This document proposes a multi-agent system architecture for reacting to security alerts in heterogeneous distributed networks. The architecture has three layers - a low level that interfaces with the target infrastructure, an intermediate level that correlates alerts from different domains and deploys reaction actions, and a high level global view. It uses an ontology and Bayesian network based decision support system to help agents make decisions according to preferences and influence diagrams. The approach is illustrated using a case study of a medical application distributed across buildings, campuses and metropolitan areas.
This document discusses 6 different thesis abstracts on topics related to IT security:
1) The design and implementation of an environment to support security assessment method development. This includes a database solution to assist developers.
2) A risk analysis of an RFID system used for logistics that identifies vehicles. The analysis examines the RFID communication and database transmission security and risks.
3) Key topics for a database security course, including technologies, access control, vulnerabilities, privacy, and secure database models.
4) A case-based reasoning approach to understand constraints in information models written in EXPRESS, representing constraints at a higher level of abstraction.
5) The benefits of a consolidated network security solution over point
Intelligent Intrusion Detection System Based on MLP, RBF and SVM Classificati...
An effective approach for tackling network security
problems is Intrusion detection systems (IDS). These kind of
systems play a key role in network security as they can detect
different types of attacks in networks, including DoS, U2R Probe
and R2L. In addition, IDS are an increasingly key part of the
system’s defense. Various approaches to IDS are now being used,
but are unfortunately relatively ineffective. Data mining techniques
and artificial intelligence play an important role in security
services. We will present a comparative study of three wellknown
intelligent algorithms in this paper. These are Radial Basis
Functions (RBF), Multilayer Perceptrons (MLP) and Support
Vector Machine (SVM).This work’s main interest is to benchmark
the performance of these3 intelligent algorithms. This is done by
using a dataset of about 9,000 connections, randomly chosen from
KDD'99’s 10% dataset. In addition, we investigate these
algorithms’ performance in terms of their attack classification
accuracy. The Simulation results are also analyzed and the
discussion is then presented. It has been observed that SVM with a
linear kernel (Linear-SVM) gives a better performance than MLP
and RBF in terms of its detection accuracy and processing speed.
The document discusses context awareness in building management. It describes context awareness as a system's ability to remain aware of its environment and adapt based on contextual information from various sources, like sensors. The key topics discussed are:
1) Context awareness is important for building management as it allows systems to assist occupants by automatically optimizing conditions like HVAC, lighting, and security based on contextual data.
2) Realizing full context awareness requires enhanced data sources, availability, and context models to integrate information from various building systems and sensors.
3) The project aims to enable context awareness in buildings by using wireless sensor networks to monitor contextual data and support integrated building management and automation.
Novel framework using dynamic passphrase towards secure and energy-efficient ...
At Mobile Adhoc Network (MANET) has been long-researched topic in adhoc network owing to the associated advantages in its cost-effective application as well as consistent loophopes owing to its inherent charecteristics. This manuscript draws a relationship between the energy factor and security factor which has not been emphasized in any existing studies much. Review of existing security approaches shows that they are highly attack specific, uses complex encryption, and overlooks the involvement of energy factor in it. Therefore, the proposed system introduces a novel mechanism where security tokens and passphrases are utilized in order to offer better security. The proposed system also introduces the usage of an agent node which communications with mobile nodes using group-based communication system thereby ensuring reduced computational effort of mobile nodes towards establishing secured communication. The outcome shows proposed system offers better outcome in contrast to existing system.
A SURVEY ON TECHNIQUES REQUIREMENTS FOR INTEGRATEING SAFETY AND SECURITY ENGI...
Nowadays, safety and security have become a requirement, integrated to each other, for information systems as a new generation of infrastructure systems distributed throughout networks. That opened the door for questions on whether these systems are safety-critical especially since they were tested in a closed, separated environment and are now deployed in an uncontrollable environment, namely the internet, where the number of threats is enormous. So it opened the door to talk about new development approach methods that take safety and security into consideration during the system development life cycle and most importantly, identifying hazard, risks and threats. We will conduct a survey exploring technical languages that were created by the scholars to combine safety and security requirement engineering and accident analysis technique languages.
MANET is a kind of Ad Hoc network with mobile, wireless nodes. Because of its special characteristics like
dynamic topology, hop-by-hop communications and easy and quick setup, MANET faced lots of challenges
allegorically routing, security and clustering. The security challenges arise due to MANET’s selfconfiguration
and self-maintenance capabilities. In this paper, we present an elaborate view of issues in
MANET security. Based on MANET’s special characteristics, we define three security parameters for
MANET. In addition we divided MANET security into two different aspects and discussed each one in
details. A comprehensive analysis in security aspects of MANET and defeating approaches is presented. In
addition, defeating approaches against attacks have been evaluated in some important metrics. After
analyses and evaluations, future scopes of work have been presented.
Privacy-preservation for sensitive data has become a challenging issue in cloud computing.Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the
exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. We believe that the extended methodology facilitates the application of a privacy preserving cloud software development approach from requirements engineering to design
This document summarizes four architectural patterns for context-aware systems: WCAM, Event-Control-Action, Action, and architectural pattern for context-based navigation. It discusses examples, problems addressed, solutions, structures, and benefits of each pattern. The patterns are examined to determine which can best overcome complexity and be more extensible for context-aware systems.
This document discusses 6 different thesis abstracts on topics related to IT security:
1) The design and implementation of an environment to support security assessment method development. This includes a database solution to assist developers.
2) A risk analysis of an RFID system used for logistics that identifies vehicles. The analysis examines the RFID communication and database transmission security and risks.
3) Key topics for a database security course, including technologies, access control, vulnerabilities, privacy, and secure database models.
4) A case-based reasoning approach to understand constraints in information models written in EXPRESS, representing constraints at a higher level of abstraction.
5) The benefits of a consolidated network security solution over point
An effective approach for tackling network security
problems is Intrusion detection systems (IDS). These kind of
systems play a key role in network security as they can detect
different types of attacks in networks, including DoS, U2R Probe
and R2L. In addition, IDS are an increasingly key part of the
system’s defense. Various approaches to IDS are now being used,
but are unfortunately relatively ineffective. Data mining techniques
and artificial intelligence play an important role in security
services. We will present a comparative study of three wellknown
intelligent algorithms in this paper. These are Radial Basis
Functions (RBF), Multilayer Perceptrons (MLP) and Support
Vector Machine (SVM).This work’s main interest is to benchmark
the performance of these3 intelligent algorithms. This is done by
using a dataset of about 9,000 connections, randomly chosen from
KDD'99’s 10% dataset. In addition, we investigate these
algorithms’ performance in terms of their attack classification
accuracy. The Simulation results are also analyzed and the
discussion is then presented. It has been observed that SVM with a
linear kernel (Linear-SVM) gives a better performance than MLP
and RBF in terms of its detection accuracy and processing speed.
The document discusses context awareness in building management. It describes context awareness as a system's ability to remain aware of its environment and adapt based on contextual information from various sources, like sensors. The key topics discussed are:
1) Context awareness is important for building management as it allows systems to assist occupants by automatically optimizing conditions like HVAC, lighting, and security based on contextual data.
2) Realizing full context awareness requires enhanced data sources, availability, and context models to integrate information from various building systems and sensors.
3) The project aims to enable context awareness in buildings by using wireless sensor networks to monitor contextual data and support integrated building management and automation.
Novel framework using dynamic passphrase towards secure and energy-efficient ...IJECEIAES
At Mobile Adhoc Network (MANET) has been long-researched topic in adhoc network owing to the associated advantages in its cost-effective application as well as consistent loophopes owing to its inherent charecteristics. This manuscript draws a relationship between the energy factor and security factor which has not been emphasized in any existing studies much. Review of existing security approaches shows that they are highly attack specific, uses complex encryption, and overlooks the involvement of energy factor in it. Therefore, the proposed system introduces a novel mechanism where security tokens and passphrases are utilized in order to offer better security. The proposed system also introduces the usage of an agent node which communications with mobile nodes using group-based communication system thereby ensuring reduced computational effort of mobile nodes towards establishing secured communication. The outcome shows proposed system offers better outcome in contrast to existing system.
A SURVEY ON TECHNIQUES REQUIREMENTS FOR INTEGRATEING SAFETY AND SECURITY ENGI...IJCSES Journal
Nowadays, safety and security have become a requirement, integrated to each other, for information systems as a new generation of infrastructure systems distributed throughout networks. That opened the door for questions on whether these systems are safety-critical especially since they were tested in a closed, separated environment and are now deployed in an uncontrollable environment, namely the internet, where the number of threats is enormous. So it opened the door to talk about new development approach methods that take safety and security into consideration during the system development life cycle and most importantly, identifying hazard, risks and threats. We will conduct a survey exploring technical languages that were created by the scholars to combine safety and security requirement engineering and accident analysis technique languages.
MANET is a kind of Ad Hoc network with mobile, wireless nodes. Because of its special characteristics like
dynamic topology, hop-by-hop communications and easy and quick setup, MANET faced lots of challenges
allegorically routing, security and clustering. The security challenges arise due to MANET’s selfconfiguration
and self-maintenance capabilities. In this paper, we present an elaborate view of issues in
MANET security. Based on MANET’s special characteristics, we define three security parameters for
MANET. In addition we divided MANET security into two different aspects and discussed each one in
details. A comprehensive analysis in security aspects of MANET and defeating approaches is presented. In
addition, defeating approaches against attacks have been evaluated in some important metrics. After
analyses and evaluations, future scopes of work have been presented.
