检索结果-内蒙古大学图书馆

作者： Xin, Chao Han, Hui-jun Lin, Xiu-qin Wei, Geng-yu Lab of Computer Network and Information Security BUPT Beijing China Ministry of Education Beijing China

ISBN: (纸本)9783642357947

In recent years, P2P networks have become a focus in the industry. The P2P network is open and anonymous, providing the opportunity for false documents, malicious attacks and other malicious acts, so its trust and security issues have emerged. Building reputation model in the P2P network environment is an effective way to solve these problems, but traditional reputation model neglect the difference of pollution files. The more popular of pollution file, the more damage it will bring to P2P network. Tosolve this problem, a P2P reputation model based on P2P file-sharing behavioral characteristics is proposed. By analyzing the P2P file-sharing behavioral characteristics, determine the file's propagation degree. Usethe file's propagation degreeto calculate the files' evaluation value and nodes' reputation *** this means, increase the reliability of the reputation model, so as toimprove the P2P network security. © Springer-Verlag Berlin Heidelberg 2013.

关键词： Peer to peer networks

来源：评论

学校读者我要写书评

暂无评论

Privacy-preserving point-inclusion two-party computation protocol

Privacy-preserving point-inclusion two-party computation pro...

引用

2013 5th International Conference on Computational and information Sciences, ICCIS 2013

作者： Chen, Li Lin, Bogang College of Mathematics and Computer Science Fuzhou University Key Lab of Information Security of Network System Fujian Province Fuzhou China

ISBN: (纸本)9780769550046

Privacy Preserving Computational Geometry (PPCG) is a new study field of Secure Multi-party Computation(SMC), its main contents include: Point Inclusion problem, Polygon Intersection problem, Closest Pair problem, Convex Hulls problem and so on. In this paper, we focus on the point inclusion problem. This problem is defined in two parties setting, while Alice has a secret point z, and Bob has a secret domain P. Both of them want to know whether the point is included in the domain. Researchers have proposed many protocols to deal with point inclusion problems, however most of them mainly solved the problem of the relation between point and the regular graphics, like circle, ellipse, convex polygon etc. In this paper, we propose a two-party protocol for point-arbitrary polygons inclusion problem based on the angle-rotation method, without revealing any private information, and then we give the correctness and security analysis. © 2013 IEEE.

关键词： Computational geometry

来源：评论

学校读者我要写书评

暂无评论

Detecting GPS information leakage in Android applications

Detecting GPS information leakage in Android applications

引用

2013 IEEE Global Communications Conference, GLOBECOM 2013

作者： Ma, Siyuan Tang, Zhushou Xiao, Qiuyu Liu, Jiafa Duong, Tran Triet Lin, Xiaodong Zhu, Haojin Department of Computer Science and Engineering Shanghai Jiao Tong University China University of Ontario Institute of Technology Canada Key Lab of Information Network Security Ministry of Public Security China

ISBN: (纸本)9781479913534

Location Based Service(LBS) becomes very popular in mobile computing platforms, such as Android. However, it could also leak highly personal information about the phone owner if used by Malwares. It has been witnessed that an increased number of malicious Android applications use LBS to obtain users' locations and transmit them to attackers without users' acknowledgement, causing users' privacy breach. In this paper, we first discuss the common way in which privacy can be breached in Android applications, and then define a classification algorithm for GPS information leakage. Furthermore, we develop a location information leakage detection tool named Brox. Brox is based on dalvik-opcode specification, which uses data flow analysis framework equipped with flow-sensitive, context-sensitive, and inter-procedure techniques to detect potential information leakage path in Android malicious applications. Specifically, Brox uses inter-procedure analysis and dependency calculation to understand the intention for each sensitive operation;by using reachable analysis, connection between privacy access operation and leakage operation is established. More importantly, Brox confirms whether the sending out operation contains location information or not using static taint analysis. At last, we classify the detection results with the help of identification of interaction and non-user interaction entry points in order to discover stealthy leaks of GPS location. The extensive experiments results show that the proposed method can effectively detect privacy leakage in Android applications with a high accuracy rate. © 2013 IEEE.

