Privacy-preserving Digital Identity Management for Cloud Computing Elisa Bertino CS Department Purdue University West Lafayette, Indiana bertino@cs.purdue.edu Federica Paci CS Department Purdue University West Lafayette, Indiana paci@cs.purdue.edu Rodolfo Ferrini CS Department Purdue University West Lafayette, Indiana rferrini@purdue.edu Ning Shang CS Department Purdue University West Lafayette, Indiana nshang@cs.purdue.edu Abstract Digital identity management services are crucial in cloud computing infrastructures to authenticate users and to support flexible access control to services, based on user identity properties (also called attributes) and past interaction histories. Such services should preserve the privacy of users, while at the same time enhancing interoperability across multiple domains and simplifying management of identity verification. In this paper we propose an approach addressing such requirements, based on the use of high-level identity verification policies expressed in terms of identity attributes, zero-knolwedge proof protocols, and semantic matching techniques. The paper describes the basic techniques we adopt and the architeture of a system developed based on these techniques, and reports performance experimental results. 1 Introduction Internet is not any longer only a communication medium but, because of the reliable, afforbable, and ubiquitous broadband access, is becoming a powerful computing platform. Rather than running software and managing data on a desktop computer or server, users are able to execute applications and access data on demand from the “cloud” (the Internet) anywhere in the world. This new computing paradigm is referred to as cloud computing. Examples of cloud computing applications are Amazon’s Simple Storage Service (S3), Elastic Computing Cloud (EC2) for storing photos on Smugmug an on line photo service, and Google Apps for word-processing. Cloud services make easier for users to access their personal information from databases and make it avail- able to services distributed across Internet. The availability of such information in the cloud is crucial to provide Copyright 2009 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. Bulletin of the IEEE Computer Society Technical Committee on Data Engineering 1 better services to users and to authenticate users in case of services sensitive with respect to privacy and secu- rity. Users have typically to establish their identity each time they use a new cloud service, usually by filling out an online form and providing sensitive personal information (e.g., name, home address, credit card number, phone number, etc.). This leaves a trail of personal information that, if not properly protected, may be misused. Therefore, the development of digital identity management (IdM for short) systems suitable for cloud comput- ing is crucial. An important requirement is that users of cloud services must have control on which personal information is disclosed and how this information is used in order to minimize the risk of identity theft and fraud. Another major issue concerning IdM in cloud platforms is interoperability. Interoperability issues range from the use of different identity tokens, such those encoded in X.509 certificates and SAML assertions, and different identity negotiation protocols, such as the client-centric protocols and the Preserving Biodiversity Preserving Biodiversity Bởi: OpenStaxCollege Preserving biodiversity is an extraordinary challenge that must be met by greater understanding of biodiversity itself, changes in human behavior and beliefs, and various preservation strategies Measuring Biodiversity The technology of molecular genetics and data processing and storage are maturing to the point where cataloguing the planet’s species in an accessible way is close to feasible DNA barcoding is one molecular genetic method, which takes advantage of rapid evolution in a mitochondrial gene present in eukaryotes, excepting the plants, to identify species using the sequence of portions of the gene Plants may be barcoded using a combination of chloroplast genes Rapid mass sequencing machines make the molecular genetics portion of the work relatively inexpensive and quick Computer resources store and make available the large volumes of data Projects are currently underway to use DNA barcoding to catalog museum specimens, which have already been named and studied, as well as testing the method on less studied groups As of mid 2012, close to 150,000 named species had been barcoded Early studies suggest there are significant numbers of undescribed species that looked too much like sibling species to previously be recognized as different These now can be identified with DNA barcoding Numerous computer databases now