Security issues in a satellite global GSM network

The validity of messages being transmitted and received within the SS7 telecommunication networks worldwide can no longer be guaranteed. There is the potential for manipulation and replaying of messages to achieve undesired affects. Even though major network operators will screen out damaging messages to themselves, this does not provide for verification that messages they are sending are actually transferred to that network, and that they are authentic. It should, therefore, be considered that signalling systems themselves are now no longer a secure environment and they can be potentially manipulated.     

Security issues related to E-commerce

One possible definition of electronic commerce (E-commerce) is “business transactions done electronically rather than by physical means, this includes not only transactions related to trading in goods and services, but also interchanges between trading partners, such as sales support, logistics and customer services”.     

计算机网络安全相关问题探讨

计算机的广泛应用把人类带入了一个全新的时代,特别是计算机网络的社会化,已经成为了信息时代的主要推动力。然而,另一方面由于网络的开放性,使得当前的计算机网络安全具有多方面的安全威胁。笔者对目前计算机网络安全存在的问题进行了分析,并探讨了针对计算机网络安全问题的防范策略。     

Interoperability issues in heterogeneous network management

The presence of dissimilar network models and standards necessitates interoperability as a means of achieving ubiquitous connectivity and management. The primary focus of this paper is to identify interoperability issues, independent of the network management model, which form the basis for developing interworking paradigms. Network Management and Interoperability related concepts and terminology are introduced and a generic network management framework is presented. Based on the generic framework, interoperability issues for developing paradigms are identified systematically. Different paradigms for interoperability are described and compared. The techniques used by these paradigms in addressing the issues identified are discussed.     

IP V 6: Security issues

The need to upgrade the Internet to a new version of the IP protocol used to route traffic was identified well before it emerged as the public vehicle for computer communication and information access. The existing version 4 of the IP protocol, in practice the first version as far as most people are concerned, was in danger of running out of addresses, catering for a mere 2³² of them, or just over 4 billion. This is less than the world's population, but more to the point it is less than the number of devices likely to be populating the Internet within a few years, when we start connecting up our toasters and fridges in addition to our mobile phones and PDAs.     

Security issues in cloud environments: a survey

In the last few years, the appealing features of cloud computing have been fueling the integration of cloud environments in the industry, which has been consequently motivating the research on related technologies by both the industry and the academia. The possibility of paying-as-you-go mixed with an on-demand elastic operation is changing the enterprise computing model, shifting on-premises infrastructures to off-premises data centers, accessed over the Internet and managed by cloud hosting providers. Regardless of its advantages, the transition to this computing paradigm raises security concerns, which are the subject of several studies. Besides of the issues derived from Web technologies and the Internet, clouds introduce new issues that should be cleared out first in order to further allow the number of cloud deployments to increase. This paper surveys the works on cloud security issues, making a comprehensive review of the literature on the subject. It addresses several key topics, namely vulnerabilities, threats, and attacks, proposing a taxonomy for their classification. It also contains a thorough review of the main concepts concerning the security state of cloud environments and discusses several open research topics.     

基于水印的数据库所有权保护的安全问题

主要分析了数据库水印系统常见的攻击形式,提出了所有权死锁、伪造所有权和偷窃所有权等攻击形式的数学表达公式,并给出这些攻击形式的完整攻击模型,形式化地分析了产生攻击的原因.在分析这些常见攻击形式的基础上,给出了一般数据库水印系统安全所要满足的必要条件,结合现有的研究成果,分析了实现这些条件的方法,为构建安全的数据库水印系统打下了理论基础.     

Knowledge discovery in corporate events by neural network rule extraction

Over the last two decades, artificial neural networks (ANN) have been applied to solve a variety of problems such as pattern classification and function approximation. In many applications, it is desirable to extract knowledge from trained neural networks for the users to gain a better understanding of the network’s solution. In this paper, we use a neural network rule extraction method to extract knowledge from 2222 dividend initiation and resumption events. We find that the positive relation between the short-term price reaction and the ratio of annualized dividend amount to stock price is primarily limited to 96 small firms with high dividend ratios. The results suggest that the degree of short-term stock price underreaction to dividend events may not be as dramatic as previously believed. The results also show that the relations between the stock price response and firm size is different across different types of firms. Thus, drawing the conclusions from the whole dividend event data may leave some important information unexamined. This study shows that neural network rule extraction method can reveal more knowledge from the data.     

