تزداد الحاجة بشكل مطرد إلى توزيع الآليات الأمنية عبر عدة مكونات في بيئات الشبكات الموزعة. و يشكل توزيع مفاتيح التعمية و عمليات التعمية أهم هذه الآليات. يعتمد أغلب الآليات الأمنية المقترحة حاليًا على التعمية العتبية التي تسمح بمشاركة عمليات التعمية بين العقد الشبكية، إِذ يكفي توفر عدد (عتبة) من المكونات الفعالة لكي تنفذ العمليات الأمنية بنجاح.
مع وجود عدد من التقنيات المختلفة المقترحة للمخططات العتبية، إلا أننا نشعر أن المشكلات التقنية التي تحدد نوع التقنيات الواجب اختيارها في أثناء التنفيذ غالبًا ما يجري تجاهلها.
قدمنا في هذه الورقة إطار عمل جديد لمعماريي أمن الشبكات من أجل التطبيق في أثناء تبني مثل هذه الآليات. هذا الإطار يعرف قرارات التصميم الحرجة التي تحتاج إلى أن تؤخذ بالحسبان و تساعد على عملية التصميم و التنفيذ.
و نقترح كجزء من هذا الإطار تصنيفًا لنماذج الإدارة و لبيئات التطبيقات الشبكية. أيضًا نظهر فائدة هذا الإطار عن طريق تطبيقه على بيئة شبكات افتراضية خاصة.
An increasingly common requirement in distributed network environments is the need to distribute security mechanisms across several network components. This includes both cryptographic key
distribution and cryptographic computation. Most proposed security mechanisms are based on threshold cryptography, which allows a cryptographic computation to be shared amongst network
components in such a way that a threshold of active components are required for the security operation to be successfully enabled. Although there are many different proposed techniques available, we feel that the practical issues that determine both what kind of technique is selected for implementation and how it is implemented are often glossed over. In this paper we thus establish a new framework for network security architects to apply when considering adoption of such mechanisms. This framework identifies the critical design decisions that need to be taken into account and is intended to aid both design and implementation. As part of this framework we propose a taxonomy of management models and application environments. We also demonstrate the utility of the framework by applying it to a VPN environment.
References used
Y. Desmedt and Y. Frankel. "Threshold Cryptosystems," Advances in Cryptology: Crypto ’89, Lecture Notes in Computer Science, 435 (1990) 307–315
B. Blakley, ”Safeguarding Cryptographic Keys”, Proceedings AFIPS 1979 National Computer Conference, pp. 313-317. June 1979
A. Shamir. ”How to share a secret”, ”Comm. ACM, 22(11), (1979), pp. 612-613. November 1979
In this work, we consider the problem of designing secure and efficient federated learning (FL) frameworks for NLP. Existing solutions under this literature either consider a trusted aggregator or require heavy-weight cryptographic primitives, which
A Mobile Ad hoc Network (MANET) is a network of wireless mobile devices deployed without the aid of any pre-existing infrastructure or centralized administration.
accessing its resources, a single model can’t be adapted in every company.
The main idea of this work is to develop a new model that depends on both RBAC and ABAC models so we can benefit from both systems advantages. We propose a hybrid access cont
Abstract Common grounding is the process of creating and maintaining mutual understandings, which is a critical aspect of sophisticated human communication. While various task settings have been proposed in existing literature, they mostly focus on c
Morality plays an important role in social well-being, but people's moral perception is not stable and changes over time. Recent advances in natural language processing have shown that text is an effective medium for informing moral change, but no at