Printer Friendly

Computers. (Abstracts-2003 Annual Meetings).

Secure Sockets Layer: How it Works and Why We Need it. Ryan Laus, Central Michigan University, Park Library, 300 E. Preston, Mount Pleasant, MI 48859

Secure Sockets Layer, or SSL, was developed by Netscape Communications and has existed for several years now. SSL is a system for encrypting information before it is sent over the Internet, and then decrypting it before it is used. Another key component, SSL certificates, provides a way for web users to verify that the site they are visiting is authentic and not a spoofed site. These certificates are based on the public key/private key architecture and use a number of different ciphers such as RSA, MD5, or Blowfish to generate the key pairs. Since SSL is not a new technology it has gone through several versions, as has most software, with each version offering better protection and improved functionality. What type of features will be available in the next version of SSL? Lastly, I will look at how somebody could compromise or break through SSL and show how to protect yourself from this kind of attack.

Providing A Secure Host Bridging Protocol for Wireless LANs. Elsa Valeroso Poh, Eastern Michigan University, Computer Science Department, Ypsilanti, MI 48197, and Jody Grassel, IBM Corp., Rochester, MN 55901

To improve the coverage area of wireless local area networks (wLANs) that are centrally managed by a network access point, an associated member station of a wLAN may volunteer to share some of its resources to relay MAC frames between the access point and the isolated station (a station that is unable to directly communicate with the access point). This may be implemented through the Dynamic Relaying Protocol Extension for Wireless Local Area Networks. The protocol extension is highly dependent on cryptographic and digital signature technology in order

to preserve the authenticity of messages exchanged between the access point and the isolated station. Encrypting the secrets passed in the messages exchanged is vital to prevent unauthorized access to a wLAN through the protocol extension. The use of digital signatures prevents other stations from modifying the contents of the messages exchanged between the end stations. In this study, a description of proposed information including required public and private keys exchanged between the isolated station, the volunteer relay station and the access point is provided as well as the protocol involved in the establishment of a relayed frame session.

Data Mining Tools and their Performance. Mahmudul Khan, Saginaw Valley State University, Computer Science; home address: do Morteza Marzjarani, PO Box 6676, Saginaw, MI 48608

Data mining is a common area between statisticians and computer scientists. Many big companies today use data mining tools to find patterns among their large data sets and use these patterns to make business decisions. In this research work, we present some user friendly data mining tools, such as probability, regression, decision trees, and clustering. A comparison of these tools in terms of some features of interest such as speed, space requirements, performance, and interactions with data bases will also be presented.

Cryptanalysis of File Encryption Products. Donald G. Marks, Robert Fox, and Eric McDonald, Central Michigan University, Computer Science, PE 413, Mount Pleasant, MI 48859

There are several file encryption products that protect files both on a user's hard drive and during transmission to another user. Since the recipient must be able to decrypt the file, information relating to the password or encryption key is normally included in the transmission. Therefore, these file encryption products must be designed and installed very carefully to ensure that the information is properly protected. A careful cryptanalysis of several products reveals flaws in the implementations that allow attackers to discover the password used to encrypt the files. Decryption is then trivial. A detailed deconstruction of an example encryption system provides valuable insights into principles of system design and implementation. Shareware software packages are discussed that simplify the systems analysis, provide cryptographic support, and actually allow us to determine the plaintext version of the password. As a result of this study, we have derived security design guidelines to be considered when desig ning or choosing a file encryption package. The concrete example plus the abstraction of general design principles provides a valuable enhancement to the usual computer security or software engineering courses.

Motion Planning for Robots with Nonholonomic Constraints. Hans Dulimarta, Grand Valley State University, Computer Science & Information Systems, 2223 Mackinac, Allendale, MI 49401

This paper presents a new model in nonholonomic motion planning for mobile robots. In particular, it describes the problem for motion planning of biped miniature climbing robots. The main distinct characteristics of this model, compared to other existing models, are the existence of nonsingleton set of equations and its piecewise continuity. The biped structure is modeled with a dual set of kinematic equations and nonholonomic constraints. The controllability of this model under these nonholonomic constraints is also verified using the Control Lie Algebra.

Design and Implementation of a Web-Based Communicating System. Wenda Yang and Aby Tehranipour, Eastern Michigan University, Computer Science Department, Ypsilanti, MI 48197

With the use of PHP and MYSQL it is possible to implement a web-based communicating system. The communicating system is a fast, user-friendly, and dynamic school web site through which students may submit homework, check grades, and discuss all topics related to any given course. It provides a teacher the ability to update grades, post a syllabus, lecture notes, or any other information useful to students and their parents. The system supports automatic notification of grades, tardiness, and absences via electronic mail. This presentation gives an overview of the system and the layout of the web site. It also addresses issues such as the student's privacy and system security.

