The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The e-Health is going to change the way how patients and healthcare providers interact. The exchange of confidential and integer information is one of the major open issues for the health care sector. While it is quite easy to enforce fine grain access control policies to new well structured medical records managed by newly designed information systems, many eHealth systems are based on “document...
This paper presents a novel two-tier authentication and encryption scheme that explores the unique characteristics of Wireless Sensor Networks (WSN) in Healthcare Applications. The first phase authenticates among the sensor nodes of a Body Area Network (BAN) fused in a patient, where a U key is generated in a decentralized fashion. Based on the rule of separating user and platform credentials, U key...
Embedded systems of an inherently distributed and highly replicated nature are vulnerable to a class of attacks that require local access and physical tampering. Processors using Encrypted Execution and Data (EED) technology, where instructions and data are stored in encrypted form in memory and locally decrypted, form an attractive solution for securing embedded systems, as these platforms have been...
This paper highlights a framework for cyber surveillance of unlawful activities for critical infrastructure protection. The framework uses a computational grid based environment, which is capable of distributed data mining and real time surveillance.
The development of web 2.0 increases the call for agile and simple Business process support. SOA (Service oriented Architecture) provides companies with a new model to build their IT applications around their business processes and combine them dynamically and flexibly with the services of partner companies. In this open and distributed context, it is required to implement an appropriate security...
Attacks on the computer infrastructures are becoming an increasingly serious problem. Whether it is banking, e-commerce businesses, health care, law enforcement, air transportation, or education, we are all becoming increasingly reliant upon the networked computers. The possibilities and opportunities are limitless; unfortunately, so too are the risks and chances of malicious intrusions. Intrusion...
Attribute relations in access control mechanisms or languages allow accurate and efficient specification of some popular access control models. However, most of the access control systems including today's de-facto access control protocol and specification language, XACML, does not provide sufficient syntactic and semantic support for the specification of attribute relations in their scheme. In this...
In enterprise environments, the task of assigning access control rights to subjects for resources is not trivial. Because of their complexity, distribution and size, access control policies can contain anomalies such as inconsistencies, which can result in security vulnerabilities. A set of access control policies is inconsistent when, for specific situations different incompatible policies can apply...
Reducing false positives have been one of the toughest challenges and a very practical problem in real life deployments of intrusion detection systems. It leads to decreased confidence in the IDS alerts. The security analyst is faced with the choice between disabling valuable signatures that also generate false positives on one hand, and missing true alerts among the flood of false positives on the...
Universal Plug and Play (UPnP) is a set of specifications to enable and simplify the networking of electronic devices. UPnP does not generally provide any security and assumes that only trusted devices have access to the network. For networks where untrusted devices have to be taken into account, this paper proposes a secure UPnP network architecture, including key management. The architecture uses...
Hyperelliptic curves of genus ≤ 3 over finite fields have been researched and recommended for cryptography for about twenty years. Though the hyperelliptic curves over finite fields of genus four may been not secure for general cryptographic applications, such as digital signature systems, but some special hyperelliptic curves of genus four may have some privileges when they are applied in pairing-based...
This concept paper surveys the use of UML 2.0 and basic formal logic notations to represent use case scenarios of models of trust for a digital identity. Various definitions are provided as well as an algorithm that contextualizes the notion of trust establishment given the prescribed use of the identity. The motivation for this work is based on earlier work defined by Indrashki Ray, Indrajit Ray...
In this paper, we propose a secure architecture for healthcare wireless sensor networks. After a careful examination of the security requirements and the security threats to healthcare sensor networks, we argue that security measures for Wireless Sensor Networks (WSN) must take application context in consideration rather than seek security solutions in a one-size-fits-all fashion. We integrate security...
In this work, we design a system that can automatically detect what is critical in data systems based upon the content and context of the information. After this process has been performed, the information it provides can be used for insider threat detection. If a DBMS is used for data access, historical logs are generally kept and our method uses these logs to detect the typical level of criticality...
Wireless communication between vehicles, known as Vehicular Ad hoc NETworking (VANET), will allow providing drivers with information to increase safety, efficiency and comfort in road travel. In this type of networks, warning messages affect decisions taken by drivers so that any wrong message could lead to loss of drivers' time, high money expenditure on fuel, and in the worst-case scenario, traffic...
End-to-end security in collaborative system has two inferences: the secure delivery of service and the `due usage' of it. The fulfillment of this requirement involves re-thinking the security policy model of collaborative systems. This paper analyses the factors that impact security in such systems. Based on this, a general architecture is proposed with a collaboration-based policy model specified...
The success of the Cloud Computing paradigm may be jeopardized by concerns about the risk of misuse of this model aimed at conducting illegal activities. In this paper we address the issue of detecting Denial of Service attacks performed by means of resources acquired on-demand on a Cloud Computing platform. To this purpose, we propose to investigate the consequences of the use of a distributed strategy...
Both cloud and GRID are computing paradigms for the large-scale management of distributed resources. Even if the first is usually oriented to transaction-based applications, and the latter to High Performance Computation, there is a lot of interest in their integration. This is typically obtained through the Infrastructure-as-a-Service cloud model, which is exploited in the GRID context to offer machine...
Security risk management is becoming increasingly important in a variety of areas related to information technology (IT), such as telecommunications, cloud computing, banking information systems, etc. In this paper, we develop a systematic quantitative framework for security risk management in IT-intensive organizations. This framework provides a unified viewpoint for considering a wide array of security...
Differential Power Analysis (DPA) attacks extract the secret key of cryptographic algorithm, by analyzing the power dissipation of the smart card during the execution of the computation. Cryptosystems such as DES, the AES and public-key cryptosystems are easily perceptive to the DPA attacks. Several techniques can be used to prevent differential power analysis attacks. One method is to design algorithms...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.