140,071 research outputs found
A Component-Based Approach for Securing Indoor Home Care Applications
eHealth systems have adopted recent advances on sensing technologies together with advances in information and communication technologies (ICT) in order to provide people-centered services that improve the quality of life of an increasingly elderly population. As these eHealth services are founded on the acquisition and processing of sensitive data (e.g., personal details, diagnosis, treatments and medical history), any security threat would damage the public's confidence in them. This paper proposes a solution for the design and runtime management of indoor eHealth applications with security requirements. The proposal allows applications definition customized to patient particularities, including the early detection of health deterioration and suitable reaction (events) as well as security needs. At runtime, security support is twofold. A secured component-based platform supervises applications execution and provides events management, whilst the security of the communications among application components is also guaranteed. Additionally, the proposed event management scheme adopts the fog computing paradigm to enable local event related data storage and processing, thus saving communication bandwidth when communicating with the cloud. As a proof of concept, this proposal has been validated through the monitoring of the health status in diabetic patients at a nursing home.This work was financed under project DPI2015-68602-R (MINECO/FEDER, UE), UPV/EHU under project PPG17/56 and GV/EJ under recognized research group IT914-16
Development of a security network (SECNET) based on integrated services digital network (ISDN)
The progress in the computing and communication industries together with the fast evolution of the semiconductor industry has made possible advances in the communications field. These advances have been used by other related applications to improve the services that they bring about. On the other hand, business crimes have increased three digits orders of magnitude in one decade, making from 20% to 30% of small businesses fail. These conditions demand new solutions to make security systems more reliable and efficient.
The present work combines ISDN as a network with a security system to create a security network (SECNET). It will create intelligent and distributed security devices that communicate information from different places to a main security office by using the ISDN lines available at the premises. This work also introduces a new idea of individual equipment protection
Multiprotocol Authentication Device for HPC and Cloud Environments Based on Elliptic Curve Cryptography
Multifactor authentication is a relevant tool in securing IT infrastructures combining two or
more credentials. We can find smartcards and hardware tokens to leverage the authentication process,
but they have some limitations. Users connect these devices in the client node to log in or request access
to services. Alternatively, if an application wants to use these resources, the code has to be amended
with bespoke solutions to provide access. Thanks to advances in system-on-chip devices, we can
integrate cryptographically robust, low-cost solutions. In this work, we present an autonomous device
that allows multifactor authentication in client–server systems in a transparent way, which facilitates
its integration in High-Performance Computing (HPC) and cloud systems, through a generic gateway.
The proposed electronic token (eToken), based on the system-on-chip ESP32, provides an extra layer
of security based on elliptic curve cryptography. Secure communications between elements use
Message Queuing Telemetry Transport (MQTT) to facilitate their interconnection. We have evaluated
different types of possible attacks and the impact on communications. The proposed system offers an
efficient solution to increase security in access to services and systems.Spanish Ministry of Science, Innovation and Universities (MICINN)
PGC2018-096663-B-C44European Union (EU
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
- …