发布求助
文献互助 智能选刊 最新文献

First International Conference on Availability, Reliability and Security (ARES'06)最新文献

筛选
英文 中文
Availability enforcement by obligations and aspects identification 通过义务和方面标识实现可用性
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.36
F. Cuppens, N. Cuppens-Boulahia, T. Ramard
{"title":"Availability enforcement by obligations and aspects identification","authors":"F. Cuppens, N. Cuppens-Boulahia, T. Ramard","doi":"10.1109/ARES.2006.36","DOIUrl":"https://doi.org/10.1109/ARES.2006.36","url":null,"abstract":"Information systems are more and more victim of denial of service attacks. Thus, availability is a critical property which is more and more difficult to achieve. In this paper, we devise a new approach to design programs that enforce availability requirements. This approach is based on a formal security model called Nomad which combines deontic and temporal logics. We show how to use this model to specify availability requirements. Our proposal is then based on aspect programming. For this purpose, availability requirements expressed in the Nomad model are transformed into availability aspects. Using aspect programming languages such as AspectJ, we can then weave these availability aspects to transform an insecure program into a secure one.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115785010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
A study of security architectural patterns 安全体系结构模式的研究
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.18
D. Rosado, E. Fernández-Medina, M. Piattini, C. Gutiérrez
{"title":"A study of security architectural patterns","authors":"D. Rosado, E. Fernández-Medina, M. Piattini, C. Gutiérrez","doi":"10.1109/ARES.2006.18","DOIUrl":"https://doi.org/10.1109/ARES.2006.18","url":null,"abstract":"Security and reliability issues are rarely considered at the initial stages of software development and are not part of the standard procedures in development of software and services. Security patterns are a recent development as a way to encapsulate the accumulated knowledge about secure systems design, and security patterns are also intended to be used and understood by developers who are not security professionals. In this paper, we compare several security patterns to be used when dealing with application security, following an approach that we consider important for measuring the security degree of the patterns, and indicating a fulfilment or not of the properties and attributes common to all security systems.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132463864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Deriving ratings through social network structures 通过社会网络结构获得评级
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.50
Hameeda Alshabib, O. Rana, Ali Shaikh Ali
{"title":"Deriving ratings through social network structures","authors":"Hameeda Alshabib, O. Rana, Ali Shaikh Ali","doi":"10.1109/ARES.2006.50","DOIUrl":"https://doi.org/10.1109/ARES.2006.50","url":null,"abstract":"A review of existing approaches to recommendation in e-commerce systems is provided. A recommendation system is primarily used to identify services which may be of interest to a user based on a similarity in purchasing (or browsing) patterns with another user, or to filter services that have been returned as a result of a search. Existing systems primarily make use of collaborative filtering approaches or a semantic-annotation approach which tries to find similarity by matching on the definition of a service. However, such systems suffer from \"sparseness\" of ratings - as it is difficult to find enough ratings to help make a recommendation for a user. We therefore propose the use of a social network as the basis for defining how ratings can be aggregated, based on the structure of the network. We also suggest the use of product categories as the basis for aggregating ratings - and define this as a \"context\" in which a particular service is used. A model for a recommendation system that combines context-based rating with the structure of a social network has been suggested, along with an architecture for a system that implements the model.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126713037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
A comparison of the Common Criteria with proposals of information systems security requirements 通用准则与资讯系统保安要求建议的比较
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.2
D. Mellado, E. Fernández-Medina, M. Piattini
{"title":"A comparison of the Common Criteria with proposals of information systems security requirements","authors":"D. Mellado, E. Fernández-Medina, M. Piattini","doi":"10.1109/ARES.2006.2","DOIUrl":"https://doi.org/10.1109/ARES.2006.2","url":null,"abstract":"Nowadays, security solutions are focused mainly on providing security defences; instead of solving one of the main reasons for security problems that refers to appropriate information systems (IS) design. Fortunately there are several standards, like the Common Criteria, which help to deal with the security requirements along all the IS development cycle. In this paper a comparative analysis of eight different relevant technical proposals, which place great importance on the establishing of security requirements in the development of IS, is carried out. And they provide some significant contributions in aspects related to security. Nevertheless, they only satisfy partly the necessary criteria for the establishment of security requirements, with guarantees and integration in the development of IS. Thus we conclude that they are not specific enough for dealing with security requirements in the first stages of IS development in a systematic and intuitive way.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"518 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115633614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
An architecture for service discovery based on capability matching 一种基于功能匹配的服务发现体系结构
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.25
J. Mocnik, Piotr Karwaczynski
{"title":"An architecture for service discovery based on capability matching","authors":"J. Mocnik, Piotr Karwaczynski","doi":"10.1109/ARES.2006.25","DOIUrl":"https://doi.org/10.1109/ARES.2006.25","url":null,"abstract":"Discovery of service providers that are useful to service requesters is a common problem in large, dynamic service-oriented systems, such as Grids. Simple service indices do not address this problem adequately when the service requesters need to describe complex conditions to be met by the service providers. Furthermore, the problem of sharing services among multiple service providers in order to enable the system to serve as many independent requesters as possible while still meeting their conditions is not addressed by such systems. This paper presents an architecture of a service discovery system for Grids, that allows dynamic registration of services and their provided capabilities. Discovery is based on matching of requested and provided capabilities. The matching process enables trading the degree of satisfaction of requested capabilities for availability of the system to multiple requesters. The discovery service seamlessly integrates with existing Grid infrastructure and specifications.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126234604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Quality of password management policy 密码管理策略的质量
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.102
Carlos Villarrubia, E. Fernández-Medina, M. Piattini
