Security architectures in mobile integrated pay-TV

This paper presents the design and describes the advantage of the state-of-the-art Mobile Integrated Conditional Access System (MICAS) concerning interoperability, personalisation, security and operational costs in Pay-TV systems. The Message Handling Subsystem is proposed and outlined together with ‘Follow-Me’ service, which proposed herewith to extend mobility and personalisation concepts on Pay-TV service

Migration control for mobile agents based on passport and visa

Research on mobile agents has attracted much attention as this paradigm has demonstrated great potential for the next-generation e-commerce. Proper solutions to security-related problems become key factors in the successful deployment of mobile agents in e-commerce systems. We propose the use of passport and visa (P/V) for securing mobile agent migration across communities based on the SAFER e-commerce framework. P/V not only serves as up-to-date digital credentials for agent-host authentication, but also provides effective security mechanisms for online communities to control mobile agent migration. Protection for mobile agents, network hosts, and online communities is enhanced using P/V. We discuss the design issues in details and evaluate the implementation of the proposed system

Database of audio records

Diplomka a prakticky castDiplome with partical part

Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning

The secret keys of critical network authorities - such as time, name, certificate, and software update services - represent high-value targets for hackers, criminals, and spy agencies wishing to use these keys secretly to compromise other hosts. To protect authorities and their clients proactively from undetected exploits and misuse, we introduce CoSi, a scalable witness cosigning protocol ensuring that every authoritative statement is validated and publicly logged by a diverse group of witnesses before any client will accept it. A statement S collectively signed by W witnesses assures clients that S has been seen, and not immediately found erroneous, by those W observers. Even if S is compromised in a fashion not readily detectable by the witnesses, CoSi still guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to risk that the compromise will soon be detected by one of the W witnesses. Because clients can verify collective signatures efficiently without communication, CoSi protects clients' privacy, and offers the first transparency mechanism effective against persistent man-in-the-middle attackers who control a victim's Internet access, the authority's secret key, and several witnesses' secret keys. CoSi builds on existing cryptographic multisignature methods, scaling them to support thousands of witnesses via signature aggregation over efficient communication trees. A working prototype demonstrates CoSi in the context of timestamping and logging authorities, enabling groups of over 8,000 distributed witnesses to cosign authoritative statements in under two seconds.Comment: 20 pages, 7 figure

Merging and Extending the PGP and PEM Trust Models - the ICE-TEL Trust Model

The ICE-TEL project is a pan-European project that is building an Internet X.509 based certification infrastructure throughout Europe, plus several secure applications that will use it. This paper describes the trust model that is being implemented by the project. A trust model specifies the means by which a user may build trust in the assertion that a remote user is really who he purports to be (authentication) and that he does in fact have a right to access the service or information that he is requesting (authorization). The ICE-TEL trust model is based on a merging of and extensions to the existing Pretty Good Privacy (PGP) web of trust and Privacy Enhanced Mail (PEM) hierarchy of trust models, and is called a web of hierarchies trust model. The web of hierarchies model has significant advantages over both of the previous models, and these are highlighted here. The paper further describes the way that the trust model is enforced through some of the new extensions in the X.509 V3 certificates, and gives examples of its use in different scenarios

Protecting Intellectual Proprietary Rights through Secure Interactive Contract Negotiation

Protection of Intellectual Proprietary Rights is currently one of the most important barriers to electronic commerce of digital contents over networks. Authors and content providers understand the immense advantages of the digital world but show some reserve. However, technologies and techniques to protect IPR in digital content exist, their deployment in a coherent way is still in an early stage. In this paper, we describe the approach followed by the OCTALIS Project towards and effective electronic commerce of digital images. After describing briefly enabling technologies, the emphasis is on contract negotiation over Internet through a secure dialog between the Service Provider and the User

Safe Harbor for the Innocent Infringer in the Digital Age

The primary goal of this Article is three-fold: (1) to explore the role of the innocent infringer archetype historically and in the digital age; (2) to highlight the tension between customary and generally accepted online uses and copyright law that compromise efficient use of technology and progress of the digital technologies, the Internet, and society at large; and (3) to offer a legislative fix in the form of safe harbor for direct innocent infringers. Such an exemption seems not only more efficient but also more just in the online environment where unwitting infringement for the average copyright consumer is far easier than ever to commit, extremely difficult to police, and often causes little, if any, cognizable market harm. Safe Harbor was judged one of the best law review articles related to entertainment, publishing and/or the arts published in the 2013-14 academic publishing cycle and selected for inclusion in the 2014 edition of the Entertainment, Publishing and the Arts Handbook, an anthology published annually by Thomson Reuters (West)