发布求助
文献互助 智能选刊 最新文献

2008 International Conference on Information Security and Assurance (isa 2008)最新文献

筛选
英文 中文
Memory-Efficient Fuzzy Fingerprint Vault based on the Geometric Hashing 基于几何哈希的内存高效模糊指纹库
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.60
Sungju Lee, Daesung Moon, Hanna Choi, Yongwha Chung
{"title":"Memory-Efficient Fuzzy Fingerprint Vault based on the Geometric Hashing","authors":"Sungju Lee, Daesung Moon, Hanna Choi, Yongwha Chung","doi":"10.1109/ISA.2008.60","DOIUrl":"https://doi.org/10.1109/ISA.2008.60","url":null,"abstract":"One of the solutions to the auto-alignment problem in the fuzzy fingerprint vault exploited the idea of the geometric hashing technique. Although this solution can provide higher verification accuracy, it requires more memory space due to the large size of the hash table. In this paper, we propose an approach to reduce the size of the hash table by using the time-memory tradeoff without sacrificing the verification accuracy. That is, instead of generating the full hash table at the enrollment phase, our approach generates the enrollment hash table \"on-the-fly\" at the verification phase. The size of the hash table can be reduced further by selecting the basis set carefully. Based on the experimental results, we confirm that the proposed approach can reduce both the static and the dynamic memory requirements without sacrificing both the verification accuracy and the security level.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133288681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
A Study on the Compound Communication Network over the High Voltage Power Line for Distribution Automation System 配电自动化系统高压线路复合通信网的研究
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.28
D. Hyun, Younghun Lee
{"title":"A Study on the Compound Communication Network over the High Voltage Power Line for Distribution Automation System","authors":"D. Hyun, Younghun Lee","doi":"10.1109/ISA.2008.28","DOIUrl":"https://doi.org/10.1109/ISA.2008.28","url":null,"abstract":"Power company have been operated the automation system for relaying and supervisory controls by using public communication network. But these systems must have the strictest requirements of communication. For these reasons, there are a lot of difficulties to apply to the automation system considering the cost, location environment, and other characteristics of power lines. But, recently, the existing power line can be used as communication media by using power line communication (PLC). PLC can be adopted as a main communication means, and other wired/wireless can be adopted as second means. In order to this, the high voltage PLC have to be used as a long distance communication network. In our study, in case of accidents, we suggest the intelligent Compound Communication System for optimal roundabout routes in communication network, and verified its performance and reliability in the real test field.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133688362","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
An Approach to Mitigate Wormhole Attack in Wireless Ad Hoc Networks 一种缓解无线自组织网络中虫洞攻击的方法
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.44
Gunhee Lee, Dong-Kyoo Kim, Jungtaek Seo
{"title":"An Approach to Mitigate Wormhole Attack in Wireless Ad Hoc Networks","authors":"Gunhee Lee, Dong-Kyoo Kim, Jungtaek Seo","doi":"10.1109/ISA.2008.44","DOIUrl":"https://doi.org/10.1109/ISA.2008.44","url":null,"abstract":"Wormhole attack is one of the most severe threats to ad hoc networks. There have been many researches to overcome the wormhole attack. These researches, however, still have some limitations to handle wormhole attacks properly such as burden of computation, complicated steps before making up a session, and no response method. In this paper, we propose an effective wormhole attack defense method that can properly detect wormhole attacks and respond to them. Each node maintains its neighbors' information. According to the information, each node can identify replayed packet that forwarded by two attackers. We analyze the effectiveness of the proposed method and the efficiency of the approach by using traffic and memory space measure.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126915317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 47
Teaching Computer Security using Xen in a Virtual Environment 在虚拟环境中使用Xen进行计算机安全教学
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.18
Dong Hu, Yu Yan Wang
{"title":"Teaching Computer Security using Xen in a Virtual Environment","authors":"Dong Hu, Yu Yan Wang","doi":"10.1109/ISA.2008.18","DOIUrl":"https://doi.org/10.1109/ISA.2008.18","url":null,"abstract":"This paper presents a new teaching method by introducing Xen into a computer security course. To provide students with hands-on exercises in computer security course, we have designed a laboratory environment for computer security education. It is based on Xen and Linux, all of which are free. Xen provides a secure environment within which students may install, configure, and experiment with the design and test of the system security. Based on this environment, we have developed several labs, covering a wide range of security principles.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116661434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
An Organizational Framework for Building Secure Software 构建安全软件的组织框架
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.105
A. Hamou-Lhadj, A. Hamou-Lhadj
{"title":"An Organizational Framework for Building Secure Software","authors":"A. Hamou-Lhadj, A. Hamou-Lhadj","doi":"10.1109/ISA.2008.105","DOIUrl":"https://doi.org/10.1109/ISA.2008.105","url":null,"abstract":"In this paper, we argue that building a secure software system requires more than just a good understanding of technology. It requires an organized framework for the business context in which the system is being built Unlike existing studies that focus on security only from the technological point of view, in this paper, we present a framework for building secure software that facilitates the linkage between security requirements, software development practices, and business process management. Our framework consists of four main components: Governance, People, Process, and Technology. We believe that this framework, if implemented properly, can be a powerful tool that can be used by software companies to cope with the increasing customer demand for secure software.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129577863","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Breaking a Smart Card based Secure Password Authentication Scheme 破解基于智能卡的安全密码认证方案
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.86
Eunjun Yoon, K. Yoo
