Biblio

Network security is a problem that is of great concern to all countries at this stage. How to ensure that the network provides effective services to people without being exposed to potential security threats has become a major concern for network security researchers. In order to better understand the network security situation, researchers have studied a variety of quantitative assessment methods, and the most scientific and effective one is the hierarchical quantitative assessment method of the network security threat situation. This method allows the staff to have a very clear understanding of the security of the network system and make correct judgments. This article mainly analyzes the quantitative assessment of the hierarchical network security threat situation from the current situation and methods, which is only for reference.

Cloud computing is a model of service provisioning in heterogeneous distributed systems that encourages many researchers to explore its benefits and drawbacks in executing workflow applications. Recently, high-quality security protection has been a new challenge in workflow allocation. Different tasks may and may not have varied security demands, security overhead may vary for different virtual machines (VMs) at which the task is assigned. This paper proposes a Security Oriented Deadline-Aware workflow allocation (SODA) strategy in an IaaS cloud environment to minimize the risk probability of the workflow tasks while considering the deadline met in a deterministic environment. SODA picks out the task based on the highest security upward rank and assigns the selected task to the trustworthy VMs. SODA tries to simultaneously satisfy each task’s security demand and deadline at the maximum possible level. The simulation studies show that SODA outperforms the HEFT strategy on account of the risk probability of the cloud system on scientific workflow, namely CyberShake.

A considerable portion of computing power is always required to perform symbolic calculations. The reliability and effectiveness of algorithms are two of the most significant challenges observed in the field of scientific computing. The terms “feasible calculations” and “feasible computations” refer to the same idea: the algorithms that are reliable and effective despite practical constraints. This research study intends to investigate different types of computing and modelling challenges, as well as the development of efficient integration methods by considering the challenges before generating the accurate results. Further, this study investigates various forms of errors that occur in the process of data integration. The proposed framework is based on automata, which provides the ability to investigate a wide-variety of distinct distance-bounding protocols. The proposed framework is not only possible to produce computational (in)security proofs, but also includes an extensive investigation on different issues such as optimal space complexity trade-offs. The proposed framework in embedded with the already established symbolic framework in order to get a deeper understanding of distance-bound security. It is now possible to guarantee a certain level of physical proximity without having to continually mimic either time or distance.

Cooperative secure computing based on the relationship between numerical value and numerical interval is not only the basic problems of secure multiparty computing but also the core problems of cooperative secure computing. It is of substantial theoretical and practical significance for information security in relation to scientific computing to continuously investigate and construct solutions to such problems. Based on the Goldwasser-Micali homomorphic encryption scheme, this paper propose the Morton rule, according to the characteristics of the interval, a double-length vector is constructed to participate in the exclusive-or operation, and an efficient cooperative decision-making solution for integer and integer interval security is designed. This solution can solve more basic problems in cooperative security computation after suitable transformations. A theoretical analysis shows that this solution is safe and efficient. Finally, applications that are based on these protocols are presented.

With the development of cloud computing technology, more and more scientific researchers choose to deliver scientific workflow tasks to public cloud platforms for execution. This mode effectively reduces scientific research costs while also bringing serious security risks. In response to this problem, this article summarizes the current security issues facing cloud scientific workflows, and analyzes the importance of studying cloud scientific workflow security issues. Then this article analyzes, summarizes and compares the current cloud scientific workflow security methods from three perspectives: system architecture, security model, and security strategy. Finally made a prospect for the future development direction.

With the continuous development of computer technology, the coverage of informatization solutions covers all walks of life and all fields of society. For colleges and universities, teaching and scientific research are the basic tasks of the school. The scientific research ability of the school will affect the level of teachers and the training of students. The establishment of a good scientific research environment has become a more important link in the development of universities. SR(Scientific research) data is a prerequisite for SR activities. High-quality SR management data services are conducive to ensuring the quality and safety of SRdata, and further assisting the smooth development of SR projects. Therefore, this article mainly conducts research and practice on cloud computing-based scientific research management data services in colleges and universities. First, analyze the current situation of SR data management in colleges and universities, and the results show that the popularity of SR data management in domestic universities is much lower than that of universities in Europe and the United States, and the data storage awareness of domestic researchers is relatively weak. Only 46% of schools have developed SR data management services, which is much lower than that of European and American schools. Second, analyze the effect of CC(cloud computing )on the management of SR data in colleges and universities. The results show that 47% of SR believe that CC is beneficial to the management of SR data in colleges and universities to reduce scientific research costs and improve efficiency, the rest believe that CC can speed up data storage and improve security by acting on SR data management in colleges and universities.

