Integrity protection for code-on-demand mobile agents in e-commerce

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent’s perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand(CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection

Citizen Electronic Identities using TPM 2.0

Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.Comment: This work is based on an earlier work: Citizen Electronic Identities using TPM 2.0, to appear in the Proceedings of the 4th international workshop on Trustworthy embedded devices, TrustED'14, November 3, 2014, Scottsdale, Arizona, USA, http://dx.doi.org/10.1145/2666141.266614

An Efficient Authentication Protocol Based on Chebyshev Chaotic Map for Intelligent Transportation

For meeting the demands of safety, traffic management, and high mobility, vehicular adhoc network (VANET) has become a promising component for smart transportation systems. However, the wireless environment of vehicular network leads to various challenges in the communication security. Hence, several authentication schemes have previously been proposed to address VANET security issues but their procedures disregard the balance between effectiveness and security. Thus, this paper presents a new decentralized authentication protocol that relies on lightweight functions such as the Chebyshev chaotic map and logical shift operator to achieve the high mobility requirement. In order to reduce the number of messages transferred over the network, this protocol attempts to eliminate any redundant authentication steps during its authentication stage. Additionally, the new protocol solves key management problems by applying a little modification to the public key infrastructure to ignore certificates transmission over the network. The proposed design incorporates the self-authentication concept to safeguard the vehicle trip route on the road. Moreover, the performance evaluation is conducted to verify that the proposed protocol outperforms the most related scheme in terms of security and efficiency aspects. Finally, the Scyther simulation validates the security robustness of the new protocol

An Efficient Authentication Protocol Based on Chebyshev Chaotic Map for Intelligent Transportation

For meeting the demands of safety, traffic management, and high mobility, vehicular adhoc network (VANET) has become a promising component for smart transportation systems. However, the wireless environment of vehicular network leads to various challenges in the communication security. Hence, several authentication schemes have previously been proposed to address VANET security issues but their procedures disregard the balance between effectiveness and security. Thus, this paper presents a new decentralized authentication protocol that relies on lightweight functions such as the Chebyshev chaotic map and logical shift operator to achieve the high mobility requirement. In order to reduce the number of messages transferred over the network, this protocol attempts to eliminate any redundant authentication steps during its authentication stage. Additionally, the new protocol solves key management problems by applying a little modification to the public key infrastructure to ignore certificates transmission over the network. The proposed design incorporates the self-authentication concept to safeguard the vehicle trip route on the road. Moreover, the performance evaluation is conducted to verify that the proposed protocol outperforms the most related scheme in terms of security and efficiency aspects. Finally, the Scyther simulation validates the security robustness of the new protocol

Security: Hash Function-authentications

As security or firewall administrator, we got basically the same concerns (as a plumber) the size of the pipe the contents of the pipe, making sure the correct traffic is in the correct pipes and keeping the pipes from splitting and leaking all over the places of course like plumbers. When the pipes do leak: we are the ones responsible for cleaning up the mess and we are the ones who come up smelling awful. Firewall is a device that is used to provide protection to a system from network-based security threats. The firewall uses service, behavior, user and direction control techniques

Iceberg database system for the graduate advisors of Computer and Information Science Department of New Jersey Institute of Technology

Iceberg system is a departmental database system. It is built for the graduate advisors of the CIS department. It stores the graduate student\u27s information, such as background, bridge requirement and transcript. The graduate advisors can process the student\u27s records using the graphic user interface of Iceberg system. Iceberg system is an example of the powerful Java language. We use the latest Java technologies to build a flexible system, which is easily extended. The system consists of Iceberg client, Iceberg server and Oracle data source. The Iceberg client is a web-based applet, which can be easily accessed using a browser. The Iceberg server runs on a fast UNIX machine, providing service to the Iceberg client through RMI. The most interesting feature of Iceberg system is the component architecture of the Iceberg client. The Iceberg client is consisted of visual components that have no knowledge of each other at compile time. They are assembled together at run time, following the instruction of a script file. Since the container component can hold any components the Iceberg system is readily extendable

Performance Analysis of Blockchain-Enabled Security and Privacy Algorithms in Connected and Autonomous Vehicles: A Comprehensive Review

Strategic investment(s) in vehicle automation technologies led to the rapid development of technology that revolutionised transport services and reduced fatalities on a scale never seen before. Technological advancements and their integration in Connected Autonomous Vehicles (CAVs) increased uptake and adoption and pushed firmly for the development of highly supportive legal and regulatory and testing environments. However, systemic threats to the security and privacy of technologies and lack of data transparency have created a dynamic threat landscape within which the establishment and verification of security and privacy requirements proved to be an arduous task. In CAVs security and privacy issues can affect the resilience of these systems and hinder the safety of the passengers. Existing research efforts have been placed to investigate the security issues in CAVs and propose solutions across the whole spectrum of cyber resilience. This paper examines the state-of-the-art in security and privacy solutions for CAVs. It investigates their integration challenges, drawbacks and efficiencies when coupled with distributed technologies such as Blockchain. It has also listed different cyber-attacks being investigated while designing security and privacy mechanism for CAVs

Personal Identification in the Information Age: The Case of the National Identity Card in the UK

The informatics infrastructure supporting the Information Society requires the aggregation of data about individuals in electronic records. Such data structures demand that individuals be uniquely identified and this is critical to the necessary processes of authentication, identification and enrolment associated with the use of e-Business, e-Government and potentially e-Democracy systems. It is also necessary to the representation of human interactions as data transactions supporting various forms of governance structure: hierarchies, markets and networks. In this paper we use the agenda surrounding the proposed introduction of a national identity card in the UK as an empirical backbone for considering the issue of identity management. Currently, the UK government is attempting to relate the rights and entitlements of citizenship in the UK with a standard electronic identifier for British citizens and its instantiation in an ‘entitlements card’. This attempt to define legitimising identity seems to us a potentially fruitful empirical source for examining the conceptual and pragmatic issues associated with identity management in the information age. Such a card offers numerous potential benefits for individuals and organisations but its introduction raises major challenges to data protection, data privacy and public trust in the information governance of the UK