibm.com/~cca/

    E-print Network

    Cachin, Christian

    Security and Fault-tolerance in Distributed Systems ETHZ, Spring 2013 Christian Cachin, IBM and secure distributed systems. · Exploit replication as the primary means to tolerate faults. · Describe. Dependability 2. Reliable broadcast 3. Distributed storage 4. Consensus 5. System examples 6. Distributed

  16. Deterministic Replay of Distributed Java Applications Ravi Konuru

    E-print Network

    Choi, Jong-Deok

    Deterministic Replay of Distributed Java Applications Ravi Konuru rkonuru@us.ibm.com Harini 704, Yorktown Heights, NY 10598 Abstract Execution behavior of a Java application can be non­ determinism in Java makes the understanding and debug­ ging of multi­threaded distributed Java applications

  17. 8: Network Security 8-1 Network Security Overview

    E-print Network

    Lu, Enyue "Annie"

    "confidentiality" authentication message integrity security in practice: security in application (eg. Email security? 8.5 Securing e-mail 8.6 Securing TCP connections: SSL 8.7 Network layer security: IPsec #12 is network security? 8.5 Securing e-mail 8.6 Securing TCP connections: SSL 8.7 Network layer security: IPsec

  18. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    If you file an application with the RRB on one of its forms for an annuity under section 2 of the Railroad Retirement Act, as amended, we will consider this an application for title II Social Security benefits, which you may be entitled to, unless you tell us...

  19. 20 CFR 404.611 - How do I file an application for Social Security benefits?

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    If you file an application with the RRB on one of its forms for an annuity under section 2 of the Railroad Retirement Act, as amended, we will consider this an application for title II Social Security benefits, which you may be entitled to, unless you tell us...

  20. A Survey of Existing Approaches for Secure Ad Hoc Routing and Their Applicability to VANETS

    Microsoft Academic Search

    Emanuel Fonseca; Andreas Festag

    Vehicular ad hoc networks (VANETs) are the technical basis of an envisioned Intelligent transportation system. They o! er a wide range of applications improving road safety and driving comfort. Since VANET applications a! ect safety-of-life, data security in a vehic- ular system is mandatory. The unique characteristics of VANETs com- pared to conventional mobile ad hoc networks and sensor networks

  1. An application of integral engineering technique to information security standards analysis and refinement

    Microsoft Academic Search

    Dmitry V. Cheremushkin; Alexander V. Lyubimov

    2010-01-01

    The work demonstrates practical application of information security integral engineering technique to solve standards analysis and refinement problem. The application was exemplified by the development and analysis of the ISMS standards (ISO\\/IEC 27000 series) dictionary object model. Standards refinement process consisting of model development, model and standards modification was described. As a result of the research the weaknesses related to

  2. A Security and Privacy Survey for WSN in e-Health Applications

    Microsoft Academic Search

    J. I. N. Hipolito; J. L. Garcia

    2009-01-01

    Wireless sensors networks (WSN) are getting a special place in the development of e-Health application, due to its characteristics such as: not intrusive design, low energy consumption, low price and its flexibility to integrate into health care environments. However, the use of WSN in these kind of environments must consider those security and privacy mechanisms required by applicable personal data

  3. Enforcing End-to-End Application Security in the Cloud - (Big Ideas Paper)

    Microsoft Academic Search

    Jean Bacon; David Evans; David M. Eyers; Matteo Migliavacca; Peter R. Pietzuch; Brian Shand

    2010-01-01

    \\u000a Security engineering must be integrated with all stages of application specification and development to be effective. Doing\\u000a this properly is increasingly critical as organisations rush to offload their software services to cloud providers. Service-level\\u000a agreements (SLAs) with these providers currently focus on performance-oriented parameters, which runs the risk of exacerbating\\u000a an impedance mismatch with the security middleware. Not only do we

  4. Application of tabu search to optimal placement of distributed generators

    Microsoft Academic Search

    Koichi Nara; Yasuhiro Hayashi; Kazushige Ikeda; Tomoo Ashizawa

    2001-01-01

    Distributed generators (DGs) such as fuel cells, solar cells, wind mills and micro gas turbines, etc. are going to be installed on the demand side of power systems. Such distributed generators can reduce distribution loss if they are placed appropriately in the distribution system. In this paper, a tabu search application for finding the optimal allocation of DGs from a

  5. Linear Programming for Power-System Network Security Applications

    Microsoft Academic Search

    B.. Stott; J. L. Marinho

    1979-01-01

    A linear programming (LP) method for security dispatch and emergency control calculations on large power systems is presented. The method is reliable, fast, flexible, easy to program, and requires little computer storage. It works directly with the normal power-system variables and limits, and incorporates the usual sparse matrix techniques. An important feature of the method is that it handles multi-segment

  6. Intelligent Facial Recognition Systems: Technology advancements for security applications

    Microsoft Academic Search

    Beer

    1993-01-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy

  7. An artificial immune system architecture for computer security applications

    Microsoft Academic Search

    Paul K. Harmer; Paul D. Williams; Gregg H. Gunsch; Gary B. Lamont

    2002-01-01

    With increased global interconnectivity, reliance on e-commerce, network services, and Internet communication, computer security has become a necessity. Organizations must protect their systems from intrusion and computer-virus attacks. Such protection must detect anomalous patterns by exploiting known signatures while monitoring normal computer programs and network usage for abnormalities. Current antivirus and net- work intrusion detection (ID) solutions can become overwhelmed

  8. Motion detection in security applications using tracking and hierarchy

    Microsoft Academic Search

    Graeme A. Jones

    1994-01-01

    In security monitoring, the false alarm rate may be reduced if intelligent reasoning is applied to moving regions identified in each camera. Stable objects of appropriate size, position, and velocity may be allowed to trigger alarm. In the following, moving regions are identified against a stationary background by thresholding accumulated image differences. Tracking allows the frame-to-frame feature correspondences to be

  9. Flexible Cryptographic Component Design for Secure Web Applications

    Microsoft Academic Search

    Tae Ho Kim; Jong Jin Kim; Chang Hoon Kim; Chun Pyo Hong

    2006-01-01

    Although Internet serves many contents and services, it has serious problems of security: the invasion of privacy, hacking and etc. To prevent these problems, two implementations have been presented: Hardware and Software implementations of cryptographic algorithms. Hardware implementations of cryptographic algorithms provide much faster than software implementations. However, Software implementations are much flexible and low-cost. Many software-approaches have been presented.

  10. The Application of AHP Model to Guide Decision Makers: A Case Study of E-banking Security

    E-print Network

    Syamsuddin, Irfan; 10.1109/ICCIT.2009.251

    2010-01-01

    Changes in technology have resulted in new ways for bankers to deliver their services to costumers. Electronic banking systems in various forms are the evidence of such advancement. However, information security threats also evolving along this trend. This paper proposes the application of Analytic Hierarchy Process (AHP) methodology to guide decision makers in banking industries to deal with information security policy. The model is structured according aspects of information security policy in conjunction with information security elements. We found that cultural aspect is valued on the top priority among other security aspects, while confidentiality is considered as the most important factor in terms of information security elements.

  11. A Rigorous and Complete Proof of Finite Key Security of Quantum Key Distribution

    E-print Network

    Marco Tomamichel; Anthony Leverrier

    2015-06-28

    The goal of this work is to provide a largely self-contained, rigorous proof of the security of quantum key distribution in the finite key regime. For our analysis we consider an entanglement-based protocol based on BBM92 as well as a prepare-and-measure protocol based on BB84. Our presentation differs from previous work in that we are careful to model all the randomness that is used throughout the protocol and take care of all the transcripts of the communication over the public channel. We hope that this work will be a good starting point for readers interested in finite key analysis of protocols in quantum cryptography.

  12. Security Issues Associated With Error Correction And Privacy Amplification In Quantum Key Distribution

    E-print Network

    Horace Yuen

    2014-11-10

    Privacy amplification is a necessary step in all quantum key distribution protocols, and error correction is needed in each except when signals of many photons are used in the key communication in quantum noise approach. No security analysis of error correcting code information leak to the attacker has ever been provided, while an ad hoc formula is currently employed to account for such leak in the key generation rate. It is also commonly believed that privacy amplification allows the users to at least establish a short key of arbitrarily close to perfect security. In this paper we show how the lack of rigorous error correction analysis makes the otherwise valid privacy amplification results invalid, and that there exists a limit on how close to perfect a generated key can be obtained from privacy amplification. In addition, there is a necessary tradeoff between key rate and security, and the best theoretical values from current theories would not generate enough near-uniform key bits to cover the message authentication key cost in disturbance-information tradeoff protocols of the BB84 variety.

  13. IDCDACS: IDC's Distributed Application Control System

    NASA Astrophysics Data System (ADS)

    Ertl, Martin; Boresch, Alexander; Kiani?ka, Ján; Sudakov, Alexander; Tomuta, Elena

    2015-04-01

    The Preparatory Commission for the CTBTO is an international organization based in Vienna, Austria. Its mission is to establish a global verification regime to monitor compliance with the Comprehensive Nuclear-Test-Ban Treaty (CTBT), which bans all nuclear explosions. For this purpose time series data from a global network of seismic, hydro-acoustic and infrasound (SHI) sensors are transmitted to the International Data Centre (IDC) in Vienna in near-real-time, where it is processed to locate events that may be nuclear explosions. We newly designed the distributed application control system that glues together the various components of the automatic waveform data processing system at the IDC (IDCDACS). Our highly-scalable solution preserves the existing architecture of the IDC processing system that proved successful over many years of operational use, but replaces proprietary components with open-source solutions and custom developed software. Existing code was refactored and extended to obtain a reusable software framework that is flexibly adaptable to different types of processing workflows. Automatic data processing is organized in series of self-contained processing steps, each series being referred to as a processing pipeline. Pipelines process data by time intervals, i.e. the time-series data received from monitoring stations is organized in segments based on the time when the data was recorded. So-called data monitor applications queue the data for processing in each pipeline based on specific conditions, e.g. data availability, elapsed time or completion states of preceding processing pipelines. IDCDACS consists of a configurable number of distributed monitoring and controlling processes, a message broker and a relational database. All processes communicate through message queues hosted on the message broker. Persistent state information is stored in the database. A configurable processing controller instantiates and monitors all data processing applications. Due to decoupling by message queues the system is highly versatile and failure tolerant. The implementation utilizes the RabbitMQ open-source messaging platform that is based upon the Advanced Message Queuing Protocol (AMQP), an on-the-wire protocol (like HTML) and open industry standard. IDCDACS uses high availability capabilities provided by RabbitMQ and is equipped with failure recovery features to survive network and server outages. It is implemented in C and Python and is operated in a Linux environment at the IDC. Although IDCDACS was specifically designed for the existing IDC processing system its architecture is generic and reusable for different automatic processing workflows, e.g. similar to those described in (Olivieri et al. 2012, Kvćrna et al. 2012). Major advantages are its independence of the specific data processing applications used and the possibility to reconfigure IDCDACS for different types of processing, data and trigger logic. A possible future development would be to use the IDCDACS framework for different scientific domains, e.g. for processing of Earth observation satellite data extending the one-dimensional time-series intervals to spatio-temporal data cubes. REFERENCES Olivieri M., J. Clinton (2012) An almost fair comparison between Earthworm and SeisComp3, Seismological Research Letters, 83(4), 720-727. Kvćrna, T., S. J. Gibbons, D. B. Harris, D. A. Dodge (2012) Adapting pipeline architectures to track developing aftershock sequences and recurrent explosions, Proceedings of the 2012 Monitoring Research Review: Ground-Based Nuclear Explosion Monitoring Technologies, 776-785.

  14. Fiber optic security systems for land- and sea-based applications

    NASA Astrophysics Data System (ADS)

    Crickmore, Roger I.; Nash, Phillip J.; Wooler, John P. F.

    2004-11-01

    QinetiQ have been developing security systems for land and sea applications using interferometric based fiber optic sensors. We have constructed and tested a multi-channel fiber-optic hydrophone seabed array, which is designed for maritime surveillance and harbor security applications. During a recent trial it was deployed in a coastal location for an 8 day period during which it successfully detected and tracked a wide variety of traffic. The array can be interfaced with an open architecture processing system that carries out automatic detection and tracking of targets. For land based applications we have developed a system that uses high sensitivity fiber optic accelerometers and buried fiber optic cable as sensor elements. This uses the same opto-electronic interrogator as the seabed array, so a combined land and sea security system for coastal assets could be monitored using a single interrogator.

  15. Forensic and homeland security applications of modern portable Raman spectroscopy

    Microsoft Academic Search

    Emad L. Izake

    2010-01-01

    Modern detection and identification of chemical and biological hazards within the forensic and homeland security contexts may well require conducting the analysis in field while adapting a non-contact approach to the hazard. Technological achievements on both surface and resonance enhancement Raman scattering re-developed Raman spectroscopy to become the most adaptable spectroscopy technique for stand-off and non-contact analysis of hazards. On

  16. Application of LOD in collaborative design and information security

    Microsoft Academic Search

    Jian Mao; Shiqing Liu

    2010-01-01

    CAD models are required to transmit through network in many occasions, and the information security must be ensured. A transmission framework depending on progressive mesh is proposed in this paper. The description method level-of-detail (LOD) is introduced, which is a method to reduce the number of polygons for rendering, storage, transmission and following processing by using different-resolution details for the

  17. Secure Internet Based Virtual Trading Communities

    Microsoft Academic Search

    Nathalie Weiler; Bernhard Plattner

    1999-01-01

    Today, we face a growing interest in distributed business- to-business applications using the Internet as communica- tion media. However, the involved security threats are often neglected in the design of such systems. In this paper, we present our security architecture for an Internet based vir- tual trading community. Our solution has been designed for an heterogeneous, distributed workflow management system

  18. 17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.

    Code of Federal Regulations, 2014 CFR

    2014-04-01

    ...traded on a securities exchange or...communications network; or (3...communications network; or (4) Exercises of securities. The exercise...communications network; or (7...in Rule 144A securities....

  19. 17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.

    Code of Federal Regulations, 2013 CFR

    2013-04-01

    ...traded on a securities exchange or...communications network; or (3...communications network; or (4) Exercises of securities. The exercise...communications network; or (7...in Rule 144A securities....

  20. 17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.

    Code of Federal Regulations, 2010 CFR

    2010-04-01

    ...traded on a securities exchange or...communications network; or (3...communications network; or (4) Exercises of securities. The exercise...communications network; or (7...in Rule 144A securities....

  1. 17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.

    Code of Federal Regulations, 2011 CFR

    2011-04-01

    ...traded on a securities exchange or...communications network; or (3...communications network; or (4) Exercises of securities. The exercise...communications network; or (7...in Rule 144A securities....

  2. 17 CFR 242.102 - Activities by issuers and selling security holders during a distribution.

    Code of Federal Regulations, 2012 CFR

    2012-04-01

    ...traded on a securities exchange or...communications network; or (3...communications network; or (4) Exercises of securities. The exercise...communications network; or (7...in Rule 144A securities....

  3. A testing framework for Web application security assessment

    Microsoft Academic Search

    Yao-wen Huang; Chung-hung Tsai; Tsung-po Lin; Shih-kun Huang; D. T. Lee; Sy-yen Kuo

    2005-01-01

    The rapid development phases and extremely short turnaround time of Web applications make it difficult to elim- inate their vulnerabilities. Here we study how software testing techniques such as fault injection and runtime monitoring can be applied to Web applications. We implemented our proposed mechanisms in the Web Application Vulnerability and Error Scanner (WAVES)—a black-box testing framework for automated Web

  4. Security and Fault-tolerance in Distributed Systems ETHZ, Spring 2012 Christian Cachin, IBM Research -Zurich www.zurich.ibm.com/~cca/

    E-print Network

    Cachin, Christian

    Security and Fault-tolerance in Distributed Systems ETHZ, Spring 2012 Christian Cachin, IBM and secure distributed systems. · Exploit replication as the primary means to tolerate faults. · Describe. Distributed cryptography and proactive recovery 7. System examples, use in cloud platforms for storage

  5. Load Balancing in Distributed Applications Based on Extremal Optimization

    E-print Network

    Paris-Sud XI, Université de

    Load Balancing in Distributed Applications Based on Extremal Optimization I. De Falco1 , E. The paper shows how to use Extremal Optimization in load balancing of distributed applications executed optimization phases which improve program task placement on processors, the proposed load balancing method

  6. The Impact of Distributed Programming Abstractions on Application Energy Consumption

    E-print Network

    Tilevich, Eli

    The Impact of Distributed Programming Abstractions on Application Energy Consumption Young-Woo Kwon of their energy consumption patterns. By varying the abstractions with the rest of the functionality fixed, we measure and analyze the impact of distributed programming abstractions on application energy consumption

  7. Modeling and Testing Secure Web-Based Systems: Application to an Industrial Case Study

    Microsoft Academic Search

    Wissam Mallouli; Mounir Lallali; Gerardo Morales; Ana Rosa Cavalli

    2008-01-01

    Ensuring that a Web-based system respects its security requirements is a critical issue that has become more and more difficult to perform in these last years. This difficulty is due to the complexity level of such systems as well as their variety and increasing distribution. To guarantee such a respect, we need to test the target Web system by applying

  8. SHARP: a new real-time scheduling algorithm to improve security of parallel applications on heterogeneous clusters

    Microsoft Academic Search

    Tao Xie; Xiao Qin; Mais Nijim

    2006-01-01

    This paper addresses the problem of improving quality of security for real-time parallel applica-tions on heterogeneous clusters. We propose a new security-and heterogeneity-driven scheduling algo-rithm (SHARP for short), which strives to maximize the probability that parallel applications are executed in time without any risk of being attacked. Because of high security overhead in existing clusters, an im-portant step in scheduling

  9. USN Middleware Security Model

    Microsoft Academic Search

    Mijoo Kim; Mi Yeon Yoon; Hyun Cheol Jeong; Heung Youl Youm

    2009-01-01

    In recent years, USN technology has become one of the major issues in business and academia. This paper analyzes USN services\\u000a from a security point of view and proposes a security model of USN middleware that plays a bridge role in linking heterogeneous\\u000a sensor network to USN applications. In USN environment, sensor networks transmit data sensed from all distributed sensor

  10. Time Scaling of Chaotic Systems: Application to Secure Communications

    E-print Network

    Donatello Materassi; Michele Basso

    2007-10-25

    The paper deals with time-scaling transformations of dynamical systems. Such scaling functions operate a change of coordinates on the time axis of the system trajectories preserving its phase portrait. Exploiting this property, a chaos encryption technique to transmit a binary signal through an analog channel is proposed. The scheme is based on a suitable time-scaling function which plays the role of a private key. The encoded transmitted signal is proved to resist known decryption attacks offering a secure and reliable communication.

  11. Bayesian performance metrics of binary sensors in homeland security applications

    NASA Astrophysics Data System (ADS)

    Jannson, Tomasz P.; Forrester, Thomas C.

    2008-04-01

    Bayesian performance metrics, based on such parameters, as: prior probability, probability of detection (or, accuracy), false alarm rate, and positive predictive value, characterizes the performance of binary sensors; i.e., sensors that have only binary response: true target/false target. Such binary sensors, very common in Homeland Security, produce an alarm that can be true, or false. They include: X-ray airport inspection, IED inspections, product quality control, cancer medical diagnosis, part of ATR, and many others. In this paper, we analyze direct and inverse conditional probabilities in the context of Bayesian inference and binary sensors, using X-ray luggage inspection statistical results as a guideline.

  12. Forensic and homeland security applications of modern portable Raman spectroscopy.

    PubMed

    Izake, Emad L

    2010-10-10

    Modern detection and identification of chemical and biological hazards within the forensic and homeland security contexts may well require conducting the analysis in field while adapting a non-contact approach to the hazard. Technological achievements on both surface and resonance enhancement Raman scattering re-developed Raman spectroscopy to become the most adaptable spectroscopy technique for stand-off and non-contact analysis of hazards. On the other hand, spatially offset Raman spectroscopy proved to be very valuable for non-invasive chemical analysis of hazards concealed within non-transparent containers and packaging. PMID:20395087

  13. Modeling and Analysis of Power Distribution Networks for Gigabit Applications

    E-print Network

    Swaminathan, Madhavan

    Modeling and Analysis of Power Distribution Networks for Gigabit Applications Jinwoo Choi, Student and coupling. To minimize such noise behavior, prelayout analysis and postlayout verification of the power and analysis of the power distribution network. The power distribution network supplies power to core logic

  14. Skewed Bessel Function Distribution with Application to Rainfall Data

    E-print Network

    Sidorov, Nikita

    Skewed Bessel Function Distribution with Application to Rainfall Data S. Nadarajah, H. M and Statistics Group School of Mathematics, The University of Manchester #12;Skewed Bessel Function Distribution attention in the last few years. In this note, a skewed Bessel function distribution with the pdf f(x) = 2g

  15. Security Technologies for Open Networking Environments (STONE)

    SciTech Connect

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The group security system has been designed to support four roles: The Security Domain Ad

  16. Thin-film thermoelectric energy harvesting for security and sensing applications

    NASA Astrophysics Data System (ADS)

    Koester, David A.; Crocco, Paul; Mahadevan, Ramaswamy; Siivola, Edward; von Gunten, Karl

    2011-06-01

    The past decade has seen significant advances in distributed sensors and sensor networks. Many of these advances have been driven by programs that support national intelligence and security interests. With these advances have come an increased interest in energy harvesting to provide continuous power sources to replace or augment existing power storage systems. The use of waste heat is an attractive source of energy for many applications where ?W-mW power is required. The implementation of a thermoelectric power conversion system requires several basic elements in addition to an assumed heat source. These elements are: 1) a thermoelectric device, 2) a heat sink, 3) voltage regulation, 4) an energy storage device and 5) load management. The design and optimization of the system (and each element within the system) is highly dependent on the thermal boundary conditions and the power load. This presentation will review the key performance factors and considerations required to optimize each element of the system to achieve the required I-V characteristics for output power.

  17. A Secure Smartphone Applications Roll-out Scheme

    Microsoft Academic Search

    Alexios Mylonas; Bill Tsoumas; Stelios Dritsas; Dimitris Gritzalis

    \\u000a The adoption of smartphones, devices transforming from simple communication devices to smart and multipurpose devices, is\\u000a constantly increasing. Amongst the main reasons for their vast pervasiveness are their small size, their enhanced functionality,\\u000a as well as their ability to host many useful and attractive applications. Furthermore, recent studies estimate that application\\u000a installation in smartphones acquired from official application repositories, such

  18. The Digital Distributed System Security Architecture Morrie Gasser, Andy Goldstein, Charlie Kaufman, Butler Lampson

    E-print Network

    Lampson, Butler W.

    state-of-the-art con- cepts to address the needs of both commercial and gov- ernment environments. The architecture covers user and system authentication, mandatory and discretion- ary security, secure. Overview The state of the art of computer security today is such that reasonably secure standalone

  19. Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security

    E-print Network

    Sood, Arun K.

    Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security Yih Huang. In prior work, we developed a Self-Cleansing Intrusion Tolerance (SCIT) architecture that achieves the above goal by constantly cleansing the servers and rotating the role of individual servers

  20. Model Driven Configuration of Secure Operating Systems for Mobile Applications in Healthcare

    Microsoft Academic Search

    B. Agreiter; M. Alam; M. Hafner; J.-P. Seifert; X. Zhang

    Trust and assurance of mobile platforms is a prime objec- tive when considering their deployment to security-critical scenarios in e.g., healthcare or e-government. Currently, several complementary ap- proaches are being pursued in parallel, ranging from purely hardware based, to operating system level, and application level solutions. To- gether, they build a \\

  1. A Security Framework of Group Location-Based Mobile Applications in Cloud Computing

    Microsoft Academic Search

    Yu-Jia Chen; Li-Chun Wang

    2011-01-01

    In this paper, we present a secure frame- work when the location information of mobile terminals is utilized in a cloud computing environment. Because cloud computing provides powerful storage capabil- ity and scalability, many application providers start migrating the data stored in their original databases to outsourced databases (ODB), such as AMAZON SIMPLEDB. However, because of the multiple tenants and

  2. Application of an explosive detection device based on quadrupole resonance (QR) technology in aviation security

    Microsoft Academic Search

    Ed Rao; William J. Hughes

    2001-01-01

    The Federal Aviation Administration has deployed Advanced Technology (AT) based explosive detection devices for screening checked baggage in US domestic airports. The paper addresses the application of quadrupole resonance (QR) technology to detect explosives in checked baggage in aviation security. This technology was deployed in combination with advanced X-ray by the US government. The paper focuses on the quadrupole resonance

  3. REMOTE SENSING APPLICATIONS FOR SUSTAINABLE WATERSHED MANAGEMENT AND FOOD SECURITY: JOURNAL ARTICLE

    EPA Science Inventory

    NRMRL-CIN-1496A Rochon*, G., Szlag*, D., Daniel*, F.B., and Chifos**, C. Remote Sensing Applications for Sustainable Watershed Management and Food Security. Proceedings of the 21st European Association of Remote Sensing Laboratories Symposium, Marne-La-Valle, France, 5/14-16/200...

  4. DESIGN SECURE AND APPLICATION-ORIENTED VANET Yi Qian, and Nader Moayeri

    E-print Network

    DESIGN SECURE AND APPLICATION-ORIENTED VANET Yi Qian, and Nader Moayeri National Institute ad hoc network (VANET) is recognized as an important component of Intelligent Transportation Systems. The main benefit of VANET communication is seen in active safety systems, which target to increase safety

  5. A SECURE VANET MAC PROTOCOL FOR DSRC APPLICATIONS , Kejie Lu 2

    E-print Network

    A SECURE VANET MAC PROTOCOL FOR DSRC APPLICATIONS Yi Qian 1 , Kejie Lu 2 , and Nader Moayeri 1 1 Systems. The main benefit of vehicular ad hoc network (VANET) communication is seen in active safety and private services are also permitted in order to lower the cost and to encourage VANET deployment

  6. NOAA, 2012 Climate Prediction Applications Science Workshop (CPASW), Climate Services for National Security Challenges: Abstract Submission

    E-print Network

    Miami, University of

    , risk, and resource security can be quickly evaluated using SimCLIM, an application that seamless) emissions scenarios to meet specific client needs. SimCLIM has been used to assess projected changes in sea examples of how the SimCLIM tool can guide water managers and planners when confronting climate

  7. THz imaging and sensing for security applications---explosives, weapons and drugs

    Microsoft Academic Search

    John F. Federici; Brian Schulkin; Feng Huang; Dale Gary; Robert Barat; Filipe Oliveira; David Zimdars

    2005-01-01

    Over the past 5 years, there has been a significant interest in employing terahertz (THz) technology, spectroscopy and imaging for security applications. There are three prime motivations for this interest: (a) THz radiation can detect concealed weapons since many non-metallic, non-polar materials are transparent to THz radiation; (b) target compounds such as explosives and illicit drugs have characteristic THz spectra

  8. Automatically securing permission-based software by reducing the attack surface: an application to Android

    Microsoft Academic Search

    Alexandre Bartel; Jacques Klein; Yves Le Traon; Martin Monperrus

    2012-01-01

    In the permission-based security model (used e.g. in Android and Blackberry), applications can be granted more permissions than they actually need, what we call a “permission gap”. Malware can leverage the unused permissions for achieving their malicious goals, for instance using code injection. In this paper, we present an approach to detecting permission gaps using static analysis. Using our tool

  9. Game Theory with Costly Computation: Formulation and Application to Protocol Security

    E-print Network

    Keinan, Alon

    Game Theory with Costly Computation: Formulation and Application to Protocol Security Joseph Y a general game-theoretic framework for reasoning about strategic agents performing possibly costly computation. In this framework, many traditional game-theoretic results (such as the existence of a Nash equi

  10. Using evolutionary computation for seismic signal detection: a homeland security application

    Microsoft Academic Search

    Vincent W. Porto; Lawrence J. Fogel; David B. Fogel

    2004-01-01

    Many organizations and governments have the need to monitor areas for intrusions and, once detected, to identify the type of potential intruder(s) present. Applications include perimeter security at installations such as airports and critical infrastructure, as well as military situation awareness in monitoring demilitarized zones, or other areas where activity of interest may occur. Seismic signal detectors can be used

  11. Re-Encryption-Based Key Management Towards Secure and Scalable Mobile Applications in Clouds

    E-print Network

    Re-Encryption-Based Key Management Towards Secure and Scalable Mobile Applications in Clouds Piotr of Waterloo Waterloo, Ontario, Canada ahasan@uwaterloo.ca Abstract--Cloud computing confers strong economic advan- tages, but many clients are reluctant to implicitly trust a third-party cloud provider

  12. Anomaly Detection in Computer Security and an Application to File System Accesses

    E-print Network

    Yang, Junfeng

    Anomaly Detection in Computer Security and an Application to File System Accesses Salvatore J System that monitors file systems to detect abnormal accesses. The File Wrapper Anomaly Detector (FWRAP that computes normal models of those accesses. FWRAP employs the Probabilistic Anomaly Detection (PAD) algorithm

  13. Nanomaterials : a review of the definitions, applications, health effects. How to implement secure development

    E-print Network

    Boyer, Edmond

    Nanomaterials : a review of the definitions, applications, health effects. How to implement secure development E. Gaffet Nanomaterials Research Group ­ UMR CNRS 5060 Site de Sévenans (UTBM) ­ F90010 Belfort agences en matičre de sécurité. Abstract: Nanomaterials are an active area of research but also

  14. Multicolor IR sensors based on QWIP technology for security and surveillance applications

    Microsoft Academic Search

    Mani Sundaram; Axel Reisinger; Richard Dennis; Kelly Patnaude; Douglas Burrows; Robert Cook; Jason Bundas

    2006-01-01

    Room-temperature targets are detected at the furthest distance by imaging them in the long wavelength (LW: 8-12 mum) infrared spectral band where they glow brightest. Focal plane arrays (FPAs) based on quantum well infrared photodetectors (QWIPs) have sensitivity, noise, and cost metrics that have enabled them to become the best commercial solution for certain security and surveillance applications. Recently, QWIP

  15. Dynamic Trust Management for Delay Tolerant Networks and Its Application to Secure Routing

    E-print Network

    Chen, Ing-Ray

    Dynamic Trust Management for Delay Tolerant Networks and Its Application to Secure Routing Ing-Ray Chen, Fenye Bao, MoonJeong Chang, and Jin-Hee Cho Abstract-- Delay tolerant networks (DTNs without incurring high message or protocol maintenance overhead. Index Terms-- Delay tolerant networks

  16. Data security in location-aware applications: an approach based on RBAC

    Microsoft Academic Search

    M. L. Damiani; E. Bertino; P. Perlasca

    2007-01-01

    Data security in a mobile context is a critical issue. Over the last few years a new category of location-based services, the Enterprise LBS (ELBS), has emerged focusing on the demands of mobility in organisations. These applications pose challenging requirements, including the need of selective access to ELBS based on the position of mobile users and spatially bounded organisational roles.

  17. Securing while Sampling in Wireless Body Area Networks with Application to Electrocardiography.

    PubMed

    Dautov, Ruslan; Tsouri, Gill R

    2014-10-31

    Stringent resource constraints and broadcast transmission in wireless body area network raise serious security concerns when employed in biomedical applications. Protecting data transmission where any minor alteration is potentially harmful is of significant importance in healthcare. Traditional security methods based on public or private key infrastructure require considerable memory and computational resources and present an implementation obstacle in compact sensornodes. This paper proposes a lightweight encryption framework augmenting Compressed Sensing with Wireless Physical Layer Security. Augmenting compressed sensing to secure information is based on the use of the measurement matrix as an encryption key and allows for incorporating security in addition to compression at the time of sampling an analog signal. The proposed approach eliminates the need for a separate encryption algorithm as well as the pre-deployment of a key thereby conserving sensor-node's limited resources. The proposed framework is evaluated using analysis, simulation and experimentation applied to a wireless electrocardiogram setup consisting of a sensor-node, an access point, and an eavesdropper performing a proximity attack. Results show that legitimate communication is reliable and secure given that the eavesdropper is located at a reasonable distance from the sensor-node and the access point. PMID:25373134

  18. SecuritySecurity Prof. Steven A. Demurjian

    E-print Network

    Demurjian, Steven A.

    --Pronged Security EmphasisPronged Security Emphasis Secure Information Exchange via XML with MAC/RBAC Security for Services- Based (Prior) and Cloud (Future) Computing Assurance Consistency Integrity Access Control RBAC, DAC, MAC Security Enforcement Application and Software Security #12;Comcast-3 NIST RBAC w

  19. Discrete-phase-randomized coherent state source and its application in quantum key distribution

    NASA Astrophysics Data System (ADS)

    Cao, Zhu; Zhang, Zhen; Lo, Hoi-Kwong; Ma, Xiongfeng

    2015-05-01

    Coherent state photon sources are widely used in quantum information processing. In many applications, such as quantum key distribution (QKD), a coherent state functions as a mixture of Fock states by assuming that its phase is continuously randomized. In practice, such a crucial assumption is often not satisfied, and therefore the security of existing QKD experiments is not guaranteed. To bridge this gap, we provide a rigorous security proof of QKD with discrete-phase-randomized coherent state sources. Our results show that the performance of the discrete-phase randomization case is close to its continuous counterpart with only a small number (say, 10) of discrete phases. Compared to the conventional continuous phase randomization case, where an infinite amount of random bits are required, our result shows that only a small amount (say, 4 bits) of randomness is needed.

  20. Discrete-phase-randomized coherent state source and its application in quantum key distribution

    E-print Network

    Zhu Cao; Zhen Zhang; Hoi-Kwong Lo; Xiongfeng Ma

    2015-05-14

    Coherent state photon sources are widely used in quantum information processing. In many applications, such as quantum key distribution (QKD), a coherent state is functioned as a mixture of Fock states by assuming its phase is continuously randomized. In practice, such a crucial assumption is often not satisfied and, therefore, the security of existing QKD experiments is not guaranteed. To bridge this gap, we provide a rigorous security proof of QKD with discrete-phase-randomized coherent state sources. Our results show that the performance of the discrete-phase randomization case is close to its continuous counterpart with only a small number (say, 10) of discrete phases. Comparing to the conventional continuous phase randomization case, where an infinite amount of random bits are required, our result shows that only a small amount (say, 4 bits) of randomness is needed.

  1. Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications

    Microsoft Academic Search

    James Walden; Maureen Doyle; Robert Lenhof; John Murray

    2010-01-01

    \\u000a While Java and PHP are two of the most popular languages for open source web applications found at \\u000a freshmeat.net\\u000a , Java has had a much better security reputation than PHP. In this paper, we examine whether that reputation is deserved.\\u000a We studied whether the variation in vulnerability density is greater between languages or between different applications written\\u000a in a single

  2. Managing Impacts of Security Protocol Changes in Service-Oriented Applications

    Microsoft Academic Search

    Halvard Skogsrud; Boualem Benatallah; Fabio Casati; Farouk Toumani

    2007-01-01

    Abstract We present a software tool and a framework,for security protocol change management.,While we focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic,environments typical of service-oriented applications. However, managing the evolution of trust negotiation

  3. Web Applications Security Assessment in the Portuguese World Wide Web Panorama

    Microsoft Academic Search

    Nuno Teodoro; Carlos Serrăo

    \\u000a Following the EU Information and Communication Technologies agenda, the Portuguese Government has started the creation of\\u000a many applications, enabling electronic interaction between individuals, companies and the public administration – the e-Government.\\u000a Due to the Internet open nature and the sensitivity of the data that those applications have to handle, it is important to\\u000a ensure and assess their security. Financial institutions,

  4. PeerShare: A System Secure Distribution of Sensitive Data Among Social Contacts

    E-print Network

    Ott, Jörg

    of social networks. Social networks (like Facebook, or Twitter), giving users op- portunity to share data by different applications to distribute different types of data (e.g., shared secret keys, public keys, other. In our implementation, we use Facebook as the social network. The social network server is used for user

  5. Designing Distributed Applications with Mobile Code Paradigms

    Microsoft Academic Search

    Antonio Carzaniga; Gian Pietro Picco; Giovanni Vigna

    1997-01-01

    Large scale distributed systems are becoming of paramount importance, due to the evolution of technology and to the interest of market. Their development, however, is not yet supported by a sound technological and methodological background, as the results developed for small size distributed systems often do not scale up. Recently, mobzle code languages (MCLs) have been proposed as a technological

  6. Security Analysis and Improvement Model for Web-based Applications 

    E-print Network

    Wang, Yong

    2010-01-14

    , confidentiality, and data integrity. According to the reports from http://www.securityfocus.com in May 2006, operating systems account for 9% vulnerability, web-based software systems account for 61% vulnerability, and other applications account for 30...

  7. Wavelet methods and statistical applications: network security and bioinformatics 

    E-print Network

    Kwon, Deukwoo

    2005-11-01

    Wavelet methods possess versatile properties for statistical applications. We would like to explore the advantages of using wavelets in the analyses in two different research areas. First of all, we develop an integrated ...

  8. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    SciTech Connect

    Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  9. MDPHnet: secure, distributed sharing of electronic health record data for public health surveillance, evaluation, and planning.

    PubMed

    Vogel, Joshua; Brown, Jeffrey S; Land, Thomas; Platt, Richard; Klompas, Michael

    2014-12-01

    Electronic health record systems contain clinically detailed data from large populations of patients that could significantly enrich public health surveillance. Clinical practices' security, privacy, and proprietary concerns, however, have limited their willingness to share these data with public health agencies. We describe a novel distributed network for public health surveillance called MDPHnet. The system allows the Massachusetts Department of Public Health (MDPH) to initiate custom queries against participating practices' electronic health records while the data remain behind each practice's firewall. Practices can review proposed queries before execution and approve query results before releasing them to the health department. MDPH is using the system for routine surveillance for priority conditions and to evaluate the impact of public health interventions. PMID:25322301

  10. Experimental quantum key distribution with finite-key security analysis for noisy channels

    NASA Astrophysics Data System (ADS)

    Bacco, Davide; Canale, Matteo; Laurenti, Nicola; Vallone, Giuseppe; Villoresi, Paolo

    2013-09-01

    In quantum key distribution implementations, each session is typically chosen long enough so that the secret key rate approaches its asymptotic limit. However, this choice may be constrained by the physical scenario, as in the perspective use with satellites, where the passage of one terminal over the other is restricted to a few minutes. Here we demonstrate experimentally the extraction of secure keys leveraging an optimal design of the prepare-and-measure scheme, according to recent finite-key theoretical tight bounds. The experiment is performed in different channel conditions, and assuming two distinct attack models: individual attacks or general quantum attacks. The request on the number of exchanged qubits is then obtained as a function of the key size and of the ambient quantum bit error rate. The results indicate that viable conditions for effective symmetric, and even one-time-pad, cryptography are achievable.

  11. Experimental quantum key distribution with finite-key security analysis for noisy channels.

    PubMed

    Bacco, Davide; Canale, Matteo; Laurenti, Nicola; Vallone, Giuseppe; Villoresi, Paolo

    2013-01-01

    In quantum key distribution implementations, each session is typically chosen long enough so that the secret key rate approaches its asymptotic limit. However, this choice may be constrained by the physical scenario, as in the perspective use with satellites, where the passage of one terminal over the other is restricted to a few minutes. Here we demonstrate experimentally the extraction of secure keys leveraging an optimal design of the prepare-and-measure scheme, according to recent finite-key theoretical tight bounds. The experiment is performed in different channel conditions, and assuming two distinct attack models: individual attacks or general quantum attacks. The request on the number of exchanged qubits is then obtained as a function of the key size and of the ambient quantum bit error rate. The results indicate that viable conditions for effective symmetric, and even one-time-pad, cryptography are achievable. PMID:24008848

  12. Application of classification methods in assessment of NATO member countries' economic, security and political risks

    NASA Astrophysics Data System (ADS)

    Odehnal, Jakub

    2013-10-01

    The aim of this paper is to attempt possible quantification of determinants of military expenditure and their application to current NATO member countries. To analyse the economic, security and political risks of NATO member countries, author employ multivariate statistical techniques which take into consideration the multivariate properties of the data sets used as input variables. Classification of countries based on cluster analysis has made it possible to identify disparities between NATO member countries, and thus to describe diverse economic or security environment affecting the amount of military expenditure as a percentage of the respective countries' gross domestic product.

  13. DISTRIBUTED COMPUTING FILTERS :MULTISENSOR MARINE APPLICATIONS

    E-print Network

    Plataniotis, Konstantinos N.

    applicability in such marine applications as marine geophysicaldata processing for oil exploration,un- derwater, such as the well known and widely used Kalman fiter [71 or Lainiotis linear fiiters [15,8,14]. This approach, devel- oped in the classical theory, requires large communication bandwidth for sensor information

  14. Distribution automation applications of fiber optics

    NASA Technical Reports Server (NTRS)

    Kirkham, Harold; Johnston, A.; Friend, H.

    1989-01-01

    Motivations for interest and research in distribution automation are discussed. The communication requirements of distribution automation are examined and shown to exceed the capabilities of power line carrier, radio, and telephone systems. A fiber optic based communication system is described that is co-located with the distribution system and that could satisfy the data rate and reliability requirements. A cost comparison shows that it could be constructed at a cost that is similar to that of a power line carrier system. The requirements for fiber optic sensors for distribution automation are discussed. The design of a data link suitable for optically-powered electronic sensing is presented. Empirical results are given. A modeling technique that was used to understand the reflections of guided light from a variety of surfaces is described. An optical position-indicator design is discussed. Systems aspects of distribution automation are discussed, in particular, the lack of interface, communications, and data standards. The economics of distribution automation are examined.

