|
The following papers were presented in the
2002 WSEAS Int. Conf. on Information Security, Hardware/Software Codesign, E-Commerce and Computer Networks.
(Data Base in MicroSoft Access 2002).
|
| 108 Method for Performance Analysis of Web-Caching Hierarchical Structures |
pp. 1081-1089 |
|
|
by : Marco Antonio S. Barbosa, Carlos Augusto P.S. Martis
Abstract: - The use of the web-caching technique has been widely spread out with the objective of reducing the impact of some problems caused by the vertiginous growth of the Internet. The main characteristic of this technique is to keep the objects of the Internet next to the user and consequently, reducing the reply latency and the traffic in the communication channels. An important property of the web-caching servers is the cooperation/s capacity that results in increasing the performance in comparison to isolated servers. However, in most cases, the amount of alternatives to establish this cooperation is large and the choice of the best option may be complex and arduous. Our work propose a method for the analysis of performance of hierarchical structures of web-caching servers based on an empirical model, due to difficulty, in some cases, to perform such analysis with analytical models or through measurements in real environments. We also present a validation of the proposed method, applied to a real case study. |
| 109 The Efficacy of E-Procurement to Businesses: Lessons Learnt from Malaysian Industries |
pp. 1091-1095 |
|
|
by : Noor raihan Ab hamid and Zaifuddin Majid
Abstract: - The emergence of Internet has spurred new and cost effective ways of doing business. One of these innovations is using the Internet medium as a method of procurement for business-to-business; which is also known as electronic procurement (e-procurement). As e-commerce adoption in Malaysia proliferates, e-procurement will simultaneously mushroom in the industries. This paper reports on first results of an exploratory study on e-procurement implementation by various industries in Malaysia. Using descriptive analysis, this paper presents the empirical findings on the opportunities and challenges of adopting e-procurement. This study concluded that while obstacles remain to pose some challenges, companies should move forward as to reap myriad of benefits of e-procurement. |
| 112 Virtual communities as a tool for relationship management |
pp. 1121-1129 |
|
|
by : Hans Bauer, Mark Grether
Abstract: - While previous marketing activities were primarily focused on increasing market shares in terms of a mass marketing based on single transactions, the past few years saw a paradigmatic switch towards relationship management. However, customer retention programs such as customer clubs were not as successful as expected and primarily seemed to have a selective function. Virtual communities are thus becoming increasingly significant for online customer relationship management. A major aspect of virtual communities is the concept of social capital. It will be shown that virtual communities that provide social capital are a key instrument to establish satisfaction, trust, and commitment within a business relationship. |
| 113 Win-Win Scenario for Corporate Communications Using QoS-Enabled Internet VPN |
pp. 1131-1135 |
|
|
by : Stanislav Milanovic, Nikos E. Mastorakis
Abstract: - This paper describes adoption of QoS-enabled Internet VPN solution for corporate communications as an alternative to expensive private WAN. A large-scale customer sorted out the lack of knowledge and resources to deploy and manage enhanced Internet services by outsourcing the service management to its Internet Service Provider (ISP), which turned out to be a win-win scenario because the provider could profit from the economy of scale by sharing of technical and human resources. Furthermore, ISP saw management as a new product with greater potential service differentiation than a pure connectivity service. The security achieved in VPN was based on IPSec tunnels, while QoS was supported by mechanisms as proposed by the Differentiated Services being defined by the IETF. |
| 114 IT infrastructure: standards and flexibility |
pp. 1141-1146 |
|
|
by : Seppo Sirkemaa
Abstract: - Information system development is often in connection to functional requirements and business processes in organization. The development and relevance of the basic information technology infrastructure (IT infrastructure) is therefore easily forgotten. However, a reliable infrastructure is the key to successful operations. Furthermore, as business needs change information system flexibility and compatibility become important. In development of the IT infrastructure are standards in a key role as they are the basis for flexibility. |
| 121 Delegated certificate validation model applicable to the wireless pki |
pp. 1211-1216 |
|
|
by : Jin Kwak, SeungWoo Lee, KyungJin Kim, SooHyun Oh, DongHo Won
Abstract: - With the rapid growth of the wireless Internet service, the interest in security technology over the wireless Internet has been increased. Wireless Internet security technology provides users with confidentiality, authentication and non-repudiation based on WPKI. To provide these services, the method that enables the wireless Internet using users to validate the other party??s certificate efficiently must be provided. But, there is no standard about the certificate validation using the mobile device over the wireless Internet environment. Therefore, we propose the certificate validation model applicable to the wireless Internet environment based on the previous certificate validation model based on the wired Internet environment. |
| 124 Impacts of the Use of Information Technology in Supporting Remote Team Work: A Case Study |
pp. 1241-1248 |
|
|
by : Joao Pedro Albino, Nicolau Reinhard
Abstract: - The main objective of this work is to present a study carried through in the Management College of University of Sao Paulo - Brazil using the Internet as a collaboration tool and to describe the impacts that this kind of communication infrastructure reveals in the work of physically distant people. For the accomplishment of this study was considered and structuralized a collaboration environment using available software tools besides a modified meeting process to support this pattern of work group and the collaboration environment. Inherent questions to the work in physically separated groups such as teamwork, communication, discussion quality and efficiency, people attitude with regard to information technology were addressed. Other questions were satisfaction and the use of shared information between the participants. This research study revealed that Information Technology could contribute for the work and decision-making process in physically distant groups; however, some aspects must be observed for the effective adoption of this modality of work. Thus, some recommendations and suggestions are presented and argued for those organizations that intend to adopt this tool for remote collaboration activities. |
