The second international workshop on enterprise security

Welcome to our second international workshop on Enterprise Security as part of CloudCom 2015, Vancouver, Canada, November 30-December 3, 2015. The first international workshop held in Singapore has been a major success since then we have achieved greater team activities, research, and international collaborations as the major and significant outcome of our first workshop on this topic. Enterprise Security involves all business, products, governments, organization, and their contractors. This also includes research areas of information security, software security, computer security, cloud security, IoT security, data and big data security. This workshop provides a significant contribution from experts on some of the following key research areas:* Incident response Systems Security - This involves many organisations are outsourcing computer operations to third parties, and the next logical step is to outsource management of computer security incidents as well.* Cloud Security Assurance Model - Defining proper measures for evaluating the effectiveness of an assurance model, which we have developed to ensure cloud security, is vital to ensure the successful implementation and continued running of the model. We need to understand that with security being such an essential component of business processes, responsibility must lie with the board.* Cloud Security - The development of cloud computing and the vast use of its services poses significant security and privacy concerns to the people and the organizations relying on these services. Diversification and obfuscation approaches are of the most promising proactive techniques that protect computers from harmful malware, by preventing them to take advantage of the security vulnerabilities. Mission critical applications are limited in the cloud as it has various security issues. As the data size are being increased gradually and the difficulty in storing, retrieving and managing data makes the application to move into cloud.* Cloud Forensics & Cryptanalysis and Enhancement - Password based authentication has been used extensively as a one of the most appropriate authentication techniques.* Validating technology and BI Techniques – This is useful for organizations to understand their status with return and risk. They can evaluate their security policies and technologies regularly.* Risk Analysis and Big Data – This is increasingly important for organizations since they deal with growing amount of data, dependency and complexity. Risk analysis can be applied to many areas related or outside cloud computing.We are pleased to receive 24 papers from researchers of 12 different countries. After the vigorous review process and careful considerations, 11 papers have been selected, with 5 full papers and 6 short papers. We have offered two prize awards. One award is to award the best paper in the information system category. The other award is to award the best paper in the computational category. Each winner can be invited to International Journal of Information Management (IJIM) and Future Generation Computer Systems (FGCS). Another good news we have is that extended version of conference papers and other security/risk researchers can contribute to our Springer book scheduled to call for papers after our workshop. We are honoured to have Dr. Konstantin Beznosov to be our keynote speaker.Enterprise Security has been a popular topic since it includes cyber security, risk management, information security, Cloud and Forensic security, risk analysis and Big Data. It is an area that can make theory into practice and allow any organizations that adopt our recommendations to enjoy the benefits of enforced Enterprise Security. The outputs of our workshop can provide organizations with several useful recommendations, proofs-of-concepts and demonstrations to improve current security and risk practices.We hope the second international workshop will foster collaborations of projects, research publications and funding opportunities at the international setting in Vancouver, Canada.Workshop Organizing Committee would like to thank CloudCom organizers for their fullest support

Introductory Editorial

The Open Journal of Big Data is a new open access journal published by RonPub, and RonPub is an academic publisher of online, open access, peer-reviewed journals. OJBD addresses aspects of Big Data, including new methodologies, processes, case studies, poofs-of-concept, scientific demonstrations, industrial applications and adoption. This editorial presents the two articles in this first issue. The first paper is on An Efficient Approach for Cost Optimization of the Movement of Big Data, which mainly focuses on the challenge of moving big data from one data center to other.The second paper is on Cognitive Spam Recognition Using Hadoop and Multicast-Update, which describes a method to make machines cognitively label spam using Machine Learning and the Naive Bayesian approach. OJBD has a rising reputation thanks to the support of research communities, which help us set up the First International Conference on Internet of Things and Big Data 2016 (IoTBD 2016), in Rome, Italy, between 23 and 25 April 2016

New Areas of Contributions and New Addition of Security

Open Journal of Big Data (OJBD) (www.ronpub.com/ojbd) is an open access journal, which addresses the aspects of Big Data, including new methodologies, processes, case studies, poofs-of-concept, scientific demonstrations, industrial applications and adoption. This editorial presents two articles published in the first issue of the second volume of OJBD. The first article is about the investigation of social media for the public engagement. The second article looks into large-scale semantic web indices for six RDF collation orders. OJBD has an increasingly improved reputation thanks to the support of research communities. We will set up the Second International Conference on Internet of Things, Big Data and Security (IoTBDS 2017), in Porto, Portugal, between 24 and 26 April 2017. OJBD is published by RonPub (www.ronpub.com), which is an academic publisher of online, open access, peer-reviewed journals