Designing E-commerce Systems. Augustine Ikeji, Eastern Michigan University, Computer Science Department, Ypsilanti, MI 48197

E-commerce may be defined as the use of the electronics media for the sale and purchase of goods. The Internet plays a dominant role in this media. Putting together an e-commerce management system is not as simple as creating html documents with read and write access privileges to a data base on a server. Just as the operators of a physically existent store front have to worry about issues such as the store outlay, security, advertisement, and customer retention, there are many more issues that have to be dealt with in an e-commerce management system. This presentation focuses on the information technology (IT) support side of the electronics commerce. It will start with a brief background on the Internet and web fundamentals and culminate in a discussion of topics such as digital goods, delivery, security, public and private key cryptography, failure recovery, and audit trails which are essential for building an e-commerce management system. The primary focus will be from the point of view of an IT person in terested in learning what is required to put together an e-commerce management system such as or eBay.

Automated Data Backup on Redundant Disk Space on Windows Machines. Avinash Gadapa and Siddharth Kaza, Central Michigan University, Department of Computer Science, Pearce 413, Mount Pleasant, MI 48858; {gadapa,kaza}

In a typical network setup today, there are usually many windows machines supported by a few UNIX based servers. Most of these machines have large hard disks that have a large amount of unused disk space. Since, even today, UNIX machines are considered more efficient and reliable they are used to store important data. This data is usually periodically backed up on other forms of storage, which add an expense to network maintenance, all the while wasting expensive disk space on windows machines. If a solution is found to perform these backups on the redundant storage on windows machines, both cost and effort can be saved. Our work focuses on providing such a solution. A solution is proposed wherein a client program on the UNIX server will backup its data on multiple windows machines through server programs on each. This is done in an automated fashion, allowing the client program to choose the windows machines (to back up data) based on various criteria (like available disk space). The solution allows for peri odic incremental backups and subsequently restoring them in the right order. The proposed system is designed to accommodate factors like low available disk space by splitting the backup files among multiple machines. We have implemented the system to run as a service on a network with a Solaris machine as a server and multiple Windows XP machines.

The Anatomy of Bitmap Steganography. Kristen L. Bielaczyc, Bryanna M. Johnson, Kenneth C. Slade, and Michael C. Stinson, Central Michigan University, Computer Science Department, 411 Perce Hall, Mount Pleasant, MI 48859

The use of computers in recent years has extended to the misuse of digital technology for criminal activity, including the concealment of information within files, such as bitmap images. This concealment of information is known as steganography, and to better understand the implementations of this data-hiding technique, one must first understand it's fundamental attributes. Once this is accomplished, the implementation structure of steganographic algorithms can be atomically examined by comparing and contrasting such attributes as file and message size, the consistency of the most significant bit, and character location and distribution techniques. Through the use of currently available steganographic programs, the task of embedding information within bitmap images allows for the forensic assessment of both the innocent and stego data. Finally, both the positive and negative applications of steganography must be considered to facilitate the effective use of this constructive technological tool.

Do the Arithmetic Operations Really Execute in Constant Time? Ranjan Chaudhuri, Eastern Michigan University, Computer Science Department, Ypsilanti, MI 48197

The paper emphasizes the need for exposing the undergraduate computer science students to the bit-level analysis of the run-times of certain computer algorithms. These are algorithms where the input(s) consist of one or more integers and only a bitlevel analysis yields a more realistic estimate of the run-time behaviors of such algorithms. Several examples are considered.

The Cytomatrix Neuron Model and Evolutionary Adaptation. Ahmet Ugur, Central Michigan University, Computer Science Department, 403F Pearce Hall, Mount Pleasant, MI 48859

The cytomatrix neuron is a softened cellular automaton, roughly motivated by interactions that could occur in a molecular or cellular complex. Input signals are combined in space and time by subcells that exert graded influences on each other. Output is triggered if a readout element is located in a suitably activated subcell. The cytomatrix processor can be thought of as a highly abstracted representation of signal integration within single neurons. The processor is characterized by multiplicity of component types, graded interactions among components, separation of signal integration dynamics from the readout mechanisms that interpret these dynamics, and multiplicity of parameters open to evolution (including component connectivity). The adaptation procedure is mediated by a multiparameter variation-selection algorithm that acts on the various parameters in an alternating (i.e., phasic) manner. Experiments with both structured and unstructured learning tasks, as well as with difficult parity problems, demon strate that opening more parameters to evolution increases the flexibility exhibited by the processor as well as the rate of adaptation, and quality of solution, and controllability of generalization in response to the structure of the pattern set used for training.

