916 resultados para Computer networks -- Security measures
Resumo:
PROFIBUS is an international standard (IEC 61158, EN 50170) for factory-floor communications, with several thousands of installations worldwide. Taking into account the increasing need for mobile devices in industrial environments, one obvious solution is to extend traditional wired PROFIBUS networks with wireless capabilities. In this paper, we outline the major aspects of a hybrid wired/wireless PROFIBUS-based architecture, where most of the design options were made in order to guarantee the real-time behaviour of the overall network. We also introduce the timing unpredictability problems resulting from the co-existence of heterogeneous physical media in the same network. However, the major focus of this paper is on how to guarantee real-time communications in such a hybrid network, where nodes (and whole segments) can move between different radio cells (inter-cell mobility). Assuming a simple mobility management mechanism based on mobile nodes performing periodic radio channel assessment and switching, we propose a methodology to compute values for specific parameters that enable an optimal (minimum) and bounded duration of the handoff procedure.
Resumo:
The Two-Connected Network with Bounded Ring (2CNBR) problem is a network design problem addressing the connection of servers to create a survivable network with limited redirections in the event of failures. Particle Swarm Optimization (PSO) is a stochastic population-based optimization technique modeled on the social behaviour of flocking birds or schooling fish. This thesis applies PSO to the 2CNBR problem. As PSO is originally designed to handle a continuous solution space, modification of the algorithm was necessary in order to adapt it for such a highly constrained discrete combinatorial optimization problem. Presented are an indirect transcription scheme for applying PSO to such discrete optimization problems and an oscillating mechanism for averting stagnation.
Resumo:
n the recent years protection of information in digital form is becoming more important. Image and video encryption has applications in various fields including Internet communications, multimedia systems, medical imaging, Tele-medicine and military communications. During storage as well as in transmission, the multimedia information is being exposed to unauthorized entities unless otherwise adequate security measures are built around the information system. There are many kinds of security threats during the transmission of vital classified information through insecure communication channels. Various encryption schemes are available today to deal with information security issues. Data encryption is widely used to protect sensitive data against the security threat in the form of “attack on confidentiality”. Secure transmission of information through insecure communication channels also requires encryption at the sending side and decryption at the receiving side. Encryption of large text message and image takes time before they can be transmitted, causing considerable delay in successive transmission of information in real-time. In order to minimize the latency, efficient encryption algorithms are needed. An encryption procedure with adequate security and high throughput is sought in multimedia encryption applications. Traditional symmetric key block ciphers like Data Encryption Standard (DES), Advanced Encryption Standard (AES) and Escrowed Encryption Standard (EES) are not efficient when the data size is large. With the availability of fast computing tools and communication networks at relatively lower costs today, these encryption standards appear to be not as fast as one would like. High throughput encryption and decryption are becoming increasingly important in the area of high-speed networking. Fast encryption algorithms are needed in these days for high-speed secure communication of multimedia data. It has been shown that public key algorithms are not a substitute for symmetric-key algorithms. Public key algorithms are slow, whereas symmetric key algorithms generally run much faster. Also, public key systems are vulnerable to chosen plaintext attack. In this research work, a fast symmetric key encryption scheme, entitled “Matrix Array Symmetric Key (MASK) encryption” based on matrix and array manipulations has been conceived and developed. Fast conversion has been achieved with the use of matrix table look-up substitution, array based transposition and circular shift operations that are performed in the algorithm. MASK encryption is a new concept in symmetric key cryptography. It employs matrix and array manipulation technique using secret information and data values. It is a block cipher operated on plain text message (or image) blocks of 128 bits using a secret key of size 128 bits producing cipher text message (or cipher image) blocks of the same size. This cipher has two advantages over traditional ciphers. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the key avalanche effect produced in the ciphertext output is better than that of AES.
