CeBIT 2011: cloud computing management

ScienceDaily (February 11, 2011) up field of cloud computing is an interesting one, and then, not only for businesses. The field of public administration from the technology. Fraunhofer institutes are developing solutions to create such systems, and to effectively implement the concepts of security.

Researchers to be at these other solutions in computing "cloud" in CeBIT Hanover from 1-5 March 2011.

Cloud computing is the evolution is tempting for IT administrators: with cloud computing, companies and organizations no longer need to purchase a server and software solutions themselves and instead capacities they need data, computing power and professional providers. You pay only for the purpose. In Germany, especially companies are turning cloud computing, data transfer, applications and networks their farm in the Amazon, Google, IBM, Microsoft or other it service providers. In the space of a few years, cloud computing, appeared as a market worth billions of, with a high level of importance for the German economy business location policy.

In the autumn 2010, researchers Fraunhofer Institute FOKUS open communication system in Berlin, together with the release of the Hertie School of governance, publish research, "eGovernment Kooperatives-cloud computing ldncig Die Öffentliche Verwaltung" ["eGovernment: cloud computing for the cooperative Administration: public"]. The research was already inviting ISPRAT, an organization dedicated to the interdisciplinary studies politics, law, management, and technology. The research addresses the security aspects, identify risks and uses different scenarios of application in order to describe the benefits of this new technology and for public administrators, with a particular focus on federal requirements in Germany.

"A lot of reservations about cloud computing in the public administration. First, because of the need to protect the basic personal data of citizens responsible for public administrators; But also the potential of outsourcing frightened by the authorities. Thanks for fear of loss of expertise, and another one because the law requires a kernel tasks remain in the hands of administrators. "this is how to learn maiozmim strick Linda of FOKUS sums is seated.

Research points to security risks specific to the cloud actually exist, but that these can be completely understand, analyze. "There is reason to even put a cloud-based security standards can actually fill out than the classic solutions," explains strick. To help administrators with the introduction of new technology, FOKUS eGovernment laboratory researchers are developing an application to use scenarios of media-split-free and hence interoperable cloud computing technologies.

Cockpit for security

Public authorities to allow companies to acquire hands-on experience with new technology and test the security concepts, experts from the Fraunhofer Institute for secure information technology sit in Munich have created a cloud computing test lab. Along with the security concepts and technologies for cloud computing providers, researchers are also developing and learn strategies for integrating a secure IT infrastructure and cloud services.

"Our test lab, a function, reliability and interoperability, along with individual security, penetration testing analyses can be made, each is considered a developmental steps in administration of individual services, fathers-a comprehensive systems testing teams up a fully functional," notes Angelika Ruppel of SIT in Munich.

Working with the German Federal office for information security [ldncig Bundesamt Sicherheit der Informationstechnik] BSI, her Division has drafted minimum requirements for providers of cloud and cockpit. With this solution, companies to securely transfer data between different systems within cloud monitoring information relevant to security and data protection. Even the application of the hybrid cloud infrastructure, which companies use internal and external computing power, you can securely control through the cockpit of the cloud.

Email or share this story:

---

Story source:

The story above printed (with adapting to editing by a team of the day-to-day science) materials provided by the Fraunhofer Institute Gesellschaft, via AlphaGalileo.

---

Note: you mentioned if not counting, the source is when instead.

Disclaimer: opinions in this article do not necessarily reflect those of its employees or ScienceDaily.

The fingerprint is the proof of counterfeit computer chips

ScienceDaily (February 8, 2011) product that increasingly target electronic chips and components, with attacks on hardware modules becoming commonplace. Custom security technology takes advantage of the features at the individual element to create a digital key. This provides the elements with the same--because you cannot copy the their unique structure.

Fraunhofer Institute researchers have display prototype worldwide embedded at Nuremberg Exhibition & Conference from March 1 to 3.

