发布求助
文献互助 智能选刊 最新文献

2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement最新文献

筛选
英文 中文
Environmental Metrics for Software Security Based on a Vulnerability Ontology 基于漏洞本体的软件安全环境度量
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.60
Ju An Wang, Minzhe Guo, Hao Wang, Min Xia, Linfeng Zhou
{"title":"Environmental Metrics for Software Security Based on a Vulnerability Ontology","authors":"Ju An Wang, Minzhe Guo, Hao Wang, Min Xia, Linfeng Zhou","doi":"10.1109/SSIRI.2009.60","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.60","url":null,"abstract":"This paper proposes an ontology-based approach to analyzing and assessing the security posture for software products. It provides measurements of trust for a software product based on its security requirements and evidence of assurance, which are retrieved from an ontology built for vulnerability management. Our approach differentiates with the previous work in the following aspects: (1) It is a holistic approach emphasizing that the system assurance cannot be determined or explained by its component assurance alone. Instead, the software system as a whole in a given running environment determines its assurance level. (2) Our approach is based on widely accepted standards such as CVSS, CVE, CWE, CPE, and CAPEC. Our ontology integrated these standards seamlessly thus provides a solid foundation for security assessment. (3) Automated tools have been built to support our approach, delivering the environmental scores for software products.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"134 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114293911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Recursive Decomposition of Progress Graphs 进度图的递归分解
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.19
D. Cape, B. McMillin, Benjamin W. Passer, Mayur Thakur
{"title":"Recursive Decomposition of Progress Graphs","authors":"D. Cape, B. McMillin, Benjamin W. Passer, Mayur Thakur","doi":"10.1109/SSIRI.2009.19","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.19","url":null,"abstract":"Search of a state transition system is traditionally how deadlock detection for concurrent programs has been accomplished. This paper examines an approach to deadlock detection that uses geometric semantics involving the topological notion of dihomotopy to partition the state-space into components; after that the reduced state-space is exhaustively searched. Prior work partitioned the state-space inductively. In this paper we show that a recursive technique provides greater reduction of the size of the state transition system and therefore more efficient deadlock detection. If the preprocessing can be done efficiently, then for large problems we expect to see more efficient deadlock detection and eventually more efficient verification of some temporal properties.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128915133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
State Space Reduction for Verifying Noninterference 验证非干扰的状态空间约简
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.31
Conghua Zhou, Li Chen, Shiguang Ju, Zhifeng Liu
{"title":"State Space Reduction for Verifying Noninterference","authors":"Conghua Zhou, Li Chen, Shiguang Ju, Zhifeng Liu","doi":"10.1109/SSIRI.2009.31","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.31","url":null,"abstract":"Existing algorithmic approaches to verifying noninterference suffer from the state explosion problem. In order to make these approaches more practical, we proposed an abstraction technique which attempts to decrease the size of the security system by focusing on variables and local transitions of the system related with noninterference. In this way, noninterference is preserved, but the size of the model that needs to be verified becomes smaller. We further showed how the technique can be applied in verifying the programming language IMP. We proposed an over approximation computation of related variables and local transitions such that our technique can be implemented automatically. Our technique also can be extended to verify intransitive noninterference smoothly.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126462155","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An Efficient and Secure Multi-secret Image Sharing Scheme with General Access Structure 一种具有通用访问结构的高效安全的多秘密图像共享方案
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.22
Ching-Fan Lee, J. Juan
