Sand-box security model is extremely useful for secure execution of untrusted applications. Many sand-box model based security systems proposed so far provide security by intercepting system calls invoked by applications and controlling their execution. However, a problem in existing sand-box based systems is the amount of overhead required for security checks performed after system call interception. In addition, it is difficult for computer novices to manage their security systems because the system settings are complex. In this paper, a function was proposed and implemented to monitor only the file access in Microsoft Windows environment. Test result shows that this function could protect files from unallowed access and then minimize the overhead of application execution time.
{"title":"A Case Study: File Access Privacy Control Using Filter Hook Driver","authors":"A. He, T. Ohdaira","doi":"10.1109/ISPA.2009.61","DOIUrl":"https://doi.org/10.1109/ISPA.2009.61","url":null,"abstract":"Sand-box security model is extremely useful for secure execution of untrusted applications. Many sand-box model based security systems proposed so far provide security by intercepting system calls invoked by applications and controlling their execution. However, a problem in existing sand-box based systems is the amount of overhead required for security checks performed after system call interception. In addition, it is difficult for computer novices to manage their security systems because the system settings are complex. In this paper, a function was proposed and implemented to monitor only the file access in Microsoft Windows environment. Test result shows that this function could protect files from unallowed access and then minimize the overhead of application execution time.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132712760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Amadou Baba Bagayoko, B. Paillassa, Cláudia Betous-Almeida
Redundancy is the key notion to bring robustness in the highly dynamic environment of the ad hoc network. Traditionally, the reactive MANET routing protocol brings repair process after a route failure, on the contrary, the multipath routing protocol proposes redundancy on a prefailure scheme so that repair of a route is done by on-the fly replacement. Another way to improve the communication resiliency is the multi-homing mechanism managed by the transport level. It is a network access redundancy that establishes multiple network accesses for a same communication. The objective of the paper is to formally prove that the integration of multihoming and multipath improves the communication reliability. At the first, we precise the ad hoc network dependability framework, and analyze the way to integrate the two levels of redundancy, at the second we evaluate the gain in communication reliability.
{"title":"Transport and Routing Redundancy for MANETs Robustness","authors":"Amadou Baba Bagayoko, B. Paillassa, Cláudia Betous-Almeida","doi":"10.1109/ISPA.2009.12","DOIUrl":"https://doi.org/10.1109/ISPA.2009.12","url":null,"abstract":"Redundancy is the key notion to bring robustness in the highly dynamic environment of the ad hoc network. Traditionally, the reactive MANET routing protocol brings repair process after a route failure, on the contrary, the multipath routing protocol proposes redundancy on a prefailure scheme so that repair of a route is done by on-the fly replacement. Another way to improve the communication resiliency is the multi-homing mechanism managed by the transport level. It is a network access redundancy that establishes multiple network accesses for a same communication. The objective of the paper is to formally prove that the integration of multihoming and multipath improves the communication reliability. At the first, we precise the ad hoc network dependability framework, and analyze the way to integrate the two levels of redundancy, at the second we evaluate the gain in communication reliability.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133737240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
a grid portal is one of the most important ways to access grid systems. The disadvantages existing in current grid portals are that they are designed for specific applications, difficult to add new applications. Besides, the security issues are not considered fully in these portals. In this paper, we proposed a user-centric and secure grid portal architecture-USGPA based on portlet. In USGPA, a security portlet model is proposed in which security issues for sensitive data and the portal server are solved. Based on the model, the application portlet model is proposed with which new applications can be encapsulated into portal quickly. Then all portlets for high-performance computing-HPC are designed based on these two models. With these portlets, users can not only manage jobs via portal but also can custom the portal by selecting and managing the applications they required. Last but important, a prototype is implemented to evaluate the scalability, security and efficiency of the architecture.
