...This paper, copyright the IEEE, appears in IEEE Symposium on Security and Privacy 2004. IEEE Computer Society Press, May 2004. This paper previously appeared as Johns Hopkins University Information Security Institute Technical Report TR-2003-19, July 23, 2003. Analysis of an Electronic Voting System TADAYOSHI KOHNO∗ A DAM S TUBBLEFIELD† DAN S. WALLACH§ February 27, 2004 AVIEL D. RUBIN‡ Abstract With significant U.S. federal funds now available to replace outdated punch-card and mechanical voting systems, municipalities and states throughout the U.S. are adopting paperless electronic voting systems from a number of different vendors. We present a security analysis of the source code to one such machine used in a significant share of the market. Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts. We identify several problems including unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes. We show that voters, without any insider privileges, can cast unlimited votes without being detected by any mechanisms within the voting terminal software. Furthermore, we show that even the most serious of our outsider attacks could have been discovered and executed without access to the source code. In the face of such attacks, the usual worries about insider threats are not the only concerns; outsiders can do the damage. That...
Words: 12856 - Pages: 52
...MASTER OF TECHNOLOGY ADVANCED ELECTIVES SELECTION For Semester II 2014/2015 ATA/SE-DIP/TS-11/V1.34 Master of Technology in Software /Knowledge Engineering and Enterprise Business Analytics Table of Contents. MTECH ADVANCED ELECTIVES 1. INTRODUCTION. 1.1 Overview. 1.2 Courses. 1.3 Assessment. 1.4 Elective Selection Process. 2 2 2 2 3 3 2. SCHEDULE FOR ADVANCED ELECTIVES OFFERED DURING SEMESTER II 2014/2015. 2.1 MTech SE and KE Students. 2.2 MTech EBAC Students. 5 5 9 3. CURRICULUM. 12 4. DESCRIPTION OF COURSES. 4.1 Department of Electrical & Computer Engineering. 4.2 School of Computing. 4.3 Institute of Systems Science. 4.4 Department of Industrial & Systems Engineering. 4.5 Division of Engineering & Technology Management. 12 15 23 31 32 34 ATA/SE-DIP/TS-11/V1.34 page 1 of 35 Master of Technology in Software /Knowledge Engineering and Enterprise Business Analytics MASTER OF TECHNOLOGY Advanced Electives 1. INTRODUCTION 1.1 Overview All students that expect to have passed four core courses and eight basic electives after completing the scheduled examinations in November, and also have or expect to pass their project/internship, will be entitled to commence their Advanced Electives in NUS Semester II 2014/2015, which starts on 12 January 2015. However, it should be noted that a student’s registration for the Advanced Electives will be withdrawn if they either: 1. 2. 3. 4. 5. Fail any elective examination in November. Do not successfully...
Words: 15607 - Pages: 63
...Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without express written permission. Interested in learning more? Check out the list of upcoming events offering "Security Essentials Bootcamp Style (Security 401)" at http://www.giac.org/registration/gsec Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 © SA NS In sti tu te © SANS Institute 2004, As part of GIAC practical repository. 20 04 Valdo Araiza 3/30/2004 ,A GIAC Security Essentials Certification (GSEC) Practical Assignment Version 1.4b ut ho rr Technological Advances and the Effect on Physical Security eta ins fu ll r igh ts. Author retains full rights. Abstract The strides in technology each year have surpassed the previous year by leaps and bounds and will probably continue to do so in the future. Information technology continues to advance in ways that greatly benefit society on many levels but as the increasing benefits develop so do the security vulnerabilities associated with information technology. Hardware and software is being released to the general public that can help people be more productive but this same technology can be used to infiltrate or impede practiced physical security measures whether that effort is intentional or not. In this paper we will explore both sides of this...
Words: 5538 - Pages: 23
...te cte d s ys te m p o r t. It l e a ve s th i n g s o p e n to a n a tta ck o r d a m a g e . Exp o s u r e i s a s i n g l e i n s ta n ce wh e n a s ys te m i s o p e n to d a m a g e . Vu l n e r a b i l i ti e s ca n i n tu r n b e th e ca u s e o f e xp o s u r e . Who has the def inition of hack evolved over the last 30 years? In te e a r l y d a ys o f co m p u ti n g , e n th u s i a s ts we r e ca l l e d h a cks o r h a cke r s , b e ca u s e th e y co u l d te a r a p a r t th e i n s tr u cti o n co d e o r e ve n th e co m p tu e r i ts e l f to m a n i p u l a te i ts o u tp u t. Th e te r m h a cke r a t o n e ti m e e xp r e s s e d r e s p e ct fo r a n o th e r s a b i l i ty. In r e ce n t ye a r s th e a s s o ci a ti o n wi th a n i l l i g a l a cti vi ty h a s n e g a ti vl y ti n g e d th e te r m . What type of security was dominant in the early years of computing? Early security was entirely physical security. C o n fi d e n ti a l i ty: In fo rma ti o n s s h o u l d o n l y b e a c c e s s i b l e to i ts i n te n d e d re c i p i e n ts . In te g ri ty: In fo rma ti o n s h o u l d a rri ve th e s a me a s i t wa s s e n t. Ava i l a b l i l i ty: In fo rma ti o n s h o u l d b e a va i l a b l e to th o s e a u th o ri z e d to u s e i t. What re the tree components of te CIA triangle and what are they used...
