Using ‘Search Transitions’ to Study Searchers’ Investment of Effort: Experiences with Client and Server Side Logging

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Download Full-text

Optimized watershed delineation library for server-side and client-side web applications

Open Geospatial Data Software and Standards ◽

10.1186/s40965-019-0068-9 ◽

2019 ◽

Vol 4 (1) ◽

Cited By ~ 3

Author(s):

Muhammed Sit ◽

Yusuf Sermet ◽

Ibrahim Demir

Keyword(s):

Web Applications ◽

Server Side ◽

Watershed Delineation ◽

Client Side

Download Full-text

A Password Meter without Password Exposure

Sensors ◽

10.3390/s21020345 ◽

2021 ◽

Vol 21 (2) ◽

pp. 345

Author(s):

Pyung Kim ◽

Younho Lee ◽

Youn-Sik Hong ◽

Taekyoung Kwon

Keyword(s):

Performance Enhancement ◽

Homomorphic Encryption ◽

Optimization Techniques ◽

Third Party ◽

Fully Homomorphic Encryption ◽

Performance Achievement ◽

Server Side ◽

On Line ◽

Internal Mechanism ◽

High Chance

To meet password selection criteria of a server, a user occasionally needs to provide multiple choices of password candidates to an on-line password meter, but such user-chosen candidates tend to be derived from the user’s previous passwords—the meter may have a high chance to acquire information about a user’s passwords employed for various purposes. A third party password metering service may worsen this threat. In this paper, we first explore a new on-line password meter concept that does not necessitate the exposure of user’s passwords for evaluating user-chosen password candidates in the server side. Our basic idea is straightforward; to adapt fully homomorphic encryption (FHE) schemes to build such a system but its performance achievement is greatly challenging. Optimization techniques are necessary for performance achievement in practice. We employ various performance enhancement techniques and implement the NIST (National Institute of Standards and Technology) metering method as seminal work in this field. Our experiment results demonstrate that the running time of the proposed meter is around 60 s in a conventional desktop server, expecting better performance in high-end hardware, with an FHE scheme in HElib library where parameters support at least 80-bit security. We believe the proposed method can be further explored and used for a password metering in case that password secrecy is very important—the user’s password candidates should not be exposed to the meter and also an internal mechanism of password metering should not be disclosed to users and any other third parties.

Download Full-text

Deep PUF: A Highly Reliable DRAM PUF-Based Authentication for IoT Networks Using Deep Convolutional Neural Networks

Sensors ◽

10.3390/s21062009 ◽

2021 ◽

Vol 21 (6) ◽

pp. 2009

Author(s):

Fatemeh Najafi ◽

Masoud Kaveh ◽

Diego Martín ◽

Mohammad Reza Mosavi

Keyword(s):

Error Correction ◽

Random Access ◽

Error Correction Codes ◽

Access Memory ◽

Deep Convolutional Neural Networks ◽

Device Identification ◽

Physical Unclonable Functions ◽

Server Side ◽

Correction Technique ◽

Reduction Methods

Traditional authentication techniques, such as cryptographic solutions, are vulnerable to various attacks occurring on session keys and data. Physical unclonable functions (PUFs) such as dynamic random access memory (DRAM)-based PUFs are introduced as promising security blocks to enable cryptography and authentication services. However, PUFs are often sensitive to internal and external noises, which cause reliability issues. The requirement of additional robustness and reliability leads to the involvement of error-reduction methods such as error correction codes (ECCs) and pre-selection schemes that cause considerable extra overheads. In this paper, we propose deep PUF: a deep convolutional neural network (CNN)-based scheme using the latency-based DRAM PUFs without the need for any additional error correction technique. The proposed framework provides a higher number of challenge-response pairs (CRPs) by eliminating the pre-selection and filtering mechanisms. The entire complexity of device identification is moved to the server side that enables the authentication of resource-constrained nodes. The experimental results from a 1Gb DDR3 show that the responses under varying conditions can be classified with at least a 94.9% accuracy rate by using CNN. After applying the proposed authentication steps to the classification results, we show that the probability of identification error can be drastically reduced, which leads to a highly reliable authentication.

Download Full-text

Work-In-Progress: Designing a Server-Side Progressive JPEG Encoder for Real-Time Applications

2020 IEEE Real-Time Systems Symposium (RTSS) ◽

10.1109/rtss49844.2020.00043 ◽

2020 ◽

Author(s):

Andrew Louie ◽

Albert M. K. Cheng

Keyword(s):

Real Time ◽

Work In Progress ◽

Server Side ◽

Real Time Applications

Download Full-text

Making an Array Database Language Server-Side Extensible

2020 IEEE International Conference on Big Data (Big Data) ◽

10.1109/bigdata50022.2020.9378108 ◽

2020 ◽

Author(s):

Otoniel Jose Campos Escobar ◽

Dimitar Misev ◽

Peter Baumann

Keyword(s):

Server Side ◽

Database Language

Download Full-text

Secure Remote Storage of Logs with Search Capabilities

Journal of Cybersecurity and Privacy ◽

10.3390/jcp1020019 ◽

2021 ◽

Vol 1 (2) ◽

pp. 340-364

Author(s):

Rui Araújo ◽

António Pinto

Keyword(s):

Search Algorithm ◽

Prototype Implementation ◽

Standard Practice ◽

Plain Text ◽

Server Side ◽

Remote Storage ◽

Text Information ◽

Nested Queries ◽

And Storage ◽

Common Situation

Along with the use of cloud-based services, infrastructure, and storage, the use of application logs in business critical applications is a standard practice. Application logs must be stored in an accessible manner in order to be used whenever needed. The debugging of these applications is a common situation where such access is required. Frequently, part of the information contained in logs records is sensitive. In this paper, we evaluate the possibility of storing critical logs in a remote storage while maintaining its confidentiality and server-side search capabilities. To the best of our knowledge, the designed search algorithm is the first to support full Boolean searches combined with field searching and nested queries. We demonstrate its feasibility and timely operation with a prototype implementation that never requires access, by the storage provider, to plain text information. Our solution was able to perform search and decryption operations at a rate of, approximately, 0.05 ms per line. A comparison with the related work allows us to demonstrate its feasibility and conclude that our solution is also the fastest one in indexing operations, the most frequent operations performed.

Download Full-text

Preventing server-side request forgery attacks

Proceedings of the 36th Annual ACM Symposium on Applied Computing ◽

10.1145/3412841.3442036 ◽

2021 ◽

Author(s):

Bahruz Jabiyev ◽

Omid Mirzaei ◽

Amin Kharraz ◽

Engin Kirda

Keyword(s):

Server Side

Download Full-text

Using ‘Search Transitions’ to Study Searchers’ Investment of Effort: Experiences with Client and Server Side Logging

Multi-Layer Control and Graphical Feature Editing Using Server-Side Rendering on Ajax-GIS

Dynamic Load-balancing and Control for Server-Side Rendering on Ajax-GIS

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

Optimized watershed delineation library for server-side and client-side web applications

A Password Meter without Password Exposure

Deep PUF: A Highly Reliable DRAM PUF-Based Authentication for IoT Networks Using Deep Convolutional Neural Networks

Work-In-Progress: Designing a Server-Side Progressive JPEG Encoder for Real-Time Applications

Making an Array Database Language Server-Side Extensible

Secure Remote Storage of Logs with Search Capabilities

Preventing server-side request forgery attacks

Export Citation Format