发布求助
文献互助 智能选刊 最新文献

The Second International Conference on Availability, Reliability and Security (ARES'07)最新文献

筛选
英文 中文
Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management 支持兼容和安全的用户处理-内部身份管理的结构化方法
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.145
L. Fuchs, G. Pernul
{"title":"Supporting Compliant and Secure User Handling - A Structured Approach for In-House Identity Management","authors":"L. Fuchs, G. Pernul","doi":"10.1109/ARES.2007.145","DOIUrl":"https://doi.org/10.1109/ARES.2007.145","url":null,"abstract":"The catchword \"compliance\" dominates the actual debate about identity management and information security like few before. Companies need to comply with a variety of internal and external standards and regulations like the US SOX Act. Identity management is seen as a main provider of compliance in modern companies. However, its organisational aspects are underestimated in many projects, lacking a comprehensive approach to introduce in-house identity management. This work is based on the experiences gained from industry projects using identity management functionalities to strengthen security and to reach a high level of compliance. We develop a structured process-oriented methodology for introducing an identity management infrastructure for organisations using drivers from IT security management to evaluate, rank, and implement subprojects. The methodology consists of an iterative process which enables even large and unstructured organisations to reach a suitable and profitable level of identity management by emphasising on organisational aspects rather than taking a merely technical approach","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"100 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115741017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
How can the developer benefit from security modeling? 开发人员如何从安全建模中获益?
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.96
Shanai Ardi, David Byers, P. H. Meland, Inger Anne Tøndel, N. Shahmehri
{"title":"How can the developer benefit from security modeling?","authors":"Shanai Ardi, David Byers, P. H. Meland, Inger Anne Tøndel, N. Shahmehri","doi":"10.1109/ARES.2007.96","DOIUrl":"https://doi.org/10.1109/ARES.2007.96","url":null,"abstract":"Security has become a necessary part of nearly every software development project, as the overall risk from malicious users is constantly increasing, due to increased consequences of failure, security threats and exposure to threats. There are few projects today where software security can be ignored. Despite this, security is still rarely taken into account throughout the entire software lifecycle; security is often an afterthought, bolted on late in development, with little thought to what threats and exposures exist. Little thought is given to maintaining security in the face of evolving threats and exposures. Software developers are usually not security experts. However, there are methods and tools available today that can help developers build more secure software. Security modeling, modeling of e.g., threats and vulnerabilities, is one such method that, when integrated in the software development process, can help developers prevent security problems in software. We discuss these issues, and present how modeling tools, vulnerability repositories and development tools can be connected to provide support for secure software development","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"447 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115926499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
A Security Framework in RFID Multi-domain System RFID多域系统的安全框架
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.24
Dong Seong Kim, Taek-Hyun Shin, Jong Sou Park
{"title":"A Security Framework in RFID Multi-domain System","authors":"Dong Seong Kim, Taek-Hyun Shin, Jong Sou Park","doi":"10.1109/ARES.2007.24","DOIUrl":"https://doi.org/10.1109/ARES.2007.24","url":null,"abstract":"In previous approaches, it's generally assumed that all radio frequency identification (RFID) tags belong to a single RFID domain system (we name this as RFID single domain system). To date, most researches in the RFID single domain system have been on authentication protocols against a variety of attacks. This paper considers the security and privacy problems regarding that RFID tags used by different two or more RFID domains (we name this as RFID multi-domain system). We divided the security and privacy mechanisms in RFID multi-domain system into 3 conceptual parts: RFID forehand system security, RFID backend system security, and RFID inter-domain system security. First, we review RFID forehand and backend system security issues. Second, we present a security framework in RFID multi-domain system. Third, we propose and evaluate authentication and authorization for RFID inter-domain system with a case study","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126782113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 34
Privacy in Pervasive Computing and Open Issues 普适计算中的隐私和开放问题
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.115
P. Bhaskar, Sheikh Iqbal Ahamed