A huge number of cloud users and cloud providers are threatened of security issues by cloud computing adoption. Cloud computing is a hub of virtualization that provides virtualization-based infrastructure over physically connected systems. With the rapid advancement of cloud computing technology, data protection is becoming increasingly necessary. It's important to weigh the advantages and disadvantages of moving to cloud computing when deciding whether to do so. As a result of security and other problems in the cloud, cloud clients need more time to consider transitioning to cloud environments. Cloud computing, like any other technology, faces numerous challenges, especially in terms of cloud security. Many future customers are wary of cloud adoption because of this. Virtualization Technologies facilitates the sharing of recourses among multiple users. Cloud services are protected using various models such as type-I and type-II hypervisors, OS-level, and unikernel virtualization but also offer a variety of security issues. Unfortunately, several attacks have been built in recent years to compromise the hypervisor and take control of all virtual machines running above it. It is extremely difficult to reduce the size of a hypervisor due to the functions it offers. It is not acceptable for a safe device design to include a large hypervisor in the Trusted Computing Base (TCB). Virtualization is used by cloud computing service providers to provide services. However, using these methods entails handing over complete ownership of data to a third party. This paper covers a variety of topics related to virtualization protection, including a summary of various solutions and risk mitigation in VMM (virtual machine monitor). In this paper, we will discuss issues possible with a malicious virtual machine. We will also discuss security precautions that are required to handle malicious behaviors. We notice the issues of investigating malicious behaviors in cloud computing, give the scientific categorization and demonstrate the future headings. We've identified: i) security specifications for virtualization in Cloud computing, which can be used as a starting point for securing Cloud virtual infrastructure, ii) attacks that can be conducted against Cloud virtual infrastructure, and iii) security solutions to protect the virtualization environment from DDOS attacks.

This paper establishes a vector autoregressive model based on the current development status of the digital economy and studies the correlation between the digital economy and economic growth MIS from a dynamic perspective, and found that the digital economy has a strong supporting role in the growth of the total economic volume. The coordination degree model calculates the scientific and technological innovation capabilities of China's 30 provinces (except Tibet) from 2018 to 2022, and the coordination, green, open, and shared level of high-quality economic development. The basic principles of the composition of the security measurement are expounded, and the measurement information model can be used as a logic model. The analysis of security measure composition summarizes the selection principle and selection process of security measurement, and analyzes and compares the measure composition methods in several typical security measurement methods.

Nowadays, peoples are very concerned about their data privacy. Hence, all the current security methods should be improved to stay relevant in this fast-growing technology world. Visual Cryptography (VC) is a cryptographic technique that using the image processing method. The implementation of VC can be varying and flexible to be applied to the system that requires an extra security precaution as it is one of the effective solutions in securing the data exchange between two or more parties. The main purpose of the development of V-CRYPT System is to improve the current VC technique and make it more complex in the encryption and decryption process. V-CRYPT system will let the user enter the key, then select the image that they want to encrypt, and the system will split the image into four shares: share0, share1, share2, share3. Each pixel of the image will be splatted into a smaller block of subpixels in each of the four shares and encrypted as two subpixels in each of the shares. The decryption will work only when the user selects all the shares, and the correct text key is entered. The system will superimpose all the shares and producing one perfect image. If the incorrect key is entered, the resulted image will be unidentified. The results show that V- CRYPT is a valuable alternative to existing methods where its security level is higher in terms of adding a secure key and complexity.

With the advancement of network technology, users can now easily gain access to and benefit from networks. However, the number of network violations is increasing. The main issue with this violation is that irresponsible individuals are infiltrating the network. Network intrusion can be interpreted in a variety of ways, including cyber criminals forcibly attempting to disrupt network connections, gaining unauthorized access to valuable data, and then stealing, corrupting, or destroying the data. There are already numerous systems in place to detect network intrusion. However, the systems continue to fall short in detecting and counter-attacking network intrusion attacks. This research aims to enhance the detection of Denial of service (DoS) by identifying significant features and identifying abnormal network activities more accurately. To accomplish this goal, the study proposes an Intrusion Analysis System for detecting Denial of service (DoS) network attacks using machine learning. The accuracy rate of the proposed method using random forest was demonstrated in our experimental results. It was discovered that the accuracy rate with each dataset is greater than 98.8 percent when compared to traditional approaches. Furthermore, when features are selected, the detection time is significantly reduced.

Scientific applications built on wide-area distributed systems such as emerging cloud based architectures and the legacy grid computing infrastructure often struggle with user adoption even though they succeed from a systems research perspective. This paper examines the coupling of user-centered design processes with modern distributed systems. Further in this paper, we describe approaches for conceptualizing a product that solves a recognized need: to develop a data gateway to serve the data management and research needs of experimentalists of electron microscopes and similar shared scientific instruments in the context of a research service laboratory. The purpose of the data gateway is to provide secure, controlled access to data generated from a wide range of scientific instruments. From the functional perspective, we focus on the basic processing of raw data that underlies the lab's "business" processes, the movement of data from the laboratory to central access and archival storage points, and the distribution of data to respective authorized users. Through the gateway interface, users will be able to share the instrument data with collaborators or copy it to remote storage servers. Basic pipelines for extracting additional metadata (through a pluggable parser framework) will be enabled. The core contribution described in this paper, building on the aforementioned distributed data management capabilities, is the adoption of user-centered design processes for developing the scientific user interface. We describe the user-centered design methodology for exploring user needs, iteratively testing the design, learning from user experiences, and adapting what we learn to improve design and capabilities. We further conclude that user-centered design is, in turn, best enabled by an adaptable distributed systems framework. A key challenge to implementing a user-centered design is to have design tools closely linked with a software system architecture that can evolve over time while providing a highly available data gateway. A key contribution of this paper is to share the insights from crafting such an evolvable design-build-evaluate-deploy architecture and plans for iterative development and deployment.

The HPC application community has proposed many new application communication structures, middleware interfaces, and communication models to improve HPC application performance. Modifying proxy applications is the standard practice for the evaluation of these novel methodologies. Currently, this requires the creation of a new version of the proxy application for each combination of the approach being tested. In this article, we present a modular proxy-application framework, MiniMod, that enables evaluation of a combination of independently written computation kernels, data transfer logic, communication access, and threading libraries. MiniMod is designed to allow rapid development of individual modules which can be combined at runtime. Through MiniMod, developers only need a single implementation to evaluate application impact under a variety of scenarios.We demonstrate the flexibility of MiniMod’s design by using it to implement versions of a heat diffusion kernel and the miniFE finite element proxy application, along with a variety of communication, granularity, and threading modules. We examine how changing communication libraries, communication granularities, and threading approaches impact these applications on an HPC system. These experiments demonstrate that MiniMod can rapidly improve the ability to assess new middleware techniques for scientific computing applications and next-generation hardware platforms.

This paper proposes an artificial immune information security protection technology architecture for embedded system of Electric power equipment. By simulating the three functions of human immunity, namely "immune homeostasis", "immune surveillance" and "immune defense", the power equipment is endowed with the ability of human like active immune security protection. Among them, "immune homeostasis" is constructed by trusted computing technology components to establish a trusted embedded system running environment. Through fault-tolerant component construction, "immune surveillance" and "immune defense" realize illegal data defense, business logic legitimacy check and equipment status evaluation, realize real-time perception and evaluation of power equipment's own security status, as well as fault emergency handling and event backtracking record, so that power equipment can realize self recovery from abnormal status. The proposed technology architecture is systematic, scientific and rich in scalability, which can significantly improve the information security protection ability of electric power equipment.

Internet of Things (IoT) wireless devices has the capability to interconnect small footprint devices and its key purpose is to have seamless connection without operational barriers. It is built upon a three-layer (Perception, Transportation and Application) protocol stack architecture. A multitude of security principles must be imposed at each layer for the proper and efficient working of various IoT applications. In the forthcoming years, it is anticipated that IoT devices will be omnipresent, bringing several benefits. The intrinsic security issues in conjunction with the resource constraints in IoT devices enables the proliferation of security vulnerabilities. The absence of specifically designed IoT frameworks, specifications, and interoperability issues further exacerbate the challenges in the IoT arena. This paper conducts an investigation in IoT wireless security with a focus on the major security challenges and considerations from an IoT protocol stack perspective. The vulnerabilities in the IoT protocol stack are laid out along with a gap analysis, evaluation, and the discussion on countermeasures. At the end of this work, critical issues are highlighted with the aim of pointing towards future research directions and drawing conclusions out of it.

