The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cyber-physical systems (CPS) are interconnections of heterogeneous hardware and software components (e.g., sensors, actuators, physical systems/processes, computational nodes and controllers, and communication subsystems). Increasing network connectivity of CPS computational nodes facilitates maintenance and on-demand reprogrammability and reduces operator workload. However, such increasing connectivity...
In the recent years, we have observed the development of several connected and mobile devices intended for daily use. This development has come with many risks that might not be perceived by the users. These threats are compromising when an unauthorized entity has access to private big data generated through the user objects in the Internet of Things. In the literature, many solutions have been proposed...
Systems of systems (SoS) have been introduced in early 1990s in air traffic control domain, defense and information technologies. Systems like this contain a set of components, being systems itself, with constituent components retaining operational independence. The definition and configuration of SoS have evolutionary nature and emergent behavior is one of the many important characteristics to be...
Version control systems (VCSs) have almost become the de facto standard for the management of open-source projects and the development of their source code. In VCSs, source code which can potentially be vulnerable is introduced to a system through what are so called commits. Vulnerable commits force the system into an insecure state. The farreaching impact of vulnerabilities attests to the importance...
Network virtualization provides a flexible solution to reduce costs, share network resources and improve recovery time upon failure. An important part of virtual network management consists in migrating them in order to optimize resource allocation and react to link failures. However, the migration process might entail the loss of security properties in the virtual network, such as confidentiality...
Cloud providers have an incomplete view of their hosted virtual infrastructures managed by a Cloud Management System (CMS) and a Software Defined Network (SDN) controller. For various security reasons (e.g. isolation verification, modeling attack paths in the network), it is necessary to know which virtual machines can interact via network protocols. This requires building a connectivity graph between...
In this work, information security of a cooperative wireless communication system over three-phase amplify-and-forward (AF) two-way relaying channels is investigated. A relay power allocation scheme is proposed to improve secrecy capacity of the system. We first derive the secrecy rate expression for the basic scenario which consists of one source, one destination, one single relay, and an eavesdropper...
Over the years, system calls (syscalls) have become an increasingly popular data source for host intrusion detection systems (HIDS). This is partly due to their strong security semantic implications. As syscalls conform to a program's control-flow graph, a deviation in a syscall sequence may imply a deviation in a program's control-flow graph. This is useful for detecting the control-flow hijacking...
Mobile tactical networks (MTNs) in military communications extend the capabilities of mobile ad-hoc networks (MANETs). The MTNs are dynamic, infrastructureless, self-forming and self-healing systems designed for non-line-of-sight (NLOS) operations using multi-hop relaying. Unlike their commercial counterparts, MTNs have to offer much higher levels of security, jamming resistance, and service robustness...
Tire Pressure Monitoring Systems (TPMS) offer real-time diagnostics of the status of a vehicle's tires via a wireless communications link back to the vehicle. These links, which provide data, mandated by the NHTSA, generally possess low security/low privacy, leading to a demonstrated potential for spoofing attacks or tracking a person/vehicle through the unencrypted emission of the tire's unique identifier...
Sophisticated cyber attacks by state-sponsored and criminal actors continue to plague government and industrial infrastructure. Intuitively, partitioning cyber systems into survivable, intrusion tolerant compartments is a good idea. This prevents witting and unwitting insiders from moving laterally and reaching back to their command and control (C2) servers. However, there is a lack of artifacts that...
Nowadays the importance of the term DevOps (Developer Operations) has increased around the world, and Mexico is not the exception. This paper describes the implementation of information security and risk management best practices in a DevOps approach established in a Data Center of a large government organization of Mexico. The DevOps approach with security and risk management practices was named...
Threats within the network are a security risk with which you deal daily. Due to this, the use of more complex means of security than the Firewall should be considered to perform the analysis of the traffic behavior of the network by means of devices of next generation such as Systems of Detection and Prevention of Intrusions (IDPS). This article presents a comparison of commercial systems and open...
Physical layer security is becoming a promising technology to face the security challenges of diversified and rapidly-growing wireless applications. In this paper, we propose a three-hop secure Orthogonal Frequency Division Multiplexing (OFDM) transmission protocol for the wireless networks with untrusted relays. In the proposed protocol, instead of exploiting the degree of freedom over spatial domain...
The use of Bluetooth Low Energy (BLE) recently became famous in crowd localization services. In this article we show that such service induces significant threats and we propose a scheme that achieves privacy preserving crowd localization. Crowd localization applications leverage all their users to perform periodic BLE scan and detect the nearby tracked devices. The users run a smartphone application...
Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users' privacy and security are significant and therefore the users' ability...
Intruder detection in a protected zone can be performed by the physical protection which acts within the object's perimeter and survey's it (patrols, monitoring screens of CCTV systems, etc.), but intruder detection can be also done using active protection elements. Active protection elements include alarm systems (electronic safety and distress alarm systems, CCTV security systems, system for control...
eHealth is a technology that is growing in importance over time, varying from remote access to Medical Records, such as Electronic Health Records (EHR), or Electronic Medical Records (EMR), to real-time data exchange from different on-body sensors coming from different patients. With this huge amount of critical data being exchanged, problems and challenges arise. Privacy and confidentiality of this...
The IoT is a technology that enables the inter-connection of smart physical and virtual objects and provides advanced services. Objects or things are generally constrained devices which are limited by their energy, computing and storage capacity. A Wireless Sensor Networks (WSN) is a network composed of devices managed by a CPAN (Personal Area Network Coordinator). The network is used in order to...
Internet of Things (IoT) is slowly but steadily becoming part of different aspects of our lives, with its applications ranging from smart homes, to wearable devices, to healthcare, etc. This wide spectrum of applications results in shared data containing large amount of users' private information. The security of such information becomes a paramount concern. The IoT security requirements include data...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.