The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The paper deals with the following topics: granular computing; data mining; fuzzy logic; information systems; Internet; fuzzy set theory; rough set theory; image processing; association rules; data security; Web services; cryptography; mobile computing; and support vector machines.
A new steganographic method via PNG images based on the information sharing technique is proposed. The coefficients of the polynomial functions of the Shamir's (k, n)-threshold secret sharing method are utilized as carriers of a given secret data string to be hidden to generate shares. The shares then are embedded into the alpha-channel plane of a cover PNG image. The resulting stego-image with perceptible...
Buffer overflow is one of the worst program vulnerabilities. Many preventive approaches are applied to mitigate buffer overflow (BOF) vulnerabilities. However, BOF vulnerabilities are still being discovered in programs on a daily basis which might be exploited to crash programs and execute unwanted code at runtime. Monitoring is a popular approach for detecting BOF attacks during program execution...
According to trusted computing standard, sealing provides assurance that sealed messages are bound to a set of platform metrics specified by the message sender, it ensures the security of data, but it can't handle asynchronous operation under multiple processes environment. An improved sealing method is given in this paper based on trusted storage, by introducing root of trust for reporting (RTR)...
Recently, the research on the detection and defense of malicious attacks are becoming the main subject of information security. Various tools and technologies of detecting and defense malicious attacks are proposed in an endless stream, tools detecting vulnerabilities as well. However, there is a lack of method to test and evaluate the correctness and validity of these technologies and tools. In this...
This paper describes an automated technique for protecting portable executable files used in Windows NT Platform. The proposed technique mainly works on Portable Executable format for 32-bit applications. The paper describes the PE format illustrating its main structures followed by an overview on existing protection techniques, and then it illustrates the proposed technique used in packing the PE...
The Web is a primary means of information sharing for most organizations and people. Currently, a recipient of Web content knows nothing about the environment in which that information was generated other than the specific server from whence it came (and even that information can be unreliable). In this paper, we develop and evaluate the Spork system that uses the trusted platform module (TPM) to...
Combined with the grid development, this article analyzed the current widespread adoption of authentication mechanisms and researched GSI program and KX.509 program in different grid environment. With the proxy idea of KX.509, using and implementing a Web-login module to build the grid authentication model in the Globus environment. The module provides the transparent user certificate generation,...
We modified the multi-agent negotiation test-bed auction scheme which was proposed by Collins et al. In 2004, Jaiswal et al. have modified Collins's scheme, but Jaiswal's scheme still has some security weaknesses: such as replay data attack and DOS (denial-of-service) attack, collision between customers and a certain supplier. So the proposed protocol tries to reduce DOS attack and avoid replay data...
The stream control transmission protocol (SCTP) uses a cookie mechanism to tackle the security and traditional attack scenario. Unfortunately, SCTP is not secured against redirection attacks, bombing attacks and towards verification-tag guessing attacks which lead to association-hijacking and may force the victim client to starve out of service from the server. Therefore, we propose a secure SCTP...
Trusted computing group developed two solutions to realize remote attestation between platforms, but both of them have drawbacks. Privacy CA defined by trusted computing group needs to be highly available and may collude with verifier to trace user's transactions. direct anonymous attestation proposed in trusted platform module specification v1.2 is not efficient because it adopts many exponential...
The purpose of CEDA (certified electronic document authority) is to guarantee reliability and stability of electronic documents. When using storage and issuance services which are one of core services offered by CEDA, users register their electronic documents and they are issued to a third party later on. In this process, issuance of partial information (part page) instead of the entire registered...
Signcryption is a kind of cryptographic primitive which allows combining the signature and encryption into one scheme efficiently. In this paper we first improve the proxy key generation protocol enforced by Tasi et al and then propose a novel identity based proxy signcryption scheme based on the improved proxy key generation protocol and a identity based signcryption scheme proposed by Libert et...
In this paper, we put forward the Content Lifecycle Protection(CLP) concept, structure and implementation, which mainly employ `Box' to wrap content into BCO so that Box can supervise and protect inside content during each phase of lifecycle. By analyzing the elements in BCO, the core in CLP, we present BCO logical structure, physical structure and physical coupling structures respectively. The physical...
Trusted Computing has been a major research issue in recent years. Software integrity is a main part in a trusted computing environment. As a chain of invocations are involved in a computing system, it is imperative to build a trust relationship between various layers in the system. TLC is a novel approach proposed to build a trusted Linux system. However, it suffers from offline replacement problem...
This paper proposes a new electronic voting (e-voting) scheme that fulfills all the security requirements of e-voting. The key mechanism is the one that uses confirmation numbers involved in individual votes to make votes verifiable while disabling all entities including voters themselves to know the linkages between voters and their votes. Unlike complicated zero knowledge proof involved in many...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.