This document discusses the need for adaptive and dynamic software development that can adjust to changing runtime environments and fault conditions. It argues that traditional static approaches to fault tolerance, like using fixed levels of redundancy, are inadequate as the threat environment may vary. The document then introduces an adaptive data integrity tool that allows the level of redundancy to change dynamically based on faults detected at runtime. This provides an example of the new approach called for, termed "New Software Development," that is more adaptive, maintainable and reconfigurable like New Product Development concepts.
A REVIEW: TRUST, ATTACKS AND SECURITY CHALLENGES IN MANETieijjournal
Mobile Ad-hoc Networks or MANETs are mostly found in situations where any fixed facilities are just not available. MANET provides some fundamental responsibilities such as routing, packet forwarding communication and network management etc over self structured network. This specially affects the energy, bandwidth and memory computation requirements. Providing trust in MANET is an additional
critical task because of lack of centralized infrastructure. Since during the deployment of MANET nodes that are fresh continue returning and aged ones go from the cluster/network, there is demand for maintaining the record also to provide appropriate certification for the arriving node(s) that are fresh as well as the present node(s) in the network. But due to various types of intrusion threats and attacks it is hard to fully scrutinize any new node so as to allow only safe nodes to get connected with the existing safe system. In a cluster of large size these trusted node(s) will likely be communicating together, all the while
allowing or disallowing entry/communication of the compromised node(s) or trusted model to continue to
maintain a stable, secured, trustworthy group of movable nodes. All the reported techniques have been systematically categorized and their strong and weak points have been discussed.
EXPOSURE AND AVOIDANCE MECHANISM OF BLACK HOLE AND JAMMING ATTACK IN MOBILE A...ijcseit
Mobile ad hoc network (MANETs) is an infrastructure-less/self-configurable system in which every node
carries on as host or router and every node can participate in the transmission of packets. Because of its
dynamic behaviour such system is more susceptible against various sorts of security threats, for example,
Black hole, Wormhole , Jamming , Sybil, Byzantine attack and so on which may block the transmission of
the system. Black hole attack and Jamming attack is one of them which promote itself has shortest or new
fresh route to the destination while jamming attack which make activity over the system. This paper
introduces the thorough literature study for the Black hole attack and jamming attack of both the attack by
various researchers.
This document proposes an architectural model for ensuring reliability, availability, safety and security in large scale distributed systems. The model includes components for failure detection, security decision making, and dynamic adaptation. It aims to provide fault prevention, removal, tolerance and forecasting. The core allows modularity and integration with grid technologies. It uses both replication and survivability mechanisms to ensure functions continue in the face of faults or attacks. The goal is a unified approach to dependability that can scale to large, complex distributed systems.
This short document promotes taking action to dominate affiliate sales through Clickbank by providing a link to more information. It emphasizes the importance of taking action to succeed with Clickbank affiliate marketing and drives the reader to the provided link for next steps. Overall, it encourages immediate action to learn more about using Clickbank for affiliate sales.
Defensa Centralizada contra amenazas multi-vector - Configuración de un centr...Eventos Creativos
Charla impartida por Dragos Lungu de BitDefender, en el evento "Asegura IT Camp2" que tuvo lugar los días 22, 23 y 24 de Octubre de 2010 en El Escorial.
The document summarizes that TBD Enterprises is committed to being a partner to customers and helping them succeed by providing the highest quality and cost-effective automation solutions and services. It presents TBD as offering complete solutions for robotic and non-robotic automation needs across various industries and processes, as well as related services from engineering to shipping. Customers are encouraged to contact TBD to have their production processes or products reviewed for potential optimizations.
The newsletter provides the following information:
1) Susan Ardrey, a part-time reference librarian, retired in December 2009 after many years of service at Indiana University Kokomo in various roles.
2) A student donated materials from a World War II history class to the library's special collections, including books and an autobiography about the 100th Infantry Battalion.
3) The library has gained online access to over 1,100 Blackwell-published journal titles through a new agreement with Wiley InterScience.
Este documento médico proporciona información personal sobre José Francisco Javier Blanquer Gregori, incluyendo su fecha de nacimiento, lugar de nacimiento, departamento y centro de salud donde trabaja, y sus funciones como médico de atención primaria.
The document defines and provides examples for various words related to concepts like abstraction, compliance, expediting tasks, diligence, relevance, dissent, reverence, extolling, reprehensible actions, advocacy, pragmatism, endorsement, redundancy, conspicuousness, incessance, rigor, scrutiny, and discord.
This document outlines the author Elly Sawicky's history including their hometown of Mission Viejo, California, travels to San Francisco, Kauai, Victoria, Lake Dillon and the Grand Canyon, their family consisting of their mother Kathy, father Richard, sister Hannah and brother Luke, education at Capistrano Valley High School and Saddleback College, job as a shift supervisor at Starbucks, and favorite things such as their dogs, being in the sun, the beach, hot chocolate, and Italian food.
This document proposes a responsibility modeling language (ReMoLa) to align access rights with business process requirements. ReMoLa is a responsibility-centered meta-model that integrates concepts from the business and technical layers, with the concept of employee responsibility bridging the two. It incorporates four types of obligations from the COBIT framework to refine employee responsibilities and better assign access rights. ReMoLa maps responsibilities to roles in the RBAC model to leverage its advantages for access right management while ensuring responsibilities align with business tasks and employee commitment.
http://www.SmartSimpleMarketing.com Sydni Craig-Hart from Smart Simple Marketing breaks down what branding really means, what it has to do with you and how to create a compelling brand that is clear, irresistible and client attractive.
If you’re having trouble finding the time and energy to market your business, it may be your habits are to blame! You can’t grow your business if you aren’t marketing consistently and putting yourself in front of people who are already looking for your solutions. And you can’t market consistently if you have poor time management and productivity habits. What you CAN do is make simple shifts in your mindset to break through these challenges and make progress in reaching your goals. In this week’s podcast, I share some simple ways you can change your habits to find more time for marketing.
Presentación correspondiente a las charlas: Windows 8: Arquitectura y seguridad y Desarrollo de aplicaciones seguras en Windows 8 estilo Metro, impartidas en el curso de Especialización en Dispositivos Móviles que tuvo lugar en la Facultad de Informática de la Universidad de A Coruña del 20 al 22 de junio de 2012.
The document lists various automobile models from 1900 to 1937, including brands such as Berliet, National, Cadillac, Ford, Packard, Rolls Royce, Locomobile, Simplex Crane, Isotta Fraschini, Minerva, McFarlan, Bentley, Stutz, Duesenberg, Cord, Willys-Knight, Mercedes Benz, Chrysler, Ford, Lagonda, and others. The models range from touring cars, roadsters, sedans, limousines, and convertibles. The listing includes both vintage and classic automobiles from early in the 20th century.
A multi agent based decision mechanism for incident reaction in telecommunica...christophefeltus
The document proposes a multi-agent based decision system for responding to incidents in telecommunications networks. It describes a three-layer distributed architecture with low, intermediate, and high levels to coordinate incident response. The low level interfaces with the network, the intermediate level correlates alerts and deploys response actions, and the high level has a global view for decision making. The architecture uses multi-agent systems for autonomous response capabilities. It also incorporates an OntoBayes model to help agents make decisions based on preferences, ontology, Bayesian networks, and influence diagrams. The approach was tested for data access control and aims to enable timely, adaptive incident response across complex, distributed infrastructure.
Multi agents based architecture for is security incident reactionchristophefeltus
This document proposes a multi-agent architecture for responding to security incidents in information systems. The architecture has three layers: a low level that interfaces with the targeted infrastructure, an intermediate level that correlates alerts and deploys response actions using multi-agent systems, and a high level that provides supervision and manages business policies. The architecture was designed based on requirements like scalability, availability, autonomy, and global supervision. It aims to quickly and efficiently respond to attacks while ensuring responses do not violate business policies. The document then discusses using a multi-agent system with JADE to represent nodes in the architecture and facilitate communication and coordination between components for selecting and deploying response policies.
The document proposes a conceptual trusted incident reaction architecture based on a multi-agent system. The architecture includes three main components: (1) an alert correlation engine that collects and analyzes alerts, (2) a policy instantiation engine that decides on and defines reactions to confirmed alerts, and (3) a policy deployment point that deploys new policies on targeted networks. A decision support system is included to help agents make decisions under uncertainty using an ontology, Bayesian networks, and influence diagrams. The architecture is illustrated using a case study of a medical application network.
This document proposes a context-aware solution for dynamically assigning responsibilities and access rights to agents in a critical infrastructure security architecture during a crisis. It introduces the concept of agent responsibility, which is assigned based on the crisis type and severity. Responsibilities define an agent's obligations and accountabilities for tasks, as well as the necessary rights and capabilities. The architecture enhances an existing multi-agent reaction system called ReD by integrating a mechanism for dynamically changing responsibility assignments according to the crisis context, and granting access rights based on the agents' responsibilities. This allows the architecture to quickly adapt its response by reallocating functions when agents are compromised during an attack.
This document discusses improving the security of a health care information system. It begins by describing vulnerabilities in software applications and how connected systems can be exploited. The document then proposes a 3-tier architecture with encryption and file replication to strengthen security. Database backups and regular vulnerability checks are also recommended to defend the system from attacks and allow recovery of data. The goal is to develop a secure electronic health records system that protects sensitive patient information.
