The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an attacker. Beyond the initial login, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data. Hence,...
Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an attacker. Beyond the initial login, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data. Hence,...
The widespread use of smartphones gives rise to new security and privacy concerns. Smartphone thefts account for the largest percentage of thefts in recent crime statistics. Using a victim's smartphone, the attacker can launch impersonation attacks, which threaten the security of the victim and other users in the network. Our threat model includes the attacker taking over the phone after the user...
Trusted computing platforms aim to provide trust in computations performed by sensitive applications. Verifying the integrity of memory contents is a crucial security service that these platforms must provide since an adversary able to corrupt the memory space can affect the computations performed by the platform. After a description of the active attacks that threaten memory integrity, this paper...
Cyberattacks are growing at an alarming rate, even as our dependence on cyberspace transactions increases. Our software security solutions may no longer be sufficient. It is time to rethink computer design from the foundations. Can hardware security be enlisted to improve cybersecurity? The author discusses two classes of hardware security: hardware-enhanced security architectures for improving software...
Correctly functioning caches have been shown to leak critical secrets like encryption keys, through various types of cache side-channel attacks. This nullifies the security provided by strong encryption and allows confidentiality breaches, impersonation attacks and fake services. Hence, future cache designs must consider security, ideally without degrading performance and power efficiency. We introduce...
Presents a collection of slides covering the topic of system security. Covers the following topics: discusses the special features of security; security threat models; security design methodology; access control practices; cryptograhy; and security protocols.
In this paper we present our vision for Security on Demand in cloud computing: a system where cloud providers can offer customized security for customers' code and data throughout the term of contract. Security on demand enables security-focussed competitive service differentiation and pricing, based on a threat model that matches the customer's security requirements for the virtual machine he is...
Hardware-software security architectures can significantly improve the security provided to computer users. However, we are lacking a security verification methodology that can provide design-time verification of the security properties provided by such architectures. While verification of an entire hardware-software security architecture is very difficult today, this paper proposes a methodology...
Perimeter patrol enhances the utility of autonomous surface vehicles (ASVs) by enabling many security and scientific missions, including harbor protection, water sampling, and geological survey. We present a novel approach to perimeter patrol that uses only two sensors: commercial off-the-shelf available marine radar and the heading information from a GPS. Our algorithm performs computer vision morphological...
We present Bastion, a new hardware-software architecture for protecting security-critical software modules in an untrusted software stack. Our architecture is composed of enhanced microprocessor hardware and enhanced hypervisor software. Each trusted software module is provided with a secure, fine-grained memory compartment and its own secure persistent storage area. Bastion is the first architecture...
Wireless sensor networks are rapidly emerging as an important area in ubiquitous computing industry. They are very tiny devices with limited energy, memory, transmission range, and computation power. So, wireless sensor networks are vulnerable to security attack such as sinkhole attack, wormhole attack, and simple power exhaustion attack. However, wireless sensor networks must be secured from obstructing...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.