{"title":"Quality of password management policy","authors":"Carlos Villarrubia, E. Fernández-Medina, M. Piattini","doi":"10.1109/ARES.2006.102","DOIUrl":"https://doi.org/10.1109/ARES.2006.102","url":null,"abstract":"The use of passwords is the most common method to carry out the authentication of users in information systems. For this reason, quality in the password management is a need to reach reasonable levels in the typical objectives of security. In this paper, we propose a set of metrics of password policies based on the most outstanding factors in this authentication mechanism. Together with the metrics, we propose a quality indicator derived from these metrics that allows us to have a global vision of the quality of the password management policy used. Finally, we indicate the future works to be performed to check the validity and usefulness of the proposed metrics.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114722771","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Achieving availability and reliability in wireless sensor networks applications 实现无线传感器网络应用的可用性和可靠性
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.21
Amirhosein Taherkordi, Majid Alkaee Taleghan, M. Sharifi
{"title":"Achieving availability and reliability in wireless sensor networks applications","authors":"Amirhosein Taherkordi, Majid Alkaee Taleghan, M. Sharifi","doi":"10.1109/ARES.2006.21","DOIUrl":"https://doi.org/10.1109/ARES.2006.21","url":null,"abstract":"Recently, the use of wireless sensor networks has spread to applications areas that are not viable or cost-efficient to be run on other types of networks. The majority of these applications should be run continuously and reliably without interruption. Hence, the two significant quality factors that should be nowadays taken into account in developing wireless sensor networks applications are 'availability' and 'reliability' of application services. The specific characteristics and constraints of wireless sensor networks require a different interpretation of these two factors when developing applications for such networks. In this paper, we propose a middleware layer mechanism for satisfying these two factors. We propose an event-based middleware service that is specifically designed for wireless sensor networks in which a group of sensor nodes forms a cluster and a replicated service is run on each cluster head. The communication model among cluster members and cluster head is based on the publish/subscribe scheme. We show how the replicated services and communication model in cluster nodes increases the availability and reliability of applications running under the proposed middleware.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124230283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Building an encrypted file system on the EGEE grid: application to protein sequence analysis 在EGEE网格上建立加密文件系统:在蛋白质序列分析中的应用
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.39
Christophe Blanchet, Rémi Mollon, G. Deléage
{"title":"Building an encrypted file system on the EGEE grid: application to protein sequence analysis","authors":"Christophe Blanchet, Rémi Mollon, G. Deléage","doi":"10.1109/ARES.2006.39","DOIUrl":"https://doi.org/10.1109/ARES.2006.39","url":null,"abstract":"Bioinformatics needs high-throughput computing and huge data storage to understand datasets such as ones produced by complete genome projects. But these data are linked to patients, and used in scientific or industrial processes such as drug design and gene function identification. These use cases need to have a certain level of confidentiality and integrity to preserve the patient privacy or the patent secret. Obviously important in a local computing context such as supercomputer or cluster, these requirements are exarcebated in the context of a grid such EGEE, where the computing and storage resources are distributed across a worldwide platform. We have developed the EncFile encrypted files management system, deployed on the production platform of the EGEE project, and associated to encrypted representative biological resources. Thus we provided grid users with a user-friendly component that doesn't require any user privileges. Moreover, our EncFile system can be also deployed on other distributed systems as it is not linked to the EGEE grid components.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114960476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Modeling the reliability of search and rescue operations within the UK through Bayesian belief networks 通过贝叶斯信念网络模拟英国境内搜索和救援行动的可靠性
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.85
A. Russell, J. Quigley, R. Meer
{"title":"Modeling the reliability of search and rescue operations within the UK through Bayesian belief networks","authors":"A. Russell, J. Quigley, R. Meer","doi":"10.1109/ARES.2006.85","DOIUrl":"https://doi.org/10.1109/ARES.2006.85","url":null,"abstract":"This paper uses a Bayesian belief networks (BBN) methodology to assess the reliability of search and rescue (SAR) operations within the UK coastguard (maritime rescue) coordination centers. This is an extension of earlier work, which investigated the rationale of the government's decision to close a number of coordination centers. The previous study made use of secondary data sources and employed a binary logistic regression methodology to support the analysis. This study focused on the collection of primary data through a structured elicitation process, which resulted in the construction of a BBN. The main findings of the study are that approaches such as logistic regression are complementary to BBN's. The former provided a more objective assessment of associations between variables but was restricted in the level of detail that could be explicitly expressed within the model due to lack of available data. The latter method provided a much more detailed model but the validity of the numeric assessments was more questionable. Each method can be used to inform and defend the development of the other. The paper describes in detail the elicitation process employed to construct the BBN and reflects on the potential for bias.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"1 12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123417262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Schedulability driven security optimization in real-time systems 实时系统中可调度性驱动的安全性优化
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.117
Man Lin, L. Yang
{"title":"Schedulability driven security optimization in real-time systems","authors":"Man Lin, L. Yang","doi":"10.1109/ARES.2006.117","DOIUrl":"https://doi.org/10.1109/ARES.2006.117","url":null,"abstract":"This paper presents EDF schedulability driven security optimization in real-time systems. An increasing number of real-time applications like aircraft control and medical electronics systems require high quality of security to assure confidentiality and integrity of information. However, security requirements were not adequately considered in most existing real-time systems. We propose a group based security service model for real-time systems where the services are partitioned into groups. Services in the same security group provide the same type of security service but of different quality due to the different mechanism used. Service from different groups can be combined to achieve better security. The overhead model of the security services is also described. We consider EDF scheduling policy and develop a security aware EDF schedulability test. Two approaches: integer linear programming technique and an efficient heuristic search technique are proposed to select the best combination of security services for real-time systems while guaranteeing their schedulability.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122468386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信