In each entry, “Y” means the corresponding system has that functionality, and “-” means otherwise.
According to this result, it shows that every securitysystem would have three basic functionalities – the authentication to provide identification, the confidentiality to protect transmitted data, and the integrity to ensure correctness. Therefore, our proposed SMSsystem follows such two great security systems and put these as our basic requirements. To supplement the lack of other functionalities of Kerberos, we enhance the audit and access control parts on SMS. Finally, we integrated the LDAP and build up a well-defined interface to link up with existing enterprise application systems. The most advantage benefited from the LDAP server is the instantaneity reaction of personnel modification. Once the personnel department has changed the configuration of account, this event will be adopted immediately on management server to reduce the risk of authority abuse.
computers by command-and-control (C&C) server. Botnet causes many security problems, such as DDoS attacks, spam mail, phishing, click fraud, information leakage, etc. With the rapid growth rate of the network complexity and traffic size, it is important to build asystem to detect victims infected by malware and provide stable IT service. However, it is a challenge to build such asystem, because of the huge traffic size and diversity of end-hosts. Even the infected victims are identified, we may not be able to defuse the problem in time, because of the shortage of network facility crew. In this paper, we show a network alarm system, that can detect the potential victim group and monitor group activity when the botnet launches a massive attack.
To protect the security of information asset is considered to be the common agreements among modern civilized countries and the indispensable cultivation of democratic countries, societies, and citizens. However, the human nature is not always good, and it is common for its guardians to intrude the security of the asset. Information security man- agement not only is related to the ‘‘public security’’, but also takes the organization levels, evil-disposed outsiders, and burglars inside the company into consideration. Compared with the environment man- agement system and industry sanitation security, its certification is much more difficult. The issues of dealing with the certification of information securitymanagement systems need to be considered and discussed thoroughly.
The ID-based scheme consists of four algorithms: Setup, Extraction, Encryption, and Decryption. Setup is run by the PKG to generate the master key and the system
parameters. This is done on input of asecurity parameter k ID , which specifies the bit length of the group order and is regarded as the key size of the ID-based scheme. The Extraction algorithm is carried out by the PKG to generate a private key corresponding to the identity of a user. As with regular public key cryptography, the Encryption algorithm takes a message and a public key as inputs to produce a cipher text. Similarly, the Decryption algorithm is executed by the owner of the corresponding private key to decrypt the cipher text. These four functions are described as follows.
protocol to send/check mails.
As shown in Fig. 7, the protocol stack of the HNS gateway consists of two planes. The left-
hand plane is the HNS ‘‘termination’’ protocol stack and consists of three layers. They are phys- ical layer (PHY), HNS protocol stack and man- agement protocol. The PHY, or transmission media, may be wired like the power line, cable and twisted pair, or wireless, such as infrared and radio, with diﬀerent communication protocol. The HNS and management protocols are speciﬁed for interaction between the HNS gateway and home appliances. The HNS protocol is used to provide network functionality for the management proto- col. The management protocol provides manage- ment services for the HNS. As noted earlier, each HNS standard deﬁnes its owned management protocol and is not compatible with others.
- II -
Southern Region Water Resources Office, Water Resources Agency, Ministry of Economic Affairs had coordinated with the Information SecurityManagement Act and sub-laws information security responsibility level B, the attached table three requirement, within 2 years of approval, all core infor- mation and communication systems shall be imported into ISO 27001 stand- ard, complete fair third-party verification within 3 years. The implementation of project was divided into three stages and explained as follows.
Current reliable strategies for information security are all chosen using incomplete information. With standards, problems resulting from incomplete information can be reduced, since with standards, we can decrease the choices and simplify the process for reliable supply and demand decision making. This paper is to study the certification of information securitymanagement systems based on specifications promulgated by the Bureau of Standards, Metrology and Inspection (BSMI), Ministry of Economic Affairs in accordance with international standards and their related organizations. And we suggest a certification requirement concept for five different levels of ‘‘Information and Communication Security Protection System’’ in our country, the Republic of China, Taiwan.
Ping Wang 1 , Kuo-Ming Chao 2 , Chi-Chun Lo 3 , Wen-Hui Lin 1 , Hsiao-Chung Lin 1 and Wun-Jie Chao 1
Numerous security concerns exist in smart home systems in which Internet of Things devices are connected through a home network to enable control using a centralised gateway witha handset device from the Internet. Safeguarding personal information privacy is an increasing concern in smart living services. To guarantee the mobile security of smart living ser- vices, security managers use taint checking approaches with dynamic taint propagation analysis operations to examine how a software-defined networking app uses sensitive information and investigate suspicious security vulnerabilities of devices and the effects of the spread of taint propagation over the Internet by identifying taint paths. For solving the dynamic taint propagation analysis problem, most approaches focus on cloud computing applications (apps) with malware threat analysis that involves program vulnerability analyses, rather than on the risk posed by suspicious apps connected to the cloud com- puting server. Accordingly, this article proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme for tracking data with taint marking using several taint checking tools with an open software-defined net- working architecture for solving the dynamic taint propagation analysis problem. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of risks posed by suspicious apps connected to the centralised gateway in a smart home system. In probabilistic risk analysis, risk and defence capability are used for each taint path to assist a defender in recognising the attack results against network threats caused by malware infection and to estimate the losses of associated taint sources. A case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. A new approach was used for verifying the details of an attack sequence for malware infection by incorporating a finite state machine to appropriately represent the real dynamic taint propagation analysis situations at vari- ous configuration settings and safeguard deployment. The experimental results proved that the threat analysis model enables a defender to convert the spread of taint propagation to loss and estimate the risk of a specific threat using beha- vioural analysis associated with 60 families of real malware. Consequently, our scheme was significantly effective in predict- ing the risk and loss of tainted data propagation for security concerns in smart home systems when the number of taint paths associated with the propagation rules discovered through taint analysis was increased.
Index Terms—Residential Gateway, Home Network, QoS, Embedded System.
I. I NTRODUCTION
The modern home is evolving rapidly into a digital home network environment. Inter-device data communication and Internet connectivity are penetrating the home as personal computers, video telephonic systems, networked home entertainment systems, home security systems and a variety of smart devices for both home automation and home digitalization. A probable result of this convergence is the digital home wherein the dweller is able to enjoy networked content at any place at any time by any device. A recent consumer survey  indicated that the contemporary
Organizing an academic conference includes a set of complex activities for many people who need to cooperate on different levels for achieving coherent results. These activities include conference planning, call for papers, paper submissions, paper reviews, paper acceptance, conference registration, fee charge and so on. Thus an automatic and efficient supporting system for the paper submission and review process may be required. Recently, several software systems  have been constructed to automate the collection and counting of paper and review results. However, these systems do not handle other activities and the heterogeneous system environment problems.
DMS is more than a tool to lighten the document management workload. It is a socio-technical system, not merely an information technology. Curley pointed out that the successful introduction of information systems to an organization is tied to achievable and desirable organizational goals; in other words, the DMS should be an integral part of the organization. This perspective is essential in gaining an understanding of the conflicting influences which shape the use of DMS at every step of its evolution. Each system design element must be examined in the light of its productive allocation of resources and the performance of people at each level in the productivity chain. The DMS should meet a variety of tasks performed by document managers, clerks and document users with different requirements. Setting organizational, personal and social objectives from the outset and integrating them with technical requirements are vitally important.
21 June 2021
Hang Seng Enhances Online Banking Security Measures to Address Phishing SMS and Fraudulent Hang Seng Websites
Hang Seng Bank alerts members of the public to be vigilant against a recent phishing SMS message that may lead to a fraudulent website using the domain name
摘要: Workflow automation has been popularly adopted by commerce, but there are few efforts to lead this technology into managementsystem in university. In this paper, we will introduce a department managementsystem which is constructed for general purpose, and implement it as a CSIE department managementsystem in National Chiao Tung University.
Each customer has two independent arrival modes (mode 1 and mode 2). Both arrival modes 1 and 2 of customers follow a Poisson process with parameters λ 1 and
λ 2 , respectively. Suppose that both modes are equally likely to be serviced next, when several customers are waiting for service. The service time of each server in the service mode i has an exponential distribution with mean 1/ μ i , where i=1, 2. The arriving customers join in a single waiting line based on the order of their arrivals; that is, in a first-come, first-served discipline. Each server services only one customer at a time. Customers who, upon entry into the service facility, find that the server is busy have to wait in the queue until the server is available.