{"title":"USGPA: A User-Centric and Secure Grid Portal Architecture for High-Performance Computing","authors":"Rongqiang Cao, Xue-bin Chi, Zongyan Cao, Zhihui Dai, Haili Xiao","doi":"10.1109/ISPA.2009.90","DOIUrl":"https://doi.org/10.1109/ISPA.2009.90","url":null,"abstract":"a grid portal is one of the most important ways to access grid systems. The disadvantages existing in current grid portals are that they are designed for specific applications, difficult to add new applications. Besides, the security issues are not considered fully in these portals. In this paper, we proposed a user-centric and secure grid portal architecture-USGPA based on portlet. In USGPA, a security portlet model is proposed in which security issues for sensitive data and the portal server are solved. Based on the model, the application portlet model is proposed with which new applications can be encapsulated into portal quickly. Then all portlets for high-performance computing-HPC are designed based on these two models. With these portlets, users can not only manage jobs via portal but also can custom the portal by selecting and managing the applications they required. Last but important, a prototype is implemented to evaluate the scalability, security and efficiency of the architecture.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130120545","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Based on an analysis of related work about time exception in workflow, an algorithm for time exception handling of temporal workflow is presented in the paper. The algorithm is to meet the overall deadline of the case via an approach of cutting down the slack time of remaining activities, when there is a time exception. Meanwhile, details about the adjusting strategy for various kinds of routing constructions are also discussed. Finally, contrast experiment is used to show the effectiveness of the algorithm.
{"title":"A Time Exception Handling Algorithm of Temporal Workflow","authors":"Ting Xie, Yang Yu, Guoshen Kuang","doi":"10.1109/ISPA.2009.79","DOIUrl":"https://doi.org/10.1109/ISPA.2009.79","url":null,"abstract":"Based on an analysis of related work about time exception in workflow, an algorithm for time exception handling of temporal workflow is presented in the paper. The algorithm is to meet the overall deadline of the case via an approach of cutting down the slack time of remaining activities, when there is a time exception. Meanwhile, details about the adjusting strategy for various kinds of routing constructions are also discussed. Finally, contrast experiment is used to show the effectiveness of the algorithm.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134561111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ali Jafari, Hosein Shafiei, Baharan Mirzasoleiman, Ghodrat Sepidnam
A deniable authentication allows the receiver to identify the source of the received messages but cannot prove it to any third party. However, the deniability of the content, which is called restricted deniability in this paper, is concerned in electronic voting and some other similar application. At present, most non-interactive deniable authentication protocols cannot resist weaken key-compromise impersonation (W-KCI) attack. To settle this problem, a non-interactive identity-based restricted deniable authentication protocol is proposed. It not only can resist W-KCI attack but also has the properties of communication flexibility. It meets the security requirements such as correctness, restricted deniability as well. Therefore, this protocol can be applied in electronic voting.
{"title":"Utility Proportional Optimization Flow Control for Overlay Multicast","authors":"Ali Jafari, Hosein Shafiei, Baharan Mirzasoleiman, Ghodrat Sepidnam","doi":"10.1109/ISPA.2009.108","DOIUrl":"https://doi.org/10.1109/ISPA.2009.108","url":null,"abstract":"A deniable authentication allows the receiver to identify the source of the received messages but cannot prove it to any third party. However, the deniability of the content, which is called restricted deniability in this paper, is concerned in electronic voting and some other similar application. At present, most non-interactive deniable authentication protocols cannot resist weaken key-compromise impersonation (W-KCI) attack. To settle this problem, a non-interactive identity-based restricted deniable authentication protocol is proposed. It not only can resist W-KCI attack but also has the properties of communication flexibility. It meets the security requirements such as correctness, restricted deniability as well. Therefore, this protocol can be applied in electronic voting.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134183544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper first described the IEEE 802.11 MAC layer access control mechanism, that is, the DCF access control mechanism, analysis the basic DCF back-off algorithm BEB. Next, we study a variety of improved BEB algorithms, and then we proposed ZDCF back-off algorithm which is an exponential-based half back-off algorithm. ZDCF is flexible, easy to implement and has excellent performance as BEB algorithms when there is small scale of nodes, while at same time avoiding the shortcomings of BEB algorithm when there is large scale of nodes.
