The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Location-based queries have brought challenging privacy issues for mobile users. Having access to data, anytime from anywhere, raises many security concerns. One of these concerns is user's location privacy, where a user must reveal her location to get the desired result. The question is how to benefit from such queries without endangering user's location privacy. This paper presents a new method...
Radio frequency identification (RFID) is one of the key technologies of Internet of Things, which have many security issues in an open environment. In order to solve the communication problem between RFID tags and readers, security protocols has been improved constantly as the first choice. But the form of attack is also changing constantly with the development of technology. In this paper we classify...
In this paper, we design a distributed platform for anonymized dataset trading without any centralized trusted third party. The platform consists of peers and consensus-based blockchain mechanism, and each peer acts as a data broker, data receiver, or verifier for blockchain in a data transfer transaction. A data broker collects data from data owners under their consent for data trading. The Privacy...
We present a set of protocols for creating a secure processing tree used for completing a task without divulging critical information. We analyze the information that is exchanged during the protocols and the effect of compromising participants.
The growth of the Internet of Things (IoT) creates the possibility of decentralized systems of sensing and actuation, potentially on a global scale. IoT devices connected to cloud networks can offer sensing and actuation as a service enabling networks of sensors to grow to a global scale. But extremely large sensor networks can violate privacy, especially in the case where IoT devices are mobile and...
The integration, mining, and analysis of person-specific data can provide enormous opportunities for organizations, governments, and researchers to leverage today's massive data collections. However, the use of personal or otherwise sensitive data also raises concerns about the privacy, confidentiality, and potential discrimination of people. Privacy-preserving record linkage (PPRL) is a growing research...
Numerous services are being offered over the Internet and require identification of users as in face-to-face interactions. To simplify the authentication procedure and reduce the need to manage multiple credentials to access services, electronic identification (eID) schemes have been introduced that involve many service providers (SPs) and identity providers (IDPs) which verify the identity of users...
Fingerprints as biometric authenticators are rapidly increasing in popularity, with fingerprint scanners available on many modern smartphones and laptops. Because these authenticators are non-revocable, special care must be taken to prevent leakage of the representative feature information of a user's fingerprint. While secure multiparty computation protocols have been designed to maintain fingerprint...
The security and privacy of RFID (Radio Frequency Identification) systems becomes an important subject especially for low cost RFID tags. A lot of authentication protocols were proposed to insure the security and in the same time meet the resource limitations. In this paper, we proposed an ultralight weight authentication approach based on permutation, XOR and rotation functions. As a result, the...
A Radio Frequency Identification (RFID) system is a contactless automatic identification system that uses small and low-cost tags. The restricted computation ability and limited memory space of low-cost tags make existing RFID systems vulnerable. EPC Class 1 Generation 2 (EPC-C1G2) is the most popular standard for low cost passive RFID tags. For improving security of this standard; many security schemes...
Considering the development of mobile payment systems and feasibility and suitability of payment protocols we need to provide security requirements of users as well. In this paper we first introduce LMPP and MPCP protocols and show how these two protocols are unable to satisfy anonymity and unlinkability of merchant to issuer. Then we propose a lightweight mobile payment protocol that is based on...
Network security management is a big challenge for network administrators due to increasing vulnerabilities. Vulnerabilities are the weakness of the network and allow malicious attackers access to resources controlled by an organization. To keep networks secure network administrators should be aware of all vulnerabilities through which an attacker can gain access. In this paper, we have considered...
The wide deployment of public cloud computing infrastructures has become an appealing solution for the advantages of flexibility and cost saving, but the risk of being exposed to privacy and security issues refrains a lot of customers from risking their sensitive data to the cloud. The data owners do not want to move to the cloud unless the data confidentiality and the privacy of their queries are...
Providing users with a lot of information might sound ideal in many scenarios, nonetheless, this may often be very annoying for the end user. To limit the amount of information that has to be processed by the user, to a set that is more relevant for his needs, most service providers use recommender systems. Undoubtedly, to provide someone with proper recommendations, one needs some background knowledge...
RFID (radio frequency identification) is a small electronic device that consists of small chip and an antenna. The biggest challenge for RFID technology is to provide benefits without degrading the secutiry level. This paper proposes a new RFID authentication protocol based on the lightweight stream cipher Enhanced-Bivium. In terms of security we show that the protocol is robust under the attack of...
In the last decade, various types of RFID security schemes have been proposed which have tried to provide all security and privacy requirements of end-users. In this paper, we cryptanalyze two new-found key exchange and key agreement security schemes which are proposed by Zhang et al. and Kim in 2012 and 2013 respectively. We present the reveal secret parameter, tag impersonation and traceability...
Private Information Retrieval (PIR) is the fact that a client retrieves a certain record from a remote database managed by untrusted parties without letting them know which record has actually been requested, thus preserving the privacy of the client. Ostrovsky and Skeith showed in [1] that any homomorphic encryption can actually be used to achieve PIR. In this paper we use their protocol as basis...
Many techniques for privacy-preserving data mining (PPDM) have been investigated over the past decade. Such techniques, however, usually incur heavy computational and communication cost on the participating parties and thus entities with limited resources may have to refrain from participating in the PPDM process. To address this issue, one promising solution is to outsource the tasks to the cloud...
Number of instant messaging (chat) applications grows rapidly, not only in everyday communication of ordinary people, but in business correspondence. Consequently, security and privacy of these kinds of applications are very important. In this paper, CryptoCloak protocol for secure and private chat communication is introduced, together with the prototype IM application implemented in Java programming...
Cognitive Radio Networks (CRNs) enable opportunistic access to the licensed channels by allowing secondary users (SUs) to exploit vacant channel opportunities. One effective technique through which SU s acquire whether a channel is vacant is using geo-location databases. Despite their usefulness, geo-location database-driven CRN s suffer from location privacy threats, merely because SUs have to query...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.