On-the-Fly Beowulf Cluster Topology Reconfiguration. Joel Adams and Kevin DeGraaf, Calvin College, Computer Science Department, 3201 Burton SE, Grand Rapids, MI 49546

A Beowulf cluster is a supercomputer constructed by connecting a group of relatively inexpensive PCs via a high-speed network. A cluster's network topology (the logical layout of its interconnections) is one of its most important characteristics. A typical Beowulf cluster's topology is static; that is, it cannot be changed without extensive reconfiguration of the cluster's hardware and software, which generally requires costly downtime, tedious rewiring, extra programming, and additional expense. This, in turn, makes it difficult to precisely identify, for a given high-performance computing (HPC) application, the topology that minimizes a given cluster's overall cost-to-performance ratio. Ohm is a Beowulf cluster specifically designed to facilitate comparison of three different cluster topologies ("star," "ring! star," and "hypercube/star"). To this end, Ohm is equipped with the network hardware necessary to form each of these topologies, and we have developed software to reconfigure our cluster "on-the-fly": with minimal effort, no rewiring, and no downtime. This setup will let us experimentally identify the most cost-efficient network topology for each of many different types of HPC problems. This presentation will detail our experience building Ohm and writing the custom software to perform "on the fly" topology reconfiguration.

Design and Implementation of a Stateless Server. Robert Giles, Central Michigan University, Computer Science Department; home address: 4171 E. Bluegrass Road, Apt. N5, Mount Pleasant, MI 48858

Distributed operating systems are promising candidates for the next generation of system technology. The system can be viewed as a collection of services provided by dedicated server processes. These services are utilized by other processes in the system. To confuse the situation, server processes can fail at random. One of the goals in designing servers is to make failures transparent to client processes. This paper introduces design issues in servers that provide services in a distributed system. An implementation of a concurrent server and its client process is presented. The client will be able to resume the conversation with the server after a server failure.

An Overview of User-Level Application Sandboxing Techniques. Nicholas Bailey, Central Michigan University, Computer Science Department; home address: 1334 E. Gaylord Street, Mount Pleasant, MI 48858

Application sandboxing has become an important technique used by system administrators to secure servers from both malicious attackers and flaws in software. However, kernel-level support for application sandboxing is lacking in many popular operating systems. As a result, user-level techniques are frequently employed. This paper presents an overview of several user-level techniques that have been implemented on various operating systems in order to restrict a process's access to the file system, system call interface, and network. The strengths and weaknesses of each approach are enumerated, and specific areas in which kernel-level support is lacking are identified and discussed.

Security of Online Transactions Using SSL/TLS. Aby Tehranipour, Eastern Michigan University, Computer Science Department, Ypsilanti, MI 48197

A significant amount of business is being conducted over the Internet these days and the security of these transactions is a major concern. Secure Sockets Layer (SSL), and its IETF successor, Transport Layer Security (TLS) along with X.509 Certificates, are the leading Internet Security protocols. These protocols provide security for e-commerce, web services, and many other network functions. This paper shows how SSL/TLS and X.509 certificates work together to provide confidentiality, integrity, and authentication services. The paper also examines a recently discovered flaw involving how Internet Explorer (IE) identifies secure web sites. This vulnerability allows the possibility of an active, undetected, man-in-the-middle attack. Finally, the legal implications of such attacks are discussed.
COPYRIGHT 2003 Michigan Academy of Science Arts & Letters
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2003 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Michigan Academician
Geographic Code:1U3MI
Date:Mar 22, 2003
Previous Article:Communication. (Abstracts-2003 Annual Meetings).
Next Article:Economics. (Abstracts-2003 Annual Meetings).

Related Articles
Mathematics, Computer Science and Statistics.
FSCT issues call for papers and posters for 81st annual meeting. (Industry News).
APHA now accepting abstracts for Association's 135th Annual Meeting.
Public health professionals submit thousands of abstracts to APHA.
Plan ahead for APHA Annual Meeting with online program.
Abstract submissions for 2008 APHA Annual Meeting open.
Abstract submissions for 2009 APHA Annual Meeting open.
TMS 2009 annual meeting supplemental proceedings; v.3: General paper selections.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters