71,669 research outputs found
Device-Based Isolation for Securing Cryptographic Keys
In this work, we describe an eective device-based isolation
approach for achieving data security. Device-based isolation
leverages the proliferation of personal computing devices to
provide strong run-time guarantees for the condentiality of
secrets. To demonstrate our isolation approach, we show its
use in protecting the secrecy of highly sensitive data that
is crucial to security operations, such as cryptographic keys
used for decrypting ciphertext or signing digital signatures.
Private key is usually encrypted when not used, however,
when being used, the plaintext key is loaded into the memory
of the host for access. In our threat model, the host may
be compromised by attackers, and thus the condentiality of
the host memory cannot be preserved. We present a novel
and practical solution and its prototype called DataGuard to
protect the secrecy of the highly sensitive data through the
storage isolation and secure tunneling enabled by a mobile
handheld device. DataGuard can be deployed for the key
protection of individuals or organizations
Easy 4G/LTE IMSI Catchers for Non-Programmers
IMSI Catchers are tracking devices that break the privacy of the subscribers
of mobile access networks, with disruptive effects to both the communication
services and the trust and credibility of mobile network operators. Recently,
we verified that IMSI Catcher attacks are really practical for the
state-of-the-art 4G/LTE mobile systems too. Our IMSI Catcher device acquires
subscription identities (IMSIs) within an area or location within a few seconds
of operation and then denies access of subscribers to the commercial network.
Moreover, we demonstrate that these attack devices can be easily built and
operated using readily available tools and equipment, and without any
programming. We describe our experiments and procedures that are based on
commercially available hardware and unmodified open source software
Message handling system concepts and services in a land mobile satellite system
A network architecture containing the capabilities offered by the Message Handling System (MHS) to the PRODAT Land Mobile Satellite System (LMSS) is described taking into account the constraints of a preexisting satellite system which is going to become operational. The mapping between MHS services and PRODAT requirements is also reported and shows that the supplied performance can be significantly enhanced to both fixed and mobile users. The impact of the insertion of additional features on the system structure, especially on the centralized control unit, are also addressed
Secure Vehicular Communication Systems: Implementation, Performance, and Research Challenges
Vehicular Communication (VC) systems are on the verge of practical
deployment. Nonetheless, their security and privacy protection is one of the
problems that have been addressed only recently. In order to show the
feasibility of secure VC, certain implementations are required. In [1] we
discuss the design of a VC security system that has emerged as a result of the
European SeVeCom project. In this second paper, we discuss various issues
related to the implementation and deployment aspects of secure VC systems.
Moreover, we provide an outlook on open security research issues that will
arise as VC systems develop from today's simple prototypes to full-fledged
systems
A distributed directory service for Greenstone
Greenstone is a software for creating and maintaining distributed digital library collections. It provides a sophisticated federation mechanism for the collections.
In order to support alerting notification about changes in the distributed collections, we propose a distributed directory service for the management of the distributed Greenstone installations. The Greenstone directory service (GDS) acts on top of the distributed Greenstone structure for the management of collections. This paper describes both, the initial distributed Greenstone structure and the distributed directory service
Life of occam-Pi
This paper considers some questions prompted by a brief review of the history of computing. Why is programming so hard? Why is concurrency considered an “advanced” subject? What’s the matter with Objects? Where did all the Maths go? In searching for answers, the paper looks at some concerns over fundamental ideas within object orientation (as represented by modern programming languages), before focussing on the concurrency model of communicating processes and its particular expression in the occam family of languages. In that focus, it looks at the history of occam, its underlying philosophy (Ockham’s Razor), its semantic foundation on Hoare’s CSP, its principles of process oriented design and its development over almost three decades into occam-? (which blends in the concurrency dynamics of Milner’s ?-calculus). Also presented will be an urgent need for rationalisation – occam-? is an experiment that has demonstrated significant results, but now needs time to be spent on careful review and implementing the conclusions of that review. Finally, the future is considered. In particular, is there a future
- …