A P2P currency can be a powerful tool for promoting exchanges in a trusted way that make use of under-utilized resources both in computer networks and in real life. There are three classes of resource that can be exchanged in a P2P system: atoms (ex. physical goods by way of auctions), bits (ex. data files) and presences (ex. time slots for computing resources such as CPU, storage or bandwidth). If these are equally treated as commodities, however, the economy of the system is likely to collapse, because data files can be reproduced at a negligibly small cost whereas time slots for computing resources cannot even be stockpiled for future use. This paper clarifies this point by simulating a small world of traders, and proposes a novel way for applying the "reduction over time" feature of i-WAT, a P2P currency. In the proposed new economic order (NEO), bits are freely shared among participants, whereas their producers are supported by peers, being given freedom to issue exchange tickets whose values are reduced over time.
{"title":"Fair trading of information: a proposal for the economics of peer-to-peer systems","authors":"Kenji Saito, E. Morino, J. Murai","doi":"10.1109/ARES.2006.62","DOIUrl":"https://doi.org/10.1109/ARES.2006.62","url":null,"abstract":"A P2P currency can be a powerful tool for promoting exchanges in a trusted way that make use of under-utilized resources both in computer networks and in real life. There are three classes of resource that can be exchanged in a P2P system: atoms (ex. physical goods by way of auctions), bits (ex. data files) and presences (ex. time slots for computing resources such as CPU, storage or bandwidth). If these are equally treated as commodities, however, the economy of the system is likely to collapse, because data files can be reproduced at a negligibly small cost whereas time slots for computing resources cannot even be stockpiled for future use. This paper clarifies this point by simulating a small world of traders, and proposes a novel way for applying the \"reduction over time\" feature of i-WAT, a P2P currency. In the proposed new economic order (NEO), bits are freely shared among participants, whereas their producers are supported by peers, being given freedom to issue exchange tickets whose values are reduced over time.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116162855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (#4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre.
{"title":"Grid infrastructures for secure access to and use of bioinformatics data: experiences from the BRIDGES project","authors":"R. Sinnott, Micha Bayer, A. Stell, J. Koetsier","doi":"10.1109/ARES.2006.69","DOIUrl":"https://doi.org/10.1109/ARES.2006.69","url":null,"abstract":"The BRIDGES project was funded by the UK Department of Trade and Industry (DTI) to address the needs of cardiovascular research scientists investigating the genetic causes of hypertension as part of the Wellcome Trust funded (#4.34M) cardiovascular functional genomics (CFG) project. Security was at the heart of the BRIDGES project and an advanced data and compute grid infrastructure incorporating latest grid authorisation technologies was developed and delivered to the scientists. We outline these grid infrastructures and describe the perceived security requirements at the project start including data classifications and how these evolved throughout the lifetime of the project. The uptake and adoption of the project results are also presented along with the challenges that must be overcome to support the secure exchange of life science data sets. We also present how we will use the BRIDGES experiences in future projects at the National e-Science Centre.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115962645","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper deals with current virtual private network (VPN) technologies, such as Internet protocol security (IPSec), layer two tunneling protocol (L2TP), and point to point tunneling protocol (PPTP). Furthermore, the VPN solution of the Austrian company Phion Information Technologies is presented. After a short introduction to the basics of each protocol, the strengths and weaknesses of each technology are outlined, as far as interoperability, manageability, and practical problems is concerned. This is done by means of a practical analysis and comparison of the results. The analysis includes performance measurement, link quality and stability analysis, feature comparison, interaction with TCP/IP protocols, and some basic security attacks. In order to provide comparable results, all technologies were tested in the same manner. However, this paper does not provide explicit recommendations which technology is to be preferred.
{"title":"Analysis of current VPN technologies","authors":"Thomas Berger","doi":"10.1109/ARES.2006.30","DOIUrl":"https://doi.org/10.1109/ARES.2006.30","url":null,"abstract":"This paper deals with current virtual private network (VPN) technologies, such as Internet protocol security (IPSec), layer two tunneling protocol (L2TP), and point to point tunneling protocol (PPTP). Furthermore, the VPN solution of the Austrian company Phion Information Technologies is presented. After a short introduction to the basics of each protocol, the strengths and weaknesses of each technology are outlined, as far as interoperability, manageability, and practical problems is concerned. This is done by means of a practical analysis and comparison of the results. The analysis includes performance measurement, link quality and stability analysis, feature comparison, interaction with TCP/IP protocols, and some basic security attacks. In order to provide comparable results, all technologies were tested in the same manner. However, this paper does not provide explicit recommendations which technology is to be preferred.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117220761","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The problem of self-diagnosis of multiprocessor and multicomputer systems under the generalized comparison model (GCM) is considered. GCM assumes that a set of jobs is assigned to pairs of units and that the outcomes are compared by the units themselves (self-diagnosis). Based on the set of comparison outcomes (agreements and disagreements among the units), the set of up to t faulty nodes is identified (t-diagnosable systems). This paper proposes an artificial-immune-based algorithm to solve the fault identification problem. The immune diagnosis algorithm correctly identifies the set of faulty units, and it has been evaluated using randomly generated t-diagnosable systems. Simulation results indicate that the proposed approach is a viable alternative to solve the GCM-based diagnosis problem.
