Nowadays, most important topic about Internet banking is security. Banks' basic concern is ensuring their customers' electronic transactions. Nevertheless, fraudsters are becoming more sophisticated and they act really clever to achieve their target. Having this knowledge, banks try to optimize their detection systems in order to detect fraud and investigate suspect online behavior and transactions. Object of this paper is to demonstrate one successful fraud detection model which is established in Greece. Apart from the offline Internet banking fraud detection system itself, which is described briefly, our scope is to present its contribution in fast and reliable detection of any "strange" transaction including fraudulent ones.
{"title":"Offline Internet banking fraud detection","authors":"V. Aggelis","doi":"10.1109/ARES.2006.89","DOIUrl":"https://doi.org/10.1109/ARES.2006.89","url":null,"abstract":"Nowadays, most important topic about Internet banking is security. Banks' basic concern is ensuring their customers' electronic transactions. Nevertheless, fraudsters are becoming more sophisticated and they act really clever to achieve their target. Having this knowledge, banks try to optimize their detection systems in order to detect fraud and investigate suspect online behavior and transactions. Object of this paper is to demonstrate one successful fraud detection model which is established in Greece. Apart from the offline Internet banking fraud detection system itself, which is described briefly, our scope is to present its contribution in fast and reliable detection of any \"strange\" transaction including fraudulent ones.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133581038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yusuke Doi, S. Wakayama, M. Ishiyama, S. Ozaki, Tomohiro Ishihara, Yojiro Uo
In this paper, we discuss the ecosystem of naming systems for smart spaces. Since we think resolution of detected object names should be a common trigger of smart space applications, we focus on naming systems. We aim at a naming system framework to enable the following. First, each application developer of smart spaces can design and implement new applications freely. Minimal limitations should be imposed on developers. Second, users can interact with applications opaquely. We propose combination of the following two approaches to induce naming systems evolution for smart space applications. The first approach is integration of independent naming systems for simple client resolvers. The second approach is a client resolver model to handle independent naming systems concurrently. We also describe some case studies concerning smart space application scenarios.
{"title":"Ecosystem of naming systems: discussions on a framework to induce smart space naming systems development","authors":"Yusuke Doi, S. Wakayama, M. Ishiyama, S. Ozaki, Tomohiro Ishihara, Yojiro Uo","doi":"10.1109/ARES.2006.57","DOIUrl":"https://doi.org/10.1109/ARES.2006.57","url":null,"abstract":"In this paper, we discuss the ecosystem of naming systems for smart spaces. Since we think resolution of detected object names should be a common trigger of smart space applications, we focus on naming systems. We aim at a naming system framework to enable the following. First, each application developer of smart spaces can design and implement new applications freely. Minimal limitations should be imposed on developers. Second, users can interact with applications opaquely. We propose combination of the following two approaches to induce naming systems evolution for smart space applications. The first approach is integration of independent naming systems for simple client resolvers. The second approach is a client resolver model to handle independent naming systems concurrently. We also describe some case studies concerning smart space application scenarios.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130186514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Trust can be an important aspect for decision-making in the Internet. This paper proposes a new trust establishment model for identity management on the Internet. After discussing the challenges and opportunities of a trust model in identity management, we describe our trust model in detail. The fundamental difference to existing models (or the lack of) in identity management is the establishment of trust and evaluation of trust in this model changes over time. Leaving greater incentives to constantly seek and learn from the past behavior to influence their future. Moreover this model acknowledges the heterogeneity of service providers, and lastly this model proposes some attenuation measures to counter biased ratings in identity management scenarios.
{"title":"RATING: rigorous assessment of trust in identity management","authors":"Rajarajan Sampath, Deepak Goel","doi":"10.1109/ARES.2006.103","DOIUrl":"https://doi.org/10.1109/ARES.2006.103","url":null,"abstract":"Trust can be an important aspect for decision-making in the Internet. This paper proposes a new trust establishment model for identity management on the Internet. After discussing the challenges and opportunities of a trust model in identity management, we describe our trust model in detail. The fundamental difference to existing models (or the lack of) in identity management is the establishment of trust and evaluation of trust in this model changes over time. Leaving greater incentives to constantly seek and learn from the past behavior to influence their future. Moreover this model acknowledges the heterogeneity of service providers, and lastly this model proposes some attenuation measures to counter biased ratings in identity management scenarios.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132289955","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jordi Castellà-Roca, J. Herrera-Joancomartí, Aleix Dorca-Josa
Secure electronic exams are one of the most difficult challenges in e-learning security. The relevance of the examination process for any academic institution implies that different security mechanisms must be applied in order to preserve some security properties during different examination stages. In this paper, we present a secure e-exam management system where all exam related information is in digital format. We propose a cryptographic scheme that has to be executed in order to achieve the desired security levels at every exam stage.
