The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we propose an access control architecture for IoT systems by developing a hybrid model with attributes, capabilities and role-based access control. We apply attributes for role-membership assignment and in permission evaluation, Membership of roles grants capabilities which are used to access specific services provided by things. This approach improves policy management for IoT systems...
Personal cloud storage services are gaining popularity, such as SkyDrive, iCloud, Dropbox, etc. All of them provide a certain amount of free storage space for individual users, while the free space is quite limit, and you should upgrade to a paid account to get extra space. Therefore, a new approach is proposed in this paper, that many free personal cloud storage accounts are integrated in order to...
This paper describes the first results of the evaluation of the use of Hippocratic Protocol, on mobile terminals with NFC technology. The evaluation is based on a software application written to ANDROID terminal and used by two type of users: Doctors and Patient. Complementing this app, a server and a database implemented with open source resources was created too. The software developed during this...
Network control systems based on identities allow fine-grained access control for users. They require a network-wide session database containing information about active authenticated and authorized users. We propose an authentication and authorization (AA) module (AAM) as a controller application for software-defined networking to establish a network-wide session database and provide a prototypical...
It considers at this stage to define the structure of reliability and safe future identification system and develop or adopt appropriate algorithms and security protocols to cover vulnerabilities and risks of information. The analysis applies to exploratory research and determined that the database is inconsistent. Finally, it is necessary to have established a system of identification, authentication,...
Internet of things (IoT) has rapidly become one of the most familiar and perhaps most discussed topic on the research field. The attention for the Internet of Things is mainly due to the new connected products intended to bring greater efficiencies and simplicity to life. Variety of IoT applications lead to equally wide variety of security issues. In this paper, we propose an approach to provide secure...
A hash-based micropayment scheme is introduced that takes advantage of good properties of bilinear maps, provides anonymity of the customers and makes it possible to shop at multiple vendors. The proposed scheme minimizes computational and financial costs. We proved that it possesses secure payment authorization under the chosen-target Computational Diffie-Hellman assumption in the random oracle model...
Aim at the digital works are facing with difficult problems in counting, providers can not accurately gain the real and integrated trade data, this paper presents a reliable supervision model, which includes three parts, a seller, a authorizer and a trusted third-part platform, introduces a robust upload data protocol and gives a system implementation. In this paper, the authorizer and seller will...
This paper uses the concept of metasystem and system of system (SOS) to assist in the governance of several networked systems. The approach used here is to consider a metasystem as a controller that can enable and order a set of systems interfaces according to the expected behavior. We use Langefors theory and Finite State Processes to formalize a metasystem architecture and finally we show how the...
The OpenFlow architecture is a proposal from the Clean Slate initiative to define a new Internet architecture where the network devices are simple, and the control and management plane is performed by a centralized controller. The simplicity and centralization architecture makes it reliable and inexpensive. However enterprise network administrators are not familiar with this new concept of network...
The Diameter Protocol is a AAA protocol that solves the problems of previous AAA protocols such as RADIUS. Diameter EAP Application is one of Diameter applications that supports authentication using EAP. In this research, we designed a new state machine for Diameter EAP Server and implemented the first open-source Diameter EAP Application, called DiamEAP. It is available under BSD-like license. DiamEAP...
The prepaid service is a valid method to assure the credit of users that is prevalent used by vendors at present, and it is a very important and applied function. Firstly, the generic AAA architecture and the work principle of RADIUS protocol used by prepaid service are introduced simply. Secondly, the system structure of VoIP authentication and accounting system based on RADIUS is described. Finally,...
A two-step authorization scheme exploiting access lists and XACML policies is proposed to preserve confidentiality in PCEP-based inter-domain path computations. The scheme prevents malicious utilization of the PCE Architecture without significantly delaying the overall setup time.
The Web 2.0 has changed the Internet landscape, users are no longer only consumers but now also producers of content. The increasing number of personal data published on Web Service Providers fathered a new kind of applications: the mashups. These third-party applications access users' information through service providers' APIs via secure authorization protocols such as OAuth. But these protocols...
This paper will introduce simple modifications to the database of the widely deployed Kerberos authentication protocol. The principle's long-term secret key will be independent of the user password with the aim to overcome the weak passwords chosen by the network principal that are susceptible to password guessing attacks, the main drawback of the Kerberos protocol. Instead, the Kerberos Distribution...
One of the most important issues in traditional and modern networks architecture is security. Data integrity and authenticity are the most critical points that a network security model should protect and ensure. Authentication, Authorization and Accounting model (AAA Protocol) is one of the most portable security concepts. Authentication acts providing proof of authenticity for stored data and verifying...
The SIP protocol provides authentication and authorization of SIP requests through a challenge-response authentication scheme inherited by the HTTP protocol and named HTTP Digest Authentication. The current specification defines a particular algorithm for calculating the challenge response that uses the MD5 hash of a combination of user name, realm, and password. Unfortunately, a lot of authentication...
Presence service provides users with information about others userspsila availability, willingness to communicate and preferred means of communication. Presence information can serve as an input for innovative applications which act differently depending on the state of the user and their location. In enterprise environments, such information can greatly increase productivity by allowing employees...
In order to encapsulate data and to convey information more efficiently and more security, a draft frame based on active block ciphers for application layer of Internet which could transmit orange data into semantic security and semantic integrity was designed according to scalable purpose. To different network environment, there were different intelligent choices about block cipher algorithms to...
The UNICORE grid system provides a seamless, secure and intuitive access to distributed grid resources. In recent years, UNICORE 5 is used as a well-tested grid middleware system in production grids (e.g. DEISA, D-Grid) and at many supercomputer centers world-wide. Beyond this production usage, UNICORE serves as a solid basis in many European and International research projects and business scenarios...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.