SecMon: End-to-End Quality and Security Monitoring System

The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communicating for Internet users. This also applies to Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by limited number of implementations. As a result, the lack of mandatory and widely applicable QoS and security guaranties makes the contemporary VoIP systems vulnerable to attacks and network disturbances. In this paper we are facing these issues and propose the SecMon system, which simultaneously provides a lightweight security mechanism and improves quality parameters of the call. SecMon is intended specially for VoIP service over P2P networks and its main advantage is that it provides authentication, data integrity services, adaptive QoS and (D)DoS attack detection. Moreover, the SecMon approach represents a low-bandwidth consumption solution that is transparent to the users and possesses a self-organizing capability. The above-mentioned features are accomplished mainly by utilizing two information hiding techniques: digital audio watermarking and network steganography. These techniques are used to create covert channels that serve as transport channels for lightweight QoS measurement's results. Furthermore, these metrics are aggregated in a reputation system that enables best route path selection in the P2P network. The reputation system helps also to mitigate (D)DoS attacks, maximize performance and increase transmission efficiency in the network.Comment: Paper was presented at 7th international conference IBIZA 2008: On Computer Science - Research And Applications, Poland, Kazimierz Dolny 31.01-2.02 2008; 14 pages, 5 figure

Review On : A Secure Encryption approach for Textual Data Transmission

Secure data transfer is the most important concern in today’s world. Data in transit is always in danger of getting compromised Communication of information over the Internet is rapidly increasing due to the availability of the Internet and increase in transmission speed. However, confidentiality, data security, reliability issues regarding to data transmission such as , data loss are becoming serious concerns. To fulfill the need of secure transmission of text data, we proposed algorithm in next paper. Secure data transfer is the most important concern in today’s world. Data in transit is always in danger of getting compromised

The fair dealing doctrine in respect of digital books

Copyright is essentially the right of the rightsholder of an original work to prohibit others from making or distributing unauthorised copies of his or her work. More specifically for this dissertation, when an end user deals with digital content, one of the aims of copyright becomes the balancing of the conflicting interests in ‘exclusivity’ on the one hand, and in ‘access to information’ on the other. Exclusivity is achieved by the rightsholders through technological protection measures to protect their commercial interests. Access to information is achieved where works are available to the general public without payment and technological protection measures and where the digital content is not directly marketed for commercial gain. Exclusivity and access to information are two conflicting cultures surrounding copyright in the digital era. It is submitted that unless we find a socio-economic-legal way for the dynamic coexistence of these two conflicting cultures by means of fair dealing, the culture of exclusivity will eventually dominate fair access to information. The transient nature of digital content means that rightsholders have little or no control over their works once the end user has obtained a legal digital copy of the work. The right ‘to prohibit’ end users from copying and distributing unauthorised copies is, therefore, largely meaningless unless a legal or other solution can be found to discourage end users from the unauthorised reproduction and distribution of unauthorised copies of the work. Currently, technological protection measures are used to manage such digital rights because legal permissions within the doctrine of fair dealing for works in printed (analogue) format are inadequate. It is, however, submitted that a legal solution to discourage end users from copying and distributing unauthorised copies rests on two pillars. Firstly, the solution must be embedded in state-of-the-art digital rights management systems and secondly the business model used by publishers, and academic publishers in particular, should change fundamentally from a business-to-consumer model to a business-to-business model. Empirical evidence shows that the printing of e-content will continue to be relevant far into the future. Therefore, the management of fair dealing to allow for the printing of digital content will become increasingly important at educational institutions that use e-books as prescribed course material. It is submitted that although the origination cost of print editions and e-books correspond, the relatively high retail price of e-books appears to be based on the fact that academic publishers of digital content do not have the legal or digital rights management tools to manage the challenges arising from the fair dealing doctrine. The observation that academic publishers are reluctant to grant collecting societies mandates to manage the distribution of digital content, and/or the right to manage the authorised reproduction (printing) of the digital content, supports this hypothesis. Ultimately, with technologies at our disposal, the fair use of content in digital and print format can be achieved because it should simply be cheaper to comply with copyright laws than to make unauthorised digital or printed copies of content that our society desperately needs to make South Africa a winning nation.Mercantile LawLL. M

