Today, applications in mobile multi-agent systems require a high degree of confidence that running code inside the system will not be malicious. Also any malicious agents must be identified and contained. Since the inception of mobile agents, the intruder has been addressed using a multitude of techniques, but many of these implementations have only addressed concerns from the position of either the platform or the agents. Very few approaches have undertaken the problem of mobile agent security from both perspectives simultaneously. Furthermore, no middleware exists to facilitate provisioning of the required security qualities of mobile agent software while extensively focusing on easing the software development burden. The aim is to build a distributed secure system using multi-agents by applying the principles of software engineering. The objectives of this paper is to introduce multi agent systems that enhance security rules through the access right to building a distributed secure system integrating with principles of software engineering system life cycle, as well as satisfy the security access right for both platform and agents to improve the three characteristics of agents adaptively, mobility and flexibility. This project based on the platform of PHP and MYSQL (Database) which can be presented in a website. The implementation and test are applied in both Linux and Windows platforms, including Linux Red Hat 8, Linux Ubuntu 6.06 LTS and Microsoft Windows XP Professional. Since PHP and MySQL are available in almost all operating systems, the result could be tested the platform as long as PHP and MySQL configuration is available. PHP5 and the MySQL (database) software are used to build a secure website. Multiple techniques of security and authentications have been used by multi-agents system. Secure database is encrypted by using md5. Also satisfy the characteristics for security requirements: confidentiality (protection from disclosure to unauthorized persons), integrity (maintaining data consistency) and authentication (assurance of identity of person or originator of data).
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...CSCJournals
Software Reliability is the probability of failure-free software operation for a specified period of time in a specified environment. Cyber threats on software security have been prevailing and have increased exponentially, posing a major challenge on software reliability in the cyber physical systems (CPS) environment. Applying patches after the software has been developed is outdated and a major security flaw. However, this has posed a major software reliability challenge as threat actors are exploiting unpatched and insecure software configuration vulnerabilities that are not identified at the design phase. This paper aims to investigate the SDLC approach to software reliability and quality assurance challenges in CPS security. To demonstrate the applicability of our work, we review existing security requirements engineering concepts and methodologies such as TROPOS, I*, KAOS, Tropos and Secure Tropos to determine their relevance in software security. We consider how the methodologies and function points are used to implement constraints to improve software reliability. Finally, the function points concepts are implemented into the CPS security components. The results show that software security threats in CPS can be addressed by integrating the SRE approach and function point analysis in the development to improve software reliability.
INTERNAL SECURITY ON AN IDS BASED ON AGENTSIJNSA Journal
This document describes an intrusion detection system (IDS) based on a multi-agent system that provides internal security for agents. The IDS uses different types of agents (collectors, transceivers, itinerants, monitors) organized in a hierarchical structure to monitor network traffic and detect intrusions. The system implements techniques like a matrix of marks and hash functions to verify the identity and integrity of agents and prevent attacks from within the platform. The IDS architecture is presented along with how the agents communicate and coordinate to correlate events, generate new signatures, and ensure internal security without affecting system performance. The document evaluates this agent-based IDS approach for providing security while maintaining flexibility and adaptability.
Internal security on an ids based on agentscsandit
The document describes a proposed hierarchical intrusion detection system (IDS) based on agents. Key points:
1. The IDS uses a multi-agent approach with different agent types (collectors, transceivers, monitors) to distribute monitoring tasks without affecting system performance.
2. Internal security techniques are implemented to verify the identity and integrity of agents, such as using a matrix of marks and hash functions to check agents.
3. The IDS was prototyped using the BESA multi-agent platform and can detect attacks through signature matching and event correlation across the agent network.
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTijesajournal
Diverse types of software are used in almost all sectors of businesses in the modern world. They provide mechanisms that enable buyers and sellers to interact virtually, reduce manual work in businesses and institutions as well as make work a lot easier. Increased demand for software has led to the increased investment that has subsequently attracted numerous security attacks. Millions of resources are held in various software worldwide, cyber-attack criminals have made a career in breaching software security for selfish gains, thus necessitating the development and establishment of secure software. Through a literature review, the work introduces concepts and terms used in secure software development, presents the best practices and provides a review of the models that could be used. Confidentiality, integrity, availability, and non-repudiation are secure software terms that mean it should be secret, safe, and accessible and keeps a record of every activity undertaken. The proposed work advocates for several best practices among them the creation of a secure perimeter that limits access to key segments or parts of the system in addition to reducing attacking surface or rather reducing the opportunities available for cyber-attack. In regard to the engineering of software, the paper recommends that system requirements must be established before the software is created. Additional engineering ought to be done after the system has been evaluated just before the official launch. Moreover, the paper recommends the adoption of strategies that are used by renowned software models such as Microsoft Software Development Life-cycle among others. Those models have put secure software strategies throughout the life-cycle of software development. They recognize the need to put secure engineering systems during the design and utilization of the software because new methods of breaching software security come up every new day. The paper concludes by noting that continued collaborative efforts to guarantee more secure software is still a demanding need. Adherence to basic secure software development and utilization is essential in addition to developing additional engineering that maintains the integrity, confidentially and accessibility of the software.
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...theijes
Software weaknesses in design, architecture, code and deployment have led to software vulnerability exploited by the perpetrators. Although counter measure tools have been developed such as patch management systems, firewalls and antivirus, but the perpetrators have advance sophisticated tools such malware with crypto-lock and crypto-wall technologies. The current counter measures technologies are based on detection and respond model or risk management framework, which are no match to the attacker’s technologies based on speed technologies such as machine generated malwares and precision or stealth technologies such as command-andcontrol node malwares. Although lots of ink has been poured on advances in measuring and preventing software weakness on the detection and respond concept,this study is motivated to explore the state-of-art advances specifically on the novel concept of Continuous Trust Restoration (CTR). The Continuous Trust Restoration is a process of breaking down attacker’s activities kill chain and restoring the system trust. The CTR concept deploys speed, precision and stealth technologies on random route mutation, random host mutation, hypervisors, trust boot, software identities and software define infrastructure. Moreover, to deploy these technologies the study further explores a common security architectural framework with software metrics such as CVE (Common Vulnerability and Exposure), CWE (Common Weakness Enumeration), CVSS (Common Vulnerability Scoring System), CWSS (Common Weakness Scoring System), and CAPEC (Common Attack Pattern Enumeration and Classification). Finally, the study recommends a software security counter measures research paradigm shift from the current detection and respond models to Continuous Trust Restoration concept and from risk management frameworks to a Common Security Architectural Framework.
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...AM Publications
This paper analysis vulnerability of known attacks on WLAN cipher suite, authentication mechanisms and credentials using common vulnerability scoring system (CVSS).
STRUCTURAL COMPLEXITY ATTRIBUTE CLASSIFICATION FRAMEWORK (SCACF) FOR SASSY CA...ijseajournal
This document discusses the relationship between software complexity and security. It notes that while complexity is an essential part of software, numerous studies have shown that increased complexity can introduce bugs and vulnerabilities. The document provides an extensive literature review on the topics of software complexity, sources of vulnerabilities, and reasons for the growing number of disclosed vulnerabilities. It argues that complexity is one of the main reasons for vulnerabilities in software systems and that maintaining low complexity and simple designs is vital for security.
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
With the ever increasing number and diverse type of attacks, including new and previously unseen attacks, the effectiveness of an Intrusion Detection System is very important. Hence there is high demand to reduce the threat level in networks to ensure the data and services offered by them to be more secure. In this paper we developed an effective test suite for improving the efficiency and accuracy of an intrusion detection system using the layered CRFs. We set up different types of checks at multiple levels in each layer. Our framework examines various attributes at every layer in order to effectively identify any breach of security. Once the attack is detected, it is intimated through mobile phone to the system administrator for safeguarding the server system. We established experimentally that the layered CRFs can thus be more effective in detecting intrusions when compared with the other previously known techniques.
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...CSCJournals
Software Reliability is the probability of failure-free software operation for a specified period of time in a specified environment. Cyber threats on software security have been prevailing and have increased exponentially, posing a major challenge on software reliability in the cyber physical systems (CPS) environment. Applying patches after the software has been developed is outdated and a major security flaw. However, this has posed a major software reliability challenge as threat actors are exploiting unpatched and insecure software configuration vulnerabilities that are not identified at the design phase. This paper aims to investigate the SDLC approach to software reliability and quality assurance challenges in CPS security. To demonstrate the applicability of our work, we review existing security requirements engineering concepts and methodologies such as TROPOS, I*, KAOS, Tropos and Secure Tropos to determine their relevance in software security. We consider how the methodologies and function points are used to implement constraints to improve software reliability. Finally, the function points concepts are implemented into the CPS security components. The results show that software security threats in CPS can be addressed by integrating the SRE approach and function point analysis in the development to improve software reliability.
