4,080 research outputs found
The Value of User-Visible Internet Cryptography
Cryptographic mechanisms are used in a wide range of applications, including
email clients, web browsers, document and asset management systems, where
typical users are not cryptography experts. A number of empirical studies have
demonstrated that explicit, user-visible cryptographic mechanisms are not
widely used by non-expert users, and as a result arguments have been made that
cryptographic mechanisms need to be better hidden or embedded in end-user
processes and tools. Other mechanisms, such as HTTPS, have cryptography
built-in and only become visible to the user when a dialogue appears due to a
(potential) problem. This paper surveys deployed and potential technologies in
use, examines the social and legal context of broad classes of users, and from
there, assesses the value and issues for those users
THE IMPACT OF PROGRAMMING LANGUAGES ON THE SOFTWAREâS SECURITY
Security is usually defined as the ability of a system to protect itself against accidental or deliberate intrusion1. Ensuring integrity, confidentiality, availability, and accountability requirements even in the presence of a determined, malicious opponent is essential for computer security. Sensitive data has to be manipulated and consulted by authorized users only (integrity, confidentiality). Furthermore, the system should resist âdenial of serviceâ attacks that attempt to render it unusable (availability). Also the system has to ensure the inability to deny the ownership of prior actions (accountability).security
Recommended from our members
A multi-agent architecture for electronic payment
The Internet has brought about innumerable changes to the way enterprises do business. An essential problem to be solved before the widespread commercial use of the Internet is to provide a trustworthy solution for electronic payment. We propose a multi-agent mediated electronic payment architecture in this paper. It is aimed at providing an agent-based approach to accommodate multiple e-payment schemes. Through a layered design of the payment structure and a well-defined uniform payment interface, the architecture shows good scalability. When a new e-payment scheme or implementation is available, it can be plugged into the framework easily. In addition, we construct a framework allowing multiple agents to work cooperatively to realize automation of electronic payment. A prototype has been built to illustrate the functionality of this design. Finally we discuss the security issues
Privacy, security, and trust issues in smart environments
Recent advances in networking, handheld computing and sensor technologies have driven forward research towards the realisation of Mark Weiser's dream of calm and ubiquitous computing (variously called pervasive computing, ambient computing, active spaces, the disappearing computer or context-aware computing). In turn, this has led to the emergence of smart environments as one significant facet of research in this domain. A smart environment, or space, is a region of the real world that is extensively equipped with sensors, actuators and computing components [1]. In effect the smart space becomes a part of a larger information system: with all actions within the space potentially affecting the underlying computer applications, which may themselves affect the space through the actuators. Such smart environments have tremendous potential within many application areas to improve the utility of a space. Consider the potential offered by a smart environment that prolongs the time an elderly or infirm person can live an independent life or the potential offered by a smart environment that supports vicarious learning
Hybrid quantum computing with ancillas
In the quest to build a practical quantum computer, it is important to use
efficient schemes for enacting the elementary quantum operations from which
quantum computer programs are constructed. The opposing requirements of
well-protected quantum data and fast quantum operations must be balanced to
maintain the integrity of the quantum information throughout the computation.
One important approach to quantum operations is to use an extra quantum system
- an ancilla - to interact with the quantum data register. Ancillas can mediate
interactions between separated quantum registers, and by using fresh ancillas
for each quantum operation, data integrity can be preserved for longer. This
review provides an overview of the basic concepts of the gate model quantum
computer architecture, including the different possible forms of information
encodings - from base two up to continuous variables - and a more detailed
description of how the main types of ancilla-mediated quantum operations
provide efficient quantum gates.Comment: Review paper. An introduction to quantum computation with qudits and
continuous variables, and a review of ancilla-based gate method
Big Data Privacy Context: Literature Effects On Secure Informational Assets
This article's objective is the identification of research opportunities in
the current big data privacy domain, evaluating literature effects on secure
informational assets. Until now, no study has analyzed such relation. Its
results can foster science, technologies and businesses. To achieve these
objectives, a big data privacy Systematic Literature Review (SLR) is performed
on the main scientific peer reviewed journals in Scopus database. Bibliometrics
and text mining analysis complement the SLR. This study provides support to big
data privacy researchers on: most and least researched themes, research
novelty, most cited works and authors, themes evolution through time and many
others. In addition, TOPSIS and VIKOR ranks were developed to evaluate
literature effects versus informational assets indicators. Secure Internet
Servers (SIS) was chosen as decision criteria. Results show that big data
privacy literature is strongly focused on computational aspects. However,
individuals, societies, organizations and governments face a technological
change that has just started to be investigated, with growing concerns on law
and regulation aspects. TOPSIS and VIKOR Ranks differed in several positions
and the only consistent country between literature and SIS adoption is the
United States. Countries in the lowest ranking positions represent future
research opportunities.Comment: 21 pages, 9 figure
An architecture and protocol, an access control model, and a sighting blurring algorithm for improving users' security in the context of location based services operating over the internet
A new type of service, known as a Location Based Service (LBS), is emerging that
incorporates users' location information, and many of these LBSs operate over the
Internet. However, the potential misuse of this location information is a serious
concern. Therefore, the main goal of this thesis is to develop techniques, which
increase users' security and privacy, for use with these LBSs.
The �rst technique that we propose is a three-party protocol that is used to mutually
identify and authenticate users, LBSs, and a trusted middleware infrastructure
that is responsible for managing the users' identity and location information. This
protocol enables users to simultaneously identify and authenticate themselves to the
infrastructure using real identities, and to the LBSs using pseudonyms. This protocol
can be subsequently used to securely exchange messages containing location
information.
The second technique that we propose is an access control model that enables
users to create permissions that specify which users and LBSs are entitled to obtain
location information about which other users, under what circumstances the location
information is released to the users and LBSs, and the accuracy of any location
information that is released to the users and LBSs.
The third technique that we propose is a blurring algorithm that performs spatial
blurring on users' location information. It does not perform temporal blurring,
because this reduces an LBS's ability to �offer a useful service. Instead, our blurring
algorithm introduces a new parameter that speci�es the frequency with which location
information is released for a particular user. This frequency parameter is a
function of the size of the blurred location.
These three techniques can be used as part of an overall solution for providing
users with increased security while using LBSs that operate over the Internet
- âŚ