发布求助
文献互助 智能选刊 最新文献

2011 7th International Conference on Information Assurance and Security (IAS)最新文献

筛选
英文 中文
Examining CSCF entity attacks scenarios and vulnerabilities in IP Multimedia Subsystems 研究IP多媒体子系统中CSCF实体攻击的场景和漏洞
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122837
Elham Nosrati, S. M. H. Tonekaboni, S. M. H. Tonekaboni
{"title":"Examining CSCF entity attacks scenarios and vulnerabilities in IP Multimedia Subsystems","authors":"Elham Nosrati, S. M. H. Tonekaboni, S. M. H. Tonekaboni","doi":"10.1109/ISIAS.2011.6122837","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122837","url":null,"abstract":"IP Multimedia Subsystems (IMS) were first innovated in 3rd Generation Partnership to fill the gap between classical communications and the Internet. IMS has some security vulnerabilities despite its security mechanisms, which some attacks abuse them to threaten the network. Here we focus on Call Session Control Function (CSCF) and examine different attacks scenarios against it and the relevant vulnerabilities which indicated the relationship between security weaknesses and attacks, as well as that some attacks are a combination of different attacks.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132109630","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
OpenID authentication as a service in OpenStack OpenID认证作为OpenStack的服务
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122782
R. Khan, J. Ylitalo, Abu Shohel Ahmed
{"title":"OpenID authentication as a service in OpenStack","authors":"R. Khan, J. Ylitalo, Abu Shohel Ahmed","doi":"10.1109/ISIAS.2011.6122782","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122782","url":null,"abstract":"The evolution of cloud computing is driving the next generation of internet services. OpenStack is one of the largest open-source cloud computing middleware development communities. Currently, OpenStack supports platform specific signatures and tokens for user authentication. In this paper, we aim to introduce a cloud platform independent, flexible, and decentralized authentication mechanism, using OpenID as an open-source authentication mechanism in OpenStack. OpenID allows a decentralized framework for user authentication. It has its own advantages for web services, which include improvements in usability and seamless Single-Sign-On experience for the users. This paper presents the OpenlD-Authentication-as-a-Service APIs in OpenStack for front-end GUI servers, and performs the authentication in the back-end at a single Policy Decision Point (PDP). Our implementation allows users to use their OpenID Identifiers from standard OpenTD providers and log into the Dashboard/Django-Nova graphical interface of OpenStack.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122432310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 68
A security analysis of smartphone data flow and feasible solutions for lawful interception 智能手机数据流的安全性分析及合法拦截的可行解决方案
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122788
Mithun Paul, N. Chauhan, A. Saxena
{"title":"A security analysis of smartphone data flow and feasible solutions for lawful interception","authors":"Mithun Paul, N. Chauhan, A. Saxena","doi":"10.1109/ISIAS.2011.6122788","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122788","url":null,"abstract":"Smartphones providing proprietary encryption schemes, albeit offering a novel paradigm to privacy, are becoming a bone of contention for certain sovereignties. These sovereignties have raised concerns about their security agencies not having any control on the encrypted data leaving their jurisdiction and the ensuing possibility of it being misused by people with malicious intents. Such smartphones have typically two types of customers, independent users who use it to access public mail servers and corporates/enterprises whose employees use it to access corporate emails in an encrypted form. The threat issues raised by security agencies concern mainly the enterprise servers where the encrypted data leaves the jurisdiction of the respective sovereignty while on its way to the global smartphone router. In this paper, we have analyzed such email message transfer mechanisms in smartphones and proposed some feasible solutions, which, if accepted and implemented by entities involved, can lead to a possible win-win situation for both the parties, viz., the smartphone provider who does not want to lose the customers and these sovereignties who can avoid the worry of encrypted data leaving their jurisdiction.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127808221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Secure Vault: A privacy preserving reliable architecture for Secure Social Networking 安全保险库:用于安全社交网络的隐私保护可靠架构
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122805
Siddharth Malik, A. Sardana
{"title":"Secure Vault: A privacy preserving reliable architecture for Secure Social Networking","authors":"Siddharth Malik, A. Sardana","doi":"10.1109/ISIAS.2011.6122805","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122805","url":null,"abstract":"Social Networking Sites(SNS) are becoming the preferred medium for internet users to stay connected. Unfortunately, there are numerous threats to the privacy and security of users' personal data shared on these sites. Some third party privacy and security enhancing applications and solutions are available, but they only give a piece meal solution. The need of the hour is to design and develop a Secure Social Networking Site (SSNS) which addresses users concerns right from design stage. This paper proposes a novel architecture for a Secure Social Networking Site called \"Secure Vault\". Secure Vault addresses the privacy and security issues of a user by interleaving the concepts of data dislocation, fake information and encryption. In a unique solution to restrict unauthorized viewing by visitors we propose presenting to the unauthorized visitors \"fake\" information, rather than blocking out the visitor, an approach currently adopted by the existing SNSs. The architecture shields users' private data by using encryption and enhances reliability of storage of critical and sensitive data by dislocating it to user specified servers.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121243015","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Developing a grand strategy for Cyber War 制定网络战争的大战略
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122794
A. Colarik, L. Janczewski
{"title":"Developing a grand strategy for Cyber War","authors":"A. Colarik, L. Janczewski","doi":"10.1109/ISIAS.2011.6122794","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122794","url":null,"abstract":"This paper considers why information technologies should be considered in military conflicts and offers several events that support this supposition; identifies the various forms of doctrine that will become the basis for developing a Cyber War Doctrine (CWD); tenders a discussion of the possible components of a CWD; and a proposal for a national collaborative framework for obtaining stakeholder buy-in of a nation for such an endeavor.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"138 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121252858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
A new approach to evaluating security assurance 安全保障评估的新方法
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122822