INTERNAL SECURITY ON AN IDS BASED ON AGENTSIJNSA Journal
This document describes an intrusion detection system (IDS) based on a multi-agent system that provides internal security for agents. The IDS uses different types of agents (collectors, transceivers, itinerants, monitors) organized in a hierarchical structure to monitor network traffic and detect intrusions. The system implements techniques like a matrix of marks and hash functions to verify the identity and integrity of agents and prevent attacks from within the platform. The IDS architecture is presented along with how the agents communicate and coordinate to correlate events, generate new signatures, and ensure internal security without affecting system performance. The document evaluates this agent-based IDS approach for providing security while maintaining flexibility and adaptability.
Internal security on an ids based on agentscsandit
The document describes a proposed hierarchical intrusion detection system (IDS) based on agents. Key points:
1. The IDS uses a multi-agent approach with different agent types (collectors, transceivers, monitors) to distribute monitoring tasks without affecting system performance.
2. Internal security techniques are implemented to verify the identity and integrity of agents, such as using a matrix of marks and hash functions to check agents.
3. The IDS was prototyped using the BESA multi-agent platform and can detect attacks through signature matching and event correlation across the agent network.
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTijesajournal
Diverse types of software are used in almost all sectors of businesses in the modern world. They provide mechanisms that enable buyers and sellers to interact virtually, reduce manual work in businesses and institutions as well as make work a lot easier. Increased demand for software has led to the increased investment that has subsequently attracted numerous security attacks. Millions of resources are held in various software worldwide, cyber-attack criminals have made a career in breaching software security for selfish gains, thus necessitating the development and establishment of secure software. Through a literature review, the work introduces concepts and terms used in secure software development, presents the best practices and provides a review of the models that could be used. Confidentiality, integrity, availability, and non-repudiation are secure software terms that mean it should be secret, safe, and accessible and keeps a record of every activity undertaken. The proposed work advocates for several best practices among them the creation of a secure perimeter that limits access to key segments or parts of the system in addition to reducing attacking surface or rather reducing the opportunities available for cyber-attack. In regard to the engineering of software, the paper recommends that system requirements must be established before the software is created. Additional engineering ought to be done after the system has been evaluated just before the official launch. Moreover, the paper recommends the adoption of strategies that are used by renowned software models such as Microsoft Software Development Life-cycle among others. Those models have put secure software strategies throughout the life-cycle of software development. They recognize the need to put secure engineering systems during the design and utilization of the software because new methods of breaching software security come up every new day. The paper concludes by noting that continued collaborative efforts to guarantee more secure software is still a demanding need. Adherence to basic secure software development and utilization is essential in addition to developing additional engineering that maintains the integrity, confidentially and accessibility of the software.
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...theijes
Software weaknesses in design, architecture, code and deployment have led to software vulnerability exploited by the perpetrators. Although counter measure tools have been developed such as patch management systems, firewalls and antivirus, but the perpetrators have advance sophisticated tools such malware with crypto-lock and crypto-wall technologies. The current counter measures technologies are based on detection and respond model or risk management framework, which are no match to the attacker’s technologies based on speed technologies such as machine generated malwares and precision or stealth technologies such as command-andcontrol node malwares. Although lots of ink has been poured on advances in measuring and preventing software weakness on the detection and respond concept,this study is motivated to explore the state-of-art advances specifically on the novel concept of Continuous Trust Restoration (CTR). The Continuous Trust Restoration is a process of breaking down attacker’s activities kill chain and restoring the system trust. The CTR concept deploys speed, precision and stealth technologies on random route mutation, random host mutation, hypervisors, trust boot, software identities and software define infrastructure. Moreover, to deploy these technologies the study further explores a common security architectural framework with software metrics such as CVE (Common Vulnerability and Exposure), CWE (Common Weakness Enumeration), CVSS (Common Vulnerability Scoring System), CWSS (Common Weakness Scoring System), and CAPEC (Common Attack Pattern Enumeration and Classification). Finally, the study recommends a software security counter measures research paradigm shift from the current detection and respond models to Continuous Trust Restoration concept and from risk management frameworks to a Common Security Architectural Framework.
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...AM Publications
This paper analysis vulnerability of known attacks on WLAN cipher suite, authentication mechanisms and credentials using common vulnerability scoring system (CVSS).
STRUCTURAL COMPLEXITY ATTRIBUTE CLASSIFICATION FRAMEWORK (SCACF) FOR SASSY CA...ijseajournal
This document discusses the relationship between software complexity and security. It notes that while complexity is an essential part of software, numerous studies have shown that increased complexity can introduce bugs and vulnerabilities. The document provides an extensive literature review on the topics of software complexity, sources of vulnerabilities, and reasons for the growing number of disclosed vulnerabilities. It argues that complexity is one of the main reasons for vulnerabilities in software systems and that maintaining low complexity and simple designs is vital for security.
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
With the ever increasing number and diverse type of attacks, including new and previously unseen attacks, the effectiveness of an Intrusion Detection System is very important. Hence there is high demand to reduce the threat level in networks to ensure the data and services offered by them to be more secure. In this paper we developed an effective test suite for improving the efficiency and accuracy of an intrusion detection system using the layered CRFs. We set up different types of checks at multiple levels in each layer. Our framework examines various attributes at every layer in order to effectively identify any breach of security. Once the attack is detected, it is intimated through mobile phone to the system administrator for safeguarding the server system. We established experimentally that the layered CRFs can thus be more effective in detecting intrusions when compared with the other previously known techniques.
An explicit trust model towards better system securitycsandit
The document proposes an explicit trust model to improve system security. The model defines trust as a combination of characteristics like invulnerability, integrity, verification, and trustworthiness. It identifies categories of functional and transactional trust with levels like operational, verifiable, and denied trust. The model includes a trust engine that calculates trust metrics based on these characteristics and assigns trust levels before code execution. This allows trust to evolve based on historical performance, strengthening security by restricting access based on trust levels. A formal analysis evaluates security versus performance, and an asset threat model shows how common attacks could be addressed.
This summarizes a research paper about standardizing source code security audits. The paper proposes assembling literature on security audit techniques to promote standard methodology. It then presents a case study analyzing vulnerabilities in the Apache Traffic Server using two proprietary tools. The study examines potential issues, connects them to a standard taxonomy (CWE), and describes consequences of exploits. The paper concludes by reviewing other security case studies.
Application of Attack Graphs in Intrusion Detection Systems: An ImplementationCSCJournals
This document discusses integrating attack graphs with intrusion detection systems to help identify complex multi-stage attacks. It proposes an architecture where an intrusion detection system detects alerts and stores them in a database. A vulnerability scanner identifies vulnerabilities, and an attack graph generator uses the alerts and vulnerabilities to generate and update an attack graph. A tool then analyzes the alerts and attack graph to highlight detected intrusions on the graph. The goal is to help administrators better understand the progression of attacks by visualizing how alerts may be related across different stages of an attack. As a proof of concept, the paper implements this using SNORT for intrusion detection, NESSUS for vulnerability scanning, and MULVAL for attack graph generation.
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
Network defense implies a comprehensive set of software tools to preclude malicious entities from conducting activities such as exfiltration of data, theft of credentials, blocking of services and other nefarious activities. For most enterprises at this time, that defense builds upon a clear concept of the fortress approach. Many of the requirements are based on inspection and reporting prior to delivery of the communication to the intended target. These inspections require decryption of packets and this implies that the defensive suite either impersonates the requestor, or has access to the private cryptographic keysof the servers that are the target of communication. This is in contrast to an end-to-end paradigm where known good entities can communicate directly and no other entity has access to the content unless that content is provided to them. There are many new processes that require end-to-end encrypted communication, including distributed computing, endpoint architectures, and zero trust architectures and enterprise level security. In an end-to-end paradigm, the keys used for authentication, confidentiality, and integrity reside only with the endpoints. This paper examines a formulation that allows unbroken communication, while meeting the inspection and reporting requirements of a network defense. This work is part of a broader security architecture termed Enterprise Level Security (ELS)framework.
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
Network defense implies a comprehensive set of software tools to preclude malicious entities from conducting activities such as exfiltration of data, theft of credentials, blocking of services and other nefarious activities. For most enterprises at this time, that defense builds upon a clear concept of the fortress approach. Many of the requirements are based on inspection and reporting prior to delivery of the communication to the intended target. These inspections require decryption of packets and this implies that the defensive suite either impersonates the requestor, or has access to the private cryptographic keysof the servers that are the target of communication. This is in contrast to an end-to-end paradigm where known good entities can communicate directly and no other entity has access to the content unless that content is provided to them. There are many new processes that require end-to-end encrypted communication, including distributed computing, endpoint architectures, and zero trust architectures and enterprise level security. In an end-to-end paradigm, the keys used for authentication, confidentiality, and integrity reside only with the endpoints. This paper examines a formulation that allows unbroken communication, while meeting the inspection and reporting requirements of a network defense. This work is part of a broader security architecture termed Enterprise Level Security (ELS)framework.