{"title":"Breaking a Smart Card based Secure Password Authentication Scheme","authors":"Eunjun Yoon, K. Yoo","doi":"10.1109/ISA.2008.86","DOIUrl":"https://doi.org/10.1109/ISA.2008.86","url":null,"abstract":"Recently, Wang-Chang proposed a password authentication scheme for implementing a remote access network system whose security rests in part on the difficulty of factoring a large number and discrete logarithm problem. This paper presents that Wang-Chang's smart card based password authentication scheme is insecure against two impersonation attacks and the off-line password guessing attack.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"302 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133945978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Exception-Aware Digital Rights Management Architecture Experimentation 异常感知数字版权管理体系结构实验
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.72
Jean-Henry Morin, M. Pawlak
{"title":"Exception-Aware Digital Rights Management Architecture Experimentation","authors":"Jean-Henry Morin, M. Pawlak","doi":"10.1109/ISA.2008.72","DOIUrl":"https://doi.org/10.1109/ISA.2008.72","url":null,"abstract":"Considering Pervasive Computing environments and a global digital market having complex, often contradictory national and international regulations, it is impossible for rights holders to define universal Digital Rights Management (DRM) policies governing the usage of their content while still considering user rights. Exceptions are unanticipated usage situations where some rights should be waived while still maintaining a given level of persistent protection and governed usage. The industry and traditional DRM approaches haven't considered such alternatives. To tackle this issue and demonstrate the feasibility of such an approach, this paper reports and discusses a proof of concept prototype implementation based on a model [14] supporting exception management in DRM environments using credentials.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132696553","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
CPOP: Cryptography Process Offloading Proxy for Resource Constrained Devices CPOP:资源受限设备的加密进程卸载代理
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.107
Yu-Shu They, Seong-Yee Phang, Sanggon Lee, HoorJae Lee, Hyotaek Lim
{"title":"CPOP: Cryptography Process Offloading Proxy for Resource Constrained Devices","authors":"Yu-Shu They, Seong-Yee Phang, Sanggon Lee, HoorJae Lee, Hyotaek Lim","doi":"10.1109/ISA.2008.107","DOIUrl":"https://doi.org/10.1109/ISA.2008.107","url":null,"abstract":"Feasibility study on implementing a strong cryptographic function for resource constrained devices such as embedded devices has been carry out over the past. These studies found that it is not efficient to run an extensive security solution to those devices. For that reason, we tense to provide a security offloading approach to minimize the computing resources involved but maximizing the security functionality. The resource constrained devices will communicate to a centralize security server which we named it CPOP before sending or receiving packets from a not trusted network entity. CPOP is a cryptography process offloading proxy which will offload the cryptography processes such as encryption, decryption and etc to provide secure communication across the network. A prototype of CPOP has been developed and performance analyses results are obtained to justify the feasibility of our approach in providing security services to embedded devices with only limited processing capabilities.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132335066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Security Engineering Environment Based on ISO/IEC Standards: Providing Standard, Formal, and Consistent Supports for Design, Development, Operation, and Maintenance of Secure Information Systems 基于ISO/IEC标准的安全工程环境:为安全信息系统的设计、开发、运行和维护提供标准、正式和一致的支持
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.106
Jingde Cheng, Y. Goto, Shoichi Morimoto, Daisuke Horie
{"title":"A Security Engineering Environment Based on ISO/IEC Standards: Providing Standard, Formal, and Consistent Supports for Design, Development, Operation, and Maintenance of Secure Information Systems","authors":"Jingde Cheng, Y. Goto, Shoichi Morimoto, Daisuke Horie","doi":"10.1109/ISA.2008.106","DOIUrl":"https://doi.org/10.1109/ISA.2008.106","url":null,"abstract":"An intrinsic difficulty in ensuring security of information systems is that assailants (crackers) are active persons who can get knowledge and skills day after day and then continuously attack target information systems always with new techniques. Therefore, designers, developers, users, and maintainers of information systems with high security requirements need continuous supports for their tasks to protect the systems from assailants. However, until now, there is no systematic methodology proposed for this purpose. Based on our consideration that the continuous supports for system designers, developers, users, and maintainers only can be provided by a standard, formal, and consistent methodology, this paper proposes the new concept of security engineering environment and presents a real security engineering environment we are developing based on ISO/IEC information security standards in order to provide designers, developers, users, and maintainers with standard, formal, and consistent supports for design, development, operation, and maintenance of information systems with high security requirements.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131208321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
The Economics of Privacy-Privacy: People, Policy and Technology 隐私经济学——隐私:人、政策和技术
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.71
J. Zhan, Vaidyanathan Rajamani
{"title":"The Economics of Privacy-Privacy: People, Policy and Technology","authors":"J. Zhan, Vaidyanathan Rajamani","doi":"10.1109/ISA.2008.71","DOIUrl":"https://doi.org/10.1109/ISA.2008.71","url":null,"abstract":"Privacy of personal information is an area of growing concern and importance in the digital age. Privacy as an issue rises when there is a conflict of interest between its commercial value and respect for an individual's right to privacy. This lends itself to the fact this trade off is of economic value and the issue of privacy is an economic problem and hence justifies the emergence of the economics of privacy as an important discipline which is a complex interplay of regulation, technology and people dynamics and the efficiency of doing business. In this survey paper we look into the work done by eminent people on the issue of privacy and its relationship with people, technology and regulation from an economic perspective and its increasing relevance today. Privacy affects each one of us in some way that we cannot afford to ignore it and it helps to be in cognizance of what is going on around us.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114381913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信