Search results for: Mandatory Access Control
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 4527

Search results for: Mandatory Access Control

4527 A General Mandatory Access Control Framework in Distributed Environments

Authors: Feng Yang, Xuehai Zhou, Dalei Hu

Abstract:

In this paper, we propose a general mandatory access framework for distributed systems. The framework can be applied into multiple operating systems and can handle multiple stakeholders. Despite considerable advancements in the area of mandatory access control, a certain approach to enforcing mandatory access control can only be applied in a specific operating system. Other than PC market in which windows captures the overwhelming shares, there are a number of popular operating systems in the emerging smart phone environment, i.e. Android, Windows mobile, Symbian, RIM. It should be noted that more and more stakeholders are involved in smartphone software, such as devices owners, service providers and application providers. Our framework includes three parts—local decision layer, the middle layer and the remote decision layer. The middle layer takes charge of managing security contexts, OS API, operations and policy combination. The design of the remote decision layer doesn’t depend on certain operating systems because of the middle layer’s existence. We implement the framework in windows, linux and other popular embedded systems.

Keywords: Mandatory Access Control, Distributed System, General Platform.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2231
4526 A Survey of Access Control Schemes in Wireless Sensor Networks

Authors: Youssou Faye, Ibrahima Niang, Thomas Noel

Abstract:

Access control is a critical security service in Wire- less Sensor Networks (WSNs). To prevent malicious nodes from joining the sensor network, access control is required. On one hand, WSN must be able to authorize and grant users the right to access to the network. On the other hand, WSN must organize data collected by sensors in such a way that an unauthorized entity (the adversary) cannot make arbitrary queries. This restricts the network access only to eligible users and sensor nodes, while queries from outsiders will not be answered or forwarded by nodes. In this paper we presentee different access control schemes so as to ?nd out their objectives, provision, communication complexity, limits, etc. Using the node density parameter, we also provide a comparison of these proposed access control algorithms based on the network topology which can be flat or hierarchical.

Keywords: Access Control, Authentication, Key Management, Wireless Sensor Networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2654
4525 A Purpose Based Usage Access Control Model

Authors: Lili Sun, Hua Wang

Abstract:

As privacy becomes a major concern for consumers and enterprises, many research have been focused on the privacy protecting technology in recent years. In this paper, we present a comprehensive approach for usage access control based on the notion purpose. In our model, purpose information associated with a given data element specifies the intended use of the subjects and objects in the usage access control model. A key feature of our model is that it allows when an access is required, the access purpose is checked against the intended purposes for the data item. We propose an approach to represent purpose information to support access control based on purpose information. Our proposed solution relies on usage access control (UAC) models as well as the components which based on the notions of the purpose information used in subjects and objects. Finally, comparisons with related works are analyzed.

Keywords: Purpose, privacy, access control, authorization

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1884
4524 Component Lifecycle and Concurrency Model in Usage Control (UCON) System

Authors: P. Ghann, J. Shiguang, C. Zhou

Abstract:

Access control is one of the most challenging issues facing information security. Access control is defined as, the ability to permit or deny access to a particular computational resource or digital information by an unauthorized user or subject. The concept of usage control (UCON) has been introduced as a unified approach to capture a number of extensions for access control models and systems. In UCON, an access decision is determined by three factors: authorizations, obligations and conditions. Attribute mutability and decision continuity are two distinct characteristics introduced by UCON for the first time. An observation of UCON components indicates that, the components are predefined and static. In this paper, we propose a new and flexible model of usage control for the creation and elimination of some of these components; for example new objects, subjects, attributes and integrate these with the original UCON model. We also propose a model for concurrent usage scenarios in UCON.

Keywords: Access Control, Concurrency, Digital container, Usage control.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1849
4523 Role-based Access Control Model in Home Network Environments

Authors: Do-Woo Kim, Geon Woo Kim, Jun-Ho Lee, Jong-Wook Han

Abstract:

The home in these days has not one computer connected to the Internet but rather a network of many devices within the home, and that network might be connected to the Internet. In such an environment, the potential for attacks is greatly increased. The general security technology can not apply because of the use of various wired and wireless network, middleware and protocol in digital home environment and a restricted system resource of home information appliances. To offer secure home services home network environments have need of access control for various home devices and information when users want to access. Therefore home network access control for user authorization is a very important issue. In this paper we propose access control model using RBAC in home network environments to provide home users with secure home services.

