3,430 research outputs found
Bridges Structural Health Monitoring and Deterioration Detection Synthesis of Knowledge and Technology
INE/AUTC 10.0
Securely Launching Virtual Machines on Trustworthy Platforms in a Public Cloud
In this paper we consider the Infrastructure-as-a-Service (IaaS) cloud model which allows cloud users to run their own virtual machines (VMs) on available cloud computing resources. IaaS gives enterprises the possibility to outsource their process workloads with minimal effort and expense. However, one major problem with existing approaches of cloud leasing, is that the users can only get contractual guarantees regarding the integrity of the offered platforms. The fact that the IaaS user himself or herself cannot verify the provider promised cloud platform integrity, is a security risk which threatens to prevent the IaaS business in general. In this paper we address this issue and propose a novel secure VM launch protocol using Trusted Computing techniques. This protocol allows the cloud IaaS users to securely bind the VM to a trusted computer configuration such that the clear text VM only will run on a platform that has been booted into a trustworthy state. This capability builds user confidence and can serve as an important enabler for creating trust in public clouds. We evaluate the feasibility of our proposed protocol via a full scale system implementation and perform a system security analysis
Hj. Samuri Sate Kajang Office Automation Using Lotus Notes Application
The advances of modem computer technology today have prompted offices to
automate their office processing. As businesses continue to expand, the need to automate
office processes increases. It is vital to incorporate computer technology to remain
competitive.
The main object of this study is to create a working system capable of routing
forms and saving data in the database. It is to collect information such as staff
information and new branch addresses. It allows employees to request stationeries online
where the processing and routing is done by the office system. It also has a discussion
database that helps employees to communicate among themselves. The discussion
database allows the placing of comments and notices for others to view.
The system was built using Lotus Notes version 5, a powerful workflow tool.
Graphics were modified using Sierra Home SnapShot Express. The text was written
using both the in-built word processor of Lotus Notes and Microsoft Word 2000.
This system simplifies work and allows for faster document processing. The
system is kept open to allow future upgrades and modification
EviPlant: An efficient digital forensic challenge creation, manipulation and distribution solution
Education and training in digital forensics requires a variety of suitable
challenge corpora containing realistic features including regular
wear-and-tear, background noise, and the actual digital traces to be discovered
during investigation. Typically, the creation of these challenges requires
overly arduous effort on the part of the educator to ensure their viability.
Once created, the challenge image needs to be stored and distributed to a class
for practical training. This storage and distribution step requires significant
time and resources and may not even be possible in an online/distance learning
scenario due to the data sizes involved. As part of this paper, we introduce a
more capable methodology and system as an alternative to current approaches.
EviPlant is a system designed for the efficient creation, manipulation, storage
and distribution of challenges for digital forensics education and training.
The system relies on the initial distribution of base disk images, i.e., images
containing solely base operating systems. In order to create challenges for
students, educators can boot the base system, emulate the desired activity and
perform a "diffing" of resultant image and the base image. This diffing process
extracts the modified artefacts and associated metadata and stores them in an
"evidence package". Evidence packages can be created for different personae,
different wear-and-tear, different emulated crimes, etc., and multiple evidence
packages can be distributed to students and integrated into the base images. A
number of additional applications in digital forensic challenge creation for
tool testing and validation, proficiency testing, and malware analysis are also
discussed as a result of using EviPlant.Comment: Digital Forensic Research Workshop Europe 201
Integração de funções de rede virtualizadas e funções de rede físicas
Network Functions Virtualization (NFV) and Software Defined Networking (SDN)
have been in the center of network evolution, promising a more flexible and efficient
way of managing networks through the on-demand instantiation of network
functions (NFs) and reconfigurability of the network as necessary. Nevertheless,
as new mechanisms are developed, such technologies require testing before their
adoption into real-world deployments. This is where this dissertation contributes,
by proposing and evaluating a system architecture that integrates a physical wireless
testbed with a cloud-based environment. This allows physical wireless nodes to
become part of the cloud environment, enabling its use and configuration as virtual
NFs (VNFs). Results showcased the system feasibility, with the testbed being able
to instantiate on-demand virtual and physical NFs, in the physical wireless nodes
and in an OpenStack data-center.A Virtualização de Funções de Rede e as Redes Definidas por Software têm estado
no centro da evolução das redes, prometendo uma forma mais flexível e eficiente
de as gerenciar através da instanciação on-demand de Funções de Rede e da sua
reconfiguração conforme o necessário. No entanto, à medida que novos mecanismos
são desenvolvidos, é também necessário a realização de testes sobre estas
tecnologias antes destas serem adotadas em implementações em contexto real.
É aqui que esta dissertação contribui, propondo e avaliando uma arquitetura de
sistema que integra um testbed físico sem fios, com um ambiente baseado em
nuvem. Isto permite que os nós sem fios físicos se tornem parte do ambiente de
nuvem, permitindo o seu uso e configuração como Funções de Rede Virtuais. Os
resultados demonstraram a viabilidade do sistema, dada a capacidade da testbed
em instanciar Funções de Rede virtuais e físicas quando requisitadas tanto nos nós
sem fios físicos quanto no servidor OpenStack.Mestrado em Engenharia Eletrónica e Telecomunicaçõe
TechNews digests: Jan - Nov 2009
TechNews is a technology, news and analysis service aimed at anyone in the education sector keen to stay informed about technology developments, trends and issues. TechNews focuses on emerging technologies and other technology news. TechNews service : digests september 2004 till May 2010 Analysis pieces and News combined publish every 2 to 3 month
On-chip system call tracing: A feasibility study and open prototype
Several tools for program tracing and introspection exist. These tools can be used to analyze potentially malicious or untrusted programs. In this setting, it is important to prevent that the target program determines whether it is being traced or not. This is typically achieved by minimizing the code of the introspection routines and any artifact or side-effect that the program can leverage. Indeed, the most recent approaches consist of lightly instrumented operating systems or thin hypervisors running directly on bare metal. Following this research trend, we investigate the feasibility of transparently tracing a Linux/ARM program without modifying the software stack, while keeping the analysis cost and flexibility compatible with state of the art emulation- or baremetal- based approaches. As for the typical program tracing task, our goal is to reconstruct the stream of system call invocations along with the respective un-marshalled arguments. We propose to leverage the availability of on-chip debugging interfaces of modern ARM systems, which are accessible via JTAG. More precisely, we developed OpenST, an open-source prototype tracer that allowed us to analyze the performance overhead and to assess the transparency with respect to evasive, real-world malicious programs. OpenST has two tracing modes: In-kernel dynamic tracing and external tracing. The in-kernel dynamic tracing mode uses the JTAG interface to \u201chot-patch\u201d the system calls at runtime, injecting introspection code. This mode is more transparent than emulator based approaches, but assumes that the traced program does not have access to the kernel memory\u2014where the introspection code is loaded. The external tracing mode removes this assumption by using the JTAG interface to manage hardware breakpoints. Our tests show that OpenST\u2019s greater transparency comes at the price of a steep performance penalty. However, with a cost model, we show that OpenST scales better than the state of the art, bare-metal-based approach, while remaining equally stealthy to evasive malware
Security challenges with virtualization
Tese de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2009Virtualização é uma palavra em voga no mundo das tecnologias de informação. Com a promessa de reduzir o constante crescimento das infra-estruturas informáticas dentro de um centro de processamento de dados, aliado a outros aspectos importantes como disponibilidade e escalabilidade, as tecnologias de virtualização têm vindo a ganhar popularidade, não só entre os profissionais de tecnologias de informação mas também administradores e directores. No entanto, o aumento da adopção do uso desta tecnologia expõe o sistema a novas preocupações de segurança que normalmente são negligenciadas. Esta tese apresenta o estado da arte das soluções actualmente mais usadas de virtualização de servidores e também um estudo literário dos vários problemas de segurança das tecnologias de virtualização. Estes problemas não são específicos em termos de produto, e são abordados no âmbito de tecnologias de virtualização. No entanto, nesta tese é feita uma análise de vulnerabilidades de duas das mais conhecidas soluções de virtualização: Vmware EXS e Xen. No final, são descritas algumas soluções para melhorar a segurança de acesso a banco online e de comercio electrónico, usando virtualização.Virtualization is a hype word in the IT world. With the promise to reduce the ever-growing infrastructure inside data centers allied to other important concerns such as availability and scalability, virtualization technology has been gaining popularity not only with IT professionals but also among administrators and directors as well. The increasingly rising rate of the adoption of this technology has exposed these systems to new security concerns which in recent history have been ignored or simply overlooked. This thesis presents an in depth state of art look at the currently most used server virtualization solutions, as well as a literature study on various security issues found within this virtualization technology. These issues can be applied to all the current virtualization technologies available without focusing on a specific solution. However, we do a vulnerability analysis of two of the most known virtualization solutions: VMware ESX and Xen. Finally, we describe some solutions on how to improve the security of online banking and e-commerce, using virtualization
- …