{"title":"A secure e-exam management system","authors":"Jordi Castellà-Roca, J. Herrera-Joancomartí, Aleix Dorca-Josa","doi":"10.1109/ARES.2006.14","DOIUrl":"https://doi.org/10.1109/ARES.2006.14","url":null,"abstract":"Secure electronic exams are one of the most difficult challenges in e-learning security. The relevance of the examination process for any academic institution implies that different security mechanisms must be applied in order to preserve some security properties during different examination stages. In this paper, we present a secure e-exam management system where all exam related information is in digital format. We propose a cryptographic scheme that has to be executed in order to achieve the desired security levels at every exam stage.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127052666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we analyze the relationship between the accuracy of the segmentation algorithm and the error rates of typical iris recognition systems. We selected 1000 images from the UBIRIS database that the segmentation algorithm can accurately segment and artificially introduced segmentation inaccuracies. We repeated the recognition tests and concluded about the strong relationship between the errors in the pupil segmentation and the overall false reject rate. Based on this fact, we propose a method to identify these inaccuracies.
{"title":"A method for the identification of inaccuracies in pupil segmentation","authors":"Hugo Proença, Luís A. Alexandre","doi":"10.1109/ARES.2006.9","DOIUrl":"https://doi.org/10.1109/ARES.2006.9","url":null,"abstract":"In this paper we analyze the relationship between the accuracy of the segmentation algorithm and the error rates of typical iris recognition systems. We selected 1000 images from the UBIRIS database that the segmentation algorithm can accurately segment and artificially introduced segmentation inaccuracies. We repeated the recognition tests and concluded about the strong relationship between the errors in the pupil segmentation and the overall false reject rate. Based on this fact, we propose a method to identify these inaccuracies.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115955947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Alfonso Rodríguez, E. Fernández-Medina, M. Piattini
Business processes are important for companies because they allow us to obtain an advanced marketplace position, and then, these enterprises can optimize and assure the quality of their products and services. Moreover, business processes are important for software developers, because they can capture from them the necessary requirements for software design and creation. At the same time, organizations have been opened and this implies more vulnerability. In spite of all these facts, security is an aspect that has been scarcely dealt with in the business process modeling. In this paper, we summarize our UML 2.0 profile for secure business process modeling through activity diagrams, and we apply this approach to a typical health-care business process.
{"title":"Security requirement with a UML 2.0 profile","authors":"Alfonso Rodríguez, E. Fernández-Medina, M. Piattini","doi":"10.1109/ARES.2006.125","DOIUrl":"https://doi.org/10.1109/ARES.2006.125","url":null,"abstract":"Business processes are important for companies because they allow us to obtain an advanced marketplace position, and then, these enterprises can optimize and assure the quality of their products and services. Moreover, business processes are important for software developers, because they can capture from them the necessary requirements for software design and creation. At the same time, organizations have been opened and this implies more vulnerability. In spite of all these facts, security is an aspect that has been scarcely dealt with in the business process modeling. In this paper, we summarize our UML 2.0 profile for secure business process modeling through activity diagrams, and we apply this approach to a typical health-care business process.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"148 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116552862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A series of distributed processes usually need to be created in order to complete a user's task in grid environment, and these processes which have been created at different grid site form a process organization (called process-tree). Due to the dynamic of grid resource and some uncertain factors, some process nodes in this tree may be not accessible by the other related ones. It leads to a process-tree broken problem. As a result, it would block further execution of the processes we have created. Up to now, there is no good solution to solve the problem. In this paper we explore this problem and discuss how to handle it if some inaccessible nodes in process-tree happened, and how to ensure the integrity of organization structure of distributed processes. After making a comparison and analysis with the traditional distributed systems, we provide a new mechanism to increase reliability of grid-based computing environments and restore the inaccessible process-node over process tree in grid environment and endeavoring to keep the integrity of the original process organization structure. This new mechanism would adopts two types of additional information and two extra process actions to help restore the original process but not disturb the existing dynamic characters of grid resources, and grid tasks can be performed efficiently as well.
