The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Abstract-Attackers exploit software vulnerabilities, such as stack overflow, heap overflow, and format string errors, to break into victim machines and implant backdoors to maintain access. They typically use obfuscation techniques, such as encryption and covert channels, to hide their command-and-control traffic and avoid detection. In this paper, we show how a vulnerable program can be used to create...
The current paper presents an activity pattern based session specific server side software authentication framework which exploits the fact that software usage pattern of each user has a unique signature. This uniqueness in behavior or activity pattern of a user is described to be a potentially better candidate for software authentication. The identification of signature usage pattern has been developed...
SaaS (Software as a Service) deliver software as a service over the Internet, eliminating the need to install and run the application on the customers' own computers and simplifying maintenance and support. Access control is an important information security mechanism, according to user identity and the attribution of a predefined group of users to restrict access to certain information items, and...
This paper proposed a personal authentication system using small resources for home use. The following three goals were achieved at the same time by this system: (1) identification of each individual, (2) unique existence of each individual in the specified time and space, and (3) no contradiction in the existence of each individual in view of the space and the time before and after an event. Considering...
We have already proposed a novel DCAS protocol and verified it by simulating the protocol operations. In this paper, we describe more detailed protocol operation and propose the method to control the protocol session efficiently. We showed the stability and effectiveness by the implemented results.
A recent survey of the 451group on Cloud usage highlights software licensing as one of the top five obstacles for Cloud computing, quite similar to what has been observed in the Grid already a couple of years. The reasons are the same: the current praxis of software licensing, both in terms of business models and licensing technology. As a consequence, using commercial applications that require access...
The main goal of NAC is to extend the security of networks to the end-point by measuring the authenticity, integrity and security posture of each end-point prior to granting network access. To do this, the following functional areas must be present: authentication/authorization, assessment of security posture, quarantine and remediation. This paper presents an overview of an in-depth NAC requirement...
To improve the network active defense ability with intelligence defense, prevention, and authentication methods in campus network. the concept of intelligent active defense system is proposed based on web access control and 802.1X admission control, the two technologies have their own disadvantages whatever web technology or 802.1X access control, but if we develop their own advantages of web and...
Today complex edge services are positioned on the Wireless LAN, different cryptographic protocols with complex as well as reactive communication models and event dependencies are increasingly being specified and adopted. To ensure that such protocols (and compositions thereof with existing protocols) do not result in unacceptable behaviors (e.g., deadlocks or live locks); a methodology is desirable...
This paper tackles selected problems related to the use of unreliable third-party software libraries or hardware when developing, monitoring and supporting large, mission critical service systems. It is based on experience gathered at the Institute of Computer Science, Masaryk University (ICS MU), while developing software applications working with third-party access control and security systems....
It is currently a global hotspot that the application of multimedia and network technology to education is coming to be. There are inevitably threats brought about by the reliance on network and security problems of different levels in the modern web-based distance education system. This paper gives introduction to and analysis on the building of network security mechanisms in detail for distance...
The media often reports shocking stories regarding attacks to the networks of well-known companies and organisations with headlines announcing either millions of pounds worth of financial loss or exposing public security issues. The most common attacking methods take advantage of the weakness of operating systems, the bugs found in certain applications such as Internet Explorer or Adobe Reader, or...
Software as a Service (SaaS) has been adopted in a fast pace for applications and services on software clouds. However, the success of SaaS in software cloud cannot obscure the integration challenges faced by developers and enterprise infrastructure IT. Among those challenges, firewall/NAT traversal and security issues often pose a serious bottleneck as enterprises may not be entirely comfortable...
To deal with the data security problems in the storage system for the E-government intranet, an integrated data security defense system, which incorporates information isolation, access control, virus detection, content filtering, real time backup and rapid information retrieval, has been designed and implemented. The result on trial displays that this system can ensure the data security of storage...
Biodiversity conservations are often comprehensive, dynamic and complex problem that require professionals to work in teams while dealing with large and decentralized of project areas. However, the varieties of scattered thematic geospatial information can not be used directly and effectively by users - it impedes rather facilitates collaboration, and increases the project cost. To solve this problems,...
We have focused on a particular mechanism of providing network security: firewall technology. Firewalls provide a false sense of security because they have inherent flaws that are continuously exploited by hackers. Current firewalls lack in providing adequate security against insiders. Literature suggests that these limitations arise from the deficiencies in firewall design. This paper presents a...
First of all clarify the research background, and introduces the necessary theory and techniques involved in the relevant. Through the management information system access system resources study of various control methods, using RBAC access control technology to design and implement a middleware based rights management that can run on a variety of hardware and software platform to facilitate the conduct...
Based on the study of the Distributed Management Information System(DMIS) in e-business, the two key techniques are discussed, such as role-based permissions management (RBPM) and Component-Oriented Updating Techniques(COUT). The method of realizing the work flow through RBPM is provided in this paper. The concept of authority is broken down to each operating procedures; realization of user operational...
As the modern society becomes increasingly dependent on software, how to develop Trustworthy Software(TS) systems is considered a critical issue by academia, government and industry. The domain of our work focused on the reliability research on UNIX system, which is the famous and widely used operation system in the world, and adopts C/S software architecture. However, when the user remote login the...
This paper deals with software framework that is mainly for large organization where there is no proper security for IT inventory. How can we have a stabilized application which would help IT Admins and Managements to have a clear picture of what are the IT related usages and transactions that are carried out in an Organization? Then would help them frame a proper IT budget every year. To maintain...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.