By Topic

Enabling Technologies: Infrastructure for Collaborative Enterprises, 2002. WET ICE 2002. Proceedings. Eleventh IEEE International Workshops on

Date 12-12 June 2002

Filter Results

Displaying Results 1 - 25 of 32
  • Proceedings Eleventh IEEE International Workshops On Enabling Technologies: Infrastructure For Collaborative Enterprises [front matter]

    Page(s): i - vii
    Save to Project icon | Request Permissions | PDF file iconPDF (288 KB)  
    Freely Available from IEEE
  • Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Page(s): 193
    Save to Project icon | Request Permissions | PDF file iconPDF (184 KB)  
    Freely Available from IEEE
  • A framework for role-based specification and evaluation of awareness support in synchronous collaborative applications

    Page(s): 12 - 17
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (234 KB) |  | HTML iconHTML  

    The contribution of the paper is a framework for specifying and evaluating awareness-related features of synchronous collaborative computing applications. While previous work acknowledges that roles are important to understanding awareness needs, no method has yet been developed to provide a fine-grained, role-based approach to both specifying the awareness-related characteristics of collaborative computing applications and evaluating whether the application meets the awareness requirements. We have been developing a means of specifying and evaluating awareness needs in synchronous collaborative systems based on the framework presented in the paper. We feel this framework can be used by other researchers, as well, to develop methods of specifying and evaluating the ability of collaborative applications to support awareness. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Hydra: a decentralised group key management

    Page(s): 62 - 67
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (368 KB) |  | HTML iconHTML  

    Hydra is a scaleable decentralised architecture to create and distribute symmetric cryptographic keys to large multicast-based groups. The group is divided into a number of TTL-scoped regions in order to achieve flexible and efficient key management, particularly in face of group membership changes. Hydra does not employ a manager for subgroup managers, and hence, it is not vulnerable to failures of single entities. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards the standardization of collaborative learning systems

    Page(s): 182 - 187
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (246 KB) |  | HTML iconHTML  

    Many institutions, both public and private, have been working towards the definition of a common set of standards in order to improve technology-based learning environment interoperability and reusability. The first results are already available, but they are mainly devoted to the provision of learner centered and teacher centered environments, with no consideration of communication or collaboration issues. Collaborative learning standardization hasn't received much attention. Nevertheless, most learning theories highlight collaboration as a key concern, and most learning systems, mainly in Internet environments, include collaborative facilities. Our main objective is to contribute to the collaborative learning standardization process with a proposal for a service architecture to build distributed and interoperable collaborative learning facilities. This contribution is based on the definition of open software interfaces for each subsystem in the architecture. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evaluation factors for multi-stakeholder broadband visual communication projects

    Page(s): 18 - 22
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (223 KB) |  | HTML iconHTML  

    The paper presents a summary of multifaceted evaluation factors that we have identified through our research with Broadband Visual Communication (BVC) projects involving multiple stakeholders. The main benefit of these evaluation factors is that they provide a general evaluation framework for multiple stakeholder projects. The factors are social infrastructure, technical infrastructure, physical space, interaction style and content. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Maintaining remote services and resources over the Internet and other networks

    Page(s): 137 - 138
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (232 KB) |  | HTML iconHTML  

    Many organizations are discovering the need to protect themselves with isolation routers, firewalls, and other technologies. Simultaneously they are collaborating more and more with external organizations. When local services and resources must be shared externally, problems arise. Servers at remote locations can provide copies of local services and resources. Offering services and resources via remote servers means that the home organization must also control access to these services and resources. This paper defines a remote node architecture (RNA) that can house multiple services and resources. The RNA provides secure communications between the remote node and the home organization for all services and resources, and between the RNA services and resources and the users thereof. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Summary report on enterprise security workshop

    Page(s): 43 - 46
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (286 KB) |  | HTML iconHTML  

    First Page of the Article
    View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Selecting a security architecture for a new model of distributed tutorial support

    Page(s): 89 - 94
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (344 KB) |  | HTML iconHTML  

    Traditional access control models cannot effectively manage authorization for independent and geographically dispersed information. This drives the research interest in more flexible and efficient access control approaches, in particular role-based access control. This report covers both RBAC subfields - theoretical modelling and practical deployment, provides an introduction and overview of role-based access control appropriate for the emerging world of virtual organisations and remote collaboration. We take a specific application area, distributed collaborative tutoring as pioneered in the MANTCHI project, and show the merits of the RBAC architecture for meeting its security requirements. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On communication security in wireless ad-hoc sensor networks