{"title":"An Efficient and Secure Multi-secret Image Sharing Scheme with General Access Structure","authors":"Ching-Fan Lee, J. Juan","doi":"10.1109/SSIRI.2009.22","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.22","url":null,"abstract":"In 2008, Shi et al. proposed a new (t, n)-threshold secret sharing scheme for image encryption. This paper indicates that their scheme is insecure because it is possible to find the secret image from the public image. In addition, it is inflexible since the width must be equal to the height and the size of the secret images must be the same upon sharing multi-image. Moreover, their scheme is not efficient enough. For these reasons, we propose two new schemes to avoid secret images that can be found from the public image and the width and height of secret image can be decided flexibly. Finally, the proposed schemes not only achieve some properties such as multi-secret images, multiuse, and the number of shares that are held by each participant is just one but also can be used for any general access structure in this paper.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125509192","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Implementation of the Privacy Protection in Video Surveillance System 视频监控系统中隐私保护的实现
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.44
H. Moon, S. Pan
{"title":"Implementation of the Privacy Protection in Video Surveillance System","authors":"H. Moon, S. Pan","doi":"10.1109/SSIRI.2009.44","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.44","url":null,"abstract":"Due to increased terrors and crimes, the use of the video surveillance camera system is increasing. It has been operated for public interest such as prevention of crimes and fly-tipping by the police and local government, but private information such as faces or behavior patterns can be recorded in CCTV. When the recorded video data is exposed, it may cause an invasion to privacy and crimes. This paper analyses conventional methods of privacy protection in surveillance camera systems and applied scrambling and RFID system to existing surveillance systems to prevent privacy exposure in monitoring simultaneously for both privacy protection and surveillance. The proposed system adjusts the intensities of privacy according to access levels to reduce invasion of privacy by people who are not concerned.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121721618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Position Statement: Evolving Software Models for Global Organizations 职位陈述:为全球组织发展软件模型
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-01 DOI: 10.1109/SSIRI.2009.68
Mao Boying
{"title":"Position Statement: Evolving Software Models for Global Organizations","authors":"Mao Boying","doi":"10.1109/SSIRI.2009.68","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.68","url":null,"abstract":"In the current economic world, globalization has quickly become a common and significant practice across a multitude of industries. Examples abound in manufacturing, automotive, financial, retail, and other sectors. Not surprisingly, technology and software development companies also figure prominently in this movement. Software teams are increasingly distributed around the world, collaborating both internally across the company and externally with partner companies, subsidiaries, and outsourcing service providers. In this global expending, companies continue to distributing their teams around the world through a variety of means, including offshoring, acquiring, partnering, and outsourcing. As globalization becomes more prevalent, approach and practices are being evolved from one country offshoring to global, from numerous tactical vendors to 3-5 strategic outsourcing vendors, from predominantly maintenance work to new development, design and test lifecycle etc. Global delivery is changing from specialty to a standard in the current industry world.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131040757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Provable Secure AKA Scheme with Reliable Key Delegation in UMTS UMTS中具有可靠密钥委托的可证明安全AKA方案
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-01 DOI: 10.1109/SSIRI.2009.62
Yu-Lun Huang, Chih-Ya Shen, S. Shieh, Hung-Jui Wang, Cheng-Chun Lin
{"title":"Provable Secure AKA Scheme with Reliable Key Delegation in UMTS","authors":"Yu-Lun Huang, Chih-Ya Shen, S. Shieh, Hung-Jui Wang, Cheng-Chun Lin","doi":"10.1109/SSIRI.2009.62","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.62","url":null,"abstract":"The Authentication Key Agreement Scheme (AKA) of Universal Mobile Telecommunication System (UMTS) provides substantial enhancement to solve the vulnerabilities in GSM and other wireless communication systems. However, we discovered four security weaknesses of UMTS AKA, that is, redirection attack, man-in-the-middle attack, sequence number depletion, and roaming attack. An adversary can launch these attacks to eavesdrop, or cause billing problems. To cope with these problems, a new Secure Authentication Key Agreement Protocol (S-AKA) is proposed in this paper to enhance the security to resist the attacks. To improve the efficiency and redundancy of UMTS AKA, S-AKA reduces both the authentication messages and bandwidth consumption of UMTS AKA. The formal proof of S-AKA is also given to ensure the security strength of S-AKA.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"181 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124532421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信