elysium network security 2010

Elysium Technologies Private Limited ISO 9001:2008 A leading Research and Development Division Madurai | Chennai | Kollam | Ramnad | Tuticorin | Singapore

#230, Church Road, Anna Nagar, Madurai 625 020, Tamil Nadu, India (: +91 452-4390702, 4392702, 4390651 Website: www.elysiumtechnologies.com,www.elysiumtechnologies.info Email: [email protected]

A b s t r a c t

Network Security 2010 - 2011

01 Cache Mechanism in P2P Streaming Media System

Providing streaming media service over the Internet is challenging. Since this requires high communication bandwidth

for delivery. How to avoid the bottleneck of the streaming media service with the use of P2P system has become a

hotspot. In this paper, we review the existing caching management and propose a novel cache allocation fit for P2P

streaming media system. Our approach allows the system to retain many copies of popular videos to avoid creating

hot spots and at the same time, prevent unpopular videos from being quickly evicted from the system.

02 Bit Level Adaptive Interleaving for WiMAX

Based on the works of S-W Lei and V.K.N. Lau, we propose a novel adaptive interleaving scheme for the application in

orthogonal frequency division multiplexing (OFDM) systems. The new scheme has improved the original one in the

following two aspects: (1) We have derived the equivalent bit level channel state information thus the symbol level

inter lever is changed to the bit level; (2) We have modified the quasi-closed-loop method which has much signaling

overhead and is sensitive to the feedback errors. The simulation results show that the proposed scheme has better

performance, less feedback overhead and is more robust to the feedback errors

03 A-SMART: An Advanced Controlled-Flooding Routing with Group Structures for Delay Tolerant Networks

Delay Tolerant Network (DTN) is a network in which end-to-end connectivity may not be guaranteed because of the

frequent and long duration partitions. SMART routing, which is a selective controlled-flooding scheme, utilizes travel

companions of the destinations and improves the delivery opportunities, but its flooding overhead can be further

controlled. In this paper, we propose A-SMART routing which combines the companion features and ANYCAST

forwarding-based scheme, it is aimed at further flooding control. Our study shows that A-SMART has a better

performance than the selective controlled-flooding in terms of message delivery ratio and overhead ratio. In A-SMART

routing, the reliability increases while the number of messages propagated decreases.

04 An improved method Dealing with the End Effect of Hilbert-Huang Transform

An improved method dealing with the End Effect of Empirical Mode Decomposition is proposed. The period of the

signal components is evaluated from high order autocorrelation function in the process of signal decomposition. Then,

the signal components are extended based on the proposed criterion. The fluctuant trend of the extended sequences

is consistent with the original signal components. Compared with the existed extending method, the proposed method

ensure that the extended sequence is continual at the two ends and agree with original fluctuant trend, it is a low

complexity and efficient method, which fit for periodic or quasi-periodic signal whose frequency modulation range is

narrow??Simulation results show the validity of the method.

05 An Improved Joint Timing and Frequency Synchronization Algorithm for OFDM

An improved OFDM joint timing and frequency synchronization algorithm is proposed based on Schmidl algorithm

aimed at the synchronization problem of orthogonal frequency division multiplexing (OFDM). It only requires one

training symbol, and it makes an improvement to the method of symbol timing and integer frequency offset estimation



in Schmidl algorithm. The estimation range of the proposed method is as large as the bandwidth of the OFDM signal,

and the plateau in Schmidl algorithm is eliminated. The simulation results show that the improved algorithm has

robust performance

06 A New ID-based Aggregate Signature with Constant Pairing Operations

Given signatures on distinct messages from n distinct users, aggregate signature scheme is possible to aggregate

these entire signatures into a single short signature. In this paper, we propose an identity-based aggregate signature

scheme which requires constant pairing operations in the verification. We prove that the proposed signature scheme

is secure against existential forgery under adaptively chosen message and ID attack in the random oracle model

assuming the intractability of the computational Diffie-Hellman problem.

