79 research outputs found
Bootstrapping Real-world Deployment of Future Internet Architectures
The past decade has seen many proposals for future Internet architectures.
Most of these proposals require substantial changes to the current networking
infrastructure and end-user devices, resulting in a failure to move from theory
to real-world deployment. This paper describes one possible strategy for
bootstrapping the initial deployment of future Internet architectures by
focusing on providing high availability as an incentive for early adopters.
Through large-scale simulation and real-world implementation, we show that with
only a small number of adopting ISPs, customers can obtain high availability
guarantees. We discuss design, implementation, and evaluation of an
availability device that allows customers to bridge into the future Internet
architecture without modifications to their existing infrastructure
Activity-based Access Control Model to Hospital Information
Hospital work is characterized by the need to manage multiple activities simultaneously, constant local mobility, frequently interruptions, and intense collaboration and communication. Hospital employees must handle a large amount of data that is often tied to specific work activities. This calls for a proper access control model. In this paper, we propose a novel approach, Activity-based access Control Model (ACM). Unlike conventional approaches which exploit user identity/role information, ACM leverages userâs activities to determine the access permissions for that user. In ACM, a user is assigned to perform a number of actions if s/he poses a set of satisfactory attributes. Access permissions to hospital information are granted according to userâs actions. By doing this, ACM contributes a number of advantages over conventional models: (1) facilitates userâs work; (2) reduces complexity and cost of access management. Though the design of ACM first aims to support clinical works in hospitals, it can be applied in other activity-centered environments. 1
Cyber-physical security of a smart grid infrastructure
permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Carnegie Mellon University's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.INVITE
Structure-activity relationships of fluorene compounds inhibiting HCV variants
Approximately 71 million people suffer from hepatitis C virus (HCV) infection worldwide. Persistent HCV infection causes liver diseases such as chronic hepatitis, liver cirrhosis, and hepatocellular carcinoma, resulting in approximately 400,000 deaths annually. Effective direct-acting antiviral agents (DAAs) have been developed and are currently used for HCV treatment targeting the following three proteins: NS3/4A proteinase that cleaves the HCV polyprotein into various functional proteins, RNA-dependent RNA polymerase (designated as NS5B), and NS5A, which is required for the formation of double membrane vesicles serving as RNA replication organelles. At least one compound inhibiting NS5A is included in current HCV treatment regimens due to the high efficacy and low toxicity of drugs targeting NS5A. Here we report fluorene compounds showing strong inhibitory effects on GT 1b and 3a of HCV. Moreover, some compounds were effective against resistance-associated variants to DAAs. The structure-activity relationships of the compounds were analyzed. Furthermore, we investigated the molecular bases of the inhibitory activities of some compounds by the molecular docking method.11Ysciescopu
Intrusion-aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks
Existing anomaly and intrusion detection schemes of wireless sensor networks
have mainly focused on the detection of intrusions. Once the intrusion is
detected, an alerts or claims will be generated. However, any unidentified
malicious nodes in the network could send faulty anomaly and intrusion claims
about the legitimate nodes to the other nodes. Verifying the validity of such
claims is a critical and challenging issue that is not considered in the
existing cooperative-based distributed anomaly and intrusion detection schemes
of wireless sensor networks. In this paper, we propose a validation algorithm
that addresses this problem. This algorithm utilizes the concept of
intrusion-aware reliability that helps to provide adequate reliability at a
modest communication cost. In this paper, we also provide a security resiliency
analysis of the proposed intrusion-aware alert validation algorithm.Comment: 19 pages, 7 figure
Enforcing Access Control Using Risk Assessment
Context-based access control is an emerging approach for modeling adaptive solution, making access control management more flexible and powerful. But in the ubiquitous environment, this approach is not enough for many emerging security vulnerabilities. Thus, improving current access control mechanisms is still necessary. Risk is an effective tool used for decision-making in economics. In this paper, we design a new model for risk assessment in ubiquitous environment and use risk as a key component in decision-making process in our access control model. This solution makes access control management more dynamic and precise
BARI+: A Biometric Based Distributed Key Management Approach for Wireless Body Area Networks
Wireless body area networks (WBAN) consist of resource constrained sensing devices just like other wireless sensor networks (WSN). However, they differ from WSN in topology, scale and security requirements. Due to these differences, key management schemes designed for WSN are inefficient and unnecessarily complex when applied to WBAN. Considering the key management issue, WBAN are also different from WPAN because WBAN can use random biometric measurements as keys. We highlight the differences between WSN and WBAN and propose an efficient key management scheme, which makes use of biometrics and is specifically designed for WBAN domain
A Proactive Approach to Distributed DoS Prevention Using Route-Based Packet Filtering
Denial-of-service (DoS) attack on the Internet has become a pressing problem. In this paper, we describe, analyze and evaluate route-based distributed packet filtering (DPF), a novel approach to distributed DoS (DDoS) attack prevention. We show that there is an intimate relationship between the effectiveness of DPF at mitigating DDoS attacks and power-law network topology. We evaluate performance using Internet autonomous system and artificially generated topologies. The salient features of this work are two-fold. First, we show that DPF is able to proactively filter out a significant fraction of spoofed packet flows and prevent attack packets from reaching their targets in the first place. The IP ows that cannot be proactively curtailed are extremely sparse such that their origin can be localized -- i.e., IP traceback -- to within a small, constant number of candidate sites. We show that the two proactive and reactive performance effects can be achieved by implementing route-based filteri..
- âŠ