Advances In Computer Science And Information Technology Astucmaisaacn 2010 Conferences Miyazaki Japan June 2325 2010 Joint Proceedings 1st Edition Nurzaini Mohamad Zain

Advances In Computer Science And Information Technology Astucmaisaacn 2010 Conferences Miyazaki Japan June 2325 2010 Joint Proceedings 1st Edition Nurzaini Mohamad Zain

• 1.
  Advances In ComputerScience And Information Technology Astucmaisaacn 2010 Conferences Miyazaki Japan June 2325 2010 Joint Proceedings 1st Edition Nurzaini Mohamad Zain download https://ebookbell.com/product/advances-in-computer-science-and- information-technology-astucmaisaacn-2010-conferences-miyazaki- japan-june-2325-2010-joint-proceedings-1st-edition-nurzaini- mohamad-zain-1859066 Explore and download more ebooks at ebookbell.com
• 2.
  Here are somerecommended products that we believe you will be interested in. You can click the link to download. Advances In Computer Science And Information Technology Astucmaisaacn 2010 Conferences Miyazaki Japan June 2325 2010 Joint Proceedings 1st Edition Nurzaini Mohamad Zain https://ebookbell.com/product/advances-in-computer-science-and- information-technology-astucmaisaacn-2010-conferences-miyazaki-japan- june-2325-2010-joint-proceedings-1st-edition-nurzaini-mohamad- zain-4140240 Advances In Computer Science And Information Technology Computer Science And Information Technology Second International Conference Ccsit 2012 Bangalore India January 24 2012 Proceedings Part Iii 1st Edition M A Berlin https://ebookbell.com/product/advances-in-computer-science-and- information-technology-computer-science-and-information-technology- second-international-conference-ccsit-2012-bangalore-india- january-24-2012-proceedings-part-iii-1st-edition-m-a-berlin-2608908 Advances In Computer Science And Information Technology Networks And Communications Second International Conference Ccsit 2012 Bangalore India January 24 2012 Proceedings Part I 1st Edition L Sherly Puspha Annabel https://ebookbell.com/product/advances-in-computer-science-and- information-technology-networks-and-communications-second- international-conference-ccsit-2012-bangalore-india- january-24-2012-proceedings-part-i-1st-edition-l-sherly-puspha- annabel-4202882 Advances In Computer Science And Information Technology First International Conference On Computer Science And Information Technology Ccsit 2011 Bangalore India January 24 2011 Proceedings Part I 1st Edition Mano Yadav https://ebookbell.com/product/advances-in-computer-science-and- information-technology-first-international-conference-on-computer- science-and-information-technology-ccsit-2011-bangalore-india- january-24-2011-proceedings-part-i-1st-edition-mano-yadav-4521772
• 3.
  Advances In ComputerScience And Information Technology Computer Science And Engineering Second International Conference Ccsit 2012 Bangalore India January 24 2012 Proceedings Part Ii 1st Edition Devendra Kumar Sharma https://ebookbell.com/product/advances-in-computer-science-and- information-technology-computer-science-and-engineering-second- international-conference-ccsit-2012-bangalore-india- january-24-2012-proceedings-part-ii-1st-edition-devendra-kumar- sharma-4522406 Advances In Networks And Communications First International Conference On Computer Science And Information Technology Ccsit 2011 Bangalore India January 24 2011 Proceedings Part Ii 1st Edition G S Deepthy https://ebookbell.com/product/advances-in-networks-and-communications- first-international-conference-on-computer-science-and-information- technology-ccsit-2011-bangalore-india-january-24-2011-proceedings- part-ii-1st-edition-g-s-deepthy-4521774 Advances In Computer Science And Information Engineering Volume 2 1st Edition Zhengwei Zhu https://ebookbell.com/product/advances-in-computer-science-and- information-engineering-volume-2-1st-edition-zhengwei-zhu-4096694 Advances In Computer Science And Information Engineering Volume 1 1st Edition Guiping Dai https://ebookbell.com/product/advances-in-computer-science-and- information-engineering-volume-1-1st-edition-guiping-dai-4635852 Recent Advances In Computer Science And Information Engineering Volume 2 1st Edition Yuekai Wang https://ebookbell.com/product/recent-advances-in-computer-science-and- information-engineering-volume-2-1st-edition-yuekai-wang-4106874
• 5.
  Lecture Notes inComputer Science 6059 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Germany Madhu Sudan Microsoft Research, Cambridge, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany
• 6.
  Tai-hoon Kim HojjatAdeli (Eds.) Advances in Computer Science and Information Technology AST/UCMA/ISA/ACN 2010 Conferences Miyazaki, Japan, June 23-25, 2010 Joint Proceedings 1 3
• 7.
  Volume Editors Tai-hoon Kim HannamUniversity Daejeon 306-791, South Korea E-mail: [email protected] Hojjat Adeli The Ohio State University Columbus, OH, 43210, USA E-mail: [email protected] Library of Congress Control Number: 2010927807 CR Subject Classification (1998): C.2, H.4, H.3, I.2, I.4, I.5 LNCS Sublibrary: SL 3 – Information Systems and Application, incl. Internet/Web and HCI ISSN 0302-9743 ISBN-10 3-642-13576-5 Springer Berlin Heidelberg New York ISBN-13 978-3-642-13576-7 Springer Berlin Heidelberg New York This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. springer.com © Springer-Verlag Berlin Heidelberg 2010 Printed in Germany Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper 06/3180
• 8.
  Foreword Advanced Science andTechnology, Advanced Communication and Networking, Information Security and Assurance, Ubiquitous Computing and Multimedia Applica- tions are conferences that attract many academic and industry professionals. The goal of these co-located conferences is to bring together researchers from academia and industry as well as practitioners to share ideas, problems and solutions relating to the multifaceted aspects of advanced science and technology, advanced communication and networking, information security and assurance, ubiquitous computing and mul- timedia applications. This co-located event included the following conferences: AST 2010 (The second International Conference on Advanced Science and Technology), ACN 2010 (The second International Conference on Advanced Communication and Networking), ISA 2010 (The 4th International Conference on Information Security and Assurance) and UCMA 2010 (The 2010 International Conference on Ubiquitous Computing and Multimedia Applications). We would like to express our gratitude to all of the authors of submitted papers and to all attendees, for their contributions and participation. We believe in the need for continuing this undertaking in the future. We acknowledge the great effort of all the Chairs and the members of advisory boards and Program Committees of the above-listed events, who selected 15% of over 1,000 submissions, following a rigorous peer-review process. Special thanks go to SERSC (Science & Engineering Research Support soCiety) for supporting these co- located conferences. We are grateful in particular to the following speakers who kindly accepted our in- vitation and, in this way, helped to meet the objectives of the conference: Hojjat Adeli (The Ohio State University), Ruay-Shiung Chang (National Dong Hwa Univer- sity), Adrian Stoica (NASA Jet Propulsion Laboratory), Tatsuya Akutsu (Kyoto Uni- versity) and Tadashi Dohi (Hiroshima University). We would also like to thank Rosslin John Robles and Maricel O. Balitanas, gradu- ate students of Hannam University, who helped in editing the material with great passion. April 2010 Tai-hoon Kim
• 9.
  Preface This volume containscarefully selected papers that were accepted for presentation at the second International Conference on Advanced Science and Technology held in conjunction with the ISA, ACN and UCMA held on June 23–25, 2010, at Sheraton Grande Ocean Resort, in Miyazaki, Japan. The papers in this volume were recommended based on their scores, obtained from the independent reviewing processes of each conference, and on their relevance to the idea of constructing hybrid solutions to address the real-world challenges of IT. The final selection was also based on the attempt to make this volume as representative of the current trend in IT as possible. The conference focused on various aspects of advances in advanced computer science and information technology with computational sciences, mathematics and information technology. It provided a chance for academic and industry professionals to discuss recent progress in the related areas. We expect that the conference and its publications will be a trigger for further related research and technology improve- ments in this important subject. We would like to acknowledge the great effort of all the Chairs and members of the Program Committee. Out of approximately 122 papers accepted, a total of 49 papers are published in this LNCS volume. The remaining accepted papers were included in the proceedings of each particular event and pub- lished by Springer in its CCIS series (respective volume numbers: 74, 75, 76 and 77). We would like to express our gratitude to all of the authors of submitted papers and to all the attendees, for their contributions and participation. We believe in the need for continuing this undertaking in the future. Once more, we would like to thank all the organizations and individuals who sup- ported this event as a whole and, in particular, helped in the success of second Inter- national Conference on Advanced Science and Technology in conjunction with ISA, ACN and UCMA. April 2010 Tai-hoon Kim
• 10.
  Table of Contents InformationSecurity and Assurance Fuzzy Based Threat Analysis in Total Hospital Information System . . . . 1 Nurzaini Mohamad Zain, Ganthan Narayana Samy, Rabiah Ahmad, Zuraini Ismail, and Azizah Abdul Manaf An ID-Based Anonymous Signcryption Scheme for Multiple Receivers Secure in the Standard Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Bo Zhang and Qiuliang Xu A Supervised Locality Preserving Projections Based Local Matching Algorithm for Face Recognition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Yingqi Lu, Cheng Lu, Miao Qi, and Shuyan Wang Information Systems Security Criticality and Assurance Evaluation. . . . . 38 Moussa Ouedraogo, Haralambos Mouratidis, Eric Dubois, and Djamel Khadraoui Security Analysis of ‘Two–Factor User Authentication in Wireless Sensor Networks’ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Muhammad Khurram Khan and Khaled Alghathbar Directed Graph Pattern Synthesis in LSB Technique on Video Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Debnath Bhattacharyya, Arup Kumar Bhaumik, Minkyu Choi, and Tai-hoon Kim Feature Level Fusion of Face and Palmprint Biometrics by Isomorphic Graph-Based Improved K-Medoids Partitioning . . . . . . . . . . . . . . . . . . . . . . 70 Dakshina Ranjan Kisku, Phalguni Gupta, and Jamuna Kanta Sing Post-quantum Cryptography: Code-Based Signatures . . . . . . . . . . . . . . . . . 82 Pierre-Louis Cayrel and Mohammed Meziani Security Analysis of the Proposed Practical Security Mechanisms for High Speed Data Transfer Protocol. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 Danilo Valeros Bernardo and Doan Hoang A Fuzzy-Based Dynamic Provision Approach for Virtualized Network Intrusion Detection Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 Bo Li, Jianxin Li, Tianyu Wo, Xudong Wu, Junaid Arshad, and Wantao Liu
• 11.
  VIII Table ofContents An Active Intrusion Detection System for LAN Specific Attacks . . . . . . . 129 Neminath Hubballi, S. Roopa, Ritesh Ratti, F.A. Barbhuiya, Santosh Biswas, Arijit Sur, Sukumar Nandi, and Vivek Ramachandran Analysis on the Improved SVD-Based Watermarking Scheme . . . . . . . . . . 143 Huo-Chong Ling, Raphael C-W. Phan, and Swee-Huay Heng Advanced Communication and Networking Applications of Adaptive Belief Propagation Decoding for Long Reed-Solomon Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 Zhian Zheng, Dang Hai Pham, and Tomohisa Wada Dynamic Routing for Mitigating the Energy Hole Based on Heuristic Mobile Sink in Wireless Sensor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Seong-Yong Choi, Jin-Su Kim, Seung-Jin Han, Jun-Hyeog Choi, Kee-Wook Rim, and Jung-Hyun Lee Grammar Encoding in DNA-Like Secret Sharing Infrastructure . . . . . . . . 175 Marek R. Ogiela and Urszula Ogiela HATS: High Accuracy Timestamping System Based on NetFPGA. . . . . . 183 Zhiqiang Zhou, Lin Cong, Guohan Lu, Beixing Deng, and Xing Li A Roadside Unit Placement Scheme for Vehicular Telematics Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 Junghoon Lee and Cheol Min Kim Concurrent Covert Communication Channels . . . . . . . . . . . . . . . . . . . . . . . . 203 Md Amiruzzaman, Hassan Peyravi, M. Abdullah-Al-Wadud, and Yoojin Chung Energy Efficiency of Collaborative Communication with Imperfect Frequency Synchronization in Wireless Sensor Networks . . . . . . . . . . . . . . 214 Husnain Naqvi, Stevan Berber, and Zoran Salcic High Performance MAC Architecture for 3GPP Modem. . . . . . . . . . . . . . . 228 Sejin Park, Yong Kim, Inchul Song, Kichul Han, Jookwang Kim, and Kyungho Kim Modified Structures of Viterbi Alogrithm for Forced-State Method in Concatenated Coding System of ISDB-T . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 Zhian Zheng, Yoshitomo Kaneda, Dang Hai Pham, and Tomohisa Wada A New Cross-Layer Unstructured P2P File Sharing Protocol Over Mobile Ad Hoc Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 Nadir Shah and Depei Qian
• 12.
  Table of ContentsIX A Model for Interference on Links in Inter-Working Multi-Hop Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264 Oladayo Salami, Antoine Bagula, and H. Anthony Chan An Optimum ICA Based Multiuser Data Separation for Short Message Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 Mahdi Khosravy, Mohammad Reza Alsharif, and Katsumi Yamashita Advanced Computer Science and Information Technology Multiple Asynchronous Requests on a Client-Based Mashup Page . . . . . . 287 Eunjung Lee and Kyung-Jin Seo Using an Integrated Ontology Database to Categorize Web Pages . . . . . . 300 Rujiang Bai, Xiaoyue Wang, and Junhua Liao Topic Detection by Topic Model Induced Distance Using Biased Initiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Yonghui Wu, Yuxin Ding, Xiaolong Wang, and Jun Xu Mining Significant Least Association Rules Using Fast SLP-Growth Algorithm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324 Zailani Abdullah, Tutut Herawan, and Mustafa Mat Deris Maximized Posteriori Attributes Selection from Facial Salient Landmarks for Face Recognition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 Phalguni Gupta, Dakshina Ranjan Kisku, Jamuna Kanta Sing, and Massimo Tistarelli Agent Based Approach to Regression Testing . . . . . . . . . . . . . . . . . . . . . . . . 345 Praveen Ranjan Srivastava and Tai-hoon Kim A Numerical Study on B&B Algorithms for Solving Sum-Of-Ratios Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 Lianbo Gao and Jianming Shi Development of a Digital Textbook Standard Format Based on XML . . . 363 Mihye Kim, Kwan-Hee Yoo, Chan Park, and Jae-Soo Yoo A Pattern-Based Representation Approach for Online Discourses . . . . . . . 378 Hao Xu A Fault Tolerant Architecture for Transportation Information Services of E-Government. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385 Woonsuk Suh, Boo-Mann Choung, and Eunseok Lee Design and Implementation of Binary Tree Based Proactive Routing Protocols for Large MANETS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 Pavan Kumar Pandey and G.P. Biswas
• 13.
  X Table ofContents Extract Semantic Information from WordNet to Improve Text Classification Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 Rujiang Bai, Xiaoyue Wang, and Junhua Liao Managing Ubiquitous Scientific Knowledge on Semantic Web . . . . . . . . . . 421 Hao Xu A Semantic Pattern Approach to Managing Scientific Publications . . . . . 431 Hao Xu A Bootstrap Software Reliability Assessment Method to Squeeze Out Remaining Faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 Mitsuhiro Kimura and Takaji Fujiwara Markov Chain Monte Carlo Random Testing . . . . . . . . . . . . . . . . . . . . . . . . 447 Bo Zhou, Hiroyuki Okamura, and Tadashi Dohi An Integrated Approach to Detect Fault-Prone Modules Using Complexity and Text Feature Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457 Osamu Mizuno and Hideaki Hata Ubiquitous Computing and Multimedia Applications An Effective Video Steganography Method for Biometric Identification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 Yingqi Lu, Cheng Lu, and Miao Qi A Video Coding Technique using Octagonal Motion Search and BTC-PF Method for Fast Reconstruction . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 Bibhas Chandra Dhara, Sanjoy Kumar Saha, and Bhabatosh Chanda Rough Set Approach in Ultrasound Biomicroscopy Glaucoma Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 Soumya Banerjee, Hameed Al-Qaheri, El-Sayed A. El-Dahshan, and Aboul Ella Hassanien Video Copy Detection: Sequence Matching Using Hypothesis Test . . . . . . 499 Debabrata Dutta, Sanjoy Kumar Saha, and Bhabatosh Chanda An XML-Based Digital Textbook and Its Educational Effectiveness . . . . 509 Mihye Kim, Kwan-Hee Yoo, Chan Park, Jae-Soo Yoo, Hoseung Byun, Wanyoung Cho, Jeeheon Ryu, and Namgyun Kim SIMACT: A 3D Open Source Smart Home Simulator for Activity Recognition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 Kevin Bouchard, Amir Ajroud, Bruno Bouchard, and Abdenour Bouzouane
• 14.
  Table of ContentsXI Design of an Efficient Message Collecting Scheme for the Slot-Based Wireless Mesh Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 Junghoon Lee and Gyung-Leen Park A Novel Approach Based on Fault Tolerance and Recursive Segmentation to Query by Humming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544 Xiaohong Yang, Qingcai Chen, and Xiaolong Wang Chinese Prosody Generation Based on C-ToBI Representation for Text-To-Speech . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558 Byeongchang Kim CAS4UA: A Context-Aware Service System Based on Workflow Model for Ubiquitous Agriculture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572 Yongyun Cho, Hyun Yoe, and Haeng-Kon Kim A Power Control Scheme for an Energy-Efficient MAC Protocol. . . . . . . . 586 Ho-chul Lee, Jeong-hwan Hwang, Meong-hun Lee, Haeng-kon Kim, and Hyun Yoe Towards the Designing of a Robust Intrusion Detection System through an Optimized Advancement of Neural Networks. . . . . . . . . . . . . . . . . . . . . . 597 Iftikhar Ahmad, Azween B Abdulah, and Abdullah S Alghamdi Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603
• 15.
