368 research outputs found

    Establishing an Internet Based Paediatric Cancer Registration and Communication System for the Hungarian Paediatric Oncology Network

    Get PDF
    Cancer registration has developed in Europe over the last 50 years, and in the last decade intensive joint activities between the European Cancer Registries, in response to the need of pan-European harmonization of registration practices, have taken place. The Hungarian Paediatric Cancer Registry has been functioning as the database of the Hungarian Paediatric Oncology Network since 1971, aiming to follow the incidence and the treatment efficacy of malignant diseases.The goals of this globally unique open source information system are the following: 1) to raise the quality of the registration system to the European level by developing an Internet-based registration and communication system, modernizing the database, establishing automatic statistical analyses and adding an Internet website, 2) to support clinical epidemiological studies that we conduct with international collaborators on detailed analyses of the characteristics of patients and their diseases, evaluation of new diagnostic and therapeutic methods, prevention programs, and long-term quality of life and side effects.The benefits of the development of the Internet-based registration and communication system are as follows: a) introduction of an Internet-based case reporting system, b) modernization of the registry database according to international recommendations, c) automatic statistical summaries, encrypted mail systems, document repository, d) application of data security and privacy standards, e) establishment of a website and compilation of educational materials.The overall objective of this scientific project is to contribute towards the improvement of cancer prevention and cancer care for the benefit of the public in general and of cancer patients in particular

    Timed Analysis of Security Protocols

    Get PDF
    We propose a method for engineering security protocols that are aware of timing aspects. We study a simplified version of the well-known Needham Schroeder protocol and the complete Yahalom protocol, where timing information allows the study of different attack scenarios. We model check the protocols using UPPAAL. Further, a taxonomy is obtained by studying and categorising protocols from the well known Clark Jacob library and the Security Protocol Open Repository (SPORE) library. Finally, we present some new challenges and threats that arise when considering time in the analysis, by providing a novel protocol that uses time challenges and exposing a timing attack over an implementation of an existing security protocol

    Verification of multi-protocol attacks

    Get PDF

    A static analysis framework for security properties in mobile and cryptographic systems

    Get PDF
    We introduce a static analysis framework for detecting instances of security breaches in infinite mobile and cryptographic systems specified using the languages of the 7r-calculus and its cryptographic extension, the spi calculus. The framework is composed from three components: First, standard denotational semantics of the 7r-calculus and the spi calculus are constructed based on domain theory. The resulting model is sound and adequate with respect to transitions in the operational semantics. The standard semantics is then extended correctly to non-uniformly capture the property of term substitution, which occurs as a result of communications and successful cryptographic operations. Finally, the non-standard semantics is abstracted to operate over finite domains so as to ensure the termination of the static analysis. The safety of the abstract semantics is proven with respect to the nonstandard semantics. The results of the abstract interpretation are then used to capture breaches of the secrecy and authenticity properties in the analysed systems. Two initial prototype implementations of the security analysis for the 7r-calculus and the spi calculus are also included in the thesis. The main contributions of this thesis are summarised by the following. In the area of denotational semantics, the thesis introduces a domain-theoretic model for the spi calculus that is sound and adequate with respect to transitions in the structural operational semantics. In the area of static program analysis, the thesis utilises the denotational approach as the basis for the construction of abstract interpretations for infinite systems modelled by the 7r-calculus and the spi calculus. This facilitates the use of computationally significant mathematical concepts like least fixed points and results in an analysis that is fully compositional. Also, the thesis demonstrates that the choice of the term-substitution property in mobile and cryptographic programs is rich enough to capture breaches of security properties, like process secrecy and authenticity. These properties are used to analyse a number of mobile and cryptographic protocols, like the file transfer protocol and the Needham-Schroeder, SPLICE/AS, Otway-Rees, Kerberos, Yahalom and Woo Lam authentication protocols

    Maritime Data Transfer Protocol (MDTP): A Proposal for a Data Transmission Protocol in Resource-Constrained Underwater Environments Involving Cyber-Physical Systems