Product piracy is a long time ago is limited exclusively to a consumer goods sector. Too, the industry, there are more and more to fight this problem. Cheap mkosmim: Dear business cost the German mechanical and plant engineering alone lost 6.4 billion of revenue in 2010, according to a survey by the German engineering Federation (VDMA). Sales losses aside, low-quality counterfeits can break even the image of the company's brand. Worse, they can even compromise the life of the people if they are used in areas where safety, such as the production cars or airplanes. Patent rights or organizational instructions such as confidentiality agreements will not be enough to prevent product piracy. Anti-piracy technology that exists in today's marketplace provides a measure of protection, but it is an obstacle to the product and more for you: criminals are using the electron microscope, laser focused ion beams or bolts to intercept security keys-and baimotz more and more sophisticated methods.

Two chips are not

Embedded world, researchers at the Fraunhofer Institute sit secure information technology electronic components be ricot or chips can do counterfeit-proof using physical unclonable functions (PUFs). "Each element has a single fingerprint since small differences inevitably arise among during production," explains Dominik mrli, scientist at the Fraunhofer Institute sit in Garching near Munich. Printed circuits, for example, at a minimum weight or length variations during the manufacturing process. While these variations do not affect functionality, they can be used to create a unique code.

Destroying the structure polshni attacks

PUF module, integrated directly into chip-Setup is applicable not only in a large number of half-molichim programmable called FPGAs (field programmable gate arrays) but equally hardware components, such as ??????? and smartcards. "The heart is a circle measure, e.g. a ring oscillator. This creates a clock oscillator characteristic that allows precise material features of the chip set. Special electronic circuits to read these and generate measurement data from the data, developing a specific ???"????? mrli. Unlike the standard encryption, secret key is not stored in hardware but this threshold as and when required. Since the code relates directly to a given system properties at any point in time, it is almost impossible to extract and to replicate it. Polshni chip you target, and physical change parameters or distort the unique structure.

Garching-based researchers have developed already two fathers are: butterfly, PUF PUF ring vmd. At present, these modules are optimized for practical applications. The experts will be at embedded world at Nuremberg (Hall 11, stand 207) from 1-3 March example example FPGA boards can generate a single encryption key by using ring oscillator PUF. These allow security solutions-embedded systems rolled out attack.

Email or share this story:

---

Story source:

The story above printed (with adapting to editing by a team of the day-to-day science) materials provided by Fraunhofer Gesellschaft.

---

Note: you mentioned if not counting, the source is when instead.

Disclaimer: opinions in this article do not necessarily reflect those of its employees or ScienceDaily.

How Antivirus Software Works

Due to the growing threat of virus and other malicious programs, almost every computer comes with a pre-installed antivirus on it. In fact, an antivirus program has become one of the most important software package for each computer. Although each of us has an antivirus software installed on our computers, only a few bother to actually understand how it really works! If you are one among those few who really worthwhile to understand how it works, an antivirus, then this article is for you.

 

 

An antivirus software typically uses a variety of strategies to identify and remove viruses, worms and other malicious programs. The following are the two methods most widely employed for recognition:

 

1. Signature based dectection (Dictionary)

 

This is usually employed method which includes the search for known virus patterns into a specific file. Any antivirus software will have a dictionary with sample malware codes signatures called in its database. Whenever a file is examined, the antivirus refers to the dictionary of sample codes presence inside the database and compares the same as the current file. If the piece of code within the file matches the one in the dictionary then it is flagged and appropriate action is taken immediately in order to stop the virus from further reproduction. Antivirus may choose to repair the file, isolating or deleted permanently on the basis of the potential risk.

As new viruses and malwares are created and released every day, this detection method is unable to mark new malwares unless their samples are collected and signatures are released by the company of antivirus software. Some companies may also encourage users to upload new viruses and variants, so that they can analyse the virus and the signature can be added to the dictionary.

Signature based detection can be very effective, but requires frequent updates to the virus signature dictionary. Therefore, users must update their antivirus software on a regular basis in order to defend against new threats released daily.

 

2. Heuristic based detection (approach suspicious behaviour)

 

Based on the heuristic detection involves determining suspicious behavior from any given program may indicate a potential risk. This approach is used by some of the advanced antivirus software to identify new malware and variants of known malware. Unlike signature-based approach, the antivirus does not attempt to identify known viruses, but instead monitors the behavior of all programs.

