Search results for "Computer security"
showing 10 items of 433 documents
Research in disaster settings: a systematic qualitative review of ethical guidelines
2016
Background Conducting research during or in the aftermath of disasters poses many specific practical and ethical challenges. This is particularly the case with research involving human subjects. The extraordinary circumstances of research conducted in disaster settings require appropriate regulations to ensure the protection of human participants. The goal of this study is to systematically and qualitatively review the existing ethical guidelines for disaster research by using the constant comparative method (CCM). Methods We performed a systematic qualitative review of disaster research ethics guidelines to collect and compare existing regulations. Guidelines were identified by a three-tie…
Vulnerability Black Markets: Empirical Evidence and Scenario Simulation
2009
This paper discusses the manifest characteristics of online Vulnerability Black Markets (VBM), insider actors, interactions and mechanisms, obtained from masked observation. Because VBM transactions are hidden from general view, we trace their precursors as secondary evidence of their development and activity. More general attributes of VBMs and the exploits they discuss are identified. Finally, we introduce a simulation model that captures how vulnerability discoveries may be placed in a dual legal-black market context. We perform simulations and find that if legal markets expose vulnerabilities that go unresolved, the security and quality of software may suffer more than in the absence of…
SEPARATION OF PRINCIPAL STRESSES ALONG SECTIONS OF SYMMETRY BY MEANS OF ISOPACHIC PATTERNS
1969
An approximate rapid method for the separation of principal stresses along sections of symmetry free from external loads is described. The method is based on the sum of principal stresses and checked by applying it to a circular ring under diametral compression and to a grooved bar in tension.
Mobility and Spatio-Temporal Exposure Control
2013
Modern risk assessment methods cover many issues and encompass both risk analysis and corresponding prevention/mitigation measures.However, there is still room for improvement and one aspect that may benefit from more work is “exposure control”.The “exposure” an asset experiences plays an important part in the risks facing the asset.Amongst the aspects that all too regularly get exposed is user identities and user location information,and in a context with mobile subscriber and mobility in the service hosting (VM migration/mobility) the problems associated with lost identity/location privacy becomes urgent.In this paper we look at “exposure control” as a way for analyzing and protecting use…
Algorithmic Complexity Vulnerability Analysis of a Stateful Firewall
2016
Algorithmic complexity vulnerabilities are an opportunity for an ad-versary to conduct a sophisticated kind of attack i.e. on network infrastructure services. Such attacks take advantage of worst case time or space complexity of algorithms implemented on devices in their software. In this paper we address potential risks introduced by such algorithmic behavior in computer networks in particular on a stateful firewall. First we introduce the idea and theoretical background for the attack. We then describe in full detail a successfully con-ducted attack which takes advantage of the worst case computational complexi-ty of O(n2) of a hash table data structure used to store active sessions. The …
Deploying harmonized ITS services in the framework of EasyWay project
2012
In the last decade, the use of new technologies in the transportation domain has made possible the development of the Intelligent Transport System (ITS). However, the ITS services were deployed isolated. The purpose of the EasyWay Project is to involve all the European countries to deploy harmonized ITS services taking into account the European citizen as final In this paper, an introduction of EasyWay project is done, including the ITS concept services and the Deployment Guidelines. A deployment guideline for traffic management and corridors is presented. Using this guideline, a real Spanish Traffic management Plan is analyzed.
A Learning Automata Based Solution to Service Selection in Stochastic Environments
2010
Published version of a paper published in the book: Trends in Applied Intelligent Systems. Also available on SpringerLink: http://dx.doi.org/10.1007/978-3-642-13033-5_22 With the abundance of services available in today’s world, identifying those of high quality is becoming increasingly difficult. Reputation systems can offer generic recommendations by aggregating user provided opinions about service quality, however, are prone to ballot stuffing and badmouthing . In general, unfair ratings may degrade the trustworthiness of reputation systems, and changes in service quality over time render previous ratings unreliable. In this paper, we provide a novel solution to the above problems based …
An Anonymous Delegatable Attribute-based Credential Scheme for a Collaborative E-health Environment
2019
We propose an efficient anonymous, attribute-based credential scheme capable of provisioning multi-level credential delegations. It is integrated with a mechanism to revoke the anonymity of credentials for resolving access disputes and making users accountable for their actions. The proposed scheme has a lower end-user computational complexity in comparison to existing credential schemes with delegatability and has a comparable level of performance with the credential standards of U-Prove and Idemix. Furthermore, we demonstrate how the proposed scheme can be applied to a collaborative e-health environment to provide its users with the necessary anonymous access with delegation capabilities.
Attribute based access control scheme with controlled access delegation for collaborative E-health environments
2017
Abstract Modern electronic healthcare (e-health) settings constitute collaborative environments with complex access requirements. Thus, there is a need for sophisticated fine-grained access control mechanisms to cater these access demands and thereby experience the full potential of e-health systems. In order to realize a flexible access control scheme, integrating access delegation is of paramount importance. However, access delegation has to be enforced in a controlled manner so that it will not jeopardize the security of the system. In this paper, we addressed this issue through proposing an attribute based access control scheme integrated with controlled access delegation capabilities. …
Blockchain Based Delegatable Access Control Scheme for a Collaborative E-Health Environment
2018
Modern electronic healthcare (e-health) settings constitute collaborative environments requiring sophisticated fine-grained access control mechanisms to cater their access demands. Access delegatability is quite crucial to realize fine-grained, flexible access control schemes compatible with such environments. In this paper, we addressed this issue through proposing an attribute based access control scheme integrated with controlled access delegation capabilities suitable for a multi-domain e-health environment. We have utilized the blockchain technology to manage attribute assignments, delegations as well as revocations. The scheme enables delegations in a controlled manner without jeopard…