    Get PDF
    The utilization of autonomous maritime vehicles is becoming widespread in operations that are deemed too hazardous for humans to be directly involved in them. One of the ways to increase the productivity of the tools used during missions is the deployment of several vehicles with the same objective regarding data collection and transfer, both for the benefit of human staff and policy makers. However, the interchange of data in such an environment poses major challenges, such as a low bandwidth and the unreliability of the environment where transmissions take place. Furthermore, the relevant information that must be sent, as well as the exact size that will allow understanding it, is usually not clearly established, as standardization works are scarce in this domain. Under these conditions, establishing a way to interchange information at the data level among autonomous maritime vehicles becomes of critical importance since the needed information, along with the size of the transferred data, will have to be defined. This manuscript puts forward the Maritime Data Transfer Protocol, (MDTP) a way to interchange standardized pieces of information at the data level for maritime autonomous maritime vehicles, as well as the procedures that are required for information interchange.SWARMs (Smart and Networking Underwater Robots in Cooperation Meshes) 1034 European research project. It is under Grant Agreement 1035 n.662107-SWARMs-ECSEL-2014-1 and is being partially supported by the Spanish Ministry of Economy and Competitiveness (Ref: PCIN-2014-022-C02-02) and the ECSEL JU

    Construction, Operation and Maintenance of Network System(Junior Level)

    Get PDF
    This open access book follows the development rules of network technical talents, simultaneously placing its focus on the transfer of network knowledge, the accumulation of network skills, and the improvement of professionalism. Through the complete process from the elaboration of the theories of network technology to the analysis of application scenarios then to the design and implementation of case projects, readers are enabled to accumulate project experience and eventually acquire knowledge and cultivate their ability so as to lay a solid foundation for adapting to their future positions. This book comprises six chapters, which include “General Operation Safety of Network System,” “Cabling Project,” “Hardware Installation of Network System,” “Basic Knowledge of Network System,” “Basic Operation of Network System,” and “Basic Operation and Maintenance of Network System.” This book can be used for teaching and training for the vocational skills certification of network system construction, operation, and maintenance in the pilot work of Huawei’s “1+X” Certification System, and it is also suitable as a textbook for application-oriented universities, vocational colleges, and technical colleges. In the meantime, it can also serve as a reference book for technicians engaged in network technology development, network management and maintenance, and network system integration. As the world’s leading ICT (information and communications technology) infrastructure and intelligent terminal provider, Huawei Technologies Co., Ltd. has covered many fields such as data communication, security, wireless, storage, cloud computing, intelligent computing, and artificial intelligence. Taking Huawei network equipment (routers, switches, wireless controllers, and wireless access points) as the platform, and based on network engineering projects, this book organizes all the contents according to the actual needs of the industry

    Mobile Communication with Virtual Network Address Translation

    Get PDF
    Virtual Network Address Translation (VNAT) is a novel architecture that allows transparent migration of end-to-end live network connections associated with various computation units. Such computation units can be either a single process, or a group of processes of an application, or an entire host. VNAT virtualizes network connections perceived by transport protocols so that identification of network connections is decoupled from stationary hosts. Such virtual connections are then remapped into physical connections to be carried on the physical network using network address translation. VNAT requires no modification to existing applications, operating systems, or protocol stacks. Furthermore, it is fully compatible with the existing communication infrastructure; virtual and normal connections can coexist without interfering each other. VNAT functions entirely within end systems and requires no third party proxies. We have implemented a VNAT prototype with the Linux 2.4 kernel and demonstrated its functionality on a wide range of popular real-world network applications. Our performance results show that VNAT has essentially no overhead except when connections are migrated, in which case the overhead of our Linux prototype is less than 7 percent

    Secure Inter-domain Routing and Forwarding via Verifiable Forwarding Commitments

    Full text link
    The Internet inter-domain routing system is vulnerable. On the control plane, the de facto Border Gateway Protocol (BGP) does not have built-in mechanisms to authenticate routing announcements, so an adversary can announce virtually arbitrary paths to hijack network traffic; on the data plane, it is difficult to ensure that actual forwarding path complies with the control plane decisions. The community has proposed significant research to secure the routing system. Yet, existing secure BGP protocols (e.g., BGPsec) are not incrementally deployable, and existing path authorization protocols are not compatible with the current Internet routing infrastructure. In this paper, we propose FC-BGP, the first secure Internet inter-domain routing system that can simultaneously authenticate BGP announcements and validate data plane forwarding in an efficient and incrementally-deployable manner. FC-BGP is built upon a novel primitive, name Forwarding Commitment, to certify an AS's routing intent on its directly connected hops. We analyze the security benefits of FC-BGP in the Internet at different deployment rates. Further, we implement a prototype of FC-BGP and extensively evaluate it over a large-scale overlay network with 100 virtual machines deployed globally. The results demonstrate that FC-BGP saves roughly 55% of the overhead required to validate BGP announcements compared with BGPsec, and meanwhile FC-BGP introduces a small overhead for building a globally-consistent view on the desirable forwarding paths.Comment: 16 pages, 17 figure
    corecore