Keywords: Home network, access control, RBAC, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1910
4522 The Association between the Firm Characteristics and Corporate Mandatory Disclosure the Case of Greece

Authors: Despina Galani, Anastasios Alexandridis, Antonios Stavropoulos

Abstract:

The main thrust of this paper is to assess the level of disclosure in the annual reports of non-financial Greek firms and to empirically investigate the hypothesized impact of several firm characteristics on the extent of mandatory disclosure. A disclosure checklist consisting of 100 mandatory items was developed to assess the level of disclosure in the 2009 annual reports of 43 Greek companies listed at the Athens stock exchange. The association between the level of disclosure and some firm characteristics was examined using multiple linear regression analysis. The study reveals that Greek companies on general have responded adequately to the mandatory disclosure requirements of the regulatory bodies. The findings also indicate that firm size was significant positively associated with the level of disclosure. The remaining variables such as age, profitability, liquidity, and board composition were found to be insignificant in explaining the variation of mandatory disclosures. The outcome of this study is undoubtedly of great concern to the investment community at large to assist in evaluating the extent of mandatory disclosure by Greek firms and explaining the variation of disclosure in light of firm-specific characteristics.

Keywords: Mandatory disclosure, Annual report, Disclosure index

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3979
4521 Enhanced Data Access Control of Cooperative Environment used for DMU Based Design

Authors: Wei Lifan, Zhang Huaiyu, Yang Yunbin, Li Jia

Abstract:

Through the analysis of the process digital design based on digital mockup, the fact indicates that a distributed cooperative supporting environment is the foundation conditions to adopt design approach based on DMU. Data access authorization is concerned firstly because the value and sensitivity of the data for the enterprise. The access control for administrators is often rather weak other than business user. So authors established an enhanced system to avoid the administrators accessing the engineering data by potential approach and without authorization. Thus the data security is improved.

Keywords: access control, DMU, PLM, virtual prototype.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1463
4520 An Attribute Based Access Control Model with POL Module for Dynamically Granting and Revoking Authorizations

Authors: Gang Liu, Huimin Song, Can Wang, Runnan Zhang, Lu Fang

Abstract:

Currently, resource sharing and system security are critical issues. This paper proposes a POL module composed of PRIV ILEGE attribute (PA), obligation and log which improves attribute based access control (ABAC) model in dynamically granting authorizations and revoking authorizations. The following describes the new model termed PABAC in terms of the POL module structure, attribute definitions, policy formulation and authorization architecture, which demonstrate the advantages of it. The POL module addresses the problems which are not predicted before and not described by access control policy. It can be one of the subject attributes or resource attributes according to the practical application, which enhances the flexibility of the model compared with ABAC. A scenario that illustrates how this model is applied to the real world is provided.

Keywords: Access control, attribute based access control, granting authorizations, privilege, revoking authorizations, system security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1058
4519 A Wireless Secure Remote Access Architecture Implementing Role Based Access Control: WiSeR

Authors: E. Tomur, R. Deregozu, T. Genc

Abstract:

In this study, we propose a network architecture for providing secure access to information resources of enterprise network from remote locations in a wireless fashion. Our proposed architecture offers a very promising solution for organizations which are in need of a secure, flexible and cost-effective remote access methodology. Security of the proposed architecture is based on Virtual Private Network technology and a special role based access control mechanism with location and time constraints. The flexibility mainly comes from the use of Internet as the communication medium and cost-effectiveness is due to the possibility of in-house implementation of the proposed architecture.

Keywords: Remote access, wireless networks, security, virtualprivate networks, RBAC.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1697
4518 Survey of Access Controls in Cloud Computing

Authors: Monirah Alkathiry, Hanan Aljarwan

Abstract:

Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.

Keywords: Access controls, cloud computing, confidentiality, identity and access management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 728
4517 Channels Splitting Strategy for Optical Local Area Networks of Passive Star Topology

Authors: Peristera Baziana

Abstract:

In this paper, we present a network configuration for a WDM LANs of passive star topology that assume that the set of data WDM channels is split into two separate sets of channels, with different access rights over them. Especially, a synchronous transmission WDMA access algorithm is adopted in order to increase the probability of successful transmission over the data channels and consequently to reduce the probability of data packets transmission cancellation in order to avoid the data channels collisions. Thus, a control pre-transmission access scheme is followed over a separate control channel. An analytical Markovian model is studied and the average throughput is mathematically derived. The performance is studied for several numbers of data channels and various values of control phase duration.

