In a computer network that consists of $M$ subnetworks, the $L$-bit address of a machine consists of two parts: A prefix $s_i$ that contains the address of the subnetwork to which the machine belongs, and a suffix (of length $L-|s_i|$) containing the address of that particular machine within its subnetwork.
In fixed-length subnetwork addressing, $|s_i |$ is independent of $i$, whereas in variable-length subnetwork addressing, $|s_i|$ varies from one subnetwork to another. To avoid ambiguity when decoding addresses, there is a requirement that no $s_i$ be a prefix of another $s_j$. An interesting practical problem is how to find a suitable set of $s_i$‘s in order to maximise the total number of addressable machines, when the $i$th subnetwork contains $n_i$ machines. A solution might leave some subnetworks completely unsatisfied and the rest of the subnetworks completely satisfied; The abstract problem implied by this formulation is: Given an integer $L$, and given $M$ (not necessarily distinct) positive integers $n_1 , \cdots , n_M$, find $M$ binary strings $s_1 , \cdots , s_M$ (some of which may be empty) such that (i) no nonempty string $s_i$ is a prefix of another string $s_j$, (ii) no $s_i$ is more than $L$ bits long (iii) the quantity $\sum_{|s_i | \neq 0} $ is maximised and (iv) Every nonempty prefix completely satisfies the corresponding subnetwork - \emph{i.e.,} $|s_i| \neq 0 \Longrightarrow 2^{L-|s_i|} \geq n_i, 1 \leq i \leq M$. We present a polynomial time algorithm for solving the aforementioned abstract problem. We also provide an algorithm to solve the case where each $n_i$ has a priority associated with it and there is an additional constraint involving priorities: Some subnetworks are then more important than others and are treated preferentially when assigning addresses. We also make observations about the case where there is a hierarchy of subnetworks present.

Role based access control (RBAC) has generated great interest in the security community for its inherent richness and flexibility in modeling a wide range of access control policies. Any comprehensive access control model such as RBAC requires verification tools to support consistency analysis and identify possible policy conflicts. These conflicts, if remain undetected and unresolved, expose the underlying system to numerous vulnerabilities and security risks. In this paper, we propose a verification framework for detection and resolution of inconsistencies and conflicts in event-driven RBAC policies. The framework uses an integer programming based approach for optimal resolution of policy conflicts. The proposed approach is generic and can be tuned to a variety of optimality measures.

Vulnerabilities and the attacks on Ad Hoc Ondemand Distance Vector (AODV) protocol are investigated and studied via analysis and simulation. The attacks are classified by their target properties. The analysis shows that the ondemand route query enables the malicious host to conduct real time attacks on AODV. False distance vector and false destination sequence attacks are studied by simulation. Two connection scenarios: common destination and uniformly distributed traffic load are considered. The delivery ratio, attack overhead, and the propagation of false routes are measured by varying the number of connections and the mobility of the hosts. The simulation results illustrate that the attacker can confuse the network connectivity with false routes and lead to a decrease up to 75% in the delivery ratio. When the hosts are uniformly distributed, the false distance vector attacks can not cheatmore than half of the hosts. But the false destination sequence routes can propagate to most of the network. The anomaly patterns of sequence numbers carried by routing request (RREQ) can be applied to detect the false destination sequence attacks. The vulnerability analysis results and anomaly patterns can be employed by other Ad Hoc routing protocols to establish intrusion prevention and detection mechanisms.

Wireless networks with movable base stations combine the advantages of mobile ad hoc networks and wireless LAN to achieve both flexibility and scalability. We present the hierarchical mobile wireless network (HMWN) to support movable base stations. HMWN may be applied to ad hoc networks as well to build a virtual hierarchy. In such a system, mobile hosts are organized into hierarchical groups. Four basic operations for setting up and maintaining the network structure are grouping, registration, leaving, and migration. An efficient group membership management protocol is developed to support mobile hosts roaming among different groups. The segmented membership-based group routing (SMGR) protocol is proposed to take advantage of the hierarchical structure and membership information. In this protocol, only local message exchanging is required for maintaining network topology and routing information. Simulation-based experiment demonstrates the scalability of the design in terms of protocol overheads.

We develop a framework for specifying and reasoning about policies for sharing resources in coalitions, focussing here on a particular, common type of contract in which coalition members agree to make available some total amount of specified resource over a given time period.  The main part of the framework is a policy language with two basic elements: ‘obligations’ (of a member enterprise to provide a total amount of resources over a given time period) express the coalition policy , and ‘entitlements’ (granted by an enterprise to other coalition members) express the local policies of the coalition members.  We discuss the coalitions under which a local policy can be said to be in compliance with, or meet, the obligations of a coalition policy, and the conditions under which an obligation, and by extension a contract, can be said to be violated or fulfilled.

