210 research outputs found
Secure management of logs in internet of things
Ever since the advent of computing, managing data has been of extreme
importance. With innumerable devices getting added to network infrastructure,
there has been a proportionate increase in the data which needs to be stored.
With the advent of Internet of Things (IOT) it is anticipated that billions of
devices will be a part of the internet in another decade. Since those devices
will be communicating with each other on a regular basis with little or no
human intervention, plethora of real time data will be generated in quick time
which will result in large number of log files. Apart from complexity
pertaining to storage, it will be mandatory to maintain confidentiality and
integrity of these logs in IOT enabled devices. This paper will provide a brief
overview about how logs can be efficiently and securely stored in IOT devices.Comment: 6 pages, 1 tabl
Kickstarting Choreographic Programming
We present an overview of some recent efforts aimed at the development of
Choreographic Programming, a programming paradigm for the production of
concurrent software that is guaranteed to be correct by construction from
global descriptions of communication behaviour
Multipath Routing of Fragmented Data Transfer in a Smart Grid Environment
The purpose of this paper is to do a general survey on the existing
communication modes inside a smart grid, the existing security loopholes and
their countermeasures. Then we suggest a detailed countermeasure, building upon
the Jigsaw based secure data transfer [8] for enhanced security of the data
flow inside the communication system of a smart grid. The paper has been
written without the consideration of any factor of inoperability between the
various security techniques inside a smart gridComment: 5 pages, 2 figure
Execution Models for Choreographies and Cryptoprotocols
A choreography describes a transaction in which several principals interact.
Since choreographies frequently describe business processes affecting
substantial assets, we need a security infrastructure in order to implement
them safely. As part of a line of work devoted to generating cryptoprotocols
from choreographies, we focus here on the execution models suited to the two
levels.
We give a strand-style semantics for choreographies, and propose a special
execution model in which choreography-level messages are faithfully delivered
exactly once. We adapt this model to handle multiparty protocols in which some
participants may be compromised.
At level of cryptoprotocols, we use the standard Dolev-Yao execution model,
with one alteration. Since many implementations use a "nonce cache" to discard
multiply delivered messages, we provide a semantics for at-most-once delivery
Recommended from our members
A Secure and Useful 'Keyless Cryptosystem'
Keyless cryptography is a technique in which the basis of security is the anonymity of the sender. We describe a protocol which fits the technique to realistic communication environments, and extend the security and the range of applications of the technique
Compiling and securing cryptographic protocols
Protocol narrations are widely used in security as semi-formal notations to
specify conversations between roles. We define a translation from a protocol
narration to the sequences of operations to be performed by each role. Unlike
previous works, we reduce this compilation process to well-known decision
problems in formal protocol analysis. This allows one to define a natural
notion of prudent translation and to reuse many known results from the
literature in order to cover more crypto-primitives. In particular this work is
the first one to show how to compile protocols parameterised by the properties
of the available operations.Comment: A short version was submitted to IP
SECURE COMMUNICATION USING PFS IN A DISTRIBUTED ENVIRONMENT
Today millions of ordinary citizens are using networks for banking, shopping and filing their tax return. Network security has become a massive problem. All this requires network to identify its legal users for providing services. An authentication protocol used is Kerberos which uses strong secret key for user authentication but it is vulnerable in case of weak passwords. Authentication & key distribution protocols requires sharing secret key(s) with a view that only the concerned users know to derive the information from it. These protocols are vulnerable to key guessing attacks. Another important consideration is perfect forward secrecy in which our proposed scheme cover cases with application servers, authentication servers or clients key are revealed & their combination. In this paper our proposed scheme deal with key guessing attacks, perfect forward secrecy and protocols for few combinations of keys. All these protocols are based on the fact that the keys are weak & can be exploited easily
Choreographies in Practice
Choreographic Programming is a development methodology for concurrent
software that guarantees correctness by construction. The key to this paradigm
is to disallow mismatched I/O operations in programs, called choreographies,
and then mechanically synthesise distributed implementations in terms of
standard process models via a mechanism known as EndPoint Projection (EPP).
Despite the promise of choreographic programming, there is still a lack of
practical evaluations that illustrate the applicability of choreographies to
concrete computational problems with standard concurrent solutions. In this
work, we explore the potential of choreographies by using Procedural
Choreographies (PC), a model that we recently proposed, to write distributed
algorithms for sorting (Quicksort), solving linear equations (Gaussian
elimination), and computing Fast Fourier Transform. We discuss the lessons
learned from this experiment, giving possible directions for the usage and
future improvements of choreography languages
FRIENDS - A flexible architecture for implementing fault tolerant and secure distributed applications
FRIENDS is a software-based architecture for implementing fault-tolerant and, to some extent, secure applications. This architecture is composed of sub-systems and libraries of metaobjects. Transparency and separation of concerns is provided not only to the application programmer but also to the programmers implementing metaobjects for fault tolerance, secure communication and distribution. Common services required for implementing metaobjects are provided by the sub-systems. Metaobjects are implemented using object-oriented techniques and can be reused and customised according to the application needs, the operational environment and its related fault assumptions. Flexibility is increased by a recursive use of metaobjects. Examples and experiments are also described
- …