07 A Dual-Soft-Handoff Scheme for Fast Seamless Roaming in WLAN

In recent years, wireless local area network (WLAN) has been deployed in many wireless applications. When the

mobile node (MN) accesses different access points (AP), handoff latency may cause packet loss and result in serious

problems in real-time applications. This paper proposes an efficient soft handoff scheme realized by dual-handoff. The

MN maintains two active links to forward and backward APs respectively, and the handoffs are never simultaneous to

ensure one data thoroughfare always existing. It achieves seamless data transmission during fast motion. Simulation

results indicate that it’s at least feasible in WLAN while the MN moves at 120km/h

08 Traffic-Aware Frequent Elements Matching Algorithms for Deep Packet Inspection

Network devices are increasingly using packet content for processing incoming or outgoing packets. Many pattern

matching algorithms have been proposed to improve packet matching throughput. Most of them are, however,

independent of traffic pattern and may end up with longer match time against actual traffic. We present novel

algorithms that utilize traffic characteristics coupled with frequent elements pattern matching to obtain high

throughput. The algorithms modified and expanded the current matching procedure and data structure of classical

pattern matching algorithms. The presented pattern matching algorithms, using the traffic-aware frequent elements

and the dynamic pattern matching algorithms to adaptive to the traffic, have performance advantage with the true

dynamic network traffic

09 The Secrecy Evaluation of Military Enterprises for National Defense Based on the Fuzzy Set Theory

To eliminate the random and man-made factors of secret censorship evaluation on military enterprises for national

defense, standardizing secrecy censorship evaluation, this paper studies the secrecy censorship evaluation of military

enterprises for national defense by the fuzzy set theory and method. By designing indexes system of secrecy

evaluation and the model of integrated evaluation, quantizing each evaluation index and commentary, analysizing the

data acquired, and get the more realistic and scientific secrecy evaluation results, it can provide scientific basis for the

secret management.



10 The Research about Information Interaction Design Based on the Usability of Intelligent Product

Based on the research about the usability concepts, combining the composition of the man-machine interface in the

product function realization and the trends in smart product development, I put forward that information interaction is

decisive, sum up a typical form of user interface when the product is used for information interaction, and propose the

general principles of information interaction design to enhance the usability of product and the developing information

interactive design.

11 Securing Cookies with a MAC Address Encrypted Key Ring

Most web services providers use cookies to personalize the customers’ access to the website. A cookie contains a

user’s privacy and important identification which can be used to identify the user. However, cookies are not as safe as

we take it for granted. There are still some potential safety hazards in cookies. For example, the contents in the

cookies can be easily changed, thus it will result in some safety threats to the user or the website. This paper proposes

a new cookie security policy based on a MAC address encrypted key ring. It can make the cookies have higher

confidentiality and higher efficiency. It is also easy to deploy and meets the user’s higher security requirements.

12 Malware Variants Identification Based on Byte Frequency

Malware variants refer to all the new malwares manually or automatically produced from any existing malware.

However, such simple approach to produce malwares can change signatures of the original malware to confuse and

bypass most of popular signature-based anti-malware tools. In this paper we propose a novel byte frequency based

detecting model (BFBDM) to deal with the malware variants identification issue. The primary experimental results show

that our model is efficient and effective for the identification of malware variants, especially for the manual variant

13 Investigation of GPS-based Embedded Guiding System for Scenic Spots

Abstract-In the case of self-help tourism, the tourist may get lost or miss some scenic spots. To solve these problems,

this paper systematically studies the design of a self-guided tour of scenic spots system based on FS241O, describes

the principles and functional modules of the system, and studies in depth how to display GPS positioning dynamically

by using QtlEmbedded. The system implements map showing, GPS tracking, and video of attractions automatically

playing, scenic spots enquiries and so on. Finally, Drum Mountain Scenic Area in Fuzhou is taken for example to

testify the feasibility of the embedded guiding system. The example shows that the system has friendly interface,

simplified operation and rich information, which will bring great convenience for self-helped tourists .

14 Highway Passenger Traffic Volume Research Based on Gray - Markov Prediction Model

In this paper, we propose the application of gray Markov model for forecasting methods, and amend with the smooth

ratio the historical data, establish the GM (1,1) model . By determining the coefficients to obtain the development

series of the future road passenger traffic amount, and by combining the Markov chain process, to classify the random

sequence status into three categories, by determining the status transfer matrix, we predict the road passenger traffic

amount in 5 years. The theoretical analysis and practical application show that the prediction is more reliable using

this method. We can manage the development of passenger traffic, which helps the administration to make decisions.