Resumo:
This paper presents a new charging scheme for cost distribution along a point-to-multipoint connection when destination nodes are responsible for the cost. The scheme focus on QoS considerations and a complete range of choices is presented. These choices go from a safe scheme for the network operator to a fair scheme to the customer. The in-between cases are also covered. Specific and general problems, like the incidence of users disconnecting dynamically is also discussed. The aim of this scheme is to encourage the users to disperse the resource demand instead of having a large number of direct connections to the source of the data, which would result in a higher than necessary bandwidth use from the source. This would benefit the overall performance of the network. The implementation of this task must balance between the necessity to offer a competitive service and the risk of not recovering such service cost for the network operator. Throughout this paper reference to multicast charging is made without making any reference to any specific category of service. The proposed scheme is also evaluated with the criteria set proposed in the European ATM charging project CANCAN
Resumo:
In this paper a novel methodology aimed at minimizing the probability of network failure and the failure impact (in terms of QoS degradation) while optimizing the resource consumption is introduced. A detailed study of MPLS recovery techniques and their GMPLS extensions are also presented. In this scenario, some features for reducing the failure impact and offering minimum failure probabilities at the same time are also analyzed. Novel two-step routing algorithms using this methodology are proposed. Results show that these methods offer high protection levels with optimal resource consumption
Resumo:
Most network operators have considered reducing LSR label spaces (number of labels used) as a way of simplifying management of underlaying virtual private networks (VPNs) and therefore reducing operational expenditure (OPEX). The IETF outlined the label merging feature in MPLS-allowing the configuration of multipoint-to-point connections (MP2P)-as a means of reducing label space in LSRs. We found two main drawbacks in this label space reduction a)it should be separately applied to a set of LSPs with the same egress LSR-which decreases the options for better reductions, and b)LSRs close to the edge of the network experience a greater label space reduction than those close to the core. The later implies that MP2P connections reduce the number of labels asymmetrically
Resumo:
Las relaciones entre Colombia y Ecuador se han mantenido en una dinámica histórica de cooperación y conflicto donde se ha buscado mantener unos lazos de vecindad y convivencia en calma. La proximidad geográfica y además un marco histórico-cultural similar, ha llevado a la generación de fuertes alianzas socio-económicas entre las poblaciones fronterizas, de tal manera que se ha desarrollado una integración binacional compleja. Esta relación en la última década ha mantenido una incapacidad institucional binacional para solucionar los problemas transfronterizos, pues la política de vecindad se encontraba determinada por la situación interna de cada país y la injerencia de las dinámicas continentales. La coyuntura interna de los Estados direccionó sus políticas, Ecuador estaba envuelto en una inestabilidad política, generada por continuos cambios de gobierno, lo cual hacía cambiar su posición frente a las relaciones con Colombia en cortos lapsos de tiempo, de tal forma que se desestabilizaban los proyectos conjuntos. Por otro lado Colombia dada la problemática del conflicto interno basó su agenda en el tema de la seguridad puesto que éste flagelo agudizaba los problemas socio-políticos, de tal forma que el Estado colombiano se vio enfrentado a una crisis interna que encontró una salida a través de la Política de Defensa y Seguridad Democrática instaurada por el Presidente Álvaro Uribe Vélez en el 2002,la cual trajo consigo un método de lucha basado en la seguridad con acciones dirigidas a garantizar el control del territorio y la defensa de la soberanía nacional, combatiendo el problema de las drogas, el crimen organizado, el terrorismo y las migraciones por desplazamiento forzoso; mediante la generación de lazos de solidaridad que unieron a la población colombiana en torno a la solución del problema. Ésta política ha trabajado en la seguridad a nivel interno y de defensa nacional, pues dada la magnitud de la amenaza se hizo necesario fortalecer el apoyo internacional con énfasis en los países fronterizos. De ahí que Colombia haya hecho un llamado a la comunidad internacional para desarrollar un trabajo coordinado que impida la implicación de redes del terrorismo internacional en las actividades de los grupos armados ilegales colombianos. La ampliación del conflicto colombiano ha afectado a Ecuador, el cual se ha visto perturbado negativamente por la lucha interna colombiana a partir de la Política de Defensa y Seguridad Democrática.
