A secure archive for Voice-over-IP conversations

An efficient archive securing the integrity of VoIP-based two-party conversations is presented. The solution is based on chains of hashes and continuously chained electronic signatures. Security is concentrated in a single, efficient component, allowing for a detailed analysis.Comment: 9 pages, 2 figures. (C) ACM, (2006). This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of VSW06, June, 2006, Berlin, German

An Evaluated Certification Services System for the German National Root CA - Legally Binding and Trustworthy Transactions in E-Business and E-Government

National Root CAs enable legally binding E-Business and E-Government transactions. This is a report about the development, the evaluation and the certification of the new certification services system for the German National Root CA. We illustrate why a new certification services system was necessary, and which requirements to the new system existed. Then we derive the tasks to be done from the mentioned requirements. After that we introduce the initial situation at the beginning of the project. We report about the very process and talk about some unfamiliar situations, special approaches and remarkable experiences. Finally we present the ready IT system and its impact to E-Business and E-Government.Comment: 6 pages; 1 figure; IEEE style; final versio

Centralized prevention of denial of service attacks

The world has come to depend on the Internet at an increasing rate for communication, e-commerce, and many other essential services. As such, the Internet has become an integral part of the workings of society at large. This has lead to an increased vulnerability to remotely controlled disruption of vital commercial and government operations---with obvious implications. This disruption can be caused by an attack on one or more specific networks which will deny service to legitimate users or an attack on the Internet itself by creating large amounts of spurious traffic (which will deny services to many or all networks). Individual organizations can take steps to protect themselves but this does not solve the problem of an Internet wide attack. This thesis focuses on an analysis of the different types of Denial of Service attacks and suggests an approach to prevent both categories by centralized detection and limitation of excessive packet flows

A Decentralised Digital Identity Architecture

Current architectures to validate, certify, and manage identity are based on centralised, top-down approaches that rely on trusted authorities and third-party operators. We approach the problem of digital identity starting from a human rights perspective, with a primary focus on identity systems in the developed world. We assert that individual persons must be allowed to manage their personal information in a multitude of different ways in different contexts and that to do so, each individual must be able to create multiple unrelated identities. Therefore, we first define a set of fundamental constraints that digital identity systems must satisfy to preserve and promote privacy as required for individual autonomy. With these constraints in mind, we then propose a decentralised, standards-based approach, using a combination of distributed ledger technology and thoughtful regulation, to facilitate many-to-many relationships among providers of key services. Our proposal for digital identity differs from others in its approach to trust in that we do not seek to bind credentials to each other or to a mutually trusted authority to achieve strong non-transferability. Because the system does not implicitly encourage its users to maintain a single aggregated identity that can potentially be constrained or reconstructed against their interests, individuals and organisations are free to embrace the system and share in its benefits.Comment: 30 pages, 10 figures, 3 table

Pendekatan konstruktif dalam inovasi pengajaran dan pembelajaran Bahasa Melayu di Kolej Vokasional

Pendekatan konstruktif adalah pendekatan pengajaran dan pembelajaran yang berpusatkan pelajar manakala inovasi pengajaran pula dikaitkan dengan kaedah pengajaran yang terbaru demi mengukuhkan pemahaman pelajar. Pembelajaran berasaskan pendekatan konstruktif merupakan elemen yang penting dan perlu difahami oleh guru-guru bagi memantapkan proses pengajaran dan pembelajaran sesuai dengan peredaran masa dan menjayakan proses tranformasi pendidikan negara. Objektif kajian ini dijalankan untuk mengenal pasti pemahaman guru-guru bahasa Melayu berkaitan inovasi, mengenal pasti perbezaan yang wujud antara guru lelaki dan guru perempuan dalam mengamalkan inovasi, pengkaji juga melihat adakah wujud perbezaan antara guru baru dan guru yang sudah berpengalaman dalam aspek mengaplikasikan inovasi serta mengenal pasti kekangan-kekangan yang dialami oleh para guru untuk mengaplikasikan inovasi di sekolah. Seramai 63 orang guru bahasa Melayu dari lapan buah kolej vokasional telah dipilih sebagai responden dalam kajian ini. Data dianalisis menggunakan perisian Winsteps 3.69.1.11 dengan pendekatan Model Pengukuran Rasch. Hasil analisis menunjukkan bahawa guru�guru bahasa Melayu memahami kepentingan inovasi dalam pengajaran dan pembelajaran. Hasil kajian juga menunjukkan guru-guru perempuan lebih banyak menerapkan unsur inovasi dalam pengajaran berbanding guru lelaki. Walaupun begitu, aspek pengalaman tidak menunjukkan perbezaan dari segi pengamalan inovasi sama ada guru baru ataupun guru yang sudah berpengalaman. Pengkaji juga mengenal pasti beberapa kekangan yang dialami oleh guru-guru untuk mengamalkan inovasi ini. Sebagai langkah untuk menangani masalah berkenaan, beberapa cadangan telah dikemukakan oleh pengkaji bagi memastikan guru-guru dapat merealisasikan proses pengajaran berkesan dengan penerapan inovasi mengikut model pendekatan konstruktif. Pengkaji berharap, kajian ini dapat dijadikan sebagai satu panduan kepada pelaksana kurikulum bagi memastikan budaya inovasi sentiasa menjadi amalan dalam kalangan guru demi mengangkat profesionalisme guru di Malaysia

Critique of Architectures for Long-Term Digital Preservation

Evolving technology and fading human memory threaten the long-term intelligibility of many kinds of documents. Furthermore, some records are susceptible to improper alterations that make them untrustworthy. Trusted Digital Repositories (TDRs) and Trustworthy Digital Objects (TDOs) seem to be the only broadly applicable digital preservation methodologies proposed. We argue that the TDR approach has shortfalls as a method for long-term digital preservation of sensitive information. Comparison of TDR and TDO methodologies suggests differentiating near-term preservation measures from what is needed for the long term. TDO methodology addresses these needs, providing for making digital documents durably intelligible. It uses EDP standards for a few file formats and XML structures for text documents. For other information formats, intelligibility is assured by using a virtual computer. To protect sensitive information—content whose inappropriate alteration might mislead its readers, the integrity and authenticity of each TDO is made testable by embedded public-key cryptographic message digests and signatures. Key authenticity is protected recursively in a social hierarchy. The proper focus for long-term preservation technology is signed packages that each combine a record collection with its metadata and that also bind context—Trustworthy Digital Objects.

Regional E-Government - some problems from Czech regions point of view

The e-government should start with electronic collaboration of governmental departments. Several services, like email, video conference, discussion forums, use of shared documents, etc. should be supported for assisting the efficient and productive collaboration of remote governmental departments. Since the functionality of the provided services is well known, no detailed description of each service phase is provided. The services for citizens are offered through so called governmental portals. The typical use of a governmental portal is to provide information to the citizens and to support several types of citizen–government transactions (e.g. issuing birth certificates, submitting tax forms, conducting electronic payments, etc.). These services open security requirements for an e-Government platform. Their compilation has been based on the security requirements derived for each independent service suite, for the Authentication processes