302 research outputs found
An authentic-based privacy preservation protocol for smart e-healthcare systems in iot
© 2013 IEEE. Emerging technologies rapidly change the essential qualities of modern societies in terms of smart environments. To utilize the surrounding environment data, tiny sensing devices and smart gateways are highly involved. It has been used to collect and analyze the real-time data remotely in all Industrial Internet of Things (IIoT). Since the IIoT environment gathers and transmits the data over insecure public networks, a promising solution known as authentication and key agreement (AKA) is preferred to prevent illegal access. In the medical industry, the Internet of Medical Things (IoM) has become an expert application system. It is used to gather and analyze the physiological parameters of patients. To practically examine the medical sensor-nodes, which are imbedded in the patient\u27s body. It would in turn sense the patient medical information using smart portable devices. Since the patient information is so sensitive to reveal other than a medical professional, the security protection and privacy of medical data are becoming a challenging issue of the IoM. Thus, an anonymity-based user authentication protocol is preferred to resolve the privacy preservation issues in the IoM. In this paper, a Secure and Anonymous Biometric Based User Authentication Scheme (SAB-UAS) is proposed to ensure secure communication in healthcare applications. This paper also proves that an adversary cannot impersonate as a legitimate user to illegally access or revoke the smart handheld card. A formal analysis based on the random-oracle model and resource analysis is provided to show security and resource efficiencies in medical application systems. In addition, the proposed scheme takes a part of the performance analysis to show that it has high-security features to build smart healthcare application systems in the IoM. To this end, experimental analysis has been conducted for the analysis of network parameters using NS3 simulator. The collected results have shown superiority in terms of the packet delivery ratio, end-to-end delay, throughput rates, and routing overhead for the proposed SAB-UAS in comparison to other existing protocols
Attack Resilience and Recovery using Physical Challenge Response Authentication for Active Sensors Under Integrity Attacks
Embedded sensing systems are pervasively used in life- and security-critical
systems such as those found in airplanes, automobiles, and healthcare.
Traditional security mechanisms for these sensors focus on data encryption and
other post-processing techniques, but the sensors themselves often remain
vulnerable to attacks in the physical/analog domain. If an adversary
manipulates a physical/analog signal prior to digitization, no amount of
digital security mechanisms after the fact can help. Fortunately, nature
imposes fundamental constraints on how these analog signals can behave. This
work presents PyCRA, a physical challenge-response authentication scheme
designed to protect active sensing systems against physical attacks occurring
in the analog domain. PyCRA provides security for active sensors by continually
challenging the surrounding environment via random but deliberate physical
probes. By analyzing the responses to these probes, and by using the fact that
the adversary cannot change the underlying laws of physics, we provide an
authentication mechanism that not only detects malicious attacks but provides
resilience against them. We demonstrate the effectiveness of PyCRA through
several case studies using two sensing systems: (1) magnetic sensors like those
found wheel speed sensors in robotics and automotive, and (2) commercial RFID
tags used in many security-critical applications. Finally, we outline methods
and theoretical proofs for further enhancing the resilience of PyCRA to active
attacks by means of a confusion phase---a period of low signal to noise ratio
that makes it more difficult for an attacker to correctly identify and respond
to PyCRA's physical challenges. In doing so, we evaluate both the robustness
and the limitations of PyCRA, concluding by outlining practical considerations
as well as further applications for the proposed authentication mechanism.Comment: Shorter version appeared in ACM ACM Conference on Computer and
Communications (CCS) 201
Analysis Of Electronic Voting Schemes In The Real World
Voting is at the heart of a country’s democracy. Assurance in the integrity of the electoral process is pivotal for voters to have any trust in the system. Often, electronic voting schemes proposed in the literature, or even implemented in real world elections do not always consider all issues that may exist in the environment in which they might be deployed. In this paper, we identify some real - world issues and threats to electronic voting schemes. We then use the threats we have identified to present an analysis of schemes recently used in Australia and Estonia and present recommendations to mitigate threats to such schemes when deployed in an untrustworthy environment
Proceedings of the Workshop on web applications and secure hardware (WASH 2013).
Web browsers are becoming the platform of choice for applications that need to work across a wide range of different devices, including mobile phones, tablets, PCs, TVs and in-car systems. However, for web applications which require a higher level of assurance, such as online banking, mobile payment, and media distribution (DRM), there are significant security and privacy challenges. A potential solution to some of these problems can be found in the use of secure hardware – such as TPMs, ARM TrustZone, virtualisation and secure elements – but these are rarely accessible to web applications or used by web browsers. The First Workshop on Web Applications and Secure Hardware (WASH'13) focused on how secure hardware could be used to enhance web applications and web browsers to provide functionality such as credential storage, attestation and secure execution. This included challenges in compatibility (supporting the same security features despite different user hardware) as well as multi-device scenarios where a device with hardware mechanisms can help provide assurance for systems without. Also of interest were proposals to enhance existing security mechanisms and protocols, security models where the browser is not trusted by the web application, and enhancements to the browser itself
Leveraging the Cloud for Software Security Services.
This thesis seeks to leverage the advances in cloud computing in order to address modern
security threats, allowing for completely novel architectures that provide dramatic
improvements and asymmetric gains beyond what is possible using current approaches.
Indeed, many of the critical security problems facing the Internet and its users are inadequately
addressed by current security technologies. Current security measures often are deployed
in an exclusively network-based or host-based model, limiting their efficacy against
modern threats. However, recent advancements in the past decade in cloud computing and
high-speed networking have ushered in a new era of software services. Software services
that were previously deployed on-premise in organizations and enterprises are now being
outsourced to the cloud, leading to fundamentally new models in how software services are
sold, consumed, and managed.
This thesis focuses on how novel software security services can be deployed that leverage
the cloud to scale elegantly in their capabilities, performance, and management. First,
we introduce a novel architecture for malware detection in the cloud. Next, we propose
a cloud service to protect modern mobile devices, an ever-increasing target for malicious
attackers. Then, we discuss and demonstrate the ability for attackers to leverage the same
benefits of cloud-centric services for malicious purposes. Next, we present new techniques
for the large-scale analysis and classification of malicious software. Lastly, to demonstrate
the benefits of cloud-centric architectures outside the realm of malicious software,
we present a threshold signature scheme that leverages the cloud for robustness and resiliency.Ph.D.Computer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/91385/1/jonojono_1.pd
CCTV Surveillance System, Attacks and Design Goals
Closed Circuit Tele-Vision surveillance systems are frequently the subject of debate. Some parties seek to promote their benefits such as their use in criminal investigations and providing a feeling of safety to the public. They have also been on the receiving end of bad press when some consider intrusiveness has outweighed the benefits. The correct design and use of such systems is paramount to ensure a CCTV surveillance system meets the needs of the user, provides a tangible benefit and provides safety and security for the wider law-abiding public. In focusing on the normative aspects of CCTV, the paper raises questions concerning the efficiency of understanding contemporary forms of ‘social ordering practices’ primarily in terms of technical rationalities while neglecting other, more material and ideological processes involved in the construction of social order. In this paper, a 360-degree view presented on the assessment of the diverse CCTV video surveillance systems (VSS) of recent past and present in accordance with technology. Further, an attempt been made to compare different VSS with their operational strengths and their attacks. Finally, the paper concludes with a number of future research directions in the design and implementation of VSS
- …