Software security risk mitigation using object oriented design patternseSAT Journals
Abstract It is now well known that requirement and the design phase of software development lifecycle are the phases where security incorporation yields maximum benefits.In this paper, we have tried to tie security requirements, security features and security design patterns together in a single string. It is complete process that will help a designer to choose the most appropriate security design pattern depending on the security requirements. The process includes risk analysis methodology at the design phase of the software that is based on the common criteria requirement as it is a wellknown security standard that is generally used in the development of security requirements. Risk mitigation mechanisms are proposed in the form of security design patterns. Exhaustive list of most reliable and well proven security design patterns is prepared and their categorization is done on the basis of attributes like data sensitivity, sector, number of users etc. Identified patterns are divided into three levels of security. After the selection of security requirement, the software designer can calculate the percentage of security features contribution and on the basis of this percentage; design pattern level can be selected and applied.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
1) The document discusses security issues in cloud computing, with a focus on vulnerabilities in the virtualization layer.
2) It proposes a secure model (SVM) using intrusion detection systems to monitor virtual machines and detect attacks. This would help virtual machines resist attacks more efficiently in cloud environments.
3) Some key virtualization vulnerabilities discussed include attacks on hypervisors, compromised isolation between virtual machines, and packet sniffing/spoofing in virtual networks. The proposed SVM model aims to address these issues and secure the virtualization layer in cloud infrastructure.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Program Robustness is now more important than before, because of the role software programs play in our
life. Many papers defined it, measured it, and put it into context. In this paper, we explore the different
definitions of program robustness and different types of techniques used to achieve or measure it. There
are many papers about robustness. We chose the papers that clearly discuss program or software
robustness. These papers stated that program (or software) robustness indicates the absence of ungraceful
failures. There are different types of techniques used to create or measure a robust program. However,
there is still a wide space for research in this area.
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
In component based software reusability development process, the software developers have to choose the best components which are self adaptive future to overcome the functional errors, framework mismatches, violation of user level privacy issues and data leakage feasibilities. The software developers can build high quality software applications by taking the consideration of the reusable components which are more suitable to provide high level data security and privacy. This paper has proposing the neural based fuzzy framework based approach to estimate the reusable components which are directly and indirectly involve the security and privacy to improve the quality of the software system. This approach has considered the twenty effecting factors and fifty three attribute matrices. It has formed with three stages of execution scenarios. The first stage has executed with eleven effecting factors and eighteen attribute matrices for identification of supporting software reusability components, the second stage has executed with four effecting factors and thirty five attribute matrices for identification of subinternal relationships in terms of security-privacy, and the third stage has executed with eight effecting factors and six attribute matrices for identification of sub of sub-internal relationships in terms of security risk estimation. This analytical finding proposes a fuzzy logic model to evaluate the most feasible effecting factors that influence the enterprise level data security-privacy practices at real time environment.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
The purpose of the paper is to present a metric for availability based on the design of the information
system. The availability metric proposed in this paper is twofold, based on the operating program and
network delay metric of the information system (For the local bound component composition the
availability metric is purely based on the software/operating program, for the remote bound component
composition the metric incorporates the delay metric of the network). The aim of the paper is to present a
quantitative availability metric derived from the component composition of an Information System, based
on the dependencies among the individual measurable components of the system. The metric is used for
measuring and evaluating availability of an information system from the security perspective, the
measurements may be done during the design phase or may also be done after the system is fully
functional. The work in the paper provides a platform for further research regarding the quantitative
security metric (based on the components of an information system i.e. user, hardware, operating
program and the network.) for an information system that addresses all the attributes of information and
network security.
This document proposes a Rational Unified Treatment approach for Web Application Vulnerability Assessment (WVA). It implements the Rational Unified Process (RUP) framework to iteratively identify vulnerabilities. The approach discovers assets, audits for risks and threats, exploits identified vulnerabilities, and provides mitigation steps. It was tested on a web application using the w3af security scanner. The results generated reports on discovered vulnerabilities in different formats to help secure the application.
How can we predict vulnerabilities to prevent them from causing data lossesAbhishek BV
This document discusses various approaches to predict software vulnerabilities in order to prevent data losses. It begins by providing background on software vulnerabilities and their impacts. It then evaluates three main approaches: reactive, reliability, and proactive. The document favors the proactive approach, which predicts flaws before they occur. It summarizes three proposed solutions that take a proactive approach: 1) building a prediction model using software characteristics, 2) using source code static analyzers during development, and 3) employing a combination of statistical methods and code metrics throughout the software lifecycle. For each solution, it discusses the methodology, findings, advantages and disadvantages. Overall, the document analyzes different proactive approaches to vulnerability prediction in order to address how vulnerabilities can be
This document discusses the development of a cross-platform penetration testing suite that compiles standard penetration testing tools into a single mobile application. The suite aims to provide easy access to penetration testing tools on any Android device, improving portability for ethical hackers. It does not require root access of the user's phone. The suite is designed to perform tasks like port scanning, vulnerability scanning, payload generation, and more. It consolidates typical tools used for information gathering, vulnerability assessment, exploitation, and covering tracks into a single interface. This allows ethical hackers to conduct basic penetration tests using only their mobile device.
Intrusion Detection in Industrial Automation by Joint Admin AuthorizationIJMTST Journal
Intrusion response is a more important part of security protection. In industrial automation systems (IASs) have achieved maximum and availability attention. Real-time security policy of intrusion response has big challenge for intrusion response in IASs. The loss caused by the security threats may even increase the industrial automation. However, traditional approach in intrusion detection pays attention on security policy decisions and removes security policy execution. Proposed system presents a general, real-time control depends on table driven scheduling of intrusion detection and response in IASs to resolve the problem of security policy like assigning rights to use the system. Security policy created of a security service group, with every kind of security techniques supported by a realization task set. Realization tasks from different task sets can be combined to form a response task set. In this approach, first, a response task set is created by a non dominated genetic algorithm with joint consideration of security performance and cost. Then, the system is re- configured via an integrated scheduling scheme in which system tasks and response tasks are mapped and scheduled together based on a GA. Additionally, this system proposed Joint Admin Model (JTAM) model to control over unauthorized access in industrial automation system. Furthermore, proposed method shows result of industrial automation for security mechanism. Security policy helps to authenticate user request to access industrial resources.
This document provides an agenda for the "European Data Forum, Copenhagen, Denmark" event on realizing and exploiting the EU Data Cloud. The agenda includes: an introduction by Knud Möller; a presentation by Richard Cyganiak on the Web of Data and its 5 Stars; a presentation by Michael Hausenblas on the LATC project and the Data Cloud; a presentation by Jens Lehmann on creating and consuming data for the EU Data Cloud; a presentation by Anja Jentzsch on link sets and why they are important; and a closing presentation by Knud Möller on moving to the cloud, followed by a Q&A session.
Practical Applications of Semantic Web in Retail -- Semtech 2014 Jay Myers
This presentation explores a year of experimentation, POCs, and research of Linked Data and Semantic Web technologies within Best Buy. It highlights three use cases where a small team approached internal data problems with semantics -- reviewing high level technical methodologies, application details, and technical and business metrics (ROI, conversion, etc.)
Linked GeoRef is an open dataset and API that aims to improve geographical annotation and finding of public sector information by integrating different geographical reference systems into a single linked data framework. It assigns unique identifiers (URIs) to codes from systems like AGS, NUTS, and Berlin's LOR, and links related codes to show hierarchical and equivalence relationships. This allows different systems to be used together and converted between each other. The dataset is hosted with SPARQL endpoint for lookup and conversion of codes between systems.
An explicit trust model towards better system securitycsandit
The document proposes an explicit trust model to improve system security. The model defines trust as a combination of characteristics like invulnerability, integrity, verification, and trustworthiness. It identifies categories of functional and transactional trust with levels like operational, verifiable, and denied trust. The model includes a trust engine that calculates trust metrics based on these characteristics and assigns trust levels before code execution. This allows trust to evolve based on historical performance, strengthening security by restricting access based on trust levels. A formal analysis evaluates security versus performance, and an asset threat model shows how common attacks could be addressed.
This summarizes a research paper about standardizing source code security audits. The paper proposes assembling literature on security audit techniques to promote standard methodology. It then presents a case study analyzing vulnerabilities in the Apache Traffic Server using two proprietary tools. The study examines potential issues, connects them to a standard taxonomy (CWE), and describes consequences of exploits. The paper concludes by reviewing other security case studies.
Application of Attack Graphs in Intrusion Detection Systems: An ImplementationCSCJournals
This document discusses integrating attack graphs with intrusion detection systems to help identify complex multi-stage attacks. It proposes an architecture where an intrusion detection system detects alerts and stores them in a database. A vulnerability scanner identifies vulnerabilities, and an attack graph generator uses the alerts and vulnerabilities to generate and update an attack graph. A tool then analyzes the alerts and attack graph to highlight detected intrusions on the graph. The goal is to help administrators better understand the progression of attacks by visualizing how alerts may be related across different stages of an attack. As a proof of concept, the paper implements this using SNORT for intrusion detection, NESSUS for vulnerability scanning, and MULVAL for attack graph generation.
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
Network defense implies a comprehensive set of software tools to preclude malicious entities from conducting activities such as exfiltration of data, theft of credentials, blocking of services and other nefarious activities. For most enterprises at this time, that defense builds upon a clear concept of the fortress approach. Many of the requirements are based on inspection and reporting prior to delivery of the communication to the intended target. These inspections require decryption of packets and this implies that the defensive suite either impersonates the requestor, or has access to the private cryptographic keysof the servers that are the target of communication. This is in contrast to an end-to-end paradigm where known good entities can communicate directly and no other entity has access to the content unless that content is provided to them. There are many new processes that require end-to-end encrypted communication, including distributed computing, endpoint architectures, and zero trust architectures and enterprise level security. In an end-to-end paradigm, the keys used for authentication, confidentiality, and integrity reside only with the endpoints. This paper examines a formulation that allows unbroken communication, while meeting the inspection and reporting requirements of a network defense. This work is part of a broader security architecture termed Enterprise Level Security (ELS)framework.
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
Network defense implies a comprehensive set of software tools to preclude malicious entities from conducting activities such as exfiltration of data, theft of credentials, blocking of services and other nefarious activities. For most enterprises at this time, that defense builds upon a clear concept of the fortress approach. Many of the requirements are based on inspection and reporting prior to delivery of the communication to the intended target. These inspections require decryption of packets and this implies that the defensive suite either impersonates the requestor, or has access to the private cryptographic keysof the servers that are the target of communication. This is in contrast to an end-to-end paradigm where known good entities can communicate directly and no other entity has access to the content unless that content is provided to them. There are many new processes that require end-to-end encrypted communication, including distributed computing, endpoint architectures, and zero trust architectures and enterprise level security. In an end-to-end paradigm, the keys used for authentication, confidentiality, and integrity reside only with the endpoints. This paper examines a formulation that allows unbroken communication, while meeting the inspection and reporting requirements of a network defense. This work is part of a broader security architecture termed Enterprise Level Security (ELS)framework.
Software security risk mitigation using object oriented design patternseSAT Journals
Abstract It is now well known that requirement and the design phase of software development lifecycle are the phases where security incorporation yields maximum benefits.In this paper, we have tried to tie security requirements, security features and security design patterns together in a single string. It is complete process that will help a designer to choose the most appropriate security design pattern depending on the security requirements. The process includes risk analysis methodology at the design phase of the software that is based on the common criteria requirement as it is a wellknown security standard that is generally used in the development of security requirements. Risk mitigation mechanisms are proposed in the form of security design patterns. Exhaustive list of most reliable and well proven security design patterns is prepared and their categorization is done on the basis of attributes like data sensitivity, sector, number of users etc. Identified patterns are divided into three levels of security. After the selection of security requirement, the software designer can calculate the percentage of security features contribution and on the basis of this percentage; design pattern level can be selected and applied.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
1) The document discusses security issues in cloud computing, with a focus on vulnerabilities in the virtualization layer.
2) It proposes a secure model (SVM) using intrusion detection systems to monitor virtual machines and detect attacks. This would help virtual machines resist attacks more efficiently in cloud environments.
3) Some key virtualization vulnerabilities discussed include attacks on hypervisors, compromised isolation between virtual machines, and packet sniffing/spoofing in virtual networks. The proposed SVM model aims to address these issues and secure the virtualization layer in cloud infrastructure.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Program Robustness is now more important than before, because of the role software programs play in our
life. Many papers defined it, measured it, and put it into context. In this paper, we explore the different
definitions of program robustness and different types of techniques used to achieve or measure it. There
are many papers about robustness. We chose the papers that clearly discuss program or software
robustness. These papers stated that program (or software) robustness indicates the absence of ungraceful
failures. There are different types of techniques used to create or measure a robust program. However,
there is still a wide space for research in this area.
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
In component based software reusability development process, the software developers have to choose the best components which are self adaptive future to overcome the functional errors, framework mismatches, violation of user level privacy issues and data leakage feasibilities. The software developers can build high quality software applications by taking the consideration of the reusable components which are more suitable to provide high level data security and privacy. This paper has proposing the neural based fuzzy framework based approach to estimate the reusable components which are directly and indirectly involve the security and privacy to improve the quality of the software system. This approach has considered the twenty effecting factors and fifty three attribute matrices. It has formed with three stages of execution scenarios. The first stage has executed with eleven effecting factors and eighteen attribute matrices for identification of supporting software reusability components, the second stage has executed with four effecting factors and thirty five attribute matrices for identification of subinternal relationships in terms of security-privacy, and the third stage has executed with eight effecting factors and six attribute matrices for identification of sub of sub-internal relationships in terms of security risk estimation. This analytical finding proposes a fuzzy logic model to evaluate the most feasible effecting factors that influence the enterprise level data security-privacy practices at real time environment.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
The purpose of the paper is to present a metric for availability based on the design of the information
system. The availability metric proposed in this paper is twofold, based on the operating program and
network delay metric of the information system (For the local bound component composition the
availability metric is purely based on the software/operating program, for the remote bound component
composition the metric incorporates the delay metric of the network). The aim of the paper is to present a
quantitative availability metric derived from the component composition of an Information System, based
on the dependencies among the individual measurable components of the system. The metric is used for
measuring and evaluating availability of an information system from the security perspective, the
measurements may be done during the design phase or may also be done after the system is fully
functional. The work in the paper provides a platform for further research regarding the quantitative
security metric (based on the components of an information system i.e. user, hardware, operating
program and the network.) for an information system that addresses all the attributes of information and
network security.
This document proposes a Rational Unified Treatment approach for Web Application Vulnerability Assessment (WVA). It implements the Rational Unified Process (RUP) framework to iteratively identify vulnerabilities. The approach discovers assets, audits for risks and threats, exploits identified vulnerabilities, and provides mitigation steps. It was tested on a web application using the w3af security scanner. The results generated reports on discovered vulnerabilities in different formats to help secure the application.
How can we predict vulnerabilities to prevent them from causing data lossesAbhishek BV
This document discusses various approaches to predict software vulnerabilities in order to prevent data losses. It begins by providing background on software vulnerabilities and their impacts. It then evaluates three main approaches: reactive, reliability, and proactive. The document favors the proactive approach, which predicts flaws before they occur. It summarizes three proposed solutions that take a proactive approach: 1) building a prediction model using software characteristics, 2) using source code static analyzers during development, and 3) employing a combination of statistical methods and code metrics throughout the software lifecycle. For each solution, it discusses the methodology, findings, advantages and disadvantages. Overall, the document analyzes different proactive approaches to vulnerability prediction in order to address how vulnerabilities can be
This document discusses the development of a cross-platform penetration testing suite that compiles standard penetration testing tools into a single mobile application. The suite aims to provide easy access to penetration testing tools on any Android device, improving portability for ethical hackers. It does not require root access of the user's phone. The suite is designed to perform tasks like port scanning, vulnerability scanning, payload generation, and more. It consolidates typical tools used for information gathering, vulnerability assessment, exploitation, and covering tracks into a single interface. This allows ethical hackers to conduct basic penetration tests using only their mobile device.
Intrusion Detection in Industrial Automation by Joint Admin AuthorizationIJMTST Journal
Intrusion response is a more important part of security protection. In industrial automation systems (IASs) have achieved maximum and availability attention. Real-time security policy of intrusion response has big challenge for intrusion response in IASs. The loss caused by the security threats may even increase the industrial automation. However, traditional approach in intrusion detection pays attention on security policy decisions and removes security policy execution. Proposed system presents a general, real-time control depends on table driven scheduling of intrusion detection and response in IASs to resolve the problem of security policy like assigning rights to use the system. Security policy created of a security service group, with every kind of security techniques supported by a realization task set. Realization tasks from different task sets can be combined to form a response task set. In this approach, first, a response task set is created by a non dominated genetic algorithm with joint consideration of security performance and cost. Then, the system is re- configured via an integrated scheduling scheme in which system tasks and response tasks are mapped and scheduled together based on a GA. Additionally, this system proposed Joint Admin Model (JTAM) model to control over unauthorized access in industrial automation system. Furthermore, proposed method shows result of industrial automation for security mechanism. Security policy helps to authenticate user request to access industrial resources.