  T.H. Kim andH. Adeli (Eds.): AST/UCMA/ISA/ACN 2010, LNCS 6059, pp. 1–14, 2010. © Springer-Verlag Berlin Heidelberg 2010 Fuzzy Based Threat Analysis in Total Hospital Information System Nurzaini Mohamad Zain1 , Ganthan Narayana Samy2 , Rabiah Ahmad1 , Zuraini Ismail3 , and Azizah Abdul Manaf3 1 Centre for Advanced Software Engineering (CASE), Faculty of Computer Science and Information Systems, Universiti Teknologi Malaysia (UTM), Malaysia 2 Department of Computer Systems and Communications, Faculty of Computer Science & Information Systems, Universiti Teknologi Malaysia (UTM), Malaysia 3 Department of Science, College of Science and Techology, Universiti Teknologi Malaysia (UTM), Malaysia [email protected], [email protected], {rabiah,zurainisma,azizah07}@ic.utm.my Abstract. This research attempts to develop fuzzy based threat analysis model in which; linguistic variable, fuzzy number and fuzzy weighted average are ap- plied to deal with the uncertainty problem in potential threats evaluation in To- tal Hospital Information System (THIS) environment. In fuzzification process, Triangular Average Number technique using two sets of membership functions was applied to evaluate “likelihood” and “consequence” of THIS threat vari- ables upon a particular THIS asset. Then, each security threat level was aggre- gated using Efficient Fuzzy Weighted Average (EFWA) algorithm. Finally, Best Fit Technique is used in defuzzification process to translate a single fuzzy value to linguistic terms that indicates the overall security threat level impact on THIS asset. To confirm the effectiveness of this adopted model, prototype is developed and verified using scenario method. Finding shown that this model, is capable to perform threat analysis with incomplete information and uncertain in THIS environment. Keywords: Total Hospital Information System (THIS), Risk Analysis, Threats, Information Security, Fuzzy logic. 1 Introduction Recently, several researches have addressed threats existence in Healthcare Informa- tion System (HIS) environment. For instance, [1] emphasized on storing health infor- mation in electronic form raises concerns about patient’s health, privacy and safety. In depth study [2], it is agreed that HIS can be threatened by both accidental events and deliberate actions threats as a result; these can severely damage health information systems’ reliability and consequently discourage professionals of future use. Further- more, [3] revealed that numerous variables can possibly occur as threats to computer system and it also emphasizes a need of appropriate threat analysis tools.
• 16.
  2 N. MohamadZain et al. Therefore, it can be stated that prediction process in estimating the probability of threats and its consequences that take place in HIS environment is highly uncertain and crucial. Apparently, from the existing research, there is no much research on fuzzy technique in threat analysis, particularly in HIS. Based on the above gaps, the aim of this study is to assess and analyze threat in HIS by using fuzzy logic approach. This study also investigates whether fuzzy logic approach is applicable and capable to perform threat analysis in HIS. In order to verify the effectiveness of threat analysis model with fuzzy logic approach in HIS, scenario method is created based on the empirical study and data collected from THIS [1]. Furthermore, multi-expert opinion and judgment using Delphi method is applied in fuzzy threat analysis technique. This paper designed in six sections. The next section describes previous researches related to this study. Section 3 explains method used in this research and section 4 presents result and analysis. Section 5 presents the discussion, followed by conclusion in section 6. 2 State of the Art In this section, risk analysis concept, its uncertainties and available techniques is explored in general. Furthermore, several risk analysis studies in context of informa- tion security is explored and discussed. In risk analysis model with fuzzy approach is inspired by previous related work. Several works discussed on improving theory fuzzy technique and algorithm. Besides, some works adopt fuzzy logic algorithm. This works are applied in various research areas such as information security, soft- ware development, network security and enterprise strategic risk assessment. Quantitative risk assessment method is proposed in information security risk [4]. It is based on fuzzy number operation where sufficient data collection for security as- sessment is scarce or even impossible. Comprehensive fuzzy assessment is made using operation rules defined to the triangular fuzzy number. The probability of in- formation security events is gained by the evaluation of information external cause (threat) and internal cause (survivability). Research also has been done for risk assessment in e-commerce development. Fuzzy Decision Support System (FDSS) prototype using a fuzzy set approach is developed to assist e-commerce project managers and decision makers [5]. In addi- tion, the prototype function is to help the evaluation of a company’s risk level and provides overall risk evaluation of E-Commerce (EC) development. In this research, empirical data is used in categorizing EC development risks and developing FDSS prototype. The concept of relative membership is introduced in Multi-objective fuzzy optimi- zation theory in proposing model of enterprise strategic risk management [6]. The goal of this study is to choose the best strategic project by using the new relative membership degrees matrix. Based on the related strategic management theory and empirical data, this model attempts to include all categories and processes that are necessary to assess directly the corporate strategic risk.
• 17.
  Fuzzy Based ThreatAnalysis in Total Hospital Information System 3 Besides that, novel Hierarchical Fuzzy Weighted Average (HFWA) is developed to perform fuzzy risk assessment method in network security risk analysis [7]. It is de- signed to help network managers and practitioners to monitor the security risk by calculating the overall risk using the fuzzy set theory. Basically, it implements secu- rity hierarchical structures and the Fuzzy Weighted Average (FWA) method is used to calculate the final risk value. Before the hierarchical structure is established, different risk factors that threaten the successful of network system work and development according to the different analysis goal is clearly identified. Furthermore, fuzzy-logic based threat modeling design is proposed with Mamdani- style fuzzy inference system which is incorporated in MATLAB fuzzy logic tools [8]. The goal of this model is to perform qualitative risk analysis in identifying, quantify- ing and analyzing potential threats that related to computer-based systems. The poten- tial threat is based on empirical data that related to six major threats categories (STRIDE – Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege). Apparently, from the above work, most fuzzy techniques used in risk analysis are related to fuzzy-multiple attribute decision making. Fundamental concepts associated with fuzzy set theory as applied to decision systems, are membership functions, lin- guistic variables, natural language computation, linguistic approximation, fuzzy set arithmetic operations, set operations and Fuzzy Weighted Averages [9]. Current available freeware or open source programming software, client server and database tools is used. Java Net Beans Integrated Development Environment (IDE) 6.5.1, MySQL 5.0 Community Server / v5.0.27 is applicable for prototype develop- ment. Besides, one proprietary software program which is Microsoft Excel 2007 is used for assessment result documentation. 3 Method The development of case study is done by referring to empirical study. In depth work in investigating various types of threats that exist in THIS is comprehended [1]. In their study, a complete taxonomy of threat categories reveals twenty two systems and twenty two potential threats categories with fifty threat descriptions. From the literature review, it is noted that a challenge in this research is the interrela- tionship between threats and security threat impacts upon THIS asset. This is due to the fact that fuzzy logic approach has not been thoroughly research in THIS environment. For the development of fuzzy logic threat analysis prototype, suitable fuzzy logic model which related in information security field will be adopted in this project. Based on the literature, most of fuzzy logic in risk analysis applies fuzzy multiple- attribute decision making. This process will focus on analyzing and interpreting threat in HIS environment using fuzzy approach. In developing the fuzzy threat analysis model, risk analysis methodology is adapted and adopted from [10], [11], [12]. Fuzzy risk analysis model is adapted from [5], [7]. As shown in Fig. 1, Fuzzy Threat Analysis model is constructed in six major steps. These steps are further discussed in next sub sections.
• 18.
  4 N. MohamadZain et al. Fig. 1. Total Hospital Information System (THIS) Fuzzy Threat Analysis Model 3.1 Context Identification The development of case study is done by referring to empirical study. In depth work in investigating various types of threats that exist in THIS is comprehended [1]. In this study, a government supported hospital in Peninsular Malaysia is used as field setting. Based on the empirical study, THIS system is consisting of twenty two sys- tems (asset) and twenty two potential threats categories with fifty threat descriptions. 3.2 Identification of Threat Categories In this step, fuzzy risk analysis model from [5], [7] is adopted. As shown in Fig. 2, THIS classification framework, the breakdown is listed as a following: Level 1 – Goal to the THIS security threats Level 2 – Categories of threats for evaluating those threat descriptions (factors) Level 3 – Comprises of Threat Descriptions (factors) that associated with THIS se- curity threats. Therefore, to identify security threats impacts in each level, for each possible threat, we evaluated its impact or consequence and the likelihood or probability that it would occur. Each threat descriptions were given qualitative values for consequence and likelihood (i.e. Very Low, Low, Medium, High and Very High.). As shown in Fig. 3, simple hierarchical structure is designed to identify the secu- rity threats impact for “TC01 - Power failure / loss”. There are three threats descrip- tions associated with “TC01” and the Fuzzy Weight Average for the security threats impact value is calculated as follows: (1)
• 19.
  Fuzzy Based ThreatAnalysis in Total Hospital Information System 5 Fig. 2. Hierarchical Structure of Security Threats to Total Hospital Information System Fig. 3. Simple hierarchical structure to identify the security threats impact for “TC01 - Power failure / loss”
• 20.
  6 N. MohamadZain et al. 3.3 Natural Language Representation In this step, as shown in Table 1, Fuzzy Set Representation is used for each linguistic term. Then, two membership function is defined which is ‘Consequence’ and ‘Likeli- hood’ as depicted in Fig. 4 and Fig. 5. The weighting for each membership function is fixed. In this step [11], [12] scale definition for “Likelihood”, “Consequence” and “Security Threat Impact” is adopted. Scale definition for “Likelihood” and “Conse- quence” is range from value 0 to 5. Table 1. Fuzzy set representation for each linguistic terms Likelihood Level Consequence Level Fuzzy Triangle Interval Very Low Very Low (0, 0, 1.25) 0 ≤ x ≤ 1.25 Low Low (0, 1.25, 2.5) 0 ≤ x ≤ 1.25 Medium Medium (1.25,2.5, 3.75) 1.25 ≤ x ≤ 2.5 High High (2.5, 3.75, 5) 2.5 ≤ x ≤ 3.75 Very High Very High (3.75, 5, 5) 3.75 ≤ x ≤ 5 Fig. 4. Membership function of Consequence Table 2. The membership functions scale definition Security Threat Impact Description Insignificant Acceptable Low Can lead to acceptable risk. The system can be used with the identified threats, but the threats must be observed to discover changes that could raise the risk level Moderate Can for this system be an acceptable risk, but for each case it should be considered whether neces- sary measures have been implemented. High Can lead to not acceptable risk. Cannot start using the system before risk reducing treatment has been implemented. Very High Not acceptable risk. Can cause huge financial loss and risk reduction need to be implemented.
• 21.
  Fuzzy Based ThreatAnalysis in Total Hospital Information System 7 Fig. 5. Membership function of Likelihood In Table 2, it illustrates predefined scale level and descriptions for result on “Secu- rity Threat Impact” and its descriptions. As depicted in Table 3, predefined scale level and descriptions for “Likelihood” which is Probability of threat Occurrence and “Consequence” which is Outcome to the system / asset value are clearly determined. Table 3. Impact of threat level for system definition Membership Function Level Descriptions Very Low Very rare or unlikely to occur. Assumes less than once in every 10 years Low Rare. Once every 3 years High May happen. Once in a year Medium Quite often. Once every 4 month Likelihood (Probability of threat Occurrence) Very High Very often. Once every month Very Low Does not affect confidentiality, integrity and availability of the system. Low Short interruptions of availability of the system. No breach of confi- dentiality or integrity of the system. High Interruptions of availability of the system for longer period. No breach of confidentiality or integ- rity of the system. Medium Partially breaches of information confidentiality, integrity and avail- ability of the system. Consequence (Outcome to the system / asset value) Very High Breaches of information confiden- tiality, integrity and availability which affect the system as a whole.
• 22.
  8 N. MohamadZain et al. 3.4 Fuzzy Assessment Aggregation In this step, Triangular Average Number is applied and he number n evaluators is considered and use Fuzzy Average Number to get the mean. The fuzzy average value is obtained based on “likelihood” and “consequence” of each threat that was per- formed all identified evaluators. 3.5 Fuzzy Weight Average Computation After obtaining the Fuzzy Average for all each sub-categories (Tx) for (TCx ), The Fuzzy Weighted Average (FWA) is calculated with EFWA algorithm. (Note: X is specific categories for a particular main threat).This algorithm is applied in order to find: (2) Moreover, this step is focusing on adopting and implementing fuzzy algorithm in the fuzzy threat analysis model. Fuzzy Weightage Average (FWA) using EFWA algo- rithm is adopted [13]. From the literature, this algorithm has been tested in FDSS prototype [5]. Moreover, the study also shown that the developed prototype is widely accepted by the fuzzy set theory (FST) expert and the EC practitioner. Moreover, the computational algorithm of EFWA is based on the value representation of fuzzy sets and interval analysis [13]. Besides that, this algorithm also has been applied in Context-awareness Content Gateway system. In this work, [14] agreed that EFWA technique provides the system with a comprehensible way by measuring the power of learning devices efficiently and deliver the proper learning style. Moreover, EFWA algorithm is applied because it can reduce the number of comparisons and arithmetic operations to O (n log n) rather than O (n2). This is associated case with Improved Fuzzy Weighted Average Algorithm (IFWA) [13] hence, it’s seems applicable and relevant to calculate the potential security threat impact for THIS asset. 3.6 Linguistic Approximation In this step, Euclidean Distance Formula (Best Fit Technique) is applied. As the re- sults are fuzzy numbers, Euclidean distances are used to map the resultant fuzzy in- terval back to linguistic terms. (3) 3.7 Prototype Architecture and Design This prototype is desktop application and working in Java environment. This proto- type allow the user to store and manage information on the THIS asset, threat analysis expert team member and identified potential threats in THIS environment. In this
• 23.
  Fuzzy Based ThreatAnalysis in Total Hospital Information System 9 project, the architectural design of Fuzzy Threat Analysis prototype can be divided into three interrelated components, which is user interface, database, and fuzzy threat analysis component. MySql JDBC (Java Database Connectivity) with TCP/IP network protocol is used to connect MySql database with Java client program. Fuzzy threat analysis compo- nent is built in Java Client Language. Fuzzy threat analysis component is called to access necessary information from database, such as the likelihood and consequence of each threat descriptions, to perform fuzzy averaging, calculate the fuzzy weighted average and obtain linguistic approximation. In this research study, the system prototype was tested on Microsoft Windows. MySql 5.0.27 Community Server is used for MySql server and client. In Fig. 6, it illustrates whole interrelated three components in Total Hospital Information System (THIS) Fuzzy Threat Analysis. Fig. 6. Total Hospital Information System (THIS) Fuzzy Threat Analysis prototype architecture and design 4 Result To verify fuzzy threat analysis model, Fuzzy Threat Analysis prototype is produced. Since Picture Archiving Communication System (PACS) is one of the major systems in THIS component, apparently overall PACS system characterization is crucial where it can be describe as follow: i. The mission of the PACS, including the processes implemented by the sys- tem. ii. The criticality of the PACS, determined by its value and the value of the data to the organization. iii. The sensitivity of the PACS and its data. As shown in Fig.7, From initial observation, its signify that “overall security threat impact level” scores for S1 – PACS in linguistic term is “Moderate” and the closest Euclidean distance value is 0.8055. As defined earlier, “Moderate” indicates that over- all security threat impact level for S1 – PACS can be acceptable risk. However, for each case it should be considered whether necessary measures have been implemented.
• 24.
  10 N. MohamadZain et al. ï Fig. 7. Threat Assessment Result on PACS Moreover, for each ‘Threat Categories’, security threat impact in linguistic terms with fuzzy values (Resultant Fuzzy Set, Defined Fuzzy Set) and the closest Euclidean Distance value could also be further examined. As shown in Table 4, description on each threat level impact for THIS asset is based on Table 2. PACS threat assessment result shows that none of the ‘Threat Cate- gories’ values is Very High or Very Low. Only one (1) is High, ten (10) are Moderate and eleven (11) is Low which can be listed as in Table 4. This is the result of looking at only one system (S1 – PACS) where overall security threat impact level and each level for threat categories (TC01 until TC22) are clearly stated. From this point, this result can be compiled and attached into a report and it can be presented to risk analysis team or hospital management level. For instance, when risk analysis team or hospital management level is presented with this information, they can view the result for each threat categories (TC01 until TC22). Therefore, they can determine which threats could cause the greatest security threat impact to S1 – PACS and which threats should be addressed first. In this scenario, with in depth examination, it seems that the staff (S1 – PACS evaluators) feels that acts of human error or failure threat (TC02) is contributed high- est security threat impact to S1 – PACS with “High” score. The “High” security threat impact level of TC02 could lead S1 – PACS to not acceptable risk. User cannot start using S1 – PACS before risk reducing treatment has been implemented. In TC02 threat descriptions; the results compose of several unwanted incidents which are:
• 25.
  Fuzzy Based ThreatAnalysis in Total Hospital Information System 11 i. T04 - Entry of erroneous data by staff. ii. T05 - Accidental deletion or modification of data by staff. iii. T06 - Accidental misrouting by staff. iv. T07 - Confidential information being sent to the wrong recipient. v. T08 - Storage of data / classified information in unprotected areas by staff. Table 4. PACS security threat impact in ranking Security Threat Impact Threat Categories High TC02 - Acts of Human Error or Failure Moderate TC01 - Power failure/loss TC03 - Technological Obsolescence TC04 - Hardware failures or errors TC05 - Software failures or errors TC06 - Network Infrastructure failures or errors TC07 - Deviations in quality of service TC08 - Operational issues TC09 - Malware attacks (Malicious virus, Worm, Trojan horses, Spyware and Adware) TC16 - Technical failure TC18 - Misuse of system resources Low TC10 - Communications interception TC11 - Masquerading TC12 - Unauthorized use of a health information application TC13 - Repudiation TC14 - Communications infiltration TC15 - Social Engineering attacks TC17 - Deliberate acts of Theft (including theft of equipment or data) TC19 - Staff shortage TC20 - Wilful damages TC21 - Environmental Support Failure/Natural disasters TC22 – Terrorism Although, it shows that TC02 is “High” level, it can be stated that TC04 and TC05 threat categories with “Moderate” level might also contribute to this outcome. More- over, “Moderate” indicates that security threat impact level of TC04 and TC05 can be acceptable risk. However, for each threat categories it should be considered whether necessary measures have been implemented. For example, TC04 - Hardware Failure or errors could cause spurious signals to be generated that are outside the range of inputs expected by software. The software could then behave unpredictably. Moreover, TC05 – Software failures or errors might lead to unexpected system behavior that might confuse the staff (operator) and result in staff stress. The staff may then act incorrectly and choose inputs that are inappro- priate for the current failure situation. These inputs could further confuse the system and more errors are generated. A single sub-system failure that is recoverable can thus rapidly develop into a serious problem requiring a complete S1 – PACS shutdown.
• 26.
