The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we show how a dealer with limited resources is possible to share the secrets to players via an untrusted cloud server without compromising the privacy of the secrets. This scheme permits a batch of two secret messages to be shared to two players in such a way that the secrets are reconstructable if and only if two of them collaborate. An individual share reveals absolutely no information...
This paper discusses how to add privacy features to the Janus WebRTC media server and gateway. In order to do so, we embrace a standard approach, by leveraging work currently ongoing within the IETF PERC working group. PERC stands for Privacy Enhanced RTP Conferencing and is aimed at enabling centralized real-time conferencing in a scenario where the central media forwarding entity is not required...
Several vulnerabilities were detected in the open SSL connection versions 1.0.1 and 1.0.1f. Usually, in the previous versions of SSL/TLS, once an SSL connection is established between a client and a server, the connection will stay until the client or server is idle for a certain amount of time, after which the connection will be dropped. The idea of keeping the session connected was proposed in 2012...
Information-Centric Networking is a promising networking paradigm that overcomes many of the limitations of current networking architectures. Various research efforts investigate solutions for securing ICN. Nevertheless, most of these solutions relax security requirements in favor of network performance. In particular, they weaken end-user privacy and the architecture's tolerance to security breaches...
Electronic voting plays an increasingly important role in the democratic process in the US and other countries. As technology continues to advance, the security and privacy requirements of contemporary voting platforms become even more strict, and several voting protocols have been proposed. At the same time, homomorphic encryption offers powerful primitives that allow provable guarantees of security...
Data theft and espionage attacks, which is evolved rapidly, impose the need to develop new and stealthy communication techniques to protect sensitive data that is transferred over the Internet. These new techniques should be built in different way than traditional and known communication techniques, in order to eschew detection and monitoring tools. This paper proposes a new covert channel for stealthy...
Medical treatment sometimes requires a case forwarding to a doctor who has a specific expertise. Typically, an electronic medical record (EMS) of a patient can be passed to another doctor without asking the patient because EMS belongs to the healthcare organization. Personal health record (PHR), however, is different because PHR is owned by an individual (e.g., patient) and all accesses to the PHR...
This paper presents an overview of security and it's issues in cloud computing. Nowadays cloud computing has tremendous usage in so many fields such as financial management, communications and collaboration, office productivity suits, accounting applications, customer relationship management, online storage management, human resource and employment. Owing to increase in use of these services by companies,...
Secure yet lightweight protocol for communication over the Internet is a pertinent problem for constrained environments in the context of Internet of Things (IoT) / Machine to Machine (M2M) applications. This paper extends the initial approaches published in [1], [2] and presents a novel cross-layer lightweight implementation to establish a secure channel. It distributes the responsibility of communication...
Spamming is the practice of sending bulk messages through an on-line medium to people connected to it. This could be emails, instant messages or social media messages. Social networking sites that help sending and re-sharing messages became common instantly and their user base, inter-user connectivity are increasing at exorbitant rates. Spammers use such sites to instantly spread messages, which often...
Sending bulk messages like emails, instant messages, social media messages etc. through an on-line medium to people connected to the medium is known as spamming. Spammers use social-networking sites to instantly spread message, often containing sensitive information, to a wider community of users. Filters for such messages should operate in real time on large volume of data. Also, confidentiality...
Establishing trust relationships between network participants by having them prove their operating system's integrity via a Trusted Platform Module (TPM) provides interesting approaches for securing local networks at a higher level. In the introduced approach on OSI layer 2, attacks carried out by already authenticated and participating nodes (insider threats) can be detected and prevented. Forbidden...
Database outsourcing has gained importance in the past few years due to the emergence of the cloud computing. In Database-as-a-Service (DaaS), which is a category of cloud computing services, the database owner outsources both databases and querying services to a cloud server and clients issue queries over the database to the cloud server. In this context, privacy is a primary challenge and it is...
Contemporary cloud computing solutions incorporate HTTP intermediaries, such as reverse proxies, load balancers, and intrusion prevention systems. These act as TLS server connection ends and access HTTP/TLS plaintext to carry out their functions. This raises many concerns: increased security efforts, the risk of losing confidentiality and integrity, and potentially unauthorized data access. Current...
As both the number and the complexity of cyber attacks continuously increase, it is becoming evident that traditional security mechanisms have limited success in detecting sophisticated threats. Stuxnet, Duqu, Flame, Red October and, more recently, Miniduke, have troubled the security community due to their severe complexity and their ability to evade detection in some cases for several years, while...
Multi-Owner Wireless Sensor Networks consist of devices owned by different entities. They have the purpose of covering large areas and reducing energy consumption associated with transmission over long distances. We propose the use of Virtual Networks with the purpose of grouping resources in a Multi-Owner Wireless Sensor Network and delivering a service to the associated owner. We designed a scheme...
The security and dependability of cloud applications require strong confidence in the communication protocol used to access web resources. The mainstream service providers nowadays are shifting to REST-based services in the detriment of SOAP-based ones. REST proposes a lightweight approach to consume resources with no specific encapsulation, thus lacking of meta-data descriptions for security requirements...
Intrusion Detection Systems (IDS) are integral components for the detection of malicious code and attacks. Detection methods can be differentiated in signature-based and anomaly-based systems. While the former ones search for well-known patterns which are available in a database, the latter ones build a model of the normal behavior of a network and later on attacks can be detected by measuring significant...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.