{"title":"ZDCF: An Improved DCF Solution of IEEE 802.11","authors":"Jianli Zhang, Zhiyi Fang, Yunlong Zhang, Y. Ma","doi":"10.1109/ISPA.2009.82","DOIUrl":"https://doi.org/10.1109/ISPA.2009.82","url":null,"abstract":"This paper first described the IEEE 802.11 MAC layer access control mechanism, that is, the DCF access control mechanism, analysis the basic DCF back-off algorithm BEB. Next, we study a variety of improved BEB algorithms, and then we proposed ZDCF back-off algorithm which is an exponential-based half back-off algorithm. ZDCF is flexible, easy to implement and has excellent performance as BEB algorithms when there is small scale of nodes, while at same time avoiding the shortcomings of BEB algorithm when there is large scale of nodes.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133449736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In many scientific disciplines, the models, data and methods used to produce results have significant commercial value. Researchers in these sectors are often unwilling to exploit the full potential of grid computing because there remains a `trust gap' between their security requirements and present solutions. We describe two trustable architectures, one applicable for a computational grid and the other for a data grid. Both allow the participants to verify the security configurations of others as well as report their own through a remote configuration management service. The grid jobs are dispatched to only those trustworthy, and guaranteed to run in protected execution environments. Furthermore, our trustworthy analysis server enables statistical analyses to be performed on sensitive raw data --- collected from multiple domains --- without disclosing it to anyone.
{"title":"Towards a Trustable Virtual Organisation","authors":"J. Huh, Andrew P. Martin","doi":"10.1109/ISPA.2009.72","DOIUrl":"https://doi.org/10.1109/ISPA.2009.72","url":null,"abstract":"In many scientific disciplines, the models, data and methods used to produce results have significant commercial value. Researchers in these sectors are often unwilling to exploit the full potential of grid computing because there remains a `trust gap' between their security requirements and present solutions. We describe two trustable architectures, one applicable for a computational grid and the other for a data grid. Both allow the participants to verify the security configurations of others as well as report their own through a remote configuration management service. The grid jobs are dispatched to only those trustworthy, and guaranteed to run in protected execution environments. Furthermore, our trustworthy analysis server enables statistical analyses to be performed on sensitive raw data --- collected from multiple domains --- without disclosing it to anyone.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122037759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Kun-Ming Yu, Ming-Gong Lee, Chien-Tung Liao, Hung-Jui Lin
Application of Automated Material Handling System (AMHS) to the semiconductor manufacturing factories is one of the most important steps in the automation process of semiconductor business. All cassettes in the vehicle of the transportation facility can send their positioning information through this system. Nevertheless, some positioning information may still be interfered or get lost if there is any relocation of the cassette inside the effective ranges of AMHS by operators. In order to retrieve these lost cassettes only manpower is possible, and the relocation process is time wasting and inefficient. In this paper, we have implemented a Clean Room Real-Time Location-aware System (CRRLS) that is based on the technology of RFID (Radio Frequency Identification). The proposed system can reveal the positioning information of the cassette in the clean room by analyzing the received radio frequency energy information. Moreover, we establish a transmitting model of radio signal, and used this model to estimate distance between RFID tag and readers. A triangular positioning algorithm is developed to estimate the location and its 2-dimensional coordinate of the cassette. Furthermore, reusable RFID tags can save additional information sent by the transceivers and data of parameters for the production process to reduce the possibility of severe damage because of wrong parameters setting. As a result, competitive advantage of the semiconductor business can herewith greatly increase.
{"title":"Design and Implementation of a RFID Based Real-Time Location-Aware System in Clean Room","authors":"Kun-Ming Yu, Ming-Gong Lee, Chien-Tung Liao, Hung-Jui Lin","doi":"10.1109/ISPA.2009.84","DOIUrl":"https://doi.org/10.1109/ISPA.2009.84","url":null,"abstract":"Application of Automated Material Handling System (AMHS) to the semiconductor manufacturing factories is one of the most important steps in the automation process of semiconductor business. All cassettes in the vehicle of the transportation facility can send their positioning information through this system. Nevertheless, some positioning information may still be interfered or get lost if there is any relocation of the cassette inside the effective ranges of AMHS by operators. In order to retrieve these lost cassettes only manpower is possible, and the relocation process is time wasting and inefficient. In this paper, we have implemented a Clean Room Real-Time Location-aware System (CRRLS) that is based on the technology of RFID (Radio Frequency Identification). The proposed system can reveal the positioning information of the cassette in the clean room by analyzing the received radio frequency energy information. Moreover, we establish a transmitting model of radio signal, and used this model to estimate distance between RFID tag and readers. A triangular positioning algorithm is developed to estimate the location and its 2-dimensional coordinate of the cassette. Furthermore, reusable RFID tags can save additional information sent by the transceivers and data of parameters for the production process to reduce the possibility of severe damage because of wrong parameters setting. As a result, competitive advantage of the semiconductor business can herewith greatly increase.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125478348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Analyzed here is a fault localization approach based on directed graph in view point of business software. The fault propagation model solved the problem of obtaining the dependency relationship of faults and symptoms semi-automatically. The main idea includes: get the deployment graph of managed business from the topography of network and software environment; generate the adjacency matrix of the graph; compute the transitive closure of adjacency matrix and obtain a so-called dependency matrix; independent fault locates in the main diagonals of the dependency matrix, elements of column is fault’s symptoms domain, which are divided into immediate effect and transitive effect. In real world, those elements will denote symptoms, but the two class affected nodes have different probability of occurrence, that is, immediate symptoms can be observed more likely than transitive symptoms and symptom of fault itself is most likely observed. Based on the hypothesis, a new fault localization algorithm is proposed. The simulation results show the validity and efficiency of this fault localization approach.
