The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Collaborative technologies have gained popularity due to the widespread adoption of cloud computing and web applications. Services like Google Docs, Office 365 can make one's documents accessible from everywhere, allowing real-time cooperative editing by multiple authors. From a security standpoint, they may offer transport protection by means of TLS, but the users's confidential data can still be...
Multi sender attribute-based broadcast authentication scheme for the network containing resource constrained nodes is the main focus of this research. In this paper, we proposed a framework in which each element of a set of authorized users whose attributes satisfy a special sign control policy can generate a valid signature. In this framework, there exists a trusted server who receives and verifies...
The Network Time Security specification provides measures which are designed to add security to time synchronization protocols, while considering their specific timing-related requirements. The development of the specification is accompanied by formal analysis of its security model. Special attention is paid to the Network Time Protocol, for which an implementation of those measures is in progress.
Information sharing among a group of friends or colleagues in real life is usually a distributed process: we tell each other interesting or important news without any mandatory assistance or approval from a third party. Surprisingly, this is not what happens when sharing files among a group of friends over the Internet. While the goal of file sharing is to disseminate files among multiple parties,...
Content-centric network (CCN) [1] is an emerging future network paradigm that concentrates on the content itself rather than the content owner or location information. Many research efforts have been made to apply CCN over various fields such as sensor networks, vehicular networks, mobile ad-hoc networks, disaster recovery services, machine-to-machine communications and Internet of Things (IoT). Especially,...
The volume of personal information and data most Internet users find themselves amassing is ever increasing, and the fast pace of the modern world results in most people requiring instant access to their files. Millions of these users turn to cloudbased file synchronisation services, such as Dropbox, Microsoft SkyDrive, Apple iCloud and Google Drive, to enable "alwayson" access to their...
In this paper, we propose a simple random key pre-distribution (RKP) scheme with self-healing for multiphase wireless sensor networks (WSNs) without even lightweight operations such as a hash function, in which the link compromised by node-capture attack in a WSN automatically self-heals with time. Our scheme can enhance the resiliency of existing RKP schemes by only updating the key pool of a server...
Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers as data. This mechanism has vulnerabilities that can...
Authentication has been a cornerstone of computer security for decades. A considerable number of authentication protocols have been specified and implemented. This paper compares most common families of client-server authentication protocols and shows the benefits of the combined use of One Time Password (OTP) with Password Authenticated Key Exchange (PAKE) protocols. Then, the paper addresses a particular...
In order to increase the resilience against spam, we design and implement a protocol based on cryptographic puzzles for an open-source web based e-mail client. Our proposal is compatible with existing e-mail infrastructure and does not require modifications on the server side. The only add-on is a stand-alone ticketing server that is used to deliver the current cost to each sender. The puzzles that...
In order to protect privacy of RFID tag against malicious tag tracing activities, many RFID authentication protocols with the secret key update scheme have been proposed to support forward security. These proposals are symmetric key based in common due to the lack of computational resource to perform heavy asymmetric cryptographic operations in low-cost tags. In this paper, we have demonstrated that...
Remote user authentication is used to validate the legitimacy of a remote log-in user. Due to the rapid growth of computer community, many network architectures are becoming multi-server based. Recently, there have been many remote password authentication schemes proposed for securing multi-server environments. These schemes used either a nonce or a timestamp technique to prevent the replay attack...
Online communication offers organizations greater efficiency. However, online processes increase the threat level during message transfer. This necessitates researchers to develop and improve security protocols in order to enhance the security of communication lines. There are many evaluation tools such as BAN Logic to evaluate how secure authentication protocols' messages are. Despite the evaluation...
The ID and password is the most classical method among authentication techniques on the internet, and is performed more easily and successfully than other methods. However, it is a vulnerable method against attacks such as eavesdropping or replay attack. To overcome this problem, OTP technique is used. The most popular OTP is HOTP algorithm, which is based on one-way hash function SHA-1. It is a cornerstone...
Security of wireless local area network (WLAN) is a research hotspot at all times. Although many researches concerning security standards, principles and algorithms have been published, the implementation solution is seldom focused on. This paper studies the architecture of WLAN security authentication based on WLAN authentication and privacy infrastructure (WAPI) and presents a software solution...
Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against directory services have been identified, attacks and vulnerabilities of virtual...
In order to solve the problems that unsafely login e-commerce, Internet banking system and traditional dynamic password system needs external equipment, an improved identity authentication scheme based on PKI-SIM card is proposed in this paper. With the SIM card which is embedded with a security algorithm to generate a dynamic password as authentication terminal, user avoids the trouble to carry with...
Kerberos protocol is one of the popular security protocols used to authenticate the identities of the communication participants. The key distribution mechanism in this protocol is suitable for other secure applications. We formalize the protocol using CSP methods. Based on the formal model, the mechanism of the protocol is exposed to us clearly. Principles and tools support the verification of the...
Modern database systems increasingly make use of networked storage. This storage can be in the form of SAN's or in the form of shared-nothing nodes in a cluster. One type of attack on databases is arbitrary modification of data in a database through the file system, bypassing database access control. Additionally, for many applications, ensuring strict and definite authenticity of query source and...
Tokens are popular in two factor authentication, where the first authentication credential is a fixed secret key s1 associated with the user and the second authentication credential is a dynamic secret key s2 generated by the token assigned to the user. Popular hardware tokens use a synchronized clock T along with a static secret key encoded into the token to generate a one time secret s2. The contribution...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.