In this paper, we consider a problem of monopolistic information management technologies. Most service providers have an access to any information. Even though the information is really a personal data, service providers can access with it merely with the user's first subscription. A collaborative privacy management system (Co- PMS) is suggested to satisfy the requirement. In this scheme, each user will provide ones own privacy policy by using a policy creation interface. The policy negotiation engine performs collaborative process with the certain service's data disclosure policy. This architecture provides more powerful right to each user to access ones own privacy policy and personal information. It also reinforces the security because of diverse privacy policy. It will develop the privacy policy based on security systems. We also expect the encrypted privacy policy to be used as an authentication certification.
{"title":"Collaborative Privacy Management System","authors":"Injoo Jang, Wenbo Shi, H. Yoo","doi":"10.1109/ISA.2008.55","DOIUrl":"https://doi.org/10.1109/ISA.2008.55","url":null,"abstract":"In this paper, we consider a problem of monopolistic information management technologies. Most service providers have an access to any information. Even though the information is really a personal data, service providers can access with it merely with the user's first subscription. A collaborative privacy management system (Co- PMS) is suggested to satisfy the requirement. In this scheme, each user will provide ones own privacy policy by using a policy creation interface. The policy negotiation engine performs collaborative process with the certain service's data disclosure policy. This architecture provides more powerful right to each user to access ones own privacy policy and personal information. It also reinforces the security because of diverse privacy policy. It will develop the privacy policy based on security systems. We also expect the encrypted privacy policy to be used as an authentication certification.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132291086","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Currently stealth malware is becoming a major threat to the PC computers. Process hiding is the technique commonly used by stealth malware to evade detection by anti-malware scanners. On the defensive side, previous host-based approaches will be defeated once the privileged stealth malware controls a lower reach of the system. The virtual machine (VM) based solutions gain tamper resistance at the cost of losing the OS-level process view. Moreover, existing VM-based approaches cannot introspect the preinstalled OS which is just the protecting concern for PC users. In this paper, we present a new VM-based approach called Libra which accurately reproduces the software environment of the underlying preinstalled OS within the Libra VM and provides an OS-level semantic view of the processes. With our new local-booting technology, Libra VM just boots from the underlying host OS but not a newly installed OS image. Thus, Libra provides a way to detect the existing process-hiding stealth malware in the host OS. In addition, instead of depending on the guest information which is subvertable to the privileged guest malware, Libra adopts a unique technique to implicitly construct the trusted view of process list (TVPL) from within the virtualized hardware layer. Our evaluation results with real-world hiding-process rootkits, which are widely used by stealth malware, demonstrate its practicality and effectiveness.
{"title":"Implicit Detection of Hidden Processes with a Local-Booted Virtual Machine","authors":"Yan Wen, Jinjing Zhao, Huaimin Wang","doi":"10.1109/ISA.2008.22","DOIUrl":"https://doi.org/10.1109/ISA.2008.22","url":null,"abstract":"Currently stealth malware is becoming a major threat to the PC computers. Process hiding is the technique commonly used by stealth malware to evade detection by anti-malware scanners. On the defensive side, previous host-based approaches will be defeated once the privileged stealth malware controls a lower reach of the system. The virtual machine (VM) based solutions gain tamper resistance at the cost of losing the OS-level process view. Moreover, existing VM-based approaches cannot introspect the preinstalled OS which is just the protecting concern for PC users. In this paper, we present a new VM-based approach called Libra which accurately reproduces the software environment of the underlying preinstalled OS within the Libra VM and provides an OS-level semantic view of the processes. With our new local-booting technology, Libra VM just boots from the underlying host OS but not a newly installed OS image. Thus, Libra provides a way to detect the existing process-hiding stealth malware in the host OS. In addition, instead of depending on the guest information which is subvertable to the privileged guest malware, Libra adopts a unique technique to implicitly construct the trusted view of process list (TVPL) from within the virtualized hardware layer. Our evaluation results with real-world hiding-process rootkits, which are widely used by stealth malware, demonstrate its practicality and effectiveness.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123516975","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents a unified threat model for assessing threat in web applications. We extend the threat tree model with more semantic and context information about threat to form the new model which is used to analyze and evaluate threat in the software design stage. We utilize historical statistical information contained in this model to design threat mitigation schemes. The threat assessing results and mitigation schemes can be used to direct secure coding and testing. This makes it possible to design threat-resistant web applications by means of detecting and mitigating threat in the early software design stage.