In what ways do you think the Elaboration Likelihood Model applies.docxjaggernaoma
This document summarizes common vulnerabilities observed in critical infrastructure control systems based on vulnerability assessments conducted by Sandia National Laboratories. It finds that most vulnerabilities stem from a lack of proper security administration, including failing to define security classifications for system data, establish security perimeters, implement defense-in-depth protections, and restrict access based on operational needs. Many vulnerabilities result from deficient or nonexistent security governance, budget constraints, personnel attrition, and a lack of security training for automation administrators. Comprehensive mitigation requires improved security awareness, strong governance, and configuration of technology to remedy vulnerabilities.
Blueprint for Cyber Security Zone ModelingITIIIndustries
The increasing need to implement on-line services for all industries has placed greater focus upon the security controls deployed to protect the corporate network. The demand for cyber security is further required when IT solutions are built to operate in the cloud. As more business activities are migrated to the on-line channel the security protection systems must cater for a variety of applications. This includes access for enterprise users who are mobile, working from home, or situated at business partner locations. One set of key security measures deployed to protect the enterprise perimeter include firewalls, network routers, and access gateways. In addition, a set of controls are also in place for cloud enabled IT solutions. Collectively these components make up a set of protection systems referred to as the security zones. In this paper, a security zone model that has been deployed in practice for the industry is presented. The zone model serves as a design blueprint to validate existing architectures or to assist in the design of new cyber security zone deployments.
A predictive framework for cyber security analytics using attack graphsIJCNCJournal
Security metrics serve as a powerful tool for organizations to understand the effectiveness of protecting computer networks. However majority of these measurement techniques don’t adequately help corporations to make informed risk management decisions. In this paper we present a stochastic security framework for obtaining quantitative measures of security by taking into account the dynamic attributes associated with vulnerabilities that can change over time. Our model is novel as existing research in attack graph analysis do not consider the temporal aspects associated with the vulnerabilities, such as the availability of exploits and patches which can affect the overall network security based on how the vulnerabilities are interconnected and leveraged to compromise the system. In order to have a more realistic representation of how the security state of the network would vary over time, a nonhomogeneous model is developed which incorporates a time dependent covariate, namely the vulnerability age. The daily transition-probability matrices are estimated using Frei's Vulnerability Lifecycle model. We also leverage the trusted CVSS metric domain to analyze how the total exploitability and impact measures evolve over a time period for a given network.
This document discusses information security in organizations. It covers several key topics:
- The importance of information security policies and ensuring all employees are trained on these policies.
- The benefits of network security such as controlling access, ensuring confidentiality and integrity of data.
- Common network and system security threats like eavesdropping, phishing, and denial of service attacks.
- The responsibilities of database administrators to securely manage and protect organizational data.
This document discusses information security in organizations. It covers several key topics:
- The importance of information security and how it protects organizations' data, systems, and value.
- The need for organizations to have security policies and provide training to ensure all personnel understand and follow security protocols.
- Various types of network and system security threats like viruses, worms, and denial of service attacks that organizations need protections from.
- The roles and responsibilities of security positions like database administrators to properly manage and secure organizations' critical data and systems.
Essay QuestionsAnswer all questions below in a single document, pr.docxjenkinsmandie
Essay Questions
Answer all questions below in a single document, preferably below the corresponding topic.
Responses should be no longer than half a page.
One
1. A security program should address issues from a strategic, tactical, and operational view. The
security program should be integrated at every level of the enterprise’s architecture. List a
security program in each level and provide a list of security activities or controls applied in these
levels. Support your list with real-world application data.
2. The objectives of security are to provide availability, integrity, and confidentiality protection to
data and resources. List examples of these security states where an asset could lose these
security states when attacked, compromised, or became vulnerable. Your examples could
include fictitious assets that have undergone some changes.
3. Risk assessment can be completed in a qualitative or quantitative manner. Explain each risk
assessment methodology and provide an example of each.
Two
1. Access controls are security features that are usually considered the first line of defense in
asset protection. They are used to dictate how subjects access objects, and their main goal is to
protect the objects from unauthorized access.
These controls can be administrative, physical, or technical in nature and should be applied in a
layered approach, ensuring that an intruder would have to compromise more than one
countermeasure to access critical assets. Explain each of these controls of administrative,
physical, and technical with examples of real-world applications.
2. Access control defines how users should be identified, authenticated, and authorized. These
issues are carried out differently in different access control models and technologies, and it is up
to the organization to determine which best fits its business and security needs. Explain each of
these access control models with examples of real-world applications.
3. The architecture of a computer system is very important and comprises many topics. The
system has to ensure that memory is properly segregated and protected, ensure that only
authorized subjects access objects, ensure that untrusted processes cannot perform activities
that would put other processes at risk, control the flow of information, and define a domain of
resources for each subject. It also must ensure that if the computer experiences any type of
disruption, it will not result in an insecure state. Many of these issues are dealt with in the
system’s security policy, and the security model is built to support the requirements of this
policy. Given these definitions, provide an example where you could better design computer
architecture to secure the computer system with real-world applications. You may use fictitious
examples to support your argument.
Three
1. Our distributed environments have put much more responsibility on the individual user, facility
management, and administrative procedures and controls than in th.
Privacy Protection in Distributed Industrial Systemiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
This document summarizes a research paper about ensuring privacy protection in distributed industrial systems. It begins with an abstract that discusses how traditional cybersecurity approaches may not be effective for industrial networks due to their unique characteristics. It then provides background on industrial automation control systems and typical network configurations. The main goal of the paper is to assess the current security situation for most industrial distributed systems and discuss key elements like system characteristics, standardization efforts, and effective security controls.
This document discusses the potential for using intelligent agent technology for network control and management. It notes that as networks become more complex and diverse, distributed autonomous control will become more necessary. Agent technology is proposed as a way to achieve more effective, robust and autonomous network control. The document provides an overview of current network trends driving interest in agent solutions and highlights some key areas like multi-provider environments, resource management and communications integration that could benefit from agent-based approaches.
RESILIENT VOTING MECHANISMS FOR MISSION SURVIVABILITY IN CYBERSPACE: COMBININ...IJNSA Journal
While information systems became ever more complex and the interdependence of these systems increased, mission-critical services should be survivable even in the presence of cyber attacks or internal failures. Node replication can be used to protect a mission-critical system against faults that may occur
naturally or be caused by malicious attackers. The overall reliability increases by the number of replicas. However, when the replicas are a perfect copy of each other, a successful attack or failure in any node can be instantaneously repeated in all the other nodes. Eventually, the service of those nodes will
discontinue, which may affect the system’s mission. Therefore, it becomes evident that there must be more survivable approach with diversity among the replicas in mission-critical systems. In particular, this research investigates the best binary voting mechanism among replicas. Furthermore, with experimental
results, we compare the simple majority mechanism with hierarchical decision process and discuss their trade-offs.
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENTEditor IJCATR
The network level access control policy is based on policy rule. The policy rule is a basic
building of a policy based system. Each policy contains set of conditions and actions. Here conditions
are evaluated to determine whether the actions are performed. The existing work is based on packet
filtering scenario. Here every policy can be translated into canonical form. That uses the “First
Matching Rule” resolution strategy. The access control matrix is proposed to translate the policy. The
Generalized Aryabhata Reminder Theorem (GART) is used for to construct the access control matrix.
In this access control matrix rows represent users and columns represent files. In which each user is
associated with key and each digital file is associated with lock.
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...IJNSA Journal
The document proposes a defensive cross-layer architecture for MANETs to identify and correct misbehavior in routing. The architecture has four levels: 1) Network topological level outlines basic node connections; 2) Routing level applies security to routing protocols and individual nodes, using a new Time On Demand Distance Vector (TODV) routing; 3) Detection level encrypts packets and uses acknowledgements to detect tampering; 4) Correction level calculates packet loss ratios to identify alternative routes when attacks are detected. The architecture aims to provide end-to-end security across three layers while maintaining network performance.
This research proposal aims to develop autonomous post-intrusion network isolation systems using neural networks, rule-sets, and mathematical models. The research has four main goals: 1) investigate techniques to prevent comprehensive network infiltration if a system is compromised, 2) investigate proactive user auditing to mitigate fraud risk, 3) provide a model for network forensics after an intrusion, and 4) demonstrate a practical implementation. The methodology will include a literature review, mathematical modeling, analyzing isolation scenarios, and developing software. The research will be conducted over three semesters, with deliverables including a literature review, network isolation process, prototype architecture in the first semester, software development in the second, and testing/refinement in the
Intrusion detection system for imbalance ratio class using weighted XGBoost c...TELKOMNIKA JOURNAL
This document summarizes a study that proposed an intrusion detection system to address the issue of imbalanced data ratios in classification models. The study used the XGBoost classifier with a weighted approach based on the imbalance ratio of each class to improve detection performance for minority and infrequent attack types in network traffic data. The proposed system was evaluated on the BotIoT dataset and showed improved detection rates compared to other methods, particularly for underrepresented attack classes. Experimental results demonstrated that the weighted XGBoost approach effectively handled class imbalance issues.
Similar to A security decision reaction architecture for heterogeneous distributed network (20)
Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end monitoring interface tends to constitute the real specificity of the solution. These interfaces are recurrently structured around three dimensions: access to informed knowledge, agent’s behavioural rules, and restitution of real-time states of specific system sector. In this paper, we propose prototyping a sector-agnostic MAS platform (Smart-X) which gathers in an integrated and independent platform all the functionalities required to monitor and to govern a wide range of sector specific environments. For illustration and validation purposes, the use of Smart-X is introduced and explained with a smart-mobility case study.
