380 research outputs found
Recommended from our members
Selection of EAP-authentication methods in WLANs
IEEE 802.1X is a key part of IEEE802.11i. By employing Extensible Authentication Protocol (EAP) it supports a variety of upper layer
authentication methods each with different benefits and drawbacks. Any one of these authentication methods can be the ideal choice for a specific networking environment. The fact that IEEE 802.11i leaves the selection of the most suitable authentication method to system implementers makes the authentication framework more flexible, but on the other hand leads to the
question of how to select the authentication method that suits an organisationâs requirements and specific networking environment. This paper gives an overview of EAP authentication methods and provides a table comparing their properties. It then identifies the crucial factors to be considered when employing EAP authentication methods in WLAN environments. The paper presents algorithms that guide the selection of an EAP-authentication method for a WLAN and demonstrates their application through three examples
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
Autonomic Vehicular Networks: Safety, Privacy, Cybersecurity and Societal Issues
Safety, efficiency, privacy, and cybersecurity can be achieved jointly in
self-organizing networks of communicating vehicles of various automated driving
levels. The underlying approach, solutions and novel results are briefly
exposed. We explain why we are faced with a crucial choice regarding motorized
society and cyber surveillance
Information Management in Product Development Workflows â A Novel Approach on the basis of Pseudonymization of Product Information
AbstractInformation stored in the documentation of a product constitutes in many aspects the intellectual property (IP) of an enterprise. This valuable knowledge, built over years of extensive research and development deserves special attention and protection. Especially the context of distributed product development activities and increased collaborations with external partners puts companies at a growing risk that unauthorized individuals obtain access to this prized capital. In this paper, we present a novel concept for managing and sharing sensitive information in product development processes. Product information is separated and subsequently pseudonymized into independent blocks of data fragments which can be reassembled to specific information levels depending on the requirements of the organization. Thus, a user can be given access to that level of information specifically required to complete the task. The product information itself is only available as unordered data fragments and no longer interpretable even in case of data theft. By doing so, a comprehensive protection against internal and external abuse of sensitive product information can be realized which can easily be combined with existing concepts in the field of information protection
Buyer Power through Producer's Differentiation
This paper shows that retailers may choose to offer products differentiated in quality, not to relax downstream competition, but to improve their buyer power in the negotiation with their supplier. We consider a simple vertical industry where two producers sell products differentiated in quality to two retailers who operate in separated markets. In the game, first retailers choose which product to carry, then each retailer and her chosen producer bargain over the terms of a two-part tariff contract and retailers finally choose the quantities. When upstream production costs are convex, the share of the total profits going to the retailer would be higher if they choose to differentiate. We thus isolate the wish to differentiate as âonlyâ due to increasing buyer power: via producerâs differentiation, the retailer gets a larger share of smaller total profits. This result also holds when retailers compete downstream. We derive the consequences of a differentiation induced by buyer power motives for consumer surplus.Cet article montre que des distributeurs peuvent dĂ©cider d'offrir des produits diffĂ©renciĂ©s, non pas pour relĂącher la concurrence horizontale, mais pour accroĂźtre leur pouvoir d'achat vis-Ă -vis de leur fournisseur. Nous analysons un modĂšle simple oĂč deux producteurs offrent des produits diffĂ©renciĂ©s en qualitĂ© Ă deux distributeurs en activitĂ© sur des marches sĂ©parĂ©s qui ne peuvent offrir qu'un seul produit aux consommateurs. A la premiĂšre Ă©tape du jeu, les distributeurs choisissent quel produit mettre en rayon, puis chaque distributeur et son fournisseur nĂ©gocient sur un contrat de tarif binĂŽme. Enfin, les distributeurs choisissent leur quantitĂ©s. Lorsque les coĂ»ts de production sont convexes, la part des profits joint revenant au distributeur est plus Ă©levĂ©e lorsque les distributeurs choisissent de se diffĂ©rencier. L'origine de la diffĂ©renciation peut donc ĂȘtre uniquement liĂ©e au dĂ©sir des distributeurs d'accroĂźtre leur pouvoir d'achat: via la diffĂ©renciation des fournisseurs, le distributeur obtient une plus large part de profits joints plus faibles. Ce rĂ©sultat est robuste lorsque l'on introduit de la concurrence en aval. Nous mettons en Ă©vidence les consĂ©quences de cette stratĂ©gie de diffĂ©renciation sur le surplus des consommateurs
The Case for Quantum Key Distribution
Quantum key distribution (QKD) promises secure key agreement by using quantum
mechanical systems. We argue that QKD will be an important part of future
cryptographic infrastructures. It can provide long-term confidentiality for
encrypted information without reliance on computational assumptions. Although
QKD still requires authentication to prevent man-in-the-middle attacks, it can
make use of either information-theoretically secure symmetric key
authentication or computationally secure public key authentication: even when
using public key authentication, we argue that QKD still offers stronger
security than classical key agreement.Comment: 12 pages, 1 figure; to appear in proceedings of QuantumComm 2009
Workshop on Quantum and Classical Information Security; version 2 minor
content revision
Recommended from our members
Simple-VPN: Simple IPsec Configuration
The IPsec protocol promised easy, ubiquitous encryption. That has never happened. For the most part, IPsec usage is confined to VPNs for road warriors, largely due to needless configuration complexity and incompatible implementations. We have designed a simple VPN configuration language that hides the unwanted complexities. Virtually no options are necessary or possible. The administrator specifies the absolute minimum of information: the authorized hosts, their operating systems, and a little about the network topology; everything else, including certificate generation, is automatic. Our implementation includes a multitarget compiler, which generates implementation-specific configuration files for three different platforms; others are easy to add
- âŠ