CAFE (collaborative agents for filtering e-mails) is a multiagent system to collaboratively filter spam from users' mail stream. CAFE associates a proxy agent with each user, and this agent represents a sort of interface between the user's e-mail client (i.e. Microsoft Outlook, Eudora, etc.) and the e-mail server. With the support of other types of agents, the proxy agent makes a classification of new messages into three categories: ham (good messages), spam and spam-presumed. The system analyzes every single e-mail using essentially three kinds of approach: a first approach based on the usage of a hash function, a static approach using DNSBL (DNS-based black lists) databases and a dynamic approach based on a Bayesian algorithm.
{"title":"CAFE - collaborative agents for filtering e-mails","authors":"Lorenzo Lazzari, M. Mari, A. Poggi","doi":"10.1109/WETICE.2005.23","DOIUrl":"https://doi.org/10.1109/WETICE.2005.23","url":null,"abstract":"CAFE (collaborative agents for filtering e-mails) is a multiagent system to collaboratively filter spam from users' mail stream. CAFE associates a proxy agent with each user, and this agent represents a sort of interface between the user's e-mail client (i.e. Microsoft Outlook, Eudora, etc.) and the e-mail server. With the support of other types of agents, the proxy agent makes a classification of new messages into three categories: ham (good messages), spam and spam-presumed. The system analyzes every single e-mail using essentially three kinds of approach: a first approach based on the usage of a hash function, a static approach using DNSBL (DNS-based black lists) databases and a dynamic approach based on a Bayesian algorithm.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116915827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Web browsers, Web servers, Java application servers and OSGi frameworks are all instances of Java execution environments that tun more or less untrusted Java applications. In all these environments, Java applications can come from different sources. Consequently, application developers rarely know which other applications exist in the target Java execution environment. This paper investigates the requirements that need to be imposed on such a container from a security point of view and how the requirements have been implemented by different Java application containers. More specifically, we show a general risk analysis considering assets, threats and vulnerabilities of a Java container. This risk analysis exposes generic Java security problems and leads to a set of security requirements. These security requirements are then used to evaluate the security architecture of existing Java containers for Java applications, applets, servlets, OSGi bundles, and Enterprise Java Beans. For comparison, the requirements are also examined for a C++ application.
{"title":"An evaluation of Java application containers according to security requirements","authors":"Almut Herzog, N. Shahmehri","doi":"10.1109/WETICE.2005.18","DOIUrl":"https://doi.org/10.1109/WETICE.2005.18","url":null,"abstract":"Web browsers, Web servers, Java application servers and OSGi frameworks are all instances of Java execution environments that tun more or less untrusted Java applications. In all these environments, Java applications can come from different sources. Consequently, application developers rarely know which other applications exist in the target Java execution environment. This paper investigates the requirements that need to be imposed on such a container from a security point of view and how the requirements have been implemented by different Java application containers. More specifically, we show a general risk analysis considering assets, threats and vulnerabilities of a Java container. This risk analysis exposes generic Java security problems and leads to a set of security requirements. These security requirements are then used to evaluate the security architecture of existing Java containers for Java applications, applets, servlets, OSGi bundles, and Enterprise Java Beans. For comparison, the requirements are also examined for a C++ application.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129726962","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which specifies security properties in a library that can be re-used by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The flexible modeling framework (FMF) is a model based verification instrument that uses Promela and the SPIN model checker. The property based tester (PET) uses TASPEC and a test execution monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles. These instruments are currently being piloted with a COTS server-agent application.
{"title":"Application of lightweight formal methods to software security","authors":"D. Gilliam, J. Powell, M. Bishop","doi":"10.1109/WETICE.2005.19","DOIUrl":"https://doi.org/10.1109/WETICE.2005.19","url":null,"abstract":"Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which specifies security properties in a library that can be re-used by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The flexible modeling framework (FMF) is a model based verification instrument that uses Promela and the SPIN model checker. The property based tester (PET) uses TASPEC and a test execution monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles. These instruments are currently being piloted with a COTS server-agent application.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124698164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper describes the new features implemented in WebSPN, a modeling tool for the analysis of non-Markovian stochastic Petri nets. WebSPN adopts a discretization of time and an approximation of non-exponentially distributed firing time transitions by means of the phase type distribution. To improve the MPICH parallel implementation of this algorithm, in this paper we describe the porting of WebSPN from the MPI to the grid computational paradigm. Besides a better flexibility in accessing computational and storage resources, one of the main advantages is the introduction of a fault recovery system to detect and recover from eventual machine faults. The resulting new tool is named GridSPN.
