Towards a Flexible Intra-Trustcenter Management Protocol

This paper proposes the Intra Trustcenter Protocol (ITP), a flexible and secure management protocol for communication between arbitrary trustcenter components. Unlike other existing protocols (like PKCS#7, CMP or XKMS) ITP focuses on the communication within a trustcenter. It is powerful enough for transferring complex messages which are machine and human readable and easy to understand. In addition it includes an extension mechanism to be prepared for future developments.Comment: 12 pages, 0 figures; in The Third International Workshop for Applied PKI (IWAP2004

Survey of main challenges (security and privacy) in wireless body area networks for healthcare applications

Abstract Wireless Body Area Network (WBAN) is a new trend in the technology that provides remote mechanism to monitor and collect patient's health record data using wearable sensors. It is widely recognized that a high level of system security and privacy play a key role in protecting these data when being used by the healthcare professionals and during storage to ensure that patient's records are kept safe from intruder's danger. It is therefore of great interest to discuss security and privacy issues in WBANs. In this paper, we reviewed WBAN communication architecture, security and privacy requirements and security threats and the primary challenges in WBANs to these systems based on the latest standards and publications. This paper also covers the state-of-art security measures and research in WBAN. Finally, open areas for future research and enhancements are explored

Understanding the trust relationships of the web PKI

TLS and the applications it secures (e.g., email, online banking, social media) rely on the web PKI to provide authentication. Without strong authentication guarantees, a capable attacker can impersonate trusted network entities and undermine both data integrity and confidentiality. At its core, the web PKI succeeds as a global authentication system because of the scalability afforded by trust. Instead of requiring every network entity to directly authenticate every other network entity, network entities trust certification authorities (CAs) to perform authentication on their behalf. Prior work has extensively studied the TLS protocol and CA authentication of network entities (i.e., certificate issuance), but few have examined even the most foundational aspect of trust management and understood which CAs are trusted by which TLS user agents, and why. One major reason for this disparity is the opacity of trust management in two regards: difficult data access and poor specifications. It is relatively easy to acquire and test popular TLS client/server software and issued certificates. On the other hand, tracking trust policies/deployments and evaluating CA operations is less straightforward, but just as important for securing the web PKI. This dissertation is one of the first attempts to overcome trust management opacity. By observing new measurement perspectives and developing novel fingerprinting techniques, we discover the CAs that operate trust anchors, the default trust anchors that popular TLS user agents rely on, and a general class of injected trust anchors: TLS interceptors. This research not only facilitates new ecosystem visibility, it also provides an empirical grounding for trust management specification and evaluation. Furthermore, our findings point to many instances of questionable, and sometimes broken, security practices such as improperly identified CAs, inadvertent and overly permissive trust, and trivially exploitable injected trust. We argue that most of these issues stem from inadequate transparency, and that explicit mechanisms for linking trust anchors and root stores to their origins would help remedy these problems

An architecture framework for enhanced wireless sensor network security

This thesis develops an architectural framework to enhance the security of Wireless Sensor Networks (WSNs) and provides the implementation proof through different security countermeasures, which can be used to establish secure WSNs, in a distributed and self-healing manner. Wireless Sensors are used to monitor and control environmental properties such as sound, acceleration, vibration, air pollutants, and temperature. Due to their limited resources in computation capability, memory and energy, their security schemes are susceptible to many kinds of security vulnerabilities. This thesis investigated all possible network attacks on WSNs and at the time of writing, 19 different types of attacks were identified, all of which are discussed including exposures to the attacks, and the impact of those attacks. The author then utilises this work to examine the ZigBee series, which are the new generation of wireless sensor network products with built-in layered security achieved by secure messaging using symmetric cryptography. However, the author was able to uniquely identify several security weaknesses in ZigBee by examining its protocol and launching the possible attacks. It was found that ZigBee is vulnerable to the following attacks, namely: eavesdropping, replay attack, physical tampering and Denial of Services (DoS). The author then provides solutions to improve the ZigBee security through its security schema, including an end-to-end WSN security framework, architecture design and sensor configuration, that can withstand all types of attacks on the WSN and mitigate ZigBee’s WSN security vulnerabilities

Ableitung von Einflussfaktoren als Grundlage für die Entwicklung von Technologieszenarien im Rahmen der Prognosephase des Technologiemanagements für den Zeitraum 2005 - 2010

Ziel der Arbeit ist, im Rahmen des Technologiemanagements aus aktuellen, technologischen Entwicklungen Einflussfaktoren für die Entwicklung realistischer Technologieszenarien für den Zeitraum von 2005-2010 abzuleiten. Der Erkenntnisgewinn der Arbeit basiert auf einem Katalog von unterschiedlichen Einflussfaktoren, die als Basis für die Entwicklung von Extrapolationen oder Szenarien genutzt werden können. Die dieser Dissertation zugrunde liegende Forschungsmethodik basiert auf den forschungslogischen Abläufen für empirische Forschung verbundenen mit der phasenorientierten Vorgehensweise zur Ableitung von Einflussfaktoren als Teil der Szenarioanalyse. Die zu durchlaufenden Phasen sind: Identifikation der technologischen Entwicklungsschwerpunkte und Anwendungsbereiche der Informations- und Kommunikationstechnologien, die beispielhafte Beschreibung der technologischen Entwicklungsschwerpunkte und Ableitung der entsprechenden Einflussfaktoren, die beispielhafte Beschreibung der Anwendungsbereiche der Informations- und Kommunikationstechnologien und Ableitung der jeweiligen Einflussfaktoren und die Zusammenfassende Darstellung der Einflussfaktoren. Auf Basis unterschiedlicher Methoden, wie die Erfassung von Expertenmeinungen, Scanning und Monitoring, Literatur- und Patentanalyse oder der Delphi-Methode werden in einer ersten Stufe technologische Entwicklungsschwerpunkte und Anwendungsbereiche der Informations- und Kommunikationstechnologien identifiziert. Den entsprechenden technologischen Entwicklungsschwerpunkten werden dann beispielhaft unterschiedliche Technologien zugeordnet und detailliert beschrieben. Aus der Beschreibung, bzw. den technologischen Merkmalen werden die technologischen Einflussfaktoren mit ihren Messgrößen abgeleitet. Den Anwendungsbereichen der Informations- und Kommunikationstechnologien werden unterschiedliche Anwendungskonzepte zugeordnet, wie Telearbeit, Homeautomation oder mobile Computing. Durch die detaillierte Beschreibung dieser Konzepte werden die nicht-technologischen Einflussgrößen identifiziert und beschrieben. Anhand der Kombination von Einflussfaktoren aus den Entwicklungsschwerpunkten und den Anwendungsbereichen der Informations- und Kommunikationstechnologien können dann Szenarien oder Trendextrapolationen erstellt werden, die bei Investitionsentscheidungen in die IT vor Fehlentscheidungen schützen können