Words: 3982 - Pages: 16
...International Journal of Applied Information Systems (IJAIS) – ISSN : 2249-0868 Foundation of Computer Science FCS, New York, USA Volume 5– No.3, February 2013 – www.ijais.org Fingerprint Biometric Authentication for Enhancing Staff Attendance System Oloyede Muhtahir O. Dept. of Info. and Comm. Science University of Ilorin, Ilorin. Adedoyin Adeyinka O. Dept. of Info. and Comm. Science University of Ilorin, Ilorin. ABSTRACT Biometric technology that involves the identification and verification of individuals by analyzing the human body characteristics has been widely used in various aspect of life for different purposes, most importantly as regards this study the issue of staff attendance. Despite the numerous advantages of the biometric system and its impact to various work sectors across the globe, most biometric technology users face the issue of defining the right and accurate biometric technology system that will be cost effective in solving particular problems in specific environment. In this paper, a study was conducted using a telecommunication company in the South West region of Nigeria, in order to determine the specific biometric identifier that can be used to enhance their traditional staff attendance system which presently affects the productivity of the organization. The study was conducted using a quantitative approach by designing a questionnaire as the data collection instrument based on different biometric technologies. The survey...
Words: 4926 - Pages: 20
...Applied Thermal Engineering 31 (2011) 779e784 Contents lists available at ScienceDirect Applied Thermal Engineering journal homepage: www.elsevier.com/locate/apthermeng Optimization of heat exchanger network Mofid Gorji-Bandpy, Hossein Yahyazadeh-Jelodar, Mohammadtaghi Khalili* Noshirvani University of Technology, P.O. Box 484, Babol, Iran a r t i c l e i n f o Article history: Received 6 September 2010 Accepted 26 October 2010 Available online 2 November 2010 Keywords: Heat exchanger network (HEN) Optimization Genetic algorithm Pinch Analysis Method Mathematical Optimization Method Sequential Quadratic Programming (SQP) a b s t r a c t In this paper, a new method is presented for optimization of heat exchanger networks making use of genetic algorithm and Sequential Quadratic Programming. The optimization problem is solved in the following two levels: 1- Structure of the optimized network is distinguished through genetic algorithm, and 2- The optimized thermal load of exchangers is determined through Sequential Quadratic Programming. Genetic algorithm uses these values for the determination of the fitness. For assuring the authenticity of the newly presented method, two standard heat exchanger networks are solved numerically. For representing the efficiency and applicability of this method for the industrial issues, an actual industrial optimization problem i.e. Aromatic Unit of Bandar Imam Petrochemistry in Iran is verified. The results indicate that the proposed...
Words: 4334 - Pages: 18
...| Counting since 19.11.2005 <http://lipas.uwasa.fi/~ts/wbfa/wbfa.htm> URN:NBN:fi-fe20051937 Copyright © 2002-2005 by Prof. Timo Salmi, Prof. Jussi Nikkinen & Prof. Petri Sahlström Paper last modified Thu 24-Nov-2005 11:57 Subsequent references last appended Tue 9-Nov-2010 | Timo Salmi, Jussi Nikkinen &Petri Sahlström Department of Accounting and Finance Faculty of Business Studies University of Vaasa, Finland The Review of the Theoretical and Empirical Basis of Financial Ratio Analysis Revisited With the Modern Developments in the Web-Based Publishing Abstract This web-based publication is an addendum to a previous review of the research and research trends in financial ratio analysis. The first purpose is to add more current references to the previous review. The second purpose is to emphasize the changes facilitated by the modern World Wide Web based publication practices and their impact on the availability of scientific publications. The new references are listed only without detailed reviewing, since no drastic additions have come to the fore in the field. However, it is felt that the additions are sufficient to warrant this addendum made readily possible by the option of making this publication available online. Keywords: Financial statement analysis, financial ratios, review, electronic publishing Referencing: Salmi, Timo, Jussi Nikkinen & Petri Sahlström (2005). The Review of the Theoretical and Empirical Basis of Financial Ratio Analysis Revisited...
