发布求助
文献互助 智能选刊 最新文献

2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)最新文献

筛选
英文 中文
Emerging new trends of location based systems security 基于位置的系统安全的新趋势
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412078
Fatema Al Mansoori, C. Yeun
{"title":"Emerging new trends of location based systems security","authors":"Fatema Al Mansoori, C. Yeun","doi":"10.1109/ICITST.2015.7412078","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412078","url":null,"abstract":"Location Base System (LBS) is considered one of the most beneficial technologies in our modern life, commonly imbedded in varies devices. It helps people find their required services in the least amount of time based on their positions. The users submit a query with their locations and their required services to an un-trusted LBS server. This raises the flag of user privacy where the user has to have the right to conduct services with keeping their location or identity concealed. This research will cover introduction to LBS Services and Architecture components. Security threats to LBS, related work to providing security while conducting LBS services which will include checking integrity of provided location information (LI), privacy of end user vs identifying end user for security purposes. Privacy of end user based on key anonymity and the four different LBS security approaches based on key-anonymity which are: Encryption-based K-anonymity, MobiCache, FGcloak and Pseudo-Location Updating System. Comparison and analysis of the four stated LBS security approaches and finally enhancements and recommendations.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"19 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132230162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A proposed framework for proactive vulnerability assessments in cloud deployments 提议的云部署中的主动漏洞评估框架
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412055
K. Torkura, Feng Cheng, C. Meinel
{"title":"A proposed framework for proactive vulnerability assessments in cloud deployments","authors":"K. Torkura, Feng Cheng, C. Meinel","doi":"10.1109/ICITST.2015.7412055","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412055","url":null,"abstract":"Vulnerability scanners are deployed in computer networks and software to timely identify security flaws and misconfigurations. However, cloud computing has introduced new attack vectors that requires commensurate change of vulnerability assessment strategies. To investigate the effectiveness of these scanners in cloud environments, we first conduct a quantitative security assessment of OpenStack's vulnerability lifecycle and discover severe risk levels resulting from prolonged patch release duration. More specifically, there are long time lags between OpenStack patch releases and patch inclusion in vulnerability scanning engines. This scenario introduces sufficient time for malicious actions and creation of exploits such as zero-days. Mitigating these concern requires systems with current knowledge on events within the vulnerability lifecycle. However, current vulnerability scanners are designed to depend on information about publicly announced vulnerabilities which mostly includes only vulnerability disclosure dates. Accordingly, we propose a framework that would mitigate these risks by gathering and correlating information from several security information sources including exploit databases, malware signature repositories and Bug Tracking Systems. The information is thereafter used to automatically generate plugins armed with current information about zero-day exploits and unknown vulnerabilities. We have characterized two new security metrics to describe the discovered risks.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"197 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134176749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
An extension of RSA_512 to RSA_1024 core under hardware platform based on montgomery powering 基于montgomery供电的硬件平台下RSA_512到RSA_1024内核的扩展
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412140
Wahiba Hentabli, Fatiha Merazka
{"title":"An extension of RSA_512 to RSA_1024 core under hardware platform based on montgomery powering","authors":"Wahiba Hentabli, Fatiha Merazka","doi":"10.1109/ICITST.2015.7412140","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412140","url":null,"abstract":"A hardware implementation of RSA encryption based on Montgomery algorithm with modular multiplication and systolic array architecture is presented. In this paper, we present an extension of RSA core from 512 key lengths to 1024 key length under hardware platform. The design uses two block multipliers as the main functional unit and Block-RAM as storage unit for the operands. To extend the core from 512 bits to 1024 bits, the design keeps the same IP-Core architecture, it will only adjust the radix used in the multipliers, and number of words to meet the system requirements such as available resources, precision and timing constraints. The architecture, based on the Montgomery modular multiplication algorithm, utilizes a pipelining technique that allows concurrent operation of hardwired multipliers.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"107 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129497361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Secure distributed key generation in attribute based encryption systems 基于属性的加密系统中的安全分布式密钥生成
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412067
D. Pletea, Saeed Sedghi, Meilof Veeningen, M. Petkovic