Keywords: Access algorithm, channels division, collisions avoidance, wavelength division multiplexing.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1013
4516 Enhance Security in XML Databases: XLog File for Severity-Aware Trust-Based Access Control

Authors: Asmawi A., Affendey L. S., Udzir N. I., Mahmod R.

Abstract:

The topic of enhancing security in XML databases is important as it includes protecting sensitive data and providing a secure environment to users. In order to improve security and provide dynamic access control for XML databases, we presented XLog file to calculate user trust values by recording users’ bad transaction, errors and query severities. Severity-aware trust-based access control for XML databases manages the access policy depending on users' trust values and prevents unauthorized processes, malicious transactions and insider threats. Privileges are automatically modified and adjusted over time depending on user behaviour and query severity. Logging in database is an important process and is used for recovery and security purposes. In this paper, the Xlog file is presented as a dynamic and temporary log file for XML databases to enhance the level of security.

Keywords: XML database, trust-based access control, severity-aware, trust values, log file.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1852
4515 Towards a Secure Storage in Cloud Computing

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: Access control, data integrity, data confidentiality, Kerberos authentication, cloud security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1771
4514 Concurrent Access to Complex Entities

Authors: Cosmin Rablou

Abstract:

In this paper we present a way of controlling the concurrent access to data in a distributed application using the Pessimistic Offline Lock design pattern. In our case, the application processes a complex entity, which contains in a hierarchical structure different other entities (objects). It will be shown how the complex entity and the contained entities must be locked in order to control the concurrent access to data.

Keywords: Object-oriented programming, Pessimistic Lock, Design pattern, Concurrent access to data, Processing complex entities

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1311
4513 BTG-BIBA: A Flexibility-Enhanced Biba Model Using BTG Strategies for Operating System

Authors: Gang Liu, Can Wang, Runnan Zhang, Quan Wang, Huimin Song, Shaomin Ji

Abstract:

Biba model can protect information integrity but might deny various non-malicious access requests of the subjects, thereby decreasing the availability in the system. Therefore, a mechanism that allows exceptional access control is needed. Break the Glass (BTG) strategies refer an efficient means for extending the access rights of users in exceptional cases. These strategies help to prevent a system from stagnation. An approach is presented in this work for integrating Break the Glass strategies into the Biba model. This research proposes a model, BTG-Biba, which provides both an original Biba model used in normal situations and a mechanism used in emergency situations. The proposed model is context aware, can implement a fine-grained type of access control and primarily solves cross-domain access problems. Finally, the flexibility and availability improvement with the use of the proposed model is illustrated.

Keywords: Biba model, break the glass, context, cross-domain, fine-grained.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1154
4512 A DMB-TCA Simulation Method for On-Road Traffic Travel Demand Impact Analysis

Authors: Zundong Zhang, Limin Jia, Zhao Tian, Yanfang Yang

Abstract:

Travel Demands influence micro-level traffic behavior, furthermore traffic states. In order to evaluate the effect of travel demands on traffic states, this paper introduces the Demand- Motivation-Behaviors (DMB) micro traffic behavior analysis model which denotes that vehicles behaviors are determines by motivations that relies on traffic demands from the perspective of behavior science. For vehicles, there are two kinds of travel demands: reaching travel destinations from orientations and meeting expectations of travel speed. To satisfy travel demands, the micro traffic behaviors are delivered such as car following behavior, optional and mandatory lane changing behaviors. Especially, mandatory lane changing behaviors depending on travel demands take strong impact on traffic states. In this paper, we define the DMB-based cellular automate traffic simulation model to evaluate the effect of travel demands on traffic states under the different δ values that reflect the ratio of mandatory lane-change vehicles.

Keywords: Demand-Motivation-Behavior, Mandatory Lane Changing, Traffic Cellular Automata.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1677
4511 Web Based Remote Access Microcontroller Laboratory

Authors: H. Çimen, İ. Yabanova, M. Nartkaya, S. M. Çinar

Abstract:

This paper presents a web based remote access microcontroller laboratory. Because of accelerated development in electronics and computer technologies, microcontroller-based devices and appliances are found in all aspects of our daily life. Before the implementation of remote access microcontroller laboratory an experiment set is developed by teaching staff for training microcontrollers. Requirement of technical teaching and industrial applications are considered when experiment set is designed. Students can make the experiments by connecting to the experiment set which is connected to the computer that set as the web server. The students can program the microcontroller, can control digital and analog inputs and can observe experiment. Laboratory experiment web page can be accessed via www.elab.aku.edu.tr address.

