110 research outputs found
Review on DNA Cryptography
Cryptography is the science that secures data and communication over the
network by applying mathematics and logic to design strong encryption methods.
In the modern era of e-business and e-commerce the protection of
confidentiality, integrity and availability (CIA triad) of stored information
as well as of transmitted data is very crucial. DNA molecules, having the
capacity to store, process and transmit information, inspires the idea of DNA
cryptography. This combination of the chemical characteristics of biological
DNA sequences and classical cryptography ensures the non-vulnerable
transmission of data. In this paper we have reviewed the present state of art
of DNA cryptography.Comment: 31 pages, 12 figures, 6 table
An Overview of Cryptography (Updated Version, 3 March 2016)
There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography...While cryptography is necessary for secure communications, it is not by itself sufficient. This paper describes the first of many steps necessary for better security in any number of situations.
A much shorter, edited version of this paper appears in the 1999 edition of Handbook on Local Area Networks published by Auerbach in September 1998
Security Hazards when Law is Code.
As software continues to eat the world, there is an increasing pressure to
automate every aspect of society, from self-driving cars, to algorithmic trading
on the stock market. As this pressure manifests into software implementations
of everything, there are security concerns to be addressed across many areas.
But are there some domains and fields that are distinctly susceptible to attacks,
making them difficult to secure?
My dissertation argues that one domain in particular—public policy and law—
is inherently difficult to automate securely using computers. This is in large part
because law and policy are written in a manner that expects them to be flexibly
interpreted to be fair or just. Traditionally, this interpreting is done by judges
and regulators who are capable of understanding the intent of the laws they are
enforcing. However, when these laws are instead written in code, and interpreted
by a machine, this capability to understand goes away. Because they blindly fol-
low written rules, computers can be tricked to perform actions counter to their
intended behavior.
This dissertation covers three case studies of law and policy being implemented
in code and security vulnerabilities that they introduce in practice. The first study
analyzes the security of a previously deployed Internet voting system, showing
how attackers could change the outcome of elections carried out online. The second study looks at airport security, investigating how full-body scanners can be
defeated in practice, allowing attackers to conceal contraband such as weapons or
high explosives past airport checkpoints. Finally, this dissertation also studies how
an Internet censorship system such as China’s Great Firewall can be circumvented
by techniques that exploit the methods employed by the censors themselves.
To address these concerns of securing software implementations of law, a hybrid human-computer approach can be used. In addition, systems should be designed to allow for attacks or mistakes to be retroactively undone or inspected by
human auditors. By combining the strengths of computers (speed and cost) and
humans (ability to interpret and understand), systems can be made more secure
and more efficient than a method employing either alone.PhDComputer Science and EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/120795/1/ewust_1.pd
Internship at Be One Solutions
Included in this document is the report of my internship undertaken in the fulfilment of my
Master of Cybersecurity and Informatic Forensics degree from the Polytechnic Institute of
Leiria, at Be One Solutions. During the internship, I identified several issues regarding
security protocols and procedures at the company, more specifically in regards to credential
management.
After identifying the issues, I started researching enterprise level solutions for credential
management, for which the requirements had been established beforehand with the IT
manager. After comparing a set of solutions based on the features they provided and the
price quoted, it was possible to conclude that all solutions were unsuitable due to either
unreasonable pricing or previous security issues.
Since the solutions analysed were deemed unsuitable, I started working on a Proof of
Concept (PoC) for a custom solution that would be able to integrate with the project structure
already present in the company’s in house project management solution. It started with
defining the concept of the solutions in regards to how the encryption process would be
performed, then the designing of the data structure in order to integrate with the project
management solution, an afterwards came the development process of said solution
Identity, location and query privacy for smart devices
In this thesis, we have discussed three important aspects of users\u27 privacy namely, location privacy, identity privacy and query privacy. The information related to identity, location and query is very sensitive as it can reveal behavior patterns, interests, preferences and habits of the users. We have proposed several techniques in the thesis on how to better protect the identity, location and query privacy
- …