5,152 research outputs found
Secure Identification in Social Wireless Networks
The applications based on social networking have brought revolution towards social life and are continuously gaining popularity among the Internet users. Due to the advanced computational resources offered by the innovative hardware and nominal subscriber charges of network operators, most of the online social networks are transforming into the mobile domain by offering exciting applications and games exclusively designed for users on the go. Moreover, the mobile devices are considered more personal as compared to their desktop rivals, so there is a tendency among the mobile users to store sensitive data like contacts, passwords, bank account details, updated calendar entries with key dates and personal notes on their devices.
The Project Social Wireless Network Secure Identification (SWIN) is carried out at Swedish Institute of Computer Science (SICS) to explore the practicality of providing the secure mobile social networking portal with advanced security features to tackle potential security threats by extending the existing methods with more innovative security technologies. In addition to the extensive background study and the determination of marketable use-cases with their corresponding security requirements, this thesis proposes a secure identification design to satisfy the security dimensions for both online and offline peers. We have implemented an initial prototype using PHP Socket and OpenSSL library to simulate the secure identification procedure based on the proposed design. The design is in compliance with 3GPP‟s Generic Authentication Architecture (GAA) and our implementation has demonstrated the flexibility of the solution to be applied independently for the applications requiring secure identification. Finally, the thesis provides strong foundation for the advanced implementation on mobile platform in future
The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach
Wireless sensor networks consist of a large number of distributed sensor
nodes so that potential risks are becoming more and more unpredictable. The new
entrants pose the potential risks when they move into the secure zone. To build
a door wall that provides safe and secured for the system, many recent research
works applied the initial authentication process. However, the majority of the
previous articles only focused on the Central Authority (CA) since this leads
to an increase in the computation cost and energy consumption for the specific
cases on the Internet of Things (IoT). Hence, in this article, we will lessen
the importance of these third parties through proposing an enhanced
authentication mechanism that includes key management and evaluation based on
the past interactions to assist the objects joining a secured area without any
nearby CA. We refer to a mobility dataset from CRAWDAD collected at the
University Politehnica of Bucharest and rebuild into a new random dataset
larger than the old one. The new one is an input for a simulated authenticating
algorithm to observe the communication cost and resource usage of devices. Our
proposal helps the authenticating flexible, being strict with unknown devices
into the secured zone. The threshold of maximum friends can modify based on the
optimization of the symmetric-key algorithm to diminish communication costs
(our experimental results compare to previous schemes less than 2000 bits) and
raise flexibility in resource-constrained environments.Comment: 27 page
HUC-HISF: A Hybrid Intelligent Security Framework for Human-centric Ubiquitous Computing
制度:新 ; 報告番号:乙2336号 ; 学位の種類:博士(人間科学) ; 授与年月日:2012/1/18 ; 早大学位記番号:新584
IPv6 Network Mobility
Network Authentication, Authorization, and Accounting has
been used since before the days of the Internet as we know it
today. Authentication asks the question, “Who or what are
you?” Authorization asks, “What are you allowed to do?” And fi nally,
accounting wants to know, “What did you do?” These fundamental
security building blocks are being used in expanded ways today. The
fi rst part of this two-part series focused on the overall concepts of
AAA, the elements involved in AAA communications, and highlevel
approaches to achieving specifi c AAA goals. It was published in
IPJ Volume 10, No. 1[0]. This second part of the series discusses the
protocols involved, specifi c applications of AAA, and considerations
for the future of AAA
Cryptanalysis of an e_cient three-party password-based key exchange scheme
AbstractIn order to secure communications between two clients with a trusted server's help in public network environments, a three-party password-based authenticated key exchange (3PAKE) scheme is used to provide the transaction confidentiality and e_ciency. In 2010, Lou-Huang proposed a new simple three-party password-based authenticated key exchange (LH-3PAKE) scheme based on elliptic curve cryptography (ECC). By analysis, Lou-Huang claimed that the proposed LH- 3PAKE scheme is not only secure against various attacks, but also more e_cient than previously proposed 3PAKE schemes. However, this paper demonstrates LH-3PAKE scheme is vulnerable to o_-line password guessing attacks by an attacker
On Security Analysis of Recent Password Authentication and Key Agreement Schemes Based on Elliptic Curve Cryptography
Secure and efficient mutual authentication and key agreement schemes form the basis for any robust network communication system. Elliptic Curve Cryptography (ECC) has emerged as one of the most successful Public Key Cryptosystem that efficiently meets all the security challenges. Comparison of ECC with other Public Key Cryptosystems (RSA, Rabin, ElGamal) shows that it provides equal level of security for a far smaller bit size, thereby substantially reducing the processing overhead. This makes it suitable for constrained environments like wireless networks and mobile devices as well as for security sensitive applications like electronic banking, financial transactions and smart grids. With the successful implementation of ECC in security applications (e-passports, e-IDs, embedded systems), it is getting widely commercialized. ECC is simple and faster and is therefore emerging as an attractive alternative for providing security in lightweight device, which contributes to its popularity in the present scenario. In this paper, we have analyzed some of the recent password based authentication and key agreement schemes using ECC for various environments. Furthermore, we have carried out security, functionality and performance comparisons of these schemes and found that they are unable to satisfy their claimed security goals
Survey and Systematization of Secure Device Pairing
Secure Device Pairing (SDP) schemes have been developed to facilitate secure
communications among smart devices, both personal mobile devices and Internet
of Things (IoT) devices. Comparison and assessment of SDP schemes is
troublesome, because each scheme makes different assumptions about out-of-band
channels and adversary models, and are driven by their particular use-cases. A
conceptual model that facilitates meaningful comparison among SDP schemes is
missing. We provide such a model. In this article, we survey and analyze a wide
range of SDP schemes that are described in the literature, including a number
that have been adopted as standards. A system model and consistent terminology
for SDP schemes are built on the foundation of this survey, which are then used
to classify existing SDP schemes into a taxonomy that, for the first time,
enables their meaningful comparison and analysis.The existing SDP schemes are
analyzed using this model, revealing common systemic security weaknesses among
the surveyed SDP schemes that should become priority areas for future SDP
research, such as improving the integration of privacy requirements into the
design of SDP schemes. Our results allow SDP scheme designers to create schemes
that are more easily comparable with one another, and to assist the prevention
of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications
Surveys & Tutorials 2017 (Volume: PP, Issue: 99
Internet of robotic things : converging sensing/actuating, hypoconnectivity, artificial intelligence and IoT Platforms
The Internet of Things (IoT) concept is evolving rapidly and influencing newdevelopments in various application domains, such as the Internet of MobileThings (IoMT), Autonomous Internet of Things (A-IoT), Autonomous Systemof Things (ASoT), Internet of Autonomous Things (IoAT), Internetof Things Clouds (IoT-C) and the Internet of Robotic Things (IoRT) etc.that are progressing/advancing by using IoT technology. The IoT influencerepresents new development and deployment challenges in different areassuch as seamless platform integration, context based cognitive network integration,new mobile sensor/actuator network paradigms, things identification(addressing, naming in IoT) and dynamic things discoverability and manyothers. The IoRT represents new convergence challenges and their need to be addressed, in one side the programmability and the communication ofmultiple heterogeneous mobile/autonomous/robotic things for cooperating,their coordination, configuration, exchange of information, security, safetyand protection. Developments in IoT heterogeneous parallel processing/communication and dynamic systems based on parallelism and concurrencyrequire new ideas for integrating the intelligent “devices”, collaborativerobots (COBOTS), into IoT applications. Dynamic maintainability, selfhealing,self-repair of resources, changing resource state, (re-) configurationand context based IoT systems for service implementation and integrationwith IoT network service composition are of paramount importance whennew “cognitive devices” are becoming active participants in IoT applications.This chapter aims to be an overview of the IoRT concept, technologies,architectures and applications and to provide a comprehensive coverage offuture challenges, developments and applications
- …