Keywords: Embedded systems education, distance learning, internet-based control, remote microcontroller laboratory.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2276
4510 The Portuguese Framework of the Professional Internship without Public Funds

Authors: Ana Lambelho

Abstract:

In an economic crisis such as the one that shook (and still shake) Europe, one does not question the importance of the measures that encourage the hiring and integration of young people into the labour market. In the mentioned context, enterprises tend to reduce the cost of labour and to seek flexible contracting instruments. The professional internships allow innovation and creativity at low cost, because, as they are not labour contracts, the enterprises do not have to respect the minimum standards related to wages, working time duration and so on. In Portugal, we observe a widespread existence of training contracts in which the trainee worked several hours without salary or was paid below the legally prescribed for the function and the work period. For this reason, under the tripartite agreement for a new system of regulation of labour relations, employment policies and social protection, between the Government and the social partners, in June 2008, foresaw a prohibition of professional internships unpaid and the legal regulation of the mandatory internships for access to an activity. The first Act about private internship contracts, i.e., internships without public funding was embodied in the Decree-Law N. 66/2011, of 1st June. This work is dedicated to the study of the legal regime of the internship contract in Portugal, by analysing the problems brought by the new set of rules and especially those which remains unresolved. In fact, we can conclude that the number of situations covered by the Act is much lower than what was expected, because of the exclusion of the mandatory internship for access to a profession when the activity is developed autonomously. Since the majority of the activities can be developed both autonomously or subordinated, it is quite easy to out of the Act requirements and, so, out of the protection that it confers to the intern. In order to complete this study, we considered not only the mentioned legal Act, but also the few doctrine and jurisprudence about the theme.

Keywords: Intern, internship contact, labour law, Portugal.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1807
4509 Home Network-Specific RBAC Model

Authors: Geon-Woo Kim, Do-Woo Kim, Jun-Ho Lee, Jin-Beon Hwang, Jong-Wook Han

Abstract:

As various mobile sensing technologies, remote control and ubiquitous infrastructure are developing and expectations on quality of life are increasing, a lot of researches and developments on home network technologies and services are actively on going, Until now, we have focused on how to provide users with high-level home network services, while not many researches on home network security for guaranteeing safety are progressing. So, in this paper, we propose an access control model specific to home network that provides various kinds of users with home network services up one-s characteristics and features, and protects home network systems from illegal/unnecessary accesses or intrusions.

Keywords: Home network security, RBAC, access control, authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1729
4508 Performance of Laboratory Experiments over the Internet: Towards an Intelligent Tutoring System on Automatic Control

Authors: Kleanthis Prekas, Maria Rangoussi, Savvas Vassiliadis, George Prekas

Abstract:

Intelligent tutoring systems constitute an evolution of computer-aided educational software. We present here the modules of an intelligent tutoring system for Automatic Control, developed in our department. Through the software application developed,students can perform complete automatic control laboratory experiments, either over the departmental local area network or over the Internet. Monitoring of access to the system (local as well as international), along with student performance statistics, has yielded strongly encouraging results (as of fall 2004), despite the advanced technical content of the presented paradigm, thus showing the potential of the system developed for education and for training.

Keywords: Automatic control, tutoring system, Internet access, laboratory experiments.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1655
4507 Performance Evaluation of XMAC and BMAC Routing Protocol under Static and Mobility Scenarios in Wireless Sensor Network

Authors: M. V. Ramana Rao, T. Adilakshmi

Abstract:

Based on application requirements, nodes are static or mobile in Wireless Sensor Networks (WSNs). Mobility poses challenges in protocol design, especially at the link layer requiring mobility adaptation algorithms to localize mobile nodes and predict link quality to be established with them. This study implements XMAC and Berkeley Media Access Control (BMAC) routing protocols to evaluate performance under WSN’s static and mobility conditions. This paper gives a comparative study of mobility-aware MAC protocols. Routing protocol performance, based on Average End to End Delay, Average Packet Delivery Ratio, Average Number of hops, and Jitter is evaluated.

