Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the...Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.展开更多
This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
In this paper, the properties of distributed virtual environment (DVE) and the requirements on computer networks is briefly reviewed. A multicast protocol, called sender initiated grouping multicast protocol for DVE...In this paper, the properties of distributed virtual environment (DVE) and the requirements on computer networks is briefly reviewed. A multicast protocol, called sender initiated grouping multicast protocol for DVE (SIGMP), is proposed. This new multicast protocol is based on a novel concept, multicast group (MG), which divides all participants in a DVE system into groups, among which there is a multicast group trustee (MGT) node to manage the group. The protocol provides unreliable/reliable, totally ordered and multiple to multiple multicast transmission service for DVE systems without sacrificing the communication efficiency heavily. At the same time, reliable unicast and one to multiple multicast transmission services are also supported. The performance analysis of the new protocols is also presented. Based on SIGMP, a simple demonstration of DVE system is designed and implemented. This demo system is running on several SGI workstations connected by a FDDI and Ethernet network.展开更多
This paper presents overview of new features so far prepared for new version of spectral analysis tool SPLAT-VO that allows to retrieve a large amount of spectra(and other data) based on its characteristics by detaile...This paper presents overview of new features so far prepared for new version of spectral analysis tool SPLAT-VO that allows to retrieve a large amount of spectra(and other data) based on its characteristics by detailed querying a virtual observatory s resources. The overview is focused on enhancements of user experience, work with simple application messaging protocol(SAMP) and other interoperability that improves work with global list of spectra, plot window and analysis menu.展开更多
Nowadays, Health Care Training-based System (HCTS) is a vital component in the education and training of health care in 3D Virtual Environment (VE). The practice of HCTS continues to grow at rapid pace throughout all ...Nowadays, Health Care Training-based System (HCTS) is a vital component in the education and training of health care in 3D Virtual Environment (VE). The practice of HCTS continues to grow at rapid pace throughout all of the healthcare disciplines, however research in this field is still in its early stage. Increasingly, decision makers and developers look forward to offer more sophisticated, much larger, and more complex HCTS to serve the desired outcome and improve the quality and safety of patient care. Due to the rapidly increasing usage of personal mobile devices and the need of executing HCTS applications in environments that have no previous network infrastructure available, Mobile Health Care Training-based System (MHCTS) is an expected future trend. In such systems, medical staff will share and collaborate in a 3D virtual environment through their mobile devices in an ad-hoc network (MANET) in order to accomplish specific missions’ typically surgical emergency room. Users are organized into various groups (Radiologists, Maternity departments, and General surgery etc...), and need to be managed by a multicast scheme to save network bandwidth and offer immersive sense. MHCTS is sensitive to networking issues, since interactive 3D graphics requires additional load due to the use of mobile devices. Therefore, we need to emphasize on the importance and the improvement of multicast techniques for the effectiveness of MHCTS and the management of collaborative group interaction. Research so far has devoted little attention to the network communication protocols design of such systems which is crucial to preserve the sense of immersion for participating users. In this paper, we investigate the effect of multicast routing protocol in advancing the field of Health care Training-based System to the benefit of patient’s safety, and health care professional. Also, we address the issue of selecting a multicast protocol to provide the best performance for a particular e-health system at any time. Previous work has demonstrated that multicast operates at least as efficiently as traditional MAODV. A comprehensive analysis about various ad-hoc multicast routing protocols is proposed. The selection key factors for the right protocol for MHCTS applications were safety and robustness. To the best of our knowledge, this work will be the first initiative involving systematic literature reviews to identify a research gate for the use of multicast protocol in health care simulation learning community.展开更多
There are several motivations, such as mobility, cost, and secu- rity, that are behind the trend of traditional desktop users transi- tioning to thin-client-based virtual desktop clouds (VDCs). Such a trend has led ...There are several motivations, such as mobility, cost, and secu- rity, that are behind the trend of traditional desktop users transi- tioning to thin-client-based virtual desktop clouds (VDCs). Such a trend has led to the rising importance of human-centric performance modeling and assessment within user communities that are increasingly making use of desktop virtualization. In this paper, we present a novel reference architecture and its eas- ily deployable implementation for modeling and assessing objec- tive user quality of experience (QoE) in VDCs. This architec- ture eliminates the need for expensive, time-consuming subjec- tive testing and incorporates finite-state machine representa- tions for user workload generation. It also incorporates slow-mo- tion benchmarking with deep-packet inspection of application task performance affected by QoS variations. In this way, a "composite-quality" metric model of user QoE can be derived. We show how this metric can be customized to a particular user group profile with different application sets and can be used to a) identify dominant performance indicators and troubleshoot bottlenecks and b) obtain both absolute and relative objective user QoE measurements needed for pertinent selection of thin-client encoding configurations in VDCs. We validate our composite-quality modeling and assessment methodology by us- ing subjective and objective user QoE measurements in a re- al-world VDC called VDPilot, which uses RDP and PCoIP thin-client protocols. In our case study, actual users are pres- ent in virtual classrooms within a regional federated university system.展开更多
Virtual reality (VR) is a rapidly developing technology that has a wide spectrum of industrial and commercial applications. Networked (distributed or shared) virtual environments (VE) are of growing interest to modern...Virtual reality (VR) is a rapidly developing technology that has a wide spectrum of industrial and commercial applications. Networked (distributed or shared) virtual environments (VE) are of growing interest to modern manufacturing industry; a dominating use of networked virtual manufacturing environments (VMEs) is on-line visualisation and collaborative control of 3D information. This has to be supported by real-time data transfer. To meet a broad range of common requirements for Internet-based VE communications, particularly for virtual manufacturing and collaborative design and control, this paper presents a networked virtual environment system that is designed to support networked virtual design and manufacturing. The system is implemented with manufacturing message specification (MMS) standards so as to integrate a range of manufacturing services into networked VEs over the Internet.展开更多
文摘Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
文摘In this paper, the properties of distributed virtual environment (DVE) and the requirements on computer networks is briefly reviewed. A multicast protocol, called sender initiated grouping multicast protocol for DVE (SIGMP), is proposed. This new multicast protocol is based on a novel concept, multicast group (MG), which divides all participants in a DVE system into groups, among which there is a multicast group trustee (MGT) node to manage the group. The protocol provides unreliable/reliable, totally ordered and multiple to multiple multicast transmission service for DVE systems without sacrificing the communication efficiency heavily. At the same time, reliable unicast and one to multiple multicast transmission services are also supported. The performance analysis of the new protocols is also presented. Based on SIGMP, a simple demonstration of DVE system is designed and implemented. This demo system is running on several SGI workstations connected by a FDDI and Ethernet network.
文摘为解决传统3层架构在大型校园网中存在的东西向流量瓶颈与扩展性不足问题,探索叶脊(Spine-Leaf)网络架构应用。该架构采用扁平化拓扑,以Spine层为高速转发核心、Leaf层为接入汇聚节点,结合边界网关协议(Border Gateway Protocol,BGP)构建路由自动收敛机制,通过等价多路径路由(Equal-Cost Multi-Path Routing,ECMP)实现负载均衡,依托虚拟扩展局域网(Virtual Extensible Local Area Network,VXLAN)突破大二层边界。测试结果表明,其吞吐量和时延均优于传统架构,适配高性能计算、在线教学场景,可为大型校园网建设提供可行技术路径。
基金supported by Agency of the Czech Republic-GACR(No.P103/13/08195S)the Development of Human Resources in Research and Development of Latest Soft Computing Methods and Their Application in Practical Project,Operational Programm Education for Competitiveness(No.CZ.1.07/2.3.00/20.0072)+1 种基金ESF State Budget of the Czech Republic,SGS(No.SP2013/114)VBTechnical University of Ostrava,Czech Republic
文摘This paper presents overview of new features so far prepared for new version of spectral analysis tool SPLAT-VO that allows to retrieve a large amount of spectra(and other data) based on its characteristics by detailed querying a virtual observatory s resources. The overview is focused on enhancements of user experience, work with simple application messaging protocol(SAMP) and other interoperability that improves work with global list of spectra, plot window and analysis menu.
