Pub Date : 2011-06-23DOI: 10.1109/ROEDUNET.2011.5993696
F. B. Manolache, W. McDowell, O. Rusu
User management is one of the most time consuming tasks for administrators of large networks. This paper presents some techniques developed at Carnegie Mellon University to improve handling of accounts and access rights in a corporate environment. Directory information is typically handled by a hierarchy of LDAP servers maintained by different support groups on different administrative levels, from corporate to department. Optimization of information flow between these levels can be achieved by minimizing the need for communication between different support groups, and by reusing the data provided by the higher levels for automatic configuration of the lower levels. The method described here for achieving this goal is to trickle down user information from the higher to the lower administrative levels using successive cache mechanisms. This technique can be applied between different levels of LDAP servers (corporate, departmental, group), as well as for end-user computers. To preserve the flexibility of the configuration and the autonomy of the lower levels, the information stored by the LDAP server that's the closest to the end-user computer should have the highest precedence. By implementing the techniques described here, user management became more efficient, especially for automatically creating new accounts on end-user computers, expanding the number of local authenticated services, and granting local access rights for users.
{"title":"Directory cache techniques for efficient user management","authors":"F. B. Manolache, W. McDowell, O. Rusu","doi":"10.1109/ROEDUNET.2011.5993696","DOIUrl":"https://doi.org/10.1109/ROEDUNET.2011.5993696","url":null,"abstract":"User management is one of the most time consuming tasks for administrators of large networks. This paper presents some techniques developed at Carnegie Mellon University to improve handling of accounts and access rights in a corporate environment. Directory information is typically handled by a hierarchy of LDAP servers maintained by different support groups on different administrative levels, from corporate to department. Optimization of information flow between these levels can be achieved by minimizing the need for communication between different support groups, and by reusing the data provided by the higher levels for automatic configuration of the lower levels. The method described here for achieving this goal is to trickle down user information from the higher to the lower administrative levels using successive cache mechanisms. This technique can be applied between different levels of LDAP servers (corporate, departmental, group), as well as for end-user computers. To preserve the flexibility of the configuration and the autonomy of the lower levels, the information stored by the LDAP server that's the closest to the end-user computer should have the highest precedence. By implementing the techniques described here, user management became more efficient, especially for automatically creating new accounts on end-user computers, expanding the number of local authenticated services, and granting local access rights for users.","PeriodicalId":277269,"journal":{"name":"2011 RoEduNet International Conference 10th Edition: Networking in Education and Research","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132424514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-23DOI: 10.1109/ROEDUNET.2011.5993714
S. Costea, V. Dumitrescu, R. Rughinis, M. Bucicoiu
Virtualization technologies have grown steadily in the testing and educational environments, owing to their low costs for deploying a wide variety of scenarios. Many applications that provide network node virtualization face scalability problems when larger topologies are created because of their high memory and processing requirements. Although such applications offer methods for load distribution on multiple machines, the distribution must be manually set up through a cumbersome and error prone process. The miriaPOD distributed virtualization application provides an easy to use graphical topology editor that relies on a broker service to deploy virtual network nodes on multiple machines. The extensibility and scalability of the project enables its use for assessing migration scenarios and running network technologies harmonization tests. We also propose integration possibilities with the Moodle platform, positioning the miriaPOD infrastructure as a vital tool for testing and teaching networking concepts.
{"title":"MiriaPOD A distributed solution for virtual network topologies management","authors":"S. Costea, V. Dumitrescu, R. Rughinis, M. Bucicoiu","doi":"10.1109/ROEDUNET.2011.5993714","DOIUrl":"https://doi.org/10.1109/ROEDUNET.2011.5993714","url":null,"abstract":"Virtualization technologies have grown steadily in the testing and educational environments, owing to their low costs for deploying a wide variety of scenarios. Many applications that provide network node virtualization face scalability problems when larger topologies are created because of their high memory and processing requirements. Although such applications offer methods for load distribution on multiple machines, the distribution must be manually set up through a cumbersome and error prone process. The miriaPOD distributed virtualization application provides an easy to use graphical topology editor that relies on a broker service to deploy virtual network nodes on multiple machines. The extensibility and scalability of the project enables its use for assessing migration scenarios and running network technologies harmonization tests. We also propose integration possibilities with the Moodle platform, positioning the miriaPOD infrastructure as a vital tool for testing and teaching networking concepts.","PeriodicalId":277269,"journal":{"name":"2011 RoEduNet International Conference 10th Edition: Networking in Education and Research","volume":"110 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124107690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-23DOI: 10.1109/ICADIWT.2011.6041421
Rohollah Karimi, M. Kalantari
With rapid growing of mobile networks and devices we can use them to send email, mobile commerce, theatre booking, etc. In such scenario, we need to Secure Communication. Secure communication is possible through encryption of data. However, most of the existent data encryption techniques are location-independent. Data encrypted with such techniques cannot restrict the location and time of data decryption. The concept of “Geoencryption” or “location-based encryption” is being developed for such a purpose. In this paper, we are going to investigate weaknesses in existing Geoencryption systems and propose some solutions for increase the safety and reliability in these systems. For this purpose we present a new geoencryption protocol that will allow mobile nodes to communicate to each other safely by restrict decoding a message in the specific location and time period. Receiver can only decrypt the ciphertext when the coordinate acquired form GPS receiver matches with the target coordinate. According to our experimental study, the approach can meet the confidentiality, authentication, simplicity, and practicability of security issues. As a result, the proposed approaches can improve the security and confidentiality in Geoencryption systems.
{"title":"Enhancing security and confidentiality in location-based data encryption algorithms","authors":"Rohollah Karimi, M. Kalantari","doi":"10.1109/ICADIWT.2011.6041421","DOIUrl":"https://doi.org/10.1109/ICADIWT.2011.6041421","url":null,"abstract":"With rapid growing of mobile networks and devices we can use them to send email, mobile commerce, theatre booking, etc. In such scenario, we need to Secure Communication. Secure communication is possible through encryption of data. However, most of the existent data encryption techniques are location-independent. Data encrypted with such techniques cannot restrict the location and time of data decryption. The concept of “Geoencryption” or “location-based encryption” is being developed for such a purpose. In this paper, we are going to investigate weaknesses in existing Geoencryption systems and propose some solutions for increase the safety and reliability in these systems. For this purpose we present a new geoencryption protocol that will allow mobile nodes to communicate to each other safely by restrict decoding a message in the specific location and time period. Receiver can only decrypt the ciphertext when the coordinate acquired form GPS receiver matches with the target coordinate. According to our experimental study, the approach can meet the confidentiality, authentication, simplicity, and practicability of security issues. As a result, the proposed approaches can improve the security and confidentiality in Geoencryption systems.","PeriodicalId":277269,"journal":{"name":"2011 RoEduNet International Conference 10th Edition: Networking in Education and Research","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133139594","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: