Friday 15 April 2011
Thursday 14 April 2011
Next Generation Networks
Wireless Sensor Networks
A – Hardware, Architecture, Physical Layer, MAC Layer, Energy Study
1. A Probabilist Approach to Predict the Energy Consumption in Wireless Sensor Networks
Raquel A. F. Mini, Badri Nath, Antonio A. F. Loureiro
IV Workshop de Comunicação sem Fio e Computação Móvel, São Paulo, Brazil, October 23-25 2002 (to appear). (http://www.cs.rutgers.edu/~mini/wcsf.ps)
Raquel A. F. Mini, Badri Nath, Antonio A. F. Loureiro
IV Workshop de Comunicação sem Fio e Computação Móvel, São Paulo, Brazil, October 23-25 2002 (to appear). (http://www.cs.rutgers.edu/~mini/wcsf.ps)
2. A transmission control scheme for media access in sensor networks Alec Woo and David E. Culler The seventh annual international conference on Mobile computing and networking 2001 July 16 - 21, 2001, Rome Italy. Pages 221-235 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p221-woo/)
3. An Energy-Efficient Mac protocol for Wireless Sensor Networks
Wei Ye and John Heidemann and Deborah Estrin
(http://citeseer.nj.nec.com/461814.html)
Wei Ye and John Heidemann and Deborah Estrin
(http://citeseer.nj.nec.com/461814.html)
4. Algorithmic Transforms for Efficient Energy Scalable Computation A. Sinha, A. Wang, A. P. Chandrakasan Proceedings of the International Symposium on Low Power Electronics and Design (ISLPED), 2000. (http://citeseer.nj.nec.com/sinha00algorithmic.html)
5. Application-Specific Protocol Architectures for Wireless Networks
Wendi Beth Heinzelman
Ph.D. thesis, Massachusetts Institute of Technology, 2000
(http://citeseer.nj.nec.com/heinzelman00applicationspecific.html)
Wendi Beth Heinzelman
Ph.D. thesis, Massachusetts Institute of Technology, 2000
(http://citeseer.nj.nec.com/heinzelman00applicationspecific.html)
6. Design Considerations for Distributed Microsensor Systems
Anantha Chandrakasan, Rajeevan Amirtharajah, SeongHwan Cho, James Goodman, Gangadhar Konduri, Joanna Kulik, Wendi Rabiner, Alice Wang
(http://citeseer.nj.nec.com/chandrakasan99design.html)
Anantha Chandrakasan, Rajeevan Amirtharajah, SeongHwan Cho, James Goodman, Gangadhar Konduri, Joanna Kulik, Wendi Rabiner, Alice Wang
(http://citeseer.nj.nec.com/chandrakasan99design.html)
7. Dynamic Power Management in Wireless Sensor Networks Amit Sinha and Anantha Chandrakasan IEEE Design & Test of Computers, Vol. 18, No. 2, March-April 2001 (http://computer.org/dt/dt2001/d2062abs.htm)
8. Emerging Challenges: Mobile Networking for "Smart Dust" Joseph M. Kahn, Randy Howard Katz, and Kristofer S. J. Pister (http://citeseer.nj.nec.com/375904.html)
9. Energy Complexity: A Metric for Energy Consumption of Ad Hoc Network Protocols Rajesh Bhairampally
(http://www.utdallas.edu/~rajesh/resume/mobihoc02.pdf)
(http://www.utdallas.edu/~rajesh/resume/mobihoc02.pdf)
10. Instrumenting the World with Wireless Sensor Networks D. Estrin, L. Girod, G. Pottie, M. Srivastava International Conference on Acoustics, Speech, and Signal Processing (ICASSP 2001), Salt Lake City, Utah, May 2001 (http://www.isi.edu/scadds/papers/ICASSP-2001.ps)
11. Low Power Systems for Wireless Microsensors
K. Bult, A. Burstein, D. Chang, M. Dong, M. Fielding, E. Kruglick, J. Ho, F. Lin, T.H. Lin, W.J. Kaiser, H. Marcy, R. Mukai, P. Nelson, F. Newberg, K.S.J. Pister, G. Pottie, H. Sanchez, O.M. Stafsudd, K.B. Tan, C.M. Ward, S. Xue, J. Yao. Proceedings of the 1996 International Symposium on Low Power Electronics and Design. Monterey, CA, USA, 12-14 Aug. 1996, pp. 17-22. (http://www.janet.ucla.edu/WINS/download_publications/islped96.pdf)
K. Bult, A. Burstein, D. Chang, M. Dong, M. Fielding, E. Kruglick, J. Ho, F. Lin, T.H. Lin, W.J. Kaiser, H. Marcy, R. Mukai, P. Nelson, F. Newberg, K.S.J. Pister, G. Pottie, H. Sanchez, O.M. Stafsudd, K.B. Tan, C.M. Ward, S. Xue, J. Yao. Proceedings of the 1996 International Symposium on Low Power Electronics and Design. Monterey, CA, USA, 12-14 Aug. 1996, pp. 17-22. (http://www.janet.ucla.edu/WINS/download_publications/islped96.pdf)
12. Low-Power Wireless Sensor Networks
Rex Min, Manish Bhardwaj, Seong-Hwan Cho, Eugene Shih, Amit Sinha, Alice Wang, Anantha Chandrakasan
(http://citeseer.nj.nec.com/433120.html)
Rex Min, Manish Bhardwaj, Seong-Hwan Cho, Eugene Shih, Amit Sinha, Alice Wang, Anantha Chandrakasan
(http://citeseer.nj.nec.com/433120.html)
13. Measuring and reducing energy consumption of network interfaces in hand-held devices M. Stemm and R. H. Katz
IEICE Transactions on Communications, vol.E80-B, no.8, p. 1125-31, 1997
(http://citeseer.nj.nec.com/stemm97measuring.html)
IEICE Transactions on Communications, vol.E80-B, no.8, p. 1125-31, 1997
(http://citeseer.nj.nec.com/stemm97measuring.html)
14. Next century challenges: Mobile networking for 'smart dust' J.M. Kahn, R.H. Katz, K.S.J. Pister, Proc. MOBICOM, 1999, Seattle, 271-278 (http://citeseer.nj.nec.com/kahn99next.html)
15. Physical layer driven protocol and algorithm design for energy-efficient wireless sensor networks Eugene Shih, Seong-Hwan Cho, Nathan Ickes, Rex Min, Amit Sinha, Alice Wang and Anantha Chandrakasan The seventh annual international conference on Mobile computing and networking 2001 July 16 - 21, 2001, Rome Italy. Pages 272 - 287 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p272-shih/)
16. Power-Aware Systems Manish Bhardwaj, Rex Min and Anantha Chandrakasan (http://www-mtl.mit.edu/research/icsystems/uamps/pubs/manishb_asilomar00.pdf)
17. PicoRadio Supports Ad Hoc Ultra-Low Power Wireless Networking
Jan M. Rabaey, M. Josie Ammer, Julio L. da Silva Jr., Danny Patel. and Shad Roundy IEEE Computer, Vol. 33, No. 7, July 2000 (http://www.computer.org/computer/co2000/r7042abs.htm)
Jan M. Rabaey, M. Josie Ammer, Julio L. da Silva Jr., Danny Patel. and Shad Roundy IEEE Computer, Vol. 33, No. 7, July 2000 (http://www.computer.org/computer/co2000/r7042abs.htm)
18. Prediction-based Monitoring in Sensor Networks: Taking Lessons from MPEG Samir Goel and Tomasz Imielinski, Technical Report DCS-TR-438, Department of Computer Science, Rutgers University, June 2001. Submitted for Publication (http://paul.rutgers.edu/~gsamir/#publications)
19. Protocols for self-organization of a wireless sensor network K. Sohrabi, J. Gao, V. Ailawadhi, G.J. Pottie. IEEE Personal Communications, vol. 7, no. 5, pp. 16-27, Oct. 2000. (http://www.ee.ucla.edu/faculty/profpapers/pottie_IEEE-pers-comm_oct00.pdf)
20. Sensor Information Networking Architecture Chavalit Srisathapornphat, Chaiporn Jaikaeo and Chien-Chung Shen Proceedings of the 2000 International Workshop on Parallel Processing Copyright (c) 2000 Institute of Electrical and Electronics Engineers, Inc. All rights reserved. (http://www.computer.org/proceedings/icpp/0771/07710023abs.htm)
21. System architecture directions for networked sensors J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, K. Pister Copyright 2000 ACM (http://citeseer.nj.nec.com/382595.html)
22. Upper Bounds on the Lifetime of Sensor Networks Manish Bhardwaj Timothy
(http://citeseer.nj.nec.com/429731.html)
(http://citeseer.nj.nec.com/429731.html)
23. Wireless Integrated Network Sensors G.J. Pottie, W.J. Kaiser Communications of the ACM, vol. 43, no. 5, pp. 551-8, May 2000. (http://www.acm.org/pubs/citations/journals/cacm/2000-43-5/p51-pottie/)
24. Wireless integrated network sensors: Low power systems on a chip G. Asada, M. Dong, T. S. Lin, F. Newberg, G. Pottie, W. J. Kaiser European Solid State Circuits Conference, The Hague, Netherlands, 1998, October. (http://citeseer.nj.nec.com/278712.html)
B – Network Layer
B.1 – Addressing Mechanisms
25. An Address-Free Architecture for Dynamic Sensor Networks Jeremy Elson, Deborah Estrin (http://citeseer.nj.nec.com/elson00addressfree.html)
26. Random, Ephemeral Transaction Identifiers in Dynamic Sensor Networks Jeremy Elson and Deborah Estrin
To appear in Proceedings of the 21st International Conference on Distributed Computing Systems (ICDCS-21) April 16-19, 2001, Phoenix, Arizona, USA.
Also published as UCLA CS Technical Report 200027 (http://www.circlemud.org/~jelson/writings/retri/)
To appear in Proceedings of the 21st International Conference on Distributed Computing Systems (ICDCS-21) April 16-19, 2001, Phoenix, Arizona, USA.
Also published as UCLA CS Technical Report 200027 (http://www.circlemud.org/~jelson/writings/retri/)
B.2 – Routing
27. Adaptive protocols for information dissemination in wireless sensor networks Wendi Rabiner Heinzelman, Joanna Kulik and Hari Balakrishnan Proceedings of the fifth annual ACM/IEEE international conference on Mobile computing and networking. Pages 174-185 August 15 - 19, 1999, Seattle, WA USA (http://www.acm.org/pubs/citations/proceedings/comm/313451/p174-heinzelman/)
28. Building Efficient Wireless Sensor Networks with Low-Level Naming
John Heidemann, Fabio Silva, Chalermek Intanagonwiwat, Ramesh Govindan, Deborah Estrin, and Deepak Ganesan.
In Proceedings of the Symposium on Operating Systems Principles, pp. 146-159. Chateau Lake Louise, Banff, Alberta, Canada, ACM. October, 2001.
(http://citeseer.nj.nec.com/456986.html)
John Heidemann, Fabio Silva, Chalermek Intanagonwiwat, Ramesh Govindan, Deborah Estrin, and Deepak Ganesan.
In Proceedings of the Symposium on Operating Systems Principles, pp. 146-159. Chateau Lake Louise, Banff, Alberta, Canada, ACM. October, 2001.
(http://citeseer.nj.nec.com/456986.html)
29. Data-centric storage in Sensornets
Sylvia Ratnasamy, Deborah Estrin, Ramesh Govindan, Brad Karp, Scott Shenker, Li Yin, Fang Yu
Submitted for review. February 1st, 2002
(http://lecs.cs.ucla.edu/~estrin/papers/dht.pdf)
Sylvia Ratnasamy, Deborah Estrin, Ramesh Govindan, Brad Karp, Scott Shenker, Li Yin, Fang Yu
Submitted for review. February 1st, 2002
(http://lecs.cs.ucla.edu/~estrin/papers/dht.pdf)
30. Data Gathering in Sensor Networks using the Energy Delay Metric Stephanie Lindsey, Cauligi Raghavendra e Krishna Sivalingam In International Workshop on Parallel and Distributed Computing Issues in Wireless Networks and Mobile Computing, (San Francisco, CA), Apr. 2001 (http://www.eecs.wsu.edu/~dawn/Papers/2001/e_d_final.pdf)
31. Directed diffusion: a scalable and robust communication paradigm for sensor networks Chalermek Intanagonwiwat, Ramesh Govindan and Deborah Estrin Proceedings of the sixth annual international conference on Mobile computing and networking. Pages 56-67 August 6 - 11, 2000, Boston, MA USA (http://www.acm.org/pubs/citations/proceedings/comm/345910/p56-intanagonwiwat/)
32. Energy-Efficient Communication Protocol for Wireless Microsensor Networks
W. Heinzelman and A. Chandrakasan and H. Balakrishnan
In Proccedings of the Hawaii Conference on System Sciences, January 2000
(http://dlib.computer.org/conferen/hicss/0493/pdf/04938020.pdf)
W. Heinzelman and A. Chandrakasan and H. Balakrishnan
In Proccedings of the Hawaii Conference on System Sciences, January 2000
(http://dlib.computer.org/conferen/hicss/0493/pdf/04938020.pdf)
33. Geographical and Energy Aware Routing: A Recursive Data Dissemination Protocol for Wireless Sensor Networks
Yan Yu, Ramesh Govindan and Deborah Estrin
UCLA Computer Science Department Technical Report UCLA/CSD-TR-01-0023, May 2001
(http://citeseer.nj.nec.com/461988.html)
Yan Yu, Ramesh Govindan and Deborah Estrin
UCLA Computer Science Department Technical Report UCLA/CSD-TR-01-0023, May 2001
(http://citeseer.nj.nec.com/461988.html)
34. Impact of Network Density on Data Aggregation in Wireless Sensor Networks
Calermek Intanagonwiwat, Deborah Estrin, Ramesh Govindan, and John Heidemann
Technical Report 01-750, University of Southern California Computer Science Department, November, 2001
(http://citeseer.nj.nec.com/460600.html)
Calermek Intanagonwiwat, Deborah Estrin, Ramesh Govindan, and John Heidemann
Technical Report 01-750, University of Southern California Computer Science Department, November, 2001
(http://citeseer.nj.nec.com/460600.html)
35. Negotiation-based Protocols for Disseminating Information in Wireless Sensor Networks Joanna Kulik, Wendi Rabiner Heinzelman, and Hari Balakrishnan ACM/IEEE Int. Conf. on Mobile Computing and Networking, Seattle, WA, Aug. 1999 (http://citeseer.nj.nec.com/335631.html)
36. Next century challenges: scalable coordination in sensor networks Deborah Estrin, Ramesh Govindan, John Heidemann and Satish Kumar Proceedings of the fifth annual ACM/IEEE international conference on Mobile computing and networking. Pages 263-270 August 15 - 19, 1999, Seattle, WA USA (http://www.acm.org/pubs/citations/proceedings/comm/313451/p263-estrin/)
37. Rumor Routing Algorithm For Sensor Networks
David Braginsky and Deborah Estrin
Under submission to International Conference on Distributed Computing Systems (ICDCS-22), November 2001. (http://citeseer.nj.nec.com/462331.html)
David Braginsky and Deborah Estrin
Under submission to International Conference on Distributed Computing Systems (ICDCS-22), November 2001. (http://citeseer.nj.nec.com/462331.html)
38. Service Differentiation in Sensor Networks Sudeept Bhatnagar, Budhaditya Deb and Badri Nath To appear in the Fourth International Symposium on Wireless Personal Multimedia Communications, September 2001.(.ps) (http://paul.rutgers.edu/~sbhatnag/publications.html)
C – Distributed Algorithms
C.1 – Topology Discovery
39. A Topology Discovery Algorithm for Sensor Networks with Applications to Network Management Budhaditya Deb, Sudeept Bhatnagar and Badri Nath Department of Computer Science, Rutgers University, Technical Report, DCS-TR-441 (.pdf). (http://paul.rutgers.edu/~sbhatnag/publications.html)
40. Ascent: Adaptive Self-Configuring sEnsor Network Topologies Alberto Cerpa and Deborah Estrin UCLA Computer Science Department Technical Report UCLA/CSD-TR 01-0009, May 2001. (http://lecs.cs.ucla.edu/~estrin/papers/Ascent-UCLA-tech-report.ps)
