Titlebook: Quality Of Protection; Security Measurement Dieter Gollmann,Fabio Massacci,Artsiom Yautsiukhin Conference proceedings 2006 Springer-Verlag

Individual

Assessing the risk of using vulnerable componentss the risk to which the system is exposed. Our approach to risk evaluation can be used to assess how much one should believe in system trustworthiness and to compare different solutions, providing a tool for deciding if the additional cost of a more secure component is worth to be afforded.

mutineer

Collection and analysis of attack data based on honeypots deployed on the Internet.]. It aims at building an environment to better understand threats on the Internet and also at providing models to analyze the observed phenomena. Our approach consists in deploying and sharing with the scientific community a distributed platform based on honeypots that gathers data suitable to ana

addict

摊位

A Conceptual Model for Service Availabilityhe availability of computerized systems in a world where the dependency on and complexity of such systems are increasing, this notion of availability is no longer sufficient. This paper presents a conceptual model for availability designed to handle these challenges. The core of this model is a char

雕镂

A SLA evaluation methodology in Service Oriented Architecturesement (SLA) they need to explicitly manage it amongst each other. SLAs and, above all, security-SLAs, are usually expressed in ambiguous ways and this implies that they need to be manually evaluated both in a mutual agreement to ”qualify a service” and in the monitoring process. Due to this approach

osteocytes

Towards a Notion of Quantitative Security Analysisprotocol actions, both of the Dolev-Yao kind as well as non traditional forms such as computationally-hard operations, guessing, principal subversion, and failure. This quantitative approach enables evaluating protocol resilience to various forms of denial of service, guessing attacks, and resource

BAN

Intersection Attacks on Web-Mixes: Bringing the Theory into Praxisibe intersection attacks that have been performed on data from anonymized proxy log files. This approach creates all new problems that arise in real systems, where real-world users do not behave like those in the idealized model. E.g. the attack algorithm has to cope with a fixed number of observati

新娘

Using Guesswork as a Measure for Confidentiality of Selectively Encrypted Messagese expected number of guesses that an attacker must perform in an optimal brute force attack to reveal an encrypted message. The characteristics of the proposed measure are investigated for zero-order languages. We also introduce the concept of reduction chains to describe how the message (or rather

诗集

Measuring Inference Exposure in Outsourced Encrypted Databasesnal service provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data s

DEMN