The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In 2005, an extensive taxonomy of threats for VoIP was published by a prominent industry group. Strangely, this taxonomy does not identify stegocommunication as a threat, even though many steganographic channels have been identified in VoIP protocols. To avoid such security gaps in the future, we argue that stegocommunication should be added to the traditional list of network threats: interruption,...
The goal of trusted computing proposed by TCG is to enhance the security of platform by the way of integrity measurement. TPM is a tamper-resistant hardware module designed to provide robust security capabilities like remote attestation and sealed storage for the trusted platform. But TPM has its limitation. It can't be directly used in common PC current in use. A portable TPM device is proposed and...
Voice over Internet protocol is the ability of transmitting voice using the Internet protocol. This paper addresses an introduction to VoIP, threats of VoIP and studies previous works of secure VoIP. We also propose practical implementations for securing VoIP by using Java and Android. Finally we give security analysis of our implementation and analyze different protocols involved in making VoIP more...
So far, most existing protocol test generation methods are concentrated on complete protocol test, when aiming at some specific TP (test purpose),a mount of unnecessary test cases are generated because of the limitation of these methods. In this paper a method of TTCN (Tree and Tabular Combined Notation) test case generation based on TP description is proposed, in which according to non-formal TP,...
In an overview paper called State of the Art: Embedding Security in Vehicles, Wolf et al. give a general state-of- the-art overview of IT security in vehicles and describe core security technologies and relevant security mechanisms. In this paper we show that a formal analysis of many of the related properties is possible. This indicates that many expected aspects in the design of vehicular security...
Security configuration files are created and edited as text files. These files are the essential definition and control of the behavior of security devices. Despite their significant size, complexity, and the possibility of interaction between entries, no visually sophisticated tools exist that explicitly capture and visualize problematic interactions between rules to aid in the comprehension and...
Cyber-physical energy systems require the integration of a heterogeneous physical layers and decision control networks, mediated by decentralized and distributed local sensing/actuation structures backed by an information layer. With the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) [1] requirements and president's visions of more secure, reliable...
In contrast with the simple and elegant concept of global computing, also called ubiquitous computing - where daily life objects get now computing capacity and interact among them to provide a wide range of services to users - a major difficulty is arising with the software engineering process to develop applications for these devices. This article discusses the additional parameters that should be...
E-commerce (EC) over open devices and networks poses security challenges of a new dimension. This article presents a multi-party contract signing (MPCS) protocol to demonstrate how to apply the secure EC protocols to trading terminals supported by trusted computing (TC) technology. The protocol here reduces the number of rounds to two and the message transmission number to O(n2), which is the best...
Ceremonies are a useful tool to establish trust in scenarios where protocols operate. They describe a greater range of issues not taken into account by protocol designers. We take an already-designed protocol and ceremony for a key management protocol operating in a Public-Key Infrastructure environment and test it using a formal method. The ceremonies were analysed to test human peerspsila cognition...
The overhead caused by virtualization makes it difficult to apply VM in the applications which require high degrees of both performance isolation and efficiency, such as the high performance computing. In this paper, we present a lightweight virtual machine, named Solo. It simplifies the design of VMM greatly by making most privileged instructions bypass the VMM, except the I/O operations. Solo allows...
Currently network security of institutions highly depend on firewalls, which are used to separate untrusted network from trusted one by enforcing security policies. Security policies used in firewalls are ordered set of rules where each rule is represented as a predicate and an action. This paper proposes modeling of firewall rules via directed acyclic graphs (DAG), from which test cases can be automatically...
The paper offers tree-structured connectivity between the peer entities over an infrastructure network as an abstraction to embody the application-oriented processing functions on peer-to-peer information flows. Tree reconfigurations are triggered when failures or security violations occur in the connectivity path between the peer nodes (e.g., increase in path delays, DOS attack on a node). Reconfigurations...
As the use of Internet is being generalized, the security problems about data transfer are rearing up as the important issue. There are many security protocols to solve the problems and the SSL (secure socket layer) protocol is the most widely used one among them. While the SSL protocol is designed to defend the client from active attacks such as message forgery and message alteration, the cipher...
Wireless networks are being used increasingly in industrial, health care, military and public-safety environments. In these environments security is extremely important because a successful attack against the network may pose a threat to human life. To secure such wireless networks against hostile attack requires both preventative and detective measures.In this paper we propose a novel intrusion detection...
Considerable research has been done on different aspects of sensor networks. However management issues for these devices are still little explored. Nonetheless, with the increasing number of heterogeneous distributed sensors in various application domains, their management gains more and more importance, in particular for domains where requirements in terms of quality service, reliability, security...
Due to the spreading of SMS services and appearing of new business models, value-added SMS services have been introduced. According to the research results about wide distribution of security incidents on ICT systems worldwide, in spite of known security solutions, there is a necessity for organizational approach to implement security. This paper presents research and development efforts in building...
In recent years, there has been a tremendous increase in the usage of IT based systems in vehicles, with predictions that in the near future, more than 90% of innovations in the automotive sector will be centered on IT software and hardware. However, innovation also means that intellectual property (IP) is created, which is valuable to third (potentially) untrusted and malicious parties. In particular,...
The coordination and scheduling of affiliated tasks to be run at different sites is a challenging problem, specifically in the domain of network performance monitoring. This paper presents a software implementation of the probes coordination protocol (PCP) which provides a solution to this problem. The PCP allows tasks to be executed regularly on a multitude of sites without the need for repeated...
File sharing is a common practice since the introduction of computer networks. It involves using technology that allows network users to share files that are stored on their individual computers. Peer-to-peer or simply P2P applications, such as those used to share multimedia files, are some of the most common forms of file-sharing technology. However, P2P applications are vulnerable to security risks...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.