Keywords: Wireless Sensor Network (WSN), Medium Access Control (MAC), Berkeley Media Access Control (BMAC), mobility.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2382
4506 Concurrency in Web Access Patterns Mining

Authors: Jing Lu, Malcolm Keech, Weiru Chen

Abstract:

Web usage mining is an interesting application of data mining which provides insight into customer behaviour on the Internet. An important technique to discover user access and navigation trails is based on sequential patterns mining. One of the key challenges for web access patterns mining is tackling the problem of mining richly structured patterns. This paper proposes a novel model called Web Access Patterns Graph (WAP-Graph) to represent all of the access patterns from web mining graphically. WAP-Graph also motivates the search for new structural relation patterns, i.e. Concurrent Access Patterns (CAP), to identify and predict more complex web page requests. Corresponding CAP mining and modelling methods are proposed and shown to be effective in the search for and representation of concurrency between access patterns on the web. From experiments conducted on large-scale synthetic sequence data as well as real web access data, it is demonstrated that CAP mining provides a powerful method for structural knowledge discovery, which can be visualised through the CAP-Graph model.

Keywords: concurrent access patterns (CAP), CAP mining and modelling, CAP-Graph, web access patterns (WAP), WAP-Graph, Web usage mining.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1725
4505 An Energy-Latency-Efficient MAC Protocol for Wireless Sensor Networks

Authors: Tahar Ezzedine, Mohamed Miladi, Ridha Bouallegue

Abstract:

Because nodes are usually battery-powered, the energy presents a very scarce resource in wireless sensor networks. For this reason, the design of medium access control had to take energy efficiency as one of its hottest concerns. Accordingly, in order to improve the energy performance of MAC schemes in wireless sensor networks, several ways can be followed. In fact, some researchers try to limit idle listening while others focus on mitigating overhearing (i.e. a node can hear a packet which is destined to another node) or reducing the number of the used control packets. We, in this paper, propose a new hybrid MAC protocol termed ELE-MAC (i.e. Energy Latency Efficient MAC). The ELE-MAC major design goals are energy and latency efficiencies. It adopts less control packets than SMAC in order to preserve energy. We carried out ns- 2 simulations to evaluate the performance of the proposed protocol. Thus, our simulation-s results prove the ELE-MAC energy efficiency. Additionally, our solution performs statistically the same or better latency characteristic compared to adaptive SMAC.

Keywords: Control packet, energy efficiency, medium access control, wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1694
4504 Assessing Students’ Attitudinal Response towards the Use of Virtual Reality in a Mandatory English Class at a Women’s University in Japan

Authors: Felix David

Abstract:

The use of virtual reality (VR) technology is still in its infancy. This is especially true in a Japanese educational context with very little to no exposition of VR technology inside classrooms. Technology is growing and changing rapidly in America, but Japan seems to be lagging behind in integrating VR into its curriculum. The aim of this research was to expose 111 students from Hiroshima Jogakuin University (HJU) to seven classes that involved VR content and assess students’ attitudinal responses toward this new technology. The students are all female, and they are taking the “Kiso Eigo/基礎英語” or Foundation English course, which is mandatory for all first- and second-year students. Two surveys were given, one before the treatment and a second survey after the treatment, which in this case means the seven VR classes. These surveys first established that the technical environment could accommodate VR activities in terms of internet connection, VR headsets, and the quality of the smartphone’s screen. Based on the attitudinal responses gathered in this research, VR is perceived by students as “fun,” useful to “learn about the world,” as well as being useful to “learn about English.” This research validates VR as a worthy educational tool and it should therefore continue being an integral part of the mandatory English course curriculum at HJU.

Keywords: Virtual Reality, smartphone, English Learning, curriculum.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 173
4503 Access Policy Specification for SCADA Networks

Authors: Rodrigo Chandia, Mauricio Papa

Abstract:

Efforts to secure supervisory control and data acquisition (SCADA) systems must be supported under the guidance of sound security policies and mechanisms to enforce them. Critical elements of the policy must be systematically translated into a format that can be used by policy enforcement components. Ideally, the goal is to ensure that the enforced policy is a close reflection of the specified policy. However, security controls commonly used to enforce policies in the IT environment were not designed to satisfy the specific needs of the SCADA environment. This paper presents a language, based on the well-known XACML framework, for the expression of authorization policies for SCADA systems.

