The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we revisit multi-party Diffie-Hellman key exchange (DHKE) protocols by using multi-linear mappings and Weil pairings over elliptic curves. We show how to construct a 4-linear Weil pairing and illustrate the approach by examples. Finally, we present several necessary conditions to find a distortion map for a 5-party DHKE protocol.
Online banking is a substantial service in the enlargement strategy of the modern bank sector. Nevertheless, this service has not been widely used, because of users are still scared of the risks of online transactions. Thus, the in-depth and distinct works of risks in risk awareness are an essential and meaningful assignment for the banking sector. This study investigates the role of perceived risk...
In most cases, web applications communicate with web services (SOAP and RESTful). The former act as a front-end to the latter, which contain the business logic. A hacker might not have direct access to those web services (e.g., they are not on public networks), but can still provide malicious inputs to the web application, thus potentially compromising related services. Typical examples are XML injection...
Security testing is a pivotal activity in engineering secure software. It consists of two phases: generating attack inputs to test the system, and assessing whether test executions expose any vulnerabilities. The latter phase is known as the security oracle problem. In this work, we present SOFIA, a Security Oracle for SQL-Injection Vulnerabilities. SOFIA is programming-language and source-code independent,...
The Extensible Markup Language (XML) is extensively used in software systems and services. Various XML-based attacks, which may result in sensitive information leakage or denial of services, have been discovered and published. However, due to development time pressures and limited security expertise, such attacks are often overlooked in practice. In this paper, following a rigorous and extensive experimental...
Remote data possession checking plays a crucial role in cloud data storage. It allows the owners to verify whether their data are correctly stored in the Cloud without downloading them. To solve this problem, there are many methods proposed such as MAC-based methods, RSA- based homomorphic methods and BLS-based homomorphic methods.This paper presents and compares auditing methods which are based on...
Power flow solvable boundary plays an important role in contingency analysis, security assessment, and planning processes. However, to construct the real solvable boundary in multidimensional parameter space is burdensome and time consuming. In this paper, we develop a new technique to approximate the solvable boundary of distribution systems based on Banach fixed point theorem. Not only the new technique...
Web application firewalls are an indispensable layer to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their sophistication require that firewalls be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on web application firewalls and SQL injection attacks. We present a machine learning-based...
Response Code (QR code) is widely used in daily life in recent years because it has high capacity encoding of data, damage resistance, fast decoding and other good characteristics. Since it is popular, people can use it to transmit secret information without inspection. The development of steganography in QR code lead to many problems arising. How to keep the original content of QR code and embed...
In security applications, obtaining high resolution face images is challenging since cameras are usually placed at a far distance. In this paper, we employ two approaches to detect face at a distance including using one or dual pan-tilt-zoom (PTZ) cameras to zoom in and capture proximate faces while still maintaining a large observing area. While most current approaches require a complex calibration...
Database outsourcing is emerging as an important trend in which the data owners ship their data to external service provider. Since a service provider is not fully trusted, security and privacy are significant issues. They can be referred to as data confidentiality, user and data privacy, query assurance and secure auditing. Among them, secure auditing takes an important role to have a secure database...
The Monterey Security Architecture addresses the need to share high-value data across multiple domains of different classification levels while enforcing information flow policies. The architecture allows users with different security authorizations to securely collaborate and exchange information using commodity computers and familiar commercial client software that generally lack the prerequisite...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.