C.2 – Location Mechanisms
41. Ad hoc Positioning System (APS) Dragos Niculescu and Badrinath Submitted to GLOBECOM 2001 (http://www.cs.rutgers.edu/~dnicules/research/aps/aps_globecom.pdf)
42. Adaptive Beacon Placement Nirupama Bulusu, John Heidemann, and Deborah Estrin In Proceedings of the 21st International Conference on Distributed Computing Systems (ICDCS-21), pages 489--498, Phoenix, Arizona, USA, April 2001 (http://citeseer.nj.nec.com/bulusu01adaptive.html)
43. Convex Position Estimation in Wireless Sensor Networks Lance Doherty, Kristofer SJ Pister, Laurent El Ghaoui Dept. of Electrical Engineering and Computer Proc. of IEEE Infocom 2001. (http://www.eecs.berkeley.edu/~elghaoui/pdffiles/Infocom.pdf)
44. Dynamic fine-grained localization in Ad-Hoc networks of sensors Andreas Savvides, Chih-Chieh Han and Mani B. Strivastava The seventh annual international conference on Mobile computing and networking 2001. July 16 - 21, 2001, Rome Italy Pages 166-179 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p166-savvides/)
45. GPS-less Low Cost Outdoor Localization For Very Small Devices Nirupama Bulusu, John Heidemann, and Deborah Estrin IEEE Personal Communications Magazine, 7 (5 ), pp. 28-34, October, 2000. (http://www.isi.edu/~johnh/PAPERS/Bulusu00a.html)
46. Scalable Coordination for wireless sensor networks: Self-Configuring Localization Systems Nirupama Bulusu, Deborah Estrin, Lewis Girod and John Heidemann International Symposium on Communication Theory and Applications (ISCTA 2001), Ambleside, Lake District, UK, July 2001. (http://www.isi.edu/scadds/papers/iscta-2001.ps)
C.3 – Time Synchronization
47. Time Synchronization for Wireless Sensor Networks Jeremy Elson and Deborah Estrin To appear in Proceedings of the 2001 International Parallel and Distributed Processing Symposium (IPDPS), Workshop on Parallel and Distributed Computing Issues in Wireless Networks and Mobile Computing. (http://www.circlemud.org/~jelson/writings/timesync/)
C.4 – Others
48. Exposure In Wireless Ad-Hoc Sensor Networks Seapahn Meguerdichian, Farinaz Koushanfar, Gang Qu and Miodrag Potkonjak The seventh annual international conference on Mobile computing and networking 2001 July 16 - 21, 2001, Rome Italy. Pages 139-150 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p139-meguerdichian/)
49. Localized Algorithms In Wireless Ad-Hoc Networks: Location Discovery And Sensor Exposure
Seapahn Meguerdichian, Sasa Slijepcevic, Vahag Karayan, Miodrag Potkonjak
MobiHoc 2001, Long Beach, CA USA(http://citeseer.nj.nec.com/461776.html)
Seapahn Meguerdichian, Sasa Slijepcevic, Vahag Karayan, Miodrag Potkonjak
MobiHoc 2001, Long Beach, CA USA(http://citeseer.nj.nec.com/461776.html)
50. Residual Energy Scans for Monitoring Wireless Sensor Networks Yonggang Jerry Zhao, Ramesh Govindan and Deborah Estrin IEEE Wilress Communications and Networking Conference (WCNC'02) , Orlando, FL, USA, March 17-21, 2002 (http://citeseer.nj.nec.com/460449.html)
D – Simulations
51. On modeling networks of wireless microsensors Andreas Savvides, Sung Park and Mani B. Srivastava Joint international conference on on Measurement and modeling of computer systems June 16 - 20, 2001, Cambridge, MA United States Pages 318-319 (http://www.acm.org/pubs/citations/proceedings/metrics/378420/p318-savvides/)
52. SensorSim: a simulation framework for sensor networks Sung Park, Andreas Savvides and Mani B. Srivastava Proceedings of the 3rd ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems. Pages 104-111 August 20, 2000, Boston, MA USA (http://www.acm.org/pubs/citations/proceedings/comm/346855/p104-park/)
E – Applications
53. Habitat Monitoring: Application Driver for Wireless Communications Technology Alberto Cerpa, Jeremy Elson, Deborah Estrin, Lewis Girod, Michael Hamilton, Jerry Zhao To appear in the Proceedings of the First ACM SIGCOMM Workshop on Data Communications in Latin America and the Caribbean, 3-5 April, 2001, San Jose, Costa Rica. Also published as UCLA Computer Science Technical Report 200023, December 2000. (http://www.circlemud.org/~jelson/writings/costarica/costarica.html)
54. Research Challenges in Wireless Networks of Biomedical Sensors Loren Schwiebert, Sandeep K.S. Gupta and Jennifer Weinmann The seventh annual international conference on Mobile computing and networking 2001, 2001, Pages 151-165 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p151-schwiebert/)
55. Smart Kindergarten: Sensor-based Wireless Networks for Smart Developmental Problem-solving Environments Mani Srivastava, Richard Muntz and Miodrag Potkonjak The seventh annual international conference on Mobile computing and networking 2001 July 16 - 21, 2001, Rome Italy. Pages 132 - 138 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p132-srivastava/)
56. A taxonomy of Wireless Micro-Sensor Network Models
Sameer Tilak, Nael B. Abu-Ghazaleh and Wendi Heinzelman
