79,168 research outputs found
Integrating security solutions to support nanoCMOS electronics research
The UK Engineering and Physical Sciences Research Council (EPSRC) funded Meeting the Design Challenges of nanoCMOS Electronics (nanoCMOS) is developing a research infrastructure for collaborative electronics research across multiple institutions in the UK with especially strong industrial and commercial involvement. Unlike other domains, the electronics industry is driven by the necessity of protecting the intellectual property of the data, designs and software associated with next generation electronics devices and therefore requires fine-grained security. Similarly, the project also demands seamless access to large scale high performance compute resources for atomic scale device simulations and the capability to manage the hundreds of thousands of files and the metadata associated with these simulations. Within this context, the project has explored a wide range of authentication and authorization infrastructures facilitating compute resource access and providing fine-grained security over numerous distributed file stores and files. We conclude that no single security solution meets the needs of the project. This paper describes the experiences of applying X.509-based certificates and public key infrastructures, VOMS, PERMIS, Kerberos and the Internet2 Shibboleth technologies for nanoCMOS security. We outline how we are integrating these solutions to provide a complete end-end security framework meeting the demands of the nanoCMOS electronics domain
Comprehensive Security Framework for Global Threats Analysis
Cyber criminality activities are changing and becoming more and more professional. With the growth of financial flows through the Internet and the Information System (IS), new kinds of thread arise involving complex scenarios spread within multiple IS components. The IS information modeling and Behavioral Analysis are becoming new solutions to normalize the IS information and counter these new threads. This paper presents a framework which details the principal and necessary steps for monitoring an IS. We present the architecture of the framework, i.e. an ontology of activities carried out within an IS to model security information and User Behavioral analysis. The results of the performed experiments on real data show that the modeling is effective to reduce the amount of events by 91%. The User Behavioral Analysis on uniform modeled data is also effective, detecting more than 80% of legitimate actions of attack scenarios
Options for Securing RTP Sessions
The Real-time Transport Protocol (RTP) is used in a large number of
different application domains and environments. This heterogeneity
implies that different security mechanisms are needed to provide
services such as confidentiality, integrity, and source
authentication of RTP and RTP Control Protocol (RTCP) packets
suitable for the various environments. The range of solutions makes
it difficult for RTP-based application developers to pick the most
suitable mechanism. This document provides an overview of a number
of security solutions for RTP and gives guidance for developers on
how to choose the appropriate security mechanism
Detecting and Refactoring Operational Smells within the Domain Name System
The Domain Name System (DNS) is one of the most important components of the
Internet infrastructure. DNS relies on a delegation-based architecture, where
resolution of names to their IP addresses requires resolving the names of the
servers responsible for those names. The recursive structures of the inter
dependencies that exist between name servers associated with each zone are
called dependency graphs. System administrators' operational decisions have far
reaching effects on the DNSs qualities. They need to be soundly made to create
a balance between the availability, security and resilience of the system. We
utilize dependency graphs to identify, detect and catalogue operational bad
smells. Our method deals with smells on a high-level of abstraction using a
consistent taxonomy and reusable vocabulary, defined by a DNS Operational
Model. The method will be used to build a diagnostic advisory tool that will
detect configuration changes that might decrease the robustness or security
posture of domain names before they become into production.Comment: In Proceedings GaM 2015, arXiv:1504.0244
- …