| 126 Approaches and challenges for guaranteeing quality of service in next generation Internet |
pp. 1261-1266 |
|
|
by : Zoubir Mammeri
Abstract: - The prime focus of today’s Internet is on providing connectivity without assurance of service quality. However many real-time applications such as teleconferencing and IP telephony require stringent quality of service guarantees in delays and bandwidth which impose strict resource constraints on paths being used. In this paper we review the basic mechanisms and protocols to support quality of service guarantees in the next generation of Internet. We outline the various approaches and discuss their limitations and the challenges for the future. In particular, admission control, resource reservation, packet scheduling, and routing mechanisms are discussed. |
| 127 Accommodations of QoS DiffServ Over IP and MPLS Networks |
pp. 1271-1276 |
|
|
by : Abdullah Alwehaibi, Anjali Agarwal, Michael Kadoch and Ahmed Elhakeem
Abstract: - Multicasting has become increasingly important with the emergence of Internet-based applications such IP telephony, audio/video conferencing, distributed databases and software upgrading. IP Multicasting is an efficient way to distribute information from a single source to multiple destinations at different locations. In practice IP is considered as a layer 3 protocol. Multiprotocol label Switching (MPLS) replaces the IP forwarding by a simple label lookup. MPLS combines the flexibility of layer 3 routing and layer 2 switching. In this paper, we present a new fair share policy (FSP) that implements Differentiated Services to solve the problems of QoS and congestion control when multicasting is used. Analysis tools are used to evaluate our new fair share policy (FSP) for different scenarios. The results should provide insights for the comparisons between IP multicast in MPLS networks using FSP and plain IP multicasting using the same policy when DiffServ are adopted. |
| 129 Building Ontology Repositories for E-Commerce Systems |
pp. 1291-1296 |
|
|
by : Jianming Yong, Yun Yang, Jun Yan
Abstract: - This paper describes a new method to integrate and implement e-commerce systems in distributed computing environments, especially the Internet. In this paper, we propose a core part of ontology repositories for e-commerce systems, illustrate the organisational topology of the repositories, and demonstrate how to use XML standards to build the repositories. After all these repositories are distributed on the Internet, the ubiquitous integration platform can be formed so that all the e-commerce systems can interact each other seamlessly. |
| 132 Co-operative Inter-Company Planning and Engineering in Plant Production based on a Service-Oriented Architecture |
pp. 1321-1326 |
|
|
by : Jan Woerner, Jochen Keitel, Thomas Laengle, Heinz Woern
Abstract: - A digital representation of complete production facilities will provide a lot of new features and possibilities in plant production. However, those models cannot be build, because of the diversity of tools and model structures used, nowadays. Furthermore, due to the spread of locations of project related companies, the co-operation, the data transfer between suppliers, turnkey suppliers and manufacturers is a time consuming task. For this reason, a new service oriented platform providing new methods in co-operative plant production environments within virtual engineering is presented in this paper. Based on a service-oriented architecture, a software using web services is developed. These support knowledge protection as well as efficient role and project dependent data and event exchange with a definable level of security. An integration into an existing legacy software architecture will be exemplified with a popular planning software and a robot simulation tool. |
| 134 Behavioral Variables Determinant of Virtual Retail Shopping: a Study of Brazilian Consumers |
pp. 1341-1346 |
|
|
by : Daniele Miranda de Oliveira Arruda and Claudia Maria Carvalho Miranda
Abstract: - The main purpose of this research is to identify the determinant behavioral variables in the decision to shop in virtual retail among three groups of users: those who use, those that have given up using, and those that do not use E-Commerce. The investigation was carried out through the answers of 368 Internet users of nine Brazilian states. |
| 135 FPGA Implementation of Three IPSec Cryptographic Algorithms |
pp. 1351-1356 |
|
|
by : Juan M. Diez, Slobodan Bojanic, Carlos Carreras and Octavio Nieto
Abstract: - The paper deals with FPGA implementation of three cryptographic algorithms compliant to IP Security Protocol (IPSec). The algorithms belong to three different classes of cryptographic primitives: block cyphers (CAST5 algorithm), stream cyphers (RC4) and hash functions (HMAC SHA-1). The target technology was FPGA family VirtexII. The different architectures were applied and their analysis is given. The throughput results for the given technology were 899.8 Mbps for SHA-1, 797.7 Mbps for CAST5 and 155.2 Mbps for RC4. Lower RC4 throughput was expected since it was particularly designed for software implementation. In applications with PCI board where PCI bus shares input and output lines, the throughput can be duplicated, thus reaching Gigabit rates for block cipher CAST5 (1.59 Gbps). |
| 136 Some Factors Critical to the Success of Virtual Bookstores in Retaining Customer Loyalty |
pp. 1361-1369 |
|
|
by : Luiz Antonio Joia , Elaine Maria Tavares Rodrigues
Abstract: - This research study seeks to develop a heuristic model, called 4Ps and 1L, for customer loyalty to virtual bookstores. The 4Ps represent one of the most traditional marketing concepts and the L relates to Customer Loyalty. In developing this model the aim is to see how each marketing P influences customer loyalty, thus identifying the factors critical to the success of virtual bookstores retaining customer loyalty. |
| 137 Using Bluetooth Scatternet for Automatic Meter Reading: A Wireless Network Application in Telemetry System |
pp. 1371-1376 |
|
|
by : Odair Perianez Ferline, Luiz Augusto de Paula Lima Jr.