For example, malicious behaviors, such as a program tries to write data to an executable program is highlighted and the user is alerted about this action. This method provides an additional level of detection from unknown threats.

File emulation: this is another type heuristic approach where a program that runs in a virtual environment and recorded actions performed by it. Based on the actions which have been recorded, the antivirus software can determine if the program is malicious or not, and to carry out necessary actions in order to clean the infection.

Most commercial antivirus software uses a combination of both heuristic and signature-based approaches to combat malicious software.

 

Issues facing

 

Zero-day threats: is a zero-day (zero hour) a threat or an attack where a malicious software that tries to exploit vulnerabilities application not yet unidentified by the antivirus companies. These attacks are used to cause damage to your computer, even before being recognized. Since the patches are not yet released for such new threats, you can manage easily bypass the antivirus software and perform malicious actions. However, most of the threats identified after a day or two away from release, but the damage caused by them before the recognition is absolutely unavoidable.

Daily updates means since new viruses and threats are released daily, it is now essential to update the antivirus software in order to keep the virus definitions updated. Most software will have an automatic update feature, so that the virus definitions are updated whenever the computer is connected to the Internet.

effectiveness: even if an antivirus software can match almost any malware, is still not 100% foolproof against all kinds of threats. As explained earlier, a zero-day threat can easily bypass the shield antivirus software. Also the virus authors tried to stay one step ahead by writing (oligomorphic groups) "," polymorphic "and, more recently," transformed "virus codes, which will encrypt parts themselves or amend the same as metamfiesmenos method, so that it fits with virus signatures in the dictionary.

Therefore, user education is as important as antivirus software? users must be trained to practice safe surfing habits, such as downloading files only from trusted websites and not blindly runs a program that is unknown or obtained from an untrusted source. I hope this article will help you understand the operation of an antivirus software.

Popularity: 5% [?]

Read also visitors who read this post:

1. How to test your antivirus-test EICAR

2. 10 tips to avoid Adware

3. How to protect your computer against Keyloggers

4. How firewalls work

5. What is CAPTCHA and how does it work?

  By using this site, following you agree to our legal disclaimer

What Bing would you said on Google

So Bing for their response to allegations of copying their Google results. I don't think Bing have been sharply their response as it would have been.

Today I'm going to write a post, I think that would've written by Bing. Be clear – I'm absolutely no relationship with any of these companies (using gmail, analytics and adsense), I'm only insert it here from my view of the situation. After that, I'll get back to blogging about cool web stuff and stop ruining My chances of ever working for Google ...

---

At the beginning, you can search the text on the page to determine whether this page relevant to your query. This works well, especially in the choice of the length of the page and any other documents in the collection and the relative density of keywords on the page. This method of retrieving the information is in scientific circles, known as the TFxIDF.

The trouble with the TFxIDF on the basis of search is that you never designed to deal with people trying to intentionally manipulate search results. Carefully choose specific keywords in the document, you can quite easily manipulate this "bag" approach to search.

In 1998 Larry Page and Sergey Brin is to demonstrate the power of using the number of inbound links on a Web page has as the signal to determine the quality of this page. This is called "pagerank" in their most important book "The Anatomy of a large-scale Hypertextual Web search engine", and formed the basis of their search engine Google.

A great side effect of this kind of link chart based approach is that the page will take measures as it is outside the control of the author of this page in the order is determined by how many other people link that is much more complex games (even though it is not possible).

In the years after the creation of a Google search every time the company received some form of PageRank and dramatically improve the quality of search results at a flat rate.

Today, you may build a search engine indexing only enough a lot of pages, the calculation chart links between them and the combination of measures with data on the TFxIDF incoming links.

But to really search engines is the head and shoulders above the competition, you can start using the other signal. For example, Google recently announced that they were starting to look at the speed of page as a signal of quality. Bing with thousands of signals; incoming connections, the number of tweets, sentiment analysis, linking, sharing data and the like.