{"title":"A Business-Oriented Fault Localization Approach Using Digraph","authors":"Lianzhong Liu, Chunfang Li, Yanping Zhang","doi":"10.1109/ISPA.2009.17","DOIUrl":"https://doi.org/10.1109/ISPA.2009.17","url":null,"abstract":"Analyzed here is a fault localization approach based on directed graph in view point of business software. The fault propagation model solved the problem of obtaining the dependency relationship of faults and symptoms semi-automatically. The main idea includes: get the deployment graph of managed business from the topography of network and software environment; generate the adjacency matrix of the graph; compute the transitive closure of adjacency matrix and obtain a so-called dependency matrix; independent fault locates in the main diagonals of the dependency matrix, elements of column is fault’s symptoms domain, which are divided into immediate effect and transitive effect. In real world, those elements will denote symptoms, but the two class affected nodes have different probability of occurrence, that is, immediate symptoms can be observed more likely than transitive symptoms and symptom of fault itself is most likely observed. Based on the hypothesis, a new fault localization algorithm is proposed. The simulation results show the validity and efficiency of this fault localization approach.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124067189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Personalized services provide specific services to satisfy user’s real-time requirements. How to effectively discover and organize proper Web resources is a key issue. Based on Web Knowledge Flow which is used to semantically organize and represent Web resources that are recommended to user, this paper presents a 3-way strategy of finding proper resources for a user in multi-user environment. With this strategy, generation of Web Knowledge Flow can be accomplished based on collaborative user and Semantics Link Network. First, according to the similarity degree between active user and collaborative user, collaborative user is refined to strict kind and loose kind. Secondly, user’s browsing sequence of Web resources is presented to find collaborative users and implemented in a 3-D coordinate space. Thirdly, average information entropy of semantic relationship between Web resources is presented to evaluate the similarity of users’ browsing feature. The experimental results demonstrate the validity of the method. It can be seen that the proposed method has a brilliant perspective in the applications of Web personalized services.
{"title":"Generation of Web Knowledge Flow for Personalized Services","authors":"Jie Yu, Xiangfeng Luo, Fei-yue Ye, Yong-mei Lei","doi":"10.1109/ISPA.2009.41","DOIUrl":"https://doi.org/10.1109/ISPA.2009.41","url":null,"abstract":"Personalized services provide specific services to satisfy user’s real-time requirements. How to effectively discover and organize proper Web resources is a key issue. Based on Web Knowledge Flow which is used to semantically organize and represent Web resources that are recommended to user, this paper presents a 3-way strategy of finding proper resources for a user in multi-user environment. With this strategy, generation of Web Knowledge Flow can be accomplished based on collaborative user and Semantics Link Network. First, according to the similarity degree between active user and collaborative user, collaborative user is refined to strict kind and loose kind. Secondly, user’s browsing sequence of Web resources is presented to find collaborative users and implemented in a 3-D coordinate space. Thirdly, average information entropy of semantic relationship between Web resources is presented to evaluate the similarity of users’ browsing feature. The experimental results demonstrate the validity of the method. It can be seen that the proposed method has a brilliant perspective in the applications of Web personalized services.","PeriodicalId":346815,"journal":{"name":"2009 IEEE International Symposium on Parallel and Distributed Processing with Applications","volume":"96 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122779061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: