First International Conference on Availability, Reliability and Security (ARES'06)最新文献

筛选
英文 中文
Validation of IT-security measurement tools 验证it安全度量工具
Ruedi Baer, Martin Dietrich
{"title":"Validation of IT-security measurement tools","authors":"Ruedi Baer, Martin Dietrich","doi":"10.1109/ARES.2006.142","DOIUrl":"https://doi.org/10.1109/ARES.2006.142","url":null,"abstract":"Different norms demand the measurment of IT-security. But how the measurement should be carried out, is not part of the norms. To compare the results of the different methods and tools with each other, it is necessary to validate the measuring tools. The scientific validation of measuring tools in the area of IT-security raises many questions that have not been discussed not to mention answered.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133020321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Securing DNS services through system self cleansing and hardware enhancements 通过系统自清理和硬件增强来保护DNS服务
Y. Huang, David Arsenault, A. Sood
{"title":"Securing DNS services through system self cleansing and hardware enhancements","authors":"Y. Huang, David Arsenault, A. Sood","doi":"10.1109/ARES.2006.123","DOIUrl":"https://doi.org/10.1109/ARES.2006.123","url":null,"abstract":"Domain name systems (DNS) provide the mapping between easily-remembered host names and their IP addresses. Popular DNS implementations however contain vulnerabilities that are exploited by frequent, targeted attacks. The software vulnerabilities of DNS together with the constant innovation and morphing of cyber attack techniques necessitate the consideration of the worst case scenarios: there will be successful but undetected attacks against DNS servers. In this work, we develop a secure DNS architecture that contains the damage of successful, undetected attacks. This formidable end is achieved by constantly cleansing the servers and rotating the role of individual servers. Moreover, the server rotation process itself is protected against corruption by hardware. We will show the advantages of our design in the following areas: (1) protection of the DNS master file and cryptographic keys, (2) incorruptible intrusion tolerance, (3) high availability, and (4) scalability, the support of using of high degrees of hardware/server redundancy to improve both system security and service dependability. Due to the critical importance of DNS, such a dependable and intrusion-resilient design contributes significantly to the overall security of the Internet.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114495628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
A proposal of an anonymous authentication method for flat-rate service 统一收费服务的匿名认证方法的建议
Yoshio Kakizaki, Hiroshi Yamamoto, H. Tsuji
{"title":"A proposal of an anonymous authentication method for flat-rate service","authors":"Yoshio Kakizaki, Hiroshi Yamamoto, H. Tsuji","doi":"10.1109/ARES.2006.12","DOIUrl":"https://doi.org/10.1109/ARES.2006.12","url":null,"abstract":"When the Web services are used, there is a case that they need not identify who is the user if the user is the regular user. In this paper, we propose the method that the service based on authority can be used by public-key certificate and attribute certificate without identifying. As a result, the user can take the services though the user with a regular authority is not identified by the service server. Moreover, the service server confirms user is a regular user, and can provide the services without identifying the user. Our method makes it possible to protect the user's usage information.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114786361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Supporting attribute-based access control with ontologies 支持使用本体进行基于属性的访问控制
Torsten Priebe, Wolfgang Dobmeier, N. Kamprath
{"title":"Supporting attribute-based access control with ontologies","authors":"Torsten Priebe, Wolfgang Dobmeier, N. Kamprath","doi":"10.1109/ARES.2006.127","DOIUrl":"https://doi.org/10.1109/ARES.2006.127","url":null,"abstract":"In highly open systems like the Internet, attribute-based access control (ABAC) has proven its appropriateness. The specification and maintenance of ABAC policies however has turned out to be complex and error-prone, especially if heterogeneous attribute schemes are involved. Here, the arising semantic Web can contribute to a solution. This paper presents an approach based on an extension of the established XACML standard. It simplifies the policies by providing an ontology-based attribute management facility.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117044310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 118
Towards a stochastic model for integrated security and dependability evaluation 安全性与可靠性综合评估的随机模型研究
K. Sallhammar, B. Helvik, S. J. Knapskog
{"title":"Towards a stochastic model for integrated security and dependability evaluation","authors":"K. Sallhammar, B. Helvik, S. J. Knapskog","doi":"10.1109/ARES.2006.137","DOIUrl":"https://doi.org/10.1109/ARES.2006.137","url":null,"abstract":"We present a new approach to integrated security and dependability evaluation, which is based on stochastic modelling techniques. Our proposal aims to provide operational measures of the trustworthiness of a system, regardless if the underlying failure cause is intentional or not. By viewing system states as elements in a stochastic game, we can compute the probabilities of expected attacker behavior, and thereby be able to model attacks as transitions between system states. The proposed game model is based on a reward-and cost concept. A section of the paper is devoted to the demonstration of how the expected attacker behavior is affected by the parameters of the game. Our model opens up for use traditional Markov analysis to make new types of probabilistic predictions for a system, such as its expected time to security failure.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117127105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 54
