发布求助
文献互助 智能选刊 最新文献

The Second International Conference on Availability, Reliability and Security (ARES'07)最新文献

筛选
英文 中文
Event-Based Monitoring of Open Source Software Projects 基于事件的开源软件项目监控
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.84
D. Wahyudin, A. Tjoa
{"title":"Event-Based Monitoring of Open Source Software Projects","authors":"D. Wahyudin, A. Tjoa","doi":"10.1109/ARES.2007.84","DOIUrl":"https://doi.org/10.1109/ARES.2007.84","url":null,"abstract":"Project management traditionally has a strong focus on human reporting that fits well a tightly coupled form of organization to ensure the quality of project reporting. For loosely coupled forms of organization, such as open source systems (OSS) development projects, there are very few approaches to ensure the quality of project reporting; a promising approach can be to augment human reporting with data analysis based on the communication and state changes in an OSS project. In this paper we propose a concept and an initial measurement approach for event-based monitoring of OSS projects to better understand the actual benefit of tool-supported gathering, correlating and analyzing processes event data from the OSS community as a supplement for traditional software project monitoring data collection. We report on an empirical feasibility study investigating success and risk indicators of five OSS projects listed in the Apache Incubator","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"92 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133780810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Optimizing Events Traffic in Event-based Systems by means of Evolutionary Algorithms 基于进化算法的事件系统事件流量优化
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.113
Jiří Kubalík, Richard Mordinyi
{"title":"Optimizing Events Traffic in Event-based Systems by means of Evolutionary Algorithms","authors":"Jiří Kubalík, Richard Mordinyi","doi":"10.1109/ARES.2007.113","DOIUrl":"https://doi.org/10.1109/ARES.2007.113","url":null,"abstract":"This paper presents a new approach for solving network flow optimization problems. In particular, the goal is to optimize the traffic in the network structured event-driven systems as well as to provide means for efficient adaptation of the system to changes in the environment - i.e., when some nodes and/or links fail. Many network flow optimization problems belong to the class of NP hard problems, which can only be solved by using some heuristic approach. In this paper we describe an application of a recently introduced iterative optimization algorithm with evolved improvement steps. This algorithm is well suited for solving hard discrete combinatorial problems as well as rescheduling-like problems; thus it fits the addressed adaptability issue very well","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132580370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Policy Language for the Extended Reference Monitor in Trusted Operating Systems 可信操作系统中扩展参考监视器的策略语言
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.14
Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, K. Sakurai
{"title":"A Policy Language for the Extended Reference Monitor in Trusted Operating Systems","authors":"Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, K. Sakurai","doi":"10.1109/ARES.2007.14","DOIUrl":"https://doi.org/10.1109/ARES.2007.14","url":null,"abstract":"The main focus of current research in trusted operating systems (TOS) is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which are also of concern in security enforcement. This paper presents a policy language for the extended reference monitor. Our policy language is based on domain and type enforcement (DTE) and role-based access control (RBAC). Permission is defined as an event and a state of behavior is represented as a fluent to be accorded with the convention of event calculus (EC). Behavior policies can be expressed with the EC style syntax as well as access control policies","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125421528","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Indexing and Search of Correlated Business Events 相关业务事件的索引和搜索
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.100
Roland Vecera, S. Rozsnyai, Heinz Roth