Security and privacy issues in the Portable Document Format

The Portable Document Format (PDF) was developed by Adobe in the early nineties and today it is the de-facto standard for electronic document exchange. It allows reliable reproductions of published materials on any platform and it is used by many governmental and educational institutions, as well as companies and individuals. PDF documents are also credited with being more secure than other document formats such as Microsoft Compound Document File Format or Rich Text Format.This paper investigates the Portable Document Format and shows that it is not immune from some privacy related issues that affect other popular document formats. From a PDF document, it is possible to retrieve any text or object previously deleted or modified, extract user information and perform some actions that may be used to violate user privacy. There are several applications of such an issue. One of them is relevant to the scientific community and it pertains to the ability to overcome the blind review process of a paper, revealing information related to the anonymous referee (e.g., the IP address of the referee).     

A survey of issues in computer network security

Computer networks are proliferating rapidly for a number of reasons discussed in this paper. During this boom, relatively little attention has been paid to computer network security. This paper describes problems posed by network security and presents a survey of methods and technologies available today to enhance network security. Current methods are discussed, including information security strategy, computer security and its relation to network security, data communications security, and data encryption. Ideas from promising areas of research close the paper.     

Security considerations of network outsourcing

Over the last year or two a large number of organizations have looked seriously at concentrating their efforts on doing what they do best, their core businesses, and at outsourcing where possible the management of their IT. Outsourcing the network or network services can be highly beneficial but brings with it major security concerns. In this article we discuss what can be done to protect the business from network security problems when the network is outsourced. The main instruments available to retain the needed level of control are the contract with the service provider and the Service Level Agreement. We discuss the problems with specifying security requirements within the SLA and of measuring the security service provided. We focus on the issues that the contract needs to tackle and on what it is the contract needs to say. At the end of the day, having an open and cooperative relationship with the service provider is possibly the best way to obtain the necessary confidence that the security requirements are being net.     

政府网络安全体系理论研究

政府网络在政府工作中越来越广泛的被应用，它也受到了越来越多的网络攻击威胁，这使得政府网络安全问题日益突出．本文以丽水市云和县政府网络为例，首先对原有政府网络的安全检测系统结构进行了分析，指出政府网络安全的现状及安全检测系统面临的威胁，然后再针对原有网络的不足提出具体的改造方案．     

本地网络的安全性分析

本文对本地网络运行中存在的安全问题进行了系统的分析;在分析本地网络安全问题的基础上,结合本地网络的特点,给出了本地网络安全系统的总体设计方案,并阐述了该安全系统各个组成部分的内在联系。     

Resilient overlay network for real-time interactive multimedia sessions in corporate networks

Real-time interactive multimedia communications are becoming increasingly useful for education, business, e-commerce and e-government, providing an enriched user experience in teleconferencing, e-meetings, distance training and product demonstrations. Large corporations are usually located at several sites, so real-time multipoint sessions within corporations are especially difficult. IP multicast is available or feasible within each site of an organization. Thus, corporate networks can be considered as various multicast-capable networks interconnected through a wide area network without multicast connectivity. This paper proposes a resilient self-managed overlay network to support real-time multipoint interactive sessions within corporate networks. The proposed overlay takes advantage of the configuration of corporate networks to self-organize and provide an efficient media delivery service, making use of multicast communications wherever available. Various self-healing techniques are implemented allowing for the continuity of ongoing sessions in spite of network disruptions and entity failures. Extensive simulations and tests have been carried out to assess the performance and resilience of the overlay facing several types of disruptions.     

Hack-a-vote: Security issues with electronic voting systems

In a quest for election legitimacy, officials are increasingly deploying direct recording electronic (DRE) voting systems. A project to assess their trustworthiness revealed both the ease of introducing bugs into such systems and the difficulty of detecting them during audits.     

校园网网络信息安全问题探讨

随着经济不断的发展,计算机已经在人们生活中占有着重要的地位,在学习上、工作中都发挥着不可替代的作用.但是随着互联网的发展,校园网络信息安全问题表现得也是比较突出的,本文主要介绍的就是校园网络安全算问题进行了有效的分析,并提出了相应的解决措施.