Association for Computing Machinery

Displaying 5961-6000 of 7120 results

  • White Papers // Apr 2009

    PermaDAQ: A Scientific Instrument for Precision Sensing and Data Recovery in Environmental Extremes

    The PermaSense project has set the ambitious goal of gathering real-time environmental data for high-mountain permafrost in unattended operation over multiple years. This paper discusses the specialized sensing and data recovery architecture tailored to meet the precision, reliability and durability requirements of scientists utilizing the data for model validation. The...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Predictive QoS Routing to Mobile Sinks in Wireless Sensor Networks

    The paper presents an algorithm for data delivery to mobile sinks in wireless sensor networks. The algorithm is based on information potentials, which one extends to account for mobility. The paper shows that for local movement along edges in the communication graph, the information potentials can be adapted using a...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    On Hierarchical Routing in Wireless Sensor Networks

    Hierarchical routing is a promising approach for point-to-point routing with very small routing state. While there are many theoretical analyses and high-level simulations demonstrating its benefits, there has been little work to evaluate it in a realistic wireless sensor network setting. Based on numerous proposed hierarchical routing infrastructures, the paper...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Enabling Broadcast of User-Generated Live Video Without Servers

    The authors are witnessing the unprecedented popularity of User-Generated-Content (UGC) on the Internet. While YouTube hosts pre-recorded video clips, in near future, they expect to see the emergence of User-Generated Live Video, for which any user can create its own temporary live video channel from a webcam or a hand-held...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Demo Abstract: Sensornet Checkpointing Between Simulated and Deployed Networks

    Sensor network development is notoriously difficult due to the low visibility of sensor platforms and systems. The authors propose sensornet checkpointing to increase the visibility of sensor networks. With sensornet checkpointing, they transfer network-wide application checkpoints between simulated and real networks. This approach enables advances in many research areas: visualization,...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Application-Informed Radio Duty-Cycling in a Re-Taskable Multi-User Sensing System

    As sensor networks mature, there will be an increasing need for re-usable, dynamically taskable software systems that support multiple concurrent applications. In this paper, the authors consider the problem of energy management in such systems, taking Tenet as a case study. Their work considers energy management under three new constraints:...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Improving the Speed and Scalability of Distributed Simulations of Sensor Networks

    Distributed simulation techniques are commonly used to improve the speed and scalability of wireless sensor network simulators. However, accurate simulations of dynamic interactions of sensor network applications incur large synchronization overheads and severely limit the performance of existing distributed simulators. In this paper, the authors present two novel techniques that...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    SenZip: An Architecture for Distributed En-Route Compression in Wireless Sensor Networks

    In-network compression is essential for extending the lifetime of data gathering sensor networks. The progress made in designing distributed schemes for en-route compression has not been followed by their adoption in deployments. This can be attributed to the lack of development of software that permits code-reuse and inter-operability, while also...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Peer-To-Peer Estimation Over Wireless Sensor Networks Via Lipschitz Optimization

    Motivated by a peer-to-peer estimation algorithm in which adaptive weights are optimized to minimize the estimation error variance, the authors formulate and solve a novel non-convex Lipschitz optimization problem that guarantees global stability of a large class of peer-to-peer consensus-based algorithms for wireless sensor network. Because of packet losses, the...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    PDA: Passive Distributed Assertions for Sensor Networks

    Sensor networks are prone to failures and are hard to debug. This is particularly true for failures caused by incorrect interaction of multiple nodes. The authors propose a mechanism called Passive Distributed Assertions (PDA) that allows developers to detect such failures and provides hints on possible causes. PDA allow a...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Sensor Ranking: A Primitive for Efficient Content-Based Sensor Search

    The increasing penetration of the real world with embedded and globally networked sensors enables the formation of a Web of Things (WoT), where high-level state information derived from sensors is embedded into Web representations of real-world entities (e.g. places, objects). A key service for the WoT is searching for entities...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    File-System Intrusion Detection by Preserving MAC DTS: A Loadable Kernel Module Based Approach for LINUX Kernel 2.6.x