An ontology for secure e-government applications 安全电子政务应用的本体
Maria Karyda, Theodoros Balopoulos, L. Gymnopoulos, S. Kokolakis, C. Lambrinoudakis, S. Gritzalis, S. Dritsas
{"title":"An ontology for secure e-government applications","authors":"Maria Karyda, Theodoros Balopoulos, L. Gymnopoulos, S. Kokolakis, C. Lambrinoudakis, S. Gritzalis, S. Dritsas","doi":"10.1109/ARES.2006.28","DOIUrl":"https://doi.org/10.1109/ARES.2006.28","url":null,"abstract":"This paper addresses the issue of accommodating security requirements in application development. It proposes the use of ontologies for capturing and depicting the security experts' knowledge. In this way developers can exploit security expertise in order to make design choices that help them fulfil security requirements more effectively. We have developed a security ontology for two different application scenarios to illustrate its use. To validate the ontology we have used queries.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123610169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
An extended verifiable secret redistribution protocol for archival systems 档案系统的可验证秘密再分发协议
V. Gupta, K. Gopinath
{"title":"An extended verifiable secret redistribution protocol for archival systems","authors":"V. Gupta, K. Gopinath","doi":"10.1109/ARES.2006.26","DOIUrl":"https://doi.org/10.1109/ARES.2006.26","url":null,"abstract":"Existing protocols for archival systems make use of verifiability of shares in conjunction with a proactive secret sharing scheme to achieve high availability and long term confidentiality, besides data integrity. In this paper, we extend an existing protocol (Wong et al. [2002]) to take care of more realistic situations. For example, it is assumed in the protocol of Wong et al. that the recipients of the secret shares are all trustworthy; we relax this by requiring that only a majority is trustworthy.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122110557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
The usability and practicality of biometric authentication in the workplace 生物识别认证在工作场所的可用性和实用性
C. Maple, P. Norrington
{"title":"The usability and practicality of biometric authentication in the workplace","authors":"C. Maple, P. Norrington","doi":"10.1109/ARES.2006.133","DOIUrl":"https://doi.org/10.1109/ARES.2006.133","url":null,"abstract":"This paper discusses usability and practicality issues for authentication systems based on biometrics. The effectiveness of a system incorporating an authentication method depends not only on theoretical and technological issues, but also on user interaction with and practical implementation of the system by an organisation. It is becoming increasingly common that IT and physical security are converging, especially in the workplace. This has significant ramifications for the workforce and operational matters. In this paper we pay particular attention to the potential issues that arise when companies introduce biometrics for IT or physical security and provide recommendations that help ensure a usable and practical implementation of the technology.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124661095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Satisfiability and trustworthiness of peers in peer-to-peer overlay networks 点对点覆盖网络中节点的可满足性和可信赖性
Y. Nakajima, Kenichi Watanabe, Naohiro Hayashibara, M. Takizawa, T. Enokido, S. Deen
{"title":"Satisfiability and trustworthiness of peers in peer-to-peer overlay networks","authors":"Y. Nakajima, Kenichi Watanabe, Naohiro Hayashibara, M. Takizawa, T. Enokido, S. Deen","doi":"10.1109/ARES.2006.116","DOIUrl":"https://doi.org/10.1109/ARES.2006.116","url":null,"abstract":"Service supported by an object is modeled to be a set of methods and quality of service (QoS). In addition to finding a peer which holds a target object, it is critical to discuss what peer is allowed to manipulate the target object in what method. In this paper, we take an acquaintance approach to finding and manipulating objects in P2P overlay networks. An acquaintance peer of a peer p is a peer whose service the peer p know and with which the peer p can directly communicate. If an access request is issued, a peer has to find where a target object exists, how to obtain an access right on the target object, and how to manipulate the target object. In this paper, we discuss ways to obtain results which satisfying an access requests by the cooperation of acquaintances. Acquaintance peers of a peer p may knows different information on target peers since it takes time to propagate change information of the target peers and peers may be faulty. Here, it is critical to discuss how much a peer can trust each acquaintance. We define the trustworthiness of an acquaintance peer in terms of the acquaintance relations among the peers.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125039960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Gait recognition using acceleration from MEMS 基于MEMS加速度的步态识别
D. Gafurov, Kirsi Helkala, Torkjel Søndrol
{"title":"Gait recognition using acceleration from MEMS","authors":"D. Gafurov, Kirsi Helkala, Torkjel Søndrol","doi":"10.1109/ARES.2006.68","DOIUrl":"https://doi.org/10.1109/ARES.2006.68","url":null,"abstract":"This paper presents an approach on recognising individuals based on 3D acceleration data from walking, which are collected using MEMS. Unlike most other gait recognition methods, which are based on video source, our approach uses walking acceleration in three directions: vertical, backward-forward and sideways. Using gait samples from 21 individuals and applying two methods, histogram similarity and cycle length, the equal error rates of 5% and 9% are achieved, respectively.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127372733","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 83
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信