69,627 research outputs found
Secure Method Invocation in JASON
We describe the Secure Method Invocation (SMI) framework implemented for Jason, our Javacard As Secure Objects Networks platform. Jason realises the secure object store paradigm, that reconciles the card-as-storage-element and card-as-processing-element views. In this paradigm, smart cards are viewed as secure containers for objects, whose methods can be called straightforwardly and securely using SMI. Jason is currently being developed as a middleware layer that securely interconnects an arbitrary number of smart cards, terminals and back-office systems over the Internet
Secure Communication over 1-2-1 Networks
This paper starts by assuming a 1-2-1 network, the abstracted noiseless model
of mmWave networks that was shown to closely approximate the Gaussian capacity
in [1], and studies secure communication. First, the secure capacity is derived
for 1-2-1 networks where a source is connected to a destination through a
network of unit capacity links. Then, lower and upper bounds on the secure
capacity are derived for the case when source and destination have more than
one beam, which allow them to transmit and receive in multiple directions at a
time. Finally, secure capacity results are presented for diamond 1-2-1 networks
when edges have different capacities.Comment: Submitted for ISIT 201
Overcenter collet space station truss fastener
A quick-connect fastener is arranged with a tubular body that is arranged to be engaged against the exterior surface of a hollow attachment fitting and coincidentally aligned with an opening in the fitting. A collet having normally-contracted fingers with outwardly-enlarged ends is operatively arranged in the body to be moved forwardly by an expander member mounted in the tubular body for advancing the collet fingers through the opening in the attachment fitting. Biasing means are arranged between the expander member and a toggle linkage in the tubular body which is selectively operated to urge the expander member forwardly into engagement with the collet fingers with an initial biasing force to advance their forward portions through the body opening and then expand them outwardly. The biasing means also provide a subsequent biasing force for retaining the collet members in their expanded positions once their enlarged forward end portions are on the opposite side of the body
Deploying Virtual Machines on Shared Platforms
In this report, we describe mechanisms for secure deployment of virtual machines on shared platforms looking into a telecommunication cloud use case, which is also presented in this report. The architecture we present focuses on the security requirements of the major stakeholders’ part of the scenario we present. This report comprehensively covers all major security aspects including different security mechanisms and protocols, leveraging existing standards and state-of-the art wherever applicable. In particular, our architecture uses TCG technologies for trust establishment in the deployment of operator virtual machines on shared resource platforms. We also propose a novel procedure for securely launching and cryptographically binding a virtual machine to a target platform thereby protecting the operator virtual machine and its related credentials
ARIES WP3 – Needs and Requirements Analyses
Information and communication technologies have increasingly
influenced and changed our daily life. They allow global
connectivity and easy access to distributed applications and
digital services over the Internet. This report analysis security requirements on trust establishment and trust evaluation based on two different use case scenarios: "Trusted Communication using COTS" and "Trust Establishment for Cross-organizational Crises Management". A systematic needs analysis is performed on both scenarios which haver resulted in a large and well documented set of requirements. This is the first step in a large effort to define a security architecture for the two use case scenarios.
User-Relative Names for Globally Connected Personal Devices
Nontechnical users who own increasingly ubiquitous network-enabled personal
devices such as laptops, digital cameras, and smart phones need a simple,
intuitive, and secure way to share information and services between their
devices. User Information Architecture, or UIA, is a novel naming and
peer-to-peer connectivity architecture addressing this need. Users assign UIA
names by "introducing" devices to each other on a common local-area network,
but these names remain securely bound to their target as devices migrate.
Multiple devices owned by the same user, once introduced, automatically merge
their namespaces to form a distributed "personal cluster" that the owner can
access or modify from any of his devices. Instead of requiring users to
allocate globally unique names from a central authority, UIA enables users to
assign their own "user-relative" names both to their own devices and to other
users. With UIA, for example, Alice can always access her iPod from any of her
own personal devices at any location via the name "ipod", and her friend Bob
can access her iPod via a relative name like "ipod.Alice".Comment: 7 pages, 1 figure, 1 tabl
- …