{"title":"Cloud computing architectures based multi-tenant IDS","authors":"Elmahdi Khalil, Saad Enniari, M. Zbakh","doi":"10.1109/JNS3.2013.6595469","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595469","url":null,"abstract":"Cloud computing is less expensive than traditional on-premise computing for users, as it provides accessibility and reliability options for users and scalable sales for provider. But, like most things in life, the benefits come with risks. It's just a matter of knowing if the benefits outweigh the risks and vice versa. Unfortunately, the cloud computing does not escape to this universal rule. Then, it is important to consider the security of the cloud. As a solution to protect the cloud from security issues [1, 2, 3, 4], we think that IDSs integrated in the cloud remains among the best solution. We will also present an architecture based IDS that respects multi-tenancy architecture. The objective behind integrating multi-tenancy aspect in our solution is to give tenants the ability to configure some parts of the application, such as the color of the user interface or business rules, but they can't customize the application's code. This means that although tenants an using the same building blocks in their configuration, the appearance or workflow of the application may be different for two tenants. Also, the Service Level Agreement (SLA) of each tenant can differ. In fact, we contend that multi-tenancy is a requirement for any cloud architecture because of four key benefits. First, High security: there are 3 key components that define the degree of isolation between multiple tenants in a data center: access policies, application deployment and data access and protection. Second, Economy: software development and maintenance costs are shared between the tenants. Third, Service assurance and faster updates: with multi-tenancy, the provider has to make updates once. In contrast with single-tenancy, an architecture in which each customer has their own software instance and may be given access to application code. Fourth, Efficiency and flexibility: A SaaS provider can run one instance of its application on one instance of a database and provide web access to multiple customers. Each tenant's data is Isolated and remains invisible to other tenants [11].","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129853226","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A taxonomy and survey of Cloud computing","authors":"H. K. Idrissi, A. Kartit, M. E. Marraki","doi":"10.1109/JNS3.2013.6595470","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595470","url":null,"abstract":"The Cloud computing arises as a new standard proprietor for providing services over internet. It is delivering several facilities to business managers by its agile infrastructure. Cloud architectures are gainful and capable to ensure the interactions, storage and computation within upcoming applications. This architecture can be used for business, scientific computing and multiple other demanding applications. The diversity of services provided by the cloud infrastructure increases their vulnerability to security incidents and attacks. In fact, security components such as confidentiality, privacy, authentication and availability must be respected when designing or deploying a cloud solution. The cloud is certainly an instrument for optimization but the research in this area has just taken its first impulse and it yet to be mature. This paper aims to provide a best understanding of cloud computing aspects and explore directions for research and technological trends in order to use and implement cloud infrastructure networks. The basic concepts of cloud computer security will be also explored, including cloud security services, principles and security requirements.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124698798","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A review and classification of various VANET Intrusion Detection Systems","authors":"M. Erritali, B. El Ouahidi","doi":"10.1109/JNS3.2013.6595459","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595459","url":null,"abstract":"The use of wireless links renders a vehicular ad-hoc network (VANET) vulnerable to malicious attacks such as Denial of Service, blackhole attack, Sybil attack, selective forwarding and altering routing information. In wired networks the attacker needs to gain access to the physical media to make an attack. In wireless networks the scenario is much different, there are no firewalls and gateways in place hence attacks can take place from any location within radio coverage area. Each mobile node in ad-hoc network is an autonomous unit in itself free to move independently. This means a node with not adequate physical protection is very much susceptible to be compromised. It is difficult to track down a single compromised node in a large network, attacks stemming from a compromised node are far more detrimental and much harder to detect.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124767739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Secure encryption scheme of amazigh alphabet based ECC using finite state machine","authors":"Fatima Amounas, E. H. El Kinani","doi":"10.1109/JNS3.2013.6595477","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595477","url":null,"abstract":"Here we propose an algorithm to implement data security using encryption and decryption method based elliptic curve of Amazigh alphabet. The Unicode character is converted into point on elliptic curve, then by using Fibonacci numbers, which generates the data sequence of random point for each character. Further, the obtained points are encrypted using state finite machine. Here, the same symbol is mapped into different points on elliptic curve, which avoid suspicion from the third party when send through an unsecured channel. The steps of the implementation are explained.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134313199","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Karim Benzidane, Saad Khoudali, F. Leila, A. Sekkaki
{"title":"Toward a secure virtual traffic in a cloud environement","authors":"Karim Benzidane, Saad Khoudali, F. Leila, A. Sekkaki","doi":"10.1109/JNS3.2013.6595467","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595467","url":null,"abstract":"This last few years experienced a new paradigm called Cloud Computing (CC), coming as an extension of Grid Computing and Distributed Computing. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. This article discusses the security and the visibility issues of inter-VM traffic and solutions for it within a Cloud environment context, by proposing an approach relying on distributed intrusion detection technique and packet inspection.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125054898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Security problems in BGP: An overview","authors":"Sara Bakkali, H. Benaboud, Mouad Ben Mamoun","doi":"10.1109/JNS3.2013.6595458","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595458","url":null,"abstract":"The Border Gateway Protocol (BGP) is the routing protocol used to route Internet's traffic between different Autonomous Systems. The BGP can control the traffic but it is vulnerable to communication interruptions and failures. This weakness could be the source of a several security attacks which could cause serious damages to the inter-domain network. The objective of this paper is to introduce briefly BGP, to present its vulnerabilities, and also to survey some proposed solutions for securing BGP. The paper introduces three secured versions of BGP, secure-BGP (sBGP), secure-origin BGP (soBGP) and pretty-secure BGP (psBGP). It discusses their advantages and identifies their limitations.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130496902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A variant method vs accurate authentication based on fingerprint","authors":"Ouadiaa Barrou, A. Abou El Kalam, Nadir Benouhoud","doi":"10.1109/JNS3.2013.6595463","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595463","url":null,"abstract":"This paper aims to evaluate the security and accuracy of Fingerprint Authentication schemes which is one of many biometric forms of human identification. The researches proved different algorithms that are capable of finding the correspondences between input pattern and the stored template pattern in a database without resorting to exhaustive searches and it has also the ability to reduce the processing time. We highlight the methods that can be broadly categorized into two groups: The characterization of the fingerprint via minutiae and the characterization of the fingerprint as an oriented texture.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131779459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
N. Ouerdi, M. Ziane, A. Azizi, M. Azizi, Jean-Louis Lanet
{"title":"Abstract tests based on SysML models for EMV Card","authors":"N. Ouerdi, M. Ziane, A. Azizi, M. Azizi, Jean-Louis Lanet","doi":"10.1109/JNS3.2013.6595461","DOIUrl":"https://doi.org/10.1109/JNS3.2013.6595461","url":null,"abstract":"The smart cards are increasingly used in several fields with critical data that require security. We cite, as example, the medical field and payment shopping with smart card. Therefore, the hardware and software security of smart cards is one of the key elements of the security of sensitive information handled. Currently, several scientific researchers are interested in studying and enhancing the smart cards security. The study of vulnerabilities is a prerequisite for building security guarantees of this type of devices. Indeed, each vulnerability can easily lead to an attack. In this paper, we generate vulnerability test cases based on models of Europay-MasterCard and Visa (EMV) specifications.","PeriodicalId":157229,"journal":{"name":"2013 National Security Days (JNS3)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114956340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}