889 resultados para Medium Access Control (MAC)
Resumo:
Secure Access For Everyone (SAFE), is an integrated system for managing trust
using a logic-based declarative language. Logical trust systems authorize each
request by constructing a proof from a context---a set of authenticated logic
statements representing credentials and policies issued by various principals
in a networked system. A key barrier to practical use of logical trust systems
is the problem of managing proof contexts: identifying, validating, and
assembling the credentials and policies that are relevant to each trust
decision.
SAFE addresses this challenge by (i) proposing a distributed authenticated data
repository for storing the credentials and policies; (ii) introducing a
programmable credential discovery and assembly layer that generates the
appropriate tailored context for a given request. The authenticated data
repository is built upon a scalable key-value store with its contents named by
secure identifiers and certified by the issuing principal. The SAFE language
provides scripting primitives to generate and organize logic sets representing
credentials and policies, materialize the logic sets as certificates, and link
them to reflect delegation patterns in the application. The authorizer fetches
the logic sets on demand, then validates and caches them locally for further
use. Upon each request, the authorizer constructs the tailored proof context
and provides it to the SAFE inference for certified validation.
Delegation-driven credential linking with certified data distribution provides
flexible and dynamic policy control enabling security and trust infrastructure
to be agile, while addressing the perennial problems related to today's
certificate infrastructure: automated credential discovery, scalable
revocation, and issuing credentials without relying on centralized authority.
We envision SAFE as a new foundation for building secure network systems. We
used SAFE to build secure services based on case studies drawn from practice:
(i) a secure name service resolver similar to DNS that resolves a name across
multi-domain federated systems; (ii) a secure proxy shim to delegate access
control decisions in a key-value store; (iii) an authorization module for a
networked infrastructure-as-a-service system with a federated trust structure
(NSF GENI initiative); and (iv) a secure cooperative data analytics service
that adheres to individual secrecy constraints while disclosing the data. We
present empirical evaluation based on these case studies and demonstrate that
SAFE supports a wide range of applications with low overhead.
Resumo:
Emerging cybersecurity vulnerabilities in supervisory control and data acquisition (SCADA) systems are becoming urgent engineering issues for modern substations. This paper proposes a novel intrusion detection system (IDS) tailored for cybersecurity of IEC 61850 based substations. The proposed IDS integrates physical knowledge, protocol specifications and logical behaviours to provide a comprehensive and effective solution that is able to mitigate various cyberattacks. The proposed approach comprises access control detection, protocol whitelisting, model-based detection, and multi-parameter based detection. This SCADA-specific IDS is implemented and validated using a comprehensive and realistic cyber-physical test-bed and data from a real 500kV smart substation.
Resumo:
Os atuais esquemas de modulação e acesso ao meio, tais como o Wide- Band Code-Division Multiple Access (WCDMA) ou Orthogonal Frequency- Division Multiple Access (OFDMA), que são otimizados para a gestão eficiente do espetro electromagnético e elevada taxa de transmissão, originam sinais de elevado Peak-to-Average Power Ratio (PAPR) e requisitos de linearidade rigorosos. As arquiteturas de amplificação tradicionais, i.e. baseadas no operação em modo de corrente do dispositivo ativo, são incapazes de satisfazer estes requisitos em simultâneo. Assim, o amplificador de potência (do inglês, Power Ampli_er (PA)) incorre numa degradação significativa de rendimento energético em favor de maior linearidade, aumentando simultaneamente os custos de operação das estacões base para os operadores de telecomunicações móveis e o impacte ambiental. Este trabalho foca-se no estudo da arquitetura Doherty, a principal solução encontrada para melhorar o compromisso linearidade/rendimento para aplicações em estações-base de comunicações móveis. Para tal, são expostos os princípios básicos de amplificadores de rádio frequência assim como a análise teórica do tradicional PA Doherty (do inglês, Doherty Power Amplifier (DhPA)) de duas vias e suas variantes. O estudo _e complementado com o projeto e implementação de um PA excitador, em classe-AB, e de um DhPA de elevada potência, colocando-se em prática a teoria e técnicas de projeto estudadas ao longo deste trabalho, aliadas aos desafios da implementação com dispositivos reais de elevada potência.
Resumo:
Public agencies are increasingly required to collaborate with each other in order to provide high-quality e-government services. This collaboration is usually based on the service-oriented approach and supported by interoperability platforms. Such platforms are specialized middleware-based infrastructures enabling the provision, discovery and invocation of interoperable software services. In turn, given that personal data handled by governments are often very sensitive, most governments have developed some sort of legislation focusing on data protection. This paper proposes solutions for monitoring and enforcing data protection laws within an E-government Interoperability Platform. In particular, the proposal addresses requirements posed by the Uruguayan Data Protection Law and the Uruguayan E-government Platform, although it can also be applied in similar scenarios. The solutions are based on well-known integration mechanisms (e.g. Enterprise Service Bus) as well as recognized security standards (e.g. eXtensible Access Control Markup Language) and were completely prototyped leveraging the SwitchYard ESB product.
Resumo:
Database schemas, in many organizations, are considered one of the critical assets to be protected. From database schemas, it is not only possible to infer the information being collected but also the way organizations manage their businesses and/or activities. One of the ways to disclose database schemas is through the Create, Read, Update and Delete (CRUD) expressions. In fact, their use can follow strict security rules or be unregulated by malicious users. In the first case, users are required to master database schemas. This can be critical when applications that access the database directly, which we call database interface applications (DIA), are developed by third party organizations via outsourcing. In the second case, users can disclose partially or totally database schemas following malicious algorithms based on CRUD expressions. To overcome this vulnerability, we propose a new technique where CRUD expressions cannot be directly manipulated by DIAs any more. Whenever a DIA starts-up, the associated database server generates a random codified token for each CRUD expression and sends it to the DIA that the database servers can use to execute the correspondent CRUD expression. In order to validate our proposal, we present a conceptual architectural model and a proof of concept.
