Security practices such as Audits that often focus on penetration testing are performed to find flaws in some types of vulnerability & use tools, which have been tailored to resolve certain risks based on code err...Security practices such as Audits that often focus on penetration testing are performed to find flaws in some types of vulnerability & use tools, which have been tailored to resolve certain risks based on code errors, code conceptual <span style="font-family:Verdana;">assumptions bugs</span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">,</span></span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;"> etc. Most existing security practices in e-Commerce are</span></span></span><span><span><span style="font-family:;" "=""><span style="font-family:Verdana;"> dealt with as an auditing activity. They may have policies of security, which are enforced by auditors who enable a particular set of items to be reviewed, but </span><span style="font-family:Verdana;">also fail to find vulnerabilities, which have been established in complianc</span><span style="font-family:Verdana;">e </span><span style="font-family:Verdana;">with application logic. In this paper, we will investigate the problem of business</span><span style="font-family:Verdana;"> logic vulnerability in the component-based rapid development of e-commerce applications while reusing design specification of component. We propose secure application functional processing Logic Security technique for compo</span><span style="font-family:Verdana;">nent-based e-commerce application, based on security requirement of</span><span style="font-family:Verdana;"> e-business </span><span style="font-family:Verdana;">process and security assurance logical component behaviour specification</span><span style="font-family:Verdana;"> ap</span><span style="font-family:Verdana;">proach to formulize and design a solution for business logic vulnerability</span><span style="font-family:Verdana;"> phenomena.</span></span></span></span>展开更多
With a formidable antiterrorism team, Beijing's top cops are ready to deal with any security incidents that might take place during the 2008 Olympics. This assurance was given by Lu Shimin, Deputy Director General...With a formidable antiterrorism team, Beijing's top cops are ready to deal with any security incidents that might take place during the 2008 Olympics. This assurance was given by Lu Shimin, Deputy Director General of the Beijing Public Security Bureau, at a展开更多
The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptograph...The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptographic protection on wireless communication respectively, as well as minimizing energy consumption (i.e., Green criteria) by switching off unnecessary resources as much as possible. There is a contradiction to satisfy both Blue and Green design criteria simultaneously. In this paper, we propose a new BlueGreen topological control scheme to leverage the wireless link connectivity for WCNs using an adaptive encryption key allocation mechanism, named as Shared Backup Path Keys (SBPK). The BlueGreen SBPK can take into account the network dependable requirements such as service resilience, security assurance and energy efficiency as a whole, so as trading off between them to find an optimal solution. Actually, this challenging problem can be modeled as a global optimization problem, where the network working and backup elements such as nodes, links, encryption keys and their energy consumption are considered as a resource, and their utilization should be minimized. The case studies confirm that there is a trade-off optimal solution between the capacity efficiency and energy efficiency to achieve the dependable WCNs.展开更多
文摘Security practices such as Audits that often focus on penetration testing are performed to find flaws in some types of vulnerability & use tools, which have been tailored to resolve certain risks based on code errors, code conceptual <span style="font-family:Verdana;">assumptions bugs</span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">,</span></span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;"> etc. Most existing security practices in e-Commerce are</span></span></span><span><span><span style="font-family:;" "=""><span style="font-family:Verdana;"> dealt with as an auditing activity. They may have policies of security, which are enforced by auditors who enable a particular set of items to be reviewed, but </span><span style="font-family:Verdana;">also fail to find vulnerabilities, which have been established in complianc</span><span style="font-family:Verdana;">e </span><span style="font-family:Verdana;">with application logic. In this paper, we will investigate the problem of business</span><span style="font-family:Verdana;"> logic vulnerability in the component-based rapid development of e-commerce applications while reusing design specification of component. We propose secure application functional processing Logic Security technique for compo</span><span style="font-family:Verdana;">nent-based e-commerce application, based on security requirement of</span><span style="font-family:Verdana;"> e-business </span><span style="font-family:Verdana;">process and security assurance logical component behaviour specification</span><span style="font-family:Verdana;"> ap</span><span style="font-family:Verdana;">proach to formulize and design a solution for business logic vulnerability</span><span style="font-family:Verdana;"> phenomena.</span></span></span></span>
文摘With a formidable antiterrorism team, Beijing's top cops are ready to deal with any security incidents that might take place during the 2008 Olympics. This assurance was given by Lu Shimin, Deputy Director General of the Beijing Public Security Bureau, at a
文摘The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptographic protection on wireless communication respectively, as well as minimizing energy consumption (i.e., Green criteria) by switching off unnecessary resources as much as possible. There is a contradiction to satisfy both Blue and Green design criteria simultaneously. In this paper, we propose a new BlueGreen topological control scheme to leverage the wireless link connectivity for WCNs using an adaptive encryption key allocation mechanism, named as Shared Backup Path Keys (SBPK). The BlueGreen SBPK can take into account the network dependable requirements such as service resilience, security assurance and energy efficiency as a whole, so as trading off between them to find an optimal solution. Actually, this challenging problem can be modeled as a global optimization problem, where the network working and backup elements such as nodes, links, encryption keys and their energy consumption are considered as a resource, and their utilization should be minimized. The case studies confirm that there is a trade-off optimal solution between the capacity efficiency and energy efficiency to achieve the dependable WCNs.