Secure end-to-end browsing system with mobile composition

To fix the more and more serious leakage problem in remote access to confidential data, the paper designs and implements a secure end-to-end browsing system with mobile composition. It enables mobile-authenticated users to browse confidential files stored at server side using their personal computers securely. The authentication function is in real-time such that the system can stop the browsing function once it detects that the authenticated mobile is out of the communication range of user's personal computer. © 2011 IEEE.published_or_final_versio

Device-Based Isolation for Securing Cryptographic Keys

In this work, we describe an eective device-based isolation approach for achieving data security. Device-based isolation leverages the proliferation of personal computing devices to provide strong run-time guarantees for the condentiality of secrets. To demonstrate our isolation approach, we show its use in protecting the secrecy of highly sensitive data that is crucial to security operations, such as cryptographic keys used for decrypting ciphertext or signing digital signatures. Private key is usually encrypted when not used, however, when being used, the plaintext key is loaded into the memory of the host for access. In our threat model, the host may be compromised by attackers, and thus the condentiality of the host memory cannot be preserved. We present a novel and practical solution and its prototype called DataGuard to protect the secrecy of the highly sensitive data through the storage isolation and secure tunneling enabled by a mobile handheld device. DataGuard can be deployed for the key protection of individuals or organizations

Description and Experience of the Clinical Testbeds

This deliverable describes the up-to-date technical environment at three clinical testbed demonstrator sites of the 6WINIT Project, including the adapted clinical applications, project components and network transition technologies in use at these sites after 18 months of the Project. It also provides an interim description of early experiences with deployment and usage of these applications, components and technologies, and their clinical service impact

Enhancing Web Browsing Security

Web browsing has become an integral part of our lives, and we use browsers to perform many important activities almost everyday and everywhere. However, due to the vulnerabilities in Web browsers and Web applications and also due to Web users\u27 lack of security knowledge, browser-based attacks are rampant over the Internet and have caused substantial damage to both Web users and service providers. Enhancing Web browsing security is therefore of great need and importance.;This dissertation concentrates on enhancing the Web browsing security through exploring and experimenting with new approaches and software systems. Specifically, we have systematically studied four challenging Web browsing security problems: HTTP cookie management, phishing, insecure JavaScript practices, and browsing on untrusted public computers. We have proposed new approaches to address these problems, and built unique systems to validate our approaches.;To manage HTTP cookies, we have proposed an approach to automatically validate the usefulness of HTTP cookies at the client-side on behalf of users. By automatically removing useless cookies, our approach helps a user to strike an appropriate balance between maximizing usability and minimizing security risks. to protect against phishing attacks, we have proposed an approach to transparently feed a relatively large number of bogus credentials into a suspected phishing site. Using those bogus credentials, our approach conceals victims\u27 real credentials and enables a legitimate website to identify stolen credentials in a timely manner. to identify insecure JavaScript practices, we have proposed an execution-based measurement approach and performed a large-scale measurement study. Our work sheds light on the insecure JavaScript practices and especially reveals the severity and nature of insecure JavaScript inclusion and dynamic generation practices on the Web. to achieve secure and convenient Web browsing on untrusted public computers, we have proposed a simple approach that enables an extended browser on a mobile device and a regular browser on a public computer to collaboratively support a Web session. A user can securely perform sensitive interactions on the mobile device and conveniently perform other browsing interactions on the public computer

The Direction of mobile evolution examined through the NTT DoCoMo strategy, Mobile Frontier

NTT DoCoMo is Japan\u27s biggest mobile service provider. They added extra value into cellular phone as telephone , and contributed to the explosive spread of the mobile phone in Japan. They have still led Japan as a country with the world\u27s largest mobile Internet. The mobile phone now changes our lifestyles or work styles, and has a great influence also on business. In 1997, NTT DoCoMo created the company vision towards the year 2010, Mobile Frontier . It consists of five concepts, named MAGIC , and indicates the mobile phone figure in the future as a whole. I regard it as a guideline of this paper, and examine the direction of mobile evolution by researching the following topics: the present situation, the issues needed to realize each concept, and the future. At first, I state the background of the mobile phone spread in Japan and the cultural aspects peculiar to Japan. After that, I examine the mobile evolution along with the five concepts. The objective of this paper is to refer to and understand the vision of a leading company in the telecommunication field, and consider mobile communications\u27 influence and applications in the future. The goal is to expand knowledge in the present situation of the mobile phone and the trend towards future mobile, and to examine the direction the Mobile Frontier aims

Converged multimedia services in emerging Web 2.0 session mobility scenarios

n/

Final report on the evaluation of RRM/CRRM algorithms

Deliverable public del projecte EVERESTThis deliverable provides a definition and a complete evaluation of the RRM/CRRM algorithms selected in D11 and D15, and evolved and refined on an iterative process. The evaluation will be carried out by means of simulations using the simulators provided at D07, and D14.Preprin