This document provides an agenda for the "European Data Forum, Copenhagen, Denmark" event on realizing and exploiting the EU Data Cloud. The agenda includes: an introduction by Knud Möller; a presentation by Richard Cyganiak on the Web of Data and its 5 Stars; a presentation by Michael Hausenblas on the LATC project and the Data Cloud; a presentation by Jens Lehmann on creating and consuming data for the EU Data Cloud; a presentation by Anja Jentzsch on link sets and why they are important; and a closing presentation by Knud Möller on moving to the cloud, followed by a Q&A session.
Practical Applications of Semantic Web in Retail -- Semtech 2014 Jay Myers
This presentation explores a year of experimentation, POCs, and research of Linked Data and Semantic Web technologies within Best Buy. It highlights three use cases where a small team approached internal data problems with semantics -- reviewing high level technical methodologies, application details, and technical and business metrics (ROI, conversion, etc.)
Linked GeoRef is an open dataset and API that aims to improve geographical annotation and finding of public sector information by integrating different geographical reference systems into a single linked data framework. It assigns unique identifiers (URIs) to codes from systems like AGS, NUTS, and Berlin's LOR, and links related codes to show hierarchical and equivalence relationships. This allows different systems to be used together and converted between each other. The dataset is hosted with SPARQL endpoint for lookup and conversion of codes between systems.
Knud Möller from Talis Systems gave a presentation on moving data to the cloud at the European Data Forum in Copenhagen on June 7, 2012. The presentation discussed how the LATC project, which helped develop linked open data platforms and tools, was ending but the work would continue through other projects like LOD2 and Planet Data. Möller highlighted several real-world examples of linked open data being used and encouraged the audience to open their data and link it. He also noted that LATC could continue assisting with tools, best practices, and EU linked open data datasets.
The Semantic Web (and what it can deliver for your business)Knud Möller
3-hour talk I gave on behalf of Social Bits and the Irish Internet Association (IIA). Contains an introduction to the general idea of the Semantic Web and Linked Data, its relevance and opportunities for businesses, and a look under the hood - how does it all work?
Digitales Graffiti und vernetzte Daten für digitale StädteKnud Möller
Digital cities rely on open data as a foundation. Open data encompasses more than just open government and can include citizen-contributed data. Digital graffiti allows people to leave traces in and as data. Linked open data connects data to provide context and show relationships between datasets. Germany lags behind in open data provision nationally due to information laws and technology skepticism.
Grid computing is concerned with the sharing and use of resources in dynamic distributed virtual
organizations. The dynamic nature of Grid environments introduces challenging security concerns that
demand new technical approaches. In this brief overview we review key Grid security issues and outline
the technologies that are being developed to address those issues. We focus on works done by Globus
Toolkits to provide security and also we will discuss about the cyber security in Grid.
INTERNAL SECURITY ON AN IDS BASED ON AGENTSIJNSA Journal
An Intrusion Detection System (IDS) can monitor different events that may occur in a determined network or host, and which affect any network security service (confidentiality, integrity, availability). Because of this, an IDS must be flexible and it must detect and trace each alert without affecting the system´s performance. On the other hand, agents ina Multi-Agent system have inherent security problems due to their mobility; that’s why we propose some techniques in order to provide internal security for the agents belonging to the system. The deployed IDS works with a multiagent platform and each component inside the infrastructure is verified using security techniques in order to provide integrity. Likewise, the agents can specialize in order to carry out specific jobs, for example monitoring TCP, UDP traffic, etc. The IDS can work without interfering in the system's performance. In this article we present a hierarchical IDS deployment with internal security on a multiagent system, using a platform named BESA with its processes, functions and results.
INTERNAL SECURITY ON AN IDS BASED ON AGENTScscpconf
The document describes a proposed hierarchical intrusion detection system (IDS) based on agents. Key points:
1. The IDS uses a multi-agent approach with different agent types (collectors, transceivers, monitors) to distribute monitoring tasks without affecting system performance.
2. Internal security techniques are implemented to verify the identity and integrity of agents, such as using a matrix of marks and hash functions to check agents.
3. The IDS was prototyped using the BESA multi-agent platform and tested for its ability to securely detect intrusions in an agent-based system.
Security Introspection for Software ReuseIRJET Journal
1) The document examines the relationship between software reuse and security vulnerabilities by analyzing 1244 open-source projects.
2) The results indicate that the number of potential vulnerabilities in native and reused code is related to the scale of development. Additionally, the number of dependencies is closely related to the number of vulnerabilities.
3) Software reuse is neither a panacea that fully addresses vulnerabilities nor does it inherently lead to an excessive number; the relationship between reuse and security vulnerabilities depends on factors like the scale of the project.
A Resiliency Framework For An Enterprise CloudJeff Nelson
The document summarizes a research paper that proposes a resiliency framework called the Cloud Computing Adoption Framework (CCAF) for enterprise clouds. CCAF includes four major emerging services - software resilience, service components, guidelines, and real case studies - that are designed to improve an organization's security when adopting cloud computing. The framework was validated through a large survey that provided user requirements to guide the system's design and development. CCAF aims to illustrate how software resilience and security can be improved for enterprises moving to the cloud.
A Security Analysis Framework Powered by an Expert SystemCSCJournals
Today\'s IT systems are facing a major challenge in confronting the fast rate of emerging security threats. Although many security tools are being employed within organizations in order to standup to these threats, the information revealed is very inferior in providing a rich understanding to the consequences of the discovered vulnerabilities. We believe expert systems can play an important role in capturing any security expertise from various sources in order to provide the informative deductions we are looking for from the supplied inputs. Throughout this research effort, we have built the Open Security Knowledge Engineered (OpenSKE) framework (http://code.google.com/p/openske), which is a security analysis framework built around an expert system in order to reason over the security information collected from external sources. Our implementation has been published online in order to facilitate and encourage online collaboration to increase the practical research within the field of security analysis.
This document discusses an ontology-based context-sensitive software security knowledge management modeling approach. It begins with an introduction describing the need for secure software development practices and security management systems. It then reviews related work incorporating ontologies and context modeling for software security. The proposed method involves an ontology-based context model with two parts: a software security domain model and an application context model. It describes the components of each model and establishes a hierarchical relationship between them. Finally, it discusses criteria for context-driven security modeling, including usability and quality. The overall aim is to develop a framework that assists practitioners in software security analysis and decision making based on application context.
A Review On Data Security In Cloud ComputingYolanda Ivey
This document provides a review of approaches for ensuring data security in cloud computing. It summarizes 31 research papers on this topic published between 2007-2014. The key findings are:
1) The majority of approaches (45%) ensured data security through encryption methods like RSA encryption, merging Playfair and Vigenere ciphers with DES, and using SSL encryption.
2) Other common approaches included proposing guidelines (21%) and frameworks (16%) for data security, and using homomorphic tokens (7%) to enable encrypted data comparisons.
3) The approaches were categorized based on the technique used, with encryption being the most frequent, followed by guidelines, frameworks, homomorphic tokens, and other methods like harmonizing
Our journal has become is a renowned international journal that operates on a monthly basis. It embraces the principles of open access, peer review, and full refereeing to ensure the highest standards of scholarly communication stands as a testament to the commitment of the global scientific community towards advancing research, promoting interdisciplinary collaborations, and enhancing academic excellence.
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
Virtualization continues to take center stage at IT industry, yet many organizations are finding it difficult to secure virtualized environments. Security is a critical component in the growing IT system surrounding virtualization. Many organizations find the security challenges associated with virtualization to be a major hurdle, companies of all kinds across all industries are looking towards addressing business and security needs in the virtual infrastructure. There are many research work done before about how to check the compliance status of the cloud platform, not of the virtual machines running on the platform. This paper proposes the security framework for multiple heterogeneous virtual machines which assess the compliance security of the virtual machines. In this paper we make use of REST APIs, using which we create remote session on the virtual machines and fetch the machine values which will be parsed to get the required values for assessment.
Integrating Threat Modeling in Secure Agent-Oriented Software DevelopmentWaqas Tariq
The main objective of this paper is to integrate threat modeling when developing a software application following the Secure Tropos methodology. Secure Tropos is an agent-oriented software development methodology which integrates “security extensions” into all development phases. Threat modeling is used to identify, document, and mitigate security risks, therefore, applying threat modeling when defining the security extensions shall lead to better modeling and increased level of security. After integrating threat modeling into this methodology, security attack scenarios are applied to the models to discuss how the security level of the system has been impacted. Security attack scenarios have been used to test different enhancements made to the Secure Tropos methodology and the Tropos methodology itself. The system modeled using this methodology is an e-Commerce application that will be used to sell handmade products made in Ecuador through the web. The .NET Model-View-Controller framework is used to develop our case study application. Results show that integrating threat modeling in the development process, the level of security of the modeled application has increased. The different actors, goals, tasks, and security constraints that were introduced based on the proposed integration help mitigate different risks and vulnerabilities.