Quantum computers have the potential to outshine classical alternatives in solving specific problems, under the assumption of mature enough hardware. A specific subset of these problems relate to military applications. In this paper we consider the state-of-the-art of quantum technologies and different applications of this technology. Additionally, four use-cases of quantum computing specific for military applications are presented. These use-cases are directly in line with the 2021 AI strategic agenda of the Netherlands Ministry of Defense.

A door enables you to enter a room without breaking through a wall. Also, a door enables you for privacy, environmental or security reasons. The problem statement which is the biometric system sometimes is sensitive and will not be able to sense the biological pattern of the employer’s fingerprint due to sweat and other factors. Next, people tend to misplace their key or RFID card. Apart from that, people tend to forget their pin number for a door lock. The objective of this paper is to present a secret knock intensity for door lock security system using Arduino and mobile. This project works by using a knock intensity and send the information to mobile application via wireless network to unlock or lock the door.

Scientific computing sometimes involves computation on sensitive data. Depending on the data and the execution environment, the HPC (high-performance computing) user or data provider may require confidentiality and/or integrity guarantees. To study the applicability of hardware-based trusted execution environments (TEEs) to enable secure scientific computing, we deeply analyze the performance impact of general purpose TEEs, AMD SEV, and Intel SGX, for diverse HPC benchmarks including traditional scientific computing, machine learning, graph analytics, and emerging scientific computing workloads. We observe three main findings: 1) SEV requires careful memory placement on large scale NUMA machines (1×-3.4× slowdown without and 1×-1.15× slowdown with NUMA aware placement), 2) virtualization-a prerequisite for SEV- results in performance degradation for workloads with irregular memory accesses and large working sets (1×-4× slowdown compared to native execution for graph applications) and 3) SGX is inappropriate for HPC given its limited secure memory size and inflexible programming model (1.2×-126× slowdown over unsecure execution). Finally, we discuss forthcoming new TEE designs and their potential impact on scientific computing.

Both the data science and scientific computing communities are embracing GPU acceleration for their most demanding workloads. For scientific computing applications, the massive volume of code and diversity of hardware platforms at supercomputing centers has motivated a strong effort toward performance portability. This property of a program, denoting its ability to perform well on multiple architectures and varied datasets, is heavily dependent on the choice of parallel programming model and which features of the programming model are used. In this paper, we evaluate performance portability in the context of a data science workload in contrast to a scientific computing workload, evaluating the same sparse matrix kernel on both. Among our implementations of the kernel in different performance-portable programming models, we find that many struggle to consistently achieve performance improvements using the GPU compared to simple one-line OpenMP parallelization on high-end multicore CPUs. We show one that does, and its performance approaches and sometimes even matches that of vendor-provided GPU math libraries.

Digitalization of production and management as the imperatives of Industry 4.0 stipulated the requirements of state regulators for informing and training personnel of a significant object of critical information infrastructure. However, the attention of industrial enterprises to this problem is assessed as insufficient. This determines the relevance and purpose of this article - to develop a methodology and tool for raising the awareness of workers of an industrial enterprise about information security (IS) of significant objects of critical information infrastructure. The article reveals the features of training at industrial enterprises associated with a high level of development of safety and labor protection systems. Traditional and innovative methods and means of training personnel at the workplace within the framework of these systems and their opportunities for training in the field of information security are shown. The specificity of the content and forms of training employees on the security of critical information infrastructure has been substantiated. The scientific novelty of the study consists in the development of methods and software applications that can perform the functions of identifying personal qualities of employees; testing the input level of their knowledge in the field of IS; testing for knowledge of IS rules (by the example of a response to socio-engineering attacks); planning an individual thematic plan for employee training; automatic creation of a modular program and its content; automatic notification of the employee about the training schedule at the workplace; organization of training according to the schedule; control self-testing and testing the level of knowledge of the employee after training; organizing a survey to determine satisfaction with employee training. The practical significance of the work lies in the possibility of implementing the developed software application in industrial enterprises, which is confirmed by the successful results of its testing.

Practical activities usually require the ability to simultaneously work with internal, distributed information resources and access to the Internet. The need to solve this problem necessitates the use of appropriate administrative and technical methods to protect information. Such methods relate to the idea of domain isolation. This paper considers the principles of implementation and properties of an "Endpoint Cloud Terminal" that is general-purpose software tool with built-in security instruments. This apparatus solves the problem by combining an arbitrary number of isolated and independent workplaces on one hardware unit, a personal computer.