Abstract: - The energy distribution companies have thousands of meter devices spread out over large geographic areas. A telemetry system that allow them to control and monitor all those devices from a central point would be certainly of great help for optimize their operation. In this way, those companies could not only automatically collect their customer’s energy consumption data, but also remotely control the energy distribution and monitor the service quality level offered to each residence or region, just to mention some possibilities. A fundamental requisite to reach that functionality is the interconnection of all energy meters and other control devices through a data communication network. However, the wide geographic area of the electric energy distribution network combined with topological complexity and high capillarity has been a challenge to be overcome in the way to permit the large use of such telemetry systems. Cable-based network solutions are often expensive and non-practical for those cases. A wireless network could be an alternative. The Bluetooth wireless technology is quite promising as a short-range communication solution. In spite of the apparent paradox, there is an open opportunity to apply the Bluetooth technology strengths in building wide area data communication networks to support telemetry of energy distribution services, including Automatic Meter Reading (AMR), as also other applications involving dispersed electronic devices. In this paper we are considering the use of Bluetooth technology in such new scenario. |
| 138 UNITAU Network - A Simple Secure Solution |
pp. 1381-1384 |
|
|
by : Cecilia Cesar, Antonio Montes, Marcio Santos
Abstract: - The UNITAU network project is a simple network architecture with a well suited configuration to deal with different logical networks in the same physical environment. Using VLAN by software and hardware and appropriated routing the network is relatively secure and able to treat four logical networks in the same cable and with different Internet accesses. |
| 141 An integrated testing and debugging environment for java card |
pp. 1411-1416 |
|
|
by : Jin-hee Han,Sung-ik Jun,Si-kwan Kim
Abstract: - This paper describes integrated testing and debugging environment for Java Card. An integrated testing and debugging environment is based on J-JCRE (Java Card Runtime Environment) and Java Card APIs (Application Programming Interface). And also, developed tool supports two kinds of cryptographic algorithms, automatic generation of client/server applet stub/skeleton, script execution, and source level debugging of system class etc. Therefore, by using development environment, application can be debugged and tested before being downloaded onto the Java Card. |
| 142 Integrating the face verification algorithm into the smart card system |
pp. 1421-1425 |
|
|
by : Hyung-keun Jee, Kyung-hee Lee, Yong-wha Chung
Abstract: - Using a biometrics to authenticate a person’s identity has several advantages over the present practices of Personal Identification Number stored in smart cards. However, there is an open issue of integrating biometrics into the smart cards. Typical verification algorithms by using biometrics may not be executed in real-time on the resource-constrained smart cards. In this paper, we propose a real-time automatic face verification system using Support Vector Machine(SVM) and Principal Component Analysis(PCA) to overcome this open issue. In our system, face detection and feature extraction steps which require relatively high computing power are performed in the host. In the card, not only the user’s feature vector is stored but also the verification step is performed without any data leakage. Based on our performance analysis, the smart card can be designed such that the face verification algorithm can be executed in real-time. |
| 143 remote video cam control over ipv6 |
pp. 1431-1436 |
|
|
by : gabriela a. campos, jesus liceaga
Abstract: - In this paper, the control of a Video Camera (VC) using the protocol IPv6 is presented. Communication was established through a socket interface using tunneling IPv6 packets over IPv4 routing infrastructures, because that current network technologies do not yet support the IPv6 protocol. The objectives of control are to manipulate remotely and open-loop vertical and horizontal movements of the VC. Despite the need of IPv4, the results of the project proved that IPv6 may be a more efficient and secure protocol, and therefore, a better option to handle audio and video in real time. |
| 144 An Interoperable Payment Protocol for the public transit fare payment system |
pp. 1441-1445 |
|
|
by : Sangwoo Lee, Youngsae Kim, Jinman Cho, Kyoil Jung
Abstract: - The market for the public transit fare payment system using contactless smart cards is rapidly growing, however, the payment systems provided by different vendors are not interoperable. This paper presents an interoperable payment protocol for the public transit fare payment system using contactless smart cards. We also present implementation results of a PSAM (Purchase Secure Application Module-a secure device, typically, a chip that is embedded on the card terminal) that executes the proposed protocol to support interoperability among different contactless smart card based payment systems. |
| 146 Key Recovery Based on XML for B2B |
pp. 1461-1466 |
|
|
by : Ju-Han Kim, Ki-Young Moon
Abstract: - ESES/XKRS(XML-bases Key-Recovery System), which will be introduced in this paper, is a subsystem of ESES(ETRI Secure E-commerce Service) that has been implemented to support security services such as authentication, integrity, confidentiality and key-recovery. ESES/XKRS is a key-recovery system for B2B electronic commerce and its recovery method is key-escrow. It has been designed and been implemented to be used in enterprise environment. All messages in ESES/XKRS are signed and encrypted with the form of XML using ESES/Signature and ESES/Cipher, respectively. One of the characteristics of this key-recovery system is that one enterprise can recover documents from external key-recovery system in other enterprise and also from owns |
| 148 The Password-Based Key Exchange Protocol using Password-hardening protocol |
pp. 1481-1484 |
|
|
by : Sang-Man Ahn, Soo-Hyun Oh, Dong-Ho Won*
Abstract: - We describe the Password-hardening protocol proposed by Ford and Kaliski[12] and proposea new 1-pass password-based key exchange protocol using Password-hardening protocol and Nyberg-Rueppel's scheme[9]. The verifier stored in server database is blinded by the blinding factor of Client and Server, respectively. Therefore, our protocol will reduce the server compromise attack and remove the credentials server. The security of proposed protocol is depended on the Discrete logarithm Problem(DLP) and Diffie-Hellman Problem(DHP)[10]. We prove that the proposed protocol has the characteristics of forward secrecy and is secure against the Server spoofing, Server data eavesdropping, known-key attack such as Denning-Sacco attack[1]. |
| 149 Enhanced network security management using role |
pp. 1491-1495 |
|
|
by : Jong-gook Ko, Jeong-nyeo Kim, Sung-won Sohn
Abstract: - Network security management is attracting a special attention in recent times. There are many kinds of security technologies and tools to protect IT systems and organizations. Each security tool is important aspects of security but, the effective management of the tools is most critical. In this paper, we present two kinds of framework for network security management. At first, This paper propose network management model using role-based access control (RBAC) that is used to control access to network node such as router, firewall and switch and so on. Secondly, it also introduce policy based network management and propose Role and Policy-based Network Security Management (RPNSM) model which enhance the policy-based network management by using role. |
| 150 The Influences of Security Concept in Safety-Related Systems: An Approach to CNS/ATM System |
pp. 1501-1506 |
|
|
by : Lucio Flavio Vismari, Ricardo A. Veiga Gimenes, Joao B. De Camargo Jr., Jorge R. De Almeida Jr.
Abstract: - Requirement Analysis Process is currently done by parallel teams with distinctive cultures and different objectives to implement Safety and Security concepts in the systems. However, there is a strong dependence of Security on the improvement of Safety concept, and the concept of Safety has a higher priority than Security in Safety-Related Systems. Therefore, this work has the intention to show the necessity that Security Requirements developers should be in thinking about Safety concepts. To get this objective, this paper presents the similarities that Safety and Security domains have, based on Requirement Analysis Process and in a Cause-Effect Model of Failure, besides discussing the influences of security concepts in a Safety-Related System: the CNS/ATM System. |
| 153 Internetworking with Different QoS Mechanism Environments |
pp. 1531-1536 |
|
|
by : Erica Bussiki Figueired and Paulo Roberto Guardieiro
Abstract: - Nowadays, many capable mechanisms to provide Quality of Service (QoS) at the Internet are emerging. So, it’s very important to have internetworking among different QoS environments, as Differentiated Services (DiffServ) and MultiProtocol Label Switching (MPLS) based networks. DiffServ is scalable for the today’s Internet and MPLS provides fast packets routing. In this paper, we attempt to explain the concepts of DiffServ and MPLS and its effectiveness by performing a simulation study based on NS (Network Simulator). The results show the fast rerouting feature of MPLS and the internetworking behavior using or not QoS mechanisms. |
| 154 Conceptual design of a flexible manufacturing system by means of a geometrical and technological characterization approach. |
pp. 1541-1546 |
|
|
by : Francisco Sandoval and Dante Dorantes
Abstract: - The objective of this paper is to present and justify the reasons for developing a new part coding systems that includes a more complete characterization of the parts. This new coding system not only could be used in common applications, also in computing process planning tasks. Particularly, this paper shows a possible application related with the conceptual design of Flexible Manufacturing Systems and the support to work with an objective automation process in their design. |
| 155 AISF - A Proposal for Standard Intrusion Signature Representation |
pp. 1551-1556 |
|
|
by : Artur Renato Araujo da Silva, Marcelo de Souza, Adriano Mauro Cansian
Abstract: - It is well known that computer network attacks are a real threat against information security. Thus, some efforts must be devoted to research new attack detection methods, so that they favor the intrusion detection and counter-measure procedures. This paper proposes an enhancement over network-based intrusion signatures handling, from storage to analysis. It presents a new intrusion signature representation model named AISF (ACME! Intrusion Signature Format), based on the XML specification. With AISF, the process of storing and analyzing information about intrusion signatures becomes a standardized and less difficult process. |
| 156 Testing the efficacy of an intrusion signature representation model |
pp. 1561-1565 |
|
|
by : Euripedes Laurindo Lopes Junior, Luciano Bernardes de Paula, Adriano Mauro Cansian
Abstract: - Nowadays, the computer network security is very important and became a crucial point in every computational systems. For this reason, a robust and efficient security system is necessary. The intrusion detection systems (IDS) largely used today are based on rules. These rules are written after the attack is known, which implies that the more attacks are known, more rules can be built.With more rules, IDS become more efficient. The goal of this paper is to test the efficacy of a new signature representation model – AISF. This model has as feature the ease of information exchange between several IDS, using the XML technology. In this paper will be shown how some signatures were modeled using AISF specification and how it is possible to use it to feed an IDS. |
| 161 effective traffic control scheme for protecting legitimate traffic from malicious traffic on internet |
pp. 1611-1616 |
|
|
by : Gaeil Ahn, Kiyoung Kim, Jongsoo Jang
Abstract: - The greatest headache in the information-oriented society of today is security problem. This paper deals with Denial of Service (DDoS) attacks, which is executed by a malicious user with intention to prevent legitimate users of a service from using the desired resources by monopolizing network resource and resulting in network or system congestion. The existing queuing algorithms cannot solve this problem because they don't have any mechanism that distinguishes between legitimate traffic and malicious traffic. This paper proposes an effective traffic control scheme that can protect legitimate traffic from malicious traffic. The proposed scheme employs two kinds of queue, high-priority queue and low-priority queue. Our scheme can determine very quickly and correctly if network is congestion or not as well as which traffic is malicious by using traffic metering. According to the metering result, malicious traffic is served through low-priority queue and legitimate traffic is served through high-priority queue. To show our scheme's excellence, its performance is measured and compared with that of the existing queuing service through simulation. |
