146 research outputs found
Identifying Native Applications with High Assurance
The work described in this paper investigates the problem
of identifying and deterring stealthy malicious processes on
a host. We point out the lack of strong application iden-
tication in main stream operating systems. We solve the
application identication problem by proposing a novel iden-
tication model in which user-level applications are required
to present identication proofs at run time to be authenti-
cated by the kernel using an embedded secret key. The se-
cret key of an application is registered with a trusted kernel
using a key registrar and is used to uniquely authenticate
and authorize the application. We present a protocol for
secure authentication of applications. Additionally, we de-
velop a system call monitoring architecture that uses our
model to verify the identity of applications when making
critical system calls. Our system call monitoring can be
integrated with existing policy specication frameworks to
enforce application-level access rights. We implement and
evaluate a prototype of our monitoring architecture in Linux
as device drivers with nearly no modication of the ker-
nel. The results from our extensive performance evaluation
shows that our prototype incurs low overhead, indicating the
feasibility of our model
Device-Based Isolation for Securing Cryptographic Keys
In this work, we describe an eective device-based isolation
approach for achieving data security. Device-based isolation
leverages the proliferation of personal computing devices to
provide strong run-time guarantees for the condentiality of
secrets. To demonstrate our isolation approach, we show its
use in protecting the secrecy of highly sensitive data that
is crucial to security operations, such as cryptographic keys
used for decrypting ciphertext or signing digital signatures.
Private key is usually encrypted when not used, however,
when being used, the plaintext key is loaded into the memory
of the host for access. In our threat model, the host may
be compromised by attackers, and thus the condentiality of
the host memory cannot be preserved. We present a novel
and practical solution and its prototype called DataGuard to
protect the secrecy of the highly sensitive data through the
storage isolation and secure tunneling enabled by a mobile
handheld device. DataGuard can be deployed for the key
protection of individuals or organizations
Grid Community Characteristics and their Relation to Grid Security
The size, dynamics, composition and similar characteristics of Grid Communities constitute important data for Grid security requirements gathering and analysis. Collaborative Grid Communities are especially important as they constitute an important part of grid usage modes and demonstrate the need for more advanced Grid security solutions very clearly. This document reports the results of a survey conducted in the Fall of 2002 among members of the Grid community as to understand the needs of grid user and grid application developer communities today, provide information on and typical modes-of-use, and elicit requirements for future grid security systems
Americans Support Ukraine--but Not with US Troops or a No-Fly Zone
A new poll reveals that Americans see Russia as a significant threat to US interests and support military and economic assistance to Ukraine.In response to Russia's aggression toward Ukraine, the United States and its allies have imposed sanctions on Russia that are striking in their scope and severity and represent a broad effort to impose serious economic costs on Russia for its invasion of Ukraine. For their part, a March 25-28 Chicago Council survey finds that Americans support all measures to help Ukraine and pressure Russia short of direct US involvement in a military conflict. And while the public views the broad sanctions imposed on Russia as generally effective at punishing, weakening, and deterring Russia from further aggression, they doubt that sanctions will be enough to persuade Moscow to withdraw troops from Ukraine—the key condition Americans identify as necessary for lifting sanctions
The Virginia Tech Computational Grid: A Research Agenda
An important goal of grid computing is to apply the rapidly expanding power of distributed
computing resources to large-scale multidisciplinary scientic problem solving. Developing a usable computational grid for Virginia Tech is desirable from many perspectives. It leverages distinctive strengths of the university, can help meet the research computing needs of users with the highest demands, and will generate many challenging computer science research questions. By deploying a campus-wide grid and demonstrating its effectiveness for real applications, the Grid Computing Research Group hopes to gain valuable experience and contribute to the grid computing community. This report describes the needs and advantages which characterize the Virginia Tech context with respect to grid computing, and summarizes several current research projects which will meet those needs
Race, Ethnicity, and American Views of Climate Change
Asian, Hispanic, and Black Americans are more likely to view climate change as a threat than Americans as a whole, data show.In the United States, definitions of national security threats are shifting, highly politicized, and closely tied to identity. At the same time, the US is more racially diverse than at any time in its past. To better understand how this diversity feeds into threat perception, the Chicago Council on Global Affairs and the New America Foundation have partnered to conduct novel research on the views of white, Black, Asian, Hispanic, and Native Americans as part of the 2022 Chicago Council Survey
Adapting Protocols to Massively Interconnected Systems
This paper describes ongoing research focused on two critical problems posed by the interconnection of a massive number of computer systems. The interconnection may be achieved through wide area or local area networks. The two problems considered in this research are as follows: (1) performance analysis of the protocols used in an internetwork connecting thousands to millions of nodes, and (2) application development in a massively distributed, heterogeneous environment where components implemented in different programming languages must be integrated and/or reused. The performance analysis problem is addressed by employing large-scale parallel simulation, extended finite state machines and objected-oriented simulation techniques. The approach to solving the application development problem is based on an environment which exploits the synergism between object-oriented programming and layered communication protocols (specifically, OSI)
The Design and Implementation of Concurrent Input/Output Facilities in ACT++ 2.0
ACT++ 2.0 is the most recent version of a class library for concurrent programming in C++. Programs in ACT++ consist of a collection of active objects called actors. Actors execute concurrently and cooperate by sending request and reply messages. An agent, termed the behavior of an actor, is responsible for processing a single request message and for specifying a replacement behavior which processes the next available request message. One of the salient features of ACT++ is its realization of I/O as an actor operation. A special type of actor, called an interface actor, provides a high level interface for a file. Interface actors are sent request messages whenever I/O is necessary and can also transparently perform asynchronous I/O. ACT++ has been implemented on the Sequent Symmetry multiprocessor using the PRESTO threads package
Pattern languages in HCI: A critical review
This article presents a critical review of patterns and pattern languages in human-computer interaction (HCI). In recent years, patterns and pattern languages have received considerable attention in HCI for their potential as a means for developing and communicating information and knowledge to support good design. This review examines the background to patterns and pattern languages in HCI, and seeks to locate pattern languages in relation to other approaches to interaction design. The review explores four key issues: What is a pattern? What is a pattern language? How are patterns and pattern languages used? and How are values reflected in the pattern-based approach to design? Following on from the review, a future research agenda is proposed for patterns and pattern languages in HCI
Applying Structure and Code Metrics to Three Large-Scale Systems
This work extends the area of research termed software
metrics by applying measures of system structure and measures
of system code to three realistic software products.
Previous research in this area has typically been limited to
the application of code metrics such as : lines of code,
McCabe's Cyclomatic number, and Halstead's software science
variables. However, this research also investigates the relationship
of four structure metrics: Henry's Information
Flow measure, Woodfield's Syntactic Interconnection Model,
Yau and Collofello's Stability measure and McClure's Invocation
complexity, to various observed measures of complexity
such as, ERRORS, CHANGES and CODING TIME. These metrics are
referred to as structure measures since they measure control
flow and data flow interfaces between system components.
Correlating the metrics to observed measures of complexity
indicated that the Information Flow metric and the Invocation
Measure typically performed as well as the three code
metrics when project factors and subsystem factors were taken
into consideration. However, it was generally true that
no single metric was able to satisfactorily identify the
variations in the data
- …