This document provides an agenda and overview for a joint workshop on security modeling hosted by the ArchiMate Forum and Security Forum. The workshop aims to identify opportunities to improve the conceptual and visual modeling of enterprise information security using TOGAF and ArchiMate. The agenda includes introductions, a research spotlight on strengthening role-based access control with responsibility modeling, an open discussion on complementing TOGAF and ArchiMate with enhanced security modeling, and identifying next steps. The workshop purpose is to enable better security architecture decisions and drive usage of TOGAF and ArchiMate for security architecture.
Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended case study at the Hospital Center in Luxembourg.
This document proposes an innovative systemic approach to risk management across interconnected sectors. It suggests using enterprise architecture models to manage cross-sector risks in Luxembourg's complex ICT ecosystem. The approach would provide regulators an overview of all players and systems, as well as models of different sectors to analyze collected data and risks at a national level, fostering accurate and reactive risk mitigation across economic domains.
This document proposes extending the HL7 standard with a responsibility perspective to better manage access rights to patient health records. It presents the ReMMo responsibility metamodel, which defines actors' responsibilities and associated access rights. The paper aims to align ReMMo with the HL7-based eSanté healthcare platform model in Luxembourg to semantically enhance access controls based on users' real responsibilities rather than just roles. It will first map concepts between the two models, then evaluate the alignment through a prototype applying inference rules.
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.
This document proposes an innovative approach called SIM (Secure Identity Management) that aims to make access management policies closer aligned with business objectives. It does this in two ways:
1) By focusing the policy engineering process on business goals and responsibilities defined in processes, using concepts from the ISO/IEC 15504 standard. This links capabilities and accountabilities to process outcomes and work products.
2) By defining a multi-agent system architecture to automate the deployment of policies across heterogeneous IT components and devices. The agents provide autonomy and ability to adapt rapidly according to context.
The approach was prototyped using open source components and aims to improve how access rights are defined according to business needs and deployed across an organization
This document proposes a methodological approach for specifying services and analyzing service compliance considering the responsibility dimension of stakeholders. The approach includes a product model and process model. The product model has three layers: an informational layer describing service context and concepts, an organizational layer describing business rules and roles, and a responsibility dimension layer linking the two. The process model outlines steps for service architects to identify context, define concepts and rules, specify services, and analyze compliance. The approach is illustrated with an example of managing access rights for sensitive healthcare data exchange between organizations.
This document discusses integrating responsibility aspects into service engineering for e-government. It proposes a multi-layered approach including an ontological layer defining legal concepts, an organizational layer describing roles and stakeholders, an informational layer representing data structures and integrity constraints, and a technical layer representing IT components. A responsibility meta-model is also introduced to align responsibilities across these layers and facilitate interoperability between services that share data. The approach aims to ensure service compliance and manage risks associated with e-government services.
1) The document proposes a dynamic approach for assigning functions and responsibilities to agents in a multi-agent system for critical infrastructure management.
2) The approach uses an agent's reputation, which is based on past performance, to determine which agents receive which responsibilities as crisis situations change over time.
3) Assigning responsibilities dynamically based on reputation allows the system to continue operating effectively if an agent becomes isolated or has reduced capabilities during a crisis.
The document describes the NOEMI assessment methodology, which was developed as part of a research project to help very small enterprises (VSEs) improve their IT practices. The methodology aims to assess VSEs' IT capabilities in order to facilitate collaborative IT management across organizations. It was designed to be aligned with common IT standards like ISO/IEC 15504 and ITIL, but adapted specifically for VSEs. The methodology has been tested through several case studies with VSEs in Luxembourg, with promising results.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It summarizes key access control models and discusses how they address concepts like capability, accountability, and commitment. The document also reviews engineering methods and how they incorporate responsibility considerations. The overall goal is to orient further research towards a new policy model and engineering method that more fully addresses stakeholder responsibility.
This document proposes an extension of the ArchiMate enterprise architecture framework to model multi-agent systems for critical infrastructure governance. The authors develop a responsibility-driven policy concept and metamodel layers to represent agent behavior and organizational policies across technical, application, and organizational layers. The approach is illustrated through a case study of a financial transaction processing system.
This document summarizes an experimental prototype of the OpenSST protocol for secured electronic transactions. OpenSST was developed to achieve high security, simplicity in software engineering, and compatibility with existing standards. The prototype uses OpenSST for the authorization portion of electronic payments in an e-business clearing solution. It describes the OpenSST message format and types, and discusses how OpenSST is implemented in the prototype's three-element architecture of an OpenSST proxy, reverse proxy, and server.
This document proposes an automatic reaction strategy for critical infrastructure SCADA systems. It defines a three-layer metamodel for modeling SCADA components and two types of policies (cognitive and permissive) that govern component behavior. It then presents a two-phase method for identifying these policies from the SCADA architecture and formalizing them to support an automatic reaction strategy. This strategy is modeled as an integral part of the SCADA architecture using the defined metamodel and policy identification method. It includes organizational and application layers with main actors, strategies, and components that realize the reaction policies based on expected automation levels.
This document discusses the NOEMI model, a collaborative management model for ICT processes in SMEs. The model was developed by the Centre Henri Tudor and tested with a cluster of 8 partner SMEs. Key aspects of the model include defining ICT activities across 5 domains, assessing each SME's capabilities, and having an operational team manage activities for the cluster under a coordination committee. The experiment showed improved cost control, management, and partner satisfaction compared to alternatives like outsourcing or hiring individual IT staff. The research is now ready for market transfer as the successful model is adopted long-term by participating SMEs.
This document proposes a methodology for aligning business and IT policies using a responsibility model. The methodology is a five-step approach consisting of collecting information, defining capabilities, accountabilities and commitments, linking responsibilities to processes, validating the model, and defining policies. It is illustrated with a case study from an IT company where they define an access control policy using this methodology and responsibility model. The responsibility model defines three components - capabilities, accountabilities, and commitments - to clarify roles and responsibilities for policy definition.
More from Luxembourg Institute of Science and Technology (20)
Collaborative Team Recommendation for Skilled Users: Objectives, Techniques, ...Hossein Fani
Collaborative team recommendation involves selecting users with certain skills to form a team who will, more likely than not, accomplish a complex task successfully. To automate the traditionally tedious and error-prone manual process of team formation, researchers from several scientific spheres have proposed methods to tackle the problem. In this tutorial, while providing a taxonomy of team recommendation works based on their algorithmic approaches to model skilled users in collaborative teams, we perform a comprehensive and hands-on study of the graph-based approaches that comprise the mainstream in this field, then cover the neural team recommenders as the cutting-edge class of approaches. Further, we provide unifying definitions, formulations, and evaluation schema. Last, we introduce details of training strategies, benchmarking datasets, and open-source tools, along with directions for future works.
Testing the Son of God Hypothesis (Jesus Christ)Robert Luk
Instead of answering the God hypothesis, we investigate the Son of God hypothesis. We developed our own methodology to deal with existential statements instead of universal statements unlike science. We discuss the existence of the supernaturals and found that there are strong evidence for it. Given that supernatural exists, we report on miracles investigated in the past related to the Son of God. A Bayesian methodology is used to calculate the combined degree of belief of the Son of God Hypothesis. We also report the testing of occurrences of words/numbers in the Bible to suggest the likelihood of some special numbers occurring, supporting the Son of God Hypothesis. We also have a table showing the past occurrences of miracles in hundred year periods for about 1000 years. Miracles that we have looked at include Shroud of Turin, Eucharistic Miracles, Marian Apparitions, Incorruptible Corpses, etc.
TOPIC: INTRODUCTION TO FORENSIC SCIENCE.pptximansiipandeyy
This presentation, "Introduction to Forensic Science," offers a basic understanding of forensic science, including its history, why it's needed, and its main goals. It covers how forensic science helps solve crimes and its importance in the justice system. By the end, you'll have a clear idea of what forensic science is and why it's essential.
ScieNCE grade 08 Lesson 1 and 2 NLC.pptxJoanaBanasen1
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it................
just download it..............
Deploying DAPHNE Computational Intelligence on EuroHPC Vega for Benchmarking ...University of Maribor
Slides from talk:
Aleš Zamuda, Mark Dokter:
Deploying DAPHNE Computational Intelligence on EuroHPC Vega for Benchmarking Randomised Optimisation Algorithms.