{"title":"A Unified Threat Model for Assessing Threat in Web Applications","authors":"Xiaohong Li, Ke He","doi":"10.1109/ISA.2008.47","DOIUrl":"https://doi.org/10.1109/ISA.2008.47","url":null,"abstract":"This paper presents a unified threat model for assessing threat in web applications. We extend the threat tree model with more semantic and context information about threat to form the new model which is used to analyze and evaluate threat in the software design stage. We utilize historical statistical information contained in this model to design threat mitigation schemes. The threat assessing results and mitigation schemes can be used to direct secure coding and testing. This makes it possible to design threat-resistant web applications by means of detecting and mitigating threat in the early software design stage.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127746568","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Mostayed, Sikyung Kim, M.M. Gani Mazumder, Se Jin Park
Research in person identification and authentication has attracted significant attention from the researchers and scientists. This paper presents a biometric user authentication based on a person's foot step. The advantage of this recognition method over other types of biometrics is that it enables unobtrusive user authentication where other types of biometrics are not available. Firstly the ground reaction force data was extracted using force plate to gather ground reaction force for individuals. Later we utilized the discrete wavelet transform to de-noise the experimental data and in the final step, histograms were used to identify different person's foot step. The experimental results show improvements in identification accuracies compared to previously reported work.
{"title":"Foot Step Based Person Identification Using Histogram Similarity and Wavelet Decomposition","authors":"A. Mostayed, Sikyung Kim, M.M. Gani Mazumder, Se Jin Park","doi":"10.1109/ISA.2008.46","DOIUrl":"https://doi.org/10.1109/ISA.2008.46","url":null,"abstract":"Research in person identification and authentication has attracted significant attention from the researchers and scientists. This paper presents a biometric user authentication based on a person's foot step. The advantage of this recognition method over other types of biometrics is that it enables unobtrusive user authentication where other types of biometrics are not available. Firstly the ground reaction force data was extracted using force plate to gather ground reaction force for individuals. Later we utilized the discrete wavelet transform to de-noise the experimental data and in the final step, histograms were used to identify different person's foot step. The experimental results show improvements in identification accuracies compared to previously reported work.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116987546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Digital content services in pervasive computing environment provide a vast range of information and rapidly. However, in this environment where various information flow the copyright infringement problems such as modification and fraudulent use of digital content without permission of copyright holder are increased. In this paper, we proposed an original digital content authentication method to protect the intellectual property from such infringements. The proposed mechanism sets the scope of content usage and limits the access privilege to digital content by copyright holder. The modification of digital content and its usage are act of copyright infringement. That is, modification of color and resolution out of the limited scope and partial modification or extraction are part of copyright infringement. Consequently, we proposed a mechanism which proves the fact of trespass by extracting and comparing the similarity of the original and the target content.
{"title":"An Authentication Mechanism of Digital Contents in Pervasive Computing Environment","authors":"Eun-Gyeom Jang, Byoung-Soo Koh, Yong-Rak Choi","doi":"10.1109/ISA.2008.35","DOIUrl":"https://doi.org/10.1109/ISA.2008.35","url":null,"abstract":"Digital content services in pervasive computing environment provide a vast range of information and rapidly. However, in this environment where various information flow the copyright infringement problems such as modification and fraudulent use of digital content without permission of copyright holder are increased. In this paper, we proposed an original digital content authentication method to protect the intellectual property from such infringements. The proposed mechanism sets the scope of content usage and limits the access privilege to digital content by copyright holder. The modification of digital content and its usage are act of copyright infringement. That is, modification of color and resolution out of the limited scope and partial modification or extraction are part of copyright infringement. Consequently, we proposed a mechanism which proves the fact of trespass by extracting and comparing the similarity of the original and the target content.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121890210","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Multi-path fading is a significant problem in wireless communication systems. Therefore, we need a reliable system to overcome the multi-path fading. In this paper, we proposed the use of a STBC based on a STTC system to improve the reliability of wireless communication systems in multi-path fading environments. We also analyzed the performance of the proposed system and found it efficient. The proposed system was able to acquire not only a diversity gain and coding gain from the STTC system, but also a diversity gain from the STBC system without stimulating an additional channel bandwidth. Furthermore, the simulation results matched the theoretical Chernoff upper bound well, particularly in the high Eb/N0.
{"title":"Performance Analysis of STBC Based on STTC System","authors":"Chul-Gyu Kang, Chang-Heon Oh","doi":"10.1109/ISA.2008.81","DOIUrl":"https://doi.org/10.1109/ISA.2008.81","url":null,"abstract":"Multi-path fading is a significant problem in wireless communication systems. Therefore, we need a reliable system to overcome the multi-path fading. In this paper, we proposed the use of a STBC based on a STTC system to improve the reliability of wireless communication systems in multi-path fading environments. We also analyzed the performance of the proposed system and found it efficient. The proposed system was able to acquire not only a diversity gain and coding gain from the STTC system, but also a diversity gain from the STBC system without stimulating an additional channel bandwidth. Furthermore, the simulation results matched the theoretical Chernoff upper bound well, particularly in the high Eb/N0.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128313023","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hyogun Yoon, Eungyeong Kim, Malrey Lee, Jeawan Lee, T. Gatton
In order to provide users with intelligent services, ubiquitous computing needs to make user situation analysis in consideration of users' mobility. Thus, this paper defines context structure for recognizing dynamic changes in users' environment and proposes a model of multi-agent for processing users' context. The proposed context structure distinguishes between dynamic and static contexts according to the volume of context change, and defines communication protocols among agents. By doing so, the user can get service for own in dynamic environment.