关键词： Location based services

来源：评论

学校读者我要写书评

暂无评论

International School on Foundations of security Analysis and Design

Lecture Notes in Computer Science (including subseries Lectu...

引用

Lecture Notes in computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 2014年 8604卷 V-VI页

作者： Aldini, Alessandro Lopez, Javier Martinelli, Fabio University of Urbino "Carlo Bo" Dipartimento di Scienze di Base e Fondamenti Piazza della Repubblica 13 Urbino61029 Italy University of Malaga Department of Computer Science Network Information and Computer Security Lab Campus de Teatinos s/n Malaga29071 Spain National Research Council - CNR Istituto di Informatica e Telematica - IIT Via G. Moruzzi 1 Pisa56124 Italy

来源：评论

学校读者我要写书评

暂无评论

The Web security Password Authentication based the Single-block Hash Function

引用

IERI Procedia 2013年 4卷 2-7页

作者： Shi-Qi Wang Jing-Ya Wang Yong-Zhen Li Network & information Security Lab. Department of Computer Science & Technology Yanbian University Yanji China

I The paper puts forward the Web security password authentication scheme based on the single-block hash function. The scheme can solve the problem effectively that exists in the traditional password authentication or digital signature in the Web authentication of user's identity to realize the defect. It can resist replay attacks, eavesdropping, modification of messages and common attacks, and low cost, high efficiency, satisfying security and efficient needs of structural features for identifiable authentication in the network service. Generally, MD5 or SHA1 is used. But these algorithms are too cumbersome for the Web authentication of user's identity, and the amount of computation is also too huge. The experimental results show that the scheme guarantees safety at the time, and increases the efficiency of the security authentication.

关键词： Single-Block Hash Function authentication Web security password message Digest

来源：评论

学校读者我要写书评

暂无评论

Fuzzy keyword search over encrypted data in the public key setting

Fuzzy keyword search over encrypted data in the public key s...

引用

14th International Conference on Web-Age information Management, WAIM 2013

作者： Dong, Qiuxiang Guan, Zhi Wu, Liang Chen, Zhong Institute of Software School of EECS Peking University China MoE Key Lab of High Confidence Software Technologies PKU China MoE Key Lab of Network and Software Security Assurance PKU China Computer Network Information Center Chinese Academy of Sciences China

ISBN: (纸本)9783642385612

Searchable encryption is used to support searches over encrypted data stored on cloud servers. Traditional searchable encryption only supports exact keyword search instead of more flexible fuzzy keyword search. To solve this problem, a recent emerging paradigm, named fuzzy keyword searchable encryption, has been proposed. There have been some proposals designed for fuzzy keyword search in the symmetric key setting, but none efficient schemes in the public key setting. In this paper, we propose a new primitive of interactive public key encryption with fuzzy keyword search (IPEFKS), which supports efficient fuzzy keyword search over encrypted data in the public key setting. We construct and implement a homomorphic encryption based IPEFKS scheme. To compare this scheme with the existing ones, we implement LWW-FKS, which, to the best of our knowledge, is the most efficient among the existing schemes. The experimental results show that IPEFKS is much more efficient than LWW-FKS. © 2013 Springer-Verlag Berlin Heidelberg.

关键词： Cloud computing

来源：评论

学校读者我要写书评

暂无评论

The Web security Password Authentication based the SingleBlock Hash Function

The Web Security Password Authentication based the SingleBlo...

引用

2013 International Conference on Electronic Engineering and computer Science(EECS 2013)

作者： Shi-Qi Wang Jing-Ya Wang Yong-Zhen Li Network & information Security Lab. Dept.of Computer Science & Technology Yanbian University

关键词： Single-Block Hash Function authentication Web security password message Digest

来源：评论

学校读者我要写书评

暂无评论

Towards trust-aware and self-adaptive systems 7th

Towards trust-aware and self-adaptive systems

引用

7th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2013

作者： Moyano, Francisco Baudry, Benoit Lopez, Javier Network Information and Computer Security Lab University of Malaga Malaga29071 Spain INRIA Rennes Bretagne-Atlantique Campus de Beaulieu Rennes35042 France Certus Software V&V Center SIMULA RESEARCH LAB Lysaker Norway

ISBN: (纸本)9783642383229

The Future Internet (FI) comprises scenarios where many heterogeneous and dynamic entities must interact to provide services (e.g., sensors, mobile devices and information systems in smart city scenarios). The dynamic conditions under which FI applications must execute call for self-adaptive software to cope with unforeseeable changes in the application environment. Software engineering currently provides frameworks to develop reasoning engines that automatically take reconfiguration decisions and that support the runtime adaptation of distributed, heterogeneous applications. However, these frameworks have very limited support to address security concerns of these application, hindering their usage for FI scenarios. We address this challenge by enhancing self-adaptive systems with the concepts of trust and reputation. Trust will improve decision-making processes under risk and uncertainty, in turn improving security of self-adaptive FI applications. This paper presents an approach that includes a trust and reputation framework into a platform for adaptive, distributed component-based systems, thus providing software components with new abilities to include trust in their reasoning process. © IFIP International Federation for information Processing 2013.

关键词： Decision making

来源：评论

学校读者我要写书评

暂无评论

Detecting Insider Threats: A Trust-Aware Framework

Detecting Insider Threats: A Trust-Aware Framework

引用

International Conference on Availability, Reliability and security, ARES

作者： Federica Paci Carmen Fernandez-Gago Francisco Moyano Department of Information Engineering and Computer Science University of Trento Italy Network Information and Computer Security (NICS) Lab University of Malaga Spain

The number of insider threats hitting organizations and big enterprises is rapidly growing. Insider threats occur when trusted employees misuse their permissions on organizational assets. Since insider threats know the organization and its processes, very often they end up undetected. Therefore, there is a pressing need for organizations to adopt preventive mechanisms to defend against insider threats. In this paper, we propose a framework for insiders identification during the early requirement analysis of organizational settings and of its IT systems. The framework supports security engineers in the detection of insider threats and in the prioritization of them based on the risk they represent to the organization. To enable the automatic detection of insider threats, we extend the SI* requirement modeling language with an asset model and a trust model. The asset model allows associating security properties and sensitivity levels to assets. The trust model allows specifying the trust level that a user places in another user with respect to a given permission on an asset. The insider threats identification leverages the trust levels associated with the permissions assigned to users, as well as the sensitivity of the assets to which access is granted. We illustrate the approach based on a patient monitoring scenario.

关键词： Silicon security Sensitivity Drugs Organizations Context Availability

来源：评论

学校读者我要写书评

暂无评论

A Metamodel for Measuring Accountability Attributes in the Cloud

A Metamodel for Measuring Accountability Attributes in the C...

引用

IEEE International Conference on Cloud Computing Technology and Science (CloudCom)

作者： David Nuñez Carmen Fernandez-Gago Siani Pearson Massimo Felici Network Information and Computer Security Laboratory Universidad de Málaga Málaga Spain Security and Cloud Lab Hewlett-Packard Laboratories Bristol United Kingdom

Cloud governance, and in particular data governance in the cloud, relies on different technical and organizational practices and procedures, such as policy enforcement, risk management, incident management and remediation. The concept of accountability encompasses such practices, and is essential for enhancing security and trustworthiness in the cloud. Besides this, proper measurement of cloud services, both at a technical and governance level, is a distinctive aspect of the cloud computing model. Hence, a natural problem that arises is how to measure the impact on accountability of the procedures held in practice by organizations that participate in the cloud ecosystem. In this paper, we describe a metamodel for addressing the problem of measuring accountability properties for cloud computing, as discussed and defined by the Cloud Accountability Project (A4Cloud). The goal of this metamodel is to act as a language for describing: (i) accountability properties in terms of actions between entities, and (ii) metrics for measuring the fulfillment of such properties. It also allows the recursive decomposition of properties and metrics, from a high-level and abstract world to a tangible and measurable one. Finally, we illustrate our proposal of the metamodel by modelling the transparency property, and define some metrics for it.

关键词： Context Cloud computing Organizations Atmospheric measurements Particle measurements Computational modeling

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：