We have designed and implemented a location service framework in the private cloud storage system based on logical disk. Location service is very important in the private cloud storage system and many people are eager...
详细信息
In this paper, we propose a cooperative framework for spectrum sharing between a secondary random ad hoc network and a primary network with capacity constraint. While the interference from secondary network must satis...
详细信息
Robot, as dictated by its assistive function for human, frequently needed to perform object manipulation (i.e. robotic manipulation). A successful robotic manipulation not only determined by the robot actuator, it is ...
详细信息
Software patch generation is a critical phase in the life-cycle of a software vulnerability. The longer it takes to generate a patch, the higher the risk a vulnerable system needs to take to avoid from being compromis...
详细信息
ISBN:
(纸本)1595935746
Software patch generation is a critical phase in the life-cycle of a software vulnerability. The longer it takes to generate a patch, the higher the risk a vulnerable system needs to take to avoid from being compromised. However, in practice, it is a rather lengthy process to generate and release software patches. For example, the analysis on 10 recent Microsoft patches (MS06-045 to MS06-054) shows that, for an identified vulnerability, it took 75 days on average to generate and release the patch. In this paper, we present the design, implementation, and evaluation of AutoPaG, a system that aims at reducing the time needed for software patch generation. In our current work, we mainly focus on a common and serious type of software vulnerability: the out-of-bound vulnerability which includes buffer overflows and general boundary condition errors. Given a working out-of-bound exploit which may be previously unknown, AutoPaG is able to catch on the fly the out-of-bound violation, and then, based on data flow analysis, automatically analyzes the program source code and identifies the root cause - vulnerable source-level program statements. Furthermore, within seconds, AutoPaG generates a fine-grained source code patch to temporarily fix it without any human intervention. We have built a proof-of-concept system in Linux and the preliminary results are promising: AutoPaG is able to successfully identify the root cause and generate a source code patch within seconds for every vulnerability test in the Wilander's buffer overflow benchmark test-suite. In addition, the evaluation with a number of real-world out-of-bound exploits also demonstrates its effectiveness and practicality in automatically identifying (vulnerable) source code root causes and generating corresponding patches. Copyright 2007 ACM.
Group undeniable signatures are like ordinary group signatures except that verifying signatures needs the help of the group manager. In this paper, we propose a convertible group undeniable signature scheme in which t...
In this article, particle swarm optimisation is improvised by re-initialization of velocity. Economic dispatch significantly operates the current power system for economical operation. Conventional optimization method...
详细信息
Simulations based on cognitively rich agents can become a very intensive computing task, especially when the simulated world represents a complex system. Those simulations can however benefit from optimizations coming...
详细信息
Lattice network coding is recently proposed as a practical implementation of Nazer-Gastpar's compute-and-forward relaying strategy. Previous investigation of lattice network coding is mainly over finite fields. In...
详细信息
The quality and representativeness of simulation results heavily depend on the sequence of numbers used in the experiments. When dealing with simulations of critical systems, it might be necessary to increase the repr...
详细信息
We consider the challenges of developing and deploying trusted computing platforms that can be operated on a large scale. The core question concerns scalability of trust properties: do these revolve around engineering...
详细信息
ISBN:
(纸本)1595935487
We consider the challenges of developing and deploying trusted computing platforms that can be operated on a large scale. The core question concerns scalability of trust properties: do these revolve around engineering challenges (which can potentially be overcome by clever design), complexity barriers (which might require completely new approaches), or other kinds of obstacles?Scalable trust means different things to different users;unless we limit the topic, we run the risk of scalability problems of our own. Accordingly, we'll narrow attention to the forms of trust needed in a hypothetical electronic medical records system that interconnects multiple institutions and includes telemetry or even active devices for monitoring patents. There are several efforts underway to develop prototype systems with this *** begin by asking what trust means in the context of such a system. Then, we match technology to the needs, and finally ask whether the available options can scale under the demands that a successful deployment might *** our purposes, we'll look at two categories of trust properties, although one can identify others. The first involves quality of service guarantees, such as high availability, fault-tolerance and timely responsiveness. Clearly, an electronic medical records system needs to be highly available and rapidly responsive, particularly if it is "in the loop" for patient monitoring or treatment. High availability can be reduced to data and service replication, and rapid responsiveness under scalable load is typically achieved by balancing the load over a set of cloned services. Our question can now be rephrased: rather than asking about the scalability of trust, at least in these respects, we should ask about the scalability of replication technologies.A system can scale well in some dimensions while scaling poorly in others. At Cornell, the QuickSilver and Ricochet projects have explored this question, asking what forms of scalabilit
暂无评论