{"title":"Recovery mechanism of cooperative process chain in grid","authors":"Mingchu Li, Hongyan Yao","doi":"10.1109/ARES.2006.104","DOIUrl":"https://doi.org/10.1109/ARES.2006.104","url":null,"abstract":"A series of distributed processes usually need to be created in order to complete a user's task in grid environment, and these processes which have been created at different grid site form a process organization (called process-tree). Due to the dynamic of grid resource and some uncertain factors, some process nodes in this tree may be not accessible by the other related ones. It leads to a process-tree broken problem. As a result, it would block further execution of the processes we have created. Up to now, there is no good solution to solve the problem. In this paper we explore this problem and discuss how to handle it if some inaccessible nodes in process-tree happened, and how to ensure the integrity of organization structure of distributed processes. After making a comparison and analysis with the traditional distributed systems, we provide a new mechanism to increase reliability of grid-based computing environments and restore the inaccessible process-node over process tree in grid environment and endeavoring to keep the integrity of the original process organization structure. This new mechanism would adopts two types of additional information and two extra process actions to help restore the original process but not disturb the existing dynamic characters of grid resources, and grid tasks can be performed efficiently as well.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"366 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114782266","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We present a novel approach for the implementation of efficient and dependable Web service engines (WSEs). A WSE instance represents a single node in a distributed network of participants that communicate using XML messages. We introduce a fully declarative language custom-tailored to XML message processing that allows to specify business processes in a concise manner. To support the efficient and reliable evaluation of our language, we show how to augment a native, transactional XML data store with efficient and reliable XML message queues.
{"title":"A declarative control language for dependable XML message queues","authors":"Alexander Böhm, C. Kanne, G. Moerkotte","doi":"10.1109/ARES.2006.4","DOIUrl":"https://doi.org/10.1109/ARES.2006.4","url":null,"abstract":"We present a novel approach for the implementation of efficient and dependable Web service engines (WSEs). A WSE instance represents a single node in a distributed network of participants that communicate using XML messages. We introduce a fully declarative language custom-tailored to XML message processing that allows to specify business processes in a concise manner. To support the efficient and reliable evaluation of our language, we show how to augment a native, transactional XML data store with efficient and reliable XML message queues.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131041545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper introduces issues of risk management applied to biometrics. A biometrics study has been recently carried out by the ICT unit team and biometric technologies have been examined from a SELT perspective (social, economic, legal and technological). Different threats have been highlighted, such as identity theft. This paper presents an introduction on the risk "identity theft" in the information society and describes the identity theft as a real threat of the wide implementation of biometrics. Based on the results of the biometrics study and aiming at illustrating risk management on biometrics, the last section deals with the application of a risk process model on the identity theft in biometric systems context.
{"title":"Risk management approach on identity theft in biometric systems context","authors":"Sabine Delaître","doi":"10.1109/ARES.2006.113","DOIUrl":"https://doi.org/10.1109/ARES.2006.113","url":null,"abstract":"This paper introduces issues of risk management applied to biometrics. A biometrics study has been recently carried out by the ICT unit team and biometric technologies have been examined from a SELT perspective (social, economic, legal and technological). Different threats have been highlighted, such as identity theft. This paper presents an introduction on the risk \"identity theft\" in the information society and describes the identity theft as a real threat of the wide implementation of biometrics. Based on the results of the biometrics study and aiming at illustrating risk management on biometrics, the last section deals with the application of a risk process model on the identity theft in biometric systems context.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126018793","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
More and more governments tend also to offer their services for mobile users. For many of their e-transactions that involve one or more pervasive computing entities, the role of a central trusted authority (TA) for assuring the binding between the identities and the used asymmetric keys is crucial. Usually governments take care of such a trusted third party. However, when this TA becomes unreachable, governments cannot instantly set up another TA and recovering the original TA takes too much valuable time. The reliance on those TA's without another alternative trust system can therefore jeopardize the transactions. In this paper a mechanism is proposed in which new TA's can be (re)elected autonomously and securely by a group of computing entities from their midst when the original TA becomes unreachable. Those new TA's rule then as an oligarchy over the other computing entities.
{"title":"Building governments in e-government: settlement of trusted e-oligarchy","authors":"S. Daskapan","doi":"10.1109/ARES.2006.40","DOIUrl":"https://doi.org/10.1109/ARES.2006.40","url":null,"abstract":"More and more governments tend also to offer their services for mobile users. For many of their e-transactions that involve one or more pervasive computing entities, the role of a central trusted authority (TA) for assuring the binding between the identities and the used asymmetric keys is crucial. Usually governments take care of such a trusted third party. However, when this TA becomes unreachable, governments cannot instantly set up another TA and recovering the original TA takes too much valuable time. The reliance on those TA's without another alternative trust system can therefore jeopardize the transactions. In this paper a mechanism is proposed in which new TA's can be (re)elected autonomously and securely by a group of computing entities from their midst when the original TA becomes unreachable. Those new TA's rule then as an oligarchy over the other computing entities.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125487675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: