Cyber theft is a serious threat to Internet security. It is one of the major security concerns by both network service providers and Internet users. Though sensitive information can be encrypted when stored in non-vol...
详细信息
Cyber theft is a serious threat to Internet security. It is one of the major security concerns by both network service providers and Internet users. Though sensitive information can be encrypted when stored in non-volatile memory such as hard disks, for many e-commerce and network applications, sensitive information is often stored as plaintext in main memory. Documented and reported exploits facilitate an adversary stealing sensitive information from an application's memory. These exploits include illegitimate memory scan, information theft oriented buffer overflow, invalid pointer manipulation, integer overflow, password stealing Trojans and so forth. Today's computing system and its hardware cannot address these exploits effectively in a coherent way. This paper presents a unified and lightweight solution, called InfoShield that can strengthen application protection against theft of sensitive information such as passwords, encryption keys, and other private data with a minimal performance impact. Unlike prior whole memory encryption and information flow based efforts, InfoShield protects the usage of information. InfoShield ensures that sensitive data are used only as defined by application semantics, preventing misuse of information. Comparing with prior art, InfoShield handles a broader range of information theft scenarios in a unified framework with less overhead. Evaluation using popular network client-server applications shows that InfoShield is sound for practical use and incurs little performance loss because InfoShield only protects absolute, critical sensitive information. Based on the profiling results, only 0.3% of memory accesses and 0.2% of executed codes are affected by InfoShield.
Domain Specific Languages (DSLs) are high level languages designed for solving problems in a particular domain, and have been suggested as means for developing reliable software systems. However, designing of a domain...
详细信息
Domain Specific Languages (DSLs) are high level languages designed for solving problems in a particular domain, and have been suggested as means for developing reliable software systems. However, designing of a domain specific language is a difficult task. The design of a domain specific language will evolve as it is used more and more and experienced is gained by its designers. Being able to rapidly develop the implementation infrastructure (interpreter, compiler, debugger, profiler, etc.) of a domain specific language is thus of utmost importance so that as the language evolves, the implementation infrastructure can keep pace. In this paper we present a framework for automatically generating interpreters, compilers, debuggers, and profilers from semantic specification of a domain specific language. We illustrate our approach via the SCR language, a language used by the US defense department for developing control systems. Copyright 2005 ACM.
作者:
NANCY MERRITTTERRY FAINSUSAN TURNERExtensive experience conducting justice system policy studies at the state and local level. As a Policy Analyst with the RAND Corporation and government agencies
she designed and directed studies focused on the development implementation and evaluation of sentencing policy as well as juvenile and adult correctional programs. Her current work focuses on the implementation and impact of mandatory sentencing laws cross-jurisdictional variations in their application and the effects of prosecutorial discretion. Additional areas of interest include the development implementation and evaluation of juvenile justice programming. Ms. Merritt received her M.S. from the Pennsylvania State University University Park and is a Ph.D. candidate with the Rutgers University School of Criminal Justice. M.A.
M.S. is a Senior project associate in the Behavioral Sciences Department at RAND Corporation. He has extensive research experience in criminal justice and substance abuse. He is expert in computer statistical techniques as well as in managing large datasets. He has conducted analysis for many RAND projects and is author or co-author of numerous publications both from RAND and in peer-reviewed journals. His research interests include alternatives to incarceration substance abuse and treatment racial disparities in prison admissions and research collaborations with state and local justice agencies. Professor in the Department of Criminology
Law and Society at the University of California's Irvine campus. She received her Ph.D. in Social Psychology from the University of North Carolina at Chapel Hill. She has led a variety of research projects including studies on racial disparity field experiments of private sector alternatives for serious juvenile offenders work release day fines and a 14–site evaluation of intensive supervision probation. Dr. Turner's areas of expertise include the design and implementation of randomized field experiments and research collaborations with state and local justice agencies. He
Research Summary: Oregon's Measure 11, a mandatory minimum sentencing policy passed in 1994, had fewer negative system impacts than had been anticipated by many state and local criminal justice administrators, due...
详细信息
Research Summary: Oregon's Measure 11, a mandatory minimum sentencing policy passed in 1994, had fewer negative system impacts than had been anticipated by many state and local criminal justice administrators, due largely to the fact that prosecutors exercised the discretion provided them under the law to selectively prosecute cases. Consequently, fewer Measure 11-eligible cases were sentenced under the relevant statues than before passage of the measure, and more were sentenced to lesser related offenses. At the same time, incarceration rates and sentence lengths increased for both Measure 11 and lesser related offenses. Trial rates increased for two years after Measure 11 took effect before reverting to previous levels. Policy Implications: The “unintended consequences” that Measure 11 produced should not have been unexpected. Our research indicates that the entire system will quickly adapt to mitigate the more draconian outcomes predicted by those who assume a simplistic implementation, which underscores the importance of understanding system dynamics and inter-relationships before implementing reform, as well as the pitfalls of designing legislation for either symbolic appeal or formal logic rather than for actual effect.
作者:
Fiege, LudgerGärtner, Felix C.Kasten, OliverZeidler, Andreas
Department of Computer Science Databases Distributed System Group D-64283 Darmstadt Germany
School of Computer and Communication Sciences Distributed Programming Laboratory CH-1015 Lausanne Switzerland
Department of Computer Science Distributed Systems Group CH-8092 Zurich Switzerland
Publish/subscribe (pub/sub) is considered a valuable middleware architecture that proliferates loose coupling and leverages reconfigurability and evolution. Up to now, existing pub/sub middleware was optimized for sta...
详细信息
In this paper, the performance of turbo coded signals are investigated over a new channel model, denoted as 1/spl plusmn/D/sup n//Partial Response Fading Channels (PRFC) with imperfect phase reference. The combined ef...
详细信息
In this paper, the performance of turbo coded signals are investigated over a new channel model, denoted as 1/spl plusmn/D/sup n//Partial Response Fading Channels (PRFC) with imperfect phase reference. The combined effects of the 1/spl plusmn/D/sup n//PRFC and nonideal coherent receiver on the phase of the received amplitude and of a noisy carrier reference are considered. The numerical results demonstrate the error performance degradation due to both amplitude fading and phase noise process.
作者:
MITTURA, AKARP, MSPEAndrew Mittura:is currently a senior program engineer with SYSCON Corp. He began his career in the Combat System Installation and Integration Office of NavSea in 1978. He has worked as a system engineer on the Seafire program at NSWCDD
on the NATO Anti-air Warfare Program while at FMC Corporation and for the past four years on the Aegis Combat System with SYSCON. Current efforts include performance assessment studies of the Aegis combat system and combat system architecture and connectivity analysis. Mr. Mittura received a B.S. in electrical engineering from Penn State University in 1978 and an M.S. in engineering management from Catholic University of America in 1982. He is a licensed professional engineer with the State of Virginia. Mitchel S. Karp:cofounded K&K Software Engineering
Inc. in February 1970. He is currently secretary/treasurer and senior system engineer. His involvement in combat systems began with NTDS in 1963. He has been involved in the Aegis Program since 1968 and has worked in all aspects of combat system development including computer programming tactical analysis software development and management. He has given several seminars on real-time software development and documentation. He currently is working under contracts to NSWCDD in the areas of combat system architecture and connectivity configuration management and documentation. Mr. Karp received a B.S. in engineering physics from Lehigh University in 1958.
The Navy's focus has shifted from global war scenarios to preparedness for the prospect of involvement in regional, littoral contingencies and conflicts. Operationally, shipboard personnel will need the ability to...
The Navy's focus has shifted from global war scenarios to preparedness for the prospect of involvement in regional, littoral contingencies and conflicts. Operationally, shipboard personnel will need the ability to shift focus from the combat system multimission roles to that of only a single mission. From a development perspective, combat systems must accommodate a continual infusion of technology in a budget constrained environment. Combat system architecture is the single most important feature affecting combat system flexibility, from both an operational and developmental aspect. There is a fundamental partitioning of combat svstem functions into detect, command, and engage in a horizontal integration approach that enhances this needed flexibilitv. This fundamental partitioning is currently applied to individual weapon systems, but not to combat svstems as a whole. Instead, self-contained weapon systems are often developed and then vertically integrated to form a combat svstem, causing reduced flexibility. The battle organization is the principal driving requirement for combat system architecture. This paper shows that that the battle organization is best supported by a horizontally integrated combat system of detect, command, and engage. It concludes that a horizontally integrated combat svstem architecture of detect, command, and engage should be a candidate for future combat systems.
作者:
KING, JFBARTON, DEJ. Fred King:is the manager of the Advanced Technology Department for Unisys in Reston
Virginia. He earned his Ph.D. in mathematics from the University of Houston in 1977. He has been principal investigator of research projects in knowledge engineering pattern recognition and heuristic problem-solving. Efforts include the development of a multi-temporal multispectral classifier for identifying graincrops using LANDSAT satellite imagery data for NASA. Also as a member of the research team for a NCI study with Baylor College of Medicine and NASA he helped develop techniques for detection of carcinoma using multispectral microphotometer scans of lung tissue. He established and became technical director of the AI Laboratory for Ford Aerospace where he developed expert scheduling modeling and knowledge acquisition systems for NASA. Since joining Unisys in 1985 he has led the development of object-oriented programming environments blackboard architectures data fusion techniques using neural networks and intelligent data base systems. Douglas E. Barton:is manager of Logistics Information Systems for Unisys in Reston
Virginia. He earned his B.A. degree in computer science from the College of William and Mary in 1978 and did postgraduate work in London as a Drapers Company scholar. Since joining Unisys in 1981 his work has concentrated on program management and software engineering of large scale data base management systems and design and implementation of knowledge-based systems in planning and logistics. As chairman of the Logistics Data Subcommittee of the National Security Industrial Association (NSIA) he led an industry initiative which examined concepts in knowledge-based systems in military logistics. His responsibilities also include evaluation development and tailoring of software engineering standards and procedures for data base and knowledge-based systems. He is currently program manager of the Navigation Information Management System which provides support to the Fleet Ballistic Missile Progr
A valuable technique during concept development is rapid prototyping of software for key design components. This approach is particularly useful when the optimum design approach is not readily apparent or several know...
详细信息
A valuable technique during concept development is rapid prototyping of software for key design components. This approach is particularly useful when the optimum design approach is not readily apparent or several known alternatives need to be rapidly evaluated. A problem inherent in rapid prototyping is the lack of a "target system" with which to interface. Some alternatives are to develop test driver libraries, integrate the prototype with an existing working simulator, or build one for the specific problem. This paper presents a unique approach to concept development using rapid prototyping for concept development and scenario-based simulation for concept verification. The rapid prototyping environment, derived from artificial intelligence technology, is based on a blackboard architecture. The rapid prototype simulation capability is provided through an object-oriented modeling environment. It is shown how both simulation and blackboard technologies are used collectively to rapidly gain insight into a tenacious problem. A specific example will be discussed where this approach was used to evolve the logic of a mission controller for an autonomous underwater vehicle.
暂无评论