101 resultados para Computer networks - Security measures
Resumo:
The dynamic nature of threats and vulnerabilities within the E-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, E-business security has to become proactive, by reviewing and continuously improving security to strengthen E-business security measures and policies. This can be achieved through benchmarking the security measures and policies utilised within the Ebusiness, against recognised information technology (IT) and information security (IS) security standards.
Resumo:
The dynamic nature of threats and vulnerabilities within the e-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, e-business security has to become proactive, by reviewing and continuously improving security to strengthen e-business security measures and policies. This can be accomplished through benchmarking the security measures and policies utilised within the e-business, against recognised Information Technology (IT) and Information Security (IS) security standards.
Resumo:
Current parallel and distributed networks/systems are facing serious threats from network terrorism and crime, which cause huge financial loss and potential life hazard. As attacking tools are becoming more widely available, more easy-to-use, more sophisticated, and more powerful, more efforts have been made in building more effective, more intelligent, and more adaptive defense systems which are of distributed and networked nature. This special issue focuses on issues related to Network and System Security, such as authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability of computer networks and systems.
Resumo:
The nature of wireless transmission leads to vulnerabilities to many malicious activities, and communication in wireless mesh networks (WMNs) must be protected by proper security measures. This paper focuses on symmetric pair wise key establishment and presents a new matrix-based pair wise key establishment scheme for mesh clients. In WMNs, mesh routers are much more powerful than mesh clients, both in communication and computation. By taking advantage of this heterogeneity, our new scheme delegates energy-consuming operations to mesh routers when establishing pair wise keys for mesh clients. Additionally, neighbor mesh clients in our scheme can directly establish pair wise keys with significantly reduced communication and storage costs, due to the use of both pre and post deployment knowledge.
Resumo:
Security is a major challenge in Opportunistic Networks (OppNets) because of its characteristics, such as open medium, dynamic topology, no centralized management and absent clear lines of defense.A packet dropping attack is one of the major security threats in OppNets since neither source nodes nor destination nodes have the knowledge of where or when the packet will be dropped. In this paper, we present a novel attack and traceback mechanism against a special type of packet dropping where the malicious node drops one or more packets and then injects new fake packets instead. We call this novel attack a Catabolism Attack and we call our novel traceback mechanism against this attack Anabolism Defense. Our novel detection and traceback mechanism is very powerful and has very high accuracy. Each node can detect and then traceback the malicious nodes based on a solid and powerful idea that is, hash chain techniques. In our defense techniques we have two stages. The first stage is to detect the attack, and the second stage is to find the malicious nodes. Simulation results show this robust mechanism achieves a very high accuracy and detection rate.
Resumo:
In the wake of the Bali bombing the Australian government has proposed a number of national security measures that pose a real danger to human security in Australia and the region. These measures include renewed and increased military and intelligence exchanges with Indonesia, and laws that allow the Australian Security Intelligence Organization (ASIO) to detain people without charge or even suspicion in order to gather intelligence. In less emotional times these initiatives would be rejected as contrary to human rights concerns and Australia’s democratic traditions, which include the rule of law and due process protections. In the current climate, however, human rights and civil liberties are apt to be portrayed as unaffordable luxuries.
Resumo:
Wilh the protection of critical information infrastructure becoming a priority for all levels of management. there is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. The fourth generation security risk analysis melhod which copes wilh the shift from computer/information security to critical information iinfrastructure protectionl is lhe next step toward handling security risk at all levels. The paper will present the methodology of
fourth generation models and their application to critical information infrastructure protection and the associated advantagess of this methodology.
Resumo:
Graphical authentication is proposed as an alternative to password, smartcard, and biometric authentication as it uses the innate ability of humans to recognise visual stimuli. Despite passionate debate surrounding their privacy and invasiveness issues, smartcards and biometrics require an excessive amount of extra hardware for widespread deployment. Conversely graphical authentication extends existing infrastructure as it builds largely on the foundations of passwords with one important difference: it takes humans into account as they are better at recognising visual stimuli than recalling text-based passwords. This paper follows a preceding proof of concept paper and essentially outlines the architectural and technical design for a graphical authentication solution.
Resumo:
The variety of threats and vulnerabilities within the online business environment are dynamic and thus constantly changing in how they impinge upon online functionality, compromise organizational or customer information, contravene security implementations and thereby undermine online customer confidence. To nullify such threats, online security management must become proactive, by reviewing and continuously improving online security to strengthen the enterpriseis online security measures and policies, as modelled. The benchmarking process utilises a proposed benchmarking framework to guide both the development and application of security benchmarks created in the first instance, from recognized information technology (IT) and information security standards (ISS) and then their application to the online security measures and policies utilized within online business. Furthermore, the benchmarking framework incorporates a continuous improvement review process to address the relevance of benchmark development over time and the changes in threat focus.
Resumo:
"This textbook covers both theoretical and practical aspects of distributed computing. It describes the client-server model for developing distributed network systems, the communication paradigms used in a distributed network system, and the principles of reliability and security in the design of distributed network systems." "This book is suitable for self-study or for use in classes. Most parts of the book have been used by the authors in their teaching of various topics including distributed systems, computer networks, and distributed database systems. This book can also serve as an invaluable guide for computing professionals in their work for the design and implementation of distributed network systems."
Resumo:
Ease of Internet accessibility has offered business the opportunity to incorporate this electronic infrastructure technology into establishing electronic-based supply chains. With the improved efficiency that this brings to the management and functionality of the supply chain, there are also security considerations that should be taken into account for protecting the integrity of the electronic supply chain, not only within each business node, but also across the entire supply chain. Such security vulnerabilities can be negated with the implementation of security measures and policies, however these need to be consistent throughout the supply chain and regularly assessed against security benchmarks in order to ensure they meet dequate security standards.
--Session data-->
Resumo:
Fraud and deception in online marketplaces has been an on-going problem. This thesis proposes novel techniques and mechanisms using agent technology to protect buyers and sellers in online environments such as eBay. The proposed solution has been rigorously tested and the results show good commercial promise.
Resumo:
As an interesting application on cloud computing, content-based image retrieval (CBIR) has attracted a lot of attention, but the focus of previous research work was mainly on improving the retrieval performance rather than addressing security issues such as copyrights and user privacy. With an increase of security attacks in the computer networks, these security issues become critical for CBIR systems. In this paper, we propose a novel two-party watermarking protocol that can resolve the issues regarding user rights and privacy. Unlike the previously published protocols, our protocol does not require the existence of a trusted party. It exhibits three useful features: security against partial watermark removal, security in watermark verification and non-repudiation. In addition, we report an empirical research of CBIR with the security mechanism. The experimental results show that the proposed protocol is practicable and the retrieval performance will not be affected by watermarking query images.
Resumo:
Security and privacy have been the major concern when people build computer networks and systems. Any computer network or system must be trustworthy to avoid the risk of losing control and retain confidence that it will not fail [1] Jun Ho Huh, John Lyle, Cornelius Namiluko and Andrew Martin, Managing application whitelists in trusted distributed systems. Future Generation Computer Systems, 27 2 (2011), pp. 211–226. [1]. Trust is the key factor to enable dynamic interaction and cooperation of various users, systems and services [2]. Trusted Computing aims at making computer networks, systems, and services available, predictable, traceable, controllable, assessable, sustainable, dependable, and security/privacy protectable. This special section focuses on the issues related to trusted computing, such as trusted computing models and specifications, trusted reliable and dependable systems, trustworthy services and applications, and trust standards and protocols.
Resumo:
In this paper, typing biometrics is applied as an additional security measure to the password-based or Personal Identification Number (PIN)-based systems to authenticate the identity of computer users. In particular, keystroke pressure and latency signals are analyzed using the Fuzzy Min-Max (FMM) neural network for authentication purposes. A special pressure-sensitive keyboard is designed to collect keystroke pressure signals, in addition to the latency signals, from computer users when they type their passwords. Based on the keystroke pressure and latency signals, the FMM network is employed to classify the computer users into two categories, i.e., genuine users or impostors. To assess the effectiveness of the proposed approach, two sets of experiments are conducted, and the results are compared with those from statistical methods and neural network models. The experimental outcomes positively demonstrate the potentials of using typing biometrics and the FMM network to provide an additional security layer for the current password-based or PIN-based methods in authenticating the identity of computer users.