EFFICIENT RUNTIME SECURITY SYSTEM FOR DECENTRALISED DISTRIBUTED SYSTEMS

Distributed systems can be defined as systems that are scattered over geographical distances and provide different activities through communication, processing, data transfer and so on. Thus, increasing the cooperation, efficiency, and reliability to deal with users and data resources jointly. For this reason, distributed systems have been shown to be a promising infrastructure for most applications in the digital world. Despite their advantages, keeping these systems secure, is a complex task because of the unconventional nature of distributed systems which can produce many security problems like phishing, denial of services or eavesdropping. Therefore, adopting security and privacy policies in distributed systems will increase the trustworthiness between the users and these systems. However, adding or updating security is considered one of the most challenging concerns and this relies on various security vulnerabilities which existing in distributed systems. The most significant one is inserting or modifying a new security concern or even removing it according to the security status which may appear at runtime. Moreover, these problems will be exacerbated when the system adopts the multi-hop concept as a way to deal with transmitting and processing information. This can pose many significant security challenges especially if dealing with decentralized distributed systems and the security must be furnished as end-to-end. Unfortunately, existing solutions are insufficient to deal with these problems like CORBA which is considered a one-to-one relationship only, or DSAW which deals with end-to-end security but without taking into account the possibility of changing information sensitivity during runtime. This thesis provides a proposed mechanism for enforcing security policies and dealing with distributed systems’ security weakness in term of the software perspective. The proposed solution utilised Aspect-Oriented Programming (AOP), to address security concerns during compilation and running time. The proposed solution is based on a decentralized distributed system that adopts the multi-hop concept to deal with different requested tasks. The proposed system focused on how to achieve high accuracy, data integrity and high efficiency of the distributed system in real time. This is done through modularising the most efficient security solutions, Access Control and Cryptography, by using Aspect-Oriented Programming language. The experiments’ results show the proposed solution overcomes the shortage of the existing solutions by fully integrating with the decentralized distributed system to achieve dynamic, high cooperation, high performance and end-to-end holistic security

SciTech News- 69(2)-2015

Columns and Reports From the Editor..........................................5 SciTech News Call for Articles.......................5 Division News Science-Technology Division.........................6 Chemistry Division.................................... 15 Engineering Division................................. 21 Aerospace Section of the Engineering Division................... 25 Architecture, Building Engineering, Construction and Design Section of the Engineering Division................... 26 Award & Other Announcements Stacey Mantooth Receives 2015 Marion E. Sparks Award for Professional Development...................................... 17 Engineering Division Awards Recipients....... 24 Engineering Division Mentoring Program...... 26 Conference Reports Post International Chemical Congress Report Held in Malaysia and Vietnam 2014, by Malarvili Ramalingam, PhD............... 18 Reviews Sci-Tech Book News Reviews...................... 2

Strategies for Unbridled Data Dissemination: An Emergency Operations Manual

This project is a study of free data dissemination and impediments to it. Drawing upon post-structuralism, Actor Network Theory, Participatory Action Research, and theories of the political stakes of the posthuman by way of Stirnerian egoism and illegalism, the project uses a number of theoretical, technical and legal texts to develop a hacker methodology that emphasizes close analysis and disassembly of existent systems of content control. Specifically, two tiers of content control mechanisms are examined: a legal tier, as exemplified by Intellectual Property Rights in the form of copyright and copyleft licenses, and a technical tier in the form of audio, video and text-based watermarking technologies. A series of demonstrative case studies are conducted to further highlight various means of content distribution restriction. A close reading of a copyright notice is performed in order to examine its internal contradictions. Examples of watermarking employed by academic e-book and journal publishers and film distributors are also examined and counter-forensic techniques for removing such watermarks are developed. The project finds that both legal and technical mechanisms for restricting the flow of content can be countervailed, which in turn leads to the development of different control mechanisms and in turn engenders another wave of evasion procedures. The undertaken methodological approach thus leads to the discovery of on-going mutation and adaptation of in-between states of resistance. Finally, an analysis of various existent filesharing applications is performed, and a new Tor-based BitTorrent tracker is set up to strengthen the anonymization of established filesharing methods. It is found that there exist potential de-anonymization attacks against all analyzed file-sharing tools, with potentially more secure filesharing options also seeing less user adoption

Faculty Publications and Creative Works 2004

Faculty Publications & Creative Works is an annual compendium of scholarly and creative activities of University of New Mexico faculty during the noted calendar year. Published by the Office of the Vice President for Research and Economic Development, it serves to illustrate the robust and active intellectual pursuits conducted by the faculty in support of teaching and research at UNM