{"title":"Indexing and Search of Correlated Business Events","authors":"Roland Vecera, S. Rozsnyai, Heinz Roth","doi":"10.1109/ARES.2007.100","DOIUrl":"https://doi.org/10.1109/ARES.2007.100","url":null,"abstract":"Complex event processing (CEP) is an emerging technology gaining a lot of momentum in research as well as in commercial products. CEP is a technique that utilizes event-driven IT-systems to monitor, optimize and steer todays business situations in real-time. Lots of contributions have been published on how to handle large amounts of event streams and how to extract meaningful knowledge out of often fine-grained events. From our experience we learned that complex use cases implemented with CEP need appropriate tool support to validate, understand and analyze the event processing done by the CEP software. We introduce the EventCloud system which is a generic event search and analysis tool integrating with CEP solutions in almost every domain. EventCloud is an end user application that allows complex search and analysis of correlated events. As CEP requires a highly specialized system architecture, the characteristics of events also have impacts on the infrastructure for indexing, searching and analyzing events. In this paper we present two approaches describing how to properly represent correlated events in persistent storages to allow performant event indexing and searching. Further we describe the \"document-oriented\" approach, where correlated events are managed in a full-text index and discuss the problems and pitfalls with its implementation in Apache Lucene. Finally we compare different full-text engines, namely Apache Lucene and Microsoft SQL Server 2005, to analyze their performance and features for event indexing and search","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127277895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
A secure architecture for the pseudonymization of medical data 用于医疗数据假名化的安全体系结构
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.22
Bernhard Riedl, T. Neubauer, G. Goluch, Oswald Boehm, G. Reinauer, A. Krumboeck
{"title":"A secure architecture for the pseudonymization of medical data","authors":"Bernhard Riedl, T. Neubauer, G. Goluch, Oswald Boehm, G. Reinauer, A. Krumboeck","doi":"10.1109/ARES.2007.22","DOIUrl":"https://doi.org/10.1109/ARES.2007.22","url":null,"abstract":"As aging and very expensive programs put more pressure on health and social care systems, an increase in the need for electronic healthcare records can be observed, because they promise massive savings and better clinical quality. However, patients and commissioners for data protection have legitimate concerns about the privacy and confidentiality of the stored data. Although the concept of pseudonymization allows an association with a patient only under specified and controlled circumstances, existing approaches have major vulnerabilities. This paper provides a new architecture for the pseudonymization of medical data that combines primary and secondary use in one system and thus provides a solution to vulnerabilities of existing approaches","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127648453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 52
A Recovery Protocol for Middleware Replicated Databases Providing GSI 提供GSI的中间件复制数据库恢复协议
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.18
J. E. Armendáriz-Iñigo, F. D. Muñoz-Escoí, J. Juárez-Rodríguez, J. R. G. D. Mendívil, Bettina Kemme
{"title":"A Recovery Protocol for Middleware Replicated Databases Providing GSI","authors":"J. E. Armendáriz-Iñigo, F. D. Muñoz-Escoí, J. Juárez-Rodríguez, J. R. G. D. Mendívil, Bettina Kemme","doi":"10.1109/ARES.2007.18","DOIUrl":"https://doi.org/10.1109/ARES.2007.18","url":null,"abstract":"Middleware database replication is a way to increase availability and afford site failures for dynamic content Websites. There are several replication protocols that ensure data consistency for these systems. The most attractive ones are those providing generalized snapshot isolation (GSI), as read operations never block. These replication protocols are based on the certification process, however, up to our knowledge, they do not cope with the recovery of a replica. In this paper we propose a recovery protocol that ensures GSI (we provide an outline of its correctness) that does not interfere with user transactions and permits the execution of transactions in the recovering node, even though the recovery process has not finished","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127887885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Improved Client-to-Client Password-Authenticated Key Exchange Protocol 改进的客户端到客户端密码认证密钥交换协议
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.99
Yao Gang, Feng Dengguo, Han Xiaoxi
{"title":"Improved Client-to-Client Password-Authenticated Key Exchange Protocol","authors":"Yao Gang, Feng Dengguo, Han Xiaoxi","doi":"10.1109/ARES.2007.99","DOIUrl":"https://doi.org/10.1109/ARES.2007.99","url":null,"abstract":"Password-authenticated key exchange protocols allow two entities who only share a human-memorable password to authenticate each other and agree on a large session key. Most password authenticated key exchange protocols provide an authenticated key exchange between a client and a server based on a pre-shared password. With the development of modern communication environments, it is necessary to design a secure authenticated key exchange between clients. In ICICS'02, Byun et al. presented a client to client password-authenticated key exchange protocol in a cross-realm setting. But the protocol is vulnerable to some attacks by an insider adversary or outsider adversary. In this paper, we present an improved protocol to solve the problem, and prove the improved protocol is secure against all types of attacks considered in the paper","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114261874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Hybrid Trust Model for Enhancing Security in Distributed Systems 一种增强分布式系统安全性的混合信任模型
