发布求助
文献互助 智能选刊 最新文献

First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)最新文献

筛选
英文 中文
MOTET: Mobile Transactions using Electronic Tickets moet:使用电子门票进行移动交易
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.27
D. Quercia, S. Hailes
{"title":"MOTET: Mobile Transactions using Electronic Tickets","authors":"D. Quercia, S. Hailes","doi":"10.1109/SECURECOMM.2005.27","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.27","url":null,"abstract":"There has been considerable work within the field of digital cash protocols that aims to provide security guarantees - non-repudiation, authentication, overspending checking and off-line checking - whilst protecting anonymity. However, considerably less attention has been given to the question of electronic ticketing, and what exists has been rather abstract or limited. Although eTickets aim at providing the same security guarantees and privacy preservation properties as digital cash, they are significantly different. Digital cash derives much of its anonymity from the fact that the denominations of electronic coins and notes are sufficiently universal that it is not possible for the bank to know in advance how they might be spent. In an eTicketing system, however, this is not the case: at the point the ticket is purchased, the ticket vendor knows for what it will be used and, if a non-anonymous payment system is used, can associate this with the customer. We present a novel protocol that enables users to purchase and spend electronic tickets (eTickets) of a range of two different types: those that can only be used a certain number of times, and those that expire after a certain date.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127168978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Security and Privacy Issues in E-passports 电子护照的安全和隐私问题
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.59
A. Juels, D. Molnar, D. Wagner
{"title":"Security and Privacy Issues in E-passports","authors":"A. Juels, D. Molnar, D. Wagner","doi":"10.1109/SECURECOMM.2005.59","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.59","url":null,"abstract":"Within the next year, travelers from dozens of nations may be carrying a new form of passport in response to a mandate by the United States government. The e-passport, as it is sometimes called, represents a bold initiative in the deployment of two new technologies: Radio-Frequency Identification (RFID) and biometrics. Important in their own right, e-passports are also the harbinger of a wave of next-generation ID cards: several national governments plan to deploy identity cards integrating RFID and biometrics for domestic use. We explore the privacy and security implications of this impending worldwide experiment in next-generation authentication technology. We describe privacy and security issues that apply to e-passports, then analyze these issues in the context of the International Civil Aviation Organization (ICAO) standard for e-passports.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124633692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 365
Short Paper: Towards a Location-Aware Role-Based Access Control Model 一种基于位置感知角色的访问控制模型
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.50
I. Ray, Lijun Yu
{"title":"Short Paper: Towards a Location-Aware Role-Based Access Control Model","authors":"I. Ray, Lijun Yu","doi":"10.1109/SECURECOMM.2005.50","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.50","url":null,"abstract":"With the growing use of wireless networks and mobile devices, we are moving towards an era where location information will be necessary for access control. The use of location information can be used for enhancing the security of an application, and it can also be exploited to launch attacks. For critical applications, a formal model for location-based access control is needed that increases the security of the application and ensures that the location information cannot be exploited to cause harm. In this paper, we show how the Role-Based Access Control (RBAC) model can be extended to incorporate the notion of location. We show how the different components in the RBAC model are related with location and how this location information can be used to determine whether a subject has access to a given object. This model is suitable for applications consisting of static and dynamic objects, where location of the subject and object must be considered before granting access.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130199760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Short Paper: Schemes for Enhancing the Denial-of-Service Tolerance of SRTP 短文:提高SRTP拒绝服务容忍度的方案
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.48
S. Garg, Navjot Singh, T. Tsai
{"title":"Short Paper: Schemes for Enhancing the Denial-of-Service Tolerance of SRTP","authors":"S. Garg, Navjot Singh, T. Tsai","doi":"10.1109/SECURECOMM.2005.48","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.48","url":null,"abstract":"Secure Real-time Transport Protocol (SRTP) provides confidentiality, authentication, integrity and replay protection for secure media transport in VoIP. However, the overhead of HMAC-SHA1 incurred per packet makes SRTP susceptible to flooding based Denial-of-Service attack. In this paper, we present a class of schemes to increase the DoS tolerance in SRTP. The central idea is to add a light-weight authentication mechanism on top of SRTP. This mechanism is used to efficiently discard illegitimate packets early on in the face of a DoS attack. Analysis shows that substantially larger traffic flood can be handled with the proposed enhancements.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134191812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
On the Security of Distributed Position Services 分布式岗位服务的安全性研究
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.29
Xiaoxin Wu, C. Nita-Rotaru
{"title":"On the Security of Distributed Position Services","authors":"Xiaoxin Wu, C. Nita-Rotaru","doi":"10.1109/SECURECOMM.2005.29","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.29","url":null,"abstract":"In this paper we analyze the security vulnerabilities of positionbased routing protocols and virtual home region (VHR)-based distributed position service systems. We propose methods to protect the position information from both external and internal attackers. We then discuss and propose several mitigation mechanisms against position abuse by internal attackers that exploit the position service to trace their targets. Finally, we propose a position verification mechanism that allows the position service to verify that the positions reported by nodes are correct.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134571249","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
On Improving the Performance of Role-Based Cascaded Delegation in Ubiquitous Computing 普适计算中基于角色的级联委托性能改进研究
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.28
D. Yao, R. Tamassia, Seth Proctor