{"title":"Privacy in Pervasive Computing and Open Issues","authors":"P. Bhaskar, Sheikh Iqbal Ahamed","doi":"10.1109/ARES.2007.115","DOIUrl":"https://doi.org/10.1109/ARES.2007.115","url":null,"abstract":"Privacy appears as a major issue for pervasive computing applications. Several models have been proposed to address privacy challenges. Successful design requires awareness of the technology's users and that their desires and concerns are understood. This is difficult as few empirical researches exist about potential pervasive users that designers can use. Complicating design further is the fact that pervasive systems are typically embedded or invisible, making it difficult for users to know when these devices are present and collecting data. As users have a limited understanding of the technology several privacy, design, and safety issues are raised. This paper discusses how privacy might be preserved in a pervasive computing environment. It presents some research developments in these areas to address privacy concerns. Open issues and challenges are also examined","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130525966","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
HICI: An Approach for Identifying Trust Elements The case of technological trust perspective in VBEs 基于技术信任视角的企业信任要素识别方法研究
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.94
S. Msanjila, H. Afsarmanesh
{"title":"HICI: An Approach for Identifying Trust Elements The case of technological trust perspective in VBEs","authors":"S. Msanjila, H. Afsarmanesh","doi":"10.1109/ARES.2007.94","DOIUrl":"https://doi.org/10.1109/ARES.2007.94","url":null,"abstract":"The stability of a virtual organization breeding environment (VBE) requires the right balance of trust level among its members. Particularly for industry-based large-size VBEs and considering the global economy, organizations are now faced with the growing: value of information, uncertainties, and risks surrounding most businesses. As a result, creating a virtual organization (VO) within the VBE environment is becoming challenging and difficult. Establishing trust relationships among organizations in the VBE is now a promising facilitator for fluid VO creations. A priori to establishing trust relationships among member organizations however, trust levels of involved organizations must be properly assessed. In order to properly assess trust level of organizations in VBEs, trust elements and trust relationships must be thoroughly characterized. This paper presents a three-stage approach for identifying and analyzing trust elements. It also presents the general trust elements for three main trust objectives in VBEs, namely for creating trust: among VBE members, of the member to the VBE administration, and of the external stakeholder (e.g., a customer) to the VBE","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131014295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Terrorist Networks Analysis through Argument Driven Hypotheses Model 基于论证驱动假设模型的恐怖主义网络分析
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.146
D. Hussain
{"title":"Terrorist Networks Analysis through Argument Driven Hypotheses Model","authors":"D. Hussain","doi":"10.1109/ARES.2007.146","DOIUrl":"https://doi.org/10.1109/ARES.2007.146","url":null,"abstract":"Social network analysis has been used for quite some time to analyze and understand the behavior of nodes in the network. Theses nodes could be individuals or group of persons, events or organizations, etc. In fact these nodes could be any thing, importantly, these nodes propagate or do some thing and obviously these nodes have attributes. Social network analysis (SNA) is a multi-model multi-link problem and one can imagine the challenge posed by such multidimensional task. Typically, models represent various processes and their organization including the interaction between processes. Such types of models are intellective simulation models, explaining one particular aspect of the model abstracting other factors present in the model. The standard or normal representation of a typical social network model is through a graph data structure. The dynamics of larger social networks is so complex some time it becomes difficult to understand the various levels of interactions and dependencies just by mere representation through a graph. However, to overcome this limitation many analytical methods provide relationship dependencies, role of different nodes and their importance in the social networks. Since the start of the new century many terrorism events have occurred around the globe. These events have provided a new impetus for the analysis, investigation, studying the behavior and tracking terrorist networks (individuals). In this paper we are presenting a very novel and absolutely new approach to SNA for locating important key players in the network. The system also predicts a path through these nodes which shows the vulnerability of the network and if the path along with these nodes is removed it can reduce/destabilize or even destroy the structure of the network","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131032708","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Towards Secure E-Elections in Turkey: Requirements and Principles 迈向安全的电子选举在土耳其:要求和原则
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.153
O. Cetinkaya, D. Cetinkaya