{"title":"A Model of Sharing Based Multi-Agent to Support Adaptive Service in Ubiquitous Environment","authors":"Hyogun Yoon, Eungyeong Kim, Malrey Lee, Jeawan Lee, T. Gatton","doi":"10.1109/ISA.2008.64","DOIUrl":"https://doi.org/10.1109/ISA.2008.64","url":null,"abstract":"In order to provide users with intelligent services, ubiquitous computing needs to make user situation analysis in consideration of users' mobility. Thus, this paper defines context structure for recognizing dynamic changes in users' environment and proposes a model of multi-agent for processing users' context. The proposed context structure distinguishes between dynamic and static contexts according to the volume of context change, and defines communication protocols among agents. By doing so, the user can get service for own in dynamic environment.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128932873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Power company have been operated the automation system for relaying and supervisory controls by using public communication network. But these systems must have the strictest requirements of communication. For these reasons, there are a lot of difficulties to apply to the automation system considering the cost, location environment, and other characteristics of power lines. But, recently, the existing power line can be used as communication media by using power line communication (PLC). PLC can be adopted as a main communication means, and other wired/wireless can be adopted as second means. In order to this, the high voltage PLC have to be used as a long distance communication network. In our study, in case of accidents, we suggest the intelligent Compound Communication System for optimal roundabout routes in communication network, and verified its performance and reliability in the real test field.
{"title":"A Study on the Compound Communication Network over the High Voltage Power Line for Distribution Automation System","authors":"D. Hyun, Younghun Lee","doi":"10.1109/ISA.2008.28","DOIUrl":"https://doi.org/10.1109/ISA.2008.28","url":null,"abstract":"Power company have been operated the automation system for relaying and supervisory controls by using public communication network. But these systems must have the strictest requirements of communication. For these reasons, there are a lot of difficulties to apply to the automation system considering the cost, location environment, and other characteristics of power lines. But, recently, the existing power line can be used as communication media by using power line communication (PLC). PLC can be adopted as a main communication means, and other wired/wireless can be adopted as second means. In order to this, the high voltage PLC have to be used as a long distance communication network. In our study, in case of accidents, we suggest the intelligent Compound Communication System for optimal roundabout routes in communication network, and verified its performance and reliability in the real test field.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133688362","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Ahamed, F. Rahman, E. Hoque, F. Kawsar, T. Nakajima
For RFID tags to proliferate in our day to day life, they will have to offer practical, low cost and secured mechanisms for tag authentication which has been in the midst of researcher's interest for almost a decade. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue. In this paper we propose a lightweight and serverless RFID tag searching protocol. This protocol can search a particular tag efficiently without server's intervention. Furthermore they are secured against major security threats.
{"title":"S3PR: Secure Serverless Search Protocols for RFID","authors":"S. Ahamed, F. Rahman, E. Hoque, F. Kawsar, T. Nakajima","doi":"10.1109/ISA.2008.70","DOIUrl":"https://doi.org/10.1109/ISA.2008.70","url":null,"abstract":"For RFID tags to proliferate in our day to day life, they will have to offer practical, low cost and secured mechanisms for tag authentication which has been in the midst of researcher's interest for almost a decade. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue. In this paper we propose a lightweight and serverless RFID tag searching protocol. This protocol can search a particular tag efficiently without server's intervention. Furthermore they are secured against major security threats.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127290523","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sungju Lee, Daesung Moon, Hanna Choi, Yongwha Chung
One of the solutions to the auto-alignment problem in the fuzzy fingerprint vault exploited the idea of the geometric hashing technique. Although this solution can provide higher verification accuracy, it requires more memory space due to the large size of the hash table. In this paper, we propose an approach to reduce the size of the hash table by using the time-memory tradeoff without sacrificing the verification accuracy. That is, instead of generating the full hash table at the enrollment phase, our approach generates the enrollment hash table "on-the-fly" at the verification phase. The size of the hash table can be reduced further by selecting the basis set carefully. Based on the experimental results, we confirm that the proposed approach can reduce both the static and the dynamic memory requirements without sacrificing both the verification accuracy and the security level.
{"title":"Memory-Efficient Fuzzy Fingerprint Vault based on the Geometric Hashing","authors":"Sungju Lee, Daesung Moon, Hanna Choi, Yongwha Chung","doi":"10.1109/ISA.2008.60","DOIUrl":"https://doi.org/10.1109/ISA.2008.60","url":null,"abstract":"One of the solutions to the auto-alignment problem in the fuzzy fingerprint vault exploited the idea of the geometric hashing technique. Although this solution can provide higher verification accuracy, it requires more memory space due to the large size of the hash table. In this paper, we propose an approach to reduce the size of the hash table by using the time-memory tradeoff without sacrificing the verification accuracy. That is, instead of generating the full hash table at the enrollment phase, our approach generates the enrollment hash table \"on-the-fly\" at the verification phase. The size of the hash table can be reduced further by selecting the basis set carefully. Based on the experimental results, we confirm that the proposed approach can reduce both the static and the dynamic memory requirements without sacrificing both the verification accuracy and the security level.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133288681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: