Sungju Lee, Daesung Moon, Hanna Choi, Yongwha Chung
{"title":"Memory-Efficient Fuzzy Fingerprint Vault based on the Geometric Hashing","authors":"Sungju Lee, Daesung Moon, Hanna Choi, Yongwha Chung","doi":"10.1109/ISA.2008.60","DOIUrl":"https://doi.org/10.1109/ISA.2008.60","url":null,"abstract":"One of the solutions to the auto-alignment problem in the fuzzy fingerprint vault exploited the idea of the geometric hashing technique. Although this solution can provide higher verification accuracy, it requires more memory space due to the large size of the hash table. In this paper, we propose an approach to reduce the size of the hash table by using the time-memory tradeoff without sacrificing the verification accuracy. That is, instead of generating the full hash table at the enrollment phase, our approach generates the enrollment hash table \"on-the-fly\" at the verification phase. The size of the hash table can be reduced further by selecting the basis set carefully. Based on the experimental results, we confirm that the proposed approach can reduce both the static and the dynamic memory requirements without sacrificing both the verification accuracy and the security level.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133288681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Study on the Compound Communication Network over the High Voltage Power Line for Distribution Automation System","authors":"D. Hyun, Younghun Lee","doi":"10.1109/ISA.2008.28","DOIUrl":"https://doi.org/10.1109/ISA.2008.28","url":null,"abstract":"Power company have been operated the automation system for relaying and supervisory controls by using public communication network. But these systems must have the strictest requirements of communication. For these reasons, there are a lot of difficulties to apply to the automation system considering the cost, location environment, and other characteristics of power lines. But, recently, the existing power line can be used as communication media by using power line communication (PLC). PLC can be adopted as a main communication means, and other wired/wireless can be adopted as second means. In order to this, the high voltage PLC have to be used as a long distance communication network. In our study, in case of accidents, we suggest the intelligent Compound Communication System for optimal roundabout routes in communication network, and verified its performance and reliability in the real test field.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133688362","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Teaching Computer Security using Xen in a Virtual Environment","authors":"Dong Hu, Yu Yan Wang","doi":"10.1109/ISA.2008.18","DOIUrl":"https://doi.org/10.1109/ISA.2008.18","url":null,"abstract":"This paper presents a new teaching method by introducing Xen into a computer security course. To provide students with hands-on exercises in computer security course, we have designed a laboratory environment for computer security education. It is based on Xen and Linux, all of which are free. Xen provides a secure environment within which students may install, configure, and experiment with the design and test of the system security. Based on this environment, we have developed several labs, covering a wide range of security principles.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116661434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An Organizational Framework for Building Secure Software","authors":"A. Hamou-Lhadj, A. Hamou-Lhadj","doi":"10.1109/ISA.2008.105","DOIUrl":"https://doi.org/10.1109/ISA.2008.105","url":null,"abstract":"In this paper, we argue that building a secure software system requires more than just a good understanding of technology. It requires an organized framework for the business context in which the system is being built Unlike existing studies that focus on security only from the technological point of view, in this paper, we present a framework for building secure software that facilitates the linkage between security requirements, software development practices, and business process management. Our framework consists of four main components: Governance, People, Process, and Technology. We believe that this framework, if implemented properly, can be a powerful tool that can be used by software companies to cope with the increasing customer demand for secure software.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129577863","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Exception-Aware Digital Rights Management Architecture Experimentation","authors":"Jean-Henry Morin, M. Pawlak","doi":"10.1109/ISA.2008.72","DOIUrl":"https://doi.org/10.1109/ISA.2008.72","url":null,"abstract":"Considering Pervasive Computing environments and a global digital market having complex, often contradictory national and international regulations, it is impossible for rights holders to define universal Digital Rights Management (DRM) policies governing the usage of their content while still considering user rights. Exceptions are unanticipated usage situations where some rights should be waived while still maintaining a given level of persistent protection and governed usage. The industry and traditional DRM approaches haven't considered such alternatives. To tackle this issue and demonstrate the feasibility of such an approach, this paper reports and discusses a proof of concept prototype implementation based on a model [14] supporting exception management in DRM environments using credentials.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132696553","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jingde Cheng, Y. Goto, Shoichi Morimoto, Daisuke Horie
