发布求助
文献互助 智能选刊 最新文献

2006 IEEE Information Assurance Workshop最新文献

筛选
英文 中文
Securing Ad Hoc Networks with "Asymmetric" Probabilistic Key Predistribution Schemes 用“非对称”概率密钥预分配方案保护Ad Hoc网络
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652108
Mahalingam Ramkumar
{"title":"Securing Ad Hoc Networks with \"Asymmetric\" Probabilistic Key Predistribution Schemes","authors":"Mahalingam Ramkumar","doi":"10.1109/IAW.2006.1652108","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652108","url":null,"abstract":"We present two \"asymmetric\" probabilistic key predistribution schemes to cater for mutual authentication and broadcast authentication respectively. The schemes however employ only symmetric cryptographic primitives - the asymmetry is due to the use of different secrets for encryption/authentication and decryption/verification, which are however related through a one-way function. Both schemes try to take advantage of an abundant and inexpensive resource, storage, to improve their security. While both schemes can have a wide range of applications, we limit ourselves to their utility in securing multi-hop ad hoc networks","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123198607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
An Integrated Visualisation Framework for Intrusion Detection 入侵检测集成可视化框架
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652105
H. Read, A. Blyth
{"title":"An Integrated Visualisation Framework for Intrusion Detection","authors":"H. Read, A. Blyth","doi":"10.1109/IAW.2006.1652105","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652105","url":null,"abstract":"This paper builds upon earlier work (H. Read, 2005), (N. Avourdiadis, 2005) regarding the need for advanced visualisation techniques applied within the intrusion detection arena. Individual visualisation tools can tell us a lot about the way different attacks have been initiated, but we cannot pass interesting sets of data from one tool to another to get a different perspective on the attack. While much work has concentrated on novel visualisation techniques, we explore ways to bring different tools together to work seamlessly with one another. This research explores the need for a framework upon which different visualisation tools can sit and communicate with one another to aid analysts in the intrusion detection process. In this paper we present our ideas and our proposition for the framework","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133022979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Allowing Finer Control Over Privacy Using Trust as a Benchmark 以信任为基准,对隐私进行更精细的控制
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652082
Sudip Chakraborty, Indrajit Ray
{"title":"Allowing Finer Control Over Privacy Using Trust as a Benchmark","authors":"Sudip Chakraborty, Indrajit Ray","doi":"10.1109/IAW.2006.1652082","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652082","url":null,"abstract":"Every time a user conducts an electronic transaction over the Internet a wealth of personal information is revealed, either voluntarily or involuntarily. This causes serious breach of privacy for the user, in particular, if the personally identifying information is misused by the other users present in the network. Ideally, therefore, the user would like to have a considerable degree of control over what personal information to reveal and to whom. Researchers have proposed models to allow a user to determine what personal information to reveal while doing a transaction over the Internet. However, these models do not help the user in determining who to trust, how much to trust and why to trust them with the personal information. The models fail to address loss of privacy through the misuse of information. In this paper we propose a privacy enhancing trust model to measure the degree of confidence that a user can have in the context of preservation of her privacy during a transaction. The model considers several factor while computing trust which include a user's own experience and knowledge about the target user and feedback obtained from groups of peer users called 'trusted neighbors' and 'friends'. The proposed scheme provides a flexible and powerful approach for the secure handling of private data and offers a user considerable control over how she wishes to disseminate her personal data","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132149962","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
The Design and Use of Interactive Visualization Applets for Teaching Ciphers 密码教学交互式可视化小程序的设计与应用
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652079
D. Schweitzer, L. Baird
{"title":"The Design and Use of Interactive Visualization Applets for Teaching Ciphers","authors":"D. Schweitzer, L. Baird","doi":"10.1109/IAW.2006.1652079","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652079","url":null,"abstract":"Cryptography is a fundamental topic in an information assurance curriculum. Students should understand the basic concepts and weaknesses of both historical and current cipher algorithms. Visualization tools can help students understand these concepts, both in the classroom and as out-of-class exercises. This paper describes a set of such tools designed for a cryptography course at the United States Air Force Academy. The design goals, implementation details, and classroom experiences are addressed","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128422837","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Design and Implementation of a File Transfer and Web Services Guard Employing Cryptographically Secured XML Security Labels 采用加密保护XML安全标签的文件传输和Web服务保护的设计与实现
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652073
Andreas Thümmel, K. Eckstein