Resumo:
All-Optical Label Swapping (AOLS) es una tecnología clave para la implementación de nodos de conmutación completamente óptica de paquetes. Sin embargo, el costo de su desarrollo es proporcional al tamaño del espacio de etiquetas (label space). Debido a que los principios de funcionamiento de AOLS son casos particulares de los del MultiProtocol Label Switching (MPLS), esta tesis estudia métodos generales, aplicables a ambos, con el propósito de reducir el espacio de etiquetas tanto como sea posible. Modelos de programación lineal entera y heurísticas son propuestos para el caso en el que se permite apilar una etiqueta extra. Encontramos que cerca del 50% del espacio de etiquetas puede ser reducido, si se permite colocar una etiqueta extra en la pila. Además, particularmente para AOLS, encontramos que se puede reducir el espacio de etiquetas cerca al 25% si se duplica la capacidad de los enlaces y se permite re-encaminar el tráfico.
Resumo:
This paper proposes the deployment of a neural network computing environment on Active Networks. Active Networks are packet-switched computer networks in which packets can contain code fragments that are executed on the intermediate nodes. This feature allows the injection of small pieces of codes to deal with computer network problems directly into the network core, and the adoption of new computing techniques to solve networking problems. The goal of our project is the adoption of a distributed neural network for approaching tasks which are specific of the computer network environment. Dynamically reconfigurable neural networks are spread on an experimental wide area backbone of active nodes (ABone) to show the feasibility of the proposed approach.
Resumo:
The European Union sees the introduction of the ePassport as a step towards rendering passports more secure against forgery while facilitating more reliable border controls. In this paper we take an interdisciplinary approach to the key security and privacy issues arising from the use of ePassports. We further anallyse how European data protection legislation must be respected and what additional security measures must be integrated in order to safeguard the privacy of the EU ePassport holder.
Resumo:
In the wake of the Bali bombing the Australian government has proposed a number of national security measures that pose a real danger to human security in Australia and the region. These measures include renewed and increased military and intelligence exchanges with Indonesia, and laws that allow the Australian Security Intelligence Organization (ASIO) to detain people without charge or even suspicion in order to gather intelligence. In less emotional times these initiatives would be rejected as contrary to human rights concerns and Australia’s democratic traditions, which include the rule of law and due process protections. In the current climate, however, human rights and civil liberties are apt to be portrayed as unaffordable luxuries.
Resumo:
Wilh the protection of critical information infrastructure becoming a priority for all levels of management. there is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. The fourth generation security risk analysis melhod which copes wilh the shift from computer/information security to critical information iinfrastructure protectionl is lhe next step toward handling security risk at all levels. The paper will present the methodology of
fourth generation models and their application to critical information infrastructure protection and the associated advantagess of this methodology.
Resumo:
Graphical authentication is proposed as an alternative to password, smartcard, and biometric authentication as it uses the innate ability of humans to recognise visual stimuli. Despite passionate debate surrounding their privacy and invasiveness issues, smartcards and biometrics require an excessive amount of extra hardware for widespread deployment. Conversely graphical authentication extends existing infrastructure as it builds largely on the foundations of passwords with one important difference: it takes humans into account as they are better at recognising visual stimuli than recalling text-based passwords. This paper follows a preceding proof of concept paper and essentially outlines the architectural and technical design for a graphical authentication solution.
Resumo:
The variety of threats and vulnerabilities within the online business environment are dynamic and thus constantly changing in how they impinge upon online functionality, compromise organizational or customer information, contravene security implementations and thereby undermine online customer confidence. To nullify such threats, online security management must become proactive, by reviewing and continuously improving online security to strengthen the enterpriseis online security measures and policies, as modelled. The benchmarking process utilises a proposed benchmarking framework to guide both the development and application of security benchmarks created in the first instance, from recognized information technology (IT) and information security standards (ISS) and then their application to the online security measures and policies utilized within online business. Furthermore, the benchmarking framework incorporates a continuous improvement review process to address the relevance of benchmark development over time and the changes in threat focus.
