By Topic

E-Business and Information System Security, 2009. EBISS '09. International Conference on

Date 23-24 May 2009

Filter Results

Displaying Results 1 - 25 of 294
  • EBISS09 - Title page

    Page(s): i
    Save to Project icon | Request Permissions | PDF file iconPDF (28 KB)  
    Freely Available from IEEE
  • EBISS09 [Copyright notice]

    Page(s): ii
    Save to Project icon | Request Permissions | PDF file iconPDF (34 KB)  
    Freely Available from IEEE
  • EBISS09 Sponsors

    Page(s): iii
    Save to Project icon | Request Permissions | PDF file iconPDF (68 KB)  
    Freely Available from IEEE
  • EBISS09 Message from the Chair

    Page(s): iv
    Save to Project icon | Request Permissions | PDF file iconPDF (96 KB)  
    Freely Available from IEEE
  • EBISS09 Organizing Committee

    Page(s): v
    Save to Project icon | Request Permissions | PDF file iconPDF (73 KB)  
    Freely Available from IEEE
  • EBISS09 Program Committee

    Page(s): vi
    Save to Project icon | Request Permissions | PDF file iconPDF (52 KB)  
    Freely Available from IEEE
  • EBISS09 List of Papers

    Page(s): vii - xxii
    Save to Project icon | Request Permissions | PDF file iconPDF (79 KB)  
    Freely Available from IEEE
  • EBISS09 author listing

    Page(s): xxiii - xxvi
    Save to Project icon | Request Permissions | PDF file iconPDF (39 KB)  
    Freely Available from IEEE
  • A Binary Ant Algorithm for Partner Selection Problem in the Virtual Enterprise

    Page(s): 1 - 4
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (345 KB) |  | HTML iconHTML  

    The formation of a Virtual Enterprise and the selection of its partners is an important process in the lifecycle of a Virtual Enterprise. This paper employs a binary coded ant colony optimization (ACO) algorithm for the partner selection optimization. At first, an optimization model is presented, which includes the main crucial factors for partner selection, such as running cost, reaction time and failure risk. ACO is then presented for the solution. Then a typical example is used to illustrate the effectiveness of the algorithm. Simulation results demonstrate that the proposed optimization model and method provides a reference to partner selection in the practical VE operation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Chaos-Based Key Predistribution and Management Scheme in Wireless Sensor Network

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (278 KB) |  | HTML iconHTML  

    To increase the security of wireless sensor network, reduce the cost of energies and prolong the lifecycle of the system, a chaos scheme of key predistribution and management was put forward. In this scheme, the chaos over-spread character was used to enlarge the key space and increase the anti-decipher capacity. The chaos initial value sensitivity was used to spend smaller costs while greatly enhanced the security of system. The analyses show that the space of the key can be enlarged and the costs of key distribute is limited. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Comparative Study of Mobile Electronic Commerce Based on the WAP and J2ME Implementation Technology

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (241 KB) |  | HTML iconHTML  

    This paper mainly compares with the implementation technology based on the WAP and J2ME solution. It especially emphasizes the differences among the application architect, the access ability of local saving space, the design of the interface, the technology of security, etc. And the author puts forward some suggestions. The author wishes that it could bring some illumination to the development and popularization of mobile E-commerce. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Comparison Study on Interest Rate Models of SHIBOR Based on MCMC Method

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (271 KB) |  | HTML iconHTML  

    The main goal of this paper is to investigate the presence of jumps in Shanghai Inter-bank Offered Rate (SHIBOR), which is Chinese money market benchmark interest rate, and compare interest rate models of SHIBOR based on MCMC Method. Although SHIBOR has become an important interest rate, on which a lot of derivatives underlie, it is less studied. The Markov Chain Monte Carlo method is applied to analyze the interest rate models of SHIBOR, such as Vasicek model, Cox-Ingersoll-Ross model, CKLS model and CKLS jump diffusion model. The empirical results indicate that the CKLS model with generalized specification of volatility parameter is better than Cox-Ingersoll-Ross model and Vasicek model, but all these models are miss-specified. After introducing the jump factor, the model captures the jumps of 1-week SHIBOR rate well and passes the specification test. The estimates indicate the jump happens with a high probability everyday in the time period researched. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Conceptual Model of E-Commerce Sale Service for Manufacturing Industry

