发布求助
文献互助 智能选刊 最新文献

2011 7th International Conference on Information Assurance and Security (IAS)最新文献

筛选
英文 中文
Distributed access control for social networks 面向社交网络的分布式访问控制
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122797
Adnan Ahmad, B. Whitworth
{"title":"Distributed access control for social networks","authors":"Adnan Ahmad, B. Whitworth","doi":"10.1109/ISIAS.2011.6122797","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122797","url":null,"abstract":"Access control is the process by which access to information is granted to users for certain actions based on their identity. Traditional access control models that map every system resource directly to every system user work for organizations with thousands of users but struggle for social network sites like Facebook with millions of users. The problems faced are firstly the technical complexity of mapping millions of users to billions of resources and secondly the social need of users to own the items they post and to control their access, so access policies beyond just public/private are needed. And finally, that if ordinary users are to manage their own access control, they need software support. This paper argues that only distributed access control can meet these challenges and proposes a model based on the socio-technical design paradigm: first define the social requirements then design a technical solution to fulfill them.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124903357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Cryptanalysis of the full CHAIN cipher 全链密码的密码分析
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122792
W. Yap, S. Yeo, C. H. Yian
{"title":"Cryptanalysis of the full CHAIN cipher","authors":"W. Yap, S. Yeo, C. H. Yian","doi":"10.1109/ISIAS.2011.6122792","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122792","url":null,"abstract":"In 1999, Mohammad Peyravian and Don Coppersmith from IBM proposed a structured symmetric key block cipher called CHAIN that supports variable block size, key size and number of rounds. In this paper, we initiate the study of CHAIN's security. More significantly, we show that CHAIN with various block sizes is insecure against impossible differential attack. To the best of our knowledge, this is the first known attack against CHAIN.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132926890","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enhanced sharing and privacy in distributed information sharing environments 分布式信息共享环境中增强的共享和隐私
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122834
Ahmad Kamran Malik, S. Dustdar
{"title":"Enhanced sharing and privacy in distributed information sharing environments","authors":"Ahmad Kamran Malik, S. Dustdar","doi":"10.1109/ISIAS.2011.6122834","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122834","url":null,"abstract":"With the advancement in distributed computing and collaborative software technologies, information sharing and privacy related issues are gaining interest of researchers related to digital information creation, management, and distribution. Collaborative information sharing environment requires enhanced information sharing among users while privacy laws demand for the protection of user's information from unauthorized access and usage. Keeping this trade-off in view, there is a need for a flexible and enhanced information sharing model that preserves the privacy of user's information. We extend the Role-Based Access Control (RBAC) model to incorporate sharing and privacy related requirements and present a Dynamic Sharing and Privacy-aware Role-Based Access Control (DySP-RBAC) model. It is a family of models including core, hierarchical, and constrained RBAC models. The RBAC model is extended using team and task data elements as well as new data elements related to sharing and privacy of information. Sharing and privacy-based permission assignments and their conflict-handling strategies are described for a distributed and dynamic information sharing scenario.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123414231","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Guesswork changes in multi-processor attacks 多处理器攻击中的猜测变化
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122810
R. Lundin, S. Lindskog
{"title":"Guesswork changes in multi-processor attacks","authors":"R. Lundin, S. Lindskog","doi":"10.1109/ISIAS.2011.6122810","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122810","url":null,"abstract":"More and more effort is being spent on security improvements in today's computer networking environments. However, due to the nature of computer security there is still a lack of good quantitative assessment methods. Inventing and developing new ways of measuring security are therefore needed in order to more exact describe, assess, and improve security of computer environments. One existing quantitative security measure is guesswork. Guesswork gives the average number of guesses in a brute force attack when breaking an encrypted message. In the current definition of guesswork it is assumed that the attacker uses a single processor when breaking an encrypted message. However, an intelligent and motivated attacker will likely use several processors that can work in parallel to break an encrypted message. This paper formally investigates how guesswork changes over time in multi-processor attacks. The result is applied on three probability distributions, the English alphabet, the geometric, and the truncated geometric to illustrate some behaviors.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129529734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Integrating OAuth with Information card systems 将 OAuth 与信息卡系统集成
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122819
H. Al-Sinani
{"title":"Integrating OAuth with Information card systems","authors":"H. Al-Sinani","doi":"10.1109/ISIAS.2011.6122819","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122819","url":null,"abstract":"We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127166188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Adaptive context-aware packet filter scheme using statistic-based blacklist generation in network intrusion detection 基于统计生成黑名单的自适应上下文感知包过滤方案
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122798
Yuxin Meng, Lam-for Kwok