    Every operating system has its own set of critical files, whose access is generally protected by access control mechanisms, native to the operating system. The importance of such files also simultaneously invites their inspection, unauthorized modification and tampering. So, the need for preserving the authenticity of these critical files along...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Defending Financial Infrastructures Through Early Warning Systems: The Intelligence Cloud Approach

    Recent evidence of successful Internet-based attacks and frauds involving financial institutions highlights the inadequacy of the existing protection mechanisms, in which each instutition implements its own isolated monitoring and reaction strategy. Analyzing on-line activity and detecting attacks on a large scale is an open issue due to the huge amounts...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    ROMA-Miner: A Data Mining Framework for Malware Detection Using Byte-Level File Content

    Commercial-off-the-shelf antivirus software are unable to successfully protect against increasingly sophisticated malware specially on the day of launch known as "Zero Day" malware detection. In this paper, the authors present a novel malware detection scheme, ROMA-Miner, which is based on the analysis of byte-level file content. The novelty of the...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Automated Trust Negotiation Using Cryptographic Credentials

    In Automated Trust Negotiation (ATN), two parties exchange digitally signed credentials that contain attribute information to establish trust and make access control decisions. Because the information in question is often sensitive, credentials are protected according to access control policies. In traditional ATN, credentials are transmitted either in their entirety or...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Finding Canonical Behaviors in User Protocols

    While the collection of behavioral protocols has been common practice in human-computer interaction research for many years, the analysis of large protocol data sets is often extremely tedious and time-consuming, and automated analysis methods have been slow to develop. This paper proposes an automated method of protocol analysis to find...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Resonance on the Web: Web Dynamics and Revisitation Patterns

    The Web is a dynamic, ever-changing collection of information accessed in a dynamic way. This paper explores the relationship between Web page content change (obtained from an hourly crawl of over 40K pages) and people's revisitation to those pages (collected via a large scale log analysis of 2.3M users). The...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Temporal Data Visualizations for Air Traffic Controllers (ATC)

    Fundamental research in visualization is concerned with the impact of presentation on visual perception and understanding. In current Air Traffic Control (ATC) environments, Air Traffic Controllers (ATCo) use several visualization systems: radar views, timelines, electronic strips, meteorological views, supervisions etc? The information displayed is intrinsically temporal: aircraft positions that evolve...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Design, Implementation and Evaluation of a Novel Public Display for Pedestrian Navigation: The Rotating Compass

    Important drawbacks of map-based navigation applications for mobile phones are their small screen size and that users have to associate the information provided by the mobile phone with the real word. Therefore, the authors designed, implemented and evaluated the rotating compass - a novel public display for pedestrian navigation. Here,...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Finding Causes of Program Output With the Java Whyline

    Debugging and diagnostic tools are some of the most important software development tools, but most expect developers choose the right code to inspect. Unfortunately, this rarely occurs. A new tool called the Whyline is described which avoids such speculation by allowing developers to select questions about a program's output. The...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    When I am on Wi-Fi, I am Fearless: Privacy Concerns & Practices in Everyday Wi-Fi Use

    Increasingly, users access online services such as email, ecommerce, and social networking sites via 802.11-based wireless networks. As they do so, they expose a range of personal information such as their names, email addresses, and ZIP codes to anyone within broadcast range of the network. This paper presents results from...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Who's Viewed You? The Impact of Feedback in a Mobile Location Sharing System

    Feedback is viewed as an essential element of ubiquitous computing systems in the HCI literature for helping people manage their privacy. However, the success of online social networks and existing commercial systems for mobile location sharing which do not incorporate feedback would seem to call the importance of feedback into...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Knowledge-Based Usability Evaluation for Reality-Based Interaction

    The great variety of new (Post-WIMP) interaction styles make them difficult to evaluate and compare. The authors propose a new evaluation method for them, Knowledge-Based Usability Evaluation (KBUE), that is based on similar ideas to those that drive cognitive architectures, such as ACT-R and Soar. They present KBUE as a...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Real Life Challenges in Access-Control Management