Words: 5464 - Pages: 22
...learning more about security? SANS Institute InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. SSL Man-in-the-Middle Attacks TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. The advent of Dug Song's 'webmitm' in late 2000 demonstrated the feasibility of mounting an MITM attack on the protocol, but a properlyconfigured client SSL implementation would warn the user about problems with the server certificate. This paper examines the mechanics of the SSL protocol attack, then focuses o... Copyright SANS Institute Author Retains Full Rights AD SSL Man-in-the-Middle Attacks Peter Burkholder February 1, 2002 (v2.0) Abstract TCP/IP protocols have long been subject to man-in-the-middle (MITM) attacks, but the advent of SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. The advent of Dug Song's 'webmitm' in late 2000 demonstrated the feasibility of mounting an MITM attack on the protocol, but a properlyKey fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 configured client SSL implementation would warn the user about problems with the server certificate. This paper examines the mechanics of the SSL protocol attack, then focusses on the greater...
Words: 6154 - Pages: 25
...for Matching in Computer Vision Giansalvo Cirrincione1 and Maurizio Cirrincione2 Department of Electrical Engineering, Lab. CREA University of Picardie-Jules Verne 33, rue Saint Leu, 80039 Amiens - France exin@u-picardie.fr Universite de Technologie de Belfort-Montbeliard (UTBM) Rue Thierry MIEG, Belfort Cedex 90010, France maurizio.cirricione@utbm.fr 1 2 Abstract. A very important problem in computer vision is the matching of features extracted from pairs of images. At this proposal, a new neural network, the Double Asynchronous Competitor (DAC) is presented. It exploits the self-organization for solving the matching as a pattern recognition problem. As a consequence, a set of attributes is required for each image feature. The network is able to find the variety of the input space. DAC exploits two intercoupled neural networks and outputs the matches together with the occlusion maps of the pair of frames taken in consideration. DAC can also solve other matching problems. 1 Introduction In computer vision, structure from motion (SFM) algorithms recover the motion and scene parameters by using a sequence of images (very often only a pair of images is needed). Several SFM techniques require the extraction of features (corners, lines and so on) from each frame. Then, it is necessary to find certain types of correspondences between images, i.e. to identify the image elements in different frames that correspond to the same element in the scene. This paper addresses this...
Words: 3666 - Pages: 15
...InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. Biometric Scanning Technologies: Finger, Facial and Retinal Scanning This paper discusses several Biometric scan technologies: finger-scan, facialscan and retinal-scan. We discuss the recent history of Biometrics and how it has been influenced by such pseudo-sciences as Phrenology, the study of human skull characteristics and Anthropometry, the study of human body measurement. We discuss how finger-scan technology was influenced by French and British police advancements in the nineteenth century and still remain the most widely used Biometric technology today. Facial-scan technology is ... AD Copyright SANS Institute Author Retains Full Rights fu ll r igh ts Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 © SA NS In sti tu te 20 03 ,A ut ho rr eta ins Edmund Spinella SANS GSEC Original Submission San Francisco, CA Dec 2002 28 May 2003 Biometric Scanning Technologies: Finger, Facial and Retinal Scanning Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 © SANS Institute 2003, As part of the Information Security Reading Room. Author retains full rights. Abstract © SA NS In sti tu te 20 03 ,A ut ho rr eta ins fu ll r igh ts This paper discusses several Biometric...
Words: 5748 - Pages: 23
...ROYAL UNIVERSITY OF PHNOM PENH Master of IT Engineering PROBABILITY AND RANDOM PROCESSES FOR ENGINEERING ASSIGNMENT Topic: BASIC RANDOM PROCESS Group Member: 1, Chor Sophea 2, Lun Sokhemara 3, Phourn Hourheng 4, Chea Daly | Academic year: 2014-2015 I. Introduction Most of the time many systems are best studied using the concept of random variables where the outcome of random experiment was associated with some numerical value. And now there are many more systems are best studied using the concept of multiple random variables where the outcome of a random experiment was associated with multiple numerical values. Here we study random processes where the outcome of a random experiment is associated with a function of time [1]. Random processes are also called stochastic processes. For example, we might study the output of a digital filter being fed by some random signal. In that case, the filter output is described by observing the output waveform at random times. Figure 1.1 The sequence of events leading to assigning a time function x(t) to the outcome of a random experiment Thus a random process assigns a random function of time as the outcome of a random experiment. Figure 1.1 graphically shows the sequence of events leading to assigning a function of time to the outcome of a random experiment. First...