2024 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom), 9--11 July 2024, Graz, Austria
https://www.cobcom.tugraz.at/
Transmission Spectroscopy of the Habitable Zone Exoplanet LHS 1140 b with JWS...Sérgio Sacani
LHS 1140 b is the second-closest temperate transiting planet to the Earth with an equilibrium temperature low enough to support surface liquid water. At 1.730±0.025 R⊕, LHS 1140 b falls within
the radius valley separating H2-rich mini-Neptunes from rocky super-Earths. Recent mass and radius
revisions indicate a bulk density significantly lower than expected for an Earth-like rocky interior,
suggesting that LHS 1140 b could either be a mini-Neptune with a small envelope of hydrogen (∼0.1%
by mass) or a water world (9–19% water by mass). Atmospheric characterization through transmission
spectroscopy can readily discern between these two scenarios. Here, we present two JWST/NIRISS
transit observations of LHS 1140 b, one of which captures a serendipitous transit of LHS 1140 c. The
combined transmission spectrum of LHS 1140 b shows a telltale spectral signature of unocculted faculae (5.8 σ), covering ∼20% of the visible stellar surface. Besides faculae, our spectral retrieval analysis
reveals tentative evidence of residual spectral features, best-fit by Rayleigh scattering from an N2-
dominated atmosphere (2.3 σ), irrespective of the consideration of atmospheric hazes. We also show
through Global Climate Models (GCM) that H2-rich atmospheres of various compositions (100×, 300×,
1000×solar metallicity) are ruled out to >10 σ. The GCM calculations predict that water clouds form
below the transit photosphere, limiting their impact on transmission data. Our observations suggest
that LHS 1140 b is either airless or, more likely, surrounded by an atmosphere with a high mean molecular weight. Our tentative evidence of an N2-rich atmosphere provides strong motivation for future
transmission spectroscopy observations of LHS 1140 b.
Hydrogen sulfide and metal-enriched atmosphere for a Jupiter-mass exoplanetSérgio Sacani
We observed two transits of HD 189733b in JWST program 1633 using JWST
NIRCam grism F444W and F322W2 filters on August 25 and 29th 2022. The first
visit with F444W used SUBGRISM64 subarray lasting 7877 integrations with 4
BRIGHT1 groups per integration. Each effective integration is 2.4s for a total effective exposure time of 18780.9s and a total exposure duration of 21504.2s (∼6 hrs)
including overhead. The second visit with F322W2 used SUBGRISM64 subarray
lasting 10437 integrations with 3 BRIGHT1 groups per integration. Each effective
integration is 1.7s for a total effective exposure time of 17774.7s and a total exposure
duration of 21383.1s (∼6 hrs) including overhead. The transit duration of HD189733
b is ∼1.8 hrs and both observations had additional pre-ingress baseline relative to
post-egress baseline in anticipating the potential ramp systematics at the beginning
of the exposure from NIRCam infrared detectors.
This an presentation about electrostatic force. This topic is from class 8 Force and Pressure lesson from ncert . I think this might be helpful for you. In this presentation there are 4 content they are Introduction, types, examples and demonstration. The demonstration should be done by yourself
Keys of Identification for Indian Wood: A Seminar ReportGurjant Singh
Identifying Indian wood involves recognizing key characteristics such as grain patterns, color, texture, hardness, and specific anatomical features. These identification keys include observing the wood's pores, growth rings, and resin canals, as well as its scent and weight. Understanding these features is essential for accurate wood identification, which is crucial for various applications in carpentry, furniture making, and conservation.
Additionally, the application of Convolutional Neural Networks (CNN) in wood identification has revolutionized this field. CNNs can analyze images of wood samples to identify species with high accuracy by learning and recognizing intricate patterns and features. This technological advancement not only enhances the precision of wood identification but also accelerates the process, making it more efficient for industry professionals and researchers alike.
Keys of Identification for Indian Wood: A Seminar Report
A security decision reaction architecture for heterogeneous distributed network
1. A Security Decision-Reaction Architecture for Heterogeneous Distributed Network
Christophe Feltus
Public Research Center Henri Tudor
Luxembourg-Kirchberg, Luxembourg
PReCISE Research Centre, Faculty of Computer Science,
University of Namur, Belgium
christophe.feltus@tudor.lu
Djamel Khadraoui, Jocelyn Aubert
Centre for IT Innovation
Public Research Centre Henri Tudor
29, Avenue John F. Kennedy, L-1855 Luxemburg
djamel.khadraoui@tudor.lu, jocelyn.aubert@tudor.lu
Abstract— The main objective of this paper is to provide a
global decision-reaction architectural built on the
requirements for a reaction after alert detection mechanisms in
the frame of information systems security and more
particularly applied to telecom infrastructures security. These
infrastructures are distributed in nature, therefore the
architecture is elaborated using the multi-agents system that
provides the advantages of autonomous and interaction
facilities, and has been associated to the ontoBayes model for
decision support mechanism. This model helps agents to make
decisions according to preference values and is built upon
ontology based knowledge sharing, bayesian networks based
uncertainty management and influence diagram based decision
support. The Multi-Agent System decision-reaction
architecture is developed in a distributed perspective and is
composed of three basic layers: low level, intermediate level
and high level. The proposed approach has been illustrated
based on the network architecture for heterogeneous mobile
computing developed by the BARWAN project. Accordingly:
the Building Area constitutes the low level and aims to be the
interface between the main architecture and the targeted
infrastructure. The Campus-Area is the intermediate level
responsible of correlating the alerts coming from different
domains of the infrastructure and to smartly deploy the
reaction actions.
Keywords-security; decision system; recaction; distributed
network; bayesian network; multi agent system.
I. INTRODUCTION
Today information systems and mobile computing
networks are more widely spread and mainly heterogeneous.
This basically involves more complexity through their
opening, their interconnection, and their ability to make
decisions [1]. Consequently, this has a dramatic drawback
regarding threats that could occur on such networks via
dangerous attacks [2]. This continuously growing amount of
carry out malicious acts encompasses new and always more
sophisticated attack techniques, which are actually exposing
operators as well as the end user.
State of the art in terms of security reaction is limited to
products that detect attacks and correlate them with a
vulnerability database but none of these products are built to
ensure a proper reaction to attacks in order to avoid their
propagation and/or to help an administrator deploy the
appropriate reactions [3, 4]. In the same way, [5] says that at
the individual host-level, intrusion response often includes
security policy reconfiguration to reduce the risk of further
penetrations but doesn't propose another solution in term of
automatic response and reaction. It is the case of CISCO
based IDS material providing mechanisms to select and
implement reaction decision.
Information security management and communication
systems is actually in front of many challenges [6] due to
the fact that it is very often difficult to establish central or
local permanent decision capabilities, have the necessary
level of information, quickly collect the information, which
is critical in case of an attack on a critical system node, or
launch automated counter measures to quickly block a
detected attack.
Based on that statements, it appears crucial to elaborate a
strategy of reaction after detection against these attacks Our
previous work around that topic has provided first issues
regarding that finding and has been somewhat presented in
[6] and [7]. These papers have proposed an architecture to
highlight the concepts aiming at fulfilling the mission of
optimizing security and protection of communication and
information systems which purpose was to achieve the
following:
Reacting quickly and efficiently to any simple attack
but also to any complex and distributed ones;
Ensuring homogeneous and smart communication
system configuration, that are commonly considered
and the main sources of vulnerabilities.
One of the main aspects in the reaction strategy consists
of automating and adapting policies when an attack occurs.
In scientific literature a large number of definitions for
policy and conceptual model exist. The most famous are
Ponder [8] and Ponder2 [34], Policy Description Language
[9] and Security Policy Language [10]. For the purpose of
that paper, we prefer the one provided by Damianou et al. in
[8]: Policies are rules that govern the behavior of a system.
The provided policy adaptation is considered as a
regulation process. The main steps of the policy regulation
are described in Fig. 1, which shows the process that takes
the business rules as input, and maps them onto technical
policies. These technical policies are deployed and
instantiated on the infrastructure in order to have a new state
of temporary network security stability adapted to the
ongoing attack. This policy regulation is thereafter achieved
in modifying/adding new policy rules to reach a new
2. standing (at least up to the next network disruption) policy
based on the observation of the system’s current situation.
In this paper, we focus our work on policy deployment
and on policy modification decision-reaction challenges as
highlighted in the rounded rectangle of Fig. 1. This twofold
challenge has already been addressed by other researches
like in [11]. Torrellas explains that facilitating timely
decision-making may achieve much greater productivity
benefits by engineering network security systems using
multi-agents. In [12], Yu developed the concepts of tele-
service and proposed an implementation of an e-maintenance
platform based on a Mulit Agent System (MAS). Yu
explained how a Case-Based Reasoning [13] method may be
used to improve the autonomous decision-making ability.
Others’ works propose rather similar solutions like [14, 15]
but none are explicitly dedicated to the management of
security alerts reaction in the field of open and
heterogeneous networks. Consequently, the combination of
the reaction mechanism with the decision support system
remains, for those solutions, a poorly addressed requirement
in parallel to other more specific constraints related to the
characteristics of the context.
Figure 1. Policy regulation
To illustrate this decision mechanism, we use the results
of the BARWAN1
project. This project focused on enabling
truly useful mobile networking across an extremely wide
variety of real-world networks and mobile devices. The case
study analyzed by the project is a medical application
enabled by wide-area wireless and that exploits the Berkeley
InfoPad[35] pooled computing power to permit a small
number of workstations to support a large number of end
users. Fig.3 highlights the distribution of the application
over the buildings, the campus and the metropolitan layers.
In that paper, an architecture is proposed to adapt a reaction
once an attack occur on one of those layers. Additionally,
the architecture makes is possible to integrate internal or
external contextual information for the reaction decision
like, i.e. the usage of the application, as proposed in the case
study, during a medical rescue operation after a serious auto
accident on Golden Gate Bridge2
.
1
Bay Area Research Wireless Access Network project, conducted at the
University of California at Berkeley.
2
The complete case study is available on http://bnrg.eecs.berkeley.edu/
~randy/Daedalus/BARWAN/BARWAN_application.html
The next section introduces the MAS architecture,
section 3 exposes the decision support system as well as its
combination with the MAS, and the last section concludes
the paper.