AN ENHANCED USER AUTHENTICATION FRAMEWORK IN CLOUD COMPUTINGIJNSA Journal
Recently, there are several studies have proposed user authentication frameworks to defend against different types of attacks such as phishing, replay attack, man in the middle attack and denial of service attack, etc. Most of these frameworks consist of three main phases, which are the registration phase, login phase, and authentication phase. Most of them have the changing password process as an additional activity.Many problemshave been noticed in the performance of these frameworks. For example, the registration phase is valunerable to internal attack such as SYN flood attack. In this work, we aim to propose a robust user authentication framework that overcomes the previous framework shortages. The proposed framework provides many security aspects such as remote authentication, mutual authentication, session key establishment,to mention a few. Besides, to ensure the security through all phases of this framework, we add a new phase called a Service Access Authentication Phase (SAAP).This phase is resposable of the internal verification .
1) The document discusses a proposed Vulnerability Management System (VMS) to identify and manage software vulnerabilities.
2) It provides an overview of vulnerability management and discusses related work that has been done in vulnerability databases and tracking systems.
3) The proposed VMS would use morphological inspection and static analysis to assess vulnerabilities, store information in a database, and rank vulnerabilities based on severity. It would consist of a vulnerability scanner, process control platform, and data storage.
Security has always been a great concern for all software systems due to the increased incursion of the wireless devices in recent years. Generally software engineering processes tries to compel the security measures during the various design phases which results into an inefficient measure. So this calls for a new process of software engineering in which we would try to give a proper framework for integrating the security requirements with the SDLC, and in this requirement engineers must discover all the security requirements related to a particular system, so security requirement could be analyzed and simultaneously prioritized in one go. In this paper we will present a new technique for prioritizing these requirement based on the risk measurement techniques. The true security requirements should be easily identified as early as possible so that these could be systematically analyzed and then every architecture team can choose the most appropriate mechanism to implement them.
1. The document discusses the process of reverse engineering software to bypass protection schemes and enable unauthorized use.
2. It proposes a cognitive process model for reverse engineering software protections in 7 steps: analyzing the software, finding protection references, setting breakpoints, patching and testing, outputting the reversed software, optionally modifying the GUI, and testing the results.
3. The goal is to understand how crackers analyze and break software protections so researchers can design protections that are more difficult to circumvent.
Research Article On Web Application SecuritySaadSaif6
This Is The Totally Hand Written Research Article On
Web Application Security
(Improving Critical Web-based Applications Quality Through In depth Security Analysis)
This Research Article Was Made By Me After The Hard Working Of One Month. Its Best And Suitable For Your Research Paper And Also Used In Class For Present It And For Submission.
This document describes a proposed vulnerability management system (VMS) that aims to automate the process of scanning software applications to identify vulnerabilities. The proposed system uses a hybrid algorithm approach that incorporates features from existing vulnerability detection tools and algorithms. The algorithm involves five main phases: inspection, scanning, attack detection, analysis, and reporting. The algorithm is intended to increase the accuracy of vulnerability detection compared to existing systems. The proposed VMS system and hybrid algorithm were tested using various vulnerability scanning tools on virtual machines, and results demonstrated that the VMS could automate the vulnerability assessment process and generate reports on detected vulnerabilities with severity levels. The main limitation is that scans using the VMS may take more time than some existing tools.
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...IJCNCJournal
In the arms race between attackers and defenders, the significance of proactive security measures was evident. The implementation of well-considered countermeasures, which may encompass stringent access controls, regular system updates, intrusion detection systems, and behavioral analysis, emerged as vital strategies to thwart the ever-evolving landscape of APTs. Application Shimming is a tool in the Windows Application Compatibility framework that lets programs work on versions of the operating system they weren't originally made for. Due to this architecture, most programs that previously operated on Windows XP can now operate on Windows 10. Shimming takes parts from a Windows Application Compatibility database after parsing it. Shims, which were created for malware investigators, examine any entry that might have been exploited to compromise a Windows system. This research presents a framework that can compromise the target operating system along with the proposed mitigation techniques.
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...IJCNCJournal
In the arms race between attackers and defenders, the significance of proactive security measures was evident. The implementation of well-considered countermeasures, which may encompass stringent access controls, regular system updates, intrusion detection systems, and behavioral analysis, emerged as vital strategies to thwart the ever-evolving landscape of APTs. Application Shimming is a tool in the Windows Application Compatibility framework that lets programs work on versions of the operating system they weren't originally made for. Due to this architecture, most programs that previously operated on Windows XP can now operate on Windows 10. Shimming takes parts from a Windows Application Compatibility database after parsing it. Shims, which were created for malware investigators, examine any entry that might have been exploited to compromise a Windows system. This research presents a framework that can compromise the target operating system along with the proposed mitigation techniques.
DEPENDABLE WEB SERVICES SECURITY ARCHITECTURE DEVELOPMENT THEORETICAL AND PRA...cscpconf
This research “Designing Dependable Web Services Security Architecture Solutions” addresses
the innovative idea of Web Services Security Engineering using Web Services Security
Architecture with a research motivation of Secure Service Oriented Analysis and Design. It deals
with Web Services Security Architecture for Web Services Secure application design, for
Authentication and authorization, using Model Driven Architecture (MDA) based Agile Modeled
Layered Security Architecture design, which eventually results in enhanced dependable (privacy)
management. All the above findings are validated with appropriate case studies of Web 2.0
Services, its extension to Web 2.0 Mashups Spatial Web Services and various financial
applications. In this paper we discuss about Research Methodology for Designing Dependable Agile Layered Security Architectures, with validations on Spatial Web Services Case study.
Similar to Building a Distributed Secure System on Multi-Agent Platform Depending on the Principles of Software Engineering Life Cycle (20)
Leveraging Generative AI to Drive Nonprofit InnovationTechSoup
In this webinar, participants learned how to utilize Generative AI to streamline operations and elevate member engagement. Amazon Web Service experts provided a customer specific use cases and dived into low/no-code tools that are quick and easy to deploy through Amazon Web Service (AWS.)
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
This document provides an overview of wound healing, its functions, stages, mechanisms, factors affecting it, and complications.
A wound is a break in the integrity of the skin or tissues, which may be associated with disruption of the structure and function.
Healing is the body’s response to injury in an attempt to restore normal structure and functions.
Healing can occur in two ways: Regeneration and Repair
There are 4 phases of wound healing: hemostasis, inflammation, proliferation, and remodeling. This document also describes the mechanism of wound healing. Factors that affect healing include infection, uncontrolled diabetes, poor nutrition, age, anemia, the presence of foreign bodies, etc.
Complications of wound healing like infection, hyperpigmentation of scar, contractures, and keloid formation.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPRAHUL
This Dissertation explores the particular circumstances of Mirzapur, a region located in the
core of India. Mirzapur, with its varied terrains and abundant biodiversity, offers an optimal
environment for investigating the changes in vegetation cover dynamics. Our study utilizes
advanced technologies such as GIS (Geographic Information Systems) and Remote sensing to
analyze the transformations that have taken place over the course of a decade.
The complex relationship between human activities and the environment has been the focus
of extensive research and worry. As the global community grapples with swift urbanization,
population expansion, and economic progress, the effects on natural ecosystems are becoming
more evident. A crucial element of this impact is the alteration of vegetation cover, which plays a
significant role in maintaining the ecological equilibrium of our planet.Land serves as the foundation for all human activities and provides the necessary materials for
these activities. As the most crucial natural resource, its utilization by humans results in different
'Land uses,' which are determined by both human activities and the physical characteristics of the
land.
The utilization of land is impacted by human needs and environmental factors. In countries
like India, rapid population growth and the emphasis on extensive resource exploitation can lead
to significant land degradation, adversely affecting the region's land cover.
Therefore, human intervention has significantly influenced land use patterns over many
centuries, evolving its structure over time and space. In the present era, these changes have
accelerated due to factors such as agriculture and urbanization. Information regarding land use and
cover is essential for various planning and management tasks related to the Earth's surface,
providing crucial environmental data for scientific, resource management, policy purposes, and
diverse human activities.
Accurate understanding of land use and cover is imperative for the development planning
of any area. Consequently, a wide range of professionals, including earth system scientists, land
and water managers, and urban planners, are interested in obtaining data on land use and cover
changes, conversion trends, and other related patterns. The spatial dimensions of land use and
cover support policymakers and scientists in making well-informed decisions, as alterations in
these patterns indicate shifts in economic and social conditions. Monitoring such changes with the
help of Advanced technologies like Remote Sensing and Geographic Information Systems is
crucial for coordinated efforts across different administrative levels. Advanced technologies like
Remote Sensing and Geographic Information Systems
9
Changes in vegetation cover refer to variations in the distribution, composition, and overall
structure of plant communities across different temporal and spatial scales. These changes can
occur natural.
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...PECB
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
Building a Distributed Secure System on Multi-Agent Platform Depending on the Principles of Software Engineering Life Cycle
1. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 482
Building a Distributed Secure System on Multi-Agent Platform
Depending on the Principles of Software Engineering Life Cycle
Dr.Ghossoon M.Waleed Al-Saadoon ghowaleed2004@yahoo.com
College of Administrative Sciences,
Applied Science University
Kingdom of Bahrain ,Manama , Jufair, P.O.Box:5055
Tel : +( 973) 17728777- 149, Fax: +(973)17728915
Abstract
Today, applications in mobile multi-agent systems require a high degree of
confidence that running code inside the system will not be malicious. Also any
malicious agents must be identified and contained. Since the inception of mobile
agents, the intruder has been addressed using a multitude of techniques, but
many of these implementations have only addressed concerns from the position
of either the platform or the agents. Very few approaches have undertaken the
problem of mobile agent security from both perspectives simultaneously.
Furthermore, no middleware exists to facilitate provisioning of the required
security qualities of mobile agent software while extensively focusing on easing
the software development burden.The aim is to build a distributed secure
system using multi-agents by applying the principles of software engineering.
The objectives of this paper is to introduce multi agent systems that enhance
security rules through the access right to building a distributed secure system
integrating with principles of software engineering system life cycle, as well as
satisfy the security access right for both platform and agents to improve the
three characteristics of agents adaptively, mobility and flexibility, which is the
main problem that depending on the principles of software engineering life cycle.
There are 3 characteristics that satisfied using agent; mobility, adaptively and
flexibility. Adaptively (which is the capability to respond to other agencies and/or
environment to some degree). Mobility (the ability to transport itself from one
environment to another) and Flexibility (can be defined to include the following
properties; responsive, pro-active and social). This project based on the platform
of PHP and MYSQL (Database) which can be presented in a website. The
implementation and test are applied in both Linux and Windows platforms,
including Linux Red Hat 8, Linux Ubuntu 6.06 LTS and Microsoft Windows XP
Professional. Since PHP and MySQL are available in almost all operating
systems, the result could be tested the platform as long as PHP and MySQL
configuration is available.PHP5 and the MySQL (database) software are used to
build a secure website. Multiple techniques of security and authentications have
been used by multi-agents system. Secure database is encrypted by using md5.
Also satisfy the characteristics for security requirements: confidentiality
(protection from disclosure to unauthorized persons), integrity (maintaining data
consistency) and authentication (assurance of identity of person or originator of
data).
2. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 483
Keywords: Distributed Secure System, Platform, Multi Agent System, Access write, Lunix Read Hat , and
DM5.
1. INTRODUCTION
Mobile agent technology offers a new computing paradigm in which a software agent can
suspend its execution on a host computer, transfer itself to another agent-enabled host on the
network, and resume execution on the new host. The area of mobile agent security is in a state
of immaturity [1]. Numerous techniques exist to provide security for mobile agents, there is not at
present an overall framework that integrates compatible techniques into an effective security
model. The traditional host orientation toward security persists and focuses of protection
mechanisms within the mobile agent paradigm remains on protecting the agent platform.
However, emphasis is slowly moving toward developing techniques that are oriented toward
protecting the agent, a much more difficult problem. Fortunately, there are many applications
where conventional and emerging security techniques should prove adequate, if applied
judiciously. The software was building the new platform using multi-agent system. The Unified
Modeling Language (UML) used to build this prototype Model [2]. To make the software easier
and systematic, the software engineer must incorporate a development strategy that
encompasses the process, method and tool layers. This strategy is called Software Engineering
Paradigm to develop Process Model. This paper reviews a web based system and the Prototype
Model algorithm used for the system design [3, 4] as in Figure 1.
• The software designed a set of objectives to the users.[5,6].
• The software determines the requirements, and
• The user can review the existing software anytime.
FIGURE1: Software Engineering to Development Process Model
2. LITERATURE REVIEW
There are many literature sources that encourage over this paper. It has been significantly too
interpreted about agents and in depth security issues itself that elaborates. These are related
sources of the issue in the mobile agents. Adam Pridgen & Christine Julien ,2006, they
introduce a mobile agent system that enhances security functionality by integrating core
software and hardware assurance qualities, as well as addressing security concerns from the
perspectives of both the platform and the agent [7]. Loulou; Mohamed Jmaiel; Ahmed Hadj
Kacem and Mohamed Mosbah,2006, In order to facilitate analysis, design and specification of
mobile agent systems, the possible attacks that may occur in a mobile agent system, they
associate the specification of the basic concepts that ensuring security such as: agent
authenticity, authority access, security policy and its various kind [8]. Robert S. Gray, George
Cybenko, David Kotz, Ronald A. Peterson and Daniela Rus ,2001, the mobile agent systems
involved the relocation of both code and state information. The area of mobile agent security is
in a state of immaturity. While numerous techniques exist to provide security for mobile agents,
3. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 484
there is not at present an overall framework that integrates compatible techniques into an
effective security model [9].
3. METHODOLOGY
System development methodology is a necessary process to develop software .The
methodology consists of three main parts to build distributed Secure System using
characteristics on multi agent system for this platform and depending on the principles of
software engineering life cycle. From UML methodology, the software designer will able to
identify the tasks on software developments to present the software architecture and the
description of objects and their interactions with one another, as in Figure 2.The platform
assigns a newly originated or incoming agent to a requested location or place, where it can
compute and interact with other agents. Besides furnishing the engine on which an agent
executes its code, typical services offered by an agent platform include the capability for an
agent to clone itself, spawn or create new agents, terminate any spawned agents, locate other
agents at the platform or a platform elsewhere, send messages to other agents, and relocate
itself on another platform, all these process under the security rules and privilege from the
management server – web server.
FIGURE 2: Security Platform of Server-Client Architecture
3.1 System Design
In this project has been assumed that client-server websites are used. The security levels have
the rules and permission to access each data of clients-server.
The methodology will be divided into four main phases; Preliminary Requirements, Final
Requirements, Analysis and finally Design. The 1st stage for the preliminary requirements
includes activities which are defining the requirements, validate user requirements, define
consensual requirements, establish keywords set and extract limits and constraints.
The 2nd phase in final requirements include some tasks for instance, characterize environment.
The process is to determine the entities, define context and characterize environment. The
determination is the use cases; it will draw up inventory of the use cases, identify cooperation
failures and elaborate sequence diagrams. Follow up then is elaborate User Interface UI
prototypes and validate it.
4. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 485
The 3rd phase is the analysis process to identify classes, study interclass relationship and
construct the preliminary diagram to verify the global and local levels of mobile agents
adequacy. These processes are to know-how study the entities in the domain context and
determine agents between entities. All fields of study include the active-passive relationships,
active entities relationships and agents relationship.
The final phase is the design of the architecture and multi-agent mode that determine
packages, classes, design-patterns and elaborate component and class diagrams. Figure 3
shows the principles of software engineering applied in the security management life cycle,
FIGURE 3 :software engineering applied in the security management life cycle
3.2 System Requirements
Web applications run in two locations: the server and the client. This means that both locations
need to be developed to provide the best security for the user. The server needs to be
developed in such a way that information being stored is not compromised; while the client
needs to be developed to present and retrieved only the required information. A client that
divulges too much information is not likely to be secure.
The server is where all the application’s action is taken place. The PHP operates on a transitive
level for the web page between the client and the server. Figure 4 shows the separation of the
client and server.
5. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 486
FIGURE 4: PHP Process for Distributed System
3.3 Security Analysis Phase
This phase includes security in PHP and PHP security audit.
I. Security in PHP : it includes these requirements.
1.Security is not an absolute.
2.Can always be more or less secure
3.Security is difficult to measure.
4.Security must be balanced with usability.
5.Security must be balanced with expense.
6.Security must be part of the design.
7.The filter input for the most input is obvious - form data ($_GET and $_POST), cookies
($_COOKIE), RSS feeds, etc. While the output Escaping is the process by which user
escape any character that has a special meaning in a remote system. Unless user sending
data somewhere unusual, there is probably a function that performs the escaping for. The
two most common destinations are the client (use htmlentities ()) and MySQL (use
mysql_real_escape_string()). If it must write down, make sure that it is exhaustive - find a
reliable and complete list of all special characters.
II. PHP Security Audit
An audit is an examination and it does nothing should be off-limits. A PHP security audit
primarily involves an examination of the source code. Other points of interest are software
design, PHP configuration, and infrastructure security.
A. Setting the Bar
How much security is needed?
Start with a minimum level, and go from there. At the very least, a PHP application should
have filter input and escape output.
If a PHP application can't meet these minimum guidelines, it isn't worth a time.
B. Analyzing the Configuration
The configuration of PHP is mostly dictated by php.ini.
However, remember that PHP configuration directives can be modified in other places -
httpd.conf, .htaccess, ini_set().