provide information about named species and a framework for adding new species However, as already noted, at the present rate of description of new species, it will take close to 500 years before the complete catalog of life is known Many, perhaps most, species on the planet not have that much time There is also the problem of understanding which species known to science are threatened and to what degree they are threatened This task is carried out by the non-profit IUCN which, as previously mentioned, maintains the Red List—an online listing of endangered species categorized by taxonomy, type of threat, and other criteria ([link]) The Red List is supported by scientific research In 2011, the list contained 61,000 species, all with supporting documentation Art Connection 1/10 Preserving Biodiversity This chart shows the percentage of various animal species, by group, on the IUCN Red List as of 2007 Which of the following statements is not supported by this graph? There are more vulnerable fishes than critically endangered and endangered fishes combined There are more critically endangered amphibians than vulnerable, endangered and critically endangered reptiles combined Within each group, there are more critically endangered species than vulnerable species A greater percentage of bird species are critically endangered than mollusk species Changing Human Behavior Legislation throughout the world has been enacted to protect species The legislation includes international treaties as well as national and state laws The Convention on International Trade in Endangered Species of Wild Fauna and Flora (CITES) treaty came into force in 1975 The treaty, and the national legislation that supports it, provides a legal framework for preventing approximately 33,000 listed species from being transported across nations’ borders, thus protecting them from being caught or killed when international trade is involved The treaty is limited in its reach because it only deals with international movement of organisms or their parts It is also limited by various countries’ ability or willingness to enforce the treaty and supporting legislation The illegal trade in organisms and their parts is probably a market in the hundreds of millions of dollars Illegal wildlife trade is monitored by another non-profit: Trade Records Analysis of Flora and Fauna in Commerce (TRAFFIC) Within many countries there are laws that protect endangered species and regulate hunting and fishing In the United States, the Endangered Species Act (ESA) was 2/10 Preserving Biodiversity enacted in 1973 Species at risk are listed by the Act; the U.S Fish & Wildlife Service is required by law to develop management plans that protect the listed species and bring them back to sustainable numbers The Act, and others like it in other countries, is a useful tool, but it suffers because it is often difficult to get a species listed, or to get an effective management plan in place once it is listed Additionally, species may be controversially taken off the list without necessarily having had a change in their situation More fundamentally, the approach to protecting individual species rather than entire ecosystems is both inefficient and focuses efforts on a few highly visible and often charismatic species, perhaps at the expense of other species that go unprotected At the same time, the Act has a critical habitat provision outlined in the recovery mechanism that may benefit species other than the one targeted for management The Migratory Bird Treaty Act (MBTA) is an agreement between the ... Biodiversity in Vietnam Dang Thi An and Chu Thi Thu Ha Department of Environmental Biology. Institute of Ecology and Biological Resources. Vietnamese Academy of Science and Technology (VAST) - Vietnam has a dense river network: 2,300 rivers with a length over 10 km, 8 rivers have large basins of more than 10,000 km2. Lowland areas are fed by two major river systems: the Red River in the North and Mekong River in the South. - In Vietnam, there are over 3,260 km of coastline and more than 3,000 islands. Vietnam’s geographical conditions result in high variation in climate, soil and topography, and thus, a wide variety of ecosystems, each of which has its own flora and fauna. Some main characteristics of Biodiversity in Vietnam In 1992, the World Conservation Monitoring Center evaluated Vietnam as one of the 16 most biologically diverse countries in the world. Vietnam’s Biodiversity is characterized by : - Species diversity: about 11,458 species of fauna, 21,017 species of flora and 3,000 species of micro- organisms have been recognized and every year many new species are discovered. For example, in period of 1993-2002, 13 new genera, 222 species, 30 subspecies were described and 2 families, 