電子發燒友App
創作
發文章
發帖 
提問 
發資料
發視頻資料介紹
Security within information systems context is based on a complicated trust relations and questions on communication prospective. Trust relations are
established between two communicating parties in a relation such as sender/receiver and client/server. When such relations cannot establish trust directly, trusted third parties are used as mediators, which can complicate
matters even farther. Security is taken differently by different persons with different prospective of the communicating systems. To a user, security might mean
protection on privacy, identity theft and against framing.To an administrator, responsible for the correct working of the applications, security might mean protection on data and process integrity, information flow and recourses protection. The (user, application) pair leads to the necessary establishment of four trust relations among them; application-application, user-application,
application-user and user-user. In practice these trust relations are made mutual by, 'I trust you if you trust me'principle. For example, an application trusts a user if the user provides a valid credential at sign-on, the user in turn trusts the application to protect its data and process such that, his/her identity has not being compromised.
Whose fault is it when an identity is caught doing an illegal act? Is it a dishonest user, who is the owner of the identity, or an application with weak security policies and implementation, which allow identities theft to occur? It
might well be the fault of a weak communication link protocol which leak users' identity under the establishment of trust relations mention above. In this paper we propose some security tools based on open-source software for Web applications/services for teams of developers and implementers of limited size.
Web applications/services have been developed and deployed due to necessity and not based on commercial goals.
Members of development teams (developers and engineers), normally have different levels of technical knowledge, experience and know-how. Usually, such a project concentrates on workability of a system in a complex environment rather than producing commercial grade software for an assumed environment. To meet the
workability goal, security concerns are not taken into consideration due to lack of experience and/or work knowledge. We believe that by using simple and openended
software tools, developers, and implementers can achieve both workability and a higher level of security due to the fact that a system being developed is under a
full control of the developers. The paper is organized as follows. Related work is
presented in Section 2. Trust relations are discussed in Section 3. In Section 4 we proposed the use of signed massage of digital envelope package to be used in XMLRPC communication that ensures security, privacy and non-repudiation. A method of using password card called PASS-card for Web sign-on that does not disclose users' system credentials is presented in Section 5. The paper ends with a conclusion.
established between two communicating parties in a relation such as sender/receiver and client/server. When such relations cannot establish trust directly, trusted third parties are used as mediators, which can complicate
matters even farther. Security is taken differently by different persons with different prospective of the communicating systems. To a user, security might mean
protection on privacy, identity theft and against framing.To an administrator, responsible for the correct working of the applications, security might mean protection on data and process integrity, information flow and recourses protection. The (user, application) pair leads to the necessary establishment of four trust relations among them; application-application, user-application,
application-user and user-user. In practice these trust relations are made mutual by, 'I trust you if you trust me'principle. For example, an application trusts a user if the user provides a valid credential at sign-on, the user in turn trusts the application to protect its data and process such that, his/her identity has not being compromised.
Whose fault is it when an identity is caught doing an illegal act? Is it a dishonest user, who is the owner of the identity, or an application with weak security policies and implementation, which allow identities theft to occur? It
might well be the fault of a weak communication link protocol which leak users' identity under the establishment of trust relations mention above. In this paper we propose some security tools based on open-source software for Web applications/services for teams of developers and implementers of limited size.
Web applications/services have been developed and deployed due to necessity and not based on commercial goals.
Members of development teams (developers and engineers), normally have different levels of technical knowledge, experience and know-how. Usually, such a project concentrates on workability of a system in a complex environment rather than producing commercial grade software for an assumed environment. To meet the
workability goal, security concerns are not taken into consideration due to lack of experience and/or work knowledge. We believe that by using simple and openended
software tools, developers, and implementers can achieve both workability and a higher level of security due to the fact that a system being developed is under a
full control of the developers. The paper is organized as follows. Related work is
presented in Section 2. Trust relations are discussed in Section 3. In Section 4 we proposed the use of signed massage of digital envelope package to be used in XMLRPC communication that ensures security, privacy and non-repudiation. A method of using password card called PASS-card for Web sign-on that does not disclose users' system credentials is presented in Section 5. The paper ends with a conclusion.
下載該資料的人也在下載
下載該資料的人還在閱讀
更多 >
- 配網自動化技術
- bacnet技術的智能樓宇自動化系統的設計
- 基于機器視覺和運動控制的工業自動化 35次下載
- FA工業自動化設備設計基礎 18次下載
- 汽車制造的機械自動化技術應用發展 4次下載
- 谷歌眼鏡在工業自動化領域的應用 8次下載
- 工業自動化技術的組成及功能和發展應用的介紹 7次下載
- 藍牙在工業自動化數據通信中的應用 4次下載
- TI針對工業通信的工業自動化解決方案 45次下載
- 工業自動化與控制環境下實現無線通信的新近動 19次下載
- 工業交換機在制漿自動化中的應用
- 工業交換機在造紙自動化中的應用
- 信息時代工業自動化的發展趨勢
- 基于工業以太網的配電自動化系統的設計
- 基于SIMATIC工業自動化技術的說明
- M12連接器技術規格解析:工業自動化的優選方案 110次閱讀
- PLC在工業自動化的應用及解決方案 819次閱讀
- 藍牙模塊在工業自動化中的應用:高效、安全、智能 520次閱讀
- 繼電器在工業自動化領域的應用 943次閱讀
- 工業自動化中的控制方式 898次閱讀
- 機器視覺技術在工業自動化中的應用 921次閱讀
- 工業自動化和自動化區別是什么 1834次閱讀
- SCADA系統在工業自動化中的應用 1183次閱讀
- 機器視覺檢測技術在工業自動化中的應用 901次閱讀
- 視覺控制器在工業自動化的應用 929次閱讀
- PID控制器在工業自動化中的應用 1897次閱讀
- 過程自動化控制和運動自動化控制的原理詳解 1735次閱讀
- 實時控制和通信領域的IT/OT融合如何推動工業自動化 542次閱讀
- 物聯網技術在工業自動化中的關鍵技術有哪些 4545次閱讀
- 自動化領域初涉水 非標自動化和自動化到底有哪些區別? 6349次閱讀
上傳資料賺積分下載排行
本周
- 1電子電路原理第七版PDF電子教材免費下載
- 0.00 MB | 1490次下載 | 免費
- 2單片機典型實例介紹
- 18.19 MB | 92次下載 | 1 積分
- 3S7-200PLC編程實例詳細資料
- 1.17 MB | 27次下載 | 1 積分
- 4筆記本電腦主板的元件識別和講解說明
- 4.28 MB | 18次下載 | 4 積分
- 5開關電源原理及各功能電路詳解
- 0.38 MB | 10次下載 | 免費
- 6基于AT89C2051/4051單片機編程器的實驗
- 0.11 MB | 4次下載 | 免費
- 7藍牙設備在嵌入式領域的廣泛應用
- 0.63 MB | 3次下載 | 免費
- 89天練會電子電路識圖
- 5.91 MB | 3次下載 | 免費
本月
- 1OrCAD10.5下載OrCAD10.5中文版軟件
- 0.00 MB | 234313次下載 | 免費
- 2PADS 9.0 2009最新版 -下載
- 0.00 MB | 66304次下載 | 免費
- 3protel99下載protel99軟件下載(中文版)
- 0.00 MB | 51209次下載 | 免費
- 4LabView 8.0 專業版下載 (3CD完整版)
- 0.00 MB | 51043次下載 | 免費
- 5555集成電路應用800例(新編版)
- 0.00 MB | 33562次下載 | 免費
- 6接口電路圖大全
- 未知 | 30320次下載 | 免費
- 7Multisim 10下載Multisim 10 中文版
- 0.00 MB | 28588次下載 | 免費
- 8開關電源設計實例指南
- 未知 | 21539次下載 | 免費
總榜
- 1matlab軟件下載入口
- 未知 | 935053次下載 | 免費
- 2protel99se軟件下載(可英文版轉中文版)
- 78.1 MB | 537791次下載 | 免費
- 3MATLAB 7.1 下載 (含軟件介紹)
- 未知 | 420026次下載 | 免費
- 4OrCAD10.5下載OrCAD10.5中文版軟件
- 0.00 MB | 234313次下載 | 免費
- 5Altium DXP2002下載入口
- 未知 | 233045次下載 | 免費
- 6電路仿真軟件multisim 10.0免費下載
- 340992 | 191183次下載 | 免費
- 7十天學會AVR單片機與C語言視頻教程 下載
- 158M | 183277次下載 | 免費
- 8proe5.0野火版下載(中文版免費下載)
- 未知 | 138039次下載 | 免費
工商網監
評論