15 Elliptic Curve Cryptography (ECC) for Host Identity Protocol (HIP)

We compare computational resources required for handling control plane of the Host Identity Protocol (HIP) using

Rivest-Shamir-Adleman (RSA) versus Elliptic Curve Cryptography (ECC) encryption algorithms with keys of equivalent

strength. We show that servers would establish almost three times more HIP connections per second when ECC is

used for generating the session key. For devices with low computational power such as Nokia N810 Internet Tablet, the

use of ECC would notably reduce the delay to establish a HIP association. Unless compatibility with legacy RSA/DSA-

only systems is needed, the Host Identity may be an ECC key as well, but such a modification would bring only 50

percent additional performance with the current default keys. However the situation becomes different under higher

security requirements when employing ECC for the host identification boosts the performance more than four times,

and we consider ECC Host Identities desirable in that case.

16 E-business online payment and credit card industry development in China

The research pointed out the trend that e-business online payment is growing with the prospering development of

credit card industry in China. The reasons why Chinese consumers prefer online payment and why the credit card

industry development is important to online payment were analyzed. The pros and cons of credit card online payment

was also discussed with some followed suggestions.

17 On the Implementation of the Discrete Fourier Transform in the Encrypted Domain

Signal-processing modules working directly on encrypted data provide an elegant solution to application scenarios

where valuable signals must be protected from a malicious processing device. In this paper, we investigate the

implementation of the discrete Fourier transform (DFT) in the encrypted domain by using the homomorphism

properties of the underlying cryptosystem. Several important issues are considered for the direct DFT: the radix-2 and

the radix-4 fast Fourier algorithms, including the error analysis and the maximum size of the sequence that can be

transformed. We also provide computational complexity analyses and comparisons. The results show that the radix-4

fast Fourier transform is best suited for an encrypted domain implementation in the proposed scenarios

18 Personal Authentication Using Finger Knuckle Surface

This paper investigates a new approach for personal authentication using finger back surface imaging. The texture

pattern produced by the finger knuckle bending is highly unique and makes the surface a distinctive biometric

identifier. The finger geometry features can be simultaneously acquired from the same image at the same time and

integrated to further improve the user identification accuracy of such a system. The fingerback surface images from

each user are normalized to minimize the scale, translation, and rotational variations in the knuckle images. This paper

details the development of such an approach using peg-free imaging. The experimental results from the proposed

approach are promising and confirm the usefulness of such an approach for personal authentication

19 SMOCK: A Scalable Method of Cryptographic Key Management for Mission-Critical Networks

Mission-critical networks show great potential in emergency response and/or recovery, health care, critical

infrastructure monitoring, etc. Such mission critical applications demand that security service be “anywhere,”

“anytime,” and “anyhow.” However, it is challenging to design a key management scheme in current mission-critical

networks to fulfill the required attributes of secure communications, such as data integrity, authentication,



confidentiality, no repudiation, and service availability. In this paper, we present a self-contained public key-

management scheme, a scalable method of cryptographic key management (SMOCK), which achieves almost zero

communication overhead for authentication, and offers high service availability. In our scheme, a small number of

cryptographic keys are stored offline at individual nodes before they are deployed in the network. To provide good

scalability in terms of the number of nodes and storage space, we utilize a combinatorial design of public-private key

pairs, which means nodes combine more than one key pair to encrypt and decrypt messages. We also show that

SMOCK provides controllable resilience when malicious nodes compromise a limited number of nodes before key

revocation and renewal

20 A Hypothesis Testing Approach to Semi fragile Watermark- Based Authentication

This paper studies the problem of achieving watermark semi fragility in watermark-based authentication systems

through a composite hypothesis testing approach. Embedding a semi fragile watermark serves to distinguish

legitimate distortions caused by signal-processing manipulations from illegitimate ones caused by malicious

tampering. This leads us to consider authentication verification as a composite hypothesis testing problem with the

watermark as side information. Based on the hypothesis testing model, we investigate effective embedding strategies

to assist the watermark verifier to make correct decisions. Our results demonstrate that quantization-based

watermarking is more appropriate than spread-spectrum-based methods to achieve the semi fragility tradeoff between

two error probabilities. This observation is confirmed by a case study of an additive Gaussian white noise channel with

a Gaussian source using two figures of merit: 1) relative entropy of the two hypothesis distributions and 2) the receiver

operating characteristic. Finally, we focus on common signal-processing distortions, such as JPEG compression and

image filtering, and investigate the discrimination statistic and optimal decision regions to distinguish legitimate and

illegitimate distortions. The results of this paper show that our approach provides insights for authentication

watermarking and allows for better control of semi fragility in specific applications

