The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The use of cloud technology is continually expanding. Yet, in many scenarios the adoption of an external cloud service provider may be a worry for data confidentiality since it leads to a partially loss of control over data. One of the solutions for letting users put trust in a provider is the use of encryption to protect data. EncSwift [1] is a solution that provides transparent support for the encryption...
Ongoing research in the field of positioning in cellular devices has led to several Location Based Services (LBSs) and its application flooding the market. However, these applications are neglecting user privacy in order to generate highly accurate results for user queries. While most traditional Location Based Service use the K-anonymity principle to blur user?s exact location information, these...
Machine learning has widely been used in crowdsourcing systems to analyze the behavior of their mobile users. However, it naturally raises privacy concerns, as personal data needs to be collected and analyzed in the cloud, and results need to be sent back to the users to improve their local estimates. In this paper, we focus on the use of a specific type of learning algorithms, called maximum a posteriori...
Cloud computing is a technology that facilitates numerous configurable resources in which the data is stored and managed in a decentralized manner. However, since the data is out of the owner's control, concerns have arisen regarding data confidentiality. Encryption techniques have previously been proposed to provide users with confidentiality in terms of outsource storage; however, many of these...
This paper contains an analysis of the payload of the popular ransomware for Windows, Android, Linux, and MacOSX platforms. Namely, VaultCrypt (CrypVault), TeslaCrypt, NanoLocker, Trojan-Ransom.Linux.Cryptor, Android Simplelocker, OSX/KeRanger-A, WannaCry, Petya, NotPetya, Cerber, Spora, Serpent ransomware were put under the microscope. A set of characteristics was proposed to be used for the analysis...
Internet of things (IoT) is internetworking of various physical devices to provide a range of services and applications. IoT is a rapidly growing field, on an account of this; the security measurements for IoT should be at first concern. In the modern day world, the most emerging cyber-attack threat for IoT is ransomware attack. Ransomware is a kind of malware with the aim of rendering a victim's...
PUFs or Physically Unclonable Functions are emerging hardware security primitives that offer a lightweight alternative to standard security for highly restricted devices like RFIDs. PUFs, however, have been found to be vulnerable to modeling attacks and as such PUF-based authentication protocols had to employ cryptographic primitives to establish reliable security. We introduce a novel lightweight,...
In this work the wireless networks security algorithms were analyzed. The fundamentals of the WPA and WPA2 safety algorithms, their weaknesses and ways of attacking WPA and WPA2 Enterprise Wireless Networks are described. Successful attack on the WPA2-PSK and WPA2-Enterprise was carried out during the performance of work. The progress of this attack and its results were described.
This paper discusses how to add privacy features to the Janus WebRTC media server and gateway. In order to do so, we embrace a standard approach, by leveraging work currently ongoing within the IETF PERC working group. PERC stands for Privacy Enhanced RTP Conferencing and is aimed at enabling centralized real-time conferencing in a scenario where the central media forwarding entity is not required...
Digital signature is a term that use a key pair of user for sign and verify a document. People can create their digital signature using biometric technology. Biometric technology is a concept that allows people to doing an digitally authentication using their bodies, for example by using their fingerprint. Now, fingerprint biometric technology system was available in some smartphone product, so that...
LoRaWAN is a LPWAN (Low Power Wide Area Network) technology used in a large variety of Internet of Things (IoT) applications. The paper addresses the security concerns of data protection and data privacy in sensor networks that make use of the LoRaWAN (Long-Range Wide Area Network) protocol specification. In this context, this paper performs an in-depth analysis of the security aspects in LoRaWAN...
The proliferation of cloud computing highlights the importance of techniques that allow both securing sensitive data and flexible data management at the same time. One line of research with this double motivation is the study of Searchable Symmetric Encryption (SSE) that has provided several outstanding results in the recent years. These solutions allow sublinear keyword search in huge databases by...
A new method of proxy re-encryption using rectangular integer matrices as the private keys is described. The technique uses modular arithmetic to limit the size of the elements of the key matrices and also to provide resistance to cryptanalysis attack.
It is estimated that, nowadays, around 40 records containing private data are leaked every second. Many of these illegally obtained records are due to the lack of security measures taken into consideration. One of the biggest mistakes that can be done, when it comes to data security, is to store data in plaintext, because a vulnerability that gives an attacker access to the database may result in...
With the advent of cloud computing more and more IT and business organizations are migrating to cloud for its entrancing features of computing and storage infrastructure. At the same, security, privacy of cloud computing is not at satisfactory level. To make things worse, clouds inherent nature brought new set of security issues. Specially, the cloud storage causes dilemma between two important factors:...
This work presents security solutions related to multi-sensor closed-loop artificial pancreas (AP) systems. The proposed AP system is built on a heterogeneous platform incorporating a smartphone, activity sensors, a glucose monitor, an insulin pump, a laptop hosting the multi-variable control algorithm and a cloud server. Developing a secure AP system is essential for mass adoption among diabetes...
We propose the first user authentication and key exchange protocols that can tolerate strong corruptions on the client-side. If a user happens to log in to a server from a terminal that has been fully compromised, then the other past and future user's sessions initiated from honest terminals stay secure. We define the security model for Human Authenticated Key Exchange HAKE) protocols and first propose...
In this paper we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on the encrypted outsourced data. One limitation...
We investigate the use of the SPDZ multiparty computation platform to facilitate secure cloud storage of graphstructured data such as telecommunications metadata. We report on an implementation of a simple scheme for answering adjacency, nearest-neighbour and second-hop queries. Our solution hides the data, the query and the answer from the cloud servers unless they all collude to recover them.
Since the Information Networks are added to the current electricity networks, the security and privacy of individuals is challenged. This combination of technologies creates vulnerabilities in the context of smart grid power which disrupt the consumer energy supply. Methods based on encryption are against the countermeasures attacks that have targeted the integrity and confidentiality factors. Although...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.