LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments

The non-repudiation as an essential requirement of many applications can be provided by the asymmetric key model. With the evolution of new applications such as mobile commerce, it is essential to provide secure and efficient solutions for the mobile environments. The traditional public key cryptography involves huge computational costs and is not so suitable for the resource-constrained platforms. The elliptic curve-based approaches as the newer solutions require certain considerations that are not taken into account in the traditional public key infrastructures. The main contribution of this paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the constrained platforms such as mobile phones. It takes advantages of elliptic curve cryptography and signcryption to decrease the computational costs and communication overheads, and adapting to the constraints. All the computational costs of required validations can be eliminated from end-entities by introduction of a validation authority to the introduced infrastructure and delegating validations to such a component. LPKI is so suitable for mobile environments and for applications such as mobile commerce where the security is the great concern.Comment: 6 Pages, 6 Figure

Building Trust Networks

The common agreement in the industry is that the Public Key Infrastructure is complex and expensive. From the year 1976 with the introduction of public key cryptography and the introduction of PKI concept in 1977 a lot of scientific resources has been spent on creation of usable key exchange systems and concepts to build trust networks. Most EU Member States have implemented their own national Public Key Infrastructure solutions mainly to enable strong authentication of citizens. They are however not the only systems within the EU to utilize PKI. Due to the nature of the PKI it is most convenient or suitable in an environment with stakeholders with similar agendas. This has resulted in several new PKI developments for specific purposes, within one industry or one vertical such as healthcare. Some Member States have tried to incorporate vertical needs with an all-purpose PKI solution, such as the Austrian eID card with so called sector specific certificates (http://ec.europa.eu/idabc/en/document/4486/5584). From the CIA (Confidentiality, Integrity, Availability) triangle public key cryptography provides confidentiality and integrity. The modern world however has more requirements in environments where sensitive information is being exchanged. It is not enough to know identity of the entity trying to access the information, but to also know the entity permissions or privileges regarding the requested resource. The authorization process grants the user specific permissions to e.g. access, modify or delete resources. A pure PKI does not allow us to build complex authorization policies, and therefore some of the Member States have built (authentication and) authorization solutions on top of existing authentication infrastructures, especially in the eGovernment sector. The scientific community has also tried to solve this issue by creating extensions to the basic PKI concept, and some of these concepts have been successful. Another problem with large scales systems is the key distribution. Managing a large number of keys using a central solution such as PKI has proven to be problematic in certain conditions. Either there are tradeoffs in security, or problems with application support. The last issue deals with public key cryptography itself. Current cryptography relies on the fact that it provides enough security based on availability of the resources, i.e. computational power. New approaches have been introduced both scientifically and commercially by moving away from the mathematics to other areas such as quantum mechanics. This paper is a quick review on some of the existing systems and their benefits and inherent challenges as well as a short introduction to new developments in the areas of authentication, authorization and key distribution.JRC.G.6-Security technology assessmen

The power of creative thinking in situations of uncertainties: the almost impossible task of protecting critical infrastructures

A good and scientific analysis starts with a closer look at the conceptualisation at hand. The definition of CIP is not easy because of its wide range. This paper examines infrastructures that are critical and need protection. Each word entails a specific connotation and is characterized by several components

The power of creative thinking in situations of uncertainties: the almost impossible task of protecting critical infrastructures

A good and scientific analysis starts with a closer look at the conceptualisation at hand. The definition of CIP is not easy because of its wide range. This paper examines infrastructures that are critical and need protection. Each word entails a specific connotation and is characterized by several components

The Key Authority - Secure Key Management in Hierarchical Public Key Infrastructures

We model a private key`s life cycle as a finite state machine. The states are the key`s phases of life and the transition functions describe tasks to be done with the key. Based on this we define and describe the key authority, a trust center module, which potentiates the easy enforcement of secure management of private keys in hierarchical public key infrastructures. This is done by assembling all trust center tasks concerning the crucial handling of private keys within one centralized module. As this module resides under full control of the trust center`s carrier it can easily be protected by well-known organizational and technical measures.Comment: 5 pages, 2 figure

ERAWATCH country reports 2011 : Malta

Acknowledgement: The University of Malta would like to acknowledge its gratitude to the European Commission, Joint Research Centre for their permission to upload this work on OAR@UoM. Further reuse of this document can be made, provided the source is acknowledged. This work was made available with the help of the Publications Office of the European Union, Copyright and Legal Issues Section.The main objective of the ERAWATCH Annual Country Reports is to characterise and assess the performance of national research systems and related policies in a structured manner that is comparable across countries. EW Country Reports 2011 identify the structural challenges faced by national innovation systems. They further analyse and assess the ability of the policy mix in place to consistently and efficiently tackle these challenges. The annex of the reports gives an overview of the latest national policy efforts towards the enhancement of European Research Area and further assess their efficiency to achieve the targets. These reports were originally produced in November - December 2011, focusing on policy developments over the previous twelve months. The reports were produced by the ERAWATCH Network under contract to JRC-IPTS. The analytical framework and the structure of the reports have been developed by the Institute for Prospective Technological Studies of the Joint Research Centre (JRC-IPTS) and Directorate General for Research and Innovation with contributions from ERAWATCH Network Asblpeer-reviewe

Geospatial information infrastructures

Manual of Digital Earth / Editors: Huadong Guo, Michael F. Goodchild, Alessandro Annoni .- Springer, 2020 .- ISBN: 978-981-32-9915-3Geospatial information infrastructures (GIIs) provide the technological, semantic,organizationalandlegalstructurethatallowforthediscovery,sharing,and use of geospatial information (GI). In this chapter, we introduce the overall concept and surrounding notions such as geographic information systems (GIS) and spatial datainfrastructures(SDI).WeoutlinethehistoryofGIIsintermsoftheorganizational andtechnologicaldevelopmentsaswellasthecurrentstate-of-art,andreflectonsome of the central challenges and possible future trajectories. We focus on the tension betweenincreasedneedsforstandardizationandtheever-acceleratingtechnological changes. We conclude that GIIs evolved as a strong underpinning contribution to implementation of the Digital Earth vision. In the future, these infrastructures are challengedtobecomeflexibleandrobustenoughtoabsorbandembracetechnological transformationsandtheaccompanyingsocietalandorganizationalimplications.With this contribution, we present the reader a comprehensive overview of the field and a solid basis for reflections about future developments

Governing Sustainable Waste Management: Designing sustainable waste management into the housing sector

In seeking to shift municipal waste policy towards sustainability, policy-makers at European, national and local levels are facing the challenge of how to engage householders in reducing, reusing and recycling their waste. This in turn means engaging with the arena within which day to day waste management activities are practiced – the home. In view of this critical relationship between waste policy and household practices, this research project1 has sought to examine: • the ways in which new infrastructures for managing waste are being ‘designed in’ to new housing developments and renovated kitchens in the UK and Europe; • the barriers identified by key actors in the as impending the pursuit of a more integrated approach to housing design and waste management and how these might be overcome; • examples of best practice currently being developed in the UK and their applicability in the context of the North-East of England