The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Due to its large penetration and ease of use, the web environment provides a platform that enables collaboration among people working on a joint topic. Regardless of the actual focus of collaborating groups, security is very often a key aspect of such an environment. Provision of the proper level of authentication and access control is a necessity in almost any real world deployment of collaborative...
Access control to online banking accounts is a very critical topic for the always-on emerging society. In order to avoid phising threats resulting from classical mechanisms dealing with login and password tuples, the deployment of two-factor authentication tokens generating One Time Password (OTP) is recommended by many governmental organizations. A procedure based on EMV credit cards (the Chip Authentication...
Information security has gained tremendous importance for energy distribution and energy automation systems over the last years. Standards like IEC61850 offer standardized communication services and standardized data models for communication in energy automation. IEC 61850 is flanked by the standard IEC 62351 that especially addresses security and specifies technical requirements which have to be...
Usage control model (UCON) is based on the idea that attributes required for decision-making can be changed over a period of usage. Since it is not always possible to get a fresh and trustworthy value of attributes, a decision has to be done with some uncertainties in mind. Moreover, modern systems become more distributed and dynamic and this evolution aggravates the problem. Such trend demands for...
This paper conducts a comprehensive analysis of the security of LAN-based Educational Management Information System (EMIS), and proposes security policies and methods required by the system. Meanwhile, it adopts system permission allocation, user authentication, record tracking, protocol auditing, data backup, disaster recovery, warning system and other technologies to design a multi-layered database...
In today's global world, more and more corporations are bound to have an internet presence. This has led to a significant increase in network attacks of all kinds. Firewalls are used to protect organization networks against these attacks. Firewall design is based on a set of filtering rules. Because of the nature of these rules, and due to the rising complexity of security policies, errors are introduced...
This paper analyzes the processes of the mobile payment, and proposes that secure communication between user mobile terminal and mobile payment platform is the key element of the mobile payment system. Then it presents a TTP-based security mobile payment model and from the two aspects secure including authentication and information transmission it analyzes security policy of the model that can achieve...
In the security community, one main focus has been devoted to the enhancement of access control approaches with new authentication and authorization capabilities with the server to restrict others' ability. However, in the peer-to-peer (P2P) networks, no such centralized server exists, especially for the pure P2P, and the peers have to interact with unfamiliar peers. To prevent or discourage peers...
Wireless Sensor Networks (WSN) represent a new dimension in the field of networking. In this paper, an improved Genetic Algorithm is applied to the design of high performance multi-path routing protocol of WSN at the first time. The Algorithm consists of two stages: single-parent evolution and population evolution. The initial population is formed in the stage of single-parent evolution by using gene...
In this paper, we introduce a secure communication protocol for tag authentication and data access authorization in EPCglobal Class 1 Generation 2 (EPC GEN-2) RFID systems. The proposed protocol adopts a process-oriented design to exploit the memory space at tag and backend server ends more efficiently. Based on the formal logic proof and protocol analysis, our scheme not only provides data confidentiality...
Wireless Networks based on WIFI or WIMAX become popular and are used in many places as compliment network to wired LAN to support mobility. There is performance issues associated with the usage of WLAN that put some restriction on adapting this technology everywhere. Securing the open access to avoid attacks at the physical and MAC layer with high speed performance during authentication is considered...
This paper propose a conception named Trusted Grid and design the model of it, which makes grid computing integrated with trusted computing. The model establishes the trusted grid field by trusted evaluation and adopts security strategy: identity authentication, digital signature, intrusion tolerant for improving on the security and reliability of new grid security and trust (NGST). In addition, this...
Enterprise search differs from Internet search in many ways. The overwhelming majority of information in an enterprise is unstructured. Together with information in relational and proprietary databases, these documents constitute the enterprise information ecosystem. The information in an enterprise is distributed. A centric search engine does not satisfy the security requirement in enterprise information...
Wireless sensor networks are widely used in a variety of commercial and military applications. As a fundamental requirement for providing security functionality in sensor networks, key management plays an essential role in authentication and encryption. In this paper, we propose a Refined Key Link Tree (RKLT) scheme that incorporates dirty key path into the key link tree-based group key management...
We present an optimization technique for model-based generation of test cases for firewalls. Starting from a formal model for firewall policies in higher-order logic, we derive a collection of semantics-preserving policy transformation rules and an algorithm that optimizes the specification with respect of the number of test cases required for path coverage. The correctness of the rules and the algorithm...
Alarming increase in identity theft cases calls for the use of secure authentication systems that can clearly distinguish between authorized users and unauthorized users who are in possession of valid security tokens or passwords. To this end, we propose a multi-factor authentication system using user-specific pseudo-random numbers and fingerprints to generate revocable and privacy preserving biometric...
In this paper, we present the Blocking Reader, a low-cost privacy protection device that prevents unauthorized reading of RFID tags. The promiscuous nature of the 18000-6C RFID tags poses a threat to personal security and privacy. Privately owned tags on a person can be read by all nearby readers without that person's consent or knowledge, thereby, violating that person's privacy. A low cost privacy...
Aiming at the security requirement of the Intranet that is different from Internet, an security architecture for Intranet is proposed. In physical layer and data link layer, based on network switch the intranet is divided into several parts separated from each other as required. In network layer, making use of the NAT gateway integrated in virtual server the intranet or its part is hidden to ensure...
Traditional key management techniques, such as public key cryptography or key distribution center (e.g., Kerberos), are often not effective for wireless sensor networks for the serious limitations in terms of computational power, energy supply, network bandwidth and defection of centra authority. In order to balance the security and efficiency, we propose a new scheme by employing LU Composition techniques...
To address the challenges in Web services security, the author firstly analyzed threats facing Web services and related security standards, presented integrated security framework based on use of authentication, authorization, confidentiality, and integrity mechanisms for Web services, and proposed how to integrate and implement these security mechanisms in order to make Web services robust against...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.