Keywords: Access policy specification, process control systems, network security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2313
4502 Design of an Ensemble Learning Behavior Anomaly Detection Framework

Authors: Abdoulaye Diop, Nahid Emad, Thierry Winter, Mohamed Hilia

Abstract:

Data assets protection is a crucial issue in the cybersecurity field. Companies use logical access control tools to vault their information assets and protect them against external threats, but they lack solutions to counter insider threats. Nowadays, insider threats are the most significant concern of security analysts. They are mainly individuals with legitimate access to companies information systems, which use their rights with malicious intents. In several fields, behavior anomaly detection is the method used by cyber specialists to counter the threats of user malicious activities effectively. In this paper, we present the step toward the construction of a user and entity behavior analysis framework by proposing a behavior anomaly detection model. This model combines machine learning classification techniques and graph-based methods, relying on linear algebra and parallel computing techniques. We show the utility of an ensemble learning approach in this context. We present some detection methods tests results on an representative access control dataset. The use of some explored classifiers gives results up to 99% of accuracy.

Keywords: Cybersecurity, data protection, access control, insider threat, user behavior analysis, ensemble learning, high performance computing.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1151
4501 Effective Security Method for Wireless LAN using Life-Cycle of Wireless Access Point

Authors: Soon-Tai Park, Haeryong Park, Myoung-sun Noh, Yoo-Jae Won

Abstract:

There are many expand of Wi-Fi zones provided mobile careers and usage of wireless access point at home as increase of usage of wireless internet caused by the use of smart phone. This paper shows wireless local area network status, security threats of WLAN and functionality of major wireless access point in Korea. We propose security countermeasures concerned with life cycle of access point from manufacturing to installation, using and finally disposal. There needed to releasing with configured secure at access point. Because, it is most cost effective resolution than stage of installation or other life cycle of access point.

Keywords: Wireless LAN Security, Wi-Fi Security, Wireless Access Point, Product Life-Cycle

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1921
4500 Competitiveness and Pricing Policy Assessment for Resilience Surface Access System at Airports

Authors: Dimitrios J. Dimitriou

Abstract:

Considering a worldwide tendency, air transports are growing very fast and many changes have taken place in planning, management and decision making process. Given the complexity of airport operation, the best use of existing capacity is the key driver of efficiency and productivity. This paper deals with the evaluation framework for the ground access at airports, by using a set of mode choice indicators providing key messages towards airport’s ground access performance. The application presents results for a sample of 12 European airports, illustrating recommendations to define policy and improve service for the air transport access chain.

Keywords: Air transport chain, airport ground access, airport access performance, airport policy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1129
4499 The Implementation of Remote Automation Execution Agent over ACL on QOS POLICY Based System

Authors: Hazly Amir, Roime Puniran

Abstract:

This paper will present the implementation of QoS policy based system by utilizing rules on Access Control List (ACL) over Layer 3 (L3) switch. Also presented is the architecture on that implementation; the tools being used and the result were gathered. The system architecture has an ability to control ACL rules which are installed inside an external L3 switch. ACL rules used to instruct the way of access control being executed, in order to entertain all traffics through that particular switch. The main advantage of using this approach is that the single point of failure could be prevented when there are any changes on ACL rules inside L3 switches. Another advantage is that the agent could instruct ACL rules automatically straight away based on the changes occur on policy database without configuring them one by one. Other than that, when QoS policy based system was implemented in distributed environment, the monitoring process can be synchronized easily due to the automate process running by agent over external policy devices.

Keywords: QOS, ACL, L3 Switch.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1230
4498 Implicit Force Control of a Position Controlled Robot – A Comparison with Explicit Algorithms

Authors: Alexander Winkler, Jozef Suchý

Abstract:

This paper investigates simple implicit force control algorithms realizable with industrial robots. A lot of approaches already published are difficult to implement in commercial robot controllers, because the access to the robot joint torques is necessary or the complete dynamic model of the manipulator is used. In the past we already deal with explicit force control of a position controlled robot. Well known schemes of implicit force control are stiffness control, damping control and impedance control. Using such algorithms the contact force cannot be set directly. It is further the result of controller impedance, environment impedance and the commanded robot motion/position. The relationships of these properties are worked out in this paper in detail for the chosen implicit approaches. They have been adapted to be implementable on a position controlled robot. The behaviors of stiffness control and damping control are verified by practical experiments. For this purpose a suitable test bed was configured. Using the full mechanical impedance within the controller structure will not be practical in the case when the robot is in physical contact with the environment. This fact will be verified by simulation.

Keywords: Damping control, impedance control, robot force control, stability, stiffness control.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2869