Moussa Ouedraogo, H. Mouratidis, A. Hecker, C. Bonhomme, D. Khadraoui, E. Dubois, D. Preston
{"title":"A new approach to evaluating security assurance","authors":"Moussa Ouedraogo, H. Mouratidis, A. Hecker, C. Bonhomme, D. Khadraoui, E. Dubois, D. Preston","doi":"10.1109/ISIAS.2011.6122822","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122822","url":null,"abstract":"This paper first analyzes the current gap in the literature in security assurance. It then proposes new metrics for the appraisal of security assurance at runtime. Our metrics are based on key concepts pertinent to gaining confidence on a security mechanism to meet its functions. Such parameters include: security correctness; security effectiveness and the quality of the security verification process. Validation of our approach has been achieved through tool implementation, and application to another of security components including firewall, DNS and antivirus.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126737084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Fixed size encoding scheme for software watermarking 固定大小的软件水印编码方案
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122791
A. Y. Kapi, S. Ibrahim
{"title":"Fixed size encoding scheme for software watermarking","authors":"A. Y. Kapi, S. Ibrahim","doi":"10.1109/ISIAS.2011.6122791","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122791","url":null,"abstract":"Software piracy has become a major threat to software developer. One of the techniques that can be used to discourage piracy is watermarking, by embedding developer's watermark into software which can later be extracted to prove ownership. During the last few years, different algorithms were developed to embed watermark inside the software. One of the algorithms is dummy method insertion technique whereby a dummy method that embeds watermark is inserted in software application. However, the disadvantage of this algorithm is that the watermark is embedded in a particular instruction in the dummy method. Due to that the length of the instruction is dependent on the length of the watermark. Thus, this situation put dummy method in suspicions and become noticeable to the pirates. In this paper, we present an encoding scheme that could produce fixed size encoded watermark and thus making the encoded watermark in the dummy method less noticeable. The proposed encoding scheme uses a hash function so that encoded watermark is always fixed even though the size of watermark character varies. As a result, our encoding scheme produced fixed size dummy method and could make the dummy method less noticeable to the pirates.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116803793","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An identity based beta cryptosystem 基于身份的beta密码系统
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122836
C. Meshram, Suchitra A. Meshram
{"title":"An identity based beta cryptosystem","authors":"C. Meshram, Suchitra A. Meshram","doi":"10.1109/ISIAS.2011.6122836","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122836","url":null,"abstract":"In a modern open network system, data security technologies such as cryptosystems, signature schemes, etc., are indispensable for reliable data transmission. In particular, for a large-scale network, ID-based systems such as the ID-based cryptosystem, the ID-based signature scheme, or the ID-based key distribution system are among the better countermeasures for establishing efficient and secure data transmission systems. The concept of an ID-based cryptosystem has been proposed by Shamir [1], and it is advantageous to public-key cryptosystems because a large public-key file is not required for such a system. This paper proposes an ID-based beta cryptosystem under the security assumptions of the generalized discrete logarithm problem and integer factorization problem, which is one of the earliest realizations in Shamir's sense. Furthermore, we consider the security against a conspiracy of some users in the proposed system, and show the possibility of establishing a more secure system.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128794584","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Intrusion detection based on k-means clustering and OneR classification 基于k-均值聚类和OneR分类的入侵检测
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122818
Z. Muda, W. Yassin, M. N. Sulaiman, N. Udzir
{"title":"Intrusion detection based on k-means clustering and OneR classification","authors":"Z. Muda, W. Yassin, M. N. Sulaiman, N. Udzir","doi":"10.1109/ISIAS.2011.6122818","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122818","url":null,"abstract":"Intrusion detection system (IDS) is used to detect various kinds of attacks in interconnected network. Many machine learning methods have also been introduced by researcher recently to obtain high accuracy and detection rate. Unfortunately, a potential drawback of all those methods is the rate of false alarm. However, our proposed approach shows better results, by combining clustering (to identify groups of similarly behaved samples, i.e. malicious and non-malicious activity) and classification techniques (to classify all data into correct class categories). The approach, KM+1R, combines the k-means clustering with the OneR classification technique. The KDD Cup '99 set is used as a simulation dataset. The result shows that our proposed approach achieve a better accuracy and detection rate, particularly in reducing the false alarm.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126366394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 67
Trusted anonymizer-based RFID system with integrity verification 基于可信匿名者的RFID系统与完整性验证
2011 7th International Conference on Information Assurance and Security (IAS) Pub Date : 2011-12-01 DOI: 10.1109/ISIAS.2011.6122802
M. Mubarak, J. Manan, S. Yahya
{"title":"Trusted anonymizer-based RFID system with integrity verification","authors":"M. Mubarak, J. Manan, S. Yahya","doi":"10.1109/ISIAS.2011.6122802","DOIUrl":"https://doi.org/10.1109/ISIAS.2011.6122802","url":null,"abstract":"RFID technology is considered as an advanced identification system because it can communicate through wireless communication. However, the unprotected wireless communication channel opens up many possibilities of these tags being tracked by illegal reader which violates data privacy. Past works revealed that RFID tags would be the easy target of attacks related to system security and data privacy. The more advanced RFID technology can embed its applications in hand-held devices such as NFC type of mobile phones and biometric devices. This would again become vulnerable to attacks on its RFID components. Past works on RFID with anonymizers have dealt with lots of issues regarding system integrity and availability. However, the corresponding solutions have focused solely on the RFID tag. In this paper, we propose a trusted anonymizer-based RFID system integrity verification with emphasis on using mutual attestation process to provide system integrity to the whole system including every other component within RFID system.","PeriodicalId":139268,"journal":{"name":"2011 7th International Conference on Information Assurance and Security (IAS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133410163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信