25,317 research outputs found

    Using security patterns for modelling security capabilities in a Grid OS

    Get PDF

    Enabling the Autonomic Management of Federated Identity Providers

    Get PDF
    The autonomic management of federated authorization infrastructures (federations) is seen as a means for improving the monitoring and use of a service provider’s resources. However, federations are comprised of independent management domains with varying scopes of control and data ownership. The focus of this paper is on the autonomic management of federated identity providers by service providers located in other domains, when the identity providers have been diagnosed as the source of abuse. In particular, we describe how an autonomic controller, external to the domain of the identity provider, exercises control over the issuing of privilege attributes. The paper presents a conceptual design and implementation of an effector for an identity provider that is capable of enabling cross-domain autonomic management. The implementation of an effector for a SimpleSAMLphp identity provider is evaluated by demonstrating how an autonomic controller, together with the effector, is capable of responding to malicious abuse

    Designing a Virtual Center for E-Commerce

    Get PDF
    In the actual context of developing digital services, the promotion of a system that manages multiple e-commerce sites can be extremely valuable in increasing the economic effects for the companies. This paper presents the current stage of the experimental system design and implementation, an open system website-based (called Single Way for E-Commerce - SWEC) having the goal to collaborate with many database servers of the companies that offer e-commerce sevices and also to interract with electronic payment and e-administration systems. This new approach allows the clients, after them authentication, to navigate on e-commerce websites and search different products, grouping on domains, companies and geographic areas. SWEC System will offer to the customer the opportunity to visualize and compare similar products, to order and receive a single invoice for all the products he wants to buy.E-Commerce, Database-driven site, Open system, Server Side Programming

    OS diversity for intrusion tolerance: Myth or reality?

    Get PDF
    One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper we present a study with operating systems (OS) vulnerability data from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OSes over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSes. Hence, our analysis provides a strong indication that building a system with diverse OSes may be a useful technique to improve its intrusion tolerance capabilities

    Designing a Virtual Center for E-Commerce

    Get PDF
    In the actual context of developing digital services, the promotion of a system that manages multiple e-commerce sites can be extremely valuable in increasing the economic effects for the companies. This paper presents the current stage of the experimental system design and implementation, an open system website-based (called Single Way for E-Commerce - SWEC) having the goal to collaborate with many database servers of the companies that offer e-commerce sevices and also to interract with electronic payment and e-administration systems. This new approach allows the clients, after them authentication, to navigate on e-commerce websites and search different products, grouping on domains, companies and geographic areas. SWEC System will offer to the customer the opportunity to visualize and compare similar products, to order and receive a single invoice for all the products he wants to buy.E-Commerce, Database-driven site, Open system, Server Side Programming
    corecore