    Page(s): 139 - 144
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (264 KB) |  | HTML iconHTML  

    Networks of wireless microsensors for monitoring physical environments have emerged as an important new application area for wireless technology. Key attributes of these new types of networked systems are the severely constrained computational and energy resources, and an ad hoc operational environment. This paper is a study of the communication security aspects of these networks. Resource limitations and specific architecture of sensor networks call for customized security mechanisms. Our approach is to classify the types of data existing in sensor networks, and identify possible communication security threats according to that classification. We propose a communication security scheme where for each type of data we define a corresponding security mechanism. By employing this multitiered security architecture where each mechanism has different resource requirements, we allow for efficient resource management, which is essential for wireless sensor networks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Characteristics of group development of diagrams

    Page(s): 29 - 34
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (252 KB) |  | HTML iconHTML  

    One contributing factor to the lack of widespread usage of software for collaborative development of diagrams is the high degree of variability in the requirements for such software. The requirements are categorized in terms of diagram characteristics and diagram creation strategies. Various measures are proposed to characterize a potential collaborative diagramming need and to compare it to potential software systems. The categories and measures are also appropriate for evaluating the match between existing software and specific requirements. They can serve to guide future collaborative diagram software development. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Preemptive distributed intrusion detection using mobile agents

    Page(s): 103 - 108
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (427 KB) |  | HTML iconHTML  

    Distributed intrusion detection systems have many advantages over their centralized counterparts such as scalability, subversion resistance, and graceful service degradation. However, an important disadvantage is their inability to block packets immediately when an intrusion is detected To tackle this problem, we propose a network-based preemptive distributed intrusion detection system using mobile agents. Packets are diverted to various types of agents strategically placed over the network. Various agents perform tasks in control, detection, policy, and blocking. Suspect packets are blocked before they reach the destination when an intrusion is detected and the policy verdicts for blockage. Ways to mitigate negative impacts of our system on network traffic and latency are discussed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards scalable authentication in health services

    Page(s): 83 - 88
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (373 KB) |  | HTML iconHTML  

    Over the last two decades, many attempts have been made to computerize the management of patient records using advanced computing and networking facilities across healthcare providers such as hospitals, clinics, and clearing agencies. In addition to this transition from a disparate and paper-based infrastructure to a consolidated and digital medium-based one, we have been confronted with privacy and security requirements since the advent of the Health Insurance Portability and Accountability Act (HIPPA). The problem we seek to address in this paper is to provide authentication of individual identity in the context of accessing critical information in Web-based e-health systems including secure transmission of data across the Internet. These problems have technical solutions that are well known, but the solutions in general are strongly biased toward a single individual interacting with a single application. In this paper, we propose a scalable token-based authentication architecture and demonstrate how we can implement this architecture using commercial-off-the-set technologies. Our approach focuses on vendor-neutral specifications. The proof-of-concept prototype has been implemented so that the pilot testing may be conducted at various sites. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Intrusion detection: systems and models

    Page(s): 115 - 133
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (386 KB) |  | HTML iconHTML  

    Organizations more often than not lack comprehensive security policies and are not adequately prepared to protect their systems against intrusions. This paper puts forward a review of the state of the art and state of the applicability of intrusion detection systems and models. The paper also presents a classification of literature pertaining to intrusion detection. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Infinite length hash chains and their applications

    Page(s): 57 - 61
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (254 KB) |  | HTML iconHTML  

    Hash chains are used extensively in various cryptography applications such as one-time passwords, server-supported signatures and micropayments. In this paper, we present a method, called infinite length hash chains to improve the flexibility of this chaining idea by using public-key techniques. One of its distinguishing features is that communication and computation overhead of restarting of the system is avoided For the owner of the chain it is possible to go in either way in the chain at any time without any restriction in the chain length, but others see no difference as the functionality it provides with respect to traditional hash chains. On the other hand the drawback here is the increased computation cost due to public-key operations. Part of our work would be considered as one additional step after traditional one-time passwords in the natural progression from fixed password schemes to challenge-response identification protocols. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Architecting CORBA-based frameworks to support distributed and interoperable training systems in large enterprises

    Page(s): 170 - 175
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (573 KB) |  | HTML iconHTML  