文摘Nowadays, Health Care Training-based System (HCTS) is a vital component in the education and training of health care in 3D Virtual Environment (VE). The practice of HCTS continues to grow at rapid pace throughout all of the healthcare disciplines, however research in this field is still in its early stage. Increasingly, decision makers and developers look forward to offer more sophisticated, much larger, and more complex HCTS to serve the desired outcome and improve the quality and safety of patient care. Due to the rapidly increasing usage of personal mobile devices and the need of executing HCTS applications in environments that have no previous network infrastructure available, Mobile Health Care Training-based System (MHCTS) is an expected future trend. In such systems, medical staff will share and collaborate in a 3D virtual environment through their mobile devices in an ad-hoc network (MANET) in order to accomplish specific missions’ typically surgical emergency room. Users are organized into various groups (Radiologists, Maternity departments, and General surgery etc...), and need to be managed by a multicast scheme to save network bandwidth and offer immersive sense. MHCTS is sensitive to networking issues, since interactive 3D graphics requires additional load due to the use of mobile devices. Therefore, we need to emphasize on the importance and the improvement of multicast techniques for the effectiveness of MHCTS and the management of collaborative group interaction. Research so far has devoted little attention to the network communication protocols design of such systems which is crucial to preserve the sense of immersion for participating users. In this paper, we investigate the effect of multicast routing protocol in advancing the field of Health care Training-based System to the benefit of patient’s safety, and health care professional. Also, we address the issue of selecting a multicast protocol to provide the best performance for a particular e-health system at any time. Previous work has demonstrated that multicast operates at least as efficiently as traditional MAODV. A comprehensive analysis about various ad-hoc multicast routing protocols is proposed. The selection key factors for the right protocol for MHCTS applications were safety and robustness. To the best of our knowledge, this work will be the first initiative involving systematic literature reviews to identify a research gate for the use of multicast protocol in health care simulation learning community.
基金supported by VMware and the National Science Foundation under award numbers CNS-1050225 and CNS-1205658
文摘There are several motivations, such as mobility, cost, and secu- rity, that are behind the trend of traditional desktop users transi- tioning to thin-client-based virtual desktop clouds (VDCs). Such a trend has led to the rising importance of human-centric performance modeling and assessment within user communities that are increasingly making use of desktop virtualization. In this paper, we present a novel reference architecture and its eas- ily deployable implementation for modeling and assessing objec- tive user quality of experience (QoE) in VDCs. This architec- ture eliminates the need for expensive, time-consuming subjec- tive testing and incorporates finite-state machine representa- tions for user workload generation. It also incorporates slow-mo- tion benchmarking with deep-packet inspection of application task performance affected by QoS variations. In this way, a "composite-quality" metric model of user QoE can be derived. We show how this metric can be customized to a particular user group profile with different application sets and can be used to a) identify dominant performance indicators and troubleshoot bottlenecks and b) obtain both absolute and relative objective user QoE measurements needed for pertinent selection of thin-client encoding configurations in VDCs. We validate our composite-quality modeling and assessment methodology by us- ing subjective and objective user QoE measurements in a re- al-world VDC called VDPilot, which uses RDP and PCoIP thin-client protocols. In our case study, actual users are pres- ent in virtual classrooms within a regional federated university system.
文摘Virtual reality (VR) is a rapidly developing technology that has a wide spectrum of industrial and commercial applications. Networked (distributed or shared) virtual environments (VE) are of growing interest to modern manufacturing industry; a dominating use of networked virtual manufacturing environments (VMEs) is on-line visualisation and collaborative control of 3D information. This has to be supported by real-time data transfer. To meet a broad range of common requirements for Internet-based VE communications, particularly for virtual manufacturing and collaborative design and control, this paper presents a networked virtual environment system that is designed to support networked virtual design and manufacturing. The system is implemented with manufacturing message specification (MMS) standards so as to integrate a range of manufacturing services into networked VEs over the Internet.