    In this paper the authors ask the question: What are the challenges of managing a physical or file system access-control policy for a large organization? To answer the question, they conducted a series of interviews with thirteen administrators who manage access-control policy for either a file system or a physical...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    A Comprehensive Study of Frequency, Interference, and Training of Multiple Graphical Passwords

    Graphical password systems have received significant attention as one potential solution to the need for more usable authentication, but nearly all prior work makes the unrealistic assumption of studying a single password. In this paper, the authors present the first study of multiple graphical passwords to systematically examine frequency of...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Combining Keyword Search and Forms for Ad Hoc Querying of Databases

    A common criticism of database systems is that they are hard to query for users uncomfortable with a formal query language. To address this problem, form-based interfaces and keyword search have been proposed; while both have benefits, both also have limitations. In this paper, the authors investigate combining the two...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Formal Verification of a Realistic Compiler

    This paper reports on the development and formal verification (proof of semantic preservation) of CompCert, a compiler from Clight (a large subset of the C programming language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Such a verified compiler...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Privacy-Preserving Browser-Side Scripting With BFlow

    Some web sites provide interactive extensions using browser scripts, often without inspecting the scripts to verify that they are benign and bug-free. Others handle users' confidential data and display it via the browser. Such new features contribute to the power of online services, but their combination would allow attackers to...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Multi-Aspect Profiling of Kernel Rootkit Behavior

    Kernel rootkits, malicious software designed to compromise a running operating system kernel, are difficult to analyze and profile due to their elusive nature, the variety and complexity of their behavior, and the privilege level at which they run. However, a comprehensive kernel rootkit profile that reveals key aspects of the...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Predicting Replicated Database Scalability From Standalone Database Profiling

    This paper develops analytical models to predict the throughput and the response time of a replicated database using measurements of the workload on a standalone database. These models allow workload scalability to be estimated before the replicated system is deployed, making the technique useful for capacity planning and dynamic service...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Short Paper: Improving the Responsiveness of Internet Services With Automatic Cache Placement

    The backends of today's Internet services rely heavily on caching at various layers both to provide faster service to common requests and to reduce load on back-end components. In the context of a large-scale Internet service, a cache bypasses the computation and/or I/O performed by one or more components or...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Migrating Server Storage to SSDs: Analysis of Tradeoffs

    Recently, flash-based Solid-State Drives (SSDs) have become standard options for laptop and desktop storage, but their impact on enterprise server storage has not been studied. Provisioning server storage is challenging. It requires optimizing for the performance, capacity, power and reliability needs of the expected workload, all while minimizing financial costs....

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Orchestra: Intrusion Detection Using Parallel Execution and Monitoring of Program Variants in User-Space

    In a Multi-Variant Execution Environment (MVEE), several slightly different versions of the same program are executed in lockstep. While this is done, a monitor compares the behavior of the versions at certain synchronization points with the aim of detecting discrepancies which may indicate attacks. As it shows, the monitor can...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    User Interactions in Social Networks and Their Implications

    Social networks are popular platforms for interaction, communication and collaboration between friends. Researchers have recently proposed an emerging class of applications that leverage relationships from social networks to improve security and performance in applications such as email, web browsing and overlay routing. While these applications often cite social network connectivity...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    A Comparative Study of Programmer-Written and Automatically Inferred Contracts

    Where do contracts - specification elements embedded in executable code - come from? To produce them, should people rely on the programmers, on automatic tools, or some combination? Recent work, in particular the Daikon system, has shown that it is possible to infer some contracts automatically from program executions. The...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Tralfamadore: Unifying Source Code and Execution Experience

    Program source is an intermediate representation of software; it lies between a developer's intention and the hardware's execution. Despite advances in languages and development tools, source itself and the applications the authors use to view it remain an essentially static representation of software, from which developers can spend considerable energy...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Isolating Web Programs in Modern Browser Architect

    Many of today's web sites contain substantial amounts of client-side code, and consequently, they act more like programs than simple documents. This creates robustness and performance challenges for web browsers. To give users a robust and responsive platform, the browser must identify program boundaries and provide isolation between them. The...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Isolating Web Programs in Modern Browser Architectures