21 Dividing PKI in Strongest Availability Zones

Key management involves two aspects: key distribution and key revocation. This paper presents the geographic

server distributed model for key revocation which concerns about the security and performance of the system. The

concept presented in this paper is more reliable, faster and scalable than the existing revocation techniques used in

Public Key Infrastructure (PKI) framework in various countries, as it optimizes key authentication in a network. It

proposes auto seeking of a geographically distributed certifying authority's key revocation server, which holds the

revocation lists by the client, based on the best service availability. The network is divided itself into the strongest

availability zones (SAZ), which automatically allows the new receiver to update the address of the authentication

server and replace the old address with the new address of the SAZ, in case it moves to another location in the zone,

or in case the server becomes unavailable in the same zone. Our scheme eases out the revocation mechanism and

enables key revocation in the legacy systems.

22 Mobile DRM System based on a three-step User Authentication Process

With the development of communication network technology, many studies are being conducted on content protection

techniques in the mobile digital contents area as well. In this paper, a mobile DRM system is presented for protection

of digital contents based on a three-step authentication process. In this approach, we constructed a secure digital

contents distribution system through a three-step user authentication process. For robust user authentication, we

reinforced the security of the contents using the AES algorithm in the first and second authentication processes.



23 A New RMI Framework for Outdoor Objects Recognition

In this paper, we present an extension to the Recurrent Motion Image (RMI) motion-based object recognition

framework for use in development of automated video surveillance systems. We extended the object classes of RMI to

include four-legged animals (such as dog and cat) and enhanced the preprocessing and shadow removal algorithms

for better object segmentation and recognition. Under the new framework, object blobs obtained from background

subtraction of scenes are tracked using region correspondence. In turn, we calculate the RMI signatures based on the

silhouettes of the object blobs for proper classification. This new framework is tested on several real world 320 x 240

resolution color image sequences captured with a low-end digital camera, and all of the moving objects in our samples

are properly detected, tracked and classified – indicating the applicability of the new framework in similar task

environment.

24 Security Analysis of the Louis Protocol for Location Privacy

Many location-based services for alerting persons of nearby friends have been deployed in practice. A drawback of

most approaches to providing such services is that friends always learn each other’s location even when they are not

actually nearby. The Louis protocol proposed by Zhong, Goldberg and Hengartner aims to ensure that a friend’s

location is revealed to another friend if and only if the friends are actually nearby. The protocol lets a third party learn

whether the friends are nearby, without the third party learning their location. The third party communicates the

answer to the person who invokes the service. A key feature of the protocol is that a person can detect misbehavior by

the third party or the person’s friend. This paper reveals a flaw in the way the protocol handles the detection of the

misbehaving party, leading to an unauthorized disclosure of a person’s location. Two alternatives for fixing the flaw in

the protocol are proposed and a heuristic analysis is given

25 Symmetry structured SPN block cipher algorithm

Feistel and SPN are the two main structures in designing a block cipher algorithm. Unlike Feistel, an SPN has an

asymmetric structure in encryption and decryption. In this paper we propose an SPN algorithm which has a symmetric

structure in encryption and decryption. The whole operations in our SPN algorithm are composed of the even numbers

of N rounds where the first half of them, 1 to N/2, applies function and the last half of them, (N+1)/2 to N, employs

inverse function. Symmetry layer is executed to create a symmetry block in between function layer and inverse

function layer. AES encryption and decryption algorithm, whose safety is already proved, are exploited for function

and inverse function, respectively. Proposed symmetry layer is the simple logical operation, because this doesn't

effect at the whole process time of encryption and decryption. The proposed algorithm can be easily applied to the

algorithm which has different encryption and decryption and make it same, and it can be good idea to be used to

design a new block cipher algorithm.

26 The Evaluation Report of SHA-256 Crypt Analysis Hash Function

This paper describes the study of cryptographic hash functions, one of the most important classes of primitives used

in recent techniques in cryptography. The main aim is the development of recent crypt analysis hash function. We

present different approaches to defining security properties more formally and present basic attack on hash function.