{"title":"Design and Implementation of a File Transfer and Web Services Guard Employing Cryptographically Secured XML Security Labels","authors":"Andreas Thümmel, K. Eckstein","doi":"10.1109/IAW.2006.1652073","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652073","url":null,"abstract":"This publication introduces the concept of cryptographically secured, extensible markup language (XML) based security labels, which either globally label any non-XML electronic document, or label individual sections of an XML infoset. It further describes the architecture and construction of a guard prototype for file transfer and Web services based applications. This prototype employs the XML security labels to verify information classification prior to releasing information across a security domain boundary separating enclaves belonging to different security domains. If necessary, XML infosets containing information at multiple security levels can be redacted by the guard filtering algorithms to create a releasable subset of the original XML infoset or document","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124423880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems MLS系统中速率单调实时调度算法的隐蔽时序信道分析
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652117
J. Alves-Foss
{"title":"Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems","authors":"J. Alves-Foss","doi":"10.1109/IAW.2006.1652117","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652117","url":null,"abstract":"The modern digital battlesphere requires the development and deployment of multi-level secure computing systems and networks. A portion of these systems are necessarily be operating under real-time processing constraints. High assurance systems processing national security information must be analyzed for possible information leakages, including covert channels. In this paper we provide a mathematical framework for examining the impact the rate-monotonic real-time scheduling algorithm has on covert timing channels. We prove that in some system configurations, it would not be possible to completely close the covert channel due to the rate-monotonic timing constraints. In addition, we propose a simple method to formulate a security metric to compare covert channels in terms of the relative amount of possible information leakage","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"20 15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116718767","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
Safely Redistributing Untrusted Code using .NET 使用。net安全地重新分发不受信任的代码
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652113
Net, M. Carlisle, J. Humphries, J. Hamilton
{"title":"Safely Redistributing Untrusted Code using .NET","authors":"Net, M. Carlisle, J. Humphries, J. Hamilton","doi":"10.1109/IAW.2006.1652113","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652113","url":null,"abstract":"Reusing software components is a textbook software engineering best practice. Developers reuse components written by others, combining them in unique ways to create new software products. Reusing software components can create a significant security risk, as these reused components may behave badly, either by malicious intent or negligence on the part of their authors. The .NET framework provides fine-grained mechanisms for specifying how software should be trusted. Permissions are granted based on the source of software, and where it currently resides (on the local disk, or in a particular internet zone). Unfortunately, these trust guarantees are difficult to manage, and there is no guarantee that an end-user receiving a redistributed untrusted component would correctly set its trust level. We propose a framework with a set of easily understood trust levels, and a simple mechanism for applying these trust levels both to already-compiled applications and libraries within the .NET framework. This allows both end-users and software developers to leverage the work of others, while maintaining guarantees that this software would not, intentionally or otherwise, cause damage to their systems or leak confidential information. This tool should provide significant opportunities for code reuse with security and should be easily extended to handle related applications, such as those using compiled Java class libraries","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"32 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125708968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The CyberDefense Laboratory: A Framework for Information Security Education 网络防御实验室:信息安全教育框架
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652077
M. Aboutabl
{"title":"The CyberDefense Laboratory: A Framework for Information Security Education","authors":"M. Aboutabl","doi":"10.1109/IAW.2006.1652077","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652077","url":null,"abstract":"We developed a two-semester curriculum for undergraduate information security education. In the first semester students are provided with the necessary background in cryptography and cryptographic protocols, network security threats and defense mechanisms, as well as an overview of various security models. In the second semester, a set of laboratory-based modules provides the students with hands-on experience in implementing several of the security mechanisms they have learned so far. These modules cover topics such as host discovery and scanning, security assessment, perimeter security, secure communication, and Web security. The students finally engage in an attack-defense exercise through which they gain more insight into the vulnerabilities of existing platforms, and thus mitigate them. A dedicated laboratory has been established for this purpose. The setup of the laboratory and the pedagogical modules are described in this paper","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128483232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信