6,147 research outputs found
Design and implementation of hiding method for file manipulation of essential services by system call proxy using virtual machine monitor
Security or system management software is essential for keeping systems secure. To deter attacks on essential services, hiding information related to essential services is helpful. This paper describes the design, the implementation, and the evaluation of a method to make files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM). In the proposed method, the virtual machine monitor (VMM) monitors the system call, which invoked by an essential process to access essential files, and requests proxy execution to the proxy process on another VM. The VMM returns the result and skips the execution of the original system call on the protection target VM. Thus, access to essential files by the essential service is skipped on the protection target VM, but the essential service can access the file content
Recommended from our members
GRIDCC: Real-time workflow system
The Grid is a concept which allows the sharing of resources between distributed communities, allowing each to progress towards potentially different goals. As adoption of the Grid increases so are the activities that people wish to conduct through it. The GRIDCC project is a European Union funded project addressing the issues of integrating instruments into the Grid. This increases the requirement of workflows and Quality of Service upon these workflows as many of these instruments have real-time requirements. In this paper we present the workflow management service within the GRIDCC project which is tasked with optimising the workflows and ensuring that they meet the pre-defined QoS requirements specified upon them
Kevoree Modeling Framework (KMF): Efficient modeling techniques for runtime use
The creation of Domain Specific Languages(DSL) counts as one of the main
goals in the field of Model-Driven Software Engineering (MDSE). The main
purpose of these DSLs is to facilitate the manipulation of domain specific
concepts, by providing developers with specific tools for their domain of
expertise. A natural approach to create DSLs is to reuse existing modeling
standards and tools. In this area, the Eclipse Modeling Framework (EMF) has
rapidly become the defacto standard in the MDSE for building Domain Specific
Languages (DSL) and tools based on generative techniques. However, the use of
EMF generated tools in domains like Internet of Things (IoT), Cloud Computing
or Models@Runtime reaches several limitations. In this paper, we identify
several properties the generated tools must comply with to be usable in other
domains than desktop-based software systems. We then challenge EMF on these
properties and describe our approach to overcome the limitations. Our approach,
implemented in the Kevoree Modeling Framework (KMF), is finally evaluated
according to the identified properties and compared to EMF.Comment: ISBN 978-2-87971-131-7; N° TR-SnT-2014-11 (2014
Developing a requirements management toolset: Lessons learned
Requirements Engineering (RE) is a multi-faceted discipline involving various methods, techniques and tools. RE researchers and practitioners are emphasizing the importance of having an integrated RE process. The need for an integrated toolset to support the effective management of such an integrated RE process cannot be over-emphasized. Tools integration has been identified as an important next step toward the future of requirements management tools. This paper reports on some of the significant architectural and technical issues encountered and the lessons learned in the process of developing an integrated Requirements Management (RM) Toolset: PARsed Natural language Input Processor (PARSNIP) by integrating various independent tools. This paper provides insights on architectural and technological issues typical of these types of projects, the approaches and techniques used to address the architectural mismatches and the technological incompatibilities
Recommended from our members
Towards an aspect weaving BPEL engine
This position paper proposes the use of dynamic aspects and
the visitor design pattern to obtain a highly configurable and
extensible BPEL engine. Using these two techniques, the
core of this infrastructural software can be customised to
meet new requirements and add features such as debugging,
execution monitoring, or changing to another Web Service
selection policy. Additionally, it can easily be extended to
cope with customer-specific BPEL extensions. We propose
the use of dynamic aspects not only on the engine itself
but also on the workflow in order to tackle the problems of
Web Service hot deployment and hot fixes to long running
processes. In this way, composing aWeb Service "on-the-fly"
means weaving its choreography interface into the workflow
Estimating the Size and Structure of the Underground Commercial Sex Economy in Eight Major U.S. Cities
The underground commercial sex economy (UCSE) generates millions of dollars annually, yet investigation and data collection remain under resourced. Our study aimed to unveil the scale of the UCSE in eight major US cities. Across cities, the UCSE's worth was estimated between 290 million in 2007, but decreased since 2003 in all but two cities. Interviews with pimps, traffickers, sex workers, child pornographers, and law enforcement revealed the dynamics central to the underground commercial sex trade -- and shaped the policy suggestions to combat it
Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective
Rapid advances in human genomics are enabling researchers to gain a better
understanding of the role of the genome in our health and well-being,
stimulating hope for more effective and cost efficient healthcare. However,
this also prompts a number of security and privacy concerns stemming from the
distinctive characteristics of genomic data. To address them, a new research
community has emerged and produced a large number of publications and
initiatives.
In this paper, we rely on a structured methodology to contextualize and
provide a critical analysis of the current knowledge on privacy-enhancing
technologies used for testing, storing, and sharing genomic data, using a
representative sample of the work published in the past decade. We identify and
discuss limitations, technical challenges, and issues faced by the community,
focusing in particular on those that are inherently tied to the nature of the
problem and are harder for the community alone to address. Finally, we report
on the importance and difficulty of the identified challenges based on an
online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies
(PoPETs), Vol. 2019, Issue
The Anonymous Poster: How to Protect Internet Users’ Privacy and Prevent Abuse
The threat of anonymous Internet posting to individual privacy has been met with congressional and judicial indecisiveness. Part of the problem stems from the inherent conflict between punishing those who disrespect one\u27s privacy by placing a burden on the individual websites and continuing to support the Internet\u27s development. Additionally, assigning traditional tort liability is problematic as the defendant enjoys an expectation of privacy as well, creating difficulty in securing the necessary information to proceed with legal action. One solution to resolving invasion of privacy disputes involves a uniform identification verification program that ensures user confidentiality while promoting accountability for malicious behavior
DNS in Computer Forensics
The Domain Name Service (DNS) is a critical core component of the global Internet and integral to the majority of corporate intranets. It provides resolution services between the human-readable name-based system addresses and the machine operable Internet Protocol (IP) based addresses required for creating network level connections. Whilst structured as a globally dispersed resilient tree data structure, from the Global and Country Code Top Level Domains (gTLD/ccTLD) down to the individual site and system leaf nodes, it is highly resilient although vulnerable to various attacks, exploits and systematic failures
- …