The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
As evolving security concerns have prevailed, the network time synchronization protocol community has been actively engaged in the development of improved security mechanisms for both the IEEE 1588 Precision Time Protocol (PTP) and the IETF Network Time Protocol (NTP). These activities have matured to the point where this year should see the finalization of the first new security mechanisms for time...
Radio Frequency Identification (RFID) makes it a supporting technology for the Internet of things (IoT). While RFID has been widely used and developed rapidly, its security and privacy issues cannot be ignored. With the development of cloud computing, cloud based RFID system has become a new solution. Protecting the security of RFID system in cloud environment is particularly important. Not verifying...
The Network Time Security specification provides measures which are designed to add security to time synchronization protocols, while considering their specific timing-related requirements. The development of the specification is accompanied by formal analysis of its security model. Special attention is paid to the Network Time Protocol, for which an implementation of those measures is in progress.
Although the great success and the popularity of Cloud computing, an important number of challenges and threats are inherent to this new computing paradigm. One of the serious challenges in Cloud service architecture is managing authentication. Our goal in this paper is to present a flexible authentication solution based on TLS standard and asynchronous one time password mechanism. Our purpose is...
The Enterprise File Sync and Share (EFSS) is one of the most important services to provide enterprises' employees with cloud file sync, share, and collaboration services. To take enterprises' concerns into account, such as security, privacy, compliance, and regulation, the existing EFSS solutions are either using private (on-premise) or hybrid cloud service model to provide their services. They usually...
With the continuous development of the space technology, increasing communication between spacecrafts. To ensure the spacecrafts keep a uniform time standard, time synchronization protocol plays an crucial role. Taking account the characteristics of deep-space: poor link quality, limited node computing power, and the GNSS service is unstable, through the improving of IEEE1588 protocol, a autonomous...
In symmetric cryptography, TESLA variants are well-known valuable source authentication broadcast scheme that are secure and efficient. But TESLA, versus asymmetric approaches, do not provide confidentiality and immediate authentication, need the synchronization of parties, are not flexible due to synchronization and finally have delayed verification and overflow problem. In this paper, we have proposed...
All visions of wireless sensor networks share the idea of small, inexpensive devices, distributed at all scales throughout everyday life. By using their smart phones millions of users were given an ubiquitous controller with a convenient user interface and the capability to set up their own wireless personal area network (WPAN). Smart home, ambient assisted living and health care applications were...
Using one password for all web services is not secure because the leakage of the password compromises all the web services accounts, while using independent passwords for different web services is inconvenient for the identity claimant to memorize. A password manager is used to address this security-convenience dilemma by storing and retrieving multiple existing passwords using one master password...
Authentication and key exchange are fundamental techniques for enabling secure communication over mobile networks. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure biometrics-based remote user authentication scheme have been extensively investigated by research community in these years. Recently, two biometrics-based authentication...
Wireless sensor network is a self-configured, infrastructure less wireless network consisting of a large number of sensor nodes equipped with specialized sensors that can monitor various physical attributes such as temperature, pressure, vibration and sound. WSN relies on hardware simplicity to make sensor field deployments both affordable and long lasting without any maintenance support. Security...
Remote user authentications are an essential tool for e-commerce in Internet environment. In these systems, identity privacy is provided by concealing user's identity. In this article, we introduce the identity privacy study of this setting, and explore a secure and efficient dynamic ID-based remote user authentication protocol with untraceability. We adapt a pair of dynamic IDs to realize the user's...
Radio Frequency Identification (RFID) is one of the key technologies for Internet of Things (IoT). Due to the limitations of processing capability, storage space and power supply of RFID tag, the traditional security mechanisms cannot be used directly. In addition, the existing security threats become more severe towards RFID authentication scheme. In this paper, we propose an Efficient Secure Lightweight...
Protecting a nation's critical infrastructure, notably its power grid is crucial in view of increasing threats, such as international terrorism. We focus on the security of the Modbus protocol, a de-facto protocol for distributed control systems popularly used for power plants. Specifically, we analyze the security of a recently proposed authenticated Modbus protocol. We present attacks on the protocol,...
This paper investigates on the security of time -- triggered transmission channels, which are used to establish a predictable and timely message transfer in a distributed embedded system with potential safety constraints. Within such a system, safety and security are closely related, because malicious attacks can have an impact on a system's safety and thereby cause severe damage. An attacker could...
In this paper, we describe how security and privacy can be increased in user-centric Identity Management (IdM) by the introduction of a so-called IdM card. This IdM card securely stores and processes identity data of the card owner, an end user. The card represents a trusted device that supports the user in managing its digital identities and also in performing secure and privacy-enhanced service...
In order to protect privacy of RFID tag against malicious tag tracing activities, many RFID authentication protocols with the secret key update scheme have been proposed to support forward security. These proposals are symmetric key based in common due to the lack of computational resource to perform heavy asymmetric cryptographic operations in low-cost tags. In this paper, we have demonstrated that...
The portable storage market environment is rapidly changing due to the emergence of USB memory. USB memory is used as a portable storage device by many users. However, due to the high portability of USB memory, USB sticks are frequently lost and stolen. In this Paper we suggest a secure user authentication method in which it is hard to guess the password and bypass authentication. In addition, security...
In this paper, we analyze the security of the lightweight RFID mutual authentication protocol called SLAP proposed by Godor et al. at Globecom 2008. It is claimed that SLAP can resist the well-known attacks and does not demand high computational capacity. We present server impersonation attacks against SLAP in which an adversary that does not know the internal state of the tag can easily impersonate...
Directory services are used by almost every enterprise computing environment to provide data concerning users, computers, contacts, and other objects. Virtual directories are components that provide directory services in a highly customized manner. Unfortunately, though the use of virtual directory services are widespread, an analysis of risks posed by their unique position and architecture has not...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.