19 genera, over 70 species were added to the native flora. Five new mammal, 3 bird species in mainland Southeast Asia and large number of new species of reptiles, amphibians, fishes and invertebrates have been described for 30 years. Table 1: Known species richness of selected taxonomic groups in Vietnam - Ecosystem diversity: in Vietnam 10 terrestrial ecosystems (forests cover the largest area and support the highest levels of biodiversity) and 9 coastal/ marine biodiversity regions adjusted to follow provincial boundaries, 30 natural and 9 artificial wetlands were documented. Vietnam has an exclusive marine economic zone of about 20 types of marine ecosystems. There are more than 11,000 species including 2,500 marine fish, 225 shrimp, over 200 phytoplanton, nearly 700 zooplankton 100 mangrove plant, 15 sea grass and over 6,000 benthic inverterbrate species. Approximately 1,122 square km of coral reef distributed from the North to the South, 90 % of hard coral species in the Indo-Pacific has been found in Vietnamese waters - Vietnam’s natural ecosystem include a rich variety of productive and beautiful forest types, marshes, rivers and coral reefs, which together support nearly 10 % of the global total mammal and bird species. - Vietnam’s biodiversity is an important part of the country’s economy and culture. Because it makes a major contribution to forestry, fishery, agriculture, health, industry and tourism. In Vietnam, more than70% of habitants are farmers, about 25 million people living depend on forests, 8 million get their primary household income and other 12 million get part of their income from fisheries. - Ecological systems and biodiversity within them provide not only much of the basic needs for people, but insurance against natural disasters(as flood and drought) as well. - Today,Vietnamese have to face biodiversity’s loss and degradation. For examples: even forest cover in Vietnam is 37% of total land area, but 18% of that is plantation, of remaining forest only 7% is “primary” and about 70% is poor quality forest. Between 1992 and 2002, forest losses due to fire averaged 6,000 hectare annually. About 700 species of animals and plants are threatened with extinction nationally, while over 300 species are threatened with global extinction, among them 49 species are classified as “critically endangered”. This due to forest loss, illegal logging, wildlife trade, habitat’s loss and fragmentation, environmental pollution… - Biodiversity’s degradation is one kind of serious natural disasters. It’s reduction is Cyber Forensics Table of Contents Cyber Forensics—A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes 1 Disclaimer 6 Introduction 7 Background 8 Dimensions of the Problem 9 Computer Forensics 10 Works Cited 11 Section I: Cyber Forensics 13 Chapter List 13 13 Chapter 1: The Goal of the Forensic Investigation 14 Overview 14 Why Investigate 14 Internet Exceeds Norm 14 Inappropriate E−mail 16 Non−Work−Related Usage of Company Resources 17 Theft of Information 18 Violation of Security Parameters 18 Intellectual Property Infraction 19 Electronic Tampering 20 Establishing a Basis or Justification to Investigate 21 Determine the Impact of Incident 22 Who to Call/Contact 24 If You Are the Auditor/Investigator 24 Resources 25 Authority 25 Obligations/Goals 25 Reporting Hierarchy 25 Escalation Procedures 25 Time Frame 26 Procedures 26 Precedence 26 Independence 26 Chapter 2: How to Begin a Non−Liturgical Forensic Examination 27 Overview 27 Isolation of Equipment 27 Cookies 29 Bookmarks 31 History Buffer 32 Cache 34 Temporary Internet Files 35 Tracking of Logon Duration and Times 35 Recent Documents List 36 Tracking of Illicit Software Installation and Use 37 i Table of Contents Chapter 2: How to Begin a Non−Liturgical Forensic Examination The System Review 38 The Manual Review 41 Hidden Files 42 How to Correlate the Evidence 43 Works Cited 44 Chapter 3: The Liturgical Forensic Examination: Tracing Activity on a Windows−Based Desktop 45 Gathering Evidence For Prosecution Purposes 45 Gathering Evidence Without Intent to Prosecute 45 The Microsoft Windows−Based Computer 46 General Guidelines To Follow 48 Cookies 50 Bookmarks/Favorites 53 Internet Explorer's History Buffer 54 Temporary Storage on the Hard Drive 55 Temporary Internet Files 56 System Registry 57 Enabling and Using Auditing via the Windows Operating System 61 Confiscation of Computer Equipment 65 Other Methods of Covert Monitoring 66 Chapter 4: Basics of Internet Abuse: What is Possible and Where to Look Under the Hood 68 Terms 68 Types of Users 69 E−Mail Tracking 69 IP Address Construction 69 Browser Tattoos 69 How an Internet Search works 70 Swap Files 74 ISPs 75 Servers 75 Works Cited 75 Chapter 5: Tools of the Trade: Automated Tools Used to