II. MULTI AGENT SYSTEM ARCHITECTURE
MAS is composed of several agents, capable of mutual
interaction. The interaction can be in the form of message
passing or producing changes in their common environment.
Agents are pro-actively, reactively and socially autonomous
entities able to exhibit organized activity, in order to meet
their design objectives, by eventually interacting with users.
An agent is collaborative by being able to commit itself to
society or/and another agent.
An agent encapsulates a state and a behavior and
provides moreover a number of facilities such as: control of
its behavior, the ability to decide even if external events
influence its decision, the possibility to exert its control in
various manners (reactively, directed by goals, socially).
Moreover, MAS have several control flows while a system
with objects has a priori only one control flow.
The agents also have global behavior within the MAS,
such as the cooperation (agents share the same goal),
collaboration (agents share intermittently the same goal) or
competition (incompatible goals between agents).
To manage several different systems, due to their
location, their business domain or their organization type, a
distributed system is appropriate. Furthermore, a distributed
solution brings some autonomy to the managed systems.
Robustness, survivability and availability are also impacted.
The distributed architecture introduced in this paper is
composed by several components, called “operators”, which
have different responsibilities. Those operators are organized
in two dimensions, as presented in Fig. 2.
The vertical dimension, structured in layers relative to the
managed network organization, allows adding abstraction in
going upward. Indeed, the lowest layer is closed to the
managed system and thus being the interface between the
targeted network and the management system. The higher
layer exposes a global view of the whole system and is able
to take some decisions based on a more complete knowledge
of the system, business, and organization. Intermediate levels
(1 to n-1) guarantee flexibility and scalability to the
architecture in order to consider management constraints of
the targeted infrastructure. Those middleware levels are
optional but allow the system to be better adapted to the
complexity of a given organization and the size of the
information system.
The horizontal dimension, containing three basic
components, is presented in Fig. 2 and its three main phases
are described below:
1) Alert: Collect, normalize, correlate, analyze the alerts
coming from the managed networks and represent an
intrusion or an attack. If the alert is confirmed and coherent,
it is forwarded to the reaction decision component. (Alert
Correlation Engine-ACE).
2) Reaction Decision: Receive confirmed alerts for
which a reaction is expected. Considering the knowledge of:
3. policy, the systems’ organization and specified behavior,
these components decide if a reaction is needed or not and
define the reaction, if there is any. The reaction will be
modification(s), addition(s) or removal(s) of current policy
rules. (Police Instantiation Engine-PIE).
3) Reaction: Instantiation and deployment of the new
policies, on the targeted networks. The deployment (Policy
Deployment Point – PDP) and enforcement (Policy
Enforcement Point – PEP) of these new policies, lead to a
new security state of the network. The terminology in italic
used in section 4 is extracted from both: XACML [16] and
OrBAC Model [17, 18].
Figure 2. Reaction Architecture Overview
An issue is raised considering which layer is allowed to
take a decision reaction: only one layer, two, several, or all?
If more than one layer can trigger a reaction on the same
object(s), there will be a conflict issue. Thus, the system
should be able to provide mechanisms to solve conflicts
between several selected reactions. Another issue concerns
the agreement: at which level should it be asked? A solution
could be to ask at the same level (or at an upper one) that the
reaction decision is made; this should be specified by the
user. A possible solution is a distributed, vertically layered
and hierarchical architecture. The layer's number could be
adapted according to the managed systems’ organization. In
our case, three layers are sufficient (local, intermediate and
global). The reaction system is composed of three main
parts: the alert management part, the reaction part and the
police definition-deployment part. Three trees (alert, reaction
and policy) could be placed side by side, as presented in Fig.
2. These trees are alike but their operators have different
functions. The alert tree collects the alerts with the local
operators and correlate them in several steps, one step by
layer.
Fig 3. explains how the reaction architecture is mapped
onto the BARWAN network (borrowed from [33]). The
three layers are from top to bottom: The metropolitan Area,
The campus area, and the in-building network (building A
and B).
The next step of our research development is firstly the
definition of a reaction engine that encompasses both,
architecture components and the communication engine
between these components. This engine is based on a
message format and on a message exchange protocol based
on standards such as [19]. Secondly, real cases are studied in
order to experiment with the architecture and its associated
protocol.
The message format is defined in XML format and is
structured around a number of attributes that specify the
message source, the message destination and the message
type (alert, reaction, policy request, policy modification,
policy modification validation, decision and
synchronization). The protocol defines the exchange format
and the workflow of messages between the architecture
components. It encompasses a set a rules governing the
syntax, semantics, and synchronization of communication.
The technical requirements request the operator structure
must be flexible in order to be able to reorganize itself, if an
operator fails or disappears. Each operator also has to be
autonomous in order to permit reorganization. Given these
requirements, the use of a MAS appears as a solution to
provide autonomy, flexibility and decision mechanisms to
each operator that are consequently represented by agents.
As studied in the state of the art presented in [20], a set of
agents could be managed and controlled through an
organization. An organization is a set of agents playing roles,
gathered in a normative structure and expecting to achieve
some global and local objectives. Several models like the
roles model, the tasks model, the interaction model or the
norms models specify an organization.
In our context we need an interaction definition in order
to specify communication protocols between agents
representing operators. We also need roles in order to specify
which agent will have to communicate or act in order to
detect intrusions and then react. Based on this needs, the use
of an electronic institution based on agents is one of the
possibilities that we will investigate.
The main goal of the reaction policy enforcement engine is
to apply policies in terms of specific concrete rules on
“technical” devices (firewall, fileserver, and other systems
named PEP). For that, we need means to make ACE, PIE,
PDP and PEP interact and collaborate.
4. Figure 3. Mapping of the BARWAN architecture with the Multi-Agent System reaction architecture
The multi-agents systems concept already defines
architectures and models for autonomous agents’
organization and interaction. Existing platforms like JADE
(Java Agent DEvelopment Framework) [21, 22] implement
agents’ concepts as well as their ability to communicate by
exchanging messages and the reaction components
integration could be simplified. This is a solution, which will
be detailed hereafter. The Foundation for Intelligent Physical
Agents (FIPA) [23] promotes the success of emerging agent-
based applications, services and equipment. It makes
available internationally agreed specifications that maximize
interoperability across agent based applications, services and
equipment pursue this goal. This is realized through open
international collaboration of member organizations, which
are companies and universities active in the agent field.
FIPA's specifications are publicly available. They are not
technologies for specific application, but generic
technologies for different application areas, and not just
independent technologies but a set of basic technologies that
can be integrated by developers to make complex systems
with a high degree of interoperability.
The used multi-agent framework is JADE. We base
ourselves on a survey made in [24] to argue that this agent
platform responds to the expectations in terms of agents'
functionalities, security, performance, standardization, and
secure communication between agents.
Fig. 4 introduces the developed architecture. The flow is
supposed to begin with an alert detected by the IDS
positioned on the InfoPad server. This alert is send to the
BuildingA_ ACE agent. This ACE agent confirms or not the
alert to the PIE. This decision to confirm the alert is
explained in section 3. Afterwards, the PIE decides to apply
new policies or to forward the alert to an ACE from a higher
layer (upper ACE). Its PIE agent sends the policies to the
PDP agent, which decides which PEP is able to implement it
in terms of rules or script on devices (InfoPad server,
fileserver, etc.) Then, the PDP agent sends the new policy to
the InfoPad PEP agent that knows how to transform a policy
into a rule or script understandable by the InfoPad server.
On Fig. 4, dash dot lines stand for flow of messages
encompassing alert or alert confirmation. Full lines stand for
flow of messages containing policies information, and dot
lines are reserved for decision support mechanisms.
Figure 4. Multi-Agent System reaction architecture
5. A focused analysis of the PDP shows that it is composed
by several modules. For the multi-agent system point of
view, the Component Configuration Mapper results from the
interaction between the PDP agent and the Facilitator Agent
while the Policy Analysis module is realized by the PDP
agent. The Facilitator manages the network topology by
retrieving PEP agents according to their localization (devices
registered with IP address or MAC address) or according to
actions they could apply and their type (firewall, file server,
etc.). For that the Facilitator uses white pages and yellow
pages services. The JADE platform already provides
implemented facilitator and searching services. Besides, the
use of a multi-agent system as the framework provides
flexibility, openness and heterogeneity. Actually, when we
decide to add a new PEP, we just have to provide its PEP
Agent with the ability to concretely apply the policies that
will register itself through the Facilitator, which will update
the databases.
Wherever Times is specified, Times Roman or Times
New Roman may be used. If neither is available on your
word processor, please use the font closest in appearance to
Times. Avoid using bit-mapped fonts if possible. True-Type
1 or Open Type fonts are preferred. Please embed symbol
fonts, as well, for math, etc.
III. DECISION SUPPORT ARCHITECTURE
Section 2 explains the developed MAS architecture that
guarantees a telecommunication security incident reaction.
Section 3 explains the implementation of the decision
mechanism. The MAS architecture has voluntarily been
explained before the Decision Support System (DSS) part
because components of this architecture are used for the
illustration of the DSS.
One important challenge of the DSS is the management
of uncertainty. Uncertainty is defined as situation “caused by
a lack of knowledge about the environment when a gents
need to decide the truth of statement.”