{"title":"GridSPN: a grid-based non Markovian Petri nets tool","authors":"S. Distefano, A. Puliafito, M. Scarpa","doi":"10.1109/WETICE.2005.39","DOIUrl":"https://doi.org/10.1109/WETICE.2005.39","url":null,"abstract":"This paper describes the new features implemented in WebSPN, a modeling tool for the analysis of non-Markovian stochastic Petri nets. WebSPN adopts a discretization of time and an approximation of non-exponentially distributed firing time transitions by means of the phase type distribution. To improve the MPICH parallel implementation of this algorithm, in this paper we describe the porting of WebSPN from the MPI to the grid computational paradigm. Besides a better flexibility in accessing computational and storage resources, one of the main advantages is the introduction of a fault recovery system to detect and recover from eventual machine faults. The resulting new tool is named GridSPN.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129887742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The role-based access control (RBAC) model is one of the policies used to access control in information systems for enterprises. The RBAC model is a powerful technology for managing and enforcing security in large-scale, enterprise-wide systems. Many implementations of this model, including the RBAC96 model, have been already proposed. This paper presents an extension of the standard RBAC model together with its implementation using the Unified Modeling Language (UML). The presented model is developed for the role engineering in the security of information system. In the paper, the union of the RBAC model, which controls access in the information system, and the UML language, i.e. a unified method of object analysis and design, is proposed. The presented approach of the RBAC model consists in role creation via defining appropriate permissions. The entire procedure is performed in two stages; first permissions assigned to a function are defined, and then definitions of functions assigned to a particular role are provided.
{"title":"Role engineering of information system using extended RBAC model","authors":"A. Poniszewska-Marańda","doi":"10.1109/WETICE.2005.50","DOIUrl":"https://doi.org/10.1109/WETICE.2005.50","url":null,"abstract":"The role-based access control (RBAC) model is one of the policies used to access control in information systems for enterprises. The RBAC model is a powerful technology for managing and enforcing security in large-scale, enterprise-wide systems. Many implementations of this model, including the RBAC96 model, have been already proposed. This paper presents an extension of the standard RBAC model together with its implementation using the Unified Modeling Language (UML). The presented model is developed for the role engineering in the security of information system. In the paper, the union of the RBAC model, which controls access in the information system, and the UML language, i.e. a unified method of object analysis and design, is proposed. The presented approach of the RBAC model consists in role creation via defining appropriate permissions. The entire procedure is performed in two stages; first permissions assigned to a function are defined, and then definitions of functions assigned to a particular role are provided.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126706096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Detecting massive network events like worm outbreaks in fast IP networks such as Internet backbones, is hard. One problem is that the amount of traffic data does not allow real-time analysis of details. Another problem is that the specific characteristics of these events are not known in advance. There is a need for analysis methods that are real-time capable and can handle large amounts of traffic data. We have developed an entropy-based approach that determines and reports entropy contents of traffic parameters such as IP addresses. Changes in the entropy content indicate a massive network event. We give analyses on two Internet worms as proof-of-concept. While our primary focus is detection of fast worms, our approach should also be able to detect other network events. We discuss implementation alternatives and give benchmark results. We also show that our approach scales very well.
{"title":"Entropy based worm and anomaly detection in fast IP networks","authors":"A. Wagner, B. Plattner","doi":"10.1109/WETICE.2005.35","DOIUrl":"https://doi.org/10.1109/WETICE.2005.35","url":null,"abstract":"Detecting massive network events like worm outbreaks in fast IP networks such as Internet backbones, is hard. One problem is that the amount of traffic data does not allow real-time analysis of details. Another problem is that the specific characteristics of these events are not known in advance. There is a need for analysis methods that are real-time capable and can handle large amounts of traffic data. We have developed an entropy-based approach that determines and reports entropy contents of traffic parameters such as IP addresses. Changes in the entropy content indicate a massive network event. We give analyses on two Internet worms as proof-of-concept. While our primary focus is detection of fast worms, our approach should also be able to detect other network events. We discuss implementation alternatives and give benchmark results. We also show that our approach scales very well.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123879716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents a conceptual framework for the understanding of collaborative systems evaluation. Based on previous research, a conceptual framework for understanding collaborative system evaluation is introduced using the lifecycle based approach. This concept is supported through a follow up evaluation activity within the DIECoM project (Distributed Integrated Environment for Configuration Management), an EC Framework V project. Consequently, the issues are identified from the findings of the follow up as needing further investigation.
