5 research outputs found

    Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

    No full text
    Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP) to transfer information and Secure Sockets Layer (SSL) to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS) is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS) server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations

    Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

    No full text
    Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP) to transfer information and Secure Sockets Layer (SSL) to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS) is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS) server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations

    Ensuring Data Integrity Scheme Based on Digital Signature and Iris Features in Cloud

    No full text
    Cloud computing is a novel paradigm that allows users to remotely access their data through web- based tools and applications. Later, the users do not have the ability to monitor or arrange their data. In this case, many security challenges have been raised. One of these challenges is data integrity. Contentiously, the user cannot access his data directly and he could not know whether his data is modified or not. Therefore, the cloud service provider should provide efficient ways for the user to ascertain whether the integrity of his data is protected or compromised. In this paper, we focus on the problem of ensuring the integrity of data stored in the cloud. Additionally, we propose a method which combines biometric and cryptography techniques in a cost-effective manner for data owners to gain trust in the cloud. We present efficient and secure integrity based on the iris feature extraction and digital signature.  Iris recognition has become a new, emergent approach to individual identification in the last decade. It is one of the most accurate identity verification systems. This technique gives the cloud user more confidence in detecting any block that has been changed. Additionally, our proposed scheme employs user’s iris features to secure and integrate data in a manner difficult for any internal or external unauthorized entity to take or compromise it. Iris recognition is an internal organ that is well protected against damage and wear by a highly transparent and sensitive membrane. Extensive security and performance analysis show that our proposed scheme is highly efficient and provably secure

    Lightweight Integrity Preserving Scheme for Secure Data Exchange in Cloud-Based IoT Systems

    No full text
    The information obtained from external sources within the cloud and the resulting computations are not always reliable. This is attributed to the absence of tangible regulations and information management on the part of the information owners. Although numerous techniques for safeguarding and securing external information have been developed, security hazards in the cloud are still problematic. This could potentially pose a significant challenge to the effective adoption and utilization of cloud technology. In terms of performance, many of the existing solutions are affected by high computation costs, particularly in terms of auditing. In order to reduce the auditing expenses, this paper proposes a well-organised, lightweight system for safeguarding information through enhanced integrity checking. The proposed technique implements a cryptographic hash function with low-cost mathematic operations. In addition, this paper explores the role of a semi-trusted server with regard to smart device users. This facilitates the formal management of information prior to distribution through the IoT-cloud system. Essentially, this facilitates the validation of the information stored and exchanged in this environment. The results obtained show that the proposed system is lightweight and offers features such as a safeguarding capability, key management, privacy, decreased costs, sufficient security for smart device users, one-time key provision, and high degree of accuracy. In addition, the proposed method exhibits lower computation complexity and storage expenses compared with those of other techniques such as bilinear map-based systems

    Lightweight Secure Message Delivery for E2E S2S Communication in the IoT-Cloud System

    No full text
    The continuous increase in the use of smart devices and the need for E2E smart2smart (S2S) services in IoT systems play effective and contemporary roles in the field of communication, and a large amount of resources is required. Thus, IoTs and cloud computing must be integrated. One of the results of this integration is the increase in the number of attacks and vulnerabilities in the E2E S2S message delivery service of such an IoT-cloud system. However, none of the traditional security solutions can be sufficiently regarded as a secure and lightweight mechanism for ensuring that the security requirements for E2E S2S message transmission in the IoT-cloud system are fulfilled. This work aims to provide an efficient and secure, lightweight E2E S2S message delivery function, which includes the E2E S2S secure key and biometric parameter exchange function, a bio-shared parameter and bio-key generation function, secure lightweight E2E S2S communication negotiation and secure E2E S2S lightweight message delivery. The secure, lightweight cryptographic communication procedure is negotiated between a pair of smart devices during each E2E session to minimize the power consumption required of limited-energy devices. Such a negotiation process prevents known attacks by providing responsive mutual authentication. Lightweight message delivery by the two smart devices can satisfy the basic security requirements of E2E communication and ensure that the computational cost required for a real-time system is as low as possible
    corecore