    Enterprise software systems are mainly distributed. Distribution promises better efficiency, scalability, and availability, specifically of large-scale systems. This is also true for the computer-based training systems used by training departments. This paper addresses interoperability and reusability issues that appear as a consequence of the heterogeneous nature of the resources used for training. We propose a CORBA-based framework to develop distributed object computing systems to support enterprise training. This proposal is based on ongoing work by institutions like the US Department of Defense and the aviation industry in the learning technology standardization area. Our framework also identifies open software interfaces among distributed components and a systematic methodology to develop new systems from them. Therefore, architects are provided with a software product line to develop standards-driven interoperable distributed training systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Full text access may be available. Click article title to sign in or learn about subscription options.
  • Collaboration framework for nomadic healthcare providers

    Page(s): 190 - 191
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (235 KB) |  | HTML iconHTML  

    Collaboration among nomadic healthcare providers presents unique challenges. This paper describes a set of requirements and an implementation approach for a collaboration architecture to meet these challenges. The collaboration framework consists of a set of services and client applications that provide authentication, messaging, scheduling, decision support and workflow. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evaluation of a publish/subscribe system for collaborative and mobile working

    Page(s): 23 - 28
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (326 KB) |  | HTML iconHTML  

    The MObile Teamwork Infrastructure for Organizations Networking (MOTION) service platform that we have designed and implemented addresses an emerging requirement in the daily business of large, distributed enterprises: support for mobile teamwork. Employees are often on the move and use a wide range of computing devices such as WAP phones, PDAs, notebooks and desktop computers. The service architecture that we have developed supports mobile teamwork by providing multi-device service access, XML meta data for information sharing and locating, and the XML Query Language (XQL) for distributed searches and publish/subscribe. We present the solution that we adopted in our prototype, analyze the shortcomings of this approach and based on our evaluation experiences, list the requirements for a publish-subscribe middleware for collaborative mobile working. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards an access control system for mobile peer-to-peer collaborative environments

    Page(s): 95 - 100
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (274 KB) |  | HTML iconHTML  

    Access control is one of the key requirements in enterprise security. A number of approaches in distributed systems have been designed that support various (new) paradigms such as peer-to-peer, nomadic working, and team working. Few of them, however, explicitly take into account the possible superposition of these concepts. Such a superposition often results in conflicting and additional requirements. We present ongoing work in developing an access control system for peer-to-peer mobile teamwork environments. This system is developed as part of the MOTION project. The goal of this project is to develop a service architecture for mobile teamwork, providing support for various devices and taking into account diverse connectivity modes. We present the requirements for an access control system that simultaneously supports mobility, collaboration, and peer-to-peer, illustrate our solution, and discuss how it meets the requirements. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    Page(s): 153 - 158
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (243 KB) |  | HTML iconHTML  

    The network security assessment instrument is a comprehensive set of tools that can be used individually or collectively to ensure the security of network aware software applications and systems. Using the various tools collectively provide a distinct advantage for assuring the security of software and systems. Each tool's resulting output provides feedback into the other tools. Thus, more comprehensive assessment results are attained through the leverage each tool provides to the other when they are employed in concert. Previous portions of this work were presented at the IEEE Wet Ice 2000 and 2001 Workshops and are printed in those proceedings. This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles. This portion, the flexible modeling framework (FMF), focuses on modeling requirements and early lifecycle designs to discover vulnerabilities that result from interaction between system components that are either under development in a new system or proposed as additions to an existing system. There are early indications that this new approach, the flexible modeling framework (FMF), has promise in the areas of network security as well as other critical areas such as system safety. Information about the overall research effort regarding network security is available at http://security.jpl.nasa.gov/rssr. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Full text access may be available. Click article title to sign in or learn about subscription options.
  • Voice-enabling enterprise applications

    Page(s): 188 - 189
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (329 KB) |  | HTML iconHTML  

    We review the influence of the advancement and standardization of voice technologies on existing Web and enterprise applications. We focus on the limitations and concerns of a new voice interface, in addition to the integration issues. We use automation of the dictation process, which is usually a part of enterprise transcription applications, as a case study to explore the power of current voice technologies. We specifically delve into VoiceXML and also into the fundamental integration solutions. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Honeypots for distributed denial-of-service attacks

    Page(s): 109 - 114
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (444 KB) |  | HTML iconHTML  

    Distributed denial-of-service attacks are still a big threat to the Internet. Several proposals for coping with the attacks have been made, but none are successful by themselves. In this paper, we present a system that helps to defend a network from DDoS attacks. In addition to state of the art active and passive security defences, we propose a honeypot for such attacks. The goal is to simulate convincingly success of the compromise of a system to a potential DDoS attacker. Thereby, we can implement lessons learned by the honeypot in other systems to strengthen them against such attacks. On the other hand, we protect the rest of our network infrastructure from the impact of such an attack. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.