(http://www.cs.binghamton.edu/~sameer/publications/main.pdf)
Sameer Tilak, Nael B. Abu-Ghazaleh and Wendi Heinzelman
(http://www.cs.binghamton.edu/~sameer/publications/main.pdf)
Wireless Ad Hoc Network
57. Adaptive Energy-Conserving Routing for Multihop Ad Hoc Networks Ya Xu, John Heidemann, and Deborah Estrin Research Report527, USC/Information Sciences Institute, October, 2000. (http://www.isi.edu/~johnh/PAPERS/Xu00a.html)
58. Energy efficient adaptive wireless network design Paul J.M. Havinga, Gerard J.M. Smit, Martinus Bos The Fifth Symposium on Computers and Communications (ISCC'00), Antibes, France, July 3-7, 2000 (http://citeseer.nj.nec.com/255365.html)
59. Geography-informed energy conservation for Ad Hoc routing Ya Xu, John Heidemann and Deborah Estrin The seventh annual international conference on Mobile computing and networking 2001 July 16 - 21, 2001, Rome Italy. Pages 70 - 84 (http://www.acm.org/pubs/citations/proceedings/comm/381677/p70-xu/)
60. PAMAS - Power Aware Multi-Access protocol with Signalling for Ad Hoc Networks S. Singh and C. S. Raghavendra ACM ComputerCommunications Review, 1999 (http://citeseer.nj.nec.com/157040.html)
61. Power-aware localized routing in wireless networks I. Stojmenovic and Xu Lin IEEE Int. Parallel and Distributed Processing Symp., Cancun, Mexico, May 1-5, 2000, to appear. (http://citeseer.nj.nec.com/385034.html)
62. Reducing the Energy Consumption of Group Driven Ad-hoc Wireless Communication Sharad Agarwal, Randy H. Katz and Anthony D. Joseph Report No. UCB/CSD-1-1127 January 2001 (http://ncstrl.cs.cornell.edu/Dienst/UI/1.0/Display/ncstrl.ucb/CSD-01-1127)
63. Scalable Routing Strategies for Ad-hoc Wireless Networks A. Iwata, C.-C. Chiang, G. Pei, M. Gerla, and T.-W. Chen. IEEE JSAC, August 1999 (http://citeseer.nj.nec.com/iwata99scalable.html)
URL's
- The WINS project. http://www.janet.ucla.edu/WINS/
- The Ultra Low Power Wireless Sensors Project. http://www-mtl.mit.edu/~jimg/project_top.html
- Werable Computing. http://www.wearablegroup.org/
The Computer for the 21st Century M. Weiser Scientific American, September 1991 http://nano.xerox.com/hypertext/weiser/SciAmDraft3.html
Online working like Ad posting on classified Sites and form filling works
Dear Friends I found this article and i think that it will help for those people who work online to support there studies and feed there families also.
Do you have certainclassified sites that you like? Do you know ofcertain classifieds sites that are good for yourproduct? Did you know there are over 7 millionindividual classifieds on the Internet and growing?
Having a good list ofclassified sites in a database is good, but with any classified submissionsoftware you need to be able to add your own classified sites at anytime. The Classified Connection and its "ClassifiedEngines" allow you to add classifieds to your database simply andeasily(we even have videos to show you how).
Ourrevolutionary new "Classified Engines"technology will physically map out the posting procedures to virtuallyany classified site on the Internet, even if you need to login. Youtell The Classified Connection what to do and it does it doesthe rest. Find a new site that’s not in the databaseand add it!
Being able to add new sitesto your personal database of site is very powerful. The ClassifiedConnection is the only classified submission software that contains thislevel of technology. Your software will never beoutdated or get old. You can always add new sites. Youcan always post free classified ads.
If you havenot downloaded and installed a demo; download and save this file to afolder on your computer and install:
http://www.the-classified-connection.com/software/tccdemo.exe
(copy and paste link into browser addressbar if link is not active)
Do you have certainclassified sites that you like? Do you know ofcertain classifieds sites that are good for yourproduct? Did you know there are over 7 millionindividual classifieds on the Internet and growing?
Having a good list ofclassified sites in a database is good, but with any classified submissionsoftware you need to be able to add your own classified sites at anytime. The Classified Connection and its "ClassifiedEngines" allow you to add classifieds to your database simply andeasily(we even have videos to show you how).
Ourrevolutionary new "Classified Engines"technology will physically map out the posting procedures to virtuallyany classified site on the Internet, even if you need to login. Youtell The Classified Connection what to do and it does it doesthe rest. Find a new site that’s not in the databaseand add it!
Being able to add new sitesto your personal database of site is very powerful. The ClassifiedConnection is the only classified submission software that contains thislevel of technology. Your software will never beoutdated or get old. You can always add new sites. Youcan always post free classified ads.
If you havenot downloaded and installed a demo; download and save this file to afolder on your computer and install:
http://www.the-classified-connection.com/software/tccdemo.exe
(copy and paste link into browser addressbar if link is not active)
Tuesday 12 April 2011
HOW TO WRITE A PENETRATION TESTING REPORT
I see some people regularly asking for sample penetration test reports. Well, here's some I found on the net.
Sample Penetration Test Report by Offensive Security-- An excellent report by an excellent team.
www.offensive-security.com/offsec-sample-report.pdf
Writing a Penetration Testing Report -- Probably one of the best papers on this subject. It was written by Mansour A. Alharbi for his GIAC certification. The author starts with report development stages, then describes the report format and ends it with a sample report.
http://www.sans.org/reading_room/whitepapers/bestprac/writing-penetration-testing-report_33343
Report Template-- A report template by vulnerabilityassessment.co.uk
Writing a Penetration Testing Report -- Probably one of the best papers on this subject. It was written by Mansour A. Alharbi for his GIAC certification. The author starts with report development stages, then describes the report format and ends it with a sample report.
http://www.sans.org/reading_room/whitepapers/bestprac/writing-penetration-testing-report_33343
Report Template-- A report template by vulnerabilityassessment.co.uk
http://www.okdhs.org/NR/rdonlyres/EDC02492-637C-4C45-B305-35856EBEE8DF/0/SecurityPenetrationTestResultsRprttemp_EPMO_05052009.pd
Penetration Testing Report-- Sample report by niiconsulting.com
Penetration Testing Report-- Sample report by niiconsulting.com
http://www.niiconsulting.com/services/security_assessment/NII_Sample_PT_Report.pdf
Penetration Test Report-- Another good sample report
Penetration Test Report-- Another good sample report
www.besnard.org/biometrics/2BIO706_business_report.pdf
Penetration Test Report-- Sample OSSAR report
Penetration Test Report-- Sample OSSAR report
www.digitalencode.net/ossar/ossar_v0.5.pdf
penetration testing report template-- Template by logicallysecure.com
penetration testing report template-- Template by logicallysecure.com
How to develop an enterprise security policy
By Marc Gartenberg
Computerworld - Policy is the cornerstone of an effective organization. It serves as a road map that every person in the organization can use in a variety of ways. However, the policy document has to be overarching and fairly all-encompassing -- clearly a challenge from the start. As such, policy development is often referred to as an art as well as a skill.
Federal agencies have a statutory obligation under the Federal Information Security Management Act to maintain an up-to-date security policy. The responsibility lies with the CIO, the chief information security officer (CISO) and, ultimately, the head of the agency. This maps well to industry; just replace the agency head with the CEO.
A good security policy takes into consideration the mission of the organization, the critical assets requiring protection, the threats posed and the mitigating risks against known vulnerabilities. These are all parts of a risk assessment that includes a business-impact analysis, which identifies the weaknesses, the critical assets and the effect on the company if vulnerability were exploited.
Federal agencies have a statutory obligation under the Federal Information Security Management Act to maintain an up-to-date security policy. The responsibility lies with the CIO, the chief information security officer (CISO) and, ultimately, the head of the agency. This maps well to industry; just replace the agency head with the CEO.
A good security policy takes into consideration the mission of the organization, the critical assets requiring protection, the threats posed and the mitigating risks against known vulnerabilities. These are all parts of a risk assessment that includes a business-impact analysis, which identifies the weaknesses, the critical assets and the effect on the company if vulnerability were exploited.
Developing a security policy isn't a daunting task once the scope is identified using this simple explanation. The challenges are in defining the scope and writing a policy that can be embraced by other areas of the organization.
By definition, the policy is the high-level document that's used to guide the formulation of procedures and guidelines. The policy answers the question of "What should be done and by whom?" The procedures and guidelines answer the question of "How should it be done?"
Below are some tips for developing a comprehensive enterprise security policy. It's a checklist for any policy wonk given the responsibility of putting the document together.
- Know your organization. Without a realistic understanding of the organizational structure -- the players, the environment, the mission, goals and objectives -- it's exceedingly difficult to write a policy that will fit. Therefore, knowing the lay of the land -- the hierarchy and the roles and responsibilities of different areas -- is very important.
- Define the scope and the agenda. What will the policy cover? This should be stated upfront in the policy document. Equally important is what it won't cover. If you can derive both, it will be meaningful to the people who need to translate the policy to practical procedures and/or guidelines.
- Know your target audience. Who are the stakeholders for the various sections of the document? Who will be reading and signing off on it? The CEO, CIO and CISO are normally the key stakeholders, and each has a specific agenda that should be addressed. For the CEO, it would be the areas derived from the business-impact analysis; for the CIO, it would be the overall enterprise architecture and infrastructure that aligns and enables the CEO and the organizational mission; and for the CISO, it should address the critical infrastructure and assets, along with risk, vulnerability and mitigation focus.
- Stay high-level, general and broad. These are critical points that need to be remembered as each policy statement is written. Going too far down in the weeds leads to the area of procedures, so it's important to keep the policy statements at the appropriate level and aligned with the mission.
- Ensure that it can be easily translated to procedures and guidelines by the appropriate areas. Try a small sample, imagine the area to which the policy might apply and see if you can easily derive a procedure or guideline. After all, you might be asked for some examples down the road by less-experienced managers.