  12 N. MohamadZain et al. Therefore, effective control measure should be put in place and good practice among the staff must be exercised. Furthermore, depth analysis should be performed and appropriate controls should be put in place to reduce security threats level TC01, T03, TC06, TC07, TC08, TC09 and TC16 which also label as “Moderate”. In further analysis, it shows that TC10, TC11, TC12, TC13, TC14, TC15, TC17, TC19, TC20, TC21 and TC22 threat categories is categorized as “Low”. The “Low” security threat impact level of these threat categories could lead to acceptable risk for S1 – PACS. In this situation, S1 – PACS can be used with the identified threats, but the threats must be observed to discover changes that could raise the risk level. With this threat analysis result, risk analysis team or hospital management can make decision and take further step in the risk analysis process. As mentioned before, security concerns in Total Hospital Information System (THIS) environment is related to loss confidentiality, loss integrity and loss availability. Therefore, it is vital to en- sure THIS resources are appropriately taken care of and patient’s health information, privacy and safety are securely protected. However, further step in risk analysis and information security risk management is out of this research scope and will be not discuss details in this research. 5 Discussion Throughout the cause of conducting this study, it provides several steps that are appli- cable and significant for further research. Several progress and achievements has been made particularly in the design and implementations of fuzzy threat analysis proto- type in healthcare information system (HIS) environment. Therefore, it can be stated that main contribution of this study is the proposed fuzzy threat analysis model and the prototype that has been developed. It’s never been applied before in HIS and we’ve tried to come out with significant result. Verifica- tion based on the scenario method shown that the adopted fuzzy threat analysis model can be done by using appropriate fuzzy threat analysis technique. Besides, one of main benefit for the organization is perceptibly during the threat assessment process, involvement of multi-expert in team evaluation made analysis result more accurate and reliable. Moreover, the essence of fuzzy logic in using lin- guistic representation which is closely to human judgment also made the prototype easy to use. The theory in fuzzy set that allow ordinal number compared to conven- tional risk assessment method using statistical method gives more reliable result. However, this study has some limitations which need further consideration in order to make the result of the study more acceptable. Therefore several possible future works in the same research direction of this study is pointed out. The first limitation in this study is fuzzy threat analysis model verification is only been performed on one of THIS information system. PACS was selected as it is one of the major components in THIS. Thus, result given in this study was only based on one THIS system component. Hence, attempts to generalize these results must be done in caution. Therefore, in order to gain more accurate result, it is recommended that in future research all the twenty two (22) systems in THIS should be included and
• 27.
  Fuzzy Based ThreatAnalysis in Total Hospital Information System 13 tested with this model. As a result, complete risk analysis process can be performed and all risk level for twenty two (22) THIS information system can be determined. Secondly, as this model using fix weighted average on “likelihood” and “conse- quence” membership function where it assumed that the “weighting” assigned by each evaluator in the risk evaluation was the same. However, the relative importance placed on certain factors by individual decision makers and experts could be widely different. Therefore, it is recommended that further research is needed to develop different weighting for different evaluator. Thirdly, the proposed prototype is only focus on fuzzy threat analysis engine in THIS environment. Less effort has been put on the screen design, analysis report and user friendly aspect. Therefore, it is recommended that user interface design should be improved and more features is added before the prototype is implemented in real THIS environment. Thus, it can be easily used by THIS evaluation team member. Rapid prototyping with the end user involvement can be executed to improve this prototype [15]. Finally, in future, risk analysis using fuzzy technique can be developed using [4] algorithm and can be implemented in THIS environment. 6 Conclusion In further, this study can be used to produce threat analysis tools particularly in HIS which can be beneficial to healthcare professional, top management and policy mak- ers and risk analysis personnel particularly in healthcare industry. Acknowledgments. We gratefully acknowledge the funding received from Ministry of Science, Technology and Innovation (MOSTI) that helped sponsor this study and also sincere thanks for the cooperation given by Ministry of Health Malaysia, Hospi- tal Selayang and Universiti Teknologi Malaysia (UTM). References 1. Narayana Samy, G., Ahmad, R., Ismail, Z.: Security Threats Categories in Healthcare In- formation Systems. In: 14th International Symposium on Health Information Management Research, Sweden, pp. 109–117 (2009) 2. Maglogiannis, I., Zafiropoulos, E.: Modeling risk in distributed healthcare information sys- tems. In: 28th Annual International Conference of the IEEE on Engineering in Medical and Biology Society, pp. 5447–5450. IEEE Press, New York (2006) 3. Ahmad, R., Narayana Samy, G., Bath, P.A., Ismail, Z., Ibrahim, N.Z.: Threats Identifica- tion in Healthcare Information Systems using Genetic Algorithm and Cox Regression. In: 5th International Conference on Information Assurance and Security, pp. 757–760. IEEE Computer Society, China (2009) 4. Fu, Y., Qin, Y., Wu, X.: A method of information security risk assessment using fuzzy number operations. In: 4th International Conference on Wireless Communications, Net- working and Mobile Computing. IEEE, China (2008) 5. Ngai, E.W.T., Wat, F.K.T.: Fuzzy Decision Support System for Risk Analysis in E- Commerce Development. Decision Support Sys. 40(2), 235–255 (2005)
• 28.
  14 N. MohamadZain et al. 6. Pan, C., Cai, X.: A Model of Enterprise Strategic Risk Assessment: Based on the Theory of Multi-Objective Fuzzy Optimization. In: 4th International Conference on Wireless Communications, Networking and Mobile Computing. IEEE, China (2008) 7. Liao, Y., Ma, C., Zhang, C.: A New Fuzzy Risk Assessment Method for the Network Se- curity Based on Fuzzy Similarity Measure. In: The Sixth World Congress on Intelligent Control and Automation, pp. 8486–8490. IEEE, China (2006) 8. Issues in Informing Science and Information Technology, http://proceedings.informingscience.org/InSITE2007/IISITv4p0 53-061Sodi261.pdf 9. Zimmermann, H.J.: Fuzzy Sets, Decision Making and Expert Systems. Kluwer Academic Publishers, USA (1987) 10. International Organization for Standardization: ISO/IEC 27005: Information Security Risk Management Standard. ISO Publication, London (2008) 11. Council of Standards Australia: AS/NZS 4360:1999 Australian Standard Risk Manage- ment. Standards Association of Australia, NSW (1999) 12. Bones, E., Hasvold, P., Henriksen, E., Strandenaes, T.: Risk analysis of information secu- rity in mobile instant messaging and presence system for healthcare. IJMI 76, 677–687 (2007) 13. Lee, D.H., Park, D.: An efficient algorithm for fuzzy weighted average. Fuzzy Sets and Systems 87(1), 39–45 (1997) 14. Huang, Y.M., Kuo, Y.H., Lin, Y.T., Cheng, S.C.: Toward interactive mobile synchronous learning environment with context-awareness service. Comp. & Edu. 51(3), 1205–1226 (2008) 15. Sommerville, I.: Software Engineering. Pearson Education Limited, England (2007)
• 29.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure in the Standard Model Bo Zhang and Qiuliang Xu School of computer science and technology, Shandong University, 250101, Jinan, Shandong, P.R. China [email protected], [email protected] Abstract. Anonymous signcryption is a novel cryptographic primitive which provides anonymity of the sender along with the advantage of tra- ditional signcryption scheme. In this paper, we propose an anonymous identity-based signcryption scheme for multiple receivers in the standard model. The proposed scheme satisfies the semantic security, unforgeabil- ity and signcrypter identity’s ambiguity. We also give the formal security proof on its semantic security under the hardness of Decisional Bilinear Diffie-Hellman problem and its unforgeability under the Computational Diffie-Hellman assumption. Keywords: Signcryption, identity based cryptography, multi-receiver, anonymous signcryption. 1 Introduction Encryption and signature are basic cryptographic tools to achieve private and authenticity. In 1997, Zheng [1] proposed the notion of signcryption, which can perform digital signature and public key encryption simultaneously at lower com- putational costs and communication overheads than sign-then-encrypt way to obtain private and authenticated communications in the open channel. Identity- based (ID-based) cryptosystems were introduced by Shamir [2] in 1984. Its main idea is that the public keys of a user can be easily derived from arbitrary strings corresponding to his identity information such as name, telephone number or email address. The corresponding private key can only be derived by a trusted Private Key Generator (PKG). By combining ID-based cryptology and signcryp- tion, Malone-Lee [3] gave the first ID-based signcryption scheme. Since then, quite a few ID-based signcryption schemes [4,5,6,7,8] have been proposed. In some network applications, we have to distribute same message to several different persons. A simple approach for achieving this goal is that the sender en- crypts the message for each person respectively. Obviously, the cost of using the approach in large group is very high. Consider a scenario like this, suppose Bob is This work is supported by the National Natural Science Foundation of China under Grant No.60873232. T.H. Kim and H. Adeli (Eds.): AST/UCMA/ISA/ACN 2010, LNCS 6059, pp. 15–27, 2010. c Springer-Verlag Berlin Heidelberg 2010
• 30.
  16 B. Zhangand Q. Xu a cabinet member who wants to leak a very important information to the public. The fastest and most convenient way is to leak the information to several different journalists at the same time (avoiding that some of them have been corrupted). Bob wants to remain anonymous, but needs to convince these journalists that the information actually came from a cabinet member. At the same time, the infor- mation should not be leaked until most the journalists receive it. Thus, we need anonymity and authentication of Bob, confidentiality of the information before it reaches the honest journalists. All of the properties are together achieved by a primitive called ”Anonymous Signcryption for Multiple Receivers”. Anonymous signcryption or ring signcryption is a novel cryptographic primi- tive motivated from ring signature [9]. It is an important method to realize the signcrypter identities’ ambiguity. The receiver in an anonymous signcryption scheme only knows that the message is produced by one member of a designated group, but he cannot know more information about actual signcrypter’s identity. Huang et al. [10] proposed the first ID-based ring signcryption scheme along with a security model. Some more ID-based ring signcryption schemes are reported in [11,12,13]. In 2006, Duan et al. [14] gave the first multi-receiver ID-based signcryption scheme which only needs one pairing computation to signcrypt a message for n receivers and in 2009, Sunder Lal et al. [15] proposed the first anonymous ID-based signcryption scheme for multiple receivers. The security of the scheme was proven secure in the random oracle model [16]. Although the model is efficient and useful, it has been shown that when random oracles are in- stantiated with concrete hash functions, the resulting scheme may not be secure [17]. Therefore, it is an important research problem to construct an ID-based anonymous signcryption scheme secure in the standard model. Our contribution. In this paper, we give the first ID-based anonymous sign- cryption scheme for multiple receivers in the standard model. The proposed scheme satisfies the semantic security, unforgeability and signcrypter identity’s ambiguity. We also give the formal security proof on its semantic security under the hardness of Decisional Bilinear Diffie-Hellman problem and its unforgeability under the Computational Diffie-Hellman assumption. 2 Preliminaries Let G and GT be two cyclic multiplicative groups of prime order p and g be a generator of G. 2.1 Bilinear Pairings The map e : G × G → GT is said to be an admissible bilinear pairing if the following conditions hold true. (1) e is bilinear, i. e. e(ga , gb ) = e(g, g)ab for all a, b ∈ Zp. (2) e is non-degenerate, i. e. e(g, g) = 1GT . (3) e is efficiently computable. We refer the reader to [18] for more details on the construction of such pairings.
• 31.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure 17 2.2 Complexity Assumptions Decisional Bilinear Diffie-Hellman (DBDH)Assumption. The challenger chooses a, b, c, z ∈ Zp at random and then flips a fair binary coin . If β = 1 it output the tuple (g, A = ga , B = gb , C = gc , Z = e(g, g)abc ). Otherwise, if β = 0, the challenger outputs the tuple (g, A = ga , B = gb , C = gc , Z = e(g, g)z ). The adversary must then output a guess β of β. An adversary, λ, has at least an ε advantage in solving the decisional BDH problem if |Pr[λ(g, ga , gb , gc , e(g, g)abc ) = 1] − Pr[λ(g, ga , gb , gc , e(g, g)z ) = 1]| ≥ ε where the probability is over the randomly chosen a, b, c, z and the random bits consumed by λ. Definition 1. The decisional DBDH assumption holds if no adversary has at least ε advantage in solving the above game. Computational Diffie-Hellman (CDH) Assumption. The challenger chooses a, b ∈ Zp at random and outputs (g, A = ga , B = gb ). The adversary then attempts to output gab ∈ G. An adversary, λ, has at least an ε advantage if Pr[λ(g, ga , gb ) = gab ] ≥ ε where the probability is over the randomly chosen a, b and the random bits consumed by λ. Definition 2. The computational CDH assumption holds if no adversary has at least ε advantage in solving the above game. 3 ID-Based Anonymous Signcryption Scheme for Multiple Receivers(IASCfMR Scheme) 3.1 Generic Scheme An IASCfMR scheme consists of the following algorithms. Setup: Given a security parameter k, PKG generates a master key S and common parameters P. P is made public while S is kept secret. Extract: Given an identity IDu, the PKG runs this algorithm to generate the private key du associated with IDu and transmits it to the user via a secure channel. Signcrypt: To send a message m to n receivers with identity L = {ID 1, ..., ID n } anonymously, the actual signcrypter with identity IDs selects a group of n users’ identities L = {ID1, ..., IDn} including himself obtain a ciphertext σ by running Signcrypt (m, ds, L, L ). Unsigncrypt: Upon receiving the ciphertext σ, the receiver with identity ID j in the receiver list L = {ID 1, ..., ID n } runs Unsigncrypt (σ, d j, L, L ) and obtains the message m or the symbol ⊥ indicating that the ciphertext is invalid.
• 32.
  18 B. Zhangand Q. Xu 3.2 Security Notions Now we present security notions for our IASCfMR scheme. Definition 3. (Signcrypter identity’s ambiguity) An IASCfMR scheme is un- conditional anonymous if for any group of n members with identities in the signer list L, the probability of any adversary to identify the actual signcrypter is not more than random guess i. e. the adversary output the identity of actual signcrypter with probability 1/n if he is not a member of L, and with probability 1/(n − 1) if he is the member of L. Definition 4. (Semantic security) An IASCfMR scheme is said to have the indistinguishability against adaptive chosen ciphertext attacks property (IND- IASCfMR-CCA2) if no polynomially bounded adversary has a non-negligible ad- vantage in the following game. Setup: The challenger C runs the Setup algorithm with a security parameter k and obtains common parameters P and a master key S. He sends P to the adversary and keeps S secret. First stage: The adversary performs a polynomially bounded number of queries. These queries may be made adaptively, i. e. each query may depend on the answers to the previous queries. Extraction queries. The adversary requests the private key of an identity IDu and receives the extracted private key du=Extract (IDu). Signcryption queries. The adversary produce a signer list L = {ID1, ..., IDn}, a receiver list L = {ID 1, ..., ID n } and a plaintext m (Note that the ad- versary should not have asked the private key corresponding the identities in the receiver list). C computes di=Extract (IDi)(i ∈ {1, ..., n})randomly and σ = Signcrypt(m, di, L, L ), then he sends σ to the adversary. Unsigncryption queries. The adversary produce a signer list L={ID1, ..., IDn}, a receiver list L = {ID 1, ..., ID n } and a ciphertext σ. C computes d i=Extract (ID i)(i ∈ {1, ..., n })randomly and sends the result of Unsigncrypt(σ, d i, L, L ) to the adversary. This result may be the symbol ⊥ if σ is an invalid ciphertext. Challenge: The adversary chooses two plaintexts, m0 and m1, a signer list L = {ID1, ..., IDn} , and a receiver list L = {ID 1, ..., ID n } on which he wishes to be challenged. He cannot have asked the private key corresponding the iden- tities in the receiver list in the first stage. C chooses randomly a bit γ, computes di=Extract (IDi)(i ∈ {1, ..., n})randomly and σ=Signcrypt (mγ, di, L, L ) and sends σ to the adversary. Second stage: the adversary asks a polynomial number of queries adap- tively again as in the first stage. It is not allowed to extract the private key corresponding the identities in the receiver list and it is not allowed to make an unsigncryption query for under the receiver list. Guess: Finally, the adversary produces a bit γ and wins the game if γ = γ.
• 33.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure 19 Definition 5. (Unforgeability)An IASCfMR scheme is said to be secure against an existential forgery for adaptive chosen message attacks (EUF-IASCfMR- CMA) if no polynomially bounded adversary has a non-negligible advantage in the following game. Setup: The challenger C runs the Setup algorithm with a security parameter k and obtains common parameters P and a master key S. He sends P to the adversary and keeps S secret. Queries: The adversary performs a polynomially bounded number of queries adaptively just like in the previous definition. Forgery: Finally, the adversary produces a new triple (σ, L, L ) (i. e. a triple that was not produced by the signcryption oracle) where all of the private keys of signers in the signer list were not asked. The adversary wins the game if the result of Unsigncrypt (σ, L, L ) is a valid message m and (m, L)have never been asked. 4 The Concrete Scheme In the section, we describe our IASCfMR scheme. Our concrete scheme is motivated from Waters’ ID-based encryption scheme [19] and the signature schemes in [20,21]. Setup: Choose groups G and GT of prime order p such that an admissible pairing e : G × G → GT can be constructed and pick a generator g of G. Now, pick a random secret α ∈ Zp, compute g1 = gα and pick g2 ←R G. Furthermore, pick elements u , m ←R G and vectors VU , VM of length nu and nm, respectively, whose entries are random elements from G. Let H, Hu, Hm be a cryptography hash functions where H : GT → {0, 1}lt , Hu : {0, 1}∗ → {0, 1}nu , Hm : {0, 1}lt × {0, 1}∗ × GT → {0, 1}nm where lt is the length of plaintext. The public parameters are P = (G, GT , e, g, g1, g2, u , VU , m , VM , H, Hu, Hm) and the master secret S is gα 2 . Extract: Let U be a bit string of length nu representing an identity and let U[i] be the i-th bit of U. Define U ⊂ {1, . . . , nu}to be the set of indices i such that U[i] = 1. To construct the private key du of the identity U, pick ru ← Zp and compute: du = (gα 2 (u i∈U ui)ru , gru ) Signcrypt: Let L = {ID1, ID2, ..., IDn} be the list of n identities including the one of the actual signer, L = {ID 1, ID 2, ..., ID n } be the receiver list and m be a bit string representing a message. Let the actual signer be indexed s, where s ∈ {1, 2, ..., n}, with private key ds = (ds1, ds2) = (gα 2 (u j∈U s uj)r , gr ) He selects a group of n user’ identities L = {ID1, ID2, ..., IDn} including him- self, picks r1, r2, ..., rn, rm ∈ Zp randomly, computes Uj = u i∈U j ui(for j = 1, 2, ..., n), U j = u i∈U j ui (for j = 1, 2, ..., n ) and follows the steps below:
• 34.
