8,607 research outputs found
Performance analysis of a security architecture for active networks in Java
Internacional Association of Science and Technology for Development - IASTED, Benalmadena, Spain: 8-10 Septiembre, 2003.Active network technology supports the deployment and execution on the fly of new active services, without interrupting the network operation. Active networks are
composed of special nodes (named Active Router) that are able to execute active code to offer the active services. This technology introduces some security threats that must be solved using a security architecture. We have developed a security architecture (ROSA) for an active network platform (SARA). Java has been used as
programming language in order to provide portability, but it imposes some performance limitations. This paper analyses the penalty of using Java and proposes some mechanisms to improve the performance of cryptographic
implementations in Java.Publicad
Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges
Vehicular Communication (VC) systems are on the verge of practical
deployment. Nonetheless, their security and privacy protection is one of the
problems that have been addressed only recently. In order to show the
feasibility of secure VC, certain implementations are required. In [1] we
discuss the design of a VC security system that has emerged as a result of the
European SeVeCom project. In this second paper, we discuss various issues
related to the implementation and deployment aspects of secure VC systems.
Moreover, we provide an outlook on open security research issues that will
arise as VC systems develop from today's simple prototypes to full-fledged
systems
Scalable and Secure Aggregation in Distributed Networks
We consider the problem of computing an aggregation function in a
\emph{secure} and \emph{scalable} way. Whereas previous distributed solutions
with similar security guarantees have a communication cost of , we
present a distributed protocol that requires only a communication complexity of
, which we prove is near-optimal. Our protocol ensures perfect
security against a computationally-bounded adversary, tolerates
malicious nodes for any constant (not
depending on ), and outputs the exact value of the aggregated function with
high probability
On the Use of Key Assignment Schemes in Authentication Protocols
Key Assignment Schemes (KASs) have been extensively studied in the context of
cryptographically-enforced access control, where derived keys are used to
decrypt protected resources. In this paper, we explore the use of KASs in
entity authentication protocols, where we use derived keys to encrypt
challenges. This novel use of KASs permits the efficient authentication of an
entity in accordance with an authentication policy by associating entities with
security labels representing specific services. Cryptographic keys are
associated with each security label and demonstrating knowledge of an
appropriate key is used as the basis for authentication. Thus, by controlling
the distribution of such keys, restrictions may be efficiently placed upon the
circumstances under which an entity may be authenticated and the services to
which they may gain access.
In this work, we explore how both standardized protocols and novel
constructions may be developed to authenticate entities as members of a group
associated to a particular security label, whilst protecting the long-term
secrets in the system. We also see that such constructions may allow for
authentication whilst preserving anonymity, and that by including a trusted
third party we can achieve the authentication of individual identities and
authentication based on timestamps without the need for synchronized clocks
"On the Road" - Reflections on the Security of Vehicular Communication Systems
Vehicular communication (VC) systems have recently drawn the attention of
industry, authorities, and academia. A consensus on the need to secure VC
systems and protect the privacy of their users led to concerted efforts to
design security architectures. Interestingly, the results different project
contributed thus far bear extensive similarities in terms of objectives and
mechanisms. As a result, this appears to be an auspicious time for setting the
corner-stone of trustworthy VC systems. Nonetheless, there is a considerable
distance to cover till their deployment. This paper ponders on the road ahead.
First, it presents a distillation of the state of the art, covering the
perceived threat model, security requirements, and basic secure VC system
components. Then, it dissects predominant assumptions and design choices and
considers alternatives. Under the prism of what is necessary to render secure
VC systems practical, and given possible non-technical influences, the paper
attempts to chart the landscape towards the deployment of secure VC systems
ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys
Sensor networks have many applications in monitoring and controlling of environmental properties such as sound, acceleration, vibration and temperature. Due to limited
resources in computation capability, memory and energy, they are vulnerable to many kinds of attacks. The ZigBee specification based on the 802.15.4 standard, defines a set of layers specifically suited to sensor networks. These layers support secure messaging using symmetric cryptographic. This paper presents two different ways for grabbing the cryptographic key in ZigBee: remote attack and physical attack. It also surveys and categorizes some additional attacks which can be performed on ZigBee networks: eavesdropping, spoofing, replay and DoS attacks at different layers. From this analysis, it is shown that some vulnerabilities still in the existing security schema in ZigBee technology.Les xarxes de sensors tenen moltes aplicacions en el control i la monitoritzaciĂł de les propietats del medi ambient, com ara el so, lÂżacceleraciĂł, la vibraciĂł i la temperatura. A causa dels limitats recursos en la capacitat de cĂ lcul, la memĂČria i l'energia sĂłn vulnerables a molts tipus d'atacs. L'especificaciĂł ZigBee basada en l'estĂ ndard 802.15.4, defineix un conjunt de capes, adaptada especĂficament per a xarxes de sensors. Aquestes capes suporten missatgeria segura mitjançant criptografia simĂštrica. Aquest article presenta dues formes diferents per agafar la clau de xifrat en ZigBee: atac a distĂ ncia i atacs fĂsics. TambĂ© les enquesta i classifica alguns atacs addicionals que es poden realitzar en les xarxes ZigBee: espionatge, falsificaciĂł, reproducciĂł i atacs DoS en les diferents capes. A partir d'aquesta anĂ lisi, es demostren algunes vulnerabilitats existents en l'esquema de seguretat en tecnologia ZigBee.Las redes de sensores tienen muchas aplicaciones en el control y la monitorizaciĂłn de las propiedades del medio ambiente, como el sonido, la aceleraciĂłn, la vibraciĂłn y la temperatura. Debido a los limitados recursos en la capacidad de cĂĄlculo, la memoria y la energĂa son vulnerables a muchos tipos de ataques. La especificaciĂłn ZigBee basada en el estĂĄndar 802.15.4, define un conjunto de capas, adaptada especĂficamente para redes de sensores. Estas capas soportan mensajerĂa segura mediante criptografĂa simĂ©trica. Este artĂculo presenta dos formas diferentes para coger la clave de cifrado en ZigBee: ataque a distancia y ataques fĂsicos. TambiĂ©n las encuesta y clasifica algunos ataques adicionales que se pueden realizar en las redes ZigBee: espionaje, falsificaciĂłn, reproducciĂłn y ataques DoS en las diferentes capas. A partir de este anĂĄlisis, se demuestran algunas vulnerabilidades existentes en el esquema de seguridad en tecnologĂa ZigBee
- âŠ