发布求助
文献互助 智能选刊 最新文献

2008 Third International Conference on Risks and Security of Internet and Systems最新文献

筛选
英文 中文
Access control for cooperative systems: A comparative analysis 合作系统的访问控制:比较分析
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757460
Amine Baïna, Y. Deswarte, A. A. E. Kalam, M. Kaâniche
{"title":"Access control for cooperative systems: A comparative analysis","authors":"Amine Baïna, Y. Deswarte, A. A. E. Kalam, M. Kaâniche","doi":"10.1109/CRISIS.2008.4757460","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757460","url":null,"abstract":"Collaboration allows sharing, processing and exchanging large amounts of data between individuals as well as groups and organizations. In this context, security and access control are important issues that should be studied, specified and enforced. In this paper, we discuss the different approaches that address access control for cooperative systems while putting emphasis on some important proposals; we conclude with a comparison between some interesting approaches, and we introduce some perspectives that help developing the domain.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133958808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Case study: Using digital signatures for the archival of medical records in hospitals 案例研究:在医院病历档案中使用数字签名
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757481
Sebastian Sageder, J. Sametinger, Andreas Wiesauer
{"title":"Case study: Using digital signatures for the archival of medical records in hospitals","authors":"Sebastian Sageder, J. Sametinger, Andreas Wiesauer","doi":"10.1109/CRISIS.2008.4757481","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757481","url":null,"abstract":"Even in medium-sized hospitals, thousands of medical records are created every day. These documents have to be archived over many years. This is important for having access to information for later treatments of patients and for potential legal disputes. The latter makes signing of medical records important. The process of getting rid of paper in hospitals is quite challenging for many reasons. Using digital signatures is definitely one of these challenges. This article will report on this process and on experiences made in an Austrian medium-sized hospital.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113995581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Quality assurance of Grid service provisioning by risk aware managing of resource failures 通过资源故障的风险意识管理来保证网格服务提供的质量
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757475
A. Keller, K. Voß, Dominic Battré, M. Hovestadt, O. Kao
{"title":"Quality assurance of Grid service provisioning by risk aware managing of resource failures","authors":"A. Keller, K. Voß, Dominic Battré, M. Hovestadt, O. Kao","doi":"10.1109/CRISIS.2008.4757475","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757475","url":null,"abstract":"Quality assurance is a key aspect in scope of the provisioning of grid services since end-users ask for specific quality of service (QoS) criteria defined in service level agreements (SLA). To commit to an SLA, grid providers need a risk analysis during SLA negotiation in order to estimate the probability of an SLA violation. In addition, such a risk analysis is necessary in the post-negotiation phase, in order to find the most profitable solution if not all SLAs can be fulfilled. Current job failure rates in grids (10-45%) highlight the necessity of fault-tolerance mechanisms. If not enough resources exist to compensate for all resource outages, the provider has to prefer those jobs which are in expectation the most profitable ones. Hence, this quality assurance ensures that obligations from the most important jobs will be fulfilled.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125283177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
An algebraic-functional framework for distributed access control 分布式访问控制的代数-函数框架
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757458
Clara Bertolissi, M. Fernández
{"title":"An algebraic-functional framework for distributed access control","authors":"Clara Bertolissi, M. Fernández","doi":"10.1109/CRISIS.2008.4757458","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757458","url":null,"abstract":"We propose an access control model that takes into account the specific behaviour of distributed, highly dynamic environments, and describe their representation using an algebraic-functional framework. The declarative nature of the model facilitates the analysis of policies, and direct implementations for access control checking even when resources and information are widely dispersed.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129058989","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Anomaly-based intrusion detection using distributed intelligent systems 基于异常的分布式智能系统入侵检测
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757462
B. Morel
{"title":"Anomaly-based intrusion detection using distributed intelligent systems","authors":"B. Morel","doi":"10.1109/CRISIS.2008.4757462","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757462","url":null,"abstract":"Anomaly based intrusion detection suffers from the uncontrollability of the rate of false alarms (false positive). What one computer may not be able to accomplish (reliable detection of a new malware with small false positive) many networked intelligently may. This paper is a proof of concept of that idea based on simulation with real data analysis. It speculates on how such set-up could be made part of a large scale intelligent system.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122651577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Firewalls anomalies’ detection system based on web services / mobile agents interactions 基于web服务/移动代理交互的防火墙异常检测系统
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757484
Fakher Ben Ftima, K. Karoui, H. Ghézala
{"title":"Firewalls anomalies’ detection system based on web services / mobile agents interactions","authors":"Fakher Ben Ftima, K. Karoui, H. Ghézala","doi":"10.1109/CRISIS.2008.4757484","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757484","url":null,"abstract":"Firewalls are core elements in network security. However, detecting anomalies, particularly in distributed firewalls has become a complex task. Mobile agents promise an interesting approach for communications between different distributed systems specially Web services applications. In this work, we propose a firewall anomaliespsila detection system based on interactions between the Web services and the mobile agents technologies. Then, we highlight the trumps of this approach compared to the client/server model.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128054154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