| 165 Extension of the MACH-RT Kernel to Quality of Service Control in Multimedia Communications. |
pp. 1651-1655 |
|
|
by : Joao Araujo and Orlando Bernardo
Abstract: - The increase in the speed and power of the processors now available has given us the opportunity to use workstations and ordinary PCs to carry out multimedia communication. Unfortunately, this type of application requires real-time resources which current operating systems are not capable of providing. Multimedia applications need a reserve of resources. Quality of service (QoS) control will not be complete unless it takes account of the processor's limitations concerning the real-time requirements of multimedia. Therefore we have to provide functions that enable the operating system to ensure at least acceptable standards for the quality of service required by applications. In this project we suggest alterations to the scheduler of the kernel of a MACH-RT operating system. We also suggest an architecture that makes it possible to create and launch multimedia applications. These alterations allow the quality of service provided to the user to be controlled. |
| 169 Cryptographic System for Storage of Data Using Linear Codes |
pp. 1691-1695 |
|
|
by : Jose Junior, Edilberto Teixeira, Joao Souza
Abstract: - This work describes a system of cryptography for storage of data using linear codes. Through the study of the foundations of classical cryptography and algebraic theory of linear codes, the importance and efficiency of the described systems are analyzed, as well as, the use of such systems for data storage. |
| 170 Multicast Caching: Efficient Distribution of Encrypted Content to Mobile Clients |
pp. 1701-1706 |
|
|
by : Janne Lundberg, Catharina Candolin
Abstract: - Multicast caching is an efficient way to reduce traffic in the core network, and for distributing information to a large group of clients. Problems that are are associated with caching multicast data for mobile clients are different from, for example, HTT |
| 174 A new active network environment |
pp. 1741-1747 |
|
|
by : Flavio Silva, Emilio Yamane, Rodrigo Campiolo, Joao Sobral
Abstract: - This paper presents ANE (Active Network Environment), a new research project. ANE is an execution environment for general purposes Active Networks. The project is based on observations about other similar existing projects in the same area. ANE is an auxiliar environment to the user to inject active programs in the network. The user communicates with the system using a simple and strong interface. He/she can develop the injected programs using any development tool for Java applications. The program injection happens when the user wishes; he/she has complete control over the injected programs. Many security elements were introduced in the system to give guaranties to the transported data and program code. The hosts in the path of an Active Network packet are monitored constantly by an Authentication Center. |
| 182 The Implementation of MAC(Monitor, Alarm and Control) System for Digital Terrestrial Broadcasting System |
pp. 1821-1823 |
|
|
by : Taekyoon Kim, Ohyung Kwon, Chideok Ahn
Abstract: - In this paper, the implementation of MAC system for Digital Terrestrial Broadcasting System (DTBS) is presented. This MAC controls and monitors the status of the baseband and RF equipments and gathers the alarm of them. The slave MAC controls RF equipments and remotely reports to master MAC which controls baseband equipments. The advantage of this system is the center-concentrated. Real time processing and remote controlling. |
| 186 A Persistent Memory Management in Java Card |
pp. 1861-1866 |
|
|
by : Im Y. Jung, Sung I. Jun, Kyo I. Chung
Abstract: - EEPROM as persistent memory in smart card has some different features with other memories. It consists of the pages with a fixed size and has the characteristics due to them. It is more efficient to consider them and to handle EEPROM by page than to think of it as a seamless space and to deal with it as one large chunk. Because smart card is categorized as the device closely interactive with users, the faster response time is important. Accordingly, the time spent in managing the card memory should be in the acceptable range. The necessity to manage the card memory, EEPROM, to be reused efficiently, arises from its small capacity due to the physical size of smart card itself. In this point, the memory management schemes such as memory allocation, withdrawal and garbage collection get to have importance concretely. In this paper, we propose an efficient persistent memory management scheme in smart card based on the model of our Next Generation Integration Circuit(NGIC) Card. |
| 187 A framework for human factors in information security |
pp. 1871-1877 |
|
|
by : Jose J Gonzalez, Agata Sawicka
Abstract: - Any security system, even when designed and implemented according to the newest technology, will have to rely on people. The fact that human factors play a crucial part in the majority of accidents is a troubling feature of modern “security know-how”: We can implement appropriate technical solutions, but we still fail to handle the human factor. With our research project we intend to improve the understanding of the role of human factors in information security systems. We develop system dynamical simulation models to explore the complex security problem. We use a simple, fictitious case to illustrate how system dynamics may deliver insights into the “people’s security problem” and help in designing robust security policies. For further progress, collaboration with companies or organizations to the effect of collecting real-life case studies is necessary. |
| 189 Trust Management in E-business Systems - >From Taxonomy to Trust Engine Architecture |
pp. 1891-1895 |
|
|
by : Denis Trcek Gorazd Kandus
Abstract: - Trust is becoming an increasingly important topic in security of e-business systems. Trust turned out to be essential for further penetration of e-business technologies, especially for agents based technologies. Therefore a proper taxonomy is needed and trust has to be formalized in order to enable development of trust engine for such applications. The main objective of the paper is thus how to practically deal with trust in e-business environment, from taxonomy to trust engine architecture. The approach is based on facts learned from e-business systems security. |
| 194 A Model of Relevance Feedback for Distributed Information Retrieval |
pp. 1941-1943 |
|
|
by : V.V.Kluev
Abstract: - The aim of the relevance feedback model presented here is to apply accumulated users’ knowledge in searching for text information. The information retrieval system keeps individual feedback from users, determines appropriate documents and expands the initial user queries using terms from titles of these documents. Preliminary tests showed positive results. |
| 196 University computer network and its application for multimedia transmission in medicine |
pp. 1961-1964 |
|
|
by : Miloslav Filka, Otto Dostal, Martin Petrenko
Abstract: - University computer network in Brno, the Czech Republic. Networks used for multimedia transmission. Further posibilities for increasing the transmission speed using WDM. |
| 199 How Secure is your E-Purse against Side Channel Leakage? |
pp. 1991-1996 |
|
|
by : Colin D Walter
Abstract: - Electronic purses in smartcards are protected by well-designed protocols and strong encryption. However, progress in the design and techniques of attacks using side channel leakage show that implementers need to update and improve tamper resistance on a continuous basis in order to stay ahead of the attacker. This article surveys the state-of-the-art in non-invasive passive attacks and the algorithmic counter-measures which are being developed. |
| 200 efficient key agreement protocol using proxy server for wireless communication |
pp. 2001-2006 |
|
|
by : Soohyun Oh, Jin Kwak, Sangman Ahn, Dongho Won
Abstract: - A key agreement protocol is the most important part to establish a secure cryptographic system and the effort to standardize the key agreement protocols is in rapid progress. Several efficient and secure key agreement protocols have been proposed so far since Diffie-Hellman proposed a public key agreement system in 1976. But, since Diffie-Hellman based key agreement protocols need a lot of computation to establish the session key, they are not proper to apply wireless Internet environment. In this paper, we propose the efficient key agreement protocol using proxy server. The proposed protocol supports the security of the Diffie-Hellman based protocol and the computation work of mobile user can be decreased using proxy server. |
| 202 A Framework for Network Security System Design |
pp. 2021-2026 |
|
|
by : Joao Porto and Paulo Geus
Abstract: - This work presents a framework for network system development that introduces a new phase in the usual procedure: the network security design. The main goal of this phase is to bridge the gap between high-level security requirement analysis and the low-level system implementation through the generation of a model of the network system architecture plus the security policies associated with the components of the model that have to enforce them. For this purpose, the design phase is composed by two complementary steps: an architectural model and a set of design-level security policies. The main advantages and desired characteristics of these models are analyzed; they are related to existing work in the area; and future research directions are pointed. |
| 203 JEDPI: An Environment for Running Java Distributed Programs in the Internet |
pp. 2031-2037 |
|
|
by : Laurentino Duodecimo R. Fernandes and Celso Massaki Hirata
Abstract: - A distributed program can be described as a group of autonomous computers interconnected and communicating only through message-passing. Although the Internet is the most ubiquitous platform, it is being used mostly for client-server applications. It is believed that a new breed of applications, based on distributed programs, will be needed in a near future. Nowadays, however, there exists little support of tools, environments, and platforms to easily, build, test, and implement distributed programs. This work presents an environment to run, test, and debug distributed programs in the Internet. Such an environment consists of an application running in the Internet, which manages distributed program or processes. Processes are written using a Java API which acts as a layer to hide from the users most of the language complexity. The environment is intended to be used for teaching the construction of distributed programs. It can also be used for building small distributed applications. |
| 204 group undeniable signatures |
pp. 2041-2047 |
|
|
by : Yuh-Dauh Lyuu, Ming-Luen Wu
Abstract: - A group undeniable signature scheme is proposed in which each group member can sign on behalf of the group without revealing his or her identity and the verification of a signature can only be done with cooperation of the group manager. For business applications, group undeniable signatures can be used to validate price lists, press release or digital contracts on which the signatures are commercially sensitive or valuable to a competitor. If a group is falsely accused of having signing a particular signature, the manager should have the ability to prove his innocence. In case of a later dispute, the manager can track down which member signed the signature. Our scheme can be proven to be unforgeable, signature-simulatable and coalition-resistant. The confirmation and denial protocols are also zero-knowledge. Furthermore, the time, space and communication complexity are independent of the group size. |
| 205 COPS-IDR: a protocol for intrusion detection & response |
pp. 2051-2058 |
|
|
by : Seung-yong Yoon, Gae-il Ahn, Ki-young Kim, Jong-soo Jang
Abstract: - The IETF Resource Allocation Protocol(RAP) WG has defined the COPS protocol as a scalable protocol that allow policy servers(PDPs) to communicate policy decisions to network devices(PEPs) in a Policy-Based Networking environment. So far most of the studies focused on QoS provisioning in this area. Applying security policy, especially related to Intrusion Detections and Response, to Policy-Based Networking has been already discussed and developed. A lot of proposals are used existing SNMP or vender-specific methods to convey security policy information. But COPS is proposed for this situation, there is no definition of the extensions to the COPS protocol for security policies. In this paper a new client type for the COPS protocol is proposed to support security policies. The new client type is called ? COPS-IDR?±(COPS- Intrusion Detection and Response). The proposed protocol has been implemented in a test-bed, where both the control plane and the data plane are realized according to the specification. |
