The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Broadcast Searchable Keywords Encryption (BSKE) is a novel scheme that allows searching in encrypted data without knowing a secret key. Consider Bob wants to encrypt the same data under master public key for a group of users and stores this encrypted data with Alice, Malice is one of those recipients he asks Alice using his private key whether or not she has stored encrypted data, then Alice will...
Cloud storage is now an important development trend in information technology. However, information security has become an important problem to impede it for commercial application, such as data confidentiality, integrity, and availability. In this paper, we revisit the two private PDP schemes. We show that the property of correctness cannot be achieved when active adversaries are involved in these...
Eduroam is the world-wide de-facto standard Wireless LAN (WLAN) roaming system for research and educational institutions. In the current eduroam system, many institutions authenticate users by ID and password. However, the demands for authentication by client certificates are increasing for higher security and usability reasons. High complexity in the certificate issuing and distribution process at...
Eduroam, the world-wide roaming system for research and educational institutions, has several shortcomings such as unstable and slow user authentication and weakness against network/proxy failures. We propose a disruption-tolerant authentication architecture based on the combination of certificate-based authentication and the centralized authentication system called Delegate Authentication System...
In 2009, researchers released details of a vulnerability in the SSL and TLS protocols that could allow Man-in-the-Middle attacks to be carried out. IETF published countermeasures with unprecedented speed as RFC5746, however server-side implementations are not deployed because of problems in business such as the loss of opportunities and backward compatibilities. An efficient DOS attack tool using...
In CP-ABE systems [1], attributes describe user's credentials and policies describe who can decrypt data from the server. Many researches have been conducted in Personal Health Records (PHR) to facilitate the mediation and direct connection of patient to different users (physicians, family members and clinic agents) through network. Ciphertext Policy Attribute-based Encryption mechanism is used to...
This article discussed several types of authentication and mainly introduced the authentication system based on digital certificates. As the authentication system integrated with gateway introduced in this article, we described the design of the authentication mechanism based on digital certificates, the certification process as well as specifics.
Personnel identification is everyday struggle between each individual and security personnel. This is equally important on academic grounds where unauthorized individuals could access university resources and university research. We can assume that every academic individual poses university identification card that can be used for access to restricted areas, computers, library or cafeterias but this...
This essay proposes a new cross heterogeneous domain authentication model mainly based on PKI, and designs the details of authentication processes in different situations. The model achieves cross domain authentication between PKI domain and Kerberos domain effectively, and supports mutual authentications. Theoretical analysis shows that the proposed scheme has good compatibility, expansibility and...
This paper is about an application that tries to help people in their relations with their local government. Id EST: in many bureaucratic processes, citizens are required to provide copies of paper documents such as diplomas, birth certificates… Obviously, this kind of documents cannot be provided online. Using this application, users are able to provide the required documents on the internet and...
Online Social Networks (OSN) have become widely popular in recent years. OSN enable people to connect with their friends based on sharing information about their personal life. There are some serious privacy problems that need to be resolved in existing OSN: Firstly, there has to be a method to protect user-generated data from OSN providers. Secondly, a fully flexible and dynamic access control mechanism...
The core issue of deploying PKI always focuses on how to increase the issue efficiency of CRL (Certificate Revocation List) and decrease the deployment cost. Starting with the discussion on change of network structure for the traditional CRL issue mechanism, this paper adopted the dispersed P2P instead of the centralized Client/Server network structure and analyzed its issue efficiency. Finally we...
The core of large-scale PKI (Public Key Infrastructure) is digital certificate, while in the service of certificate, the existing factors of password disclosure and expiration will lead to the certificate invalidation. Presently, PKI Administration always adopts the method of Certificate Revocation List ('CRL') to summarize the invalidation certificate. However, the biggest bottleneck of CRL application...
To enable a rich attribute-based authorization system, it is desirable that a large number of user attributes are available, possibly provided by multiple entities. The user may be required to aggregate his attributes and present them to a service provider to prove he has the right to access some service. In this paper, we present AttributeTrust - a policy-based privacy enhanced framework for aggregating...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.