  20 B. Zhangand Q. Xu (1) Compute ω = e(g1, g2)rm (2) Compute c = m ⊕ H(ω) (3) Compute σ1 = {R1 = gr1 , ..., Rs−1 = grs−1 , Rs = grs ·ds2 = grs+r , Rs+1 = grs+1 , ..., Rn = grn } (4) Compute σ2 = {R j = Urm j |j = 1, 2, ..., n } (5) Compute σ3 = grm (6) Compute M = Hm(m, L, ω), σ4 = ds1 · ( n j=1(Uj)rj )(m j∈M mj)rm (M ⊂ {1, 2, ..., nm} be the set of indices j such that m[j] = 1, where m[j] is the jth bit of M). The resultant ciphertext is σ = (c, σ1, σ2, σ3, σ4, L). Unsigncrypt: The receiver with index j in L decrypts the ciphertext as follows: (1) Compute ω = e(d j1, σ3)/e(d j2, R j) (2) Compute m = c ⊕ H(ω) (3) Compute M = Hm(m, L, ω) The receiver accepts the message if and only if the following equality holds: e(σ4, g) = e(g1, g2)( n j=1 e(Uj, Rj))e(m j∈M mj, σ3) 5 Analysis of the Scheme 5.1 Correctness The correctness of the scheme can be directly verified by the following equations. e(σ4, g) = e(ds1 · ( n j=1 (Uj)rj )(m j∈M mj)rm , g) = e(gα 2 Ur s , g)e( n j=1 (Uj)rj , g)e((m j∈M mj)rm , g) = e(gα 2 , g)e( n j=1 (Uj)rj · Ur s , g)e((m j∈M mj)rm , g) = e(g1, g2)( n j=1,j=s e(Uj, Rj)) · e(Ur+rs s , g)e(m j∈M mj, σ3) = e(g1, g2)( n j=1,j=s e(Uj, Rj)) · e(Us, Rs)e(m j∈M mj, σ3) = e(g1, g2)( n j=1 e(Uj, Rj))e(m j∈M mj, σ3)
• 35.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure 21 5.2 Security Theorem 1. The proposed IASCfMR scheme is unconditional anonymous. Proof. We have to show that given a signcryption ciphertext on the message m produced by a member in the signcrypter list L = {ID1, ID2, ..., IDn} , any- one is not able to identify the actual signcrypter except the real signcrypter himself. To show our scheme satisfies unconditional anonymous, we only prove that anyone in the signcrypter list can produce the same ciphertext on the mes- sage m. We assume there are two signers A and B with identities IDi and IDj(i, j ∈ {1, 2, ..., n}) whose private keys are dA = (dA1, dA2) = (gα 2 (u j∈U A uj)rA , grA ) and dB = (dB1, dB2) = (gα 2 (u j∈U B uj)rB , grB ) We know that, to produce signcryption ciphertext on the message m, A should picks r1, r2, ..., ri, ..., rj, ..., rn, rm ∈ Zp randomly and compute as follows: (1) Compute ω = e(g1, g2)rm (2) Compute c = m ⊕ H(ω) (3) Compute σ1 = {R1 = gr1 , ..., Ri−1 = gri−1 , Ri = gri · dA2, Ri+1 = gri+1 , ..., Rn = grn } (4) Compute σ2 = {R s = Urm s |s = 1, 2, ..., n } (5) Compute σ3 = grm (6) Compute σ4 = dA1 · ( n j=1(Uj)rj )(m j∈M mj)rm In the following, it is shown that there exists random numbers r 1, ..., r n, r m ∈ Zp, by which B can produce the same signcryption ciphertext. The random numbers choose by B are r 1 = r1, ..., r i = ri + rA, ..., r j = rj − rB, ..., r n = rn, r m = rm Then B could produce the signcryption ciphertext as (1) Compute ω = e(g1, g2)r m (2) Compute c = m ⊕ H(ω) (3) Compute σ1 = {R1 = gr 1 , ..., Ri−1 = gr i−1 , Ri = gr i · dB2, Ri+1 = gr i+1 , ..., Rn = gr n } (4) Compute σ2 = {R s = U r m s |s = 1, 2, ..., n } (5) Compute σ3 = gr m (6) Compute σ4 = dB1 · ( n j=1 (Uj)r j )(m j∈M mj)r m = dA1 · ( n j=1 (Uj)rj )(m j∈M mj)rm Obviously, the signcryption ciphertext generated by B is the same as ciphertext generated by A. In other words, given σ = (c, σ1, σ2, σ3, σ4, L) on the message m,
• 36.
  22 B. Zhangand Q. Xu all of the signers in L can produce it. So, our IASCfMR scheme is unconditional anonymous. The probability of any adversary to identify the actual signcrypter in not more than random guess’s i. e. the adversary output the identity of actual signcrypter with probability 1/n if he is not a member of L, and with probability 1/(n − 1) if he is the member of L. Theorem 2. Assume there is an IND-IASCfMR-CCA2 adversary that is able to distinguish two valid ciphertexts during the game defined in Definition 4 with an advantage E and asking at most qE extraction queries, qS signcryption queries and qU unsigncryption queries, then there exists a distinguisher D that can solve an instance of the Decisional Bilinear Diffie-Hellman problem with an E 2n+2((qE+qS +qU )(nu+1))n qS (nm+1) advantage. Proof. Assume that the distinguisher D receives a random DBDH problem instance (g, A = ga , B = gb , C = gc , Z ∈ GT ) , his goal is to decide whether Z = e(g, g)abc or not. D will run the adversary as a subroutine and act as the adversary’s challenger in the IND-IASCfMR-CCA2 game. Our proof is based on Waters’ idea such as in [19,20,21]. Setup: Let lu = 2(qE + qS + qU ) and lm = 2qS, D choose randomly (1) Two integers ku and km(0 ≤ ku ≤ nu, 0 ≤ km ≤ nm). (2) An integer x ∈ Zlu , an nu-dimensional vector X = (xi)(xi ∈ Znu ). (3) An integer z ∈ Zlm , an nm-dimensional vector Z = (zj)(zj ∈ Znm ). (4) Two integers y , ω ∈ Zp, an nu-length vector Y = yi(yi ∈ Zp) and an nm-length vector W = ωj(ωj ∈ Zp). For ease of analysis, we define the functions for an identity u and a message m respectively: F(U) = −luku + x + i∈U xi and J(U) = y + i∈U yi K(m) = −lmkm + z + j∈M zj and L(m) = ω + j∈M ωj Then the challenger assigns a set of public parameters as follows. g1 = ga , g2 = gb , u = g−luku+x 2 gy , ui = gxi 2 gyi (1 ≤ i ≤ nu) m = g−lmkm+z 2 gω , mj = g zj 2 gωj (1 ≤ j ≤ nm) Note that these public parameters have the same distribution as in the game between the distinguisher D and the adversary. For any identity u and any message m, we have U = u i∈U ui = g F (u) 2 gJ(u) , m j∈M mj = g K(m) 2 gL(m)
• 37.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure 23 First stage: D answers the queries as follows: Extract queries. When the adversary asks for the private key corresponding to an identity U. The distinguisher D first checks if F(U) = 0 and aborts in this situation. Otherwise, it chooses a random ru ∈ Zp and gives the adversary the pair du = (du1, du2) = (g −J(u) F (u) 1 (u i∈U ui)ru , g −1 F (u) 1 gru ) Let r u = ru − α F (u) , as in Waters’ proof [18] and Paterson’s proof [19] and we will show in the following, du is a valid private key for identity U. The distinguisher D can generate such a du if and only if F(U) = 0modlu. The simulation is perfect since du1 = g −J(u) F (u) 1 (g F (u) 2 gJ(u) )ru = gα 2 (g F (u) 2 gJ(u) ) −α F (u) (g F (u) 2 gJ(u) )ru = gα 2 (g F (u) 2 gJ(u) )ru− α F (u) = gα 2 (g F (u) 2 gJ(u) )r u and du2 = g −1 F (u) 1 gru = gru− α F (u) = gr u Signcryption queries. At any time, the adversary can perform a signcryption query for a signer list L = {ID1, ID2, ..., IDn}, a receiver list L = {ID 1, ID 2, ..., ID n } and a plaintext m. If for all j ∈ [1, n], F(Uj) = 0modlu, D will simply abort. Otherwise, D first choose an identity Ui, where F(Ui) = 0modlu, gener- ates a private key di for Ui just calling the extract query algorithm described above, and then runs Signcrypt (m, di, L, L ) to answer the adversary’s query. Otherwise, D will simply abort. Unsigncryption queries. At any time, the adversary can perform an unsign- cryption query on a ciphertext σ for a signer list L = {ID1, ID2, ..., IDn} and a receiver list L = {ID 1, ID 2, ..., ID n }. If for all j ∈ [1, n ], F(Uj) = 0modlu, D will simply abort. Otherwise, D first choose an identity U i, where F(U i) = modlu, generates a private key d i for U i just calling the extract query algo- rithm described above, and then runs Unsigncrypt (σ, d i, L, L ) to answer the adversary’s query. Challenge: After a polynomially bounded number of queries, the adversary chooses a signer list L∗ ={ID∗ 1, ID∗ 2, ..., ID∗ n}, a receiver list L∗ ={ID∗ 1 , ID∗ 2 , ..., ID∗ n }, on which he wishes to be challenged. Note that the adversary has not asked a key extraction query on any identity in L∗ during the first stage. Then the adversary submits two messages m0, m1 ∈ GT to D. D checks whether the following conditions are fulfilled: (1) F(u∗ j ) = 0modlu for all j ∈ [1, n ] where u∗ j = Hu(ID∗ j ) (2) K(m∗ ) = 0modlm where m∗ = Hm(mγ, L∗ , Z) If not all above conditions are fulfilled, D will abort. Otherwise, D flips a fair binary coin γ and constructs a signcryption ciphertext of Mγ as follows. mγ[i] denotes the ith bit of m∗ and let M ⊂ {1, 2, ..., nm} be the set of indices j such that mγ[i] = 1. D choose an identity u∗ s, where F(u∗ s) = 0modlu and r1, r2, ..., rn ∈R Zp. D sets the ciphertext as
• 38.
  24 B. Zhangand Q. Xu (mγ ⊕ H(Z), {gr1 , gr2 , ..., grs−1 , grs · g −1 F (u∗ s ) 1 gr∗ s , grs+1 , ..., grn }, {CJ(u∗ i ) |i = 1, 2, ..., n }, C, g −J(u∗ s) F (u∗ s ) 1 · n i=1 (g F (u∗ i ) 2 gJ(u∗ i ) )ri · CL(mγ) ) let Z = e(g, g)abc , c = rm, C = gc , the simulation is perfect since Z = e(g, g)abc = e(g1, g2)rm , CJ(u∗ i ) = (U∗ i )rm , g −J(u∗ s) F (u∗ s ) 1 · n i=1 (g F (u∗ i ) 2 gJ(u∗ i ) )ri · CL(mγ ) = d∗ s1 · ( n j=1 (Uj)rj )(m j∈M mj)rm Second stage: The adversary then performs a second series of queries which are treated in the same way as the first stage. Guess: At the end of the simulation, the adversary outputs a guess γ of γ. If γ = γ, D answers 1 indicating that Z = e(g, g)abc ; Otherwise, D answers 0 to the DBDH problem. Probability of success: Now we have to assess D’s probability of success. For the simulation to complete without aborting, we require the following con- ditions fulfilled: (1) Extraction queries on an identity ID have F(u) = 0modlu, where u = Hu(ID). (2) Signcryption queries on a message m, a signer list L and a receiver list L have F(ui) = 0modlu, for some i ∈ [1, n] where IDi ∈ L. (3) Unsigncryption queries on a ciphertext σ, a signer list L and a receiver list L have F(u i) = 0modlu for some i ∈ [1, n ] where ID i ∈ L . (4) F(u∗ j ) = 0modp for all j ∈ [1, n ], where u∗ j = Hu(ID∗ j ) and K(m∗ ) = 0modp where m∗ = Hm(mγ, L∗ ). Let u1, u2, ..., uqI be the output of the hash function Hu appearing in queries not involving the challenge identity list L∗ . Clearly, we will have qI ≤ qE + qS + qU . Define the events Ai : F(ui) = 0modlu where i = 1, 2, ..., qI A : F(u∗ j ) = 0modp for all j ∈ [1, n ], where u∗ j = Hu(ID∗ j ) B∗ : K(m∗ ) = 0modp where m∗ = Hm(mγ, L∗ ) Then the probability of D not aborting is Pr[abort] ⩾ Pr[∧qI i=1Ai ∧ A ∧ B∗ ] Since the function F and K are selected independently, therefore, the event (∧qI i=1Ai ∧ A ) and B∗ are independent. Assume lu(nu + 1) p which implies 0 ≤ lunu p. It is easy to see that F(u) = 0modp =⇒ F(u) = 0modlu. Furthermore, this assumption implies that if F(u) = 0modlu, there will be a
• 39.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure 25 unique ku with 0 ≤ ku ≤ nu such that F(u) = 0modp. For the randomness of ku, x and X, we have Pr[A ] = n j=1 Pr[F(u∗ j ) = 0modp] = n j=1 Pr[F(u∗ j ) = 0modlu]Pr[F(u∗ j ) = 0modp|F(u∗ j ) = 0modlu] = ( 1 lu 1 nu + 1 )n On the other hand, for any i, the event Ai and A are independent, so we have Pr[∧qI i=1Ai ∧ A ] = Pr[A ]Pr[∧qI i=1Ai|A ] = Pr[A ](1 − Pr[∨qI i=1Ai|A ]) ≥ Pr[A ](1 − qI i=1 Pr[Ai|A ]) = ( 1 lu 1 nu + 1 )n (1 − qI lu ) ≥ ( 1 2(qE + qS + qU )(nu + 1) )n (1 − qE + qS + qU 2(qE + qS + qU ) ) = 1 2n+1((qE + qS + qU )(nu + 1))n Similarly, we have Pr[B∗ ] = 1 lm 1 nm+1 By combining the above result, we have Pr([abort]) ≥ Pr[∧qI i=1Ai ∧ A ∧ B∗ ] ≥ 1 2n+2((qE + qS + qU )(nu + 1))n qS(nm + 1) If the simulation does not abort, the adversary will win the game in definition 4 with probability at least E . Thus B can solve for the DBDH problem instance with probability E 2n+2((qE+qS +qU )(nu+1))n qS (nm+1) Theorem 3. Under the CDH assumption, the proposed IASCfMR scheme is existentially unforgeable against adaptive chosen message attack. Proof. Assume that a EUF-IASCfMR-CMA forger for our scheme exists, we will construct a challenger C , who runs the forger as a subroutine to solve an instance of CDH problem. C is given a group G, a generator g and elements ga and gb . His goal is to compute gab . C first sets the public parameters using the Setup algorithm described in the previous proof. Note that in Setup phase, C assigns g1 = ga and g2 = gb . After C defines functions F(u), J(u), K(m), L(m) and public parameters u , m , ui, mj, we have
• 40.
  26 B. Zhangand Q. Xu u i∈U ui = g F (u) 2 gJ(u) , m j∈M mj = g K(m) 2 gL(m) . Then, the forger can perform a polynomially bounded number of queries in- cluding private key extraction queries, signcryption queries, and unsigncryption queries. The challenger C answers the forger in the same way as that of The- orem 2. Finally, if C does not abort, the forger will return a new ciphertext σ∗ = (c∗ , σ∗ 1, σ∗ 2 , σ∗ 3, σ∗ 4 , L∗ ) on message m∗ , where m∗ has never been queried. Now, C can unsigncrypt σ∗ and obtain m∗ . C checks whether the following conditions are fulfilled: (1) F(u∗ j ) = 0modlu for all j ∈ [1, n], where u∗ j = Hu(ID∗ j ) (2) K(m∗ ) = 0modlm where m∗ = Hm(mγ, L∗ ) If not all the above conditions are fulfilled, C will abort. Otherwise C computes and outputs σ∗ 4 R J(u∗ 1 ) 1 ...R J(u∗ n) n R L(m∗) m = gα 2 n i=1(Ui)ri · (m j∈M∗ mj)rm n i=1 gJ(u∗ i )ri · gL(m∗)rm = gα 2 n i=1(g F (u∗ i ) 2 gJ(u∗ i ) )ri · (m j∈M∗ mj)rm n i=1 gJ(u∗ i )ri · gL(m∗)rm = gα 2 = gab as the solution to the given CDH problem. 6 Conclusions We have proposed an IASCfMR scheme that satisfy the semantic security, un- forgeability and signcrypter identity’s ambiguity. To our best knowledge, this is the first IASCfMR scheme that can be proven secure in the standard model. As we can see from the concrete scheme, the cost is linear with the size of group. It remains an open problem to construct a much more efficient scheme that is secure in the standard model with constant size signcryption ciphertext while removing all limitations on the size of group. References 1. Zheng, Y.: Digital signcryption or how to achieve cost (signature encryption) cost (signature)+cost (encryption). In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997) 2. Shamir, A.: Identity-based cryptosystem and signature scheme. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 120–126. Springer, Heidel- berg (1985) 3. Malone-Lee, J.: Identity based signcryption, Cryptology ePrint Archive. Report 2002/098
• 41.
  An ID-Based AnonymousSigncryption Scheme for Multiple Receivers Secure 27 4. Libert, B., Quisquator, J.: A new identity based signcryption scheme from pairings. In: Proc. IW 2003, pp. 155–158 (2003) 5. Boyen, X.: Multipurpose identity based signcryption: a Swiss army knife for identity based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 383– 399. Springer, Heidelberg (2003) 6. Chen, L., Malone-Lee, J.: Improved identity-based signcryption. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 362–379. Springer, Heidelberg (2005) 7. Barreto, P., Libert, B., McCullagh, N., et al.: Efficient and provably-secure iden- tity based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASI- ACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005) 8. Yu, Y., Yang, B., Sun, Y., et al.: Identity based signcryption scheme without ran- dom oracles. Computer Standards and Interfaces 31(1), 56–62 (2009) 9. Rivest, R., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001) 10. Huang, X., Su, W., Mu, Y.: Identity-based ring signcryption scheme: cryptographic primitives for preserving privacy and authenticity in the ubiquitous world. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 649–654. Springer, Heidelberg (2003) 11. Li, F., Xiong, H., Yu, Y.: An efficient id-based ring signcryption scheme. In: Inter- national conference on Communications, Circuits and Systems, ICCCAS 2008, pp. 483–487 (2008) 12. Zhu, Z., Zhang, Y., Wang, F.: An efficient and provable secure identity based ring signcryption scheme. Computer Standards and Interfaces, 649–654 (2008) 13. Zhang, J., Gao, S., Chen, H., et al.: A novel ID-based anonymous signcryption scheme. In: Li, Q., Feng, L., Pei, J., Wang, S.X., Zhou, X., Zhu, Q.-M. (eds.) APWeb/WAIM 2009. LNCS, vol. 5446, pp. 604–610. Springer, Heidelberg (2009) 14. Duan, S., Cao, Z.: Efficient and Provably Secure Multi-receiver Identity-based Sign- cryption. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 195–206. Springer, Heidelberg (2006) 15. Lal, S., Kushwah, P.: Anonymous ID Based Signcryption Scheme for Multiple Receivers. Cryptology ePrint Archive: Report 2009/345 (2009), http://eprint.iacr.org/2009/345 16. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proc. CCS 1993, pp. 62–73 (1993) 17. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited (preliminary version). In: Proc. STOC 1998, pp. 209–218 (1998) 18. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairings. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001) 19. Waters, R.: Efficient identity based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005) 20. Paterson, K., Schuldt, J.: Efficient identity based signatures secure in the standard model. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 207–222. Springer, Heidelberg (2006) 21. Au, M., Liu, J., Yuen, T., et al.: ID-Based ring signature scheme secure in the standard model. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S.-i. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 1–16. Springer, Heidel- berg (2006)
• 42.
  T.H. Kim andH. Adeli (Eds.): AST/UCMA/ISA/ACN 2010, LNCS 6059, pp. 28–37, 2010. © Springer-Verlag Berlin Heidelberg 2010 A Supervised Locality Preserving Projections Based Local Matching Algorithm for Face Recognition* Yingqi Lu1 , Cheng Lu1 , Miao Qi2 , and Shuyan Wang2,** 1 School of Computer Science and Technology, Jilin University, China 2 School of Computer Science and Information Technology, Northeast Normal University, China [email protected] Abstract. In this paper, a novel local matching algorithm based on supervised locality preserving projections (LM-SLPP) is proposed for human face recogni- tion. Unlike the holistic face recognition methods which operates directly on the whole face images and obtains a global face features, the proposed LM-SLPP operates on sub-patterns partitioned from the original whole face image and separately extracts corresponding local sub-features from them. In our method, the input face images are firstly divided into several sub-images. Then, the su- pervised locality preserving projections is applied on each sub-image set for feature extraction. At last, the nearest neighbor classifier combined with major voting is utilized to classify the new face images. The efficiency of the pro- posed algorithm is demonstrated by experiments on Yale and YaleB face data- bases. Experimental results show that LM-SLPP outperforms other holistic and sub-pattern based methods. Keywords: Pattern recognition; Face recognition; Manifold learning; Super- vised locality preserving projections. 1 Introduction Recently, due to the wide application in military, commercial, surveillance and hu- man-computer interface, face recognition has received lots of attention. In [1], face recognition is defined to identify the individuals from the images of their faces by using a stored database of faces labeled with people’s identities. This task is complex and difficult as there are numerous factors affect the appearance of the individual’s face feature, such as pose, illumination and facial expression [2]. Within the last two decades, researchers have developed many methods for face recognition [2]. Among these methods, appearance-based approaches which operate directly on the input face images or appearance of face objects are well studied. These methods have a common characteristic in finding a low-dimensional feature subspace from the original high-dimensional face space, and can be generally divided into two * This work was supported by Students Innovative Pilot Scheme Project, Jilin University, China. ** Corresponding author.
• 43.
  A Supervised LocalityPreserving Projections Based Local Matching Algorithm 29 categories: holistic based methods and local matching based methods [3]. Currently, the most representative holistic based methods for face recognition are principal com- ponent analysis (PCA) [4], Fisher linear discriminant analysis (LDA) [5], independent component analysis (ICA) [6], non-negative matrix factorization (NMF) [7] and local- ity preserving projection (LPP) [8]. The character of them is that they operates di- rectly on the whole face images and obtains a global face features under different rules. More recently, the local matching based face recognition methods which extract facial features from different levels of locality, show more promising results in face recognition tasks [3]. To the best of our knowledge, the first local matching based face recognition method is proposed by Pentland et al. [9]. In this method, the original eigenface [4] method is extended to a layered representation by combining with other eigenmodules, such as eigeneyes, eigennoses, and eigenmouths. Then, this modular eigenface approach was studied and extended by several other researchers. In [10], Rajkiran and Vijayan proposed a modular PCA (mPCA) method for face recognition. mPCA first divides the input face images into smaller sub-images, and then extracts the sub-pattern features by applying PCA to all sub-image blocks. Chen and Zhu proposed a similar approach called sub-pattern PCA (SpPCA) [11]. In their method, the whole images were also firstly partitioned into a set of equally-sized sub-patterns in a non-overlapping way as mPCA. Secondly, PCA was performed on each of sub- pattern sets which share the same original feature components. In [12], the SpPCA method is extended to adaptively weighted sub-pattern PCA (Aw-SpPCA). In Aw-SpPCA, the weight of each sub-image block was determined by the similarities between the sub-pattern’s probe set and gallery set. Besides PCA, some other feature extraction methods were also used for local matching based face recognition, such as Sub-Gabor [17], SpNMF [18] and LRR [19]. In [20], an adaptive weighted sub- pattern LPP (Aw-SpLPP) algorithm is proposed for face recognition. This method uses LPP to extract the local facial features and the weight of each sub-image block is determined by the neighborhood information of each sub-pattern. In this paper, a novel local matching algorithm based on supervised locality pre- serving projections (LM-SLPP) is proposed for human face recognition. Like the aforementioned local matching methods, the first step of LM-SLPP is to partition an original whole face images into a set of equally-sized non-overlapping sub-patterns, and then all those sub-patterns sharing the same original feature components are re- spectively collected from the training set to compose a corresponding sub-pattern’s training set. In the second step, SLPP is applied to each sub-pattern’s training set to extract its features. Finally, each sub-pattern’s features are concatenated together to classify a new face image. Since the SLPP can simultaneously preserve the manifold structures of the sub-pattern sets and improve the discriminability of the embedded results. The proposed LM-SLPP outperforms other holistic and local matching based methods, such as PCA, LPP and SpPCA. Here, it should be pointed out that the main difference between our method and Aw-SpLPP [20] is that our LM-SLPP integrates the discriminative information into the feature extraction step, and does not need to compute the weights of the sub-patterns.
• 44.
  30 Y. Luet al. The rest of this paper is organized as follows. In Section 2, we briefly review the LPP and supervised LPP (SLPP) algorithms. The proposed LM-SLPP method is pre- sented in Section 3. Experimental and comparison results are shown in Section 4 and conclusions are given in Section 5. 2 Review of LPP and SLPP The locality preserving projections (LPP) is a recently proposed dimensionality re- duction method [8]. Unlike the traditional linear methods such as PCA and LDA which aim to preserve the global structures of input data. The objective of LPP is to preserve the local structure and discover the underlying manifold geometry of the original high-dimensional data. Formally, let X = [x1, x2, …, xn] denote n data points in a high M dimensional space. The goal of LPP is to project the high dimensional data into a low-dimensional manifold subspace that can maximally preserve the original data’s locality. Let us denote the corresponding set of n points in m (m M) dimensional subspace as Y = [y1, y2, …, yn]. The objective function of LPP is as follows: ∑ − j i ij j i S y y , 2 ) ( min (1) where Sij is the similarity of xi and xj. In [8], two ways of defining Sij using heat kernel function were given as: ⎪ ⎩ ⎪ ⎨ ⎧ − ⎟ ⎠ ⎞ ⎜ ⎝ ⎛ − − = otherwise x x if t x x S j i j i ij , 0 , exp 2 2 ε (2) or ⎪ ⎪ ⎩ ⎪ ⎪ ⎨ ⎧ ⎟ ⎠ ⎞ ⎜ ⎝ ⎛ − − = otherwise x of neighbors nearest k among is x or x of neighbors nearest k among is x if t x x S i j j i j i ij , 0 , exp 2 (3) where t is a parameter which determines the rate of decay of the similarity function, and ε in Equation (2) is a small positive real number. From the objective function, it can be seen clearly that the choice of symmetric weights Sij (Sij = Sji) incurs a heavy penalty if neighboring points xi and xj are projected far apart. Thus, minimizing Equa- tion (1) can ensure that if xi and xj are close in high-dimensional space, then their projected results yi and yj are close as well. We suppose W is a transformation matrix, that is, Y=WT X. After some simple algebraic steps, the objective function of LPP can be reduced to:
• 45.
  A Supervised LocalityPreserving Projections Based Local Matching Algorithm 31 ( ) ( ) ( ) ) ( 2 2 2 2 ) ( ) ( , , , 2 , 2 W XLX W tr W X S D X W tr W XSX W W XDX W tr W x S x W W x S x W S x W x W S y y T T T T T T T T j i j ij i T j i i ij i T j i ij j T i T j i ij j i = − = − = ⎟ ⎟ ⎠ ⎞ ⎜ ⎜ ⎝ ⎛ − = − = − ∑ ∑ ∑ ∑ (4) where ) (⋅ tr denotes the trace operator, D is a diagonal matrix whose entries are col- umn sums of S, i.e. Dii = Σj Sij, and L = D – S is the Laplacian matrix. The entry of matrix D indicates how important each data point is. Therefore, a constraint is im- posed as follows: I W XDX W T T = (5) Finally, the objective function of LPP can be obtained as: W XLX W T T W min arg s.t. I W XDX W T T = (6) By applying the Lagrange multiplier method, the transformation matrix W that mini- mizes the objective function can be given by the minimum eigenvalue solution to the generalized eigenvalue problem as: W XDX W XLX T T λ = (7) Although the LPP method can effectively preserve the manifold structure of the input data, its discriminability is little because the label information is neglected during dimensionality reduction. Therefore, a supervised LPP (SLPP) is proposed to over- come this limitation [13]. In SLPP, the similarity matrix S in Equation (3) is com- puted with the constraint that each point’s k nearest neighbors must be chosen from the samples with the same class label as its. In other words, Sij in SLPP is obtained as: ⎪ ⎪ ⎪ ⎪ ⎩ ⎪ ⎪ ⎪ ⎪ ⎨ ⎧ ⎟ ⎠ ⎞ ⎜ ⎝ ⎛ − − = otherwise xi as label class same the has and x of neighbors nearest k among is x if or x as label class same the has and x of neighbors nearest k among is x if t x x S i j j j i j i ij , 0 , exp 2 (8)
• 46.
  32 Y. Luet al. Through introducing the class label into the process of similarity matrix construction, the embedding results of SLPP are more easily to be classified [13]. 3 Proposed LM-SLPP The proposed LM-SLPP method consists of three main steps: (1) partition face im- ages into sub-patterns, (2) apply SLPP to sub-patterns sharing the same original fea- ture components for feature extraction, (3) classify an unknown face image. 3.1 Image Partition In the proposed method, we need partition each input face image into several sub- images firstly. In local matching based face recognition methods, we can either divide a face image into a set of equally or unequally sized sub-images. However, how to choose appropriate sub-image size which gives optimal performance is still an open problem. In our work, without loss of generality, equally sized partition is adopted as many other approaches [10-12]. Fig. 1. The construction of sub-image pattern sets (face images come from Yale face database) Formally, supposing there are N face images belonging to P persons in the training set, these persons possess N1, N2, …, NP images, respectively, and the size of each image is H1×H2. We first partition each face image into K equally sized sub-images in a non-overlapping way, and then further concatenate them into corresponding column vectors with dimensionality of H1×H2/K. After all training images are partitioned, the sub-pattern vectors at the same position of all face images are collected to form a specific sub-pattern’s training set. Therefore, we can get K separate sub-pattern sets totally. This image partition process is illustrated in Fig. 1. … … … … … Sub-pattern set 2 Sub-pattern set 3 … Sub-pattern set 1 Sub-pattern set K
• 47.
  A Supervised LocalityPreserving Projections Based Local Matching Algorithm 33 3.2 SLPP for Feature Extraction After the image partition procedure, we have already obtained K sub-pattern training sets through image partition. For each sub-pattern set, denotes by SPi (i = 1, 2, …, K), its locality preserving features can be extracted using SLPP. Let Xi = [xi1, xi2, …, xiN] denote N column vectors in SPi. In this step, the k nearest neighbors of each xin (n=1, 2, … , N) with the same class label are firstly selected using Euclidean metric. Then, the supervised similarity matrix is computed by Equation (8). At last, the transforma- tion matrix Wi of the ith sub-pattern set SPi can be obtained by solution to the general- ized eigenvalue problem as: i T i i i i T i i i W X D X W X L X λ = (9) where Di and Li are the diagonal matrix and Laplacian matrix, respectively. Let r λ λ λ , , , 2 1 K (r H1×H2/K ) be the first r smallest eigenvalues of XiLiXi T and XiDiXi T , and w1, w2, …, wr be the corresponding eigenvectors. We can get: ] , , , [ 2 1 r i w w w W K = (10) 3.3 Classification In order to classify a new face, the unknown face image U is firstly divided into K sub-patterns in the same way previously applied to the training images. Then, each unknown sub-pattern’s features are extracted using the corresponding transformation matrix Wi (i = 1, 2, …, K). The identity of each sub-pattern is determined by a nearest neighbor classifier using Euclidean distance. Because there are K sub-patterns obtained by the unknown face image and the classification results of them are inde- pendent with each other, we will get total K recognition results for the unknown face image. Therefore, for the sake of obtaining the final recognition result of the image U, a major voting method is used. Let the probability of the unknown image U belonging to the cth class be: ∑ = = K i c i c q K p 1 1 (11) where ⎩ ⎨ ⎧ − = otherwise class cth to belongs pattern sub ith the if qc i , 0 , 1 (12) Then, the final identity result of the unknown face image U is ) ( max arg ) ( c c p U Identity = (13)
• 48.
  34 Y. Luet al. 4 Experiments In this section, the performance of the proposed LM-SLPP is evaluated on two stan- dard face databases (Yale and Extended YaleB). Both the holistic (PCA, LPP) and local matching (SpPCA) based methods are used here for comparison. Furthermore, in order to test the effect of label information to improve the recognition performance, we also compare LM-SLPP with the local matching based on unsupervised LPP (LM- LPP), in which the similarity matrix S is constructed by Equation (3). For all face data in each database, the original images were first normalized (in scale and orientation) such that the two eyes were aligned at the same position, then the facial areas were cropped into the final images for recognition. 4.1 Experimental Results on Yale Database The Yale face database [14] is constructed by the Yale Center for Computation Vision and Control. There are 165 images of 15 individuals in this database (each person has 11 images). The variations of images are demonstrated in lighting condition (center- light, left-light and right-light), facial expression (normal, happy, sad, sleepy, surprised and wink), and glasses (with glasses and without glasses). Figure 2 shows sample images of one person from Yale database. All face images are resized to 100×100 for computation efficiency in our experiments. Fig. 2. Sample images of one individual in Yale database In this experiment, we randomly choose six images of each individual to form the training set and the rest five images of each individual is considered as testing set. This random selection is repeated 10 times. For LPP, LM-LPP and LM-SLPP, the parameters are set as t=800 and k=5. The sub-image size in all local matching meth- ods is chosen as 20×20. The average recognition rates versus subspace dimensions of all methods are shown in Fig. 3 and the best recognition rate obtained by each method is shown in Table 1. We can find that the performances of SpPCA, LM-LPP and LM- SLPP are all better than the holistic methods such as PCA and LPP. This is due to that some local facial features may not vary with pose, illumination and expression. Thus, extracting these local features from sub-patterns of the face images can improve the robustness of local matching methods. Moreover, we can also observe that the LM- LPP and LM-SLPP outperform SpPCA. This is because PCA is a linear feature ex- traction method, and cannot preserve the manifold structure of face images. At last, it can be seen that LM-SLPP performs better than LM-LPP. The reason is that the LM- SLPP takes label information during feature extraction and can produce more dis- criminative embedded results.
• 49.
  A Supervised LocalityPreserving Projections Based Local Matching Algorithm 35 Fig. 3. Performance comparisons of different algorithms on Yale database Table 1. The top recognition rate and corresponding subspace dimensions for different ap- proaches on Yale database Methods PCA LPP SpPCA LM-LPP LM-SLPP Top rates 78% 79.07% 82.53% 88.33% 90.0% Dimensions 70 40 30 50 45 4.2 Experimental Results on Extended YaleB Database The extended YaleB face database [15] [16] is an extension of Yale face database. For this database, we simply use the cropped images and resize them to 64×64 pixels. In our experiment, a dataset which contains 38 individuals and around 64 near frontal images under different expressions and illumination conditions per individual are chosen from the database. Figure 4 shows some sample cropped images of one person from extended YaleB database. Fig. 4. Sample images of one individual in YaleB database In this experiment, the parameters we set for all methods are the same as Section 4.1. Thirty images of each person are randomly selected as the training set and the left images are testing set. The sub-image size is set as 16×16. The best recognition rate
• 50.
  36 Y. Luet al. Table 2. The top recognition rate and corresponding subspace dimensions for different ap- proaches on Extended YaleB database Methods PCA LPP SpPCA LM-LPP LM-SLPP Top rates 56.4% 78.51% 91.99% 94.56% 95.8% Dimensions 70 70 40 50 65 achieved by PCA, LPP, SpPCA, LM-LPP and LM-SLPP can be seen in Table 2. From this table, we can find that the local matching methods outperform the holistic methods and the proposed LM-SLPP obtains the best performance. These two obser- vations are consistent with the experimental results in Yale database. 5 Conclusions A supervised locality preserving projections based local matching algorithm (LM- SLPP) is proposed in this study. Our method possess the following two characters: First, LM-SLPP extracts local facial features from the sub-patterns partitioned from whole face images. Thus, it is not very sensitive to facial pose, illumination and ex- pression. Second, LM-SLPP uses the supervised LPP for feature extraction, which can not only preserve the manifold structures of the sub-pattern sets, but also takes the label information into consideration. We test our method on two standard face data- bases, and compare it with other holistic and local matching methods. Experimental results show that the proposed method can produce better recognition rate. References 1. Cevikalp, H., Neamtu, M., Wikes, M., Barkana, A.: Discriminative Common Vectors for Face Recognition. IEEE Transaction on Pattern Analysis and Machine Intelligence 27(1), 4–13 (2005) 2. Zhao, W., Chellappa, R., Phillips, P.J., Rosenfeld, A.: Face recognition: a literature survey. ACM Comput. Surv. 35(4), 399–458 (2003) 3. Zou, J., Ji, Q., Nagy, G.: A Comparative Study of Local Matching Approach for Face Rec- ognition. IEEE Transactions on Image Processing 16(10), 2617–2628 (2007) 4. Turk, M., Pentland, A.: Eigenfaces for recognition. J. Cognitive Neurosci. 3(1), 71–86 (1991) 5. Belhumeur, P.N., Hepanha, J.P., Kriegman, D.J.: Eigenfaces vs. Fisherfaces: Recognition using class specific linear projection. IEEE Transaction on Pattern Analysis and Machine Intelligence 19(7), 711–720 (1997) 6. Barlett, M.S., Movellan, J.R., Sejnowski, T.J.: Face recognition by independent component analysis. IEEE Transaction on Neural Network 13(6), 1450–1464 (2002) 7. Lee, D.D., Seung, H.S.: Algorithms for non-negative matrix factorization. Adv. Neural Inf. Process, 556–562 (2000) 8. He, X., Yan, S., Hu, T., Niyogi, P., Zhang, H.: Face recognition using Laplacianfaces. IEEE Transaction on Pattern Analysis and Machine Intelligence 27(3), 328–340 (2005)
• 51.