{"title":"A Security Engineering Environment Based on ISO/IEC Standards: Providing Standard, Formal, and Consistent Supports for Design, Development, Operation, and Maintenance of Secure Information Systems","authors":"Jingde Cheng, Y. Goto, Shoichi Morimoto, Daisuke Horie","doi":"10.1109/ISA.2008.106","DOIUrl":"https://doi.org/10.1109/ISA.2008.106","url":null,"abstract":"An intrinsic difficulty in ensuring security of information systems is that assailants (crackers) are active persons who can get knowledge and skills day after day and then continuously attack target information systems always with new techniques. Therefore, designers, developers, users, and maintainers of information systems with high security requirements need continuous supports for their tasks to protect the systems from assailants. However, until now, there is no systematic methodology proposed for this purpose. Based on our consideration that the continuous supports for system designers, developers, users, and maintainers only can be provided by a standard, formal, and consistent methodology, this paper proposes the new concept of security engineering environment and presents a real security engineering environment we are developing based on ISO/IEC information security standards in order to provide designers, developers, users, and maintainers with standard, formal, and consistent supports for design, development, operation, and maintenance of information systems with high security requirements.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131208321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"CPOP: Cryptography Process Offloading Proxy for Resource Constrained Devices","authors":"Yu-Shu They, Seong-Yee Phang, Sanggon Lee, HoorJae Lee, Hyotaek Lim","doi":"10.1109/ISA.2008.107","DOIUrl":"https://doi.org/10.1109/ISA.2008.107","url":null,"abstract":"Feasibility study on implementing a strong cryptographic function for resource constrained devices such as embedded devices has been carry out over the past. These studies found that it is not efficient to run an extensive security solution to those devices. For that reason, we tense to provide a security offloading approach to minimize the computing resources involved but maximizing the security functionality. The resource constrained devices will communicate to a centralize security server which we named it CPOP before sending or receiving packets from a not trusted network entity. CPOP is a cryptography process offloading proxy which will offload the cryptography processes such as encryption, decryption and etc to provide secure communication across the network. A prototype of CPOP has been developed and performance analyses results are obtained to justify the feasibility of our approach in providing security services to embedded devices with only limited processing capabilities.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132335066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An Approach to Mitigate Wormhole Attack in Wireless Ad Hoc Networks","authors":"Gunhee Lee, Dong-Kyoo Kim, Jungtaek Seo","doi":"10.1109/ISA.2008.44","DOIUrl":"https://doi.org/10.1109/ISA.2008.44","url":null,"abstract":"Wormhole attack is one of the most severe threats to ad hoc networks. There have been many researches to overcome the wormhole attack. These researches, however, still have some limitations to handle wormhole attacks properly such as burden of computation, complicated steps before making up a session, and no response method. In this paper, we propose an effective wormhole attack defense method that can properly detect wormhole attacks and respond to them. Each node maintains its neighbors' information. According to the information, each node can identify replayed packet that forwarded by two attackers. We analyze the effectiveness of the proposed method and the efficiency of the approach by using traffic and memory space measure.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126915317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Breaking a Smart Card based Secure Password Authentication Scheme","authors":"Eunjun Yoon, K. Yoo","doi":"10.1109/ISA.2008.86","DOIUrl":"https://doi.org/10.1109/ISA.2008.86","url":null,"abstract":"Recently, Wang-Chang proposed a password authentication scheme for implementing a remote access network system whose security rests in part on the difficulty of factoring a large number and discrete logarithm problem. This paper presents that Wang-Chang's smart card based password authentication scheme is insecure against two impersonation attacks and the off-line password guessing attack.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"302 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133945978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Correlating Multi-Step Attack and Constructing Attack Scenarios Based on Attack Pattern Modeling","authors":"Zhijie Liu, C. Wang, Shifu Chen","doi":"10.1109/ISA.2008.11","DOIUrl":"https://doi.org/10.1109/ISA.2008.11","url":null,"abstract":"Most cyber-attacks are not single attack actions. They are multi-step attacks composed by a set of attack actions. Although techniques used by attackers can be diverse, attack patterns are generally finite. So we need to find attack steps that are correlated in an attack scenario. By studying the patterns of multi-step cyber attacks, an algorithm is presented for correlating multi-step cyber attacks and constructing attack scenario system based on modeling multi-step cyber attacks. When alerts appear, the algorithm turns them into corresponding attack models based on the knowledge base and correlates them, whether alert or not is based on the weighted cost in the attack path graph and the attack degree of the corresponding host. And attack scenarios can be constructed by correlating the attack path graphs. Moreover, the model can detect intrusion alerts in real time and revise the attack scenarios. Experiments on the DARPA IDS test dataset show the validity of the algorithm.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125473064","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}