This paper is focused on the topic of the use of biometrics framework and strategy for secure access identity management of cloud computing services. This paper present's a description of cloud computing security issues and explored a review of previous works that represented various ideas for a cloud access framework. This paper discusses threats like a malicious insider, data breaches, and describes ways to protect them. It describes an innovative way portrayed a framework that fingerprint access-based authentication to protect Cloud services from unauthorized access and DOS, DDoS attacks. This biometrics-based framework as an extra layer of protection, added then it can be robust to prevent unauthorized access to cloud services.

In a previous article [1] we proposed a layered framework to support the assessment of the security risks associated with the use of autonomous vehicles in military operations and determine how to manage these risks appropriately. We established consistent terminology and defined the problem space, while exploring the first layer of the framework, namely risks from the mission assurance perspective. In this paper, we develop the second layer of the framework. This layer focuses on the risk assessment of the vehicles themselves and on producing a highlevel security design adequate for the mission defined in the first layer. To support this process, we also define a reference model for autonomous vehicles to use as a common basis for the assessment of risks and the design of the security controls.

Energy efficiency evaluation (EEE) is a research difficulty in the field of cloud computing. The current research mainly considers the relevant energy efficiency indicators of cloud systems and weights the interrelationship between energy consumption, system performance and QoS requirements. However, it lacks a combination of subjective and objective, qualitative and quantitative evaluation method to accurately evaluate the energy efficiency of cloud systems. We propose a novel EEE method based on the QoS parameter specification for cloud systems (EEE-QoS). Firstly, it reduces the metric values that affect QoS requirements to the same dimension range and then establishes a belief rule base (BRB). The best-worst method is utilized to determine the initial weights of the premise attributes in the BRB model. Then, the BRB model parameters are optimized by the mean-square error, the activation weight is calculated, and the activation rules of the evidence reasoning algorithm are integrated to evaluate the belief of the conclusion. The quantitative and qualitative evaluation of the energy efficiency of cloud systems is realized. The experiments show that the proposed method can accurately and objectively evaluate the energy efficiency of cloud systems.

The accelerated growth of computing technologies has provided interdisciplinary teams a platform for producing innovative research at an unprecedented speed. Advanced scientific cyberinfrastructures, in particular, provide data storage, applications, software, and other resources to facilitate the development of critical scientific discoveries. Users of these environments often rely on custom developed virtual machine (VM) images that are comprised of a diverse array of open source applications. These can include vulnerabilities undetectable by conventional vulnerability scanners. This research aims to identify the installed applications, their vulnerabilities, and how they vary across images in scientific cyberinfrastructure. We propose a novel unsupervised graph embedding framework that captures relationships between applications, as well as vulnerabilities identified on corresponding GitHub repositories. This embedding is used to cluster images with similar applications and vulnerabilities. We evaluate cluster quality using Silhouette, Calinski-Harabasz, and Davies-Bouldin indices, and application vulnerabilities through inspection of selected clusters. Results reveal that images pertaining to genomics research in our research testbed are at greater risk of high-severity shell spawning and data validation vulnerabilities.

Cloud computing, a multipurpose and high-performance internet-based computing, can model and transform a large range of application requirements into a set of workflow tasks. It allows users to represent their computational needs conveniently for data retrieval, reformatting, and analysis. However, workflow applications are big data applications and often take long hours to finish executing due to their nature and data size. In this paper, we study the cost optimised scheduling algorithms in cloud and proposed a novel task splitting algorithm named Cost optimised Heuristic Algorithm (COHA) for the cloud scheduler to optimise the execution cost. In this algorithm, the large tasks are split into sub-tasks to reduce their execution time. The design purpose is to enable all tasks to adequately meet their deadlines. We have carefully tested the performance of the COHA with a list of workflow inputs. The simulation results have convincingly demonstrated that COHA can effectively perform VM allocation and deployment, and well handle randomly arrived tasks. It can efficiently reduce execution costs while also allowing all tasks to properly finish before their deadlines. Overall, the improvements in our algorithm have remarkably reduced the execution cost by 32.5% for Sipht, 3.9% for Montage, and 1.2% for CyberShake workflows when compared to the state of art work.