The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The goal of this paper is to formalize various processing approaches to the process of verification of the web services integrity and to show its vulnerability to many attacks. After introducing the necessary terminology, several processing approaches are particularized and its security drawbacks concerning notably XML Signature W3C Recommendation are divided into several areas, analyzed, and the...
In recent research it turned out that Boolean verification of digital signatures in the context of WS-Security is likely to fail: If parts of a SOAP message are signed and the signature verification applied to the whole document returns true, then nevertheless the document may have been significantly altered.In this paper, we provide a detailed analysis on the possible scenarios that enable these...
This paper studies the scenario where data in business documents is aggregated by different entities via the use of Web services in streamlined business processes. The documents are transported within the Simple Object Access Protocol (SOAP) messages and travel through multiple intermediary entities, each potentially makes changes to the data in the documents. The WS-security provides integrity protection...
Recent work has shown that certain handwriting biometrics are susceptible to forgery attacks, both human- and machine-based. In this paper, we examine a new scheme for using handwritten input that attempts to address such concerns. Pseudo-signatures are intended to be easy for users to create and reproduce while being resilient to forgeries. Here we evaluate their feasibility in terms of usability...
A brute force attack using synthetically generated handwritten signatures is performed against a HMM-based signature recognition system. The generation algorithm of synthetic signatures is based on the spectral analysis of the trajectory functions and has proven to produce very realistic results. The experiments are carried out by attacking real signature models from the MCYT database (which comprises...
A deniable authentication can be used to provide secure negotiation on the Internet. Although many deniable authentication protocols have been proposed, most of them are interactive or vulnerable to various cryptanalytic attacks. To find a secure and efficient deniable authentication protocol, by encrypting a random and the time stamp and signing the corresponding ciphertext and the message to be...
First, based on the bilinear pairings, a new computing problem, inverse bilinear paring operation problem (IBPOP), is proposed, which is proved to be not easier than the computing diffie-Hellman problem (CDHP) and not harder than discrete logarithm problem (DLP). So, if the symbol ldquolesrdquo denotes the increase of the hardness of computing problem, it can be deduced that CDHPlesIBPOPlesDLP. Then,...
Based on the bilinear pairings, by covering the subliminal message with a shared temporary key generated from the time stamp, an ID-based signature scheme with subliminal channel is proposed, which can be proved to be secure in random oracle under the hardness assumption of computing Diffie-Hellman problem (CDHP). According to the construction of the proposed scheme, it is found that it is easy to...
Most of pairing-based schemes need two or more operations of pairings. To find an efficient randomized certificate-based signature from pairings, by constructing a fraction such that a random element of the gap Diffie-Hellman group is included in the numerator and the sum of the master key and the output of the hash function is included in the denominator, a new signature scheme from pairings is proposed,...
Because documents play a central role in real business workflow, analysis of their semantics leads to role analysis in an organization. In this paper, we give semantics of documents by using DTL (document tree logic), which is similar to computational tree logic in program analysis. By using documents and giving semantics in DTL, we can embed results of business workflow in which the sequences of...
In this paper, we define and illustrate a new form of attack in the context of software services: the software-based need-to-know (SN2K) attack. SN2K attacks can be carried out by dishonest provider of a software service so that it can maliciously gain access to sensitive information, even if the service does {\em not need to know} such data in order to compute the functionalities offered by it. We...
Wireless mesh network are very vulnerable to attacks by malicious users due to, mainly, the cooperation among their nodes. The methods for detection of attacks are grouped into two categories: analysis of anomalies and signatures. The former detects possible new attacks, which have not been previously discovered and the latter depends on prior knowledge to classify the attacks. This paper presents...
The concept of the multi-signature was first proposed by Itakura and Nakamura, in which multiple signers can cooperate to sign the same message and any verifier can verify the validity of the multi-signature. After that, a lot of multi-signature schemes were proposed, but almost all of the multi-signature schemes are either sequence multi-signature or broadcasting multi-signature, but a lot of examples...
The proxy multi-signature is a very useful tool, which allows multiple signers to generate in a collaborative and simultaneous, and if a signer needs to delegate his signing capability to other signer, then the proxy signers can sign on behalf of an original signer. The paper proposed a new proxy multi-signature scheme, which the computation complicacy of the signature algorithm and the verification...
With the development of Web services application, some issues of Web services security are increasingly prominent. XML is widely used of its high expansibility as a platform-independent language. After analysis the traditional Web services security technology, this paper formulates the XML signature, as the basis of Web services security technology, and describes how to create and verify signature...
In the classic use of P2P, e.g. file sharing, there is no concern about persistent peer identification, peer and content reputation and content authenticity. Security proposals currently found in technical literature try to adapt techniques from client-server architecture to P2P environments, which it is not the most appropriate approach. This work proposes applying public keys to identify peers....
In this paper, we describe a secure distributed file system using hysteresis signatures. Although tremendous amounts of information are stored on file servers, it is impractical to have a professional and reliable person to manage such information, especially for small organizations. Also, setting up RAID or multiple servers for the purpose of fault tolerance is a difficult and time-consuming task...
The lack of information security protection for peer-to-peer systems has hampered the use of this robust and scalable technology in sensitive applications. The security weakness is rooted in the server-less architecture and the demand driven ad-hoc operation scenarios of peer-to-peer systems. Together, they prohibit scalable key management using traditional symmetric/ asymmetric cryptographic techniques...
In 1998, Blaze, Bleumer and Strauss proposed two kinds of cryptographic primitives called proxy re-encryption and proxy re-signature [4]. In proxy re-encryption, a proxy can transform a ciphertext computed under Alice's public key into one that can be opened under Bob's decryption key. In proxy re-signature, a proxy can transform a signature computed under Alice's secret key into one that can be verified...
Low-level network traffic information is often times beyond the understanding of common system operators (byte counts, port numbers, packet data, etc.). However, anomaly based Intrusion Detection Systems (IDS) often provide such low-level, difficult to comprehend information. This paper details a Human Interface for Security Awareness (HISA) algorithm for interpreting cyber incident information to...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.