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (195 KB) |  | HTML iconHTML  

    The Internet has become more and more important in connecting companies and customers. In this paper, we will analyze the e-commerce in manufacturing industry as an example to form a conceptual model of e-commerce sale service. E-commerce based on Internet offers manufacturers a new way to market their products and interact with end-consumers. For the first time, manufacturers can, through the Internet, intermediate traditional players in the distribution chain and in addition to selling products, provide services to online customers. This paper analyses two aspects of B2C (business-to-consumer) e-commerce from a manufacturer's perspective. First, it presents the manufacturer's traditional value chain and how the Internet permeates its activities. With the comparison of the past, present and future manufacturer's value chain, we found the e-commerce in manufactures become a strategic tool for the future growth of a manufacturer's business. Second, we propose a conceptual model of e-commerce sale service which based on information lifecycle management (ILM) for manufacturing companies and discuss related business and management issues. The model comprise of pre-sales service (made of information, product development and offer comparison), transactions (commercial and financial), physical order fulfillment and after-sales service. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Document Watermarking Algorithm Based on Partitioned Character Image

    Page(s): 1 - 4
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (252 KB) |  | HTML iconHTML  

    A novel document watermarking algorithm for authentication, integrity and detection of tampering is proposed. In this algorithm a watermark generated from the characteristic of a binary document image is embedded into the document by modifying the flippable pixels. Experiment show that the watermarked document image has good visual quality and the embedded watermark can be extracted without the original image. This algorithm is sensitive to the content tamper, such as adding, deleting and supplanting and the tamper can be located successfully with the help of a few registration marks. It is also robust to the WINRAR compress attack. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Fragile Digital Watermark Used to Verify the Integrity of Vector Map

    Page(s): 1 - 4
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (222 KB) |  | HTML iconHTML  

    The methods of integrity authentication for vector maps were described at fist, then digital watermarking for vector data was introduced. Finally, a fragile watermark algorithm for vector maps was proposed, which was based on that the vector map was divided into a series of blocks, and watermark information was embedded in these blocks. The extraction procedure not only verifies the integrity of the watermarked vector map, but also locates modification. The watermarked vector map can be used for its data is modified slightly, and the original vector map can be restored by extraction procedure for special application. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Framework for Investigating the Impact of IT and E-Commerce Capability on Firm Performance: A Resource-Based View

    Page(s): 1 - 4
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (195 KB) |  | HTML iconHTML  

    In recent rapidly changing competitive environment, electric commerce plays an important role on value chain. Many firms invest IT to ensure their success on e-commerce. However, how affect the firm performance when using information systems in supporting organizational e-commerce activities is still a question. The purpose of the research is to explore how the IT infrastructure and e-commerce capability affect firm performance. The paper proposes a research framework to analyse the relationship among IT infrastructure, e-commerce capability and firm performance based resource-based view. At last, the paper points out some research suggestions for the future study related to the e-commerce capability and business value research. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Fuzzy Identity Based Signature Scheme

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (144 KB) |  | HTML iconHTML  

    In this paper, we introduce a new type of identity based signature (IBS) scheme that we call fuzzy identity based signature (FIBS). In a FIBS scheme, user's identity are viewed as set of descriptive attributes. A user can use attributes omega to verify a signature signed with the attributes omega' if and only if omega and omega' are within a certain distance of each other as judged by some metric. We present a FIBS scheme from bilinear pairings. The proposed FIBS scheme is both error-tolerant and secure against collusion attacks. We also prove that the proposed FIBS scheme is existentially unforgeable under a chosen message attack and selective fuzzy identity attack in the random oracle model, given that the (k + 1)-EP problem (where k = 2) is hard. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Heuristic Scheduling Algorithm for Computing of Power Grid

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (232 KB) |  | HTML iconHTML  

    Task scheduling is an important issue in Power Grid. In Power Grid, Power system Computing applications are always broken down into several sub-tasks depending on each other, which can be represented as a DAG. Those sub-tasks often require specific grid resources and the computational capabilities of these resources may be different. So if we want to take advantage of Power Grid, an efficient scheduling algorithm is necessary to assign sub-tasks to the appropriate resources. In this paper, we present a heuristic scheduling algorithm that is based on the characteristic of the computing of Power Grid. This algorithm firstly constructs a Main Sequence based on Critical Path Task, then, according to the defined priority, assigns the tasks in the Main Sequence to the appropriate resources. Experiments were conducted to evaluate the performance of the algorithm. It showed that this algorithm is superior to other heuristics. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A History-Based Constraint for Separation-of-Duty Policy in Role Based Access Control Model