Things to avoid: register_globals = On, allow_url_fopen = On, display_errors = On,
magic_quotes_gpc = On
6. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 487
C. Analyzing the Design
Have the design explained it first. No one knows an application as well as the developers.
A poor or unnecessarily complex design is a security risk.
Is tracking data difficult?
Is distinguishing between filtered and tainted data difficult?
Stream-of-consciousness is why so many PHP applications are insecure. This is why so many
PHP applications are insecure.
D. Searching the Source: Input
E. Searching the Source: Output
F. Searching the Source: Potential Problems
Check for dynamic includes that use tainted data: include, require.
Check for client-side restrictions: maxlength, radio, checkbox, select, Client-side filtering.
G. Searching the Source: Bad Habits
Error suppression :@
Misguided trust of HTTP request
Headers: Referer, Host
Unescaping: stripslashes(), etc.
The most common mistakes are sending tainted, unescaped data to the client or a database.
There are others that most website frequently used: storing the authorization level in a cookie;
passing the authorization level in the URL; storing the username and password in a cookie; and
storing includes within document root.
3.4 COMMUNICATION AND ANALYSIS PHASE
First, all relation information, such as hotel management information, are collected. A discussion
is completed with staff members and management and the requirements of system are
identified:
• To computerize the current hotel management system.
• To enable the customer to get information about the hotel.
• To enable management to view which staff is members conduct the process with the
customers.
• Accessibility to the program must be controlled. The users can’t access to the application
without authority.
• All levels of users have their own username and password.
• System administrator has the authority to add new user account.
• Staff members have the authority to add new customer records.
3.5 Quick Plan Phase
The system will display the login form when the web page is first accessed. The user needs to
enter their username and password. If the username and password is matched with the login
information stored in the database, the login is passed. Then the system will check the user level
of the login user. There are four user levels in the system:
Administrator, Staff, Manager and Customer.
Each user level has different functionality. Users cannot access additional functionality without
authority, as in Table 1.
7. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 488
TABLE 1: privilege for each security level
4. SECURITY FOR SYSTEM DESIGN
First the websites creates specific task with access right for Administration ID to display User
Login, Delete, Add new Group, and Add new User. The mobile agents are the interpreted
language. The language has to be interpreted, because moving of a running object requires
access to the global variables, or better to the current execution pointer and stack. The best way
to achieve this is using a virtual machine which executes the interpreter language.
4.1 Security Agent Management
The security agent management architecture is used to design the heterogeneous Database
Networks. The main activities of the administrator agent are the following:
• Roles Agent for creating the privileges for security and access control list.
• Creates administrator and local servers.
• Determines the group agents.
• Creating User that can deal in this platform.
In multi agents system based security agent management architecture, two main functionality
agents are recognized: Global agents and Local agents.
The management system in this project is districted from public access where the registered
users have authority to login the system. There are four user levels in this application:
Administrator, Staff, Manager and Customer. Each user has own name and password.
The login process is only performed if the textbox for username and password is filled.
Otherwise, a message will appear to ask the user to complete the login form. After the user
completes the form, the system will check the login information. If login is successful, the page
will redirect to the user home page. If login fails, a message will appear to prompt the user to
enter the correct username and password.
Accessibility user level: the Administrator and Staff. If the login is accepted, the page will be
redirected to the user home page, where all information posted by Administrator and Staff will be
displayed. The user menu will be displayed in the left side of each page after the successful
login . The announcement author is the same as the name of the logged in user. The date of the
announcement is the current date of the server PC when the announcement is submitted.
Administrator is the only user able to delete announcements. In Figure.6, to delete
announcements, simply choose “Edit Announcement” and click the “Delete” link that appear in
the bottom of the desired announcement.
Administrator Staff Manager Customer
View, add or delete
announcement.
View and add
announcement.
View and add
announcement.
View Result
View all the activities among
other users.
Add, delete and
update customers.
View customer
results.
Change
password
Add or remove system user. View customer
results.
Add, delete and
update staff.
View customer result. Change password. Change password.
8. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 489
Only the Administrator can add a new system user (Staff ) to control for security of the system.
The user is only added if all textboxes filled and the requested username does not exist in the
record. The Administrator will need to create an account for Staff. Then the Staff can add
customer information (users) into the database. Password for new user is initially encrypted. The
user can change the user password. The Administrator can also delete the user account in case
user information is incorrect or user has resigned or write some comments about security
encryption . Accessibility user level: System Administrator, Staff and Customer. The user needs
to enter their current password and new password twice. The password will be changed if :
4.2 Security Level Local Agents
The security of an administrator constitute a sub-set of hosts in a local network. It is composed
of a group of Local Agent (LA)s, which have specific functions. One can distinguish two kinds of
LA:
Intranet LA several Intranet Agents. The intranet agents manage the security of a local
network. It controls LA s and analyzes the auditing events reported by these agents.
Internet LA. In each level, notes agents communicate and exchange their information of
heterogeneous DBs and analysis for detecting intrusive activities in a cooperative manner.
4.3 ROLES AGENT
The access key attribute of an agent is that it is able to act autonomously. Agents can then take
on a wide range of responsibilities on behalf of users or other system entities including services
and entering into agreements. Additionally, an agent will often perform some tasks on behalf of
another entity. For example, (a software agent could perform a task on behalf of a person). It
could also perform on behalf of another piece of software (another agent), an organization, or a
particular role (manager, system administrator).
5. CONCLUSION
The software project was tested in both Linux and Windows platform, including Linux Red Hat 8,
Linux Ubuntu 6.06 LTS and Microsoft Windows XP Professional. Since PHP and MySQL are
available in almost all operating system,.
The security platform used to verify and validate multi-agents build the access write. The
security platform using mobile agents can satisfied the three characteristics (adaptively,
mobility and flexibility).The adaptively can be modified and updated the rules and privileges
to the system. While mobility, are the agents itself can be transport from one another to the
others platform.
The configuration of PHP, MySQL and also Apache web server is quite different in different
platforms. In Windows XP, the installation of AppServ will install PHP, MySQL, Apache,
phpMyAdmin at once. The configuration is done automatically. The PC can run as web
server after reboot. Anyway, the firewall of Windows XP need to turn off, otherwise the client
PC cannot access the web site hosted by server PC.
In Linux platform, PHP, MySQL and Apache web server normally is ready and installed. If
not, we can manually install them from software package. The directory of the web is located
in /vary/www/html. The services of apache and MySQL maybe not start automatically after
login to Linux platform depend on the system setting. If the services don’t start, we can type
a code in terminal window to manually start the services.
This system has the following strengthens, which will increase the commercialization potential:
• It can be run in many platforms such as Microsoft Windows, UNIX and Linux.
• Easy to configure and install in web server.
• The PHP and MySQL are free and open sourcing software’s , so very easy to install
and used in this project.
9. Ghossoon M.Waleed Al-Saadoon
International Journal of Computer Science and Security, (IJCSS), Volume (4): Issue (5) 490
6. REFERENCES
1. Dell’Acqua, P., M. Engberg, L.M. Pereira,” An Architecture for a Rational Reactive Agent”,
[online] available at:http://centria.di.fct.unl.pt/~lmp/publications/online-papers/epia03-
agent.pdf, 2003.
2. Marik, V., O. Stepankova, H. Krautwurmova, M. Luck.,” Multi agent systems and applications
II”, Springer-Verlag Berlin Heidelberg, 2002.
3. K. Rabuzin, M. Malekovic, Miroslav Baca (2006), “A SURVEY OF THE PROPERTIES
OF AGENTS” .pdf, University of Zagreb, Faculty of Organization and Informatics,
Varaždin
4. “An introduction to Agents, Todd Sundsted” , JavaWorld.com, 06/01/98, [online] available
at:http://www.javaworld.com/javaworld/jw-06-1998/jw-06-howto.html
5. Geppert, A., M. Kradolfer, D.Tombros: “Realization of Cooperative Agents Using an Active
Object-Oriented Database Management System”, Proc. 2nd Workshop on Rules in
Databases (RIDS), Athens, Greece, 1995.
6. Hayes-Roth, B.” An architecture for adaptive intelligent systems, Artificial Intelligence Vol. 72,
1995.
7. A. Pridgen and C. Julien, A Secure Modular Mobile Agent System, The University of
Texas at Austin, TR-UTEDGE-2006-003.
8. M. Loulou, M. Jmaiel,A.Hadj Kacem and M.Mosbah, “A Conceptual Model for Secure
Mobile Agent Systems”, computational intelligence and security, Proceedings of the 3rd
international conference on , Nov 3-6/2006. [online] available at:
http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=4072023.
9. Robert S. Gray, G. Cybenko, D. Kotz, Ronald A. Peterson and Daniela Rus ,“D’Agents:
Applications and Performance of a Mobile-Agent System”, Thayer School of Engineering /
Department of Computer Science,Dartmouth College,November 28, 2001.