{"title":"On Improving the Performance of Role-Based Cascaded Delegation in Ubiquitous Computing","authors":"D. Yao, R. Tamassia, Seth Proctor","doi":"10.1109/SECURECOMM.2005.28","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.28","url":null,"abstract":"In ubiquitous computing environments, computing devices may have small storage units and limited bandwidths. A trust management system needs to be efficient in order to keep communication and computation costs low. The trust establishment mechanism needs to be flexible, because credentials are usually scattered at distributed locations. Also, the authorization process needs to be decentralized and support dynamic resource-sharing in order to handle emergency situations. We discuss how to improve the efficiency, flexibility, and privacy of role-based cascaded delegations in a ubiquitous computing environment. Operations for managing delegation chains in the role-based cascaded delegation (RBCD) model are presented. These operations can significantly improve the performance of the decentralized delegation in the RBCD model, without increasing the management overhead.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124648386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Countermeasures Against Traffic Analysis Attacks in Wireless Sensor Networks 无线传感器网络流量分析攻击的防范措施
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.16
Jing Deng, Richard O. Han, Shivakant Mishra
{"title":"Countermeasures Against Traffic Analysis Attacks in Wireless Sensor Networks","authors":"Jing Deng, Richard O. Han, Shivakant Mishra","doi":"10.1109/SECURECOMM.2005.16","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.16","url":null,"abstract":"Wireless sensor networks are highly vulnerable to the failure of base stations. An adversary can render a wireless sensor network useless by launching remote, softwarebased attacks or physical attacks on the base stations. This paper addresses the problem of defending a base station against physical attacks by concealing the geographic location of a base station. Typical packet traffic in a sensor network reveals pronounced patterns that allow an adversary analyzing packet traffic to deduce the location of a base station. The paper investigates several countermeasures against traffic analysis techniques aimed at disguising the location of a base station. First, a degree of randomness is introduced in the multi-hop path a packet takes from a sensor node to a base station. Second, random fake paths are introduced to confuse an adversary from tracking a packet as it moves towards a base station. Finally, multiple, random areas of high communication activity are created to deceive an adversary as to the true location of the base station. The paper evaluates these techniques analytically and via simulation using three evaluation criteria: total entropy of the network, total energy consumed, and the ability to guard against heuristic-based techniques to locate a base station.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124696655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 297
A Privacy Service for Context-aware Mobile Computing 面向上下文感知移动计算的隐私服务
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.8
Vagner José do Sacramento Rodrigues, M. Endler, Fernando N. Nascimento
{"title":"A Privacy Service for Context-aware Mobile Computing","authors":"Vagner José do Sacramento Rodrigues, M. Endler, Fernando N. Nascimento","doi":"10.1109/SECURECOMM.2005.8","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.8","url":null,"abstract":"Privacy issues related to the access of context information are becoming increasingly important as we move toward ubiquitous and mobile computing environments. In this article, we describe the design and implementation of a privacy service, called Context Privacy Service (CoPS), to control how, when and to whom disclose a user’s context information. Based on the results of an end-user survey and experience reported by other research groups, we identified the main service requirements and designed CoPS aiming flexibility, generality, simplicity and fine-grained privacy control. CoPS is an optional service of our context-provisioning middleware MoCA and allows users of context- and location-aware applications to define and manage their privacy policies regarding disclosure of their context information. The main features supported by CoPS are group-based access control, pessimistic and optimistic approaches for access control, hierarchical privacy rules, mixed-initiative interaction, and rule specificity analysis.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127437562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 40
Short paper: Tri-party TLS Adaptation for Trust Delegation in Home Networks 短文:家庭网络中信任委托的三方TLS适配
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.51
K. Masmoudi, M. Hussain, H. Afifi, D. Seret
{"title":"Short paper: Tri-party TLS Adaptation for Trust Delegation in Home Networks","authors":"K. Masmoudi, M. Hussain, H. Afifi, D. Seret","doi":"10.1109/SECURECOMM.2005.51","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.51","url":null,"abstract":"Home networking has come in wider use, thus appealing to an increasing need for security. Emerging social concepts such as telecommutation brought a new kind of security threats to the home environment. Besides, low-capacity devices in the home domain may need a central entity dedicated to security enforcement. As SSL-based VPN solutions don’t provide end-to-end tunnels, we have extended TLS protocol to delegate trust establishment between a home network server and an external client to a security gateway, acting as a reverse proxy. Moreover, we formally validated it using automatic protocol analyzer AVISPA.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131049900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information 利用分层身份加密技术对普适计算信息进行访问控制
First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05) Pub Date : 2005-09-05 DOI: 10.1109/SECURECOMM.2005.18
U. Hengartner, P. Steenkiste
{"title":"Exploiting Hierarchical Identity-Based Encryption for Access Control to Pervasive Computing Information","authors":"U. Hengartner, P. Steenkiste","doi":"10.1109/SECURECOMM.2005.18","DOIUrl":"https://doi.org/10.1109/SECURECOMM.2005.18","url":null,"abstract":"Access control to confidential information in pervasive computing environments is challenging for multiple reasons: First, a client requesting access might not know which access rights are necessary in order to be granted access to the requested information. Second, access control must support flexible access rights that include context-sensitive constraints. Third, pervasive computing environments consist of a multitude of information services, which makes simple management of access rights essential. We discuss the shortcomings of existing access-control schemes that rely on either clients presenting a proof of access to a service or services encrypting information before handing the information over to a client. We propose a proofbased access-control architecture that employs hierarchical identity-based encryption in order to enable services to inform clients of the required proof of access in a covert way, without leaking information. Furthermore, we introduce an encryption-based access-control architecture that exploits hierarchical identity-based encryption in order to deal with multiple, hierarchical constraints on access rights. We present an example implementation of our proposed architectures and discuss the performance of this implementation.","PeriodicalId":200859,"journal":{"name":"First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130526397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 62
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信