    Many of today's web sites contain substantial amounts of client-side code, and consequently, they act more like programs than simple documents. This creates robustness and performance challenges for web browsers. To give users a robust and responsive platform, the browser must identify program boundaries and provide isolation between them. The...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    Pointless Tainting? Evaluating the Practicality of Pointer Tainting

    This paper evaluates pointer tainting, an incarnation of Dynamic Information Flow Tracking (DIFT), which has recently become an important technique in system security. Pointer tainting has been used for two main purposes: detection of privacy-breaching malware (e.g., Trojan key-loggers obtaining the characters typed by a user), and detection of memory...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2009

    TuG Synopses for Approximate Query Answering

    This paper introduces the Tuple Graph (TuG) synopses, a new class of data summaries that enable accurate approximate answers for complex relational queries. The proposed summarization framework adopts a "semi-structured" view of the relational database, modeling a relational data set as a graph of tuples and join queries as graph...

    Provided By Association for Computing Machinery

  • White Papers // Aug 2013

    Social Influence Based Clustering of Heterogeneous Information Networks

    Social networks continue to grow in size and the type of information hosted. The authors witness a growing interest in clustering a social network of people based on both their social relationships and their participations in activity based information networks. In this paper, they present a social influence based clustering...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2013

    Using Naive Bayes to Detect Spammy Names in Social Networks

    Many social networks are predicated on the assumption that a member's online information reflects his or her real identity. In such networks, members who fill their name fields with fictitious identities, company names, phone numbers, or just gibberish are violating the terms of service, polluting search results, and degrading the...

    Provided By Association for Computing Machinery

  • White Papers // Oct 2011

    On the Limits of Privacy in Reputation Systems

    In this paper, the authors describes a formal model for multiple privacy notions that apply to reputation systems and shows that, for certain classes of systems, very strong privacy notions are unachievable. In particular, it is shown that, systems where a user's reputation depends exclusively on the ratings they received,...

    Provided By Association for Computing Machinery

  • White Papers // Oct 2011

    Privacy-Preserving Smart Metering

    Smart grid proposals threaten user privacy by potentially disclosing fine-grained consumption data to utility providers, primarily for time-of-use billing, but also for profiling, settlement, forecasting, tariff and energy efficiency advice. The authors propose a privacy-preserving protocol for general calculations on fine-grained meter readings, while keeping the use of tamper evident...

    Provided By Association for Computing Machinery

  • White Papers // Jun 2013

    Dynamic Voltage and Frequency Scaling for Shared Resources in Multicore Processor Designs

    As the core count in processor chips grows, so do the on-die, shared resources such as on-chip communication fabric and shared cache, which are of paramount importance for chip performance and power. This paper presents a method for dynamic voltage/frequency scaling of networks-on-chip and last level caches in multicore processor...

    Provided By Association for Computing Machinery

  • White Papers // Aug 2012

    Evaluation of Voltage Stacking for Near-Threshold Multicore Computing

    In this paper, the authors evaluate voltage stacking in the context of near-threshold multicore computing. Key attributes of voltage stacking are investigated using results from a test-chip prototype built in 150nm FDSOI CMOS. By \"Stacking\" logic blocks on top of each other, voltage stacking reduces the chip current draw and...

    Provided By Association for Computing Machinery

  • White Papers // Jun 2012

    Specification and Synthesis of Hardware Checkpointing and Rollback Mechanisms

    The increasing pressure to make hardware resilient to runtime failures has prompted development of design techniques for specific classes of systems, e.g. processors and routers. However, these techniques come at increased design and verification costs, thus limiting their broader application. In this paper, the authors describe a methodology for general...

    Provided By Association for Computing Machinery

  • White Papers // Jun 2012

    Recovery-Based Design for Variation-Tolerant SoCs

    Parameter variations have emerged as a significant threat to continued CMOS scaling in the nanometer regime. Due to increasing performance penalties associated with worst-case design, recovery based design has emerged as a promising approach for dealing with the impact of variations. Previous work has applied recovery based design at the...