{"title":"Adaptive context-aware packet filter scheme using statistic-based blacklist generation in network intrusion detection","authors":"Yuxin Meng, Lam-for Kwok","doi":"10.1109/ISIAS.2011.6122798","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122798","url":null,"abstract":"By using string matching, signature-based network intrusion detection systems (NIDSs) can achieve a higher accuracy and lower false alarm rate than the anomaly-based systems. But the matching process is very expensive regarding to the performance of a signature-based NIDS in which the cost is at least linear to the size of the input string and the CPU occupancy rate can reach more than 80 percent in the worst case. This problem greatly limits the high performance of a signature-based NIDS in a large operational network. In this paper, we present a context-aware packet filter scheme aiming to mitigate this problem. In particular, our scheme incorporates a list technique, namely the blacklist to help filter network packets based on the confidence of the IP domains. Moreover, our scheme will adapt and update the blacklist contents by using the method of statistic-based blacklist generation according to the actual network environment. In the experiment, we implemented our scheme and showed the first experimental evaluation of its effectiveness.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123817616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
AES: Current security and efficiency analysis of its alternatives AES:其替代品的当前安全性和效率分析
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122831
Herman Isa, I. Bahari, Hasibah Sufian, M. Z’aba
{"title":"AES: Current security and efficiency analysis of its alternatives","authors":"Herman Isa, I. Bahari, Hasibah Sufian, M. Z’aba","doi":"10.1109/ISIAS.2011.6122831","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122831","url":null,"abstract":"The Advanced Encryption Standard (AES) has been in existence over the last 11 years. It was widely accepted as the de facto standard in many security-related applications such as SSL/TLS, Microsoft BitLocker Drive Encryption, Skype and many others. Recently in 2011, the AES was claimed to be theoretically broken in the single-key attack model using a new technique called biclique. Just two years before in 2009, the AES with 192- and 256- bit keys were found to be theoretically broken in the related-key attack model. This paper reviews existing attacks on the AES and evaluates the efficiency of recent block cipher proposals as alternatives to the AES. These block ciphers were proposed to patch the AES against the related-key type of attack.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127884132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
An SIR model for the propagation of topology-aware active worms considering the join and leave of hosts 考虑主机加入和离开的拓扑感知主动蠕虫传播的SIR模型
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122820
A. Jafarabadi, M. A. Azgomi
{"title":"An SIR model for the propagation of topology-aware active worms considering the join and leave of hosts","authors":"A. Jafarabadi, M. A. Azgomi","doi":"10.1109/ISIAS.2011.6122820","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122820","url":null,"abstract":"The scanning method of computer worms is an important modeling parameter. Active worms use different methods to scan the network for selecting their victim hosts. Topology-aware active worms scan the network by using the information of the network topology. This property, makes P2P network a suitable place for propagation of this kind of worms. Regarding the instability of network topology, especially in P2P networks, investigating the effect of the join and leave of hosts is completely necessary. In this paper, we study the propagation of topology-aware active worms based on SIR epidemiological model considering the join and leave of hosts. To have a better look at the effect of the join and leave of hosts on the propagation of active worms, the size of epidemic and infectious ratio parameters have been used. The results of this modeling show that the join and leave of hosts have considerable impact on the size of epidemic and the propagation performance of topology-aware active worms.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125311102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
High capacity and inaudibility audio steganography scheme 高容量和不可听音频隐写方案
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122803
H. Shahadi, R. Jidin
{"title":"High capacity and inaudibility audio steganography scheme","authors":"H. Shahadi, R. Jidin","doi":"10.1109/ISIAS.2011.6122803","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122803","url":null,"abstract":"Steganography is an information hiding technique where secret message is embedded into unsuspicious cover signal. Measurement of good steganography algorithm includes security, capacity, robustness and imperceptibility. These measures are contradicted, therefore improving one, affects the others. In this paper, we propose a new high capacity audio steganography algorithm based on the wavelet packet transform with adaptive hiding in least significant bits. The adaptive hiding is determined depend on the cover samples strength and bits block matching between message and cover signals. The results show that message can be embedded up to 42 % of the total size of the cover audio signal with at least of 50 dB signal to noise ratio.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126022940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
A semantic analysis approach to manage IDS alerts flooding 用于管理IDS警报泛滥的语义分析方法
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122812
Sherif Saad, I. Traoré
{"title":"A semantic analysis approach to manage IDS alerts flooding","authors":"Sherif Saad, I. Traoré","doi":"10.1109/ISIAS.2011.6122812","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122812","url":null,"abstract":"In this paper we propose a new approach to manage alerts flooding in IDSs. The proposed approach uses semantic analysis and ontology engineering techniques to combine and fuse two or more raw IDS alerts into one summarized hybrid/meta-alert. Our approach applies a new method based on measuring the semantic similarity between IDS alerts attributes to identify the alerts that are suitable for aggregation and summarization. In contrast to previous works our approach ensures that the aggregated alerts will not lose any valuable information existing in the raw alerts set. The experimental results show that our approach is effective and efficient in fusing massive number of alerts compared to previous works in the area.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126555701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信