Earticle

In this paper we use Security Evaluation Criteria as basis to develop the Network access control model for enterprise wide network computing environment. The Network access control model addresses both the access control and information flow control requirements of the enterprise network system. The security architecture of the model attempts to ensure authorized access to network resources and secure flow of information between network entities. The underlying concept of the Network access control model relies on the separation of the access control mechanism from the access control policy. This enables support for multiple access control policies within a single model specification. A further advantage of Network Access control model is that it is highly extensible, since it can be augmented with any new policy that a specific application or a user may require. The precision property is satisfied as network access control model is written in a formal mathematical notation. The property of simplicity is satisfied as only the security properties related to network computing system are modeled.

In this paper, we present a framework that aims to align software development with sound business practices for building software systems with security in mind. The framework comprises four main components: Governance, People, Process, and Technology. Governance ensures that security is part of the strategic decisions of an organization. The people component focuses on selecting, training, and retaining, qualified personnel in the area of software security. The process component ensures that the company has the right processes in place to handle security requirements. The technology component consists of a set of tools and techniques that are needed to design and implement secure software.

Cryptography and Authentication is the traditional approach to provide security in WSNs(Wireless Sensor Networks). However, that conventional approach is not sufficient for the unique characteristics and novel misbehaviors encountered in WSNs. In this paper, we use a general tool which has been used in economics, statistics and data analysis. With this approach, we propose a task-based trust management framework for WSNs where nodes maintain reputation for other nodes of several different tasks and use it to evaluate their trustworthiness. We show that this framework provides a scalable, diverse and a generalized approach to recognize all types of misbehavior resulting from malicious or faulty sensor nodes. Our framework has more simple trust computation than ATSN and more suitable for scarce power resource nodes. The simulation results and analysis show that our framework can detect the malicious nodes fast if having abnormal result while doing certain task with other nodes.

The ipv6 security architecture, IPSec, plays a positive role in the protection of IPv6 networks. To some special attacks, especially DDoS attacks, IPSec appears relatively weak, because IPSec can only defend against DDoS attacks that spoof their source addresses. In cases where attackers launch DDoS attacks with their real identity, IPSec is helpless. This paper proposes a link signature based DDoS attacker tracing algorithm. It can immediately reconstruct the entire attack path after suffering a DDoS attack whether or not the source addresses are spoofed. To verify the validity of our algorithm, we implemented it under a simulated IPv6 environment with the OMNeT++ IPv6Suite.

In 2007, Wen et al. proposed a novel elliptic curve dynamic access control system. In this paper, we will show that the scheme is vulnerable to various attacks.