The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The number of web services available on the Internet has grown rapidly. Service consumers face a hard decision over which service to choose among the available ones. Security holds a key after various vulnerabilities have been exploited by attackers on number of notable web services. This paper carries out a survey on how security has been expressed and promised for web services, through both the...
A multitude of issues affect the broader adoption of Cloud computing, with the perceived lack of trust on the Cloud Service Providers (CSPs) often listed as a significant concern. To address this, CSPs typically set up Service Level Agreements (SLAs) that contractually list what the CSP is obligated to provide to meet the customer requirements. While SLAs are promising as a concept, the inadequacy...
Nowadays, when someone wants to make a payment with a smartcard, the user has to enter a pin code to be identified. Only biometrics is able to authenticate a user; yet biometric information is sensitive. To ensure the security and privacy of biometric data, OCC (On-Card-Comparison) has been proposed. This approach consists in storing biometric data in a secure zone on a smartcard and computing the...
Opportunistic Networks (Oppnets) are the recent evolution of Mobile Ad hoc Networks (MANETs), where an end to end path from the source to the destination does not exist, or exists for a very small amount of time. That is, the connections between the nodes are often intermittent, and the power of the nodes may go up or down. This paper aims at improving the forwarding strategy in the Epidemic routing...
Grid computing systems are complex and dynamic systems and therefore require appropriate automated management, which would enable stable and reliable operation of the whole grid environment. The research community has addressed this requirement with a number of monitoring frameworks, which serve to collect data at various levels to support decision taking and management activities within grids. However,...
Hardware security has emerged as an important field of study aimed at mitigating issues such as integrated circuit (IC) piracy and counterfeiting. One popular solution for such hardware security attacks are physically unclonable functions (PUF) which provide a hardware specific unique identification based on intrinsic process variations within individual integrated circuit implementations. At the...
The extensive use of cloud services by both individual users and organizations induces several security risks. The risk perception is higher when Cloud Service Providers (CSPs) do not clearly state their security policies and/or when such policies do not directly match user-defined requirements. Security-oriented Service Level Agreements (Security SLAs) represent a fundamental means to encourage the...
To provide timely feedbacks to users, nearly every respectable Internet service now imposes a password strength meter (PSM) upon user registration or password change. It is a rare bit of good news in password research that well-designed PSMs do help improve the strength of user-chosen passwords. However, leading PSMs in the industrial world (e.g., Zxcvbn, KeePSM and NIST PSM) are mainly composed of...
Although security starts to be taken into account during software development, the tendency for source code to contain vulnerabilities persists. Open source static analysis tools provide a sensible approach to mitigate this problem. However, these tools are programmed to detect a specific set of vulnerabilities and they are often difficult to extend to detect new ones. WAP is a recent popular open...
Usually, the most critical modules of the system receive extra attention. But even these modules might be too large to be thoroughly inspected so it is useful to know where to apply the majority of the efforts. Thus, knowing which code changes are more prone to contain vulnerabilities may allow security experts to concentrate on a smaller subset of submitted code changes. In this paper we discuss...
Security issues of cloud computing environments are considered a major challenge for its full adoption. A Service Level Agreement (SLA) corroborates the shared management vision provided by the cloud computing paradigm, which can assist with related security issues. The necessity to address security requirements in cloud computing SLAs is considered important for both providers and consumers, along...
Information Technology (IT) is continuously evolving at faster rate and enterprises are always trying to keep pace with the changes. So do the threats. As the complexity of IT increase, the unprecedented threat environment and security challenges also have increased multi fold over the years. Security Managers are continuously having challenging task not only protecting their company but also convincing...
Mobile computing proved to be essential in today's cyber communications. However, entities in mobile computing are known of having limited energy, physical, and logical resources. This imposes various challenges that greatly affect communication quality and performance of those mobile entities, especially when applying computationally-intensive security measures that are essential for protecting the...
Contrary to traditional evolutionary models of complex networks a novel consideration with two-formation & degradation — phases has been proposed. To clarify which of the stages of the phases are more sensible the evolving network has been put to simulated attacks. A novel integral vulnerability metrics has been proposed which demonstrated strong dependence on the network growth rate of the stage...
Microtasking as one of the crowdsourcing models has found penetration mostly in developed nations and is slowly making inroads in developing nations. It has been used for quickly solving a myriad of social and business challenges by tapping into the diversity of the unknown crowd. Nevertheless, there are still a number of research challenges that are found in various microtasking initiatives, such...
Preliminary experiment design and research goals are presented to measure the applicability of restricted computational complexity environments in general purpose development efforts. The Linux kernel is examined through the lens of LangSec in order to gain insight into the make-up of the kernel code vis-à-vis the complexity class of recognizer for input to each component on the Chomsky Hierarchy...
Attacks on critical infrastructures are beginning to increase in number and severity. They are often initiated by highly skilled attackers, who are capable of deploying advanced attacks to exfiltrate data or even to cause physical damage. In this paper, we re-visit the rationale for protecting against cyber attacks and propose a framework to monitor, detect and evaluate anomalous behaviour within...
Linear layers are crucial building blocks in the design of lightweight block ciphers, since they perform the dual task of providing the much needed diffusion, while also ensuring minimal hardware cost for implementation. Although a number of lightweight block ciphers with parsimoniously designed linear layers have been proposed in cryptographic literature, there is limited work on generic construction...
Recently extensive works have been devoted to the performance analysis of physical layer security in wireless communication systems. However, the combination of physical layer security and quality of service (QoS) for route selection in multi-hop wireless ad hoc networks (WANETs) still remains an open technical challenge. As an initial step towards this end, this paper focuses on a multi-hop WANET...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.