Epilogue: Summary and Outlook

Open Journal of Big Data (OJBD) is an open access journal addressing aspects of Big Data, including new methodologies, processes, case studies, poofs-of-concept, scientific demonstrations, industrial applications and adoption. This editorial presents three articles in the second issue. The first paper is on Big Data in the Cloud. The second paper is on Statistical Machine Learning in Brain State Classification using EEG Data. The third article is on Data Transfers in Hadoop. OJBD has a rising reputation thanks to the support of research communities, which has helped us set up the First International Conference on Internet of Things and Big Data (IoTBD 2016), in Rome, Italy, between 23 and 25 April 2016. OJBD is published by RonPub (www.ronpub.com), which is an academic publisher of online, open access, peer-reviewed journals

Password Authentication Key Exchange Mechanism using Identity Based System

In digital world various authentication techniques are used, password authentication is one of the traditional technique. Many improvements are made in password authentication techniques as only password authentication cannot withstand today?s attack. One of the password authentication technique is two-server password authentication. In two-server password-authenticated key exchange (PAKE) protocol, a client splits its password and stores two shares of its password in the two servers, respectively, and the two servers then cooperate to authenticate the client without knowing the password of the client. In case one server is compromised by an adversary, the password of the client is required to remain secure. Research work proposed two servers that stores two shares of identity password in encrypted format. The two shares of passwords will be stored in such a way that identity password will be reformed with the help of any user defined algorithm. Along with password authentication, here idea is to implement identity based on encryption technique to encrypt the documents and messages. Proposed system will prevent dictionary, shoulder surfing, and key logger attacks

PACCE -A Real Genuine Key Swap over Protocols

A Secure protocols for password-based user authentication unit well-studied among the crypto logical literature but have did not see wide-spread adoption on the internet; most proposals up to presently want full modifications to the Transport Layer Security (TLS) protocol, making preparation onerous. Recently many traditional styles square measure projected among that a cryptographically secure countersign-based mutual authentication protocol is run among a confidential (but not primarily authenticated) channel like TLS; the countersign protocol is sure to the established channel to forestall active attacks. Such protocols unit helpful in apply for a ramification of reasons: ability to validate server certificates and can all told likelihood be enforced with no modifications to the secure channel protocol library. It offers a scientific study of such authentication protocols. Building on recent advances in modelling TLS, we've associate inclination to provide a correct definition of the meant security goal, that we've associate inclination to decision password-authenticated and confidential channel institution (PACCE). we've associate inclination to imply generically that combining a secure channel protocol, like TLS, Our prototypes supported TLS unit accessible as a cross-platform client-side Firefox browser extension furthermore as associate golem application and a server-side internet application which will simply be place in on servers

A method for making password-based key exchange resilient to server compromise

Abstract. This paper considers the problem of password-authenticated key exchange (PAKE) in a client-server setting, where the server authenticates using a stored password file, and it is desirable to maintain some degree of security even if the server is compromised. A PAKE scheme is said to be resilient to server compromise if an adversary who compromises the server must at least perform an offline dictionary attack to gain any advantage in impersonating a client. (Of course, offline dictionary attacks should be infeasible in the absence of server compromise.) One can see that this is the best security possible, since by definition the password file has enough information to allow one to play the role of the server, and thus to verify passwords in an offline dictionary attack. While some previous PAKE schemes have been proven resilient to server compromise, there was no known general technique to take an arbitrary PAKE scheme and make it provably resilient to server compromise. This paper presents a practical technique for doing so which requires essentially one extra round of communication and one signature computation/verification. We prove security in the universal composability framework by (1) defining a new functionality for PAKE with resilience to server compromise, (2) specifying a protocol combining this technique with a (basic) PAKE functionality, and (3) proving (in the random oracle model) that this protocol securely realizes the new functionality.

Peer-to-Peer Intrusion Detection Systeme für den Schutz sensibler IT-Infrastrukturen

Vortrag der GI-Jahrestagung: Sicherheit in komplexen, vernetzten Umgebungen, Workshop im Rahmen der Jahrestagung 2005 der Gesellschaft für Informatik Informatik LIVE!, 19. - 22. September 2005 in Bonn, Deutschlan

Communication-efficient three-party protocols for authentication and key agreement

AbstractEncrypted key exchange (EKE) authentication approaches are very important for secure communicating over public networks. In order to solve the security weaknesses three-party EKE, Yeh et al. [H.T. Yeh, H.M. Sun, T. Hwang, Efficient three-party authentication and key agreement protocols resistant to password guessing attacks, Information Science and Engineering 19 (6) (2003) 1059–1070.] proposed two secure and efficient three-party EKE protocols. Based on the protocol developed by Yeh et al., two improved EKE protocols for authentication and key agreement are proposed in this study. The computational costs of the proposed protocols are the same as those of the protocols of Yeh et al. However, the numbers of messages in the communication are fewer than those of the protocols of Yeh et al. Furthermore, the round efficient versions of our proposed protocols are also described