If only I can trust my police! SIM : An agent-based audit solution of access right deployment through open network 要是我能信任我的警察就好了!SIM:通过开放网络部署访问权限的基于代理的审计解决方案
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757467
Christophe Incoul, B. Gâteau, Jocelyn Aubert, Nicolas Bounoughaz, C. Feltus
{"title":"If only I can trust my police! SIM : An agent-based audit solution of access right deployment through open network","authors":"Christophe Incoul, B. Gâteau, Jocelyn Aubert, Nicolas Bounoughaz, C. Feltus","doi":"10.1109/CRISIS.2008.4757467","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757467","url":null,"abstract":"Dynamic and evolved environment make the Information Systems (IS), and consequently access rights to its components, always more complex to define and to manage. To bring up a contribution for improving that matter, our paperpsilas first objective is to realize the development of an automated deployment of policies from an administrative platform that encompasses business requirements down to infrastructurepsilas components and devices. This objective is achieved by adapting the XACML OASIS framework and by formalizing a protocol for information exchange through different components of a multi-agent system. The second paperpsilas objective aims at providing guaranties that defined and deployed access rights are continuously aligned with business requirements. This objective is completed by complementary developments that aim to perform a systematic and/or on-demand audit of the effective rights against the desired ones. This second objective is achieved by adding new functionality to the proposed agents architecture and by adapting the protocol accordingly. Practically, this research has been performed in the framework of the SIM project and has privileged free and open source components for the prototyping phase.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125345115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A new timestamping schema in the Bounded Storage Model 有界存储模型中的新时间戳模式
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757479
A. B. Shil, Kaouther Blibech Sinaoui, R. Robbana
{"title":"A new timestamping schema in the Bounded Storage Model","authors":"A. B. Shil, Kaouther Blibech Sinaoui, R. Robbana","doi":"10.1109/CRISIS.2008.4757479","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757479","url":null,"abstract":"Timestamping [1] is a cryptographic technique for adding a reliable date to a document in order to prove its existence at a given time. Several solutions of timestamping exist. They are all based on cryptographic techniques as digital signatures and hash functions. However, with the increase of computing power and the evolution of cryptanalysis methods, cryptography becomes more and more the target of criticism. That's why we need new directions and orientations for timestamping techniques. One of these directions was introduced in [2] and dealt with non interactive timestamping solutions in the Bounded Storage Model. In the Bounded Storage Model, we make the hypothesis that user's storage capacity is bounded but user's computing power is unlimited. In this paper, we first present the existing timestamping systems. Then we introduce the Bounded Storage Model. Finally, we present a new timestamping schema that we have conceived in the bounded storage model.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133003884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Towards an automated firewall security policies validation process 迈向自动化防火墙安全策略验证过程
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757489
Ryma Abassi, S. Fatmi
{"title":"Towards an automated firewall security policies validation process","authors":"Ryma Abassi, S. Fatmi","doi":"10.1109/CRISIS.2008.4757489","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757489","url":null,"abstract":"A security policy constitutes one of the major actors in the protection of communication networks. However, it can be one of their weaknesses if it is inadequate according to the network security requirements. For this, a security policy has to be validated before its deployment. Unfortunately, in the literature, there is no well established validation mechanisms ensuring the well founded of such security policies. This paper proposes a validation framework for security policies based on the concept of executable specifications and applied to the firewall case. The main contributions provided by this paper concerns the adaptation of some concepts and mechanisms traditionally used in software engineering for validation aims, such as specification, executable specification or reachability graph.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134240926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A formal security framework for mobile agent systems: Specification and verification 移动代理系统的正式安全框架:规范和验证
2008 Third International Conference on Risks and Security of Internet and Systems Pub Date : 2008-10-01 DOI: 10.1109/CRISIS.2008.4757465
M. Loulou, A. Kacem, M. Jmaiel, M. Mosbah
{"title":"A formal security framework for mobile agent systems: Specification and verification","authors":"M. Loulou, A. Kacem, M. Jmaiel, M. Mosbah","doi":"10.1109/CRISIS.2008.4757465","DOIUrl":"https://doi.org/10.1109/CRISIS.2008.4757465","url":null,"abstract":"Security in mobile agent systems is twofold: protection of mobile agents and protection of agent execution system. Indeed, the proposed solutions for the security of distributed systems arenpsilat sufficient. Moreover, therepsilas no solution which treats the different concerns of security in the mobile agent systems. To achieve this goal, we use formal foundations which provide a rigorous reasoning about security of mobile agent systems. We propose in this paper a formal framework for the security in mobile agent systems which consists of three basic frameworks. The specification framework proposes, explicitly, a generic definition of security policies that may be enhanced by several concepts related to one or more security models. For illustration, we present a security policy enhancement based on the concepts of the RBAC model. Inevitably, we associate to the specification framework a verification framework which checks the consistency of the proposed specifications as well as the consistency intra-policy. In response to the dynamic changes of security requirements in mobile agent systems, we propose a third framework for the reconfiguration of policies.","PeriodicalId":346123,"journal":{"name":"2008 Third International Conference on Risks and Security of Internet and Systems","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2008-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133639764","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信