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.6
Ching Lin, V. Varadharajan
{"title":"A Hybrid Trust Model for Enhancing Security in Distributed Systems","authors":"Ching Lin, V. Varadharajan","doi":"10.1109/ARES.2007.6","DOIUrl":"https://doi.org/10.1109/ARES.2007.6","url":null,"abstract":"We propose a hybrid trust model for enhancing security in distributed applications by combining the \"hard\" and \"soft\" trust relationships. The motivation is to compensate for the drawbacks associated with individual hard trust and soft trust models. We develop a formal hybrid trust model for specifying the hybrid trust relationships and associated operations. The new model provides a flexible way for specifying the security relevant trust requirements which compensate the drawbacks of the individual trust models while preserving their advantages. We provide application guidelines on how the hybrid trust relationships can be applied to achieve mutual improvements between the individual models","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131221525","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Fingerprint Matching Algorithm Based on Tree Comparison using Ratios of Relational Distances 基于关系距离比率的树比较指纹匹配算法
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.90
Abinandhan Chandrasekaran, B. Thuraisingham
{"title":"Fingerprint Matching Algorithm Based on Tree Comparison using Ratios of Relational Distances","authors":"Abinandhan Chandrasekaran, B. Thuraisingham","doi":"10.1109/ARES.2007.90","DOIUrl":"https://doi.org/10.1109/ARES.2007.90","url":null,"abstract":"We present a fingerprint matching algorithm that initially identifies the candidate common unique (minutiae) points in both the base and the input images using ratios of relative distances as the comparing function. A tree like structure is then drawn connecting the common minutiae points from bottom up in both the base and the input images. Matching score is obtained by comparing the similarity of the two tree structures based on a threshold value. We define a new term called the 'M(i)-tuple' for each minutiae point which uniquely encodes details about the local surrounding region, where i = 1 to N, and N is the number of minutiae. The proposed algorithm requires no explicit alignment of the two to-be compared fingerprint images and also tolerates distortions caused by spurious minutiae points. The algorithm is also capable of comparing and producing matching scores between two images obtained from two different kinds of sensors, hence is sensor interoperable and also reduces the FNMR in cases where there is very little overlap region between the base and the input image. We conducted evaluations on the FVC-2000 datasets and have summarized the results in the concluding section","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"183 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127028675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
eTVRA, a Threat, Vulnerability and Risk Assessment Method and Tool for eEurope eTVRA:欧洲的威胁、脆弱性和风险评估方法和工具
The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI: 10.1109/ARES.2007.82
J. Rossebø, S. Cadzow, P. Sijben
{"title":"eTVRA, a Threat, Vulnerability and Risk Assessment Method and Tool for eEurope","authors":"J. Rossebø, S. Cadzow, P. Sijben","doi":"10.1109/ARES.2007.82","DOIUrl":"https://doi.org/10.1109/ARES.2007.82","url":null,"abstract":"The telecommunications environment is evolving into next generation networks (NGN). On an NGN, telecommunications services are recreated on IP networks, this creates a demand on standardization bodies to adapt and meet the needs of these emerging networks. Securing the service environment for eBusiness and the underlying network are crucial areas cited in the eEurope action plan. Standardization provides an important means for securing the NGN and establishing trust in its services and infrastructure in order to enable the development of modern public services. In response to this, we have developed a threat, vulnerability and risk assessment (eTVRA) method and tool for use in standardisation. Using the eTVRA method and tool, the threats to NGNs can be analyzed and a set of recommended countermeasures identified that when implemented will reduce the overall risk to users of NGNs. In this paper we present the eTVRA method and tool along with the results of its application to the use of enhanced number (ENUM) (Eastlake, 1999) and SIP (Rosenberg et al., 2002) in the NGN","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114757286","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信