{"title":"A conceptual framework for understanding collaborative systems evaluation","authors":"Josie P. H. Huang","doi":"10.1109/WETICE.2005.5","DOIUrl":"https://doi.org/10.1109/WETICE.2005.5","url":null,"abstract":"This paper presents a conceptual framework for the understanding of collaborative systems evaluation. Based on previous research, a conceptual framework for understanding collaborative system evaluation is introduced using the lifecycle based approach. This concept is supported through a follow up evaluation activity within the DIECoM project (Distributed Integrated Environment for Configuration Management), an EC Framework V project. Consequently, the issues are identified from the findings of the follow up as needing further investigation.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114715632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Traditionally, the authentication protocols for cellular phone networks have been designed for device authentication rather than user authentication, which brings certain limitations and restrictions on the functionality of the system. In this paper, we propose a user authentication protocol for the global standards for mobile (GSM) which permits the use of weak secrets (e.g. passwords or PINs) for authentication, providing new flexibilities for the GSM users.
{"title":"A strong user authentication protocol for GSM","authors":"Özer Aydemir, A. Selçuk","doi":"10.1109/WETICE.2005.12","DOIUrl":"https://doi.org/10.1109/WETICE.2005.12","url":null,"abstract":"Traditionally, the authentication protocols for cellular phone networks have been designed for device authentication rather than user authentication, which brings certain limitations and restrictions on the functionality of the system. In this paper, we propose a user authentication protocol for the global standards for mobile (GSM) which permits the use of weak secrets (e.g. passwords or PINs) for authentication, providing new flexibilities for the GSM users.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127770289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Policy-based messaging (PBM) aims at carrying security policies with messages, which will be enforced at recipient systems to provide security features. PBM promotes a distributed mechanism for secure messaging. The openness of computing environments challenges the PBM model due to the varying trust relations between the different systems and their different behaviour. This paper present a design of a trust infrastructure which is developed based on a public key infrastructure. The trust infrastructure publishes policy enforcement information about the messaging systems, and engenders trust through consistent and mandatory policy enforcement by the systems. It incorporates policy-based management mechanisms to provide flexible and customised messaging services. Secure messaging is achieved by defining security related policies and confining messaging systems' behaviour to defined security constraints. The process of PBM is also described, including publishing certificates, sending messages, accessing messages, and enforcing policies.
{"title":"Trust infrastructure for policy based messaging in open environments","authors":"Gansen Zhao, D. Chadwick","doi":"10.1109/WETICE.2005.60","DOIUrl":"https://doi.org/10.1109/WETICE.2005.60","url":null,"abstract":"Policy-based messaging (PBM) aims at carrying security policies with messages, which will be enforced at recipient systems to provide security features. PBM promotes a distributed mechanism for secure messaging. The openness of computing environments challenges the PBM model due to the varying trust relations between the different systems and their different behaviour. This paper present a design of a trust infrastructure which is developed based on a public key infrastructure. The trust infrastructure publishes policy enforcement information about the messaging systems, and engenders trust through consistent and mandatory policy enforcement by the systems. It incorporates policy-based management mechanisms to provide flexible and customised messaging services. Secure messaging is achieved by defining security related policies and confining messaging systems' behaviour to defined security constraints. The process of PBM is also described, including publishing certificates, sending messages, accessing messages, and enforcing policies.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132541812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Securities Technologies (ST) Workshop was formerly called the Enterprise Security (ES) Workshop. The name was changed to reflect better a more comprehensive name to the topics being discussed which ranged beyond just security in and for the enterprise. The Workshop deals with topics that span multiple enterprises, including Peer to Peer (P2P), Grid Computing, security of large-scale backbones, software security, et al. Consequently, it was suggested that the Workshop consider a name change to more accurately reflect the topics of the papers it was receiving and delivering. Several names were considered and Security Technologies was selected. However, the name Enterprise Security has not been dropped as it was the name under which it was organized originally.
{"title":"WETICE 2005 Tenth Securities Technologies (ST) Workshop Report (Formerly Enterprise Security (ES))","authors":"D. Gilliam","doi":"10.1109/WETICE.2005.68","DOIUrl":"https://doi.org/10.1109/WETICE.2005.68","url":null,"abstract":"The Securities Technologies (ST) Workshop was formerly called the Enterprise Security (ES) Workshop. The name was changed to reflect better a more comprehensive name to the topics being discussed which ranged beyond just security in and for the enterprise. The Workshop deals with topics that span multiple enterprises, including Peer to Peer (P2P), Grid Computing, security of large-scale backbones, software security, et al. Consequently, it was suggested that the Workshop consider a name change to more accurately reflect the topics of the papers it was receiving and delivering. Several names were considered and Security Technologies was selected. However, the name Enterprise Security has not been dropped as it was the name under which it was organized originally.","PeriodicalId":128074,"journal":{"name":"14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115530878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: