The explosion of the amount of data stored in cloud systems calls for more efficient paradigms for redundancy. While replication is widely used to ensure data availability, erasure correcting codes provide a much better trade-off between storage and ...

Explosion of data growth and duplication of data in enterprises has led to the deployment of a variety of deduplication technologies. However not all deduplication technologies serve the needs of every workload. Most prior research in deduplication ...

Virtualization brings exibility to the data center and enables separations allowing for better security properties. For these security properties to be fully utilized, virtual machines need to be able to connect to secure services such as networking and ...

Anti-forensics is the practice of circumventing classical forensics analysis procedures making them either unreliable or impossible. In this paper we propose the use of machine learning algorithms and anomaly detection to cope with a wide class of ...

We explore the extent to which newly available CPU-based security technology can reduce the Trusted Computing Base (TCB) for security-sensitive applications. We find that although this new technology represents a step in the right direction, significant ...

Virtualization technology is becoming increasingly common in datacenters, since it allows for collocation of multiple workloads, consisting of operating systems, middleware and applications, in different virtual machines (VMs) on shared physical ...

The Caernarvon operating system was developed to demonstrate that a high assurance system for smart cards was technically feasible and commercially viable. The entire system has been designed to be evaluated under the Common Criteria at EAL7, the ...

Recovery from intrusions is typically a very time-consuming operation in current systems. At a time when the cost of human resources dominates the cost of computing resources, we argue that next generation systems should be built with automated ...

Most systems contain software with yet-to-be-discovered security vulnerabilities. When a vulnerability is disclosed, administrators face the grim reality that they have been running software which was open to attack. Sites that value availability may be ...

Contract signing conducted over the Internet arouses concerns of fairness. Two signing parties exchange their signatures in a fair manner, so that no party can gain an advantage over the other. This paper will discuss the security issues of signers' ...

In 2003, Tseng et al. proposed a self-certified public key signature with message recovery, which gives two advantages: one is that the signer's public key can simultaneously be authenticated in verifying the signature and the other one is that only the ...

A method of Intrude Detection based on Data Fusion is introduced and a new mechanism -- DFIDM has been presented in the paper. We focus in consistency of Space/Time during data collecting and object collecting. Multisensor will collect data such as log ...

Two of the most used tools in the area of computer security are the firewalls and the Intrusion Detection Systems. Both of them fulfill the task for which they were designed for but unfortunately their response to an attack can be limited. The ...

In 2002, Lee, Hwang, and Yang proposed a verifier-free remote user authentication scheme using smart cards. Their scheme is efficient because of mainly using cryptographic hash functions. However, we find that Lee-Hwang-Yang's scheme is not reparable ...

In 2000, Peyravian and Zunic proposed an efficient hash-based password authentication scheme that can be easily implemented. Later, Lee, Li, and Hwang demonstrated that Peyravian-Zunic's scheme is vulnerable to an off-line guessing attack, and then ...

He and Dawson proposed a multi-stage secret sharing scheme based on one-way function. In that scheme, many secrets are reconstructed stage-by-stage in the dealer's predetermined order, and only one secret shadow is kept by every participant. When all ...

We present a hierarchical key management scheme using cryptographic hash function and Newton's polynomial interpolation for users key and system resources management. A similar technique has been proposed in 2002 by Shen and Chen, but their scheme ...

In 1996, Horng and Yang proposed a key authentication scheme that requires no authorities. However, it is vulnerable to the guessing attack. An intruder can try out a password and forge the public key. To amend this problem, an improved authentication ...

In 2002, Fan et al. proposed a deniable authentication protocol based on the Deffie-Hellman key agreement protocol. They guaranteed that the proposed protocol, which is deniable, can authenticate the source of the message and resist the person-in-the-...

Analyzing intrusions today is an arduous, largely manual task because system administrators lack the information and tools needed to understand easily the sequence of steps that occurred in an attack. The goal of BackTracker is to identify automatically ...