The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This paper describes our concept, design and current implementation of the Secure Mobile Wallet. Mobile Wallet is an application stored in mobile phones providing to subscribers the possibility to perform various mobile financial transactions. In our approach Secure Mobile Wallet is stored and running in the Javacard SIM chip, called UICC. It comprises several Javacard applets supporting several types...
The paper describes secure service-oriented architecture for mobile transactions. The architecture comprises components, protocols, applications and interfaces and it provides various security services to various mobile applications: registration, certification, authentication, and authorization of users, secure messaging at an application-level (end-to-end security), protection of data in databases,...
This paper describes the design and implementation of a comprehensive system for protection of Web contents. In this design, new security components and extended security features are introduced in order to protect Web contents ageist various Web attacks. Components and extended security features are: protection of Web pages using strong encryption techniques, encapsulation of Web contents and resources...
One approach to authorization of mobile agents is to use XACML policies by assigning roles to agents and then enforcing role-based authorization. In this paper we show how traditional XACML polices, used for user access control in distributed environments, can be used for mobile agents' access control. We use such polices to manage delegation of access rights from users to agents while at the same...
The model and design of a generic security provider provides a comprehensive set of security services, mechanisms, encapsulation methods, and security protocols for Java applications. The model is structured in four layers; each layer provides services to the upper layer and the top layer provide services to applications. The services reflect security requirements derived from a wide range of applications;...
Current research in the area of mobile agents' security mainly deals with protection and security for agents and agents' runtime platforms. Mobile agent systems usually do not provide an extensive security methodology for the entire agent's life cycle, from agent's creation to its deployment and execution. In this paper we propose a comprehensive secure system for deployment of mobile agents. The...
The paper describes a protocol for Secure E-Mail Infrastructure for establishing trust between different domains in order to protect mail servers from spam messages. The protocol uses messages for trusted interactions between intra and inter E-mail domain components, Secure E-mail (SEM) servers and Secure Mail Infrastructure (SMI) servers. In addition, the protocol validates E-mail addresses thus...
The National Institutes of Health, along with other healthcare related agencies, continue to define the importance of exchanging medical data between hospitals and other healthcare providers. However, issues within the medical field such as interoperability, scalability and security continue to plague electronic exchange of information within the healthcare sector. In this paper we present an approach,...
Current research in the area of security for mobile agents deals mainly with the runtime issues of agents' protection. Mobile agent systems do not address precisely the process of acquiring mobile agents by their owners, but they assume that the agents are somehow already available for use. This assumption is acceptable for experimental or prototyping environments, but it is inadequate for the real...
Most of the current research and development results dealing with security of mobile agents describe solutions only for usage of mobile agents. These contributions usually assume agents posses unique and recognizable identities, cryptographic keys, assigned assurance level, and various other security parameters. But, very few papers describe how to create, classify, and evaluate mobile agents before...
There are many software applications being developed daily all over the world, but unfortunately those applications usually contain problems and vulnerabilities because of poor programming practices or poor development strategy used by developers. Those vulnerabilities are exploited by hackers for their malicious intents. To eliminate this problem we have designed and developed the system for comprehensive...
In this paper we describe an access control model for multilevel-security documents, those structured into multiple sections based on certain security classifications. Our access control system uses XACML policies to allow documents, whose contents have varying sensitivity levels, to be created, viewed, and edited by groups that have members with varying clearance levels, while enforcing the required...
This paper describes our strategy to operate WSN with or without security based on our measurements of energy consumption using CrossBow and Ember sensor nodes. It was found that the node microcontroller's CPU operates for substantially longer times for both hashing and encryption operations compared to the time for handling messages without any security. However, the associated overall increased...
WSN nodes are usually powered by batteries. Energy consumption during node operation determines battery life. Power consumption depends on the different hardware and software components in a WSN node and their various activities. In order to determine the life of the battery, we must measure the energy consumption of a node that is active in a network. That is, we must know the power consumption and...
This paper describes the design, prototype implementation and deployment of a key management protocol for sensor networks. In order to exchange protected messages between sensor nodes in a wireless sensor network, secret shared cryptographic keys must be established between the nodes of the network. Several key management schemes have been proposed in the literature, but these schemes are not suitable...
Both correct transmission using hashing and protection of messages using encryption in sensor nodes require additional energy. This paper describes our measurement results for energy consumption in CrossBow and Ember sensor nodes for the process of exchanging data messages between nodes both in the clear and in a protected form. Full strength algorithms were loaded into and executed in nodes. It was...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.