Resumo:
Call Level Interfaces (CLI) are low level API that play a key role in database applications whenever a fine tune control between application tiers and the host databases is a key requirement. Unfortunately, in spite of this significant advantage, CLI were not designed to address organizational requirements and contextual runtime requirements. Among the examples we emphasize the need to decouple or not to decouple the development process of business tiers from the development process of application tiers and also the need to automatically adapt to new business and/or security needs at runtime. To tackle these CLI drawbacks, and simultaneously keep their advantages, this paper proposes an architecture relying on CLI from which multi-purpose business tiers components are built, herein referred to as Adaptable Business Tier Components (ABTC). This paper presents the reference architecture for those components and a proof of concept based on Java and Java Database Connectivity (an example of CLI).
Resumo:
Part 6: Engineering and Implementation of Collaborative Networks
Resumo:
We consider the problem of joint routing, scheduling and power control in a multihop wireless network when the nodes have multiple antennas. We focus on exploiting the multiple degrees-of-freedom available at each transmitter and receiver due to multiple antennas. Specifically we use multiple antennas at each node to form multiple access and broadcast links in the network rather than just point to point links. We show that such a generic transmission model improves the system performance significantly. Since the complexity of the resulting optimization problem is very high, we also develop efficient suboptimal solutions for joint routing, scheduling and power control in this setup.
Resumo:
We consider a two user fading Multiple Access Channel with a wire-tapper (MAC-WT) where the transmitter has the channel state information (CSI) to the intended receiver but not to the eavesdropper (eve). We provide an achievable secrecy sum-rate with optimal power control. We next provide a secrecy sum-rate with optimal power control and cooperative jamming (CJ). We then study an achievable secrecy sum rate by employing an ON/OFF power control scheme which is more easily computable. We also employ CJ over this power control scheme. Results show that CJ boosts the secrecy sum-rate significantly even if we do not know the CSI of the eve's channel. At high SNR, the secrecy sum-rate (with CJ) without CSI of the eve exceeds the secrecy sum-rate (without CJ) with full CSI of the eve.
Resumo:
Multicast in wireless sensor networks (WSNs) is an efficient way to spread the same data to multiple sensor nodes. It becomes more effective due to the broadcast nature of wireless link, where a message transmitted from one source is inherently received by all one-hop receivers, and therefore, there is no need to transmit the message one by one. Reliable multicast in WSNs is desirable for critical tasks like code updation and query based data collection. The erroneous nature of wireless medium coupled with limited resource of sensor nodes, makes the design of reliable multicast protocol a challenging task. In this work, we propose a time division multiple access (TDMA) based energy aware media access and control (TEA-MAC) protocol for reliable multicast in WSNs. The TDMA eliminates collisions, overhearing and idle listening, which are the main sources of reliability degradation and energy consumption. Furthermore, the proposed protocol is parametric in the sense that it can be used to trade-off reliability with energy and delay as per the requirement of the underlying applications. The performance of TEA-MAC has been evaluated by simulating it using Castalia network simulator. Simulation results show that TEA-MAC is able to considerably improve the performance of multicast communication in WSNs.
Resumo:
"June 1986."
Resumo:
"30 June 1986."
Resumo:
"November 1989."
Resumo:
"December 1989."
Resumo:
Background Primary prevention of childhood overweight is an international priority. In Australia 20-25% of 2-8 year olds are already overweight. These children are at substantially increased the risk of becoming overweight adults, with attendant increased risk of morbidity and mortality. Early feeding practices determine infant exposure to food (type, amount, frequency) and include responses (eg coercion) to infant feeding behaviour (eg. food refusal). There is correlational evidence linking parenting style and early feeding practices to child eating behaviour and weight status. A focus on early feeding is consistent with the national focus on early childhood as the foundation for life-long health and well being. The NOURISH trial aims to implement and evaluate a community-based intervention to promote early feeding practices that will foster healthy food preferences and intake and preserve the innate capacity to self-regulate food intake in young children. Methods/Design This randomised controlled trial (RCT) aims to recruit 820 first-time mothers and their healthy term infants. A consecutive sample of eligible mothers will be approached postnatally at major maternity hospitals in Brisbane and Adelaide. Initial consent will be for re-contact for full enrolment when the infants are 4-7 months old. Individual mother- infant dyads will be randomised to usual care or the intervention. The intervention will provide anticipatory guidance via two modules of six fortnightly parent education and peer support group sessions, each followed by six months of regular maintenance contact. The modules will commence when the infants are aged 4-7 and 13-16 months to coincide with establishment of solid feeding, and autonomy and independence, respectively. Outcome measures will be assessed at baseline, with follow up at nine and 18 months. These will include infant intake (type and amount of foods), food preferences, feeding behaviour and growth and self-reported maternal feeding practices and parenting practices and efficacy. Covariates will include sociodemographics, infant feeding mode and temperament, maternal weight status and weight concern and child care exposure. Discussion Despite the strong rationale to focus on parents’ early feeding practices as a key determinant of child food preferences, intake and self-regulatory capacity, prospective longitudinal and intervention studies are rare. This trial will be amongst to provide Level II evidence regarding the impact of an intervention (commencing prior to age 12 months) on children’s eating patterns and behaviours. Trial Registration: ACTRN12608000056392