- Keep weaknesses and organizational deficiencies in mind so the policy can address specific areas while staying aligned with your goals. Recognize the gaps and try to bridge them through policies. Keep the mission and business-impact analysis in mind. These are critical to effective policies that supplant the gaps in organizational functionality.
- Be aware of external drivers. Depending on your industry, there may be regulatory requirements or cross-cutting laws. The policy should address the requirements to ensure compliance and make your organization a model.
- Be realistic. If you can get a first cut past the approving authorities, it's a step in the right direction. Policies can never be static because the environment and organizational operations are always changing. Companies on the leading edge are dynamic in nature, and gaining competitive advantage requires continuous change and improvement. A policy that addresses 90% of the needs and is implemented is better than one that aims for 100% but never gets out of draft mode.
- Ensure version control and backups. This seems like common sense, but you'd be surprised at how many organizations don't maintain tight version control, including documented procedures for modifications along with a good single backup strategy. You never want to end up hunting for the most current policy document, nor should you ever question its integrity. This in itself may require a policy.
- Avoid controversy. This of course depends on how well the policy is rolled out and what changes are made. If change is required, do it incrementally. It hurts less. Having the backing of senior executive leadership is also important in the event that critical gaps require immediate change.
- Wear a white hat. Remember, the whole reason for developing security policies is to benefit the organization and its personnel. If you are given the task of getting the job done, try to get acceptance from the key managers sooner rather than later. An effective policy development effort has collaboration written all over it. And, done properly, it can even be fun.
- Finally, don't forget to smile and keep your sense of humor. It can be an intense effort, but by using proven project management methods, including milestones and timing, you can ensure that the important pieces are addressed first and that stress is minimized. It comes down to having a good road map, a strategy and a flashlight.
TESTING YOUR WEB APPLICATIONS
A Quick 10-Step Guide by Krishen Kota, PMP
Interested in a quick checklist for testing a web application? The following 10 steps cover the most critical items that I have found important in making sure a web application is ready to be deployed. Depending on size, complexity, and corporate policies, modify the following steps to meet your specific testing needs.
STEP 1 - OBJECTIVES
Make sure to establish your testing objectives up front and make sure they are measurable. It will make your life a lot easier by having written objectives that your whole team can understand and rally around. In addition to documenting your objectives, make sure your objectives are prioritized. Ask yourself questions like "What is most important: minimal defects or time-to-market?"
Here are two examples of how to determine priorities:
If you are building a medical web application that will assist in diagnosing illnesses, and someone could potentially die based on how correctly the application functions, you may want to make testing the correctness of the business functionality a higher priority than testing for navigational consistency throughout the application.
If you are testing an application that will be used to solicit external funding, you may want to put testing the aspects of the application that impact the visual appeal as the highest testing priority.
Your web application doesn't have to be perfect; it just needs to meet your intended customer's requirements and expectations.
Step 2 – Process and Reporting
Make sure that everyone on your testing team knows his or her role. Who should report what to whom and when? In other words, define your testing process. Use the following questions to help you get started:
- How will issues be reported?
- Who can assign issues?
- How will issues be categorized?
- Who needs what report and when do they need it?
- Are team meetings scheduled in advance or scheduled as needed?
You may define your testing process and reporting requirements formally or informally, depending on your particular needs. The main point to keep in mind is to organize your team in a way that supports your testing objectives and takes into account the individual personalities on your team. One size never fits all when dealing with people.
Step 3 - Tracking Results
Once you start executing your test plans, you will probably generate a large number of bugs, issues, defects, etc. You will want a way to easily store, organize, and distribute this information to the appropriate technical team members. You will also need a way to keep management informed on the status of your testing efforts. If your company already has a system in place to track this type of information, don't try to reinvent the wheel. Take advantage of what's already in place.
If your company doesn't already have something in place, spend a little time investigating some of the easy-to-setup online systems such as the one found atAdminiTrack.com. By using an online system, you can make it much easier on yourself by eliminating the need to install and maintain an off-the-shelf package.
Step 4 - Test Environment
Set up a test environment that is separate from your development and production environment. This includes a separate web server, database server, and application server if applicable. You may or may not be able to utilize existing computers to setup a separate test environment.
Create an explicitly defined procedure for moving code to and from your test environment and make sure the procedure is followed. Also, work with your development team to make sure each new version of source code to be tested is uniquely identified.
Step 5 - Usability Testing
In usability testing, you'll be looking at aspects of your web application that affect the user's experience, such as:
- How easy is it to navigate through your web application?
- Is it obvious to the user which actions are available to him or her?
- Is the look-and-feel of your web application consistent from page to page, including font sizes and colors?
The book, "Don't Make Me Think! A Common Sense Approach to Web Usability" by Steve Krug and Roger Black, provides a practical approach to the topic of usability. I refer to it often, and recommend it highly.
In addition to the traditional navigation and look-and-feel issues, Section 508 compliance is another area of importance. The 1998 Amendment to Section 508 of the Rehabilitation Act spells out accessibility requirements for individuals with certain disabilities.
For instance, if a user forgets to fill in a required field, you might think it is a good idea to present the user with a friendly error message and change the color of the field label to red or some other conspicuous color. However, changing the color of the field label would not really help a user who has difficulty deciphering colors. The use of color may help most users, but you would want to use an additional visual clue, such as placing an asterisk beside the field in question or additionally making the text bold.
