ymeish的博客

Internet Traffic classification Demystified: Myths, Caveats, and the Best Practices

The TPM, a secure cryptographic integrated circuit (IC), provides a hardware-based approach to manage user authentication, network access, data protection and more that takes security to higher level than software-based security. Perhaps surprisingly to many IT and operations staff, the TPM can be combined with widely used enterprise hardware such as network policy enforcement points, including Checkpoint firewalls, Cisco switchers and routers, and other 802.1x-compatible devices.

Strong user authentication and device validation are essential for trusted digital interactions. Both are necessary to protect against inappropriate access to sensitive and confidential information and valued systems. Both are required to protect the integrity of the information, prevent corruption of the files, and ensure the integrity of those systems

Monitoring network traffic and detecting unwanted applications has become a challenging problem, since many applications obfuscate their traffic using unregistered port numbers or payload encryption. Apart from some notable exceptions, most traffic monitoring tools use two types of approaches: (a) keeping traffic statistics such as packet sizes and interarrivals, flow counts, byte volumes, etc., or (b) analyzing packet content. In this paper, we propose the use of Traffic Dispersion Graphs (TDGs) as a way to monitor, analyze, and visualize network traffic. TDGs model the social behavior of hosts (“who talks to whom”), where the edges can be defined to represent different interactions (e.g. the exchange of a certain number or type of packets). With the introduction of TDGs, we are able to harness a wealth of tools and graph modeling techniques from a diverse set of disciplines

The following use cases are described: 1) The Mobile use case describes a situation of user access from less trusted networks. The objective is to provide user identity protection preserving disclosure to unauthorized entity. 2) The federated WLAN use case where users can access different WLAN networks using their credentials - issued by different authorities/domains - while preserving their privacy. 3) Many Internet of Things use cases or edge scenarios where data access mechanisms are actioned either in the network or on the device. 4) The Cloud use case where a third party accesses personal data from the Cloud Service Provider. The present document also provides recommendations on the ABE scheme to use for each use case

The specifications address the following aspects: • Identification of an ABE scheme covering both the Ciphertext-Policy and Key-Policy variants • Definition of interactions between the data sources, the service providers and the authority releasing attributes and key material • Mechanisms for keys, policies, and attributes distribution • Mechanisms for secret key expiration and revocation • Definition of semantics for a basic set of attributes to ensure interoperability • Mapping to a standard Public Key Infrastructure X.509 • Mapping to a standard assertion protocol (SAML) • Definition of a policy schema for data access control • Identification of limitations compared to traditional ABAC features • Translation rules to XACML • Definition of new protocol bindings when existing bindings do not cover the deployment scenario (e.g. a CoAP binding for the IoT case)

These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of subjects interacting with government systems over open networks, establishing that a given claimant is a subscriber who has been previously authenticated. The result of the authentication process may be used locally by the system performing the authentication or may be asserted elsewhere in a federated identity system. This document defines technical requirements for each of the three authenticator assurance levels. This publication supersedes corresponding sections of NIST Special Publication (SP) 800-63-2

ew blockchain-based business models are enabled. The system could create an extremely fast and secure network for electric car charging station availability and payment. Further into the future, it may also prove essential to self-driving cars. Information from a self-driving Porsche on road conditions, could be uploaded and distributed across the blockchain. From there, other vehicles’ software connected to the system could access and analyze the information to provide a warning to traffc congestion or inclement weather

This research represents a model of buying and selling lotteries system on Blockchain by using Ethereum network to determines the conditions for the purchasing of the lottery and reward the prize winner. Our system uses Ethereum coins to buy and reward the prize for convenience in term of speed and also reduce the problems which is unable to be controlled by the government. For example, lottery agents (intermediaries) may sell the lottery at overprice, and reward the winners at a lower than appropriate rate. Additionally, the most important problem is the verification of the real owner of the lottery.

Blockchain is receiving increasing attention from academy and industry, since it is considered a breakthrough technology that could bring huge benefits to many different sectors. In 2017, Gartner positioned blockchain close to the peak of inflated expectations, acknowledging the enthusiasm for this technology that is now largely discussed by media. In this scenario, the risk to adopt it in the wake of enthusiasm, without objectively judging its actual added value is rather high. Insurance is one the sectors that, among others, started to carefully investigate the possibilities of blockchain. For this specific sector, however, the hype cycle shows that the technology is still in the innovation trigger phase, meaning that the spectrum of possible applications has not been fully explored yet. Insurers, as with many other companies not necessarily active only in the financial sector, are currently requested to make a hard decision, that is, whether to adopt blockchain or not, and they will only know if they were right in 3–5 years. The objective of this paper is to support actors involved in this decision process by illustrating what a blockchain is, analyzing its advantages and disadvantages, as well as discussing several use cases taken from the insurance sector, which could easily be extended to other domains

blockchain business impact can be ground-breaking, according to the survey conducted in the report Blockchain in Insurance: Risk Not, Reap Not, 86% of respondents affirmed the very important impact of blockchain on the insurance industry, from which 54% even predicted the transformation of the industry citing potential benefits that can be felt in speeding claim process, simplifying and upgrading administrative processes, and record keeping offering more transparency in addition to fraud reduction.

blockchain business impact can be ground-breaking, according to the survey conducted in the report Blockchain in Insurance: Risk Not, Reap Not, 86% of respondents affirmed the very important impact of blockchain on the insurance industry, from which 54% even predicted the transformation of the industry citing potential benefits that can be felt in speeding claim process, simplifying and upgrading administrative processes, and record keeping offering more transparency in addition to fraud reduction.

AI Blockchain,The Proof of Work (PoW) scheme in the context of cryptocurrency was first used in bitcoin and served as a mechanism to provide assurance that a miner had completed the required number of work in order to find a block. This in return provided decentralization, security, and stability for the blockchain.

princeton_bitcoin_book

"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit ProjectThe Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users.

Introduction to Modern Cryptography.pdf

quantum cryptography

opengis开源gis ppt

opengis开源gis中文规范

windows图形编程（中文扫描版）