5,054 research outputs found
Secure Communication using Identity Based Encryption
Secured communication has been widely deployed to guarantee confidentiality and\ud
integrity of connections over untrusted networks, e.g., the Internet. Although\ud
secure connections are designed to prevent attacks on the connection, they hide\ud
attacks inside the channel from being analyzed by Intrusion Detection Systems\ud
(IDS). Furthermore, secure connections require a certain key exchange at the\ud
initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements
e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices
To facilitate monitoring and management, modern Implantable Medical Devices
(IMDs) are often equipped with wireless capabilities, which raise the risk of
malicious access to IMDs. Although schemes are proposed to secure the IMD
access, some issues are still open. First, pre-sharing a long-term key between
a patient's IMD and a doctor's programmer is vulnerable since once the doctor's
programmer is compromised, all of her patients suffer; establishing a temporary
key by leveraging proximity gets rid of pre-shared keys, but as the approach
lacks real authentication, it can be exploited by nearby adversaries or through
man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one
of the most important design goals, few schemes explore to lower the
communication and computation overhead all at once. Finally, how to safely
record the commands issued by doctors for the purpose of forensics, which can
be the last measure to protect the patients' rights, is commonly omitted in the
existing literature. Motivated by these important yet open problems, we propose
an innovative scheme e-SAFE, which significantly improves security and safety,
reduces the communication overhead and enables IMD-access forensics. We present
a novel lightweight compressive sensing based encryption algorithm to encrypt
and compress the IMD data simultaneously, reducing the data transmission
overhead by over 50% while ensuring high data confidentiality and usability.
Furthermore, we provide a suite of protocols regarding device pairing,
dual-factor authentication, and accountability-enabled access. The security
analysis and performance evaluation show the validity and efficiency of the
proposed scheme
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Recommended from our members
A multi-agent architecture for electronic payment
The Internet has brought about innumerable changes to the way enterprises do business. An essential problem to be solved before the widespread commercial use of the Internet is to provide a trustworthy solution for electronic payment. We propose a multi-agent mediated electronic payment architecture in this paper. It is aimed at providing an agent-based approach to accommodate multiple e-payment schemes. Through a layered design of the payment structure and a well-defined uniform payment interface, the architecture shows good scalability. When a new e-payment scheme or implementation is available, it can be plugged into the framework easily. In addition, we construct a framework allowing multiple agents to work cooperatively to realize automation of electronic payment. A prototype has been built to illustrate the functionality of this design. Finally we discuss the security issues
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
- …