With the Amazon EC2 Cloud becoming available as a viable platform for parallel computing, Earth System Models are increasingly interested in leveraging its capabilities towards improving climate ...projections. In particular, faced with long wait periods on high-end clusters, the elasticity of the Cloud presents a unique opportunity of potentially “infinite” availability of small-sized clusters running on high-performance instances. Among specific applications of this new paradigm, we show here how uncertainty quantification in climate projections of polar ice sheets (Antarctica and Greenland) can be significantly accelerated using the Cloud. Indeed, small-sized clusters are very efficient at delivering sensitivity and sampling analysis, core tools of uncertainty quantification. We demonstrate how this approach was used to carry out an extensive analysis of ice-flow projections on one of the largest basins in Greenland, the North-East Greenland Glacier, using the Ice Sheet System Model, the public-domain NASA-funded ice-flow modeling software. We show how errors in the projections were accurately quantified using Monte-Carlo sampling analysis on the EC2 Cloud, and how a judicious mix of high-end parallel computing and Cloud use can best leverage existing infrastructures, and significantly accelerate delivery of potentially ground-breaking climate projections, and in particular, enable uncertainty quantification that were previously impossible to achieve.
•NASA/JPL's Ice Sheet System Model ported to the Amazon EC2 Cloud.•First ever application of Cloud computing to modeling of polar ice flow.•Combining ISSM high-end and EC2 Cloud computing accelerates delivery of projections.•Cloud elasticity eliminates batch queuing time in uncertainty quantification runs.•Demonstrates feasibility of uncertainty quantification in sea-level projections.
Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network ...construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.
Information system security must battle regularly with new threats that jeopardize the protection of those systems. Security tests have to be run periodically not only to identify vulnerabilities but ...also to control information systems, network devices, services and communications. Vulnerability assessments gather large amounts of data to be further analyzed by security experts, who recently have started using data analysis techniques to extract useful knowledge from these data. With the aim of assisting this process, this work presents CAOS, an evolutionary multiobjective approach to be used to cluster information of security tests. The process enables the clustering of the tested devices with similar vulnerabilities to detect hidden patterns, rogue or risky devices. Two different types of metrics have been selected to guide the discovery process in order to get the best clustering solution: general-purpose and specific-domain objectives. The results of both approaches are compared with the state-of-the-art single-objective clustering techniques to corroborate the benefits of the clustering results to security analysts.
For the last few years a considerable number of efforts have been devoted into integrating security issues into information systems development practices. This has led to a number of languages, ...methods, methodologies and techniques for considering security issues during the developmental stages of an information system. However, these approaches mainly focus on security requirements elicitation, analysis and design issues and neglect testing. This paper presents the Security Attack Testing (SAT) approach, a novel scenario-based approach that tests the security of an information system at the design time. The approach is illustrated with the aid of a real-life case study involving the development of a health and social care information system.
Password Security: An Empirical Study Zviran, Moshe; Haga, William J.
Journal of management information systems,
04/1999, Volume:
15, Issue:
4
Journal Article
Peer reviewed
Organizations are more dependent than ever on the reliable operation of their information systems, which have become a key to their success and effectiveness. While the growing dependence on ...information systems creates an urgent need to collect information and make it accessible, the proliferation of computer technology has also spawned opportunities for ill-intentioned individuals to violate the information systems' integrity and validity.
One of the most common control mechanisms for authenticating users of computerized information systems is the use of passwords. However, despite the widespread use of passwords, little attention has been given to the characteristics of their actual use. This paper addresses the gap in evaluating the characteristics of real-life passwords and presents the results of an empirical study on password usage. It investigates the core characteristics of user-generated passwords and associations among those characteristics.
A Research Agenda for Security Engineering Rich Goyette; Yan Robichaud; François Marinier
Technology innovation management review,
08/2013
August 2013: Cybersecurity
Journal Article
Peer reviewed
Open access
Despite nearly 30 years of research and application, the practice of information system security engineering has not yet begun to exhibit the traits of a rigorous scientific discipline. As ...cyberadversaries have become more mature, sophisticated, and disciplined in their tradecraft, the science of security engineering has not kept pace. The evidence of the erosion of our digital security – upon which society is increasingly dependent – appears in the news almost daily. In this article, we outline a research agenda designed to begin addressing this deficit and to move information system security engineering toward a mature engineering discipline. Our experience suggests that there are two key areas in which this movement should begin. First, a threat model that is actionable from the perspectives of risk management and security engineering should be developed. Second, a practical and relevant security-measurement framework should be developed to adequately inform security-engineering and risk-management processes. Advances in these areas will particularly benefit business/government risk assessors as well as security engineers performing security design work, leading to more accurate, meaningful, and quantitative risk analyses and more consistent and coherent security design decisions. Threat modelling and security measurement are challenging activities to get right – especially when they need to be applied in a general context. However, these are decisive starting points because they constitute the foundation of a scientific security-engineering practice. Addressing these challenges will require stronger and more coherent integration between the sub-disciplines of risk assessment and security engineering, including new tools to facilitate that integration. More generally, changes will be required in the way security engineering is both taught and practiced to take into account the holistic approach necessary from a mature, scientific discipline.
Growing sophistication among cyber threats has posed increasing challenges to the security and reliability of information systems, especially in the face of zero-day attacks that exploit unknown ...vulnerabilities. This paper introduces an innovative application of Artificial Intelligence (AI), specifically the adoption of Wasserstein Generative Adversarial Networks with Gradient Penalty (WGAN-GP), to support Intrusion Detection Systems (IDS) to strengthen defences against such attacks. This research focuses on using the WGAN-GP to generate network traffic data in simulating the unpredictable patterns of zero-day attacks. It utilises the widely used network traffic dataset NSL-KDD to conduct data expansion. This approach leverages data generated by the WGAN-GP to train detection systems, enabling them to learn and identify subtle signatures of zero-day attacks. Experimental evaluation demonstrates that the WGAN-GP model can improve the accuracy of zero-day attack detection. In comparison to other methods, such as Convolutional Neural Networks (CNN), the detection accuracy is increased by 2.3% and 2% for binary and multi-classification, respectively. This work shows that combining IDS with advanced generative AI models, such as WGAN-GP, can significantly enhance the security of information systems in identifying and mitigating risks posed by zero-day attacks.