Decision is a process [25] and consequently, it may be
represented using its input and its output. For the security
incident reaction, inputs of the alert sending decision
mechanism are for instance: the severity, duration and
frequency of the alerts, the contribution of the system to the
medical rescue operation (if any), or the criticality of that
rescue operation. Outputs of the process are for instance: the
escalation of the alert to upper ACE or its confirmation to the
PIE. For the clarity of the paper, some parameters from the
case study will be partially omitted.
As explained by Yang [26], the decision-making
mechanism is composed of four pillars: Ontology, Bayesian
Networks (BN), Influence Diagram (ID) and Virtual
Knowledge Community (VKC). In the framework of that
paper, the VKC will not be treated because the use of the 3
first pillars is enough to understand the decision mechanism.
The approach preferred to design the decision mechanism is
adapted from the research performed by Yang’s thesis for the
incident reaction through a MAS architecture. As a
consequence our solution differs from and completes the
Yang research since our DSS is illustrated by a real
architecture for incident reaction that is really deployed in
our research labs.
A. Ontology
Ontology is the first pillar and is defined by a formal,
explicit specification of a shared conceptualization [27].
Ontology may be categorized as domain ontology when it
concerns concepts and their relations from a same and well-
defined domain or top-level ontology when it concerns very
general domain-independent concepts. Ontology is the most
import pillar in that, it will be adapted to support the second
pillar concerning the Bayesian Network and the third pillar
concerning the Influence Diagram.
For the incident reaction system, ontology is defined
using the Web Ontology Language (OWL). Resource
Development Frameworks (RDF) syntax is the most
commonly used method to model information or meta-
concepts in OWL. It may be implemented in web resources
and is structured based on the triple (object, subject,
predicate). Fig. 5 illustrates RDF graph. Both, object and
subject are resources whereas predicate is an attribute or a
relation used to describe a resource.
Figure 5. RDF graph Figure 6. Dependency graph
In parallel to the MAS architecture developed in section
3, we need a DSS to decide the transfer of an alert from the
IDS to the BuildingA ACE3
, for the forward of that alert to
an upper ACE, and for the confirmation of the alert to the
PIE. This is formalized using OWL as explained in Fig. 7.
On that figure, ovals stand for OWL class, solid arrow lines
stand for RDF predicate, dash arrows for influence relations
and rounded rectangles for set of domain value.
Figure 7. Decision system for alert transfer using OWL
3
ACE agent in the BuildingA Local Area Network where alert is sent
6. B. OntoBayes
Ontology developed in the previous section permits to
formalize the concept encompassed in the MAS architecture
as well as their relations. However, at that the ontological
level of formalization, uncertainty challenge remains
unaddressed and decision mechanism remained needed for
the agents to take the decision.
OntoBayes is an extension of OWL with two features:
Bayesian Networks and Influence Diagram. BN address the
uncertainty and ID support the decision mechanism process.
1) Bayesian networks extension
In probabilistic, Bayes Theorem is a simple mathematical
formula used for calculating conditional probabilities [28]. It
means that the calculations of probability depend on prior
knowledge that could be considered as uncertain. I.e.: the
probability of having a high impact on the medical rescue if
we have before an alert of medium severity. This probability
is written P(alert.severity|rescue.impact).
The BNs extension of OWL introduces the parameters of
that formula by specifies the following two perspectives: a
qualitative perspective and a quantitative perspective. The
qualitative perspective specifies the random variables
explicitly as well as their dependencies and the later
associates’ quantitative information to those variables.
The specification of random variable and their
dependency is performed by introducing the new OWL
property element <owl:ObjectProperty
rdf.ID=”dependsOn”/> and could be graphical
represented as illustrated on Fig. 6.
Accordingly, the qualitative extension may be
represented by 2 Bayesian graph models (Fig. 8) extracted
from the OWL graph model from Fig. 6.
Figure 8. Bayesian graph models for alert sending and alert confirmation
processes
The ovals represent Bayesian variables and the arrows
specify their relations. The graph is to be read i.e. 1.: The
alert that is forwarded from the BuildingB ACE to the
network upper ACE has influence on the confirmation of the
alert that is send from the Campus-Area ACE to the PIE. I.e.
2.: The severity of the alert has influence on the action to
send an alert to the BuildingA ACE. The last examples may
be translated using the new OWL dependsOn element as
following :
<owl:Class rdf:ID=”alert.severity”>,
<owl:Restriction>
<owl:onProperty>
<owl:ObjectProperty red:ID=”dependsOn”/>
</owl:onProperty>
<owl:hasValue rdf:resource=”system.impact”>
</owl:Restriction>
</owl:class>
Figure 9. Dependency encoding
The quantitative extension is performed with the
association of probability table to the Bayesian variables. In
the case of the BARWAN example, the Table 1 provides de
quantitative probability P(alert.severity|rescue.impact) and is
represented on Fig. 4 by the Bayesian variables database.
TABLE I. BAYESIAN VARIABLES VALUE PROBABILITY
ProbCell. HasPParameters HasPValue
Cell_1 alert.severity=low|rescue.impact=low 0,8
Cell_2 alert.severity=medium|rescue.impact=low 0,4
Cell_3 alert.severity=high|rescue.impact=low 0,1
Cell_4 alert.severity=low|rescue.impact=medium 0,3
Cell_5 alert.severity=medium|rescue.impact=medium 0,9
Cell_6 alert.severity=high|rescue.impact=medium 0,5
Cell_7 alert.severity=low|rescue.impact=high 0,1
Cell_8 alert.severity=medium|rescue.impact=high 0,4
Cell_9 alert.severity=high|rescue.impact=high 0,7
The conditional probability from Table 1 is encoded as
follows (Fig. 10):
<owl:Class rdf:ID=”Alert”>
<CondProbDist rdf:ID=”table_1”>
<hasPCell>
<ProbC rdf:ID=”Cell_1”>
<HasPValue rdf:Iddatatype=”#float”>
>0,8</HasPValue>
<HasParameters rdf:datatype=”#string”
>alert.severity=low|rescue.impact=low>
</HasParameters>
</ProbC>
</HasPCell>
...
</CondProbDist>
</owl:Class>
Figure 10. Bayesian variables value probability encoding
2) Influence diagrams extension
IDs extension aims at representing and analyzing a
decisional model to support the decision-making process.
The review of the literature that treats ID [29,30] shows that
decision mechanisms are composed by three types of nodes:
1) Chance nodes that represent variables that are not
controled by the decision maker, 2) Decision nodes that
represent choices available for the decision maker, and 3)
Utility nodes that represent agent utility functions.
Additionally, [31] explains that three type of arcs express the
relationship between nodes: I) Information arcs
(isKnownBy) that point out the information that is necessary
for the decision maker, II) Conditional arcs (influenceOn)
that point out the probabilistic dependency on the associated
variable, and III) Functional arcs (attributeOf) that point
out variables used by utility nodes as decision criteria.
7. Figure 11. ID’s graph model of alert transfer
Based on that structure of decisional model, the alert
transfer may be represented in Fig. 11. Ovals stand for
Chance nodes, rectangles stand for Decision nodes, and
diamonds stand for Utility nodes. The information arc relates
to all information observed to make a decision and the
conditional arc relates to data issued from Chance node and
considered as evidence for the Decision nodes.
Additionally, to make a decision, the agent that takes a
decision needs to have its preferences quantified according to
a set of attributes. In [32], Butler introduces the theory of
multi-attribute utility (MAUT) to quantify a preference with
numerical value. The most important preference has the
higher value whereas the worst has the lower one. To
achieve that, the Utility node is associated with a utility table
that gathers the preferences of all decision choices. Table 2
shows these preferences for the BuildingA ACE alert
sending decision taking mechanism and is represented by the
utility database in Fig. 4.
TABLE II. UTILITY TABLE FOR IN-LAN ACE ALERT SENDING
UtilityCell. HasUParameters hasUValue
Cell_1 send(alert.BuildingA_ACE)=yes|severity.alert=low -80
Cell_2 send(alert.BuildingA_ACE)=yes|severity.alert=medium 50
Cell_3 send(alert.BuildingA_ACE)=yes|severity.alert=high 100
Cell_4 send(alert.BuildingA_ACE)=no|severity.alert=low 80
Cell_5 send(alert.BuildingA_ACE)=no|severity.alert=medium 40
Cell_6 send(alert.BuildingA_ACE)=no|severity.alert=high -100
The Fig. 13 shows the encoding of Table 2 utility table for
BuildingA_ACE alert sending :
owl:Class rdf:ID=”send(alert.BuildingA_ACE)”>
<owl:Restriction>
<owl:onProperty>
<owl:ObjectProperty rdf:ID=”attributeOf”/>
</owl:onProperty>
<owl:hasValue rdf:resource=#U
</owl:Restriction>
...
<rdfs:subClassOf>
<owl:hasValue rdf:ID=”DecisionNode”/>
</rdfs:subClassOf>
</owl:Class>
<owl:Class rdf:ID=”severity.alert”>
...
<rdfs:subClassOf>
<owl:hasValue rdf:ID=”ChanceNode”/>
</rdfs:subClassOf>
</owl:Class>
<owl:Class rdf:ID=”U1”>
<UtilityTable rdf:ID=”table_1”>
<hasUCell>
<UtilityCell rdf:ID=”cell_1”>
<hasUParameter rdf:datatype=”#string”
>send(alert.BuildingA_ACE)=yes,severity.alert=low
</hasUParameter>
<hasUValue rdf:datatype=”#float”
>-80</hasValue>
</UtilityCell>
</hasUCell>
...