    Provided By Association for Computing Machinery

  • White Papers // Jun 2012

    Point and Discard: A Hard-Error-Tolerant Architecture for Non-Volatile Last Level Caches

    Technology scaling of SRAM and embedded DRAM is increasingly constrained by limitations such as leakage power and silicon area. Emerging non-volatile memory technologies are considered as the potential SRAM/eDRAM alternatives for last-level caches in terms of energy and area savings. Unfortunately, these non-volatile memory technologies usually have limited write endurance....

    Provided By Association for Computing Machinery

  • White Papers // Jun 2013

    Hierarchical Decoding of Double Error Correcting Codes for High Speed Reliable Memories

    As the technology moves into the nano-realm, traditional Single-Error-Correcting, Double-Error-Detecting (SEC-DED) codes are no longer sufficient for protecting memories against transient errors due to the increased multi-bit error rate. The well known Double-Error-Correcting (DEC) BCH codes and the classical decoding method for BCH codes based on Berlekamp-Massey algorithm and Chien...

    Provided By Association for Computing Machinery

  • White Papers // Jan 2011

    Information Flow Enforcement in Monadic Libraries

    In various scenarios, there is a need to expose a certain API to client programs which are not fully trusted. In cases where the client programs need access to sensitive data, confidentiality can be enforced using an information flow policy. This is a general and powerful type of policy that...

    Provided By Association for Computing Machinery

  • White Papers // Aug 2012

    Designing for Dark Silicon: A Methodological Perspective on Energy Efficient Systems

    The emergence of dark silicon - a fundamental design constraint absent in the past generations - brings intriguing challenges and opportunities in microprocessor design. To grace-fully embrace dark silicon, design methodologies must adapt themselves to identify progressive systems that can effectively exploit the growing dark silicon. The authors demonstrate that...

    Provided By Association for Computing Machinery

  • White Papers // Mar 2011

    Abusing Locality in Shared Web Hosting

    The increasing popularity of the World Wide Web has made more and more individuals and companies to identify the need of acquiring a web presence. The most common way of acquiring such a presence is through web hosting companies and the most popular hosting solution is shared web hosting. In...

    Provided By Association for Computing Machinery

  • White Papers // Oct 2010

    Runtime Countermeasures for Code Injection Attacks Against C and C++ Programs

    The lack of memory-safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit these to gain control over the execution-flow of applications. These attacks have played a key role in many major security incidents. Consequently, a huge body of research on countermeasures exists. The authors provide a comprehensive and...

    Provided By Association for Computing Machinery

  • White Papers // Dec 2011

    RIPE: Runtime Intrusion Prevention Evaluator

    Despite the plethora of research done in code injection countermeasures, buffer overflows still plague modern software. In 2003, the authors published a comparative evaluation on runtime buffer overflow prevention technologies using a testbed of 20 attack forms and demonstrated that the best prevention tool missed 50% of the attack forms....

    Provided By Association for Computing Machinery

  • White Papers // Jun 2012

    A Two-Tier Sandbox Architecture for Untrusted JavaScript

    The large majority of websites nowadays embeds third-party JavaScript into their pages, coming from external partners. Ideally, these scripts are benign and come from trusted sources, but over time, these third-party scripts can start to misbehave, or to come under control of an attacker. Unfortunately, the state-of-practice integration techniques for...

    Provided By Association for Computing Machinery

  • White Papers // Dec 2012

    Toward Efficient and Confidentiality-Aware Federation of Access Control Policies

    This paper presents the authors' work in progress on efficient and confidentiality-aware access control for software-as-a-service applications. In SaaS, a tenant organization rents access to a shared, typically web-based application. Access control for these applications requires large amounts of fine-grained data, also from the remaining on-premise applications, of which often...

    Provided By Association for Computing Machinery

  • White Papers // Dec 2012

    JSand: Complete Client-Side Sandboxing of Third-Party JavaScript without Browser Modifications

    The inclusion of third-party scripts in web pages is a common practice. A recent study has shown that more than half of the alexa top 10 000 sites include scripts from more than 5 different origins. However, such script inclusions carry risks, as the included scripts operate with the privileges...