Integrating data from multiple sources has been a longstanding challenge in the database community. Techniques such as privacy-preserving data mining promises privacy,but assume data has integration has been accomplished. Data integration methods are seriously hampered by inability to share the data to be integrated. This paper lays out a privacy framework for data integration. Challenges for data integration in the context of this framework are discussed,in the context of existing accomplishments in data integration. Many of these challenges are opportunities for the data mining community

The Defense Science Study Group (DSSG) is a 2-year educational program, sponsored by the Defense Advanced Research Projects Agency (DARPA), designed to introduce outstanding young professors of science and engineering to the defense community and to current national security issues.  The program has two basic components.  The first focuses on group activities and provides a broad introduction to the defense community.  This is achieved through a series of briefings by senior military and civilian officials and through visits to Joint Commands, industrial facilities, and military installations.  During the second component members are provided the opportunity to personalize the DSSG experience by selecting a specific area of interest, preferably outside their area of acedemic specialization, and spending about 2 weeks reviewing DoD activities in that area.  This is done during the June and August sessions of the program’s second year.  The June session is held in Washington, and the members interact with IDA and DARPA staff as well as with military and civilians throughout DoD.  The August session is held at Los Alamos National Laboratory where the members interact with laboratory staff and prepare brief reviews of their subject areas.  In November, the final session of the program, members brief their study results to the other members and mentors of the program. This report contains the unclassified papers of the eighth DSSG class, which met during 2002-2003.  Again, each paper is brief, informal review of an area of specific interest to the participant.  It primary purpose is to enable the authors to determine defense comunity interests in the selected area and to begin to make contact with apropriate individuals within that community.  All of the papers are unclassified.  The reports were reviewed and organized by Dr. Phillip Gould, Director of DSSG program, and Ms. Karen L. Olson, DSSG Administrator.

This research endeavor explores four biometric technologies and their potential usage in the tourism and hospitality industry.  This paper begins with a review of viable biometric technologies and continues with a discussion of their potential applications to tourism and hospitality businesses.  Various tourism and hospitality scenarios in which biometrics can be used are explored.  The article concludes with a discussion on the need for additional research on consumer perceptions to assist in answering questions regarding the social and business impact of biometric technologies in tourism and hospitality.

In this paper we analyze the requirements access control mechanisms must fulfill in the context of group communication and define a framework for supporting fine-grained access control in client-server group communication systems. Our framework combines rolebased access control mechanisms with environment parameters (time, IP address, etc.) to provide support for a wide range of applications with very different requirements. While the access control policy is defined by the application, its efficient enforcement is performed by the group communication system.

Large repositories of data contain sensitive information that must be protected against unauthorized access. The protection of the confidentiality of this information has been a long-term goal for the database security research community and for the government statistical agencies. Recent advances in data mining and machine learning algorithms have increased the disclosure risks that one may encounter when releasing data to outside parties. A key problem, and still not sufficiently investigated, is the need to balance the confidentiality of the disclosed data with the legitimate needs of the data users. Every disclosure limitation method affects, in some way, and modifies true data values and relationships. In this paper, we investigate confidentiality issues of a broad category of rules, the association rules. In particular, we present three strategies and five algorithms for hiding a group of association rules, which is characterized as sensitive. One rule is characterized as sensitive if its disclosure risk is above a certain privacy threshold. Sometimes, sensitive rules should not be disclosed to the public since, among other things, they may be used for inferring sensitive data, or they may provide business competitors with an advantage. We also perform an evaluation study of the hiding algorithms in order to analyze their time complexity and the impact that they have in the original database.

Document security in XML-based Web services has become increasingly important for managing secure business transactions over the Web. The authors propose an XML-based access control specification language to address this security challenge.

In this paper, we present Trust-X, a comprehensive XML-based [12] framework for trust negotiations, specifically conceived for a peer-to-peer environment. Trust negotiation is a promising approach for establishing trust in open systems like the Internet, where sensitive interactions may often occur between entities at first contact, with no prior knowledge of each other. The framework we propose takes into account all aspects related to negotiations, from the specification of the profiles and policies of the involved parties to the selection of the best strategy to succeed in the negotiation. Trust-X presents a number of innovative features, such as the support for protection of sensitive policies, the use of trust tickets to speed up the negotiation, and the support of different strategies to carry on a negotiation. In this paper, besides presenting the language to encode security information, we present the system architecture and algorithms according to which negotiations can take place.

UDDI registries are today the standard way of publishing information on web services. They can be thought of as a structured repository of information that can be queried by clients to find the web services that better fit they needs. Even if, at the beginning, UDDI has been mainly conceived as a public registry without specific facilities for security, today security issues are becoming more and more crucial, due to the fact that data published in UDDI registries may be highly strategic and sensitive. In this paper, we focus on authenticity issues, by proposing a method, based on Merkle Hash Trees, which does not require the party managing the UDDI to be trusted wrt authenticity. In the paper, besides giving all the details of the proposed solution, we show its benefit wrt standard digital signature techniques.