We recall Merkle-Damgard security properties of iterated hash function. The Main aim of this paper is the development

of recent techniques applicable to crypt Analysis hash function, mainly from SHA family. Recent proposed attacks an

MD5 & SHA motivate a new hash function design. It is designed not only to have higher security but also to be faster

than SHA-256. The performance of the new hash function is at least 30% better than that of SHA-256 in software. And it

is secure against any known cryptographic attacks on hash functions



27 Three way Challenge-Response authentication in smart card Using Elliptic Curve Cryptosystem

In this paper presents an authentication protocol for challenge-response exchange in smart card. Cryptographic

authentication is necessary to protect branded goods from forgery. Existing protocols do not include cryptographic

authentication mechanisms. Therefore, a new approach for authentication is proposed in this paper. Because of the

limited computing power, low die- size and low- power requirements, a three way challenge- response authentication

scheme is used between the devices and the smart card. The goal of this paper is to create authentication data

between card and device using encryption algorithms key pair and pseudorandom number generation including the

analysis of properties of common pseudorandom number generators. Furthermore, cryptographic applications heavily

rely on pseudorandom number generator to generate secrets such as session keys, passwords and key pairs. ECC

algorithms are developed using visual C++ environment to obtain data transmission more secure and efficient.

28 System level Security modeling using Attack trees

Vulnerabilities in intrusion tolerant systems have dependence on various dynamic aspects such as redundant

mechanisms, fault and error recovery mechanisms, and different operation modes. The conventional nodes of attack

trees can not adequately capture the attacks towards those systems, thus constructing security models for the

systems is very difficult. This paper introduces new nodes to model the security of those systems. The nodes include:

PAND node, k/n node, SEQ node, CSUB node, and Housing node. We provide the syntax and graphical representation

for each node. The nodes allow us to model attacks that require exploitation of vulnerabilities which have dependence

on ordering events, sequence-dependant events, conditional failures and mechanisms which involve configuration

changes with time. We use the nodes to construct attack trees for different security related systems.

29 Visual Secret sharing schemes for Color Images using half toning via Direct Binary search

This paper proposes a method of encoding a color image into n meaningful halftone shares using the scheme of

halftone visual cryptography. The proposed method can encode the secret pixels into the shares via direct binary

search (DBS) half toning method for color images. The error between the halftone shares and the continuous-tone

images are minimized with respect to a human visual system (HVS) model [4]. Simulation results show that the

proposed method can improve halftone image quality for the enclosed shares compared with previous techniques.

30 Email Worm Detection by Wavelet Analysis of DNS Query Streams

The high prevalence of email worms indicates that current in-network defense mechanisms are incapable of mitigating

this Internet threat. Moreover commonly applied approaches against this class of propagating malicious program do

not target reducing unwanted email traffic traversing the Internet. In this paper, we take a step toward better

understanding of email worms, and explore their effect on the flow-level characteristics of Domain Name System (DNS)

query streams that user machines generate. We propose a novel method, which uses time series analysis and

unsupervised learning, to detect email worms as they appear on local name servers. To evaluate our detection method,

we have constructed a DNS query dataset that consists of 71 email worms. We demonstrate that our method is very

effective

31 JigDFS: A Secure Distributed File System

Ubiquitous connectivity and availability of P2P resources creates opportunities for building new services. This paper



describes Jigsaw Distributed File System (Jig DFS) which can be used to securely store and retrieve files on a P2P

network anonymously. Jig DFS is designed to provide strong encryption and a certain level of plausible deniability.

Files in Jig DFS are sliced into small segments using an Information Dispersal Algorithm (IDA) and distributed onto

different nodes recursively to increase fault tolerance against node failures. Moreover, layered encryption is applied to

each file with keys produced by a hashed-key chain algorithm, so that data (file segments) and keys reside on different

hosts. In such a scheme, if an attacker compromises a host and retrieves the data, the attacker will still need the

correct key to decipher the data. Furthermore, recursive IDA and layered encryption ensure users’ anonymity. It is

difficult for an adversary to identify who owns a file, even who has retrieved a file in Jig DFS. Often, a strong adversary

may have the power to monitor the network or even force a user to give up the password. Design of Jig DFS provides

users with plausible deniability which enhances privacy. When being questioned, a Jig DFS user can simply argue that

he/she is merely a relaying node, rather than the file owner. Moreover, a user, when forced, can give up a valid,

however, incorrect encryption key. There is no way for an adversary to verify either correctness of a key or the identity

of file owner. Jig DFS is developed using platform independent Java technologies and is envisioned to utilize mobile

computing elements such as PDAS and smart phones

32 Visual Similarity-based Phishing Detection without Victim Site Information

Phishing attacks, which steal users’ account information by fake websites, have become a serious problem on the

Internet. There are two major approaches in Phishing detection: the blacklist- and the heuristics-based approach.