{"title":"A novel artificial-immune-based approach for system-level fault diagnosis","authors":"M. Elhadef, S. Das, A. Nayak","doi":"10.1109/ARES.2006.10","DOIUrl":"https://doi.org/10.1109/ARES.2006.10","url":null,"abstract":"The problem of self-diagnosis of multiprocessor and multicomputer systems under the generalized comparison model (GCM) is considered. GCM assumes that a set of jobs is assigned to pairs of units and that the outcomes are compared by the units themselves (self-diagnosis). Based on the set of comparison outcomes (agreements and disagreements among the units), the set of up to t faulty nodes is identified (t-diagnosable systems). This paper proposes an artificial-immune-based algorithm to solve the fault identification problem. The immune diagnosis algorithm correctly identifies the set of faulty units, and it has been evaluated using randomly generated t-diagnosable systems. Simulation results indicate that the proposed approach is a viable alternative to solve the GCM-based diagnosis problem.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121701983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
René Rydhof Hansen, Christian W. Probst, F. Nielson
The /spl mu/Klaim calculus is a process algebra designed to study the programming of distributed systems consisting of a number of locations each having their own tuple space and collection of mobile processes. Previous work has explored how to incorporate a notion of capabilities to be enforced dynamically by means of a reference monitor. Our first contribution is to describe a sandboxing semantics for the remote evaluation of mobile code; we then develop a succinct flow logic for statically guaranteeing the properties enforced by the reference monitor and hence for dispensing with the overhead of a dynamic reference monitor. Our second contribution is an extension of the calculus to interact with an environment; processes enter the system from the environment and we develop an entry-condition that is sufficient for ensuring that the resulting system continues to guarantee the properties that would otherwise need to be dynamically enforced by the reference monitor. We call the resulting calculus myKlaim.
{"title":"Sandboxing in myKlaim","authors":"René Rydhof Hansen, Christian W. Probst, F. Nielson","doi":"10.1109/ARES.2006.115","DOIUrl":"https://doi.org/10.1109/ARES.2006.115","url":null,"abstract":"The /spl mu/Klaim calculus is a process algebra designed to study the programming of distributed systems consisting of a number of locations each having their own tuple space and collection of mobile processes. Previous work has explored how to incorporate a notion of capabilities to be enforced dynamically by means of a reference monitor. Our first contribution is to describe a sandboxing semantics for the remote evaluation of mobile code; we then develop a succinct flow logic for statically guaranteeing the properties enforced by the reference monitor and hence for dispensing with the overhead of a dynamic reference monitor. Our second contribution is an extension of the calculus to interact with an environment; processes enter the system from the environment and we develop an entry-condition that is sufficient for ensuring that the resulting system continues to guarantee the properties that would otherwise need to be dynamically enforced by the reference monitor. We call the resulting calculus myKlaim.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125920356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The robustness of peer-to-peer (P2P) networks, in particular of DHT-based overlay networks, suffers significantly when a Sybil attack is performed. We tackle the issue of Sybil attacks from two sides. First, we clarify, analyze, and classify the P2P identifier assignment process. By clearly separating network participants from network nodes, two challenges of P2P networks under a Sybil attack become obvious: i) stability over time, and ii) identity differentiation. Second, as a starting point for a quantitative analysis of time-stability of P2P networks under Sybil attacks and under some assumptions with respect to identity differentiation, we propose an identity registration procedure called self-registration that makes use of the inherent distribution mechanisms of a P2P network.
{"title":"Defending the Sybil attack in P2P networks: taxonomy, challenges, and a proposal for self-registration","authors":"J. Dinger, H. Hartenstein","doi":"10.1109/ARES.2006.45","DOIUrl":"https://doi.org/10.1109/ARES.2006.45","url":null,"abstract":"The robustness of peer-to-peer (P2P) networks, in particular of DHT-based overlay networks, suffers significantly when a Sybil attack is performed. We tackle the issue of Sybil attacks from two sides. First, we clarify, analyze, and classify the P2P identifier assignment process. By clearly separating network participants from network nodes, two challenges of P2P networks under a Sybil attack become obvious: i) stability over time, and ii) identity differentiation. Second, as a starting point for a quantitative analysis of time-stability of P2P networks under Sybil attacks and under some assumptions with respect to identity differentiation, we propose an identity registration procedure called self-registration that makes use of the inherent distribution mechanisms of a P2P network.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"46 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126072255","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The increasing growth in the application of global computing and pervasive systems has necessitated careful consideration of security issues. In particular, there has been a growth in the use of electronic communities, in which there exist many relationships between different entities. Such relationships require establishing trust between entities and a great deal of effort has been expended in developing accurate and reliable models of trust in such multi-client environments. Many of these models are complex and not necessarily guaranteed to give accurate trust predictions. In this paper we present a review of some of these models before proposing a simple, lightweight model for trust. The proposed model does not require the estimation of a large parameter set, nor make great assumptions about the parameters that affect trust.