| 210 Co-desing architecture for reconfigurable assembly platforms |
pp. 2101-2105 |
|
|
by : Jose-Luis Martinez-Lastra, Reijo Tuokko
Abstract: - This paper proposes a new architecture for distributed assembly platforms that is well suited to hardware-software codesign. The key qualitative attribute is the reusability of her atomic architectural units called “assembly actors”(software/hardware devices) due the correlation between actors’ goals and primitive assembly operations. We describe the main components of the codesign architecture and focuss on the interfaces between components. The collaborative approach is illustrated using two-robotic axis iteration |
| 212 Analysis of TCP/IP Protocol Processing in Gigabit Networks |
pp. 2121-2126 |
|
|
by : Ralf Lehmann, Mirko Benz
Abstract: - Gigabit networks cannot be fully utilized even by today's high end systems. The processing requirements of applications and advanced services like quality of service or security processing aggravate this situation which will get critical with next generation networks. To analyze these shortcomings, this paper presents the measurement results of processing and queuing times of TCP packets in Gigabit networks using the Linux network protocol stack. Finally, possible directions towards protocol acceleration are outlined. |
| 213 Toward fast and accurate architecture exploration in a hardware/software codesign flow |
pp. 2131-2137 |
|
|
by : Dirk Stroobandt
Abstract: - Embedded systems design combines software implementations running on an on-chip processor and dedicated hardware components. It also introduces IP-components (Intellectual Property) to be reused and integrated in Systems-on-a-Chip (SoCs). This means a tremendous paradigm shift from the traditional system design. This paper introduces an embedded systems design flow in which the major challenge is the exploration of the design space for optimal architecture configurations. We show that automation of this architecture exploration phase heavily relies on fast and relatively accurate performance estimates for both hardware and software implementations simultaneously. For performance estimation of hardware, we advocate the introduction of a priori interconnect estimations in architecture exploration tools and show how such estimates can be used beneficially. |
| 214 The Simulation of Dynamic Voltage Processor with MPEG decoding |
pp. 2141-2146 |
|
|
by : Jinah Shin; Sungik Jeon; Kyoil Chung
Abstract: - As the usage of personal mobile devices increase, there are many researches for more efficient and convenient mobile systems. Especially, reducing energy consumption is one of the critical issues for those systems owing to their portability. Dynamic voltage scaling (DVS) has been suggested to reduce the processor power which is highly consumed energy component. In this paper, we propose a couple of DVS algorithms for MPEG decoder using variance of MPEG frame decoding time. The processor power is measured out frame by frame using Wattch, power estimator based on instruction set simulator. As a result, our algorithm shows about 70% ~ 85% energy reduction of processor with DVS per frame unit. |
| 216 Development of Policy Management Tool in Policy Based Network Security System. |
pp. 2161-2167 |
|
|
by : Geonlyang-Kim, Keeyoung-Kim, Jongsu-Jang
Abstract: - This paper introduces Policy Management Tool which was implemented based on Policy Information Model in policy based network security system that was made by using policy sever. Policy based network security system consists of policy server managing and sending policies to keep a specific domain from attackers and policy clients detecting and responding intrusion by using policies that policy server sends. Policies exchanged between policy server and policy client are saved in database in the form of directory through LDAP by using Policy Management Tool based on NSPIM. NSPIM is policy information model founded upon PCIM of IETF and PCIMe and expanded. Policy Management Tool based on NSPIM provides not only policy management function, but also editing function using reusable object, function generating object name and blocking rule automatically, and other convenient functions for user. Policy Management Tool provides the function generating policies and checking integrity and consistency of those. So, It generates right policies meeting the schema of Policy Repository. |
| 220 a model for the trust handling on e-business transactions |
pp. 2201-2207 |
|
|
by : Fabio Roberto Pillatt , Francilene Procopio Garcia
Abstract: - When evaluating today business environment, it is noticed that e-business technologies are being outlined as fundamental pieces to strengthen the value chain of traditional business activities. Furthermore, the growth of e-business technologies in the global market depends on several factors and transactions' reliability is one of them. This article presents an alternative to obtain and measure trust relationships on virtual activity of negotiation, proposing a trust model for evaluation of the reliability level assigned to a given transaction. Also it is described how the model is being implemented and how to apply it. |
| 222 Studying Traffic Engineering in Next Generation Internet |
pp. 2221-2228 |
|
|
by : Solange da Silva, Paulo Roberto Guardieiro
Abstract: - In this article we present a study about the traffic engineering in next generation Internet, with a specific approach of the MPLS network technology. It describes traffic engineering components and features as well as its advantages, highlighting the results in terms of the best performance and scalability, essential in the IP network. It presents an MPLS overview, and also MPLS as a tool to implement traffic engineering, and the CBR as well. In addition, it is presented a comparison between the Label Distribution Protocols CR-LDP and RSVP-TE, showing the more relevant features in relation to their use in backbone networks. |
| 224 A Distance Learning Tool for Teaching Parallel Computing |
pp. 2241-2245 |
|
|
by : Rafael De Sousa, Alexandre Martins, Gustavo Ishihara, Ricardo Puttini, Robson Albuquerque
Abstract: - This paper describes a www application developed to access and manage a virtual laboratory for teaching parallel computing. The laboratory is a cluster of personal computers with Intel processors running the NASA's Beowulf cluster software and using the MPI application-programming interface under the Linux operating system. This paper describes the construction, configuration and optimization of the Beowulf cluster as well as some theoretical concepts and real experiments implemented during the project. The motivation for using the Beowulf cluster under Linux comes from its excellent cost-performance ratio, which is an important factor in a teaching environment. The virtual laboratory environment consists of an Apache web server installed with PHP and MySQL modules, which were used for the application development. This environment can be accessed from Internet web browsers allowing users to remotely submit and run parallel programs on the implemented cluster. |
| 226 Components Specification for Modeling Wireless IEEE 802.11 Networks |
pp. 2261-2266 |
|
|
by : Geovane Vitor Vasconcelos, Joberto Sergio Barbosa Martins and Maria Izabel Cavalcanti Cabral
Abstract: - This paper presents the specification of software components intended to aid the construction of simulation tools used for modeling and evaluating the performance of computer network systems. The components specification conforms to IEEE 802.11 wireless standard. The specification focuses on relevant resources for both analysis and project phases. The components represent the elements for ad hoc and multi-cell structures. The developer of simulation tools may easily reuse this specification and implement software components using any programming language. |
| 230 difficulties to transport digital certificates in active networks |
pp. 2301-2303 |
|
|
by : Flavio Silva, Emilio Yamane, Rodrigo Campiolo, Joao Sobral
Abstract: - ANE (Active Network Environment) is a new environment to active networks programs execution. ANE has a lot of security items. For example, the hostile hosts issue. But a very interesting issue of ANE is the chosen method to void the certificate transport. In other platforms certificates spend an important space of network packets. |
| 237 Generation of LRD packet traffic by hard quantization of FGN |
pp. 2371-2375 |
|
|
by : Antonio Gorrasi, Rocco Restaino
Abstract: - Self-similar processes have been shown to adequately represent Wide Area Network and Local Area Network traffic. However, the efficient generation of sample paths turns out to be a demanding task. In particular, for packet switching network analysis, the discretization of the packet length jeopardizes the self-similarity features of commonly used generators. In this paper we present a fast and accurate generation method for ON/OFF traffic. It is based on the hard quantization of fractional Gaussian noise (fGn), which in turn is generated by an IFFT algorithm. We show that the Long Range Dependence (LRD) features are preserved over a broad range of values of the characterizing parameters of the process, namely the Hurst parameter and the sample mean. We perform a comparison of this method with a previously proposed method based on chaotic maps in terms of computational efficiency and in terms of accuracy in synthesizing the targeted self-similarity features. |
| 241 XML Security for Mobile Commerce |
pp. 2411-2415 |
|
|
by : Jooyoung Lee, Kiyoung Moon
Abstract: - As wireless technology is growing at an exponential rate, companies that want to lead in their market have already deployed mobile solutions and individuals are using wireless technology for important communications. Therefore success in the mobile commerce is dependent on the development and deployment of an end-to-end security solution that protects wireless network, devices, application and data. In order to fulfill such needs, currently some security technologies have been developed. While there are a plethora of security tools on the market, no one has offered an end-to-end security solution tailored to the specific demands of wireless environment. Therefore, in this paper, we??ll propose an XML security method to help the secure mobile commerce and discuss some implementation issues to bring the XML security to mobile devices. As it allows protecting the data not only transferred over the network, but also stored within devices, it can provide end-to-end security. Additionally it serves full compatibility, flexibility, and extensibility by using XML. |
| 243 Dealing with Security within DEEPSIA Project |
pp. 2431-2439 |
|
|
by : Francisco Milagres, Edson Moreira, Joao Pimentao, Pedro Sousa, Adolfo Garcao
Abstract: - DEEPSIA (Dynamic on-linE IntErnet Purchasing System based on Intelligent Agents) aims to develop a system to support companies as purchasers in electronic commerce e-procurement processes. To pursue this task, DEEPSIA is implemented using a Multi-Agent System, whose components may, and effectively are, distributed in four countries (Brazil, Poland, Portugal and Spain). Being a system that uses the Internet and deals with critical information, a high security level is required. The objective of this paper is to summarily present the architecture of the DEEPSIA multi-agents system, focusing on the security needs identified. The paper proceeds with the work being developed by the Brazilian and the Portuguese teams towards the enhancement of the security of such systems. |
| 246 design of a label switch controller for differentiated services in ip and atm integrated networks |
pp. 2461-2466 |
|
|
by : Jaesup Lee, Keun Ho Ryu, Kyou-ho Lee, Tae-il Kim
Abstract: - MPLS is highlightened as the most promising technology for the integrated IP-over ATM backbone networks. Nowadays, one of the important practical issues in MPLS is the capability to provide Differentiated Services. For integrating IP and ATM with scalability, MPLS based ATM switch network can be available, especially for the fast Internet services adding Layer 3 routing module to the existing ATM network, and can provide scaleable Internet services to users with various service level. In this paper, we establish Queuing model for FE(Forwarding Engine) including service differentiation, which performs IP address lookup in MPLS LER, and analyze performance of FE with Internet traffic by statistical Internet protocol analysis. Also we take a closer look into our LC-ATM switch on which we implement MPLS controller that can provide both user and provider with relative proportional differentiated service in a feasible and reliable manner. |