Secure a System Throughout the Stages of a Forensic Investigation 77 Overview 77 Detection Tools 77 Protection Tools 84 Analysis Tools 87 Chapter 6: Network Intrusion Management and Profiling 91 Overview 91 Common Intrusion Scenarios 91 Intrusion Profiling 95 Creating the Profile 96 Conclusion 103 ii Table of Contents Chapter 7: Cyber Forensics and the Legal System 105 Overview 105 How the System Works 105 Issues of Evidence 106 Hacker, Cracker, or Saboteur 108 Best Practices 115 Notes 115 Acknowledgments 116 Section II: Federal and International Guidelines 117 Chapter List 117 117 References 118 Chapter 8: Searching and Seizing Computers and Obtaining Electronic Evidence 118 Recognizing and Meeting Title III Concerns in Computer Investigations 123 Computer Records and the Federal Rules of Evidence 131 Proposed Standards for the Exchange of Digital Evidence 134 Recovering and Examining Computer Forensic Evidence 140 International Principles for Computer Evidence 141 Chapter 9: Computer Crime Policy and Programs 143 The National Infrastructure Protection Center Advisory 01−003 143 The National Information Infrastructure Protection Act of 1996 146 Distributed Denial of Service Attacks 157 The Melissa Virus 163 Cybercrime Đa dạng sinh học (Biodiversity) Như các nhà khoa học đã nói, khoa học có thể đo được đường kínhTrái Đất, khoảng cách của Trái Đất đến Mặt Trời và đếm được các vì sao của giãi Ngân Hà, song không thể đánh giá được đa dạng sinh học bằng số lượng một cách chính xác bởi vì, đa đang sinh học không chỉ thể hiện bằng số lượng loài, các nơi sống mà còn bằng mọi mối quan hệ giữa chúng trong cấu trúc, trong dinh dưỡng Đa dạng sinh học là sự giàu có, phong phú và đa dạng về nguyên liệu di truyền, về loài và các hệ sinh thái. Vì vậy, đa dạng sinh học bao gồm sự đa dạng ở mức độ phong phú các gen trong quần thể gọi là đa dạng di truyền hay đa dạng gen, đa dạng ở mức độ loài là sự phong phú các loài gọi là đa dạng loài; và sự phong phú về các hệ sinh thái - đa dạng hệ sinh thái. Chỉ riêng khía cạnh về đa dạng loài, hiện nay khoa học chưa thể cho một con số chính xác và cũng chỉ mới xác định được tên của một bộ phận nhỏ trong chúng. Hiện tại, tổng số các loài trong sinh quyển được đánh giá vào khoảng 3 - 70 triệu loài, nhưng mới biết tên 1,4 triệu loài, tức là gần 2% tổng số (Raven and Wilson, 1992; Groombridge, 1992, ). Nhiều nhóm phân loại lớn còn biết rất ít như vi sinh-vật, côn trùng Ngay ở những nhóm động vật bậc cao như thú, trong thế kỷ này khoa học cũng đã được bổ sung thêm một số loài mới. Chỉ riêng trong các năm 1992 và 1994 ở Việt Nam đã phát hiện 4 loài thú mới cho khoa học; từ rừng Hà Tĩnh như sao la (Pseudoryx nghetinhensis), mang lớn hay còn gọi là mang bầm (Megamuntiacus vuquangensis), từ rừng Tây Nguyên loài bò sừng xoắn (Pseudonovibos spiralis) và mang Trường Sơn (Canimuntiacus truongsonensis) ở tây Quảng Nam. Về chim, chúng ta đã phát hiện được loài trĩ cuối cùng của thế giới có tên là Rheinartia ocellata ocellata, gà lam đuôi trắng (Lophura hatinhensis) và một loài gà lôi lam mào trắng (Lophura edwardsi) đã bị diệt chủng ở hầu hết các vùng, nhưng chỉ còn có mặt ở nước ta. Các nhà khoa học khẳng định rằng, nhũng loài có giới hạn chống chịu rộng thường phân bố rộng trên Trái Đất, còn những loài có giới hạn chống chịu hẹp tập trung với mật độ lớn trong những vùng địa lý hẹp. Do đó, trong các khu rừng ẩm nhiệt đới và xích đạo, nơi chỉ chiếm khoảng 7% diện tích bề mặt trái đất đã chứa hơn một nửa số lượng loài của toàn thế giới. Đa dạng sinh học ở Việt Nam Ở Việt Nam, sự khác biệt về khí hậu từ vùng gần xích đạo tới giáp vùng cận nhiệt đới cùng với sự đa dạng về địa hình, môi trường trên cạn và dưới nước đã tạo nên một thiên nhiên phong phú. Một dải rộng các thảm thực vật, gồm nhiều kiểu rừng đã được hình thành như các rừng Thông, thường chiếm ưu thế ở vùng ôn đới và cận nhiệt đới, rừng hỗn hợp lá kim và lá rộng, rừng khô cây họ Dầu ở địa hình thấp, rừng ngập mặn với các cây họ Đước chiếm ưu thế ở ven biển, rừng Tràm ở U Minh và rừng hỗn tạp tre nứa ở nhiều nơi. Mặc dù bị khai thác quá mức, song rừng Việt Nam vẫn còn chứa đựng nhiều chủng loại. Cho đến nay đã thống kê được 10.484 loài thực vật bậc cao có ... the Yellowstone experiment suggest that restoring a keystone 6/10 Preserving Biodiversity species can have the effect of restoring biodiversity in the community Ecologists have argued for the identification... regulate hunting and fishing In the United States, the Endangered Species Act (ESA) was 2/10 Preserving Biodiversity enacted in 1973 Species at risk are listed by the Act; the U.S Fish & Wildlife... conservation efforts A preserve is an area of land set aside with varying degrees of 3/10 Preserving Biodiversity protection for the organisms that exist within the boundaries of the preserve