Words: 2863 - Pages: 12
...International Journal of Computers & Technology Volume 1 No.1 Dec. 2011 Comparative Analysis of Various Cloud Technologies Dr. Gurdev Singh Professor and Head Department of Computer science & Engineering Adesh Institute of Engineering & Technology Faridkot (India) Akanksha Lecturer Department of Computer science & Engineering Adesh Institute of Engineering & Technology Faridkot (India) singh.gndu@gmail.com 1. ABSTRACT With the increasing prevalence and demand of large scale cloud computing environment, a researcher has to draw more attention towards the services provided by the CLOUD. As the access to the server is increasing, centralized and distributed computing architecture will produce bottlenecks data which affect the quality of cloud computing services and bring the huge support to users. In this paper we are going to propose certain vital aspects such as memory utilization, storage capacity to check the efficiency and performance of various clouds in cloud computing environment. This is based upon the static data. The proposed mechanism enables users to access memories in various systems depending on the predefined criteria. Selection method for accessing the memory of a resource is properly introduced in this paper. Our evaluation results show that the aggregation of various clouds is effective in indicating the better efficiency and also to reduce network traffic sent over cloud networks. er.akanksha1988@gmail.com WAN networking. The interlinking and...
Words: 2356 - Pages: 10
...International Journal of Project Management Vol. 17, No. 4, pp. 207±216, 1999 # 1999 Published by Elsevier Science Ltd and IPMA. All rights reserved Printed in Great Britain 0263-7863/99 $ - see front matter PII: S0263-7863(98)00032-5 An integrated framework for project portfolio selection NP Archer* and F Ghasemzadeh Michael G. DeGroote School of Business, McMaster University, Hamilton, Ontario, Canada L8S 4M4 The task of selecting project portfolios is an important and recurring activity in many organizations. There are many techniques available to assist in this process, but no integrated framework for carrying it out. This paper simpli®es the project portfolio selection process by developing a framework which separates the work into distinct stages. Each stage accomplishes a particular objective and creates inputs to the next stage. At the same time, users are free to choose the techniques they ®nd the most suitable for each stage, or in some cases to omit or modify a stage if this will simplify and expedite the process. The framework may be implemented in the form of a decision support system, and a prototype system is described which supports many of the related decision making activities. # 1999 Published by Elsevier Science Ltd and IPMA. All rights reserved Keywords: Project portfolio selection, project management, integrated framework, decision support Introduction Project portfolio selection and the associated activity of managing selected projects throughout...
Words: 8671 - Pages: 35
...Tournaments and Piece Rates Revisited: A Theoretical and Experimental Study of Premium Incentives Werner Guth Rene Levnsky Kerstin Pully Ori Weiselz June 22, 2010 Abstract Tournaments represent an increasingly important component of organizational compensation systems. While prior research focused on xed-prize tournaments, i.e., on tournaments where the prize or prize sum to be awarded is set in advance, we introduce a new type of tournament into the literature: premium incentives. While premium incentives, just like xed-prize tournaments, are based on relative performance, the prize to be awarded is not set in advance but is a function of the rm's success: the prize is high if the rm is successful and low if it is not successful. Relying on a simple model of cost minimization, we are able to show that premium incentives outperform xed-prize tournaments as well as piece rates. Our theoretical result is qualitatively conrmed by a controlled laboratory experiment and has important practical implications for the design of organizational incentive systems. JEL Classication: C72, C91, J33 Keywords: Tournaments, Incentives, Economic experiments Max Planck Institute for Economics, Kahlaische Strasse 10, 07745 Jena, Germany. yEberhard Karls Universitat Tubingen, Faculty of Economics and Business Administration, Nauklerstrasse 47, 72074 Tubingen, Germany. zThe Hebrew University, Center for the Study of Rationality, Giv'at Ram, Jerusalem 91904, Israel...
Words: 5213 - Pages: 21
...This article was downloaded by: [UNISA University South Africa] On: 13 February 2012, At: 22:32 Publisher: Routledge Informa Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK Technology Analysis & Strategic Management Publication details, including instructions for authors and subscription information: http://www.tandfonline.com/loi/ctas20 Building Innovation Networks: Issues of Strategy and Expertise Lisa Harris, Anne-Marie Coles & Keith Dickson Available online: 25 Aug 2010 To cite this article: Lisa Harris, Anne-Marie Coles & Keith Dickson (2000): Building Innovation Networks: Issues of Strategy and Expertise, Technology Analysis & Strategic Management, 12:2, 229-241 To link to this article: http://dx.doi.org/10.1080/713698468 PLEASE SCROLL DOWN FOR ARTICLE Full terms and conditions of use: http://www.tandfonline.com/page/ terms-and-conditions This article may be used for research, teaching, and private study purposes. Any substantial or systematic reproduction, redistribution, reselling, loan, sub-licensing, systematic supply, or distribution in any form to anyone is expressly forbidden. The publisher does not give any warranty express or implied or make any representation that the contents will be complete or accurate or up to date. The accuracy of any instructions, formulae, and drug doses should be independently verified with primary sources. The publisher shall not be...
Words: 7969 - Pages: 32