Heuristics based approaches employ common characteristics of Phishing sites such as distinctive keywords used in

web pages or URLs in order to detect new Phishing sites that are not yet listed in blacklists. However, these kinds of

heuristics can be easily circumvented by phishes once their mechanism is revealed. In order to overcome this

weakness, visual similarity-based detection techniques have been proposed. Because Phishing sites have to mimic

victim sites, visual similarity between Phishing sites and their victim sites is supposed to be an inherent and not easily

concealable characteristic. However, these techniques require images of real victim sites for detection. In this paper,

we propose a Phishing detection mechanism based on visual similarity among Phishing sites that mimic the same

victim site. Surprisingly, just by analyzing visual similarity among web pages without a priori knowledge, our method

automatically extracts 224 distinct web page layouts mimicked by 2,262 Phishing sites and achieves a detection rate of

over 80% while keeping the false-positive rate to 17.5 %. We also find that the false-positive rate can be reduced

33 An Improved Authentication Protocol Based on One-Way Hash Functions and Diffie-Hellman Key Exchange

Recently, Yoon and Yoo proposed a new authentication protocol based on a one-way hash function and Diffie-Hellman

key exchange, which is based on the protocol by Wu-Chieu and Lee-Lin- Chang. They claim that their protocol is

secure, but we show it is susceptible to password guessing if an adversary gains possession of the smart card.

Additionally, we propose an improved protocol which can withstand the presented attack

34 Visualization of Security Events Using an Efficient Correlation Technique

The timely and reliable data transfer required by many networked applications necessitates the development of

comprehensive security solutions to monitor and protect against an increasing number of malicious attacks. However,

providing complete cyber space situation awareness is extremely challenging because of the lack of effective

translation mechanisms from low-level situation information to high-level human cognition for decision making and

action support. We propose an adaptive cyber security monitoring system that integrates a number of component

techniques to collect time series situation information, perform intrusion detection, keep track of event evolution,

characterize and identify security events, and present a visual representation in order to provide comprehensive

situational view so that corresponding defense actions can be taken in a timely and effective manner. We explore the

principles of designing and applying appropriate visualization techniques for situation monitoring by defining

graphical representations of security events. This differs from the traditional rule-based pattern matching techniques

in that security events in the proposed system are represented as forms of correlation networks using random matrix

theory and identified through the computation of network similarity measurement. The events and corresponding

event types are visualized using a stem plot to show location and quantity. Extensive simulation results on event



identification illustrate the efficacy of the proposed system

35 A Signature Scheme Associated with Universal Resigncryption

Today, with increasing diversity of network technologies, people have been likely to be interested in anonymity. The

attacker might threaten anonymity of senders and receivers by confirming link ability between their sessions.

Recently, Golle et al. proposed the re-encryption scheme applicable to Mix, called Universal Re-encryption. In this

scheme, a cipher text is supposed to be re-encrypted without public information corresponding to it. Moreover, only a

subject that re-encrypts a cipher text can know the correspondence of original cipher text and it, and the

computational complexity to break the unlink ability property is equal to the semantic secrecy. In this paper, we

consider and improve the Universal Reencryption scheme, and propose a scheme that can verify who transmit the

message by adding the property of signature.

36 Optimal Replica Placement under TTL-Based Consistency

Geographically replicating popular objects in the Internet speeds up content distribution at the cost of keeping the

replicas consistent and up-to-date. The overall effectiveness of replication can be measured by the total

communication cost consisting of client accesses and consistency management, both of which depend on the

locations of the replicas. This paper investigates the problem of placing replicas under the widely used TTL-based

consistency scheme. A polynomial-time algorithm is proposed to compute the optimal placement of a given number of

replicas in a network. The new replica placement scheme is compared, using real Internet topologies and Web traces,

against two existing approaches which do not consider consistency management or assume invalidation-based

consistency scheme. The factors

elysium network security 2010

Documents