{"title":"A lightweight model of trust propagation in a multi-client network environment: to what extent does experience matter?","authors":"M. Conrad, Timothy French, Wei Huang, C. Maple","doi":"10.1109/ARES.2006.8","DOIUrl":"https://doi.org/10.1109/ARES.2006.8","url":null,"abstract":"The increasing growth in the application of global computing and pervasive systems has necessitated careful consideration of security issues. In particular, there has been a growth in the use of electronic communities, in which there exist many relationships between different entities. Such relationships require establishing trust between entities and a great deal of effort has been expended in developing accurate and reliable models of trust in such multi-client environments. Many of these models are complex and not necessarily guaranteed to give accurate trust predictions. In this paper we present a review of some of these models before proposing a simple, lightweight model for trust. The proposed model does not require the estimation of a large parameter set, nor make great assumptions about the parameters that affect trust.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117158856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Quantum cryptography is considered as a promising solution towards absolute security in long-term cryptosystems. While the application of quantum cryptography in fiber networks has significant advances, research on the application of quantum cryptography in mobile networks is still premature. In this paper, we analyze the interests of using quantum technique for the distribution of encryption keys in 802.11 wireless networks. We also propose a scheme for the integration of quantum cryptography in 802.11i security mechanisms for the establishment of the PTK (pairwise transient key).
{"title":"Integration of quantum cryptography in 802.11 networks","authors":"T. Nguyen, M. Sfaxi, S. Ghernaouti-Helie","doi":"10.1109/ARES.2006.75","DOIUrl":"https://doi.org/10.1109/ARES.2006.75","url":null,"abstract":"Quantum cryptography is considered as a promising solution towards absolute security in long-term cryptosystems. While the application of quantum cryptography in fiber networks has significant advances, research on the application of quantum cryptography in mobile networks is still premature. In this paper, we analyze the interests of using quantum technique for the distribution of encryption keys in 802.11 wireless networks. We also propose a scheme for the integration of quantum cryptography in 802.11i security mechanisms for the establishment of the PTK (pairwise transient key).","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122051688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays, most important topic about Internet banking is security. Banks' basic concern is ensuring their customers' electronic transactions. Nevertheless, fraudsters are becoming more sophisticated and they act really clever to achieve their target. Having this knowledge, banks try to optimize their detection systems in order to detect fraud and investigate suspect online behavior and transactions. Object of this paper is to demonstrate one successful fraud detection model which is established in Greece. Apart from the offline Internet banking fraud detection system itself, which is described briefly, our scope is to present its contribution in fast and reliable detection of any "strange" transaction including fraudulent ones.
{"title":"Offline Internet banking fraud detection","authors":"V. Aggelis","doi":"10.1109/ARES.2006.89","DOIUrl":"https://doi.org/10.1109/ARES.2006.89","url":null,"abstract":"Nowadays, most important topic about Internet banking is security. Banks' basic concern is ensuring their customers' electronic transactions. Nevertheless, fraudsters are becoming more sophisticated and they act really clever to achieve their target. Having this knowledge, banks try to optimize their detection systems in order to detect fraud and investigate suspect online behavior and transactions. Object of this paper is to demonstrate one successful fraud detection model which is established in Greece. Apart from the offline Internet banking fraud detection system itself, which is described briefly, our scope is to present its contribution in fast and reliable detection of any \"strange\" transaction including fraudulent ones.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133581038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Trust can be an important aspect for decision-making in the Internet. This paper proposes a new trust establishment model for identity management on the Internet. After discussing the challenges and opportunities of a trust model in identity management, we describe our trust model in detail. The fundamental difference to existing models (or the lack of) in identity management is the establishment of trust and evaluation of trust in this model changes over time. Leaving greater incentives to constantly seek and learn from the past behavior to influence their future. Moreover this model acknowledges the heterogeneity of service providers, and lastly this model proposes some attenuation measures to counter biased ratings in identity management scenarios.
{"title":"RATING: rigorous assessment of trust in identity management","authors":"Rajarajan Sampath, Deepak Goel","doi":"10.1109/ARES.2006.103","DOIUrl":"https://doi.org/10.1109/ARES.2006.103","url":null,"abstract":"Trust can be an important aspect for decision-making in the Internet. This paper proposes a new trust establishment model for identity management on the Internet. After discussing the challenges and opportunities of a trust model in identity management, we describe our trust model in detail. The fundamental difference to existing models (or the lack of) in identity management is the establishment of trust and evaluation of trust in this model changes over time. Leaving greater incentives to constantly seek and learn from the past behavior to influence their future. Moreover this model acknowledges the heterogeneity of service providers, and lastly this model proposes some attenuation measures to counter biased ratings in identity management scenarios.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132289955","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: