39 resultados para mandatory access control framework
Resumo:
Current parallel and distributed networks/systems are facing serious threats from network terrorism and crime, which cause huge financial loss and potential life hazard. As attacking tools are becoming more widely available, more easy-to-use, more sophisticated, and more powerful, more efforts have been made in building more effective, more intelligent, and more adaptive defense systems which are of distributed and networked nature. This special issue focuses on issues related to Network and System Security, such as authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability of computer networks and systems.
Resumo:
Even if the class label information is unknown, side information represents some equivalence constraints between pairs of patterns, indicating whether pairs originate from the same class. Exploiting side information, we develop algorithms to preserve both the intra-class and inter-class local structures. This new type of locality preserving projection (LPP), called LPP with side information (LPPSI), preserves the data's local structure in the sense that the close, similar training patterns will be kept close, whilst the close but dissimilar ones are separated. Our algorithms balance these conflicting requirements, and we further improve this technique using kernel methods. Experiments conducted on popular face databases demonstrate that the proposed algorithm significantly outperforms LPP. Further, we show that the performance of our algorithm with partial side information (that is, using only small amount of pair-wise similarity/dissimilarity information during training) is comparable with that when using full side information. We conclude that exploiting side information by preserving both similar and dissimilar local structures of the data significantly improves performance.
Resumo:
The ability to uniquely identify individual objects is essential in many applications such as manufacturing, distribution logistics, access control, anti-counterfeiting and healthcare. Radio Frequency Identification (RFID) technology provides one solution for automatic identification of entities using radio waves. Although there is considerable potential in deploying RFID technology, reliability is a key challenge that requires careful attention for RFID to deliver its inherent benefits. In this paper, we highlight the reliability challenges in RFID technology and we analyze the reliability aspects of RFID technology and their major causes. We will also discuss techniques to improve the reliability of RFID systems.
Resumo:
Attribute-Based Encryption (ABE) is a promising cryptographic primitive which significantly enhances the versatility of access control mechanisms. Due to the high expressiveness of ABE policies, the computational complexities of ABE key-issuing and decryption are getting prohibitively high. Despite that the existing Outsourced ABE solutions are able to offload some intensive computing tasks to a third party, the verifiability of results returned from the third party has yet to be addressed. Aiming at tackling the challenge above, we propose a new Secure Outsourced ABE system, which supports both secure outsourced key-issuing and decryption. Our new method offloads all access policy and attribute related operations in the key-issuing process or decryption to a Key Generation Service Provider (KGSP) and a Decryption Service Provider (DSP), respectively, leaving only a constant number of simple operations for the attribute authority and eligible users to perform locally. In addition, for the first time, we propose an outsourced ABE construction which provides checkability of the outsourced computation results in an efficient way. Extensive security and performance analysis show that the proposed schemes are proven secure and practical. © 2013 IEEE.
Resumo:
Network coding has shown the promise of significant throughput improvement. In this paper, we study the network throughput using network coding and explore how the maximum throughput can be achieved in a two-way relay wireless network. Unlike previous studies, we consider a more general network with arbitrary structure of overhearing status between receivers and transmitters. To efficiently utilize the coding opportunities, we invent the concept of network coding cliques (NCCs), upon which a formal analysis on the network throughput using network coding is elaborated. In particular, we derive the closed-form expression of the network throughput under certain traffic load in a slotted ALOHA network with basic medium access control. Furthermore, the maximum throughput as well as optimal medium access probability at each node is studied under various network settings. Our theoretical findings have been validated by simulation as well.
Resumo:
In many network applications, the nature of traffic is of burst type. Often, the transient response of network to such traffics is the result of a series of interdependant events whose occurrence prediction is not a trivial task. The previous efforts in IEEE 802.15.4 networks often followed top-down approaches to model those sequences of events, i.e., through making top-view models of the whole network, they tried to track the transient response of network to burst packet arrivals. The problem with such approaches was that they were unable to give station-level views of network response and were usually complex. In this paper, we propose a non-stationary analytical model for the IEEE 802.15.4 slotted CSMA/CA medium access control (MAC) protocol under burst traffic arrival assumption and without the optional acknowledgements. We develop a station-level stochastic time-domain method from which the network-level metrics are extracted. Our bottom-up approach makes finding station-level details such as delay, collision and failure distributions possible. Moreover, network-level metrics like the average packet loss or transmission success rate can be extracted from the model. Compared to the previous models, our model is proven to be of lower memory and computational complexity order and also supports contention window sizes of greater than one. We have carried out extensive and comparative simulations to show the high accuracy of our model.
Resumo:
In a machine-to-machine network, the throughput performance plays a very important role. Recently, an attractive energy harvesting technology has shown great potential to the improvement of the network throughput, as it can provide consistent energy for wireless devices to transmit data. Motivated by that, an efficient energy harvesting-based medium access control (MAC) protocol is designed in this paper. In this protocol, different devices first harvest energy adaptively and then contend the transmission opportunities with energy level related priorities. Then, a new model is proposed to obtain the optimal throughput of the network, together with the corresponding hybrid differential evolution algorithm, where the involved variables are energy-harvesting time, contending time, and contending probability. Analytical and simulation results show that the network based on the proposed MAC protocol has greater throughput than that of the traditional methods. In addition, as expected, our scheme has less transmission delay, further enhancing its superiority.
Resumo:
Vehicular ad hoc network (VANET) is an increasing important paradigm, which not only provides safety enhancement but also improves roadway system efficiency. However, the security issues of data confidentiality, and access control over transmitted messages in VANET have remained to be solved. In this paper, we propose a secure and efficient message dissemination scheme (SEMD) with policy enforcement in VANET, and construct an outsourcing decryption of ciphertext-policy attribute-based encryption (CP-ABE) to provide differentiated access control services, which makes the vehicles delegate most of the decryption computation to nearest roadside unit (RSU). Performance evaluation demonstrates its efficiency in terms of computational complexity, space complexity, and decryption time. Security proof shows that it is secure against replayable choosen-ciphertext attacks (RCCA) in the standard model.
Resumo:
With information access becoming more and more ubiquitous, there is a need for providingQoSsupport for communication that spans wired and wireless networks. For the wired side, RSVP/SBM has been widely accepted as a flow reservation scheme in IEEE 802 style LANs. Thus, it would be desirable to investigate the integration of RSVP and a flow reservation scheme in wireless LANs, as an end-to-end solution for QoS guarantee in wired-cum-wireless networks. For this purpose, we propose WRESV, a lightweight RSVPlike flow reservation and admission control scheme for IEEE 802.11 wireless LANs. Using WRESV, wired/wireless integration can be easily implemented by cross-layer interaction at the Access Point. Main components of the integration are RSVP-WRESV parameter mapping and the initiation of new reservation messages, depending on where senders/receivers are located. In addition, to support smooth roaming of mobile users among different basic service sets (BSS), we devise an efficient handoff scheme that considers both the flow rate demand and network resource availability for continuous QoS support. Furthermore, various optimizations for supporting multicast session and QoS re-negotiation are proposed for better performance improvement. Extensive simulation results showthat the proposed scheme is promising in enriching the QoS support of multimedia applications in heterogeneous wired-cum-wireless networks.
Resumo:
The integration of supply chains offers many benefits; yet, it may also render organisations more vulnerable to electronic fraud (e-fraud). E-fraud can drain on organisations’ financial resources, and can have a significant adverse effect on the ability to achieve their strategic objectives. Therefore, efraud control should be part of corporate board-level due diligence, and should be integrated into organisations’ practices and business plans.
Management is responsible for taking into consideration the relevant cultural, strategic and implementation elements that inter-relate with each other and to coordinating the human, technological and financial resources necessary to designing and implementing policies and procedures for controlling e-fraud. Due to the characteristics of integrated supply chains, a move from the traditional vertical approach to a systemic, horizontal-vertical approach is necessary. Although the e-fraud risk cannot be eliminated, risk mitigation policies and processes tailored to an organisation’s particular vulnerabilities can significantly reduce the risk and may even preclude certain classes of frauds.
In this paper, a conceptual framework of e-fraud control in an integrated supply chain is proposed. The proposed conceptual framework can help managers and practitioners better understand the issues and plan the activities involved in a systemic, horizontal-vertical approach to e-fraud control in an integrated supply chain, and can be a basis upon which empirical studies can be build.
Resumo:
This paper develops a theoretical framework and a number of propositions for systematically studying the role of trust in the control and performance of Joint Ventures, a prominent form of inter-firm alliance. The proposed framework is more complete than the frameworks available in the extant literature because it incorporates both transaction related risks and the partner related risks which are likely to impact on the reliance on particular control patterns. Partner-related risks in joint ventures are represented by the level of inter-partner trust, while transaction-related risks are represented by the Transaction Cost Economics (TCE) variables of asset specificity, task complexity, performance measurability, and environmental uncertainty.
The framework also links one of the established management control typologies (i.e., behaviour, outcome, and social) to two of the alliance control patterns (bureaucratic-based pattern, and trust-based pattern) identified in the literature on alliance control.
