IPv6 Network Mobility

Network Authentication, Authorization, and Accounting has been used since before the days of the Internet as we know it today. Authentication asks the question, “Who or what are you?” Authorization asks, “What are you allowed to do?” And fi nally, accounting wants to know, “What did you do?” These fundamental security building blocks are being used in expanded ways today. The fi rst part of this two-part series focused on the overall concepts of AAA, the elements involved in AAA communications, and highlevel approaches to achieving specifi c AAA goals. It was published in IPJ Volume 10, No. 1[0]. This second part of the series discusses the protocols involved, specifi c applications of AAA, and considerations for the future of AAA

Proceedings of RSEEM 2006 : 13th Research Symposium on Emerging Electronic Markets

Electronic markets have been a prominent topic of research for the past decade. Moreover, we have seen the rise but also the disappearance of many electronic marketplaces in practice. Today, electronic markets are a firm component of inter-organisational exchanges and can be observed in many branches. The Research Symposium on Emerging Electronic Markets is an annual conference bringing together researchers working on various topics concerning electronic markets in research and practice. The focus theme of the13th Research Symposium on Emerging Electronic Markets (RSEEM 2006) was ?Evolution in Electronic Markets?. Looking back at more than 10 years of research activities in electronic markets, the evolution can be well observed. While electronic commerce activities were based largely on catalogue-based shopping, there are now many examples that go beyond pure catalogues. For example, dynamic and flexible electronic transactions such as electronic negotiations and electronic auctions are enabled. Negotiations and auctions are the basis for inter-organisational trade exchanges about services as well as products. Mass customisation opens up new opportunities for electronic markets. Multichannel electronic commerce represents today?s various requirements posed on information and communication technology as well as on organisational structures. In recent years, service-oriented architectures of electronic markets have enabled ICT infrastructures for supporting flexible e-commerce and e-market solutions. RSEEM 2006 was held at the University of Hohenheim, Stuttgart, Germany in September 2006. The proceedings show a variety of approaches and include the selected 8 research papers. The contributions cover the focus theme through conceptual models and systems design, application scenarios as well as evaluation research approaches

User centric community clouds

With the evolution in cloud technologies, users are becoming acquainted with seamless service provision. Nevertheless, clouds are not a user centric technology, and users become completely dependent on service providers. We propose a novel concept for clouds, where users self-organize to create their clouds. We present such an architecture for user-centric clouds, which relies on self-managed clouds based on doctrine and on identity management concepts

BEYOND THE TEE - NAVIGATING THE COURSE: The player journey for golfers with a disability, lessons learned, and changes made.

Although there is a plethora of research on disability and sport, there are several gaps related to golf and disability. This thesis aims to reduce the gaps, discover more about what we don’t know about golf for the disabled [G4D], examine the factors that limit or inhibit the playing of golf by individuals with disabilities [IwD], and offer recommendations for how the game can be improved to enable more IwD to sample, participate and compete in golf. The study is timely as all sports must adhere to growing legislation around accessibility, equity, and inclusion, along with greater public scrutiny of how establishments interact with society. The overall purpose of this research is to understand how IwD can better enjoy full, active, and inclusive participation in the game of golf. Desk research that included a scoping review was conducted to gain an understanding of the barriers and facilitators to playing golf for IwD and contextualise the work. Qualitative methods were also utilised to acquire knowledge of the subjective lived experiences of 77 golfers with a disability [GwD]. Data collection comprised of interviews and observation. A reflective thematic analysis was used to analyse the qualitative data. Chapter four presents the results of the scoping study. It was found that it is necessary to increase the knowledge of golf as a viable sporting option for IwD with disabilities, promote the availability of inexpensive golf and remove barriers such as lack of services, transport, support, equipment and ableist attitudes and practices. Based on the analysis of empirical data collected over a five-year period, the results first present the participants’ journeys into and through golf. Chapter five highlights the perceived barriers, benefits, and facilitators the participants expressed and I observed. Grounded in the experiences of the participants, chapter six provides recommendations for how golf can adjust. Chapter seven then focuses on how the conceptual framework known as Integrated Knowledge Translation [iKT] was utilised to support moving knowledge into action before providing case studies of two assets developed and deployed, from conception to construction and subsequent dissemination. Chapter eight turns to the impact of this research and how the research that underpins impact will take time to be visible. Preliminary impacts that are beginning to filter through are highlighted. The thesis concludes with empirical and practical recommendations and reflections on opportunities for future research

Integrating identity-based cryptography in IMS service authentication

Nowadays, the IP Multimedia Subsystem (IMS) is a promising research field. Many ongoing works related to the security and the performances of its employment are presented to the research community. Although, the security and data privacy aspects are very important in the IMS global objectives, they observe little attention so far. Secure access to multimedia services is based on SIP and HTTP digest on top of IMS architecture. The standard deploys AKA-MD5 for the terminal authentication. The third Generation Partnership Project (3GPP) provided Generic Bootstrapping Architecture (GBA) to authenticate the subscriber before accessing multimedia services over HTTP. In this paper, we propose a new IMS Service Authentication scheme using Identity Based cryptography (IBC). This new scheme will lead to better performances when there are simultaneous authentication requests using Identity-based Batch Verification. We analyzed the security of our new protocol and we presented a performance evaluation of its cryptographic operationsComment: 13Page

A Cloud-Oriented Cross-Domain Security Architecture

The Monterey Security Architecture addresses the need to share high-value data across multiple domains of different classification levels while enforcing information flow policies. The architecture allows users with different security authorizations to securely collaborate and exchange information using commodity computers and familiar commercial client software that generally lack the prerequisite assurance and functional security protections. MYSEA seeks to meet two compelling requirements, often assumed to be at odds: enforcing critical, mandatory security policies, and allowing access and collaboration in a familiar work environment. Recent additions to the MYSEA design expand the architecture to support a cloud of cross-domain services, hosted within a federation of multilevel secure (MLS) MYSEA servers. The MYSEA cloud supports single-sign on, service replication, and network-layer quality of security service. This new cross domain, distributed architecture follows the consumption and delivery model for cloud services, while maintaining the federated control model necessary to support and protect cross domain collaboration within the enterprise. The resulting architecture shows the feasibility of high-assurance, cross-domain services hosted within a community cloud suitable for interagency, or joint, collaboration. This paper summarizes the MYSEA architecture and discusses MYSEA's approach to provide an MLS-constrained cloud computing environment.Approved for public release; distribution is unlimited

A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

Secure communication using dynamic VPN provisioning in an Inter-Cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds