ASIACCS Call for Papers online now.
ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009)
ASIACCS 2009 Home > Call for Papers
Papers representing original research in both the theory and practice concerning information, computer and communications security are solicited.
- Submission Deadline: 14 September 2008
- Author Notification: 15 November 2008
- Camera-Ready Deadline: 6 December 2008
I came across this technology a few years back. It seemed amazing then and it seems really good now. I think someone needs to consider this for our local community. In my opinion, Amin should take a look at it in detail and from a technical and feasibility perspective since he’s now in the position to talk to businesses and individuals who make the decisions to bring new technology into the country.
How Broadband Over Powerlines Works
With broadband over power lines, or BPL, you can plug your computer into any electrical outlet in your home and instantly have access to high-speed Internet. By combining the technological principles of radio, wireless networking, and modems, developers have created a way to send data over power lines and into homes at speeds between 500 kilobits and 3 megabits per second (equivalent to DSL and cable).
…
By providing high-speed data transmission between all of the electrical plugs in a house, there is the potential to network all kinds of common appliances in a household. If your alarm clock, light switch and coffee maker could talk each other via a high-speed connection, mornings might look a lot different.
[from Howstuffworks.com]
I came across this “Speaker’s Handbook” of the Annual Computer Security Applications Conference (ACSAC). It’s not really specific to the conference and present some useful material about speaking at an international (security) conference. Take a look at it here.
Since shaz won’t post on the blog himself, I’ll post it here for him. This comes from his mail to SERG Archive:
This one is specially for Dr.M and Mr.T. The tpm_dev is a kernel module for backward compatibility, when application space made a call to tpm driver i.e. before TIS and 1.2 specification. Do you agree recluze? Now this kernel module is not required when a user space library, “tddl”, can forward userspace requests to “tpmd” the tpm daemon. Do we really need to port tpm_dev module to kernel. It will not be tough but the lesser we handle at a time the better possibility to troubleshoot.
Waiting for ur suggestions. I know its not very difficult to decide but wanted a group decision so that we are even.
SACMAT’08 Proceedings have been posted online at ACM. Visit here to see our “Model-based Behavioral Attestation Framework”.
[These are comments to the paper titled, "From Trusted to Secure: Building and Executing Applications That Enforce System Security" available at USENIX ATC'07.]
The paper deals with the issue of differences between security enforcement on the operating system level and within applications. It describes a mechanism through which security labels of a MAC mechanism from the OS can be communicated to the application; the application provides assurance that it enforces the security policies within its logic; the output of information from the application is also communicated to the OS MAC mechanism to ensure that these outputs get the correct labels.
Things to notice:
I found the last point of particular importance because it explained to me exactly what PRIMA meant by ‘interfaces which convert data of low integrity to high integrity’.
Another important point to note is that the information flow analysis to and from the application is not static (as in Jif - which uses compile time checks only, as far as I know) but dynamic in that the lattice of principals is created at runtime (meaning that mappings of labels to and from the OS would occur at runtime thus depending on the OS policy at runtime).
The developer does not have to know these mappings either. They are defined in a separate high-level policy so that they can be defined by the system administrator on the target machine.
The concept of mappings is particularly clarified through Figure 6 and the fifth paragraph in Section 4.3. The policy within the appplication allows pub -> siic -> sec. pub is mapped to security level s0 of the OS and sec to s1. Information can thus from from s0 to s1 (but only if this is allowed by the OS!) The Jif Runtime takes care of this sort of information flow.
Future directions of my interest:
)ARM Ltd. has teamed with Trusted Logic to develop secure software for mobile handsets and set-top boxes that will combine the microprocessor core maker’s TrustZone technology with optimized security software from Trusted Logic…..
Embedded.com - ARM links with Trusted Logic for secure mobiles, set tops:
amin.
After officially getting a home in IMSciences, Peshawar, we’ve moved our blog/website to IMS host. We’re now living at http://serg.imsciences.edu.pk.
This is a cool Portable device…with a great range of support for portable devices locally and on the web….
follow the link.
Portable Local WebServer with Apache, SQL, PHP and Applications for Windows » Raymond.CC Blog:
amin.
Cambridge university technical report on:
Active privilege management for distributed access control systems
It isn’t strictly related to our work but it has some detailed discussion of access control related work.