    Provided By Association for Computing Machinery

  • White Papers // Sep 2012

    Software Vulnerability Prediction Using Text Analysis Techniques

    Early identification of software vulnerabilities are essential in software engineering and can help reduce not only costs, but also prevents loss of reputation and damaging litigations for a software firm. Techniques and tools for software vulnerability prediction are thus invaluable. Most of the existing techniques rely on using component characteristic(s)...

    Provided By Association for Computing Machinery

  • White Papers // Oct 2012

    Fides: Selectively Hardening Software Application Components Against Kernel-Level or Process-Level Malware

    Protecting commodity operating systems against software exploits is known to be challenging, because of their sheer size. The same goes for key software applications such as web browsers or mail clients. As a consequence, a significant fraction of internet-connected computers is infected with malware. To mitigate this threat, the authors...

    Provided By Association for Computing Machinery

  • White Papers // Jun 2012

    Optimizing Energy Efficiency of 3-D Multicore Systems With Stacked DRAM Under Power and Thermal Constraints

    3D multicore systems with stacked DRAM have the potential to boost system performance significantly; however, this performance increase may cause 3D systems to exceed the power budget or create thermal hot spots. In this paper, the authors introduce a framework to model on-chip DRAM accesses and analyze performance, power, and...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2013

    Optimal Sporadic Location Privacy Preserving Systems in Presence of Bandwidth Constraints

    Various Location Privacy-Preserving Mechanisms (LPPMs) have been proposed in the literature to address the privacy risks derived from the exposure of user locations through the use of Location Based Services (LBSs). LPPMs obfuscate the locations disclosed to the LBS provider using a variety of strategies, which come at a cost...

    Provided By Association for Computing Machinery

  • White Papers // Dec 2011

    Pack & Cap: Adaptive DVFS and Thread Packing Under Power Caps

    The ability to cap peak power consumption is a desirable feature in modern data centers for energy budgeting, cost management, and efficient power delivery. Dynamic Voltage and Frequency Scaling (DVFS) is a traditional control knob in the tradeoff between server power and performance. Multi-core processors and the parallel applications that...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2013

    FPDetective: Dusting the Web for Fingerprinters

    In the modern web, the browser has emerged as the vehicle of choice, which users are to trust, customize, and use, to access a wealth of information and online services. However, recent studies show that the browser can also be used to invisibly fingerprint the user: a practice that may...

    Provided By Association for Computing Machinery

  • White Papers // Jun 2008

    Enforcing Security Properties in Task-Based Systems

    Though a user's privileges are often granted based on the tasks that the user is expected to fulfill, the concept of tasks is usually not explicitly modeled in access control. The authors propose a system where tasks are the central concept that associates users to privileges. Ideally a user should...

    Provided By Association for Computing Machinery

  • White Papers // Mar 2011

    On Mouse Dynamics as a Behavioral Biometric for Authentication

    The idea of using one's behavior with a pointing device, such as a mouse or a touchpad, as a behavioral biometric for authentication purposes has gained increasing attention over the past decade. A number of interesting approaches based on the idea have emerged in the literature and promising experimental results...

    Provided By Association for Computing Machinery

  • White Papers // Apr 2013

    ETA: Efficient and Tiny and Authentication for Heterogeneous Wireless Systems

    Authentication and integrity are vital security services for wireless ubiquitous systems, which require various resource-constrained devices to operate securely and efficiently. Digital signatures are basic cryptographic tools to provide these security services. However, existing digital signatures are not practical for resource-constrained systems (e.g., wireless sensors, RFID-tags). That is, traditional signatures...