  A Supervised LocalityPreserving Projections Based Local Matching Algorithm 37 9. Pentland, A., Moghaddam, B., Starner, T.: View-Based and Modular Eigenspaces for Face Recognition. In: CVPR 1994, pp. 84–91 (1994) 10. Gottumukkal, R., Asari, V.K.: An improved face recognition technique based on modular PCA approach. Pattern Recognition Letters 25, 429–436 (2004) 11. Chen, S., Zhu, Y.: Subpattern-based principle component analysis. Pattern Recognition 37, 1081–1083 (2004) 12. Tan, K., Chen, S.: Adaptively weighted sub-pattern PCA for face recognition. Neurocom- puting 64, 505–511 (2005) 13. Zheng, Z., Zhao, Z., Yang, Z.: Gabor Feature Based Face Recognition Using Supervised Locality Preserving Projection. In: Blanc-Talon, J., Philips, W., Popescu, D., Scheunders, P. (eds.) ACIVS 2006. LNCS, vol. 4179, pp. 644–653. Springer, Heidelberg (2006) 14. Yale University Face Database, http://cvc.yale.edu/projects/yalefaces/yalefaces.html 15. Georghiades, A.S., Belhumeur, P.N., Kriegman, D.J.: From Few to Many: Illumination Cone Models for Face Recognition under Variable Lighting and Pose. IEEE Trans. Pattern Anal. Mach. Intelligence 23(6), 643–660 (2001) 16. Lee, K.C., Ho, J., Kriegman, D.: Acquiring Linear Subspaces for Face Recognition under Variable Lighting. IEEE Trans. Pattern Anal. Mach. Intelligence 27(5), 684–698 (2005) 17. Nanni, L., Maio, D.: Weighted Sub-Gabor for face recognition. Pattern Recognition Let- ters 28, 487–492 (2007) 18. Zhu, Y.-L.: Sub-pattern non-negative matrix factorization based on random subspace for face recognition. In: International Conference on Wavelet Analysis and Pattern Recogni- tion, pp. 1356–1360 (2007) 19. Xue, H., Zhu, Y., Chen, S.: Local ridge regression for face recognition. Neurocomput- ing 72, 1342–1346 (2009) 20. Wang, J., Zhang, B., Wang, S., Qi, M., Kong, J.: An adaptively weighted sub-pattern local- ity preserving projection for face recognition. J. Network Comput. Appl. (2010), doi:10.1016/j.jnca.2009.12.013
• 52.
  T.H. Kim andH. Adeli (Eds.): AST/UCMA/ISA/ACN 2010, LNCS 6059, pp. 38–54, 2010. © Springer-Verlag Berlin Heidelberg 2010 Information Systems Security Criticality and Assurance Evaluation Moussa Ouedraogo1,2 , Haralambos Mouratidis2 , Eric Dubois1 , and Djamel Khadraoui1 1 Public Research Center Henri Tudor - 1855 Kirchberg/Luxembourg {moussa.ouedraogo,eric.dubois,djamel.khadraoui}@tudor.lu 2 School of Computing, IT and Engineering, University of East London, England [email protected] Abstract. A prerequisite to implement effective and efficient Information Sys- tems security measures is to have a clear understanding of both, the business that the system will support and the importance of the system in the operating environment. Similarly, the evaluation of one’s confidence in the deployed sa- feguarding measures, to adequately protect system assets, requires a better un- derstanding of the security criticality of the system within its context of use (i.e. where is the system used and what for?). This paper proposes metrics as well as a methodology for the evaluation of operational systems security assurance. A critical feature of our approach is that assurance level is dependent on the mea- surement of security correctness and system security criticality. To that extend, we also propose a novel classification scheme for Information Systems based on their security criticality. Our work is illustrated with an application based on the case study of a Domain Name Server (DNS). Keywords: Security assurance, criticality, security verification, Multi-agent systems. 1 Introduction Evolution is an inherent characteristic of Information Systems (IS). IS are made to evolve depending on the context, either because of new business or users require- ments or owing to changes in the IS operating environment (new threats for instance). However, as it is well known, different contexts may introduce different security requirements and risks. The list of recent, high profile security breaches is daunting; headlines have ex- posed major leaks among the largest organizations, resulting in loss of customer trust, potential fines and lawsuits [1]. Vulnerable systems pose a serious risk to successful business operations, so managing that risk is therefore a necessary board-level and executive-level concern. Executives must ensure appropriate steps are being taken to audit and address IT flaws that may leave critical systems open to attack [1]. A com- mon but sometimes overlooked source of IT risks for large distributed and open IS is improper deployment of security measures after a Risk Assessment has been com- pleted. In fact, risk countermeasures may be properly elucidated at Risk Assessment
• 53.
  Information Systems SecurityCriticality and Assurance Evaluation 39 but their actual deployment may be less impressive or unidentified hazards in the system environment may render them less effective. How good, for instance, is a fortified door if the owner, inadvertently, leaves it unlocked? Or considering a more technical example, how relevant is a firewall for a critical system linked to the Inter- net if it is configured to allow any incoming connections? Fig. 1. Security assurance evaluation model Therefore, monitoring and reporting on the security status or posture of IT systems can be carried out to determine compliance with security requirements [2] and to get assurance as to their ability to adequately protect system assets. This remains one of the fundamental tasks of security assurance, which is here defined as the ground for confidence on deployed security measures to adequately protect system assets. Unfor- tunately most of what has been written about security assurance is definitional. Pub- lished literatures either aim at providing guidelines for identifying metrics ([3], [4], [5]), without providing indications on how to combine them into quantitative or qua- litative indicators that are important for a meaningful understanding of the security posture of an IT component; or target end products ([6]). Our approach: We argue that evaluation of system security assurance only make sense when placed within a risk management context. To reflect this, our method literally takes place after the risk assessment has been completed and the countermeasures dep- loyed. Figure.1 shows the security assurance evaluation model and how it relates to the risk assessment stage, whose concepts are depicted in bold. The security requirements identified for the risks mitigation could come either on the form of security functions deployed on the system or on the form of guidelines for security relevant properties i.e. those parameters that are not directly linked to security but when altered could induce a security issue. According to the NIST special publication 800-33 [7], the assurance that the security objectives (integrity, availability, confidentiality, and accountability) will be adequately met by a specific implementation depends partly on whether required
• 54.
  40 M. Ouedraogoet al. security functionality is present and correctly implemented. Heeding that call, our ap- proach to evaluating the security assurance of a security measure is founded on: • Key verifications that aim to: (i) ensure that any security measures identified as necessary during the risk assessment stage have been implemented and is running (availability check), (ii) ensure the correctness of the configuration of the security measures at any time using a reference configuration file (conformity check). • The security criticality, defined as the magnitude of the impact of an eventual security breach for an organization/ individual in a specific context, of the con- text in which the system is operating is accounted for when determining the secu- rity assurance level of a system. The result of these three parameters are integrated in our security assurance function (refer to section 4.4) to yield a value of security assurance. Users may elect to use a system with a set of predefined security measures for its protection. However, once the system is deployed, previously unknown errors or vulnerabilities may surface for a given security entity or, environmental assumptions may need to be revised. Fur- thermore, the effectiveness of most security measures is limited in time. Today’s state of the art protection may be by-passed with relative ease tomorrow as attackers’ tech- niques are getting more and more sophisticated. As a result of operation, feedback could be given that would require the operator to correct the system security model or redefine its security requirements or environmental assumptions in view of streng- thening the security of the system. To handle that eventuality, the vulnerability check, which is associated to each evaluated security entity, uses a known vulnerability data- base such as the National Vulnerability Database (NVD, http://nvd.nist.gov) to verify whether any vulnerability has been identified for an evaluated protection measure or security relevant parameter. Recommendations on how to overcome such matter are then taken into account by the operator and will help constitute the new reference against which any a posteriori conformity evaluation of the protection measure will be undertaken. This ensures that the system security policy is permanently updated and henceforth presents enough quality to face up to potential threats to the system. One of the main drawbacks of traditional risk management is that it is often a one-shot activity, or at best it is performed at regular but distant intervals of time (every six months, or so). To that extent, the continuous vulnerability check adds a hint of “dy- namic risk management” to our approach. Outline: The rest of the paper is organized as followed: Section 2 presents related work. Section 3 provides a classification scheme for measuring a system’s security criticality. Section 4 describes the steps of the security assurance methodology. Sec- tion 5 discusses the choice of architecture for the approach while section 6 illustrates its applicability with the aid of an application based on Domain Name Server (DNS). Section 7 concludes the paper and presents directions for future work. 2 Related Work Considerable efforts have been made across computer science disciplines to address the ever-growing issue of security. Information System engineering, for instance, has
• 55.
  Random documents withunrelated content Scribd suggests to you:
• 56.
  He went overall Rome to see the great buildings, and to Santa Maria Rotonda, and the columns of Antonius and of Trajan; and every man did him great honour. And when he had seen all these things he turned back to the palace, and talking to Pope Sixtus said that he (the Pope) could never be the lord of the place, nor ever truly reign over it, because of the porticoes and balconies which were in the streets; and that if it were ever necessary to put men at arms in possession of Rome the women in the balconies, with small bombs, could make them fly; and that nothing could be more easy than to make barricades in the narrow streets; and he advised him to clear away the balconies and the porticoes and to widen the streets, under pretence of improving and embellishing the city. The Pope took this advice, and as soon as it was possible cast down all those porticoes, and balconies, and widened the ways under pretence of improving them. And the said King remained there three days, and then went away. This story and the spirit in which the suggestion was made recall Napoleon's grim whiff of grapeshot, and the policy which has made the present Paris a city of straight lines which a battery of artillery could clear in a moment, instead of all the elbows and corners of the old picturesque streets. Pope Sixtus appreciated the suggestion, knowing how undisciplined a city he had to deal with, and what a good thing it might be to fill up those hornets' nests, with all their capabilities of offence. Probably a great many picturesque dwellings perished in the destruction of those centres of rebellion, which recall to us so vividly the scenes in which Rienzi the tribune fluttered through his little day, and which were continually filled with the rustle and tumult of an abounding populace. We cannot be so grateful to King Ferdinand, or so full of praise for this portion of the work of Pope Sixtus, as were his contemporaries, though no doubt it gave to us almost all the leading thoroughfares we know. It was reserved for his kinsman-Pope to strike Rome the severest stroke that was possible, and commit the worst of iconoclasms; but we do not doubt that the destruction of the porches, and stairheads, and balconies must have greatly diminished the old-world attraction of a city—in which, however, it was the mediæval with all its irregularities that was the intruder, while what was new in the hand of Sixtus and
• 57.
  his architects linkeditself in sympathy with the most ancient, the originator yet survivor of all. It was with the same purpose and intentions that the Pope built in place of the Ponte Rotto—which had lain long in ruins—a bridge over the Tiber, which he called by his own name, and which still remains, affording a second means of reaching the Borgo and the Sanctuaries, as a relief to the bridge of St. Angelo, upon which serious accidents were apt to happen by reason of the crowd. Both the chroniclers, Infessura and Panvinio, the continuator of Platina, describe the bridge as being a rebuilding of the actual Ponte Rotto itself. It was his intention to mend this bridge, says the former authority, and he takes the opportunity to point out the presumptuous and proud attempt of Sixtus to preserve his own name and memory by it, a fault already committed by several of his predecessors; he accordingly descended to the river and placed in the foundations by the said bridge a square stone on which was written: Sixtus Quartus Pontifex Maximus fecit fieri sub Anno Domini 1473. Behind this stone the Pope placed certain gold medals bearing his head, and afterwards built that bridge, which after this was no longer called Ponte Rotto, but Ponte Sisto, as is written on it. It is a wonderful point of view, commanding as it does both sides of the river, St. Peter's on one hand and the Palatine on the other, with all the mass of buildings which are Rome. The Scritte on the Ponte Sisto begs the prayers of the passer-by for its founder, who certainly had need of them both for his achievements in life and in architecture. There is still, however, a Ponte Rotto further up the stream. Besides the work of widening the streets, which necessitated much pulling down and rebuilding of houses, and frequent encounters with the inhabitants, who naturally objected to proceedings so summary —and removing the excrescences, balconies, and porticoes, which occupied, obscured, and made them ugly (brutte) and disorderly: Pope Sixtus rebuilt the great Hospital of the Santo Spirito, which had fallen into disrepair, providing shelter in the meantime for the
• 58.
  patients who hadto be removed from it, and arranging for the future in the most grandfatherly way. This great infirmary is also a foundling hospital, and there was a large number of children to provide for. Seeing that many children both male and female along with their nurses were thrown out on the world, he assigned them a place where they could live, and ordained that the marriageable girls should be portioned and honestly married, and that the others who would not marry should become the nurses of the sick. He also arranged that there should be (in the new hospital) more honourable rooms and better furnished for sick gentle-folks, so that they might be kept separate from the common people: an arrangement which is one of the things (like so many ancient expedients) on which we now pride ourselves as an invention of our own age, though the poor gentle-folks of Pope Sisto were not apparently made to pay for their privileges. This hospital in some of its details is considered the most meritorious of the Pope's architectural work. Sixtus IV. was a man of the most violent temper, which led him into some curious scenes which have become historical. When one of the unfortunate proprietors of a house which stood in the way of his improvements resisted the workmen, Sixtus had him cast into prison on the moment, and savagely stood by to see the house pulled down before he would leave the spot. He delighted, the chroniclers say, in the ruins he made. A more tragic instance of his rage was the judicial murder of the Protonotary Colonna, who paid with his life for crossing the will of the Pope. But this masterful will and impetuous temper secured an incredible swiftness in the execution of his work. The prudent suggestion of Ferdinand resulted in the clearance of those straight streets which led from the Flaminian Gate—now called the Porta del Popolo, which Sixtus built or restored, as well as the church of Sta. Maria del Popolo, which stands close by—to all the principal places in the city; the Corso being the way to the Capitol, the Ripetta to St. Angelo and the Borgo. He repaired once more the church and ancient palace of the Lateran, which had so long been the home of the Popes, and was still formally their diocesan church
• 59.
  to which theywent in state after their election. It is unnecessary, however, to give here a list of the many churches which he repaired or rebuilt. His work was Rome itself, and pervaded every part, from St. Peter's and the Vatican to the furthest corners of the city. The latter were, above all, the chief objects of his care, and he seems to have taken up with even a warmer ardour, if perhaps with a less cultivated intelligence, the plan of Nicolas V. in respect to the Palace at least. Like him he gathered a crowd of painters, chiefly strangers, around him, so that there is scarcely a great name of the time that does not appear in his lists; but he managed these great craftsmen personally like a slave-driver, pushing them on to a breathless speed of execution, so that the works produced for him are more memorable for their extent than for their perfection. The fame of a sanitary reformer before his time seems an unlikely one for Pope Sixtus, yet he seems to have had no inconsiderable right to it. Nettare and purgare are two words in constant use in the record of his life. He restored to efficient order the Cloaca Maxima. He brought in, a more beautiful office, the Acqua Vergine, a name of itself enough to glorify any master-builder, remaking, says the chronicler, the aqueducts, which were in ruins, from Monte Pincio to the fountain of Trevi. Here is perhaps a better reason for blessing Pope Sixtus than even his bridge, for those splendid and abundant waters which convey coolness and freshness and pleasant sound into the very heart of Rome were brought hither by his hand, a gift which may be received without criticism, for not upon his name lies the guilt of the prodigious construction, a creation of the eighteenth century, through which they now flow. The traveller from the ends of the earth who takes his draught of this wonderful unfailing fountain, rejoicing in the sparkle and the flow of water so crystal-clear and cold even in the height of summer, and hoping to secure as he does so his return to Rome, may well pour a libation to Papa Sisto, who, half pagan as they all were in those days, would probably have liked that form of recollection quite as much as the prayers he invokes according to the formal requirements of piety and the custom of the Church. However, they found it quite easy to combine the two during
• 60.
  that strange age.The chief thing of all, however, which perpetuates the name of Sixtus is the famous Sistine chapel, although its chief attraction is not derived from anything ordained by him. Some of the greatest names in art were concerned in its earlier decorations— Perugino, Botticelli, Ghirlandajo, along with many others. Michael Angelo was not yet, neither had Raphael appeared from the Umbrian bottega with his charm of grace and youth. But the Pope collected the greatest he could find, and set them to work upon his newly- built walls with a magnificence and liberality which deserved a more lasting issue. The reader will shiver, yet almost laugh with consternation and wonder, to hear that several great pictures of Perugino were destroyed on these walls by the orders of another Pope in order to make room for Michael Angelo. There could not be a more characteristic token of the course of events in the Papal succession, and of the wanton waste and destruction by one of the most cherished work of another. Sixtus was none the less a warlike prince, struggling in perpetual conflict with the princes of the other states, perhaps with even a fiercer strain of ambition, fighting for wealth and position with which to endow the young men who were as his sons—as worldly in his aims as any Malatesta or Sforza, as little scrupulous about his means of carrying them out, shedding blood or at least permitting it to be shed in his name, extorting money, selling offices, trampling upon the rights of other men. Yet amid all these distractions he pursued his nobler work, not without a wish for the good of his people as well as for his own ends, making his city more habitable, providing a lordly habitation for the sick, pouring floods of life-giving water into the hot and thirsty place. The glory of building may have many elements of vanity in it as well as the formation of galleries of art, and the employment of all the greatest art-workmen of their time. But ours is the advantage in these latter respects, so that we may well judge charitably a man who, in devising great works for his own honour and pleasure, has at the same time endowed us, and especially his country and people, with a lasting inheritance. Perhaps, even in competition with these, it is most to his credit that
• 61.
  he fulfilled officeswhich did not so much recommend themselves to his generation, and cleansed and cleared out and let in air and light like any modern sanitary reformer. The Acqua Vergine and the Santo Spirito Hospital are as fine things as even a Botticelli for a great prince's fame. He may even be forgiven the destruction of the balconies and all the picturesque irregularities which form the charm of ancient streets, in consideration of the sewerage and the cleaning out. The pictures, the libraries, and all the more beautiful things of life, in which we of the distant lands and centuries have our share of benefit, are good deeds which are not likely to be forgotten. It is however naturally the beautiful things of which it is most pleasant to think. The chroniclers, whom we love to follow, curiously enough, have nothing to say about the pictures, perhaps because it was not an art favoured by the Romans, or which they themselves pursued, except in its lower branches. Infessura mentions a certain Antonazzo Pintore, who was the author of a Madonna, painted on the wall near the church of Sta. Maria, below the Capitol at the foot of the hill, which on the 26th of June, in the year 1470, began to do miracles, and was afterwards enshrined in a church dedicated to our Lady of Consolations. Antonazzo was a humble Roman artist, whose name is to be found among the workmen in the service of Pope Paul II., who was not much given to pictures. Perhaps he is mentioned because he was a Roman, more likely because he had the good luck to produce a miraculous Madonna. The same writer makes passing mention of I Fiorentini, under which generic name all the bottegas were included. He renewed the Palace of the Vatican, drawing it forth under great colonnades, says, picturesquely, the chronicler Panvinio, working probably from Platina's notes, and making under his chapel a library: which was the finest thing of all, for he there reinstated Platina, who had been kept under so profound a shadow in the time of Paul II., and called back the learned men whom his predecessor had discouraged, sending far and near through all Europe for books, and thus enlarging the library begun by Pope Nicolas which is one of
• 62.
  the most celebratedwhich the world possesses, and to which he secured a revenue, enough to enable those who had the care of it to live, and even to buy more books. This provision still exists, though it is no longer sufficient for the purpose for which it was dedicated. The Cardinals emulated the Pope both in palace and church, each doing his best to leave behind him some building worthy of his name. Ornament abounded everywhere; sometimes rather of a showy than of a refined kind. There is a story in Vasari of how one of the painters employed on the Sistine, competing for a prize which the Pope had offered, piled on his colours beyond all laws of taste or harmony, and was laughed at by his fellows; but proved the correctness of his judgment by winning the prize, having gauged the knowledge and taste of Sixtus better than the others whose attempt had been to do their best—a height entirely beyond his grasp. All these buildings, however, were fatal to the remnants still existing of ancient Rome. The Colosseum and the other great relics of antiquity were still the quarries out of which the new erections were built. The Sistine Bridge was founded upon huge blocks of travertine brought directly from the ruins of the Colosseum. The buildings of the Imperial architects thus melted away as we are told now everything in the world does, our own bodies among the rest, into new combinations, under a law which if just and universal in nature is not willingly adopted in art. The wonder is how they should have supplied so many successive generations, and still remain even to the extent they still do. Every building in Rome owes something to the Colosseum—its stones were sold freely in earlier ages, and carried off to the ends of the earth; but it has remained like the widow's cruse, inexhaustible: which is almost more wonderful than the fact of its constant use. There is a picture in the Vatican gallery, which though not one of the highest merit is very interesting from a historical point of view. We quote the description of it from Bishop Creighton.
• 63.
  It represents SixtusIV. founding the Vatican library. The Pope with a face characterised by mingled strength and coarseness, his hands grasping the arms of his chair, sits looking at Platina, who kneels before him, a man whose face is that of a scholar, with square jaw, thin lips, finely cut mouth, and keen glancing eye. Cardinal Giuliano stands like an official who is about to give a message to the Pope, by whose side is Pietro Riario with aquiline nose and sensual chin, red- cheeked and supercilious. Behind Platina is Count Girolamo with a shock of black hair falling over large black eyes, his look contemptuous and his mien imperious. These were the three men for whom the Pontiff fought and struggled and soiled his hands with blood, and sold his favour to the highest bidder. Giuliano della Rovere and Pietro Riario were Cardinals: Count Girolamo or Jeronimo was worse—he was of the rudest type of the predatory baron, working out a fortune for himself with the sword, the last man in the world to be the henchman of a Pope. They were but one step from the peasant race, without distinction or merit which had given them birth, and all three built upon that rude stock the dissolute character and grasping greed for money, acquired by every injustice, and expended on every folly, which was so common in their time. They were all young, intoxicated with their wonderful success and with every kind of extravagance to be provided for. They made Rome glitter and glow with pageants, always so congenial to the taste of the people, seizing every opportunity of display and magnificence. Infessura tells the story of one of these wonderful shows, with a mixture of admiration and horror. The Cardinal of San Sisto, he tells us, who was Pietro Riario, covered the whole of the Piazza of the Santi Apostoli, and hung it with cloth of arras, and above the portico of the church erected a fine loggia with panels painted by the Florentines for the festa of San ... (the good Infessura forgets the name with a certain contempt one cannot but feel for the foreign painters and their works), and in front made two fountains which threw water very high, as high as the roof of the church. This wonderful arrangement was intended for the delectation of the royal guest Madonna Leonora, daughter of King Ferrante for whom he and his cousin Girolamo made a great feast.
• 64.
  After the abovebanquet was seen one of the finest things that were ever seen in Rome or out of Rome: for between the banquet and the festa, several thousands of ducats were spent. There was erected a buffet with so much silver upon it as you would never have believed the Church of God had so much, in addition to that which was used at table: and even the things to eat were gilt, and the sugar used to make them was without measure, more than could be believed. And the said Madonna Leonora was in the aforesaid house with many demoiselles and baronesses. And every one of these ladies had a washing basin of gold given her by the Cardinal. Oh guarda! in such things as these to spend the treasure of the Church! Next year the Cardinal Riario died at twenty-eight, poisoned, Infessura says: and this was the end of all our fine festas. Another day it was the layman among the nephews who stirred all Rome, and the world beyond, with an immeasurable holiday. On St. Mark's Day, 1746, the Count Jeronimo, son, or nephew of Pope Sixtus, held a solemn tournament in Navona, where were many valiant knights of Italy and much people, Catalans and Burgundians and other nations; and it was believed that at this festivity there were more than a hundred thousand people, and it lasted over Friday, Saturday, and Sunday. And there were three prizes, one of which was won by Juliano Matatino, and another by Lucio Poncello, and the third by a man of arms of the Kingdom (Naples, so called until very recent days), and they were of great value. The Piazza Navona, the scene of this tournament, was made by Pope Sixtus the market-place of Rome, where markets were held once a month, an institution which still continues. The noble Pantheon occupies the end of this great square, as when Count Jeronimo with his black brows, marshalled his knights within the long enclosure, so fit for such a sight. We have now come to a period of history in which all the localities are familiar, and where we can identify every house and church and tower. Sixtus, says the chronicler, left nothing undone which he saw to be for the ornament or comfort of the city. He defended intrepidly the cause of the Romans and the dignity of the Holy See. The first of these statements is more true perhaps than the last; and we may
• 65.
  forgive him hisshortcomings and his nephews on that great score. He ended his reign in August 1484, having held the Pontificate thirteen years. FOUNTAIN OF TREVI. CHAPTER III. JULIUS II.—LEO X. It is happily possible to pass over the succeeding pontificates of Innocent VIII. and Alexander VI. These Popes did little for Rome
• 66.
  except, especially thelast of them, to associate the name of the central city of Christendom with every depravity. The charitable opinion of later historians who take that pleasure in upsetting all previous notions, which is one of the features of our time, has begun to whisper that even the Borgias were not so black as they were painted. But it will take a great deal of persuasion and of eloquence to convince the world that there is anything to be said for that name. Pope Innocent VIII. continued the embellishment of the Vatican, which was his own palace, and completed the Belvedere, and set Andrea Mantegna to paint its chambers; but this was not more than any Roman nobleman might have done for his palace if he had had money enough for decorations, which were by no means so costly in those days as they would be now, and probably indeed were much cheaper than the more magnificent kinds of arras or other decorative stuffs fit for a Pope's palace. Alexander, too, added a splendid apartment for himself, still known by his name; and provided for possible danger (which did not occur however in his day) by making and decorating another apartment in the castle of St. Angelo, whither he might have retired and still managed to enjoy himself, had Rome risen against him. But Rome, which often before had hunted its best Popes into the strait confinement of that stronghold, left the Borgia at peace. We are glad to pass on to the next Pope, whose footsteps, almost more than those of any other of her monarchs, are still to be seen and recognised through Rome. He gave more to the city than any one who had preceded him, and he destroyed more than any Pope before had permitted himself to do. Julius II., della Rovere, the nephew of Pope Sixtus, for whom and for his brother and cousin that Pope occupied so much of his busy life, was a violent man of war, whose whole life was occupied in fighting, and who neither had nor pretended to have any reputation for sanctity or devotion. But passionate and unsparing as he was, and fiercely bent on his own way, the aim of his perpetual conflicts was at all events a higher one than that of his uncle, in so far that it was to enrich the Church and not his own family that he toiled and fought. He was the centre of warlike combinations all his life—
• 67.
  League of Cambrai,holy League, every kind of concerted fighting to crush those who opposed him and to divide their goods; but the portion of the goods which fell to the share of Pope Julius was for the Church and not for the endowment of a sister's son. He was not insensible altogether to the claims of sister's sons; but he preferred on the whole the patrimony of St. Peter, and fought for that with unfailing energy all round. There are many books in which the history of those wars and of the Renaissance Popes in general may be read in full, but the Julius II. in whom we are here interested is not one who ever led an army or signed an offensive league: it is the employer of Bramante and Michael Angelo and Raphael, the choleric patron who threatened to throw the painter of the Sistine chapel from his scaffolding, the dreadful iconoclast who pulled down St. Peter's and destroyed the tombs of the Popes, the magnificent prince who bound the greatest artists then existing in Italy, which was to say in the world, to his chariot wheels, and drove them about at his will. Most of these things were good things, and give a favourable conception of him; though not that which was the most important of all. How it was that he came to pull down St. Peter's nobody can say. He had of course the contempt which a man, carried on the highest tide of a new movement, has by nature for all previous waves of impulse. He thought of the ancient building so often restored, the object of so much loving care, with all the anxious expedients employed by past Popes to glorify and embellish the beloved interior, giving it the warmest and most varied historical interest—with much the same feeling as the respectable churchwarden in the eighteenth century looked upon the piece of old Gothic which had fallen into his hands. A church of the fourteenth century built for eternity has always looked to the churchwarden as if it would tumble about his ears— and his Herculean efforts to pull down an arch that without him would have stood till the end of time have always been interpreted as meaning that the ancient erection was about to fall. Julius II. in the same way announced St. Peter's to be in a bad way and greatly in need of repair, so as scarcely to be safe for the faithful; and
• 68.
  Bramante was thereall ready with the most beautiful plans, and the Pope was not a patient man who would wait, but one who insisted upon results at once. This church had been for many hundreds of years the most famous of Christian shrines; from the ends of the world pilgrims had sought its altars. The tomb of the Apostles was its central point, and many another saint and martyr inhabited its sacred places. It had seen the consecration of Emperors, it had held false Popes and true, and had witnessed the highest climax of triumph for some, and for some the last solemnity of death.[10] But Bramante saw in that venerable temple only the foundations for a new cathedral after the fashion of the great Duomo which was the pride of Florence; and his master beheld in imagination the columns rising, and the vast arches growing, of such an edifice as would be the brag of Christendom, and carry the glory of his own name to the furthest ends of the earth: a temple all-glorious in pagan pride, more classical than the classics, adorned with great statues and blank magnificence of pilasters and tombs rising up to the roof—one tomb at least, that of the della Roveres, of Sixtus IV. and Julius II., which should live as long as history, and which, if that proud and petulant fellow Buonarotti would but complete his work, would be one of the glories of the Eternal City.
• 69.
  OLD ST. PETER'S. Toface page 584. The ancient St. Peter's would not seem to have had anything of the poetic splendour and mystery of a Gothic building as understood in northern countries: the rounded arches of its façade did not spring upwards with the lofty lightness and soaring grace of the great cathedrals of France and Germany. But the irregular front was full of interest and life, picturesque if not splendid. It had character and meaning in every line, it was a series of erections, carrying the method of one century into another, with that art which makes one great building into an animated and varied history of the times and ages through which it has passed, taking something from each, and giving shelter and the sense of continuance to all. There is no such charm as this in the most perfect of architectural triumphs executed by a single impulse. But this was the last quality in the world likely to deter a magnificent Pope of the fifteenth century, to whom unity of conception and correctness of form were of much more concern than any such imaginative interest. However Julius II. must not have
• 70.
  greater guilt laidupon him than was his due. His operations concerned only the eastern part of the great church: the façade, and the external effect of the building remained unchanged for more than a hundred years; while the plan as now believed, was that of Pope Nicolas V., only carried out by instalments by his successors, of whom Julius was one of the boldest. It is, however, in the fame of his three servants, sublime slaves, whose names are more potent still than those of any Pontiff, that this Pope has become chiefly illustrious. His triumphs of fighting are lost from memory in the pages of the historians, where we read and forget, the struggle he maintained in Italy, and the transformations through which that much troubled country passed under his sway— to change again the morrow after, as it had changed the day before the beginning of his career. To be sure it was he who finally identified and secured the Patrimony of St. Peter—so that the States of the Church were not henceforward lost and won by a natural succession of events once at least in the life of every Pope. But we forget that fact, and all that secured it, the tumultuous chaos of European affairs being as yet too dark to be penetrated by any certainty of consolidation. The course of events was in large what the history of the fortunes of St. John Lateran, for example, was in small. From the days of Pope Martin V. until those of Sixtus IV. a change of the clergy there was made in almost each pontificate. Eugenius IV. restored the canons regular, or monks: who were driven forth by Calixtus III., again restored by Paul II., and so forth, until at length Sixtus, bringing back the secular priests for the third time, satisfied the monks by the gift of his new church of Sta. Maria della Pace. The revolution of affairs in Italy was almost as regular, and it is only with an effort of the mind that the reader can follow the endless shifting of the scenes, the combinations that disperse and reassemble, the whirl of events for ever coming round again to the point from which they started. But when we put aside the Popes and the Princes and the stamping and tumult of mail-clad warriors—and the crowd opening on every side gives us to see a patient, yet high- tempered artisan mounting day by day his lofty platform, swung up
• 71.
  close to theroof, where sometimes lying on his back, sometimes crouched upon his knees, he made roof and architrave eloquent with a vision which centuries cannot fade, nor any revolution, either of external affairs or of modes of thought, lessen in interest, a very different feeling fills the mind, and the thoughts, which were sick and weary with the purposeless and dizzy whirl of fact, come back relieved to the consoling permanence of art. The Pope who mounted imperious, a master of the world, on to those dizzy planks, admired, and blasphemed and threatened in a breath; but with no power to move the sturdy painter, who, it was well known, was a man impossible to replace. When will you have done? said the Pope. When I can, replied the other. The Pontiff might rage and threaten, but the Florentine painted on steadily; and Pope Julius, on the tremulous scaffolding up against the roof of his uncle's chapel, is better known to the world by that scene than by all his victories. Uncle and nephew, both men of might, warlike souls and strong, that room in the Vatican has more share in their fame than anything else which they achieved in the world. Another and a gentler spirit comes in at the same time to glorify this fortunate Pope. His predecessors for some time back had each done something for the splendour of the dwelling which was their chief residence, even the least interested adding at least a loggia, a corridor, a villa in the garden, as has been seen, to make the Vatican glorious. Alexander VI. had been the last to embellish and extend the more than regal lodging of the Pontiffs; but Julius II. had a hatred of his predecessor which all honest men have a right to share, and would not live in the rooms upon which the Borgias had left the horror of their name. He went back to the cleaner if simpler apartments which Nicolas V. had built and decorated by the hands of the elder painters. Upon one of these he set young Raphael to work, a young man with whom there was likely to be no such trouble as that he had with the gnarled and crabbed Florentine, who was as wilful as himself. Almost as soon as the young painter had begun his gracious work the delighted Pope perceived what a treasury of glory he had got in this new servant. What matter that the new painter's
• 72.
  master, Perugino, hadbeen there before him with other men of the highest claims? The only thing to do was to break up these old- fashioned masters, to clear them away from the walls, to leave it all to Raphael. We shiver and wonder at such a proof of enthusiasm. Was the young man willing to get space for his smooth ethereal pictures with all their heavenly grace, at such a price? But if he made any remonstrance—which probably he did, for we see him afterwards in much trouble over St. Peter's, and the destruction carried on there—his imperious master took little notice. Julius was one of the men who had to be obeyed, and he was always as ready to pull down as to build up. The destruction of St. Peter's on one hand, and all those pictures on the other, prove the reckless and masterful nature of the man, standing at nothing in a matter on which he had set his heart. In later days the pictures of Perugino on the wall of the Sistine chapel were demolished, as has been said, to make place for the Last Judgment of Michael Angelo; but Pope Julius by that time had passed into another sphere. Most people will remember the famous portrait of this Pope by Raphael, one of the best known pictures in the world. He sits in his chair, an old man, his head slightly bowed, musing, in a pause of the endless occupations and energy which made his life so full. The portrait is quite simple, but full of dignity and a brooding power. We feel that it would not be well to rouse the old lion, though at the moment his repose is perfect. Raphael was at his ease in the peacefulness of his own soul to observe and to record the powerful master whose fame he was to have so great a share in making. It would have been curious to have had also the Julius whom Michael Angelo knew. He died in the midst of all this great work, while yet the dust of the downfall of St. Peter's was in the air. Had it been possible that he could have lived to see the new and splendid temple risen in its place, we could better understand the wonderful hardihood of the act; but it would be almost inconceivable how even the most impious of men could have executed such an impulse, leaving
• 73.