<hasUCell>
<UtilityCell rdf:ID=”cell_6”>
<hasUParameter rdf:datatype=”#string”
> send(alert.BuildingA_ACE)=no,
> severity.alert=high
</hasUParameter>
<hasUValue rdf:datatype=”#float”
>-100</hasValue>
</UtilityCell>
</hasUCell>
..</UtilityTable>
</owl:Class>
Figure 12. Utility encoding
As seen in Fig. 6, a sequential path between all decisions
exists. Indeed, some decision depends on previous decisions
and as a consequence, previous decisions (decision node)
become chance nodes for next chance node. Fig. 11
illustrates that send(alert.BuildingA_ACE) is at the same
time a decision node and a Chance node that is known be the
decision node alertForward2(BuildingA_ACE,Campus-
AreaACE).
IV. CONCLUSIONS
In this paper we have presented a global and integrated
decision-reaction architecture developed for an incident
reaction system and based on a policy regulation approach
strategy. The solution is composed firstly with a MAS that
offers the advantage to react quickly and efficiently against
an attack while being adapted for heterogeneous and
distributed networks and secondly with a decision support
system that helps agents to make decisions based on utility
preference values. This is achieved by taking uncertainty into
account through Bayesian networks and influence diagram.
The architecture has been illustrated based on the
network architecture for heterogeneous mobile computing
developed by the BARWAN project. Accordingly,
contextual information has been introduced in the decision
mechanism like i.e. the criticality of the medical rescue
operations.
The decision support system has been explained for the
transfer of an alert from the alert correlation engine to the
policy instantiation engine. Other decision points exist in the
architecture. All of them could be solved using decision
support system but they are not explained in the paper.
The future works based on our achievements will be the
specification of a protocol, specification of the messages and
thus the reaction methodology service oriented based. This
protocol and methodology will be dedicated to the
architecture presented in this paper and address the
interoperability issues with regard to the policy
representation and modeling.
ACKNOWLEDGMENT
This research was funded by the National Research Fund
of Luxemburg in the context of TITAN (Trust-Assurance for
8. Critical Infrastructures in Multi-Agents Environments, FNR
CO/08/IS/21) project.
REFERENCES
[1] A. Cuevas, P. Serrano, J. I. Moreno, C. J. Bernardos, J. Jähnert, R. L.
Aguiar, V. Marques, Usability and Evaluation of a Deployed 4G
Network Prototype, Journal of Communications and Networks, Vol. 7
(2), 2008.
[2] Teo, Joseph Chee Ming; Tan, Chik How; Ng, Jim Mee, Denial-of-
service attack resilience dynamic group key agreement for
heterogeneous networks, Telecommun. Syst. 35, No. 3-4, 141-160
(2007).
[3] L. J. LaPadula. State of the Art in Anomaly Detection and Reaction
Technical Report MP 99B0000020, Mitre, July 1999.
[4] G.L.F. Santos, Z. Abdelouahab, R.A. Dias, C.F.L. Lima, E.
Nascimento , E.M. Cochra. An Automated Response Approach for
Intrusion Detection Security Enhancement, Software Engineering and
Applications, 2003.
[5] M. Petkac and L. Badger, Security agility in response to intrusion
detection in 16th Annual Conference on Computer Security
Applications (ACSAC '00), 2000.
[6] C. Feltus, D. Khadraoui, B. de Rémont and A.Rifaut, Business
Gouvernance based Policy regulation for Security Incident Response.
IEEE Global Infrastructure Symposium, 6 July 2007.
[7] Gateau, D. Khadraoui, C. Feltus, Multi-Agents System Service based
Platform in Telecommunication Security Incident Reaction, IEEE
Global Information Infrastructure Symposium, 2009.
[8] N. Damianou, N. Dulay, E. Lupu, M. Sloman , The Ponder Policy
Specification Language, Workshop on Policies for Distributed
Systems and Networks (Policy2001), HP Labs Bristol, 29-31.
Springer-Verlag.
[9] Bertino, E., Mileo, A., and Provetti, A. 2005. PDL with Preferences.
IEEE international Workshop on Policies For Distributed Systems
and Networks, Policy 2005 – Vol. 00, IEEE Computer Society,
Washington, DC, 213-222.
[10] Basile, C.; Lioy, A.; Perez, G. Martinez; C., F. J. Garcia; Skarmeta,
A. F. Gomez, POSITIF: A Policy-Based Security Management
System, Policies for Distributed Systems and Networks, 2007.
POLICY’07, pp. 280 – 280.
[11] Torrellas, G.A.S, Modelling a network security systems using multi-
agents systems engineering, IEEE International Conference on
Systems, Man and Cybernetics, 2003. Vol 5, (5-8). 2003 pp 4268 -
4273.
[12] R. Yu, B. Iung, H. Panetto, A multi-agents based E-maintenance
system with case-based reasoning decision support, Engineering
Applications of Artificial Intelligence, Vol. 16, Issue 4, June 2003,
Pages 321-333
[13] Aamodt, A., Plaza, E., 1994. Case-based reasoning: foundational
issues, methodological variations, and system approaches. AI
Communications IOS Press 7 (1), 39–59.
[14] K.-Y. Lu, C.-C. Sy, A real-time decision-making of maintenance
using fuzzy agent, Expert Systems with Applications, Volume 36,
Issue 2, Part 2, March 2009, Pages 2691-2698
[15] Carrascosa et al., 2006 C. Carrascosa, J. Bajo, V. Julian, J.M.
Corchado and V. Botti, Hybrid multi-agent architecture as a real-time
problem-solving model, Expert Systems with Applications 34 (2006),
pp. 2–17.
[16] http://xml.coverpages.org/draft-seitz-netconf-xacml-00.txt
[17] Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance
hierarchies in the Or-BAC Model ad application in a network
environment. In: Second Foundations of Computer Security
Workshop (FCS’04), Turku, Finland (2004).
[18] F. Cuppens and A. Miège, Modelling contexts in the Or-BAC model,
19th Annual Computer Security Applications Conference, Las Vegas,
December, 2003
[19] IDMEF/RFC4765, Network Working Group: Hervé Debar, France
Telecom; D. Curry, Guardian; B. Feinstein, SecureWorks, Inc.; March
2007
[20] B. Gâteau. Modélisation et Supervision d'Institutions Multi-Agents.
Ph.D. Thesis, Ecole Supérieure des Mines de Saint-Etienne, 2007.
[21] F. Bellifemine, A. Poggi, G. Rimassa. JADE - A FIPA-compliant
agent framework, CSELT internal technical report. Part of this report
has been also published in Proceedings of PAAM'99, London, April
1999, pp.97-108
[22] F. Bellifemine, G. Caire, A. Poggi, G. Rimassa, JADE - A White
Paper. Sept. 2003
[23] FIPA, http://www.fipa.org/
[24] E. Bulut, D. Khadraoui, and B. Marquet, Multi-Agent based Security
Assurance Monitoring System for Telecommunication
Infrastructures, Communication, Network, and Information Security
conference (CNIS 2007), Berkeley, California, USA, september 2007.
[25] H. D. Lasswell, The decision process; seven categories of functional
analysis, College of Business and Public Administration, University
of Maryland, 1956
[26] Y. Yang. A framework for decision support systems adapted to
uncertain knowledge, PhD. Thesis, 2007. University of Karlsruhe.
[27] R. Studer, V. R. Benjamins, and D. Fensel, Knowledge engineering:
Principles and methods, Data & knowledge engineering, 25(1-2):161-
197, 1998
[28] http://plato.stanford.edu/entries/bayes-theorem/
[29] R. A. Howard and J.E. Matheson. Influence diagrams. Decision
Analysis, 2(3):127–143, September 2005.
[30] Finn V. Jensen. Bayesian networks and decision graphs. Springer,
corr. print. edition, 2001.
[31] J.A. Tatman and R.D. Shachter. Dynamic programming and influence
diagrams. IEEE Transactions on Systems, Man, and Cybernetics,
20(2):365–379, 1990.
[32] J. Butler, D. J. Morrice, and P. W. Mullarkey. A multiple attribute
utility theory approach to ranking and selection. Management
Science, 47(6):800–816, June 2001.i
[33] Eric A. Brewer, Randy H. Katz, Elan Amir, Hari Balakrishnan, Yatin
Chawathe, Armando Fox, Steven D. Gribble, Todd Hodes, Giao
Nguyen, Venkata N. Padmanabhan, Mark Stemm, Srinivasan Seshan,
Tom Henderson, A network Architecture for Heterogeneous Mobile
Computing, IEEE Personal Communications Magazine, Oct. 1998
http://citeseer.ist.psu.edu/article/brewer98network.html
[34] Brodie, C., George, D., Karat, C., Karat, J., Lobo, J., Beigi, M.,
Wang, X., Calo, S., Verma, D., Schaeffer-Filho, A., Lupu, E., and
Sloman, M. 2008. The Coalition Policy Management Portal for Policy
Authoring, Verification, and Deployment. In Proceedings of the 2008
IEEE Workshop on Policies For Distributed Systems and Networks -
Volume 00 (June 02 - 04, 2008). POLICY. IEEE Computer Society,
Washington, DC, 247-249.
[35] Truman, T. E., Pering, T., Doering, R., and Brodersen, R. W. 1998.
The InfoPad Multimedia Terminal: A Portable Device for Wireless
Information Access. IEEE Trans. Comput. 47, 10 (Oct. 1998).