The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This demo showcases some of the capabilities foreseen for the security infrastructure designed by the H2020 SHIELD project. SHIELD exploits NFV for adaptive monitoring of an IT infrastructure and for feeding the data to an analytics engine to detect attacks in real time. An intelligent reaction system is then activated to reconfigure the SDN/NFV infrastructure so that the attacks are thwarted. The...
In many-core systems, the processing elements are interconnected using Networks-on-Chip. An example of on-chip network is SoCIN, a low-cost interconnect architecture whose original design did not take into account security aspects. This network is vulnerable to eavesdropping and spoofing attacks, what limits its use in systems that require security. This work addresses this issue and aims to ensure...
This paper discusses the open issues in incorporating trust techniques in the NFV environment specified by the ETSI NFV Industry Specification Group, and analyses the available technologies to fill this gap. ETSI is developing security and trust specifications within its NFV-SEC working group, with the aim of establishing and assessing trust of both the hardware platform and the virtualised infrastructure...
Many-core architectures are similar to a computer network, where it is necessary to ensure the security during the execution of sensitive applications. This article discusses two security-related issues: the secure admission of applications and the prevention of resource sharing during their execution. The safe application admission is an open research subject for many-core systems. Although several...
We evaluated the support proposed by the RSO to represent graphically our EAM-ISSRM (Enterprise Architecture Management - Information System Security Risk Management) integrated model. The evaluation of the RSO visual notation has been done at two different levels: completeness with regards to the EAM-ISSRM integrated model (Section III) and cognitive effectiveness, relying on the nine principles...
Architecture models mainly have three functions; 1) document, 2) analyze, and 3) improve the system under consideration. All three functions have suffered from being timeconsuming and expensive, mainly due to being manual processes in need of hard to find expertise. Recent work has however automated both the data collection and the analysis. In order for enterprise architecture modeling to finally...
eHealth is a technology that is growing in importance over time, varying from remote access to Medical Records, such as Electronic Health Records (EHR), or Electronic Medical Records (EMR), to real-time data exchange from different on-body sensors coming from different patients. With this huge amount of critical data being exchanged, problems and challenges arise. Privacy and confidentiality of this...
Software-Defined Infrastructure (SDI) is a resource sharing infrastructure that embraces the concept of separation of the network control plane from its data plane, and software realization of network functions from the underlying hardware appliances through the virtualization technology in emerging infrastructures such as Cloud, Network Function Virtualization (NFV), and Software-Defined Networking...
Honeynet is deployed to trap attackers and learn their behavior patterns and motivations. Conventional honeynet is implemented by dedicated hardware and software. It suffers from inflexibility, high CAPEX and OPEX. There have been several virtualized honeynet architectures to solve those problems. But they lack a standard operating environment and common architecture for dynamic scheduling and adaptive...
There is an increasing availability of high throughput networks which leads to the need of security appliances in these networks. Testing these appliances with regards to performance and effectiveness relies on testing tools that can achieve or even surpass the capabilities of the devices and networks under test. However, current tools are not capable of achieving both the flexibility and performance...
During the development and expansion of Internet of Things (IoT), main challenges needing to be addressed are the heterogeneity, interoperability, scalability, flexibility and security of IoT applications. In this paper, we view IoT as a large-scale distributed cyber-physical-social complex network. From that perspective, the above challenges are analyzed. Then, we propose a distributed multi-agent...
Defending against cache pollution attacks, highly detrimental attacks that are easy to implement in Named-Data Networking (NDN), currently suffers from the lack of coordination. Solving cache pollution attacks is a prerequisite for the deployment of NDN, which is widely considered to be the basis for the future Internet. We present CoMon++ to this end, a framework for lightweight coordination that...
This paper describes our blockchain architecture as a new system solution to supply a reliable mechanism for secure and efficient medical record exchanges. The Advanced Block-Chain (ABC) approach was designed to meet the demands in healthcare growth as well as in the new form of social interactive norms. It is going to revolutionize the e-Health industry with greater efficiency by eliminating many...
Software Defined Networking (SDN) has proved to be a promising approach for creating next generation software based network ecosystems. It has provided us with a centralized network provision, a holistic management plane and a well-defined level of abstraction. But, at the same time brings forth new security and management challenges. Research in the field of SDN is primarily focused on reconfiguration,...
As an extension of cloud computing, fog computing is proving itself more and more potentially useful nowadays. Fog computing is introduced to overcome the shortcomings of cloud computing paradigm in handling the massive amount of traffic caused by the enormous number of Internet of Things devices being increasingly connected to the Internet on daily basis. Despite its advantages, fog architecture...
There are several reports and white papers which attempt to precise 5G architectural requirements presenting them from different points of view, including techno-socio-economic impacts and technological constraints. Most of them deal with network slicing aspects as a central point, often strengthening slices with slice isolation. The goal of this paper is to present and examine the isolation capabilities...
Quality can be a very elusive concept that can be approached from a number of perspectives dependent on once take and interest. Evidence that relates software process to quality is often anecdotal or, when data is presented, it is to some extent contradictory or clashes with opposite evidence coming from different samples. Also, the influence of quality on software architecture is mostly described...
Designing usable and secure software is hard without tool-support. Given the importance of requirements, CAIRIS was designed to illustrate the form tool-support for specifying usable and secure systems might take. While CAIRIS supports a broad range of security and usability engineering activities, its architecture needs to evolve to meet the workflows of these stakeholders. To this end, this paper...
To overcome the current cybersecurity challenges of protecting our cyberspace and applications, we present an innovative cloud-based architecture to offer resilient Dynamic Data Driven Application Systems (DDDAS) as a cloud service that we refer to as resilient DDDAS as a Service (rDaaS). This architecture integrates Service Oriented Architecture (SOA) and DDDAS paradigms to offer the next generation...
While Java Virtual Machine can provide applications with safety property to avoid memory corruption bugs, it continues to encounter some security flaws. Real world exploits show that the current sandbox model can be bypassed. In this paper, we focus our work on bytecode integrity measurement in clouds to identify malicious execution and propose J-IMA architecture to provide runtime measurement and...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.