  15. "Glitch Logic" and Applications to Computing and Information Security

    NASA Technical Reports Server (NTRS)

    Stoica, Adrian; Katkoori, Srinivas

    2009-01-01

    This paper introduces a new method of information processing in digital systems, and discusses its potential benefits to computing and information security. The new method exploits glitches caused by delays in logic circuits for carrying and processing information. Glitch processing is hidden to conventional logic analyses and undetectable by traditional reverse engineering techniques. It enables the creation of new logic design methods that allow for an additional controllable "glitch logic" processing layer embedded into a conventional synchronous digital circuits as a hidden/covert information flow channel. The combination of synchronous logic with specific glitch logic design acting as an additional computing channel reduces the number of equivalent logic designs resulting from synthesis, thus implicitly reducing the possibility of modification and/or tampering with the design. The hidden information channel produced by the glitch logic can be used: 1) for covert computing/communication, 2) to prevent reverse engineering, tampering, and alteration of design, and 3) to act as a channel for information infiltration/exfiltration and propagation of viruses/spyware/Trojan horses.

  16. Iodine-129 AMS for Earth Science, Biomedical, and National Security Applications

    SciTech Connect

    Nimz, G; Brown, T; Tumey, S; Marchetti, A; Vu, A

    2007-02-20

    This Laboratory Directed Research and Development project created the capability to analyze the radionuclide iodine-129 ({sup 129}I) by accelerator mass spectrometry (AMS) in the CAMS facility at LLNL, and enhanced our scientific foundation for its application through development of sample preparation technology required for environmental, biomedical, and national security applications. The project greatly improved our environmental iodine extraction and concentration methodology, and developed new techniques for the analysis of small quantities of {sup 129}I. The project can be viewed as having two phases, one in which the basic instrumental and chemical extraction methods necessary for general {sup 129}I analysis were developed, and a second in which these techniques were improved and new techniques were developed to enable broader and more sophisticated applications. The latter occurred through the mechanism of four subprojects that also serve as proof-of-principle demonstrations of our newly developed {sup 129}I capabilities. The first subproject determined the vertical distribution of bomb-pulse {sup 129}I ({sup 129}Iv distributed globally as fallout from 1950's atmospheric nuclear testing) through 5 meters in the upper vadose zone in the arid southwestern United States. This characterizes migration mechanisms of contaminant {sup 129}I, or {sup 129}I released by nuclear fuel reprocessing, as well as the migration of labile iodine in soils relative to moisture flux, permitting a determination of nutrient cycling. The second subproject minimized the amount of iodine required in an AMS sample target. Because natural iodine abundances are very low in almost all environments, many areas of research had been precluded or made extremely difficult by the demands of sample size. Also, certain sample types of potential interest to national security are intrinsically small - for example iodine on air filters. The result of this work is the ability to measure the {sup 129}I/{sup 127}I ratio at the 2E-07 level or higher in a sample as small as a single raindrop. The third subproject tested the feasibility of using bomb-pulse {sup 129}I in shallow groundwaters in the Sierra Nevada to determine the source of waters entering into the Merced River. The sources of water and their time (age) within the hydrologic system is crucial to understanding the effects of climate change on California waters. The project is in collaboration with faculty and students at the University of California - Merced, and is now the subject of a follow-on Ph.D. dissertation project funded by the LLNL-URP University Education Participation Program. The fourth subproject examined the requirements for using the decay of {sup 129}I to date pore waters associated with continental shelf methane hydrate deposits. Understanding the age of formation and the historical stability of these hydrates is important in determining their response to climate change. Thawing of the world's methane hydrates would quickly and dramatically increase greenhouse gases in the atmosphere. The calculations and testing performed on this project have led to a follow on project that selectively implants {sup 127}I to the exclusion of {sup 129}I, creating an analytical iodine carrier with a substantially lower {sup 129}I background than is available from natural sources. This will permit measurement of {sup 129}I/{sup 127}I ratios at sub-10-14 levels, thereby providing a method for dating hydrate pore waters that are tens of millions of years old.

  17. Implementation of Quantum Key Distribution with Composable Security Against Coherent Attacks using Einstein-Podolsky-Rosen Entanglement

    E-print Network

    Tobias Gehring; Vitus Händchen; Jörg Duhme; Fabian Furrer; Torsten Franz; Christoph Pacher; Reinhard F. Werner; Roman Schnabel

    2015-02-10

    Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution (QKD) this is achieved without relying on the hardness of mathematical problems which might be compromised by improved algorithms or by future quantum computers. State-of-the-art QKD requires composable security against coherent attacks for a finite number of samples. Here, we present the first implementation of QKD satisfying this requirement and additionally achieving security which is independent of any possible flaws in the implementation of the receiver. By distributing strongly Einstein-Podolsky-Rosen entangled continuous variable (CV) light in a table-top arrangement, we generated secret keys using a highly efficient error reconciliation algorithm. Since CV encoding is compatible with conventional optical communication technology, we consider our work to be a major promotion for commercialized QKD providing composable security against the most general channel attacks.

  18. REAL-TIME ENVIRONMENTAL MONITORING: APPLICATIONS FOR HOMELAND SECURITY

    EPA Science Inventory

    Real-time monitoring technology developed as part of the EMPACT program has a variety of potential applications. These tools can measure a variety of potential contaminants in the air, water, in buildings, or in the soil. Real-time monitoring technology allows these detection sys...

  19. Howto: Wireless network emulation using ns2 and Distributed Applications.

    E-print Network

    Howto: Wireless network emulation using ns2 and Distributed Applications. Version 1.0 15th December Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.4 NS-2 Emulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.4 Large packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4 NS-2

  20. Account Name Account Number Spending Distribution Account Number (if applicable)

    E-print Network

    de Lijser, Peter

    Account Name Account Number Spending Distribution Account Number (if applicable) College with CSFPF is required Name: CSUF email: signature Secondary Signatories Name: CSUF email: signature Third Signatories/ Fourth Signatories Name: /Name: /CSUF email: /CSUF email: signature signature Fifth Signatories