Current Issue : July - September Volume : 2016 Issue Number : 3 Articles : 5 Articles
With the rapid development of the cloud computing service, utilizing traditional access control models was difficult\nto meet the complex requirements of data protection in cloud environment. In cloud environment, the definition\nof data and its protection are gradually varied when contents shifting from one virtual machine to another; in these\nnew scenarios, the multi-tenancy pattern has been taken as a core attribute. For this reason, many users need to\nchange their roles according to different situations; certifications has impact much more complicated challenges in\ncloud environment while access control was suitable for the static status but no longer for the changing situation. In\nthis paper, a new usage control protocol modelââ?¬â?multi-UCON (MUCON) based on usage control (UCON), combined\nwith encryption technology and the digital watermarking technology, is proposed with the characteristics of flexible\naccrediting, feature binding, and off-line controlling. The analysis and simulation experiments indicate that the\nproposed protocol model is secure, reliable, and easy to be implemented, which can be deployed in cloud computing\nenvironments for data protection....
The object of this study is to propose a statistical model for predicting the Expected Path Length\n(expected number of steps the attacker will take, starting from the initial state to compromise the\nsecurity goalââ?¬â?EPL) in a cyber-attack. The model we developed is based on utilizing vulnerability\ninformation along with having host centric attack graph. Utilizing the developed model, one can\nidentify the interaction among the vulnerabilities and individual variables (risk factors) that drive\nthe Expected Path Length. Gaining a better understanding of the relationship between vulnerabilities\nand their interactions can provide security administrators a better view and an understanding\nof their security status. In addition, we have also ranked the attributable variables and their\ncontribution in estimating the subject length. Thus, one can utilize the ranking process to take\nprecautions and actions to minimize Expected Path Length....
Honeyword system used to detect password file disclosure. For each user set of honeyword is generated. When adversary have a password file, then it get confused which one is real password in honeyword set. Adversary enters all honeywords in the set. When honeywords are entered notification will be send to the admin. Author gives hybrid method for generation of honeyword. Hybrid method provides strong DOS resistance and flatness....
The encryption of network traffic complicates legitimate network monitoring, traffic analysis, and network forensics.\nIn this paper, we present real-time lightweight identification of HTTPS clients based on network monitoring and\nSSL/TLS fingerprinting. Our experiment shows that it is possible to estimate the User-Agent of a client in HTTPS\ncommunication via the analysis of the SSL/TLS handshake. The fingerprints of SSL/TLS handshakes, including a list of\nsupported cipher suites, differ among clients and correlate to User-Agent values from a HTTP header. We built up\na dictionary of SSL/TLS cipher suite lists and HTTP User-Agents and assigned the User-Agents to the observed SSL/TLS\nconnections to identify communicating clients. The dictionary was used to classify live HTTPS network traffic. We were\nable to retrieve client types from 95.4 % of HTTPS network traffic. Further, we discussed host-based and\nnetwork-based methods of dictionary retrieval and estimated the quality of the data....
Abstract\nSoftware control is a critical issue in cyber-physical systems (CPS); if the expected behavior of the software embedded\nin a single device of a CPS cannot be enforced then the behavior of the whole CPS may be in jeopardy. Thus, CPS\nstakeholders like having some level of control over the embedded software. Third-party demands to control the\nsoftware, however, conflict with the intellectual property protection demanded by software developers, since some\nlevel of detail about the software at hand would have to be disclosed. In the present paper, we discuss the issue of\ncontrolling the software embedded in CPS devices and address the problem of how to achieve an increased level of\nsoftware control without compromising the protection of intellectual property. We propose a two-party\nfingerprinting scheme that allows for attribution of responsibility in the case of intellectual property leaks. Our\nfingerprinting scheme is such that neither party may obtain an advantage over the other by misbehaving,\nmisrepresenting or by prematurely aborting the protocol, therefore providing a fair means to resolve disputes...
Loading....