    Provided By Association for Computing Machinery

  • White Papers // Oct 2011

    CoScan: Cooperative Scan Sharing in the Cloud

    The authors present CoScan, a scheduling framework that eliminates redundant processing in workflows that scan large batches of data in a map-reduce computing environment. CoScan merges Pig programs from multiple users at runtime to reduce I/O contention while adhering to soft deadline requirements in scheduling. This paper includes support for...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    Resource Management for Isolation Enhanced Cloud Services

    The Cloud Infrastructure Provider (CIP) in a cloud computing platform must provide security and isolation guarantees to a Service Provider (SP), who builds the service(s) for such a platform. The authors identify Last Level Cache (LLC) sharing as one of the impediments to finer grain isolation required by a service,...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    Security Risk Management Using Internal Controls

    Rather than treating security as an independent technical concern, it should be considered as just another risk that needs to be managed alongside all other business risks. An Internal Controls approach to security risk management is proposed whereby automated catalogues are built in order to provide information about security controls...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    Model Driven Security Accreditation (MDSA) for Agile, Interconnected IT Landscapes

    Assurance accreditation of agile, interconnected IT landscapes is a great challenge, and is currently often cited as one of the showstoppers for the adoption of modern IT architectures (e.g. agile, model-driven, process-led SOA and Cloud) in mission critical domains. This paper presents Model Driven Security Accreditation (MDSA), a novel approach...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    Mixed-Initiative Security Agents

    Security decision-making is hard for both humans and machines. This is because security decisions are context-dependent, require highly dynamic, specialized knowledge, and require complex risk analysis. Multiple user studies show that humans have difficulty making these decisions, due to insufficient information and bounded rationality. However, current automated solutions are often...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    A Design of Usable and Secure Access-Control APIs for Mashup Applications

    Mashups, which are applications that are developed rapidly by combining multiple Web applications, are currently gathering much attention. One issue arising when creating mashups using data that is subject to access control is the difficulty in adding authentication and access control functions without losing the advantage of rapid development. The...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    A Pattern-driven Security Advisor for Service-oriented Architectures

    Service-Oriented Architectures (SOA) provides a flexible infrastructure to allow independently developed software components to communicate in a seamless manner. Increased connectivity entails significant higher security risks. To face these risks, a broad range of specifications e.g. WS-Security and WS-Trust has emerged to ensure security in SOA. These specifications are supported...

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    On the Security of a Public-Key Traitor Tracing Scheme with Sublinear Ciphertext Size

    Traitor tracing schemes constitute a form of encryption primitive that has a built-in mechanism that deters key exposure. Traitor tracing refers to a class of encryption schemes that can be used to deter key-leakage. They apply to a setting that involves many receivers, each one receiving a fingerprinted decryption key....

    Provided By Association for Computing Machinery

  • White Papers // Nov 2009

    Towards Network Security Policy Generation for Configuration Analysis and Testing

    Access-control lists are an essential part in the security framework of any system. Researchers are always in need to have a repository of ready made policies for conducting research and development. Such policies, especially firewall policies which are the focus of the authors' paper, are needed to perform performance testing...

    Provided By Association for Computing Machinery

  • White Papers // Feb 2011

    iLD-Apps: Usable Mobile Access to Linked Data Clouds at the Shop Floor

    In this paper, the authors argue for adapting the Apps-approach to industrial interactive Linked Data applications (iLD) and present a design study for a small application that is applicable whenever an information foraging task at hand may be described as carefully examining the neighborhood of a concept. This little App...

    Provided By Association for Computing Machinery

  • White Papers // Aug 2010

    Piloted Search and Recommendation with Social Tag Cloud-Based Navigation

    The authors investigate the generation of tag clouds using Bayesian models and test the hypothesis that social network information is better than overall popularity for ranking new and relevant information. They propose three tag cloud generation models based on popularity, topics and social structure. They conducted two user evaluations to...

    Provided By Association for Computing Machinery

  • White Papers // Jan 2014

    Authenticated Data Structures, Generically

    An Authenticated Data Structure (ADS) is a data structure whose operations can be carried out by an untrusted prover, the results of which a verifier can efficiently check as authentic. This paper has the prover produce a compact proof that the verifier can check along with each operation's result. ADSs...

    Provided By Association for Computing Machinery

  • White Papers // May 2008

    Complete Fairness in Secure Two-Party Computation

    In the setting of secure two-party computation, two mutually distrusting parties wish to compute some function of their inputs while preserving, to the extent possible, various security properties such as privacy, correctness, and more. One desirable property is fairness, which guarantees that if either party receives its output, then the...

    Provided By Association for Computing Machinery