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (290 KB) |  | HTML iconHTML  

    Separation-of-duty (SoD) is widely considered to be a fundamental principle in computer security. Role-based access control (RBAC) is today's dominant access control model, and supporting SoD policy is widely regarded as one of RBAC's main strengths. In this paper, we show that checking whether a RBAC state satisfies a given static SoD (SSoD) policy is a coNP-complete problem, and using statically mutually exclusive roles (SMER) to enforce SSoD is usually computationally expensive, while enforcing SSoD policies by a history-based constraint is practicable. Our approach is focused on high-level SSoD policy, and the key idea is to record each permission access request, this history is maintained and processed by two different mechanisms based on two cases, one case is n=2 or m=n, the other case is 2<n<m, The history-based constraint consists of the two cases addresses the goal of the high- level SSoD policy in RBAC model. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Hybrid Detection Approach for Zero-Day Polymorphic Shellcodes

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (253 KB) |  | HTML iconHTML  

    Zero-day shellcodes has become a major threat to the Internet with complex obfuscation techniques. However, even the state-of-the-art NIDS has small chances of detecting them because they rely on known signatures. This paper presents hybrid detection for zero-day polymorphic shellcodes (HDPS) against shellcodes using various obfuscations. Our approach employs a heuristic approach to detect return address and filter mass innocent network flows, and then constructs a Markov model to detect the existence and location of executable codes in suspicious flows. Finally, it applies an elaborate approach to detect NOP Sleds in the executable codes. Initial experiments show HDPS detects nearly all types of shellcodes, and the false positive rate approximates zero with low overhead. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Load Balancing Schedule Strategy of Web Server Cluster

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (274 KB) |  | HTML iconHTML  

    The paper raises a load schedule strategy of web server cluster, which comprehensively applies the multistage fuzzy system and the technique of artificial neural network to carry on fuzzy prediction for the user request of response delay, as considering prefix caching and patch prefetching technology of the Web node server, raises the load schedule algorithm based on the threshold value of response delay and request at the node server, and takes the simulated test to it. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Model of Evaluating E-Government Service Capability Based on Fuzzy Linguistic Approach

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (196 KB) |  | HTML iconHTML  

    One of the main goals of e-government is increasing government service capability (GSC). GSC evaluation is a required work with strategic significance. The objective of this study is to investigate a fuzzy multiple attributes decision-making model for evaluating GSC. A framework for evaluating GSC is presented, which includes two parts, one is an evaluation hierarchy with attributes, the other a judgment matrix model with two dimensions to identify the evaluation results of GSC. A fuzzy linguistic approach is proposed to evaluate the GSC of e-governments. The evaluation results of GSC obtained through the proposed approach are objective and unbiased. Through evaluation result of GSC, managers could judge the necessity to improve the GSC and determine which dimension of GSC is the most needed direction to improve. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Modification on Public Key Infrastructure Application

    Page(s): 1 - 4
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (441 KB) |  | HTML iconHTML  

    This paper describes a modification on public key infrastructure (PKI) application which aims to answer these questions that how to solve the compatible problem between the standard operation and special operation. It illustrates the modification by presenting operation rules system for a variety of personal special application.The modification is a new approach that we refer to as operation rules system with verifiable operation rules. Our aim is to show the compatibility in special operation that the traditional PKI can not operate. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Multi-Level Marketing Framework for Advertising in Social Network Services

    Page(s): 1 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (324 KB) |  | HTML iconHTML  

    In recent years, the growth of social network applications has held up very well. Many socializing tools like instant messaging software and blog platform can form a social network via constantly use. This paper proposes an advertising framework on social network. The main idea of this framework is to advertise on the nickname or status space on the social applications. This framework can also reach both the pay-per-click and pay-per-impression business model. Further more, this framework wants to make the users' friends have the will to advertise on their own nickname/status spaces in the social network. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Network Monitor System Model with Performance Feedback Function

    Page(s): 1 - 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (237 KB) |  | HTML iconHTML  

    Network monitor system generally adopts packets interception, protocol analysis, address filter, and address cheat etc. to achieve its functions. These methods need extra time in the process of normal data transmission, which could affect the network performance especially under the condition of busy network and the low performance of the monitor server. The users will not accept the drawback that reinforcing monitor system of the network is sure to have a great impact on the network performance. Therefore, the author puts forward a monitor model with performance feedback function, which could evaluate the performance of the network, and meanwhile, feed back the performance parameters to the monitor system. According to the performance parameter, the monitor system adjusts monitor schemes to reduce the impact on the network so as to maintain the network performance in such a level that the users can accept. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.