Bing is the motivation was: "we want to see good quality links to Bing. How people express the quality of the link? By clicking on them! ". For people who have subscribed to the toolbar, Bing, Microsoft began to collect information about the links you have clicked. This profile was anonymised and sent encrypted, so nobody MS could spy on their users. So that the association between the pages has been created – not only that the page refers to 5 other pages, but also that these 5 pages more frequently clicked the Association. This gives Bing the relationship between the link appears on the page and the page refers to the link. Bing is not for every site, whether it's for your blog or search engine or purchase site. The information collected on the Bing what links people are clicking on and which is used as one of the signals to determine the page quality – the theory is that the quality of the pages get more clicks. Other Web users also about this great is that as PageRank, takes over the control over the search order of author-it has been decided in order, so theoretically means less spam and more relevant, high quality, search engine.

When Google their experiment, created a special page on their site, which contains the words that exist nowhere else on the Web, then installed the Bing toolbar and clicked the link these "synthetic" pages. Bing toolbar sent MS data, much like a piece for all pages and their system of integrated "data to the other signals as well as normal.

But what meant was that when he then went to Google and Bing to search for unique words, all the other signal if you have any input data only if the Bing from their "signal, and so it was, as used by the system. Not surprisingly, the Bing returned on the same pages as well as Google, because all the data that was in the world on this query! Bing didn't collect data, therefore, that it was from Google, Bing collected it Bing toolbar users.

Microsoft wrote a neat little tool that allows you to collect "click-stream data from any website and Google crier announced, because he also worked on their site. If they had spoken to Bing first without making all these allegations, I think that the whole situation could have calmed. But even so – now Bing is known that the "data can be taken advantage of such as this, Bing will look deep into how best to stop this happening.

---

So this is what I liked to see Bing would you say that in its reply to Google. The fact that they were not as clear-cut in their denial would suggest that the picture is not completely correct, the event or that Bing had other things, but wanted to communicate in the message.

OK, I think the end to this problem is now – still tired from the wrong information in the comment threads on this topic.

Update: Oh boy. Matt Cutts wrote a fantastic blog, only some of the other evidence. It is necessary to swallow my pride here and say: it really looks like Bing, they have been specifically aimed at Google.

Matt refers to the Microsoft research paper, which contains the damning evidence:

We are a "reverse" parameters from the URL of the meeting [formulation query] and see how each search engine encodes the query and the fact that the user received the URL by clicking on a proposal from the spelling query

The book is available here: Learning Phrase-Based spelling error models of the ratio of the Data.

My apologies Matt and Google. I think initially submitted in support of the conclusion wasn't searched and therefore my blog post. But this Revelation we strongly refer to Bing intentionally and specifically targeting Google result pages, which is very clearly copying from Google. Shame on you, I am Bing, how could you have that it was OK to do?

---

Related posts:

This entry was posted on 3. February 2011, 10: 49 PM and is filed under web. You can track any responses to this entry through the RSS 2.0. You can leave a response, or trackback from your own page.

The fingerprint is the proof of counterfeit computer chips

ScienceDaily (February 8, 2011) product that increasingly target electronic chips and components, with attacks on hardware modules becoming commonplace. Custom security technology takes advantage of the features at the individual element to create a digital key. This provides the elements with the same--because you cannot copy the their unique structure.

Fraunhofer Institute researchers have display prototype worldwide embedded at Nuremberg Exhibition & Conference from March 1 to 3.

Product piracy is a long time ago is limited exclusively to a consumer goods sector. Too, the industry, there are more and more to fight this problem. Cheap mkosmim: Dear business cost the German mechanical and plant engineering alone lost 6.4 billion of revenue in 2010, according to a survey by the German engineering Federation (VDMA). Sales losses aside, low-quality counterfeits can break even the image of the company's brand. Worse, they can even compromise the life of the people if they are used in areas where safety, such as the production cars or airplanes. Patent rights or organizational instructions such as confidentiality agreements will not be enough to prevent product piracy. Anti-piracy technology that exists in today's marketplace provides a measure of protection, but it is an obstacle to the product and more for you: criminals are using the electron microscope, laser focused ion beams or bolts to intercept security keys-and baimotz more and more sophisticated methods.

Two chips are not

Embedded world, researchers at the Fraunhofer Institute sit secure information technology electronic components be ricot or chips can do counterfeit-proof using physical unclonable functions (PUFs). "Each element has a single fingerprint since small differences inevitably arise among during production," explains Dominik mrli, scientist at the Fraunhofer Institute sit in Garching near Munich. Printed circuits, for example, at a minimum weight or length variations during the manufacturing process. While these variations do not affect functionality, they can be used to create a unique code.

Destroying the structure polshni attacks

PUF module, integrated directly into chip-Setup is applicable not only in a large number of half-molichim programmable called FPGAs (field programmable gate arrays) but equally hardware components, such as ??????? and smartcards. "The heart is a circle measure, e.g. a ring oscillator. This creates a clock oscillator characteristic that allows precise material features of the chip set. Special electronic circuits to read these and generate measurement data from the data, developing a specific ???"????? mrli. Unlike the standard encryption, secret key is not stored in hardware but this threshold as and when required. Since the code relates directly to a given system properties at any point in time, it is almost impossible to extract and to replicate it. Polshni chip you target, and physical change parameters or distort the unique structure.

Garching-based researchers have developed already two fathers are: butterfly, PUF PUF ring vmd. At present, these modules are optimized for practical applications. The experts will be at embedded world at Nuremberg (Hall 11, stand 207) from 1-3 March example example FPGA boards can generate a single encryption key by using ring oscillator PUF. These allow security solutions-embedded systems rolled out attack.

Email or share this story:

---

Story source:

The story above printed (with adapting to editing by a team of the day-to-day science) materials provided by Fraunhofer Gesellschaft.

---

Note: you mentioned if not counting, the source is when instead.

Disclaimer: opinions in this article do not necessarily reflect those of its employees or ScienceDaily.

Hardware, software, to help protect operating systems from attack

ScienceDaily (January 27, 2011) operating system (OS) is the backbone of your PC. If the operating system is compromised, attackers can take over your computer or crash it. Now researchers at the University of North Carolina have developed an efficient system that utilizes hardware and software to restore the operating system if it is attacked.

In each issue are security attacks where the outside party successfully compromises a computer application (such as a Web browser) and then uses the application to access the operating system. For example, the compromised application could result in "system call" operating system, effectively asking the operating system to perform a particular function. However, instead of routine function, the attacker will use the system call to try to gain control of the operating system.

"Our goal is to give the ability to survive such attacks, the operating system," says Dr. Yan Solihin, Professor of the partner computer engineering and power in NC co-author of a paper describing the new system. "Our approach has three elements: the attack detection; Security fault isolation; And recovery. "

The idea is to take a picture of the operating system while strategies points (such as system calls or interrupts), when functioning as usual, then, if attacked the operating system, to delete what they did since the picture was taken last "good" – effectively back in time before attacking OS. The engine also allows the operating system to identify the source of the attack and isolate it, so the operating system will no longer be vulnerable to attacks from the same application.

The idea of identifying attacks, re-setting system into safe mode is a well-known technique for restoring the normal functions of the system after a failure, but this is the first time that researchers have developed a system with the security element of fault isolation. This critical component prevents the operating system to attack it ???????? over and over again.

The idea of taking images of the operating system and using it to replace the operating system if it is a candidate was previously viewed as practical, because taking these images, and running the system such as significantly slowdown your computer operating speeds. "But we've developed the hardware support that allows the operating system to combine these elements of survival more efficiently, so they take up less time and energy," says Solihin. Researchers say survival system takes up less than 5 percent of the operating system overhead.

The paper, "an architectural Framework for operating system support, survival" was co-authored Solihin, student NC State ph. d. Former Jiang Xiaowei. The paper will be February 16 at IEEE International Convention on the high-performance computer architecture in San Antonio, Texas. The research supported, in part, by the National Science Foundation.

NC State Department of Electrical engineering methods computer is part of the College of engineering of the University.

E-mail or share this story:

---

Story source:

The story above printed (with adapting to editing by the team of the day-to-day science) materials provided by the of the University of North Carolina.

---

Note: you mentioned when not composing, source is created instead.

Disclaimer: views expressed in this article do not necessarily reflect those of its employees or ScienceDaily.