22,554 research outputs found
A secure archive for Voice-over-IP conversations
An efficient archive securing the integrity of VoIP-based two-party
conversations is presented. The solution is based on chains of hashes and
continuously chained electronic signatures. Security is concentrated in a
single, efficient component, allowing for a detailed analysis.Comment: 9 pages, 2 figures. (C) ACM, (2006). This is the author's version of
the work. It is posted here by permission of ACM for your personal use. Not
for redistribution. The definitive version was published in Proceedings of
VSW06, June, 2006, Berlin, German
An Evaluated Certification Services System for the German National Root CA - Legally Binding and Trustworthy Transactions in E-Business and E-Government
National Root CAs enable legally binding E-Business and E-Government
transactions. This is a report about the development, the evaluation and the
certification of the new certification services system for the German National
Root CA. We illustrate why a new certification services system was necessary,
and which requirements to the new system existed. Then we derive the tasks to
be done from the mentioned requirements. After that we introduce the initial
situation at the beginning of the project. We report about the very process and
talk about some unfamiliar situations, special approaches and remarkable
experiences. Finally we present the ready IT system and its impact to
E-Business and E-Government.Comment: 6 pages; 1 figure; IEEE style; final versio
Centralized prevention of denial of service attacks
The world has come to depend on the Internet at an increasing rate for communication, e-commerce, and many other essential services. As such, the Internet has become an integral part of the workings of society at large. This has lead to an increased vulnerability to remotely controlled disruption of vital commercial and government operations---with obvious implications. This disruption can be caused by an attack on one or more specific networks which will deny service to legitimate users or an attack on the Internet itself by creating large amounts of spurious traffic (which will deny services to many or all networks). Individual organizations can take steps to protect themselves but this does not solve the problem of an Internet wide attack. This thesis focuses on an analysis of the different types of Denial of Service attacks and suggests an approach to prevent both categories by centralized detection and limitation of excessive packet flows
A Decentralised Digital Identity Architecture
Current architectures to validate, certify, and manage identity are based on
centralised, top-down approaches that rely on trusted authorities and
third-party operators. We approach the problem of digital identity starting
from a human rights perspective, with a primary focus on identity systems in
the developed world. We assert that individual persons must be allowed to
manage their personal information in a multitude of different ways in different
contexts and that to do so, each individual must be able to create multiple
unrelated identities. Therefore, we first define a set of fundamental
constraints that digital identity systems must satisfy to preserve and promote
privacy as required for individual autonomy. With these constraints in mind, we
then propose a decentralised, standards-based approach, using a combination of
distributed ledger technology and thoughtful regulation, to facilitate
many-to-many relationships among providers of key services. Our proposal for
digital identity differs from others in its approach to trust in that we do not
seek to bind credentials to each other or to a mutually trusted authority to
achieve strong non-transferability. Because the system does not implicitly
encourage its users to maintain a single aggregated identity that can
potentially be constrained or reconstructed against their interests,
individuals and organisations are free to embrace the system and share in its
benefits.Comment: 30 pages, 10 figures, 3 table
Pendekatan konstruktif dalam inovasi pengajaran dan pembelajaran Bahasa Melayu di Kolej Vokasional
Pendekatan konstruktif adalah pendekatan pengajaran dan pembelajaran yang
berpusatkan pelajar manakala inovasi pengajaran pula dikaitkan dengan kaedah
pengajaran yang terbaru demi mengukuhkan pemahaman pelajar. Pembelajaran
berasaskan pendekatan konstruktif merupakan elemen yang penting dan perlu
difahami oleh guru-guru bagi memantapkan proses pengajaran dan pembelajaran
sesuai dengan peredaran masa dan menjayakan proses tranformasi pendidikan
negara. Objektif kajian ini dijalankan untuk mengenal pasti pemahaman guru-guru
bahasa Melayu berkaitan inovasi, mengenal pasti perbezaan yang wujud antara guru
lelaki dan guru perempuan dalam mengamalkan inovasi, pengkaji juga melihat
adakah wujud perbezaan antara guru baru dan guru yang sudah berpengalaman
dalam aspek mengaplikasikan inovasi serta mengenal pasti kekangan-kekangan yang
dialami oleh para guru untuk mengaplikasikan inovasi di sekolah. Seramai 63 orang
guru bahasa Melayu dari lapan buah kolej vokasional telah dipilih sebagai responden
dalam kajian ini. Data dianalisis menggunakan perisian Winsteps 3.69.1.11 dengan
pendekatan Model Pengukuran Rasch. Hasil analisis menunjukkan bahawa guru�guru bahasa Melayu memahami kepentingan inovasi dalam pengajaran dan
pembelajaran. Hasil kajian juga menunjukkan guru-guru perempuan lebih banyak
menerapkan unsur inovasi dalam pengajaran berbanding guru lelaki. Walaupun
begitu, aspek pengalaman tidak menunjukkan perbezaan dari segi pengamalan
inovasi sama ada guru baru ataupun guru yang sudah berpengalaman. Pengkaji juga
mengenal pasti beberapa kekangan yang dialami oleh guru-guru untuk mengamalkan
inovasi ini. Sebagai langkah untuk menangani masalah berkenaan, beberapa
cadangan telah dikemukakan oleh pengkaji bagi memastikan guru-guru dapat
merealisasikan proses pengajaran berkesan dengan penerapan inovasi mengikut
model pendekatan konstruktif. Pengkaji berharap, kajian ini dapat dijadikan sebagai
satu panduan kepada pelaksana kurikulum bagi memastikan budaya inovasi sentiasa
menjadi amalan dalam kalangan guru demi mengangkat profesionalisme guru di
Malaysia
Critique of Architectures for Long-Term Digital Preservation
Evolving technology and fading human memory threaten the long-term intelligibility of many kinds of documents. Furthermore, some records are susceptible to improper alterations that make them untrustworthy. Trusted Digital Repositories (TDRs) and Trustworthy Digital Objects (TDOs) seem to be the only broadly applicable digital preservation methodologies proposed. We argue that the TDR approach has shortfalls as a method for long-term digital preservation of sensitive information. Comparison of TDR and TDO methodologies suggests differentiating near-term preservation measures from what is needed for the long term.
TDO methodology addresses these needs, providing for making digital documents durably intelligible. It uses EDP standards for a few file formats and XML structures for text documents. For other information formats, intelligibility is assured by using a virtual computer. To protect sensitive information—content whose inappropriate alteration might mislead its readers, the integrity and authenticity of each TDO is made testable by embedded public-key cryptographic message digests and signatures. Key authenticity is protected recursively in a social hierarchy. The proper focus for long-term preservation technology is signed packages that each combine a record collection with its metadata and that also bind context—Trustworthy Digital Objects.
Regional E-Government - some problems from Czech regions point of view
The e-government should start with electronic collaboration of governmental departments. Several services, like email, video conference, discussion forums, use of shared documents, etc. should be supported for assisting the efficient and productive collaboration of remote governmental departments. Since the functionality of the provided services is well known, no detailed description of each service phase is provided. The services for citizens are offered through so called governmental portals. The typical use of a governmental portal is to provide information to the citizens and to support several types of citizen–government transactions (e.g. issuing birth certificates, submitting tax forms, conducting electronic payments, etc.). These services open security requirements for an e-Government platform. Their compilation has been based on the security requirements derived for each independent service suite, for the Authentication processes
- …