N messages into the queue of the message generation center to be served. The service time of the message generation center has a general distribution with mean m S ; as long as its queue is non-empty, it will generate message traffic at this rate. One assumption made by this modeling approach is that ‘message generation center’ is subject to breakdown at any time while it is working. Whenever the ‘message generation center’ fails, it is immediately repaired. After the repair the interrupted service is resumed. Breakdowns occur only when the service is in progress, and never when the system is empty. As soon as the server (message generation center) is repaired, it functions as good as a new one. Our objective is to model the ‘pacing level’ of messages between a single source/destination pair-the optimum window size N to minimize the total expected cost. Customers, which represent messages, arrive at the source node at rate l : They flow node to node, requiring the message generation center to service at a mean time m S : A single coaxial cable is used to interconnect stations. The source continues to transmit, regardless of the number of outstanding messages. This model is shown in Fig. 3.
Security is just like air. It is originally worthless, but its existence will not be painfully detected until it is lost. The outflow of private information causes unprecedented threat to e-Taiwan. The investigation wastes time and the forensic is difficult. Rumor has it that Mainland China has obtained the individual data (i.e., census register, military record and tax) of people in Taiwan. On March 27, 2004, the event of Trojan-Horse detecting e-bank accounts and passwords has been occurred in Taiwan. On April 14, 2004, it was even reported by mass media that “Mainland China hackers invaded the Presidential Hall.” We should recognize how to ensure “when there is confidence that information and information systems are protected against attacks through the application of security services in such areas as availability, integrity, authentication, confidentiality, and non- repudiation. The application of these services should be based on the protection, detect, and react paradigm. This means that in addition to incorporating protection mechanisms, organizations
a b s t r a c t
Perfect digital watermarking systems are contained two characteristics. One is the robustness that it need be resistant to geometric attacks in addition to common image processing tasks, such as JPEG compres- sion. The other one is to preserve the image quality after embedding. However, the requirement of robustness and quality for watermark are conﬂicted with each other. How to determine the equilibrium of optimal security strategies between encoder and attacker and the optimal tradeoff between the inten- sity of embedded watermark and the perceptual translucence for visible watermark is still remained as one of the most challenging research topics in image watermarking. Therefore, in order to achieve the best tradeoff between the embedding energy of watermark, the quality of perceptual watermark trans- lucence and the image ﬁdelity after attacks, we propose asystem architecture which is based on the game-theoretic approach that provides an optimum solution for the decision maker by studying the intensity and perceptual efﬁciency. The game-theoretic approach determines the transmission strategy using utility optimization according to the ﬂuctuation of watermark states. The watermark embedding problem is formulated as a dynamic non-cooperative game with complete information while the optimal strategy is deﬁned by the Nash equilibrium of the game. The experimental results demonstrate the fea- sibility of the proposed approach which allows the watermark encoder to obtain the best adaptive water- marking strategy in the different texture under attacks. Additionally, we demonstrate that the proposed system could help each user to choose the optimal transmission power to maximize its utility based on other constant parameters and resolve security issue of visual communication.
and Fraudulent Hang Seng Websites
Hang Seng Bank alerts members of the public to be vigilant against recent phishing SMS messages which purport to be from Hang Seng and may lead them to a fraudulent website using the domain name ‘https://4159559.cc/index/passport/login.html’. These phishing SMS messages use various reasons to prompt recipients to enter personal or account details through the above-mentioned fraudulent website which displays the Bank’s logo.
and Fraudulent Hang Seng Websites
Hang Seng Bank alerts members of the public to be vigilant against recent phishing SMS messages which purport to be from Hang Seng and may lead them to a fraudulent website using the domain name ‘hxxps://hangseng-host.com’. Hang Seng will never ask customers to log in to their Personal e-Banking, or to provide personal information such as their HKID number, e-Banking login credentials or one-time passwords through embedded links, instant messaging apps or similar channels.
Effective equipment management is one of the important tasks for modern manufacturing companies in order to keep their competitive edge. The rapid advancements in e-manufacturing accelerate the enormous growth of equipment engineering data, which can be integrated and aggregated by data warehousing for supporting effective e-maintenance and e-diagnostics. In this paper a data warehouse for equipment managementsystem, or EMS DW, was developed for a semiconduc- tor packaging manufacturer. EMS DW could easily integrate heterogeneous data derived from various shop floor systems and manage data complied with OLAP for decision-making purposes. EMS DW allowed equipment engineers to analyse the aggregated equipment data with multi-dimensional views. This paper not only develops a GA-based approach, namely FGS þ GA, to optimally select cubes (views), but also shows an implementation for designing the EMS DW for the