{"title":"Towards Secure E-Elections in Turkey: Requirements and Principles","authors":"O. Cetinkaya, D. Cetinkaya","doi":"10.1109/ARES.2007.153","DOIUrl":"https://doi.org/10.1109/ARES.2007.153","url":null,"abstract":"E-democracy is a necessity in this era of computers and information technology. E-voting is one of the most significant parts of e-democracy, which refers to the use of computers or computerized voting equipment to cast ballots in an election. This is a study on e-voting requirements specifically pointing out its implementation in Turkey. Nowadays, the Turkish Government has begun to test an e-voting system, which has been developed by a private company for Turkish electoral needs. Since there is neither technical nor academic comprehensive documentation available regarding the system, we are not sure about that it may or may not be a satisfactory solution to Turkish electoral needs. The aim of this paper is to define an extensive set of requirements that any e-voting system, which is planned to be used instead of paper-based voting system in the countries that have representative democracy so as in Turkey, should satisfy","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132374739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
3G-WLAN Convergence: Vulnerability, Attacks Possibilities and Security Model 3G-WLAN融合:漏洞、攻击可能性和安全模型
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.1
M. Sher, T. Magedanz
{"title":"3G-WLAN Convergence: Vulnerability, Attacks Possibilities and Security Model","authors":"M. Sher, T. Magedanz","doi":"10.1109/ARES.2007.1","DOIUrl":"https://doi.org/10.1109/ARES.2007.1","url":null,"abstract":"In this paper we present the vulnerability, threats and attacks for third generation (3G) networks converged with WLAN and propose the security model addressing the roaming and non-roaming security scenarios. Many threats against 3G network resources can be realised by attacking the WLAN access network, therefore it is important to identify the security requirements for 3G-WLAN interworking and choose a security solution that is robust and dynamic to different levels of WLAN access network. The proposed architecture is based on the extensible authentication protocol (EAP) for USIM authentication & key agreement (AKA) and authorization procedures, and secure tunnel establishment using IKEv2 (Internet key exchange) protocol to minimize security threats. We will also discuss the termination of fake or forge WLAN session to protect the user confidential information on vulnerable wireless link. The development is part of secure service provisioning (SSP) framework of IP multimedia system (IMS) at 3Gb Testbed of Fokus Fraunhofer","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"203 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132833163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Using Space-Based Computing for More Efficient Group Coordination and Monitoring in an Event-Based Work Management System 在基于事件的工作管理系统中使用天基计算进行更有效的小组协调和监控
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.158
Marcus Mor, Richard Mordinyi, Johannes Riemer
{"title":"Using Space-Based Computing for More Efficient Group Coordination and Monitoring in an Event-Based Work Management System","authors":"Marcus Mor, Richard Mordinyi, Johannes Riemer","doi":"10.1109/ARES.2007.158","DOIUrl":"https://doi.org/10.1109/ARES.2007.158","url":null,"abstract":"Group communication is a very difficult task to be implemented in distributed applications. Particularly, work management systems are important in many industries to support the coordination of distributed groups of mobile workers with different levels of availability. Traditional event-based systems using point-to-point communication such as e-mail are not well suited to coordinate a work group as the state of a work item is not always clear and this mode of communication creates many mistakes and massive communication overhead because those tasks are solved via a central server. In this paper, we analyze a work process in a major insurance company, develop a prototype providing solutions for the problems by exploring the coordination features deployed in space-based computing and compare the current system with the prototype","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134480486","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Access Control and Integration of Health Care Systems: An Experience Report and Future Challenges 访问控制和卫生保健系统的整合:经验报告和未来的挑战
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.30
Lillian Røstad, Ø. Nytrø
{"title":"Access Control and Integration of Health Care Systems: An Experience Report and Future Challenges","authors":"Lillian Røstad, Ø. Nytrø","doi":"10.1109/ARES.2007.30","DOIUrl":"https://doi.org/10.1109/ARES.2007.30","url":null,"abstract":"Health information about a patient is usually scattered among several clinical systems, which limits the availability of the information. Integration of the most central systems is a possible solution to this problem. In this paper we present one such integration effort, with a focus on how access control is handled in the integrated system. Although this effort has not yet solved all the issues of access control integration, it demonstrates a practical approach for creating something that works today and serves as input to the discussion on future challenges for access control when integrating multiple systems","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128981668","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信