The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
There is an enormous growth of the use of mobile devices and the social Web. Thus the users want to exchange their social data easily by using their phones and PDAs. We show that existing solutions put the users at security and privacy risks. Then, we describe our protocol for exchanging users' social data. We demonstrate that enables better security and privacy for exchanging social data. In addition...
Securing Network Program update is essential for many crucial military applications. Present Network Programming protocols proposed by Hailun Tan et al. provides confidentiality and authentication with high computational effort and power consumption. We have developed a confidential network program update protocol for clustered wireless sensor networks. Our scheme has two phases, key computation phase...
This paper describes security extensions of various Windows components based on usage of FIPS 201 (PIV) smart cards. Compared to some other similar solutions, this system has two significant advantages: first, smart cards are based on FIPS 201 standard and not on some proprietary technology; second, smart card security extensions represent an integrated solution, so the same card is used for security...
Radio Frequency Identification (RFID) technology has been widely used in supply chains to track and manage shipments. By tagging shipments with RFID tags, which can be remotely accessed by RFID readers, shipments can be identified and tracked in a supply chain. Security issues in RFID have been major concerns, since passive RFID tags have very weak computational power to support authentication. Sound...
Sender Scorecards are conceived as a method to enable different IP Multimedia Subsystem (IMS) domains and networks to exchange trustworthy information on sender identities and other relevant information, to allow discrimination between legitimate and unsolicited IMS communication. The approach uses a secure and interoperable scorecard about the sender of IMS calls. Such a scorecard is generated, transported,...
The security flaws of a direct anonymous attestation scheme proposed by He et al. was analyzed, and the result shows that the authentication protocol of the scheme is vulnerable to reply attacks and platform masquerading attacks when being used for remote attestation. An improved direct anonymous attestation authentication scheme with the involvement of key agreement was proposed to provide the property...
In order to improve the security and performance of authentication protocol in manufacturing grid, identity-based authentication protocol under standard model is constructed. Combining with the environment of manufacturing grid, this protocol can work under escrow and non-escrow models and different trust domains model. By introducing pseudo random function set, new authentication protocol realizes...
Consciously or unconsciously, we are using many kinds of “cards” in our daily lives. Among them, credit card, cash card, driving license, etc., are as important as our wallets. To protect the card holder from malicious use of his/her cards, it is necessary to authenticate the card user. For this purpose, a common practice is to ask the user to provide some key information (usually password) known...
In this paper we present a dynamic programming mechanism combined with resource credit function based on D-S theory after analysing the programming of the mobile agent in grid environment. A mobile agent cooperates with credit schedule model in the grid virtual organization while transferring, therefore avoiding mobile agent being attacked by malicious agent platform. Due to the isomerism of the grid...
Service-oriented architecture (SOA) is the premier application framework for integrating complex heterogeneous computing systems in business and government. To utilize SOA in sensitive military systems, however, the issue of multi-level security (MLS) must be addressed. MLS requirements call for strict separation and limit interaction between classification levels. However, many Web services and resources...
E-commerce protocols are integral components of E-commerce systems. Verification of E-Commerce protocols'security level has become a hot spot in both information security and E-commerce researching area. Recent research focuses on E-commerce protocols' general properties such as secrecy and authentication, but always ignores particular properties related to commerce such as anonymity, fairness and...
Entities (e.g., users, services) have to authenticate themselves to service providers (SPs) in order to use their services. An entity provides personally identifiable information (PII) that uniquely identifies it to an SP. In the traditional application-centric Identity Management (IDM) model, each application keeps trace of identities of the entities that use it. In cloud computing, entities may...
This paper presents details of a model checker for security protocols, called ASM-SPV (Abstract State Machines-Security Protocols Verifier), which employs the on-the-fly model checking technique as the convenient verification method and directly supports the whole Core- ASM language. Security protocol is modeled as distributed abstract state machines and the property to be verified is specified in...
We propose in this paper to reuse the existing payment infrastructure to introduce a proof of transaction genuineness computed by a smart card chip. The idea is to divide the amount of the transaction into several sub-amounts, which added together give the total amount. The sub-amounts are function of a secret shared with the bank, which can verify that the split is correct, thus proving that the...
Providing access to relevant confidential information during an emergency increases the efficiency of emergency response operations. Existing approaches rely on a centralized on-line authority to regulate access to emergency applications and data. Unfortunately, it cannot be guaranteed that the central authority is available during an incident. Additionally, the central authority must be trusted to...
Recently, Kwon et al. found that LKY scheme is vulnerable to off-line dictionary attack. They showed that LKY is not a complete PAKA scheme since it is possible for the involved two parties to not share a common session key as a result of executing LKY. In our paper, we will discuss the reasons for the above attack and propose two improved scheme to solve this problem.
In this paper, we propose a secure architecture for healthcare wireless sensor networks. After a careful examination of the security requirements and the security threats to healthcare sensor networks, we argue that security measures for Wireless Sensor Networks (WSN) must take application context in consideration rather than seek security solutions in a one-size-fits-all fashion. We integrate security...
The Internet has been population, which it was implement information technology, to every enterprize, also changed their contact mode of information flow style. Since public key conception was proposed, it had authentication function to secure while they are communication, and defense the data to leak based on stranger. In this article, we presented an improvement of generalized key agreement and...
DNS is one of internet infrastructure, but there also exist a lot of security vulnerabilities in it. The DNSSEC drafted by IETF is replacing the DNS for enhancing the security. However, the characteristics of DNSSEC have led to failure of the old monitoring system partly. This paper based on study of the DNSSEC protocol implementation and deployment proposes a kind of constructing plan about domain...
As organizations become larger and larger, a worldwide enterprise may involve many regional branches, and also form partnerships with other organizations. Therefore it becomes necessary to implement authentication systems which are capable of working across multiple security domains or internet domains. We proposed an effective scheme which can implement virtual identity federation by establishing...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.