For more details, refer to http://www.section508.gov/. Another great resource that can help analyze your HTML pages for Section 508 compliance can be found at http://www.cast.org/bobby/. If you are working with the United States
Step 6 – Unit Testing
Unit testing is focused on verifying small portions of functionality. For example, an individual unit test case might focus on verifying that the correct data has been saved to the database when the Submit button on a particular page is clicked.
An important subset of unit testing that is often overlooked is range checking. That is, making sure all the fields that collect information from the user, can gracefully handle any value that is entered. Most people think of range checking as making sure that a numeric field only accepts numbers. In addition to traditional range checking make sure you also check for less common, but just as problematic exceptions. For example, what happens when a user enters his or her last name and the last name contains an apostrophe, such as O'Brien? Different combinations of databases and database drivers handle the apostrophe differently, sometimes with unexpected results. Proper unit testing will help rid your web application of obvious errors that your users should never have to encounter.
Step 7 - Verifying the HTML
Hyper Text Markup Language (HTML) is the computer language sent from your web server to the web browser on your users' computer to display the pages that make up your web application. The World Wide Web Consortium (http://www.w3.org/) manages the HTML specification. One major objective of HTML is to provide the ability for anyone from anywhere to access information on the World Wide Web. This concept generally holds true if you conform strictly to the relevant version of the HTML specification that you will support. Unfortunately, in the real world, it is possible for a developer to inadvertently use a proprietary HTML tag that may not work for all of your intended users.
Verifying HTML is simple in concept but can be very time consuming in practice. A good place to start is with the World Wide Web Consortium's free HTML Validation Service (http://validator.w3.org/). There are also other online and downloadable applications to help in this area such as Net Mechanic (http://www.netmechanic.com/). There are two main aspects of verifying the validity of your HTML. First, you want to make sure that your syntax is correct, such as verifying that all opening and closing tags match, etc. Secondly, you want to verify how your pages look in different browsers, at different screen resolutions, and on different operating systems. Create a profile of your target audience and make some decisions on what browsers you will support, on which operating systems, and at what screen resolutions.
In general, the later versions of Microsoft Internet Explorer are very forgiving. If your development team has only been using Internet Explorer 5.5 on high-resolution monitors, you may be unpleasantly surprised when you see your web application on a typical user's computer. The sooner you start verifying your HTML, the better off your web application will be.
Step 8 - Load Testing
In performing load testing, you want to simulate how users will use your web application in the real world. The earlier you perform load testing the better. Simple design changes can often make a significant impact on the performance and scalability of your web application. A good overview of how to perform load testing can be found on Microsoft's Developer Network (MSDN) website:
A topic closely related to load testing is performance tuning. Performance tuning should be tightly integrated with the design of your application. If you are using Microsoft technology, the following article is a great resource for understanding the specifics of tuning a web application.
People hate to wait for a web page to load. As general rule, try to make sure that all of your pages load in 15 seconds or less. This rule will of course depend on your particular application and the expectations of the people using it.
Step 9 - User Acceptance Testing
By performing user acceptance testing, you are making sure your web application fits the use for which it was intended. Simply stated, you are making sure your web application makes things easier for the user and not harder. One effective way to handle user acceptance testing is by setting up a beta test for your web application.
Step 10 - Testing Security
With the large number of highly skilled hackers in the world, security should be a huge concern for anyone building a web application. You need to test how secure your web application is from both external and internal threats. The security of your web application should be planned for and verified by qualified security specialists.
Some additional online resources to help you stay up to date on the latest Internet security issues include:
CERT Coordination Centerhttp://www.cert.org/
Computer Security Resource Centerhttp://csrc.nist.gov/
After performing your initial security testing, make sure to also perform ongoing security audits to ensure your web application remains secure over time as people and technology change.
Testing a web application can be a totally overwhelming task. The best advice I can give you is to keep prioritizing and focusing on the most important aspects of your application and don't forget to solicit help from your fellow team members.
By following the steps above coupled with your own expertise and knowledge, you will have a web application you can be proud of and that your users will love. You will also be giving your company the opportunity to deploy a web application that could become a run away success and possibly makes tons of money, saves millions of lives, or slashes customer support costs in half. Even better, because of your awesome web application, you may get profiled on CNN, which causes the killer job offers to start flooding in.
Proper testing is an integral part of creating a positive user experience, which can translate into the ultimate success of your web application. Even if your web application doesn't get featured on CNN, CNBC, or Fox News, you can take great satisfaction in knowing how you and your team's diligent testing efforts made all the difference in your successful deployment.
http://www.niiconsulting.com/services/security_assessment/NII_Sample_PT_Report.pdf
http://www.offensive-security.com/offsec-sample-report.pdf
http://www.sans.org/reading_room/whitepapers/bestprac/writing-penetration-testing-report_33343
http://www.vulnerabilityassessment.co.uk/report%20template.html
http://www.digitalencode.net/ossar/ossar_v0.5.pdf
http://www.besnard.org/biometrics/2BIO706_business_report.pdf
http://www.offensive-security.com/offsec-sample-report.pdf
http://www.sans.org/reading_room/whitepapers/bestprac/writing-penetration-testing-report_33343
http://www.vulnerabilityassessment.co.uk/report%20template.html
http://www.digitalencode.net/ossar/ossar_v0.5.pdf
http://www.besnard.org/biometrics/2BIO706_business_report.pdf
Subscribe to:
Posts (Atom)