Bootstrapping Real-world Deployment of Future Internet Architectures

The past decade has seen many proposals for future Internet architectures. Most of these proposals require substantial changes to the current networking infrastructure and end-user devices, resulting in a failure to move from theory to real-world deployment. This paper describes one possible strategy for bootstrapping the initial deployment of future Internet architectures by focusing on providing high availability as an incentive for early adopters. Through large-scale simulation and real-world implementation, we show that with only a small number of adopting ISPs, customers can obtain high availability guarantees. We discuss design, implementation, and evaluation of an availability device that allows customers to bridge into the future Internet architecture without modifications to their existing infrastructure

Activity-based Access Control Model to Hospital Information

Hospital work is characterized by the need to manage multiple activities simultaneously, constant local mobility, frequently interruptions, and intense collaboration and communication. Hospital employees must handle a large amount of data that is often tied to specific work activities. This calls for a proper access control model. In this paper, we propose a novel approach, Activity-based access Control Model (ACM). Unlike conventional approaches which exploit user identity/role information, ACM leverages user’s activities to determine the access permissions for that user. In ACM, a user is assigned to perform a number of actions if s/he poses a set of satisfactory attributes. Access permissions to hospital information are granted according to user’s actions. By doing this, ACM contributes a number of advantages over conventional models: (1) facilitates user’s work; (2) reduces complexity and cost of access management. Though the design of ACM first aims to support clinical works in hospitals, it can be applied in other activity-centered environments. 1

Cyber-physical security of a smart grid infrastructure

permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Carnegie Mellon University's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.INVITE

Structure-activity relationships of fluorene compounds inhibiting HCV variants

Approximately 71 million people suffer from hepatitis C virus (HCV) infection worldwide. Persistent HCV infection causes liver diseases such as chronic hepatitis, liver cirrhosis, and hepatocellular carcinoma, resulting in approximately 400,000 deaths annually. Effective direct-acting antiviral agents (DAAs) have been developed and are currently used for HCV treatment targeting the following three proteins: NS3/4A proteinase that cleaves the HCV polyprotein into various functional proteins, RNA-dependent RNA polymerase (designated as NS5B), and NS5A, which is required for the formation of double membrane vesicles serving as RNA replication organelles. At least one compound inhibiting NS5A is included in current HCV treatment regimens due to the high efficacy and low toxicity of drugs targeting NS5A. Here we report fluorene compounds showing strong inhibitory effects on GT 1b and 3a of HCV. Moreover, some compounds were effective against resistance-associated variants to DAAs. The structure-activity relationships of the compounds were analyzed. Furthermore, we investigated the molecular bases of the inhibitory activities of some compounds by the molecular docking method.11Ysciescopu

Intrusion-aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks

Existing anomaly and intrusion detection schemes of wireless sensor networks have mainly focused on the detection of intrusions. Once the intrusion is detected, an alerts or claims will be generated. However, any unidentified malicious nodes in the network could send faulty anomaly and intrusion claims about the legitimate nodes to the other nodes. Verifying the validity of such claims is a critical and challenging issue that is not considered in the existing cooperative-based distributed anomaly and intrusion detection schemes of wireless sensor networks. In this paper, we propose a validation algorithm that addresses this problem. This algorithm utilizes the concept of intrusion-aware reliability that helps to provide adequate reliability at a modest communication cost. In this paper, we also provide a security resiliency analysis of the proposed intrusion-aware alert validation algorithm.Comment: 19 pages, 7 figure

Enforcing Access Control Using Risk Assessment

Context-based access control is an emerging approach for modeling adaptive solution, making access control management more flexible and powerful. But in the ubiquitous environment, this approach is not enough for many emerging security vulnerabilities. Thus, improving current access control mechanisms is still necessary. Risk is an effective tool used for decision-making in economics. In this paper, we design a new model for risk assessment in ubiquitous environment and use risk as a key component in decision-making process in our access control model. This solution makes access control management more dynamic and precise

BARI+: A Biometric Based Distributed Key Management Approach for Wireless Body Area Networks

Wireless body area networks (WBAN) consist of resource constrained sensing devices just like other wireless sensor networks (WSN). However, they differ from WSN in topology, scale and security requirements. Due to these differences, key management schemes designed for WSN are inefficient and unnecessarily complex when applied to WBAN. Considering the key management issue, WBAN are also different from WPAN because WBAN can use random biometric measurements as keys. We highlight the differences between WSN and WBAN and propose an efficient key management scheme, which makes use of biometrics and is specifically designed for WBAN domain

A Proactive Approach to Distributed DoS Prevention Using Route-Based Packet Filtering

Denial-of-service (DoS) attack on the Internet has become a pressing problem. In this paper, we describe, analyze and evaluate route-based distributed packet filtering (DPF), a novel approach to distributed DoS (DDoS) attack prevention. We show that there is an intimate relationship between the effectiveness of DPF at mitigating DDoS attacks and power-law network topology. We evaluate performance using Internet autonomous system and artificially generated topologies. The salient features of this work are two-fold. First, we show that DPF is able to proactively filter out a significant fraction of spoofed packet flows and prevent attack packets from reaching their targets in the first place. The IP ows that cannot be proactively curtailed are extremely sparse such that their origin can be localized -- i.e., IP traceback -- to within a small, constant number of candidate sites. We show that the two proactive and reactive performance effects can be achieved by implementing route-based filteri..