  nothing but apartial ruin behind him of the great Shrine of Christendom, did we not know that a whole line of able rulers had carried on the plan to gradual completion. It was not till a hundred and fifty years later that the new St. Peter's in its present form, vast and splendid, but apparently framed to look, to the first glance, as little so as possible, stood complete, to the admiration of the world. In the violence of destruction a great number of the tombs of the Popes perished, by means of that cynical carelessness and profanity which is more cruel than any hostile impulse. Julius preserved the grave of his uncle Sixtus, where he was himself afterwards laid, not in his own splendid tomb which had been in the making for many years, and which is now to be seen in the church of San Pietro in Vincoli from which he took his Cardinal's title. He had therefore little good of that work of art as he well deserved, and it was itself sadly diminished, cut down, and completed by various secondary hands; but it is kept within the ken of the spectator by Michael Angelo's Moses and some other portions of his original work, though it neither enshrines the body nor marks the resting place of its imperious master. Julius died in 1513, more illustrious in military glory than a Pope ought to be. Panvinio says: He was of great soul and constancy, and a powerful defender of all ecclesiastical things: he would not suffer any offence, and was implacable with rebels and contumacious persons. He was such a one as could not but be praised for having with so much strength and fidelity preserved and increased the possessions of the Church, although there are a few to whom it appears that he was more given to arms than was becoming a holy Pope. On the 21st of February 1513, died Pope Julius, at nine hours of the night, says another chronicler, Sebastiano Branca; he held the papacy nine years, three months, and twenty-five days. He was from Savona: he acquired many lands for the Church: no Pope had ever done what Pope Julius did. The first was Faenza, the others Forli, Cervia, Ravenna, Rimini, Parma, Piacenza, and Arezzo. He gained them all for the Church, nor ever thought of giving them to his own family. Pesaro he gave to the Duke of Urbino, his nephew, but no other. Thirty-three cardinals died
• 74.
  in his time.And he caused the death in war of more than a hundred thousand people. There could not be a more grim summary. It is curious to remark that the men who originated the splendour of modern Rome, who built its noblest churches and palaces, and emblazoned its walls with the noblest works of art, and filled its libraries with the highest luxury of books, were men of the humblest race, of peasant origin, born to poverty and toil. Thomas of Sarzana, Pope Nicolas V., Francesco and Giuliano of Savona, Popes Sixtus IV. and Julius II.: these men were born without even the distinction of a surname, in the huts where poor men lie, or more humbly still in some room hung high against the rocky foundations of a village, perched upon a cliff, after the fashion of Italy. It was they who set the fashion of a magnificence beyond the dreams of the greatest princes of their time. It was not so, however, with the successor of Julius II., the Pope in whose name all the grandeur and magnificence of Rome is concentrated, and of whom we think most immediately when the golden age of ecclesiastical luxury and the splendour of art is named. Leo X. was as true a son of luxury as they were of the soil. The race of Medici has always been fortunate in its records. The greatest painters of the world have been at its feet, encouraged and cherished and tyrannised over. Literature such as was in the highest esteem in those days flattered and caressed and fawned upon them. Lorenzo, somewhat foolishly styled in history the Magnificent,—in forgetfulness of the fact that il Magnifico was the common title of a Florentine official,—is by many supposed to be the most conspicuous and splendid character in the history of Florence. And Leo X. bears the same renown in the records of Papal Rome. We will not say that he was a modern Nero fiddling while Rome was burning, for he showed himself in many ways an unusually astute politician, and as little disposed to let slip any temporal advantage as his fighting predecessors—but the spectacle is still a curious one of a man expending his life and his wealth (or that of other people) in what was even the most exquisite and splendid of decorations, such
• 75.
  wonders of ornamentationas Raphael's frescoes—while the Papacy itself was being assailed by the greatest rebellion ever raised against it. To go on painting the walls while the foundations of the building are being ruined under your feet and at any moment may fall about your ears, reducing your splendid ornaments to powder, is a thing which gives the most curious sensation to the looker on. The world did not know in those days that even to an institution so corrupt superficially as the Church of Rome the ancient promise stood fast, and not only the gates of hell, but those more like of heaven, should not prevail against her. Out of Italy it was believed that the Church which had but lately been ruled over by a Borgia, and which was admittedly full of wickedness in high places, must go down altogether under the tremendous blow. A great part of the world indeed went on believing so for a century or two. But in the midst of that almost universal conviction nothing can be more curious than to see the life of Papal Rome going on as if nothing had happened, and young Raphael and all his disciples coming and going, cheerful as the day, about the great empty chambers which they were making into a wonder of the earth. Michael Angelo, it is true, in grim discontent hewed at those huge slaves of his in Florence, working wonderful thoughts into their great limbs; but all that Roman world flowed on in brightness and in glory under skies untouched by any threatening of catastrophe.
• 76.
  MODERN ROME: THEGRAVE OF KEATS. To face page 592. The Italian chroniclers scarcely so much as mention the beginnings of the Reformation. At that time in the furthest part of Germany the abominable and infamous name of Martin Luther began to be heard, says one. The elephant which Emmanuel of Portugal sent to his Holiness, and which was supposed to be a thousand years old, takes up as much space. The sun shone on in Rome. The painters sang and whistled at their work, and their sublime patron went and came, and capped verses with Venetian Bembo, and the unique Aretino. They were not, it would seem, in the least afraid of Luther, nor even cognisant of him except in a faint and far-off way. He was so absurd as to object to the sale of indulgences. Now the sale of indulgences was not to be defended in theory, as all these philosophers knew. But to buy off the penances which otherwise they would at all events have been obliged to pretend to do, was a relief grateful to many persons who were not bad Christians, besides being good Catholics. Perhaps, indeed, in the gross popular imagination these indulgences might have come to look like
• 77.
  permissions to sin,as that monster in Germany asserted them to be; but this did not really alter their true character, any more than other popular mistakes affected doctrine generally. And how to get on with that huge building of St. Peter's, at which innumerable workmen were labouring year after year, and which was the most terrible burden upon the Papal funds, without that method of wringing stone and mortar and gilding and mosaic out of the common people? Pope Leo took it very easily. Notwithstanding the acquisitions of Pope Julius, and the certainty with which the historians assure us that from his time the Patrimony of St. Peter was well established in the possession of Rome, some portion of it had been lost again, and had again to be recovered in the days of his successor. That was doubtless more important than the name, nefando, execrabile of the German monk. And so the wars went on, though not with the spirit and relish which Julius II. had brought into them. Leo X. had no desire to kill anybody. When he was compelled to do it he did it quite calmly and inexorably as became a Medici; but he took no pleasure in the act. If Luther had fallen into his hands the Curia would no doubt have found some means of letting the pestilent fellow off. A walk round the loggie or the stanze where the painters were so busy, and where Raphael, a born gentleman, would not grumble as that savage Buonarotti did, at being interrupted, but would pause and smile and explain, put the thought of all troublesome Germans easily out of the genial potentate's head. It was the Golden Age; and Rome was the centre of the world as was meet, and genius toiled untiringly for the embellishment of everything; and such clever remarks had never been made in any court, such witty suggestions, such fine language used and subtle arguments held, as those of all the scholars and all the wits who vied with each other for the ear and the glance of Pope Leo. The calm enjoyment of life over a volcano was never exhibited in such perfection before. We need not pause here to enumerate or describe those works which every visitor to Rome hastens to see, in which the benign and lovely art of Raphael has lighted up the splendid rooms of the Vatican with something of the light that never was on sea or shore.
• 78.
  We confess thatfor ourselves one little picture from the same hand, to be met with here and there, and often far from the spot where it was painted, outvalues all those works of art; but no one can dispute their beauty or importance. Pope Leo did not by so much as the touch of a pencil contribute to their perfection, yet they are the chief glory of his time, and the chief element in his fame. He made them in so far that he provided the means, the noble situation as well as the more vulgar provision which was quite as necessary, and he has therefore a right to his share of the applause—by which he is well rewarded for all he did; for doubtless the payment of the moment, the pleasure which he sincerely took in them, and the pride of so nobly taking his share in the lasting illumination of Rome were a very great recompense in themselves, without the harvest he has since reaped in the applause of posterity. Nowadays we do not perhaps so honour the patron of art as people were apt to do in the last century. And there are, no doubt, many now who worship Raphael in the Vatican without a thought of Leo. Still he is worthy to be honoured. He gave the young painter a free hand, believing in his genius and probably attracted by his more genial nature, while holding Michael Angelo, for whom he seems always to have felt a certain repugnance, at arm's length. We will not attempt to point out in Raphael's great mural paintings the flattering allusions to Leo's history and triumph which critics find there, nor yet the high purpose with which others hold the painter to have been moved in those great works. Bishop Creighton finds a lesson in them, which is highly edifying, but rather beyond what we should be disposed to look for. The life of Raphael, he says, expresses the best quality of the spirit of the Italian Renaissance, its belief in the power of culture to restore unity to life and implant serenity in the soul. It is clear that Raphael did not live for mere enjoyment, but that his time was spent in ceaseless activity animated by high hopes for the future. How this may be we do not know: but lean rather to the opinion that Raphael, like other men of great and spontaneous genius, did what was in him and did his best, with little ulterior purpose and small thought about the power of
• 79.
  culture. It washis, we think, to show how art might best illustrate and with the most perfect effect the space given him to beautify, with a meaning not unworthy of the gracious work, but no didactic impulse. It was his to make these fine rooms, and the airy lightness of the brilliant loggie beautiful, with triumphant exposition of a theme full of pictorial possibilities. But what it should have to do with Luther, or how the one should counterbalance the other, it is difficult to perceive. Goethe on the other hand declares that going to Raphael's loggie from the Sistine chapel we could scarcely bear to look at them. The eye was so educated and enlarged by those grand forms and the glorious completeness of all the parts that it could take no pleasure in works so much less important. Such are the differences of opinion in all ages. It is the glory of this period of Roman history that at a time when the Apostolic See had lost so much, and when all its great purposes, its noble ideals, its reign of holiness and inspired wisdom had perished like the flower of the fields—when all that Gregory and Innocent had struggled their lives long to attain had dissolved like a bubble: when the Popes were no longer holy men, nor distinguished by any great and universal aim, but Italian princes like others, worse rather than better in some cases: there should have arisen, with a mantle of glory to hide the failure and the horror and the scorn, these two great brethren of Art —the one rugged, mournful, self-conscious, bowed down by the evil of the time, the other all sweetness and gladness, an angel of light, divining in his gracious simplicity the secrets of the skies. Leo the Pope was no such noble soul. He was only an urbane and skilful Medici, great to take every advantage of the divine slaves that were ready for his service—using them not badly, encouraging them to do their best, if not for higher motives yet to please him, the Sommo Pontefice, surely the best thing that they could hope for; and to win such share of the ducats which came to him from the sale of the offices of the Vatican, the cardinals' hats, the papal knighthoods, and other trumpery, as might suffice for all their wants. He sold these and other things, indulgences for instance, sown broadcast over the face of the earth and raising crops of a quite
• 80.
  different kind. Buton the other hand he never sold a benefice. He remitted the tax on salt; and he gave liberally to whoever asked him, and enjoyed life with all his heart, in itself no bad quality. A BRIC-A-BRAC SHOP. The pontificate of Leo was the most gay and the most happy that Rome ever saw, says the chronicler. Being much enamoured of building he took up with a great soul the making of San Pietro, which Julius, with marvellous art, had begun. He ennobled the palace of the Vatican with triple porticoes, ample and long, of the most beautiful fabrication, with gilded roofs and ornamented by excellent pictures. He rebuilt almost from the foundations the church of our Lady of the Monte Cœlio, from which he had his title as cardinal, and adorned it with mosaics. Finally there was nothing which during all his life he had more at heart or more ardently desired than the excellent name of liberal, although it was the wont ordinarily of all the others to turn their backs upon that virtue of liberality, and to keep far from it. He judged those unworthy of high station who did not with large and benign hand disperse the gifts of fortune, and above all those which were acquired by little or no fatigue. But while he in this guise governed Rome, and all Italy enjoyed a gladsome peace, he was by a
• 81.
  too early deathtaken from this world although still in the flower and height of his years. He died forty-five years old on December 1, 1521. The great works which one and another of the Popes thus left half done were completed—St. Peter's by Sixtus V. 1590, and Paul V. 1615. The Last Judgment completing the Sistine chapel was finished by Michael Angelo in 1541 under Clement VII. and Paul III. And thus the Rome of our days—the Rome which not as pilgrims, but as persons living according to the fashion of our own times, which compels us to go to and fro over all the earth and see whatever is to be seen, we visit every year in large numbers—was left more or less as it is now, for the admiration of the world. Much has been done since, and is doing still every day to make more intelligible and more evident the memorials of an inexhaustible antiquity—but in the Rome of the Popes, the Rome of Christendom, History has had but little and Art not another word to say. THE END. INDEX.
• 82.
  Adelaide of Susa,262, 269. Agnes, Empress, 217, 233, 237, 279; Hildebrand becomes adviser to, 202; alienated from Hildebrand, 214; renounces the world, 219. Alaric, 108, 119, 121. Albigenses, many sects among, 355; Pope Innocent's attitude towards, 357; missionaries sent to, ib.; crusade against them, 359-361. Albina, 17, 18, 89. Albornoz, Cardinal, 480, 488. Alexander II., 205, 215, 224. Alexander VI., 581, 582, 589. Allegories, Rienzi's painted, 413-416, 419. Ambrose, 48. Angelico, Fra, 546, 549. Angelo, Michael, 588, 595, 598. Apollinaris, the heresy of, 47, 48. Aqueducts restored by Sixtus IV., 574. Arimbaldo, 500; joins Rienzi in his enterprise, 489. Aristocracy, Roman, its position at the end of the 4th century, 3, 4, 5; luxuriousness of the nobles, 5, 6, 7; and of the women, 7, 8; its characteristics in the 14th century, 396, 397. See Nobles. Art, the Popes as patrons of, 515; that of Rome imported from abroad, 516; art workshops in Rome, 546. Artists, Roman, 412, 413, 420; employed upon the Sistine chapel, 575; Julius II. as a patron of, 482, 583, 589. Asella, 18, 21, 89; Jerome's letters to, 72, 75, 76. Athanasius, his life of St. Antony of the desert, 15; his reception at Rome, 16; and in the household of Albina, 17; Melania's visit to, 33. Attila, 120.
• 83.
  Augsburg, Council of,261; German nobles impatient to open, 274, 275. Augustine, Gregory's instructions to, for the making of converts, 156; and for pastoral work, ib., 157, 158; sent on his mission to England, 161, 162. Bäle, Council of, 525, 531. Bavaria, Duke of, 260. Beatrice of Tuscany, 204, 216, 234, 256. Benedict, Pope, and Fra Monozello, 395. Benedict, order of, 126, 131. Benedict I., 138. Benedict X. See Mincio, Bishop. Berengarius of Tours, his heresy, 279, 290. Bethlehem, convents founded at, by Jerome and Paula, 82. Bible, Innocent III., on the interpretation of, by sectaries, 357. Blæsilla, 23, 55, 67; her conversion, 58; her death and funeral, 63. Bollandists, 131. Book collector, Thomas (Nicolas V.) as, 529, 534. Borgias, 515, 581. Borgo, 538; sanctity of the spot, 539, 540; wall built to enclose, 541; buildings erected afterwards within the enclosure, ib. Botticelli, 575. Bowden, Mr., his life of Gregory VII., 515. Bramante, 584. Browning, Robert, 420, 421. Brunhild, Queen, 169. Bruno, Bishop, appointed Pope, 190; acts on Hildebrand's advice, 191, 192; his triumphant election at Rome, 193. See Leo IX. Buildings, ancient, Gregory accused of destroying, 176, 177; regarded as stone-quarries, 242, 517, 577;
• 84.
  restoration of, BookIV., passim. Buono Stato, secret society formed for the establishment of, 423, 424; demonstration by the conspirators, 425, 426; its rules, 426, 427. See Rienzi. Cadalous, anti-Pope, 216-218. Cæsarea, Melania arrested at, 35. Calixtus III., 552, 553. Cammora (City Council), Rienzi protests against the rapacity of, 411. Canossa, Pope Gregory sheltered in the castle of, 264. Carinthia, Duke of, 260. Castracani, 390. Celestine, Pope, 316. Celibacy, Jerome and the controversy regarding, 59-62; of the clergy, see Marriage of priests. Cencius, the Roman bandit, 243, 244; abducts Pope Gregory, 245. Cerealis, 19. Charities of the Roman ladies, 55, 56. Charles IV. and Rienzi, 476. Christianity, its conjunction with Paganism in Roman society, 7-10; nominally embraced by the common people, 57; again conjoined with Paganism during the Renaissance, 529. Church, the, corruption of, 10, 11; Jerome on the daily life of a Roman priest, 11, 12; fierceness of controversy in, 105; her position during the barbarian conquests of Rome, 120, 121; beginning of her sovereignty, 121, 122; best of the Roman youth absorbed by, 123; made no claim to universal authority in the 6th century, 121, 132, 168; wealth of, used for public purposes, 147; almsgiving a principle of, 151; Gregory's achievements for, 170; pretensions to supremacy made by John of
• 85.
  Constantinople, 170, 173;Gregory's tolerant supervision of, 174; state of, in Germany, 188; reforms urgently necessary in, 195; effort of Leo IX. for reform in, 196-199; a new law for the election of the Popes, 208; Hildebrand's ambition of making her a great arbitrating power, 211, 212; how she secured independence in the election of the Popes, 214, 215; first conflict between the Empire and, 215-219; decrees of the Lateran Council against simony and marriage of priests, 235-239; decree against lay investiture, 239; real opening of her struggle with the Empire, 259; her position in Gregory's time, and that of the Scottish Church before the Disruption, compared, 302; her conflict with the Empire inevitable, 304, 305; period of her greatest power, 308; her relations with the Empire in the time of Innocent III., 311, 312. See Gregory the Great, Hildebrand and Innocent III. Cities, Italian, hostility between, 311. Clement III., appointed by the Emperor, 290; calls a council in Rome, 294; his coronation, 297. See Guibert of Ravenna. Clement VI., Rienzi's mission to, 404, 405; confirms Rienzi's authority, 434. Cluny, the monastery of, 186, 190. Colonna family, patronise Petrarch, 397-400; Petrarch's estimate of, 398, 467; character of, 423; rebels against Rienzi, 453; their expedition against Rome, 453-457, 469. Colonna, Agapito, 425, 448. Colonna, Giordano, 430. Colonna, Giovanni, 397, 466; his dealings with Rienzi, 405, 409, 411. Colonna, Giacomo, his friendship with Petrarch, 397. Colonna, Janni, 419, 421, 422, 430, 448, 455, 456.
• 86.
  Welcome to ourwebsite – the perfect destination for book lovers and knowledge seekers. We believe that every book holds a new world, offering opportunities for learning, discovery, and personal growth. That’s why we are dedicated to bringing you a diverse collection of books, ranging from classic literature and specialized publications to self-development guides and children's books. More than just a book-buying platform, we strive to be a bridge connecting you with timeless cultural and intellectual values. With an elegant, user-friendly interface and a smart search system, you can quickly find the books that best suit your interests. Additionally, our special promotions and home delivery services help you save time and fully enjoy the joy of reading. Join us on a journey of knowledge exploration, passion nurturing, and personal growth every day! ebookbell.com