2,356 research outputs found
Threats and countermeasures for network security
In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented
RSA authentication mechanisms in control grid computing environment using Gridsim toolkit
There are security concerns when our sensitive data is placed in the third party infrastructure such as in the Grid Computing environment.
As such, it is difficult to be assured that our data is in the safe hands.Thus, authentication has become the most critical factor pertaining to this.There are several approaches has been discussed in the grid computing environment on the safeguard, scalable and efficient authentication that are either Virtual Organization centric or Resource centric.Most of the grid computing
uses public key infrastructure (PKI) to secure the identification, but the vulnerability are still cannot be avoid. In order to satisfy the security need of grid computing environment, we design an alternative authentication mechanism using RSA algorithm to ensure the user identification, and carry out the experiment in the Gridsim toolkit simulator
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
- …