{"title":"Secure distributed key generation in attribute based encryption systems","authors":"D. Pletea, Saeed Sedghi, Meilof Veeningen, M. Petkovic","doi":"10.1109/ICITST.2015.7412067","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412067","url":null,"abstract":"Nowadays usage of cloud computing is increasing in popularity and this raises new data protection challenges. In such distributed systems it is unrealistic to assume that the servers are fully trusted in enforcing the access policies. Attribute Based Encryption (ABE) is one of the solutions proposed to tackle these trust problems. In ABE the data is encrypted using the access policy and authorized users can decrypt the data only using a secret key that is associated with their attributes. The secret key is generated by a Key Generation Authority (KGA), which in small systems can be constantly audited, therefore fully trusted. In contrast, in large and distrusted systems, trusting the KGAs is questionable. This paper presents a solution which increases the trust in ABE KGAs. The solution uses several KGAs which issue secret keys only for a limited number of users. One KGA issues a secret key associated with user's attributes and the other authorities issue independently secret keys associated with generalized values of user's attributes. Decryption is possible only if the secret keys associated with the non-generalized and generalized attributes are consistent. This mitigates the risk of unauthorized data disclosure when a couple of authorities are compromised.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127105502","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Security concerns and mitigation approaches for MOOC-based applications 基于mooc的应用程序的安全问题和缓解方法
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412075
David Lebron, H. Shahriar, Rubana Yasmin Lupu
{"title":"Security concerns and mitigation approaches for MOOC-based applications","authors":"David Lebron, H. Shahriar, Rubana Yasmin Lupu","doi":"10.1109/ICITST.2015.7412075","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412075","url":null,"abstract":"MOOCs have expanded educational access beyond the traditional scope and masses. Cloud computing, open source platforms and software frameworks have provided the MOOC elements to support the creation of cost effective infrastructures, minimizing costs with widespread accessibility. However, these foundational elements present security concerns, which include non-enforceable policies, system and software vulnerabilities and the ever-present human error. Mitigating the risks are crucial to effective implementation since exploitation and risk adversities are compounded by scale. This paper presents an exploratory study on the risks, issues and challenges related to MOOC platforms. We introduce some critical security concerns and their impact on end users and providers. We also provide guidelines and suggestions to mitigate these concerns.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126011781","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Conceptual maps for physical security 物理安全的概念图
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412118
S. Al-Fedaghi
{"title":"Conceptual maps for physical security","authors":"S. Al-Fedaghi","doi":"10.1109/ICITST.2015.7412118","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412118","url":null,"abstract":"Physical security is a vital part of security efforts in any organization. Physical blueprints or maps show vital information such as room numbers and locations of exits and security cameras that can be used by security authorities to gain valuable information if a security threat occurs. In spite of advancements in new technologies for personnel access control, physical security development life cycles lack an appropriate conceptual base. Physical maps form a foundation for operations, training, and planning; nevertheless, their value is limited because of their static representation based on a physical conception of space. This paper proposes to develop security maps based on the conceptualization model of space as a synchronic order of states (stages): creation, release, transfer, receive, and process. The model views space in terms of dynamic content with stages and the connections (flows) of such content and uses this view to establish a system-based representation. The paper introduces a sample of such a map for an IT department. The resultant depiction seems suitable for security operations, training, and planning.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114990938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Long running, consistent, web service transactions 长期运行的、一致的web服务事务
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412074
Aspen Olmsted
{"title":"Long running, consistent, web service transactions","authors":"Aspen Olmsted","doi":"10.1109/ICITST.2015.7412074","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412074","url":null,"abstract":"This paper investigates the problem of providing long-running web service transactions that maintain consistency, high availability, and durability. Long running transactions involve human interaction as activities in the transaction. The human interaction increases the latency of the overall transaction. Implementation options are considered for managing limited resources held by a transaction that contain two or more web service requests separated by human interaction. In our previous work, we proposed a replica update propagation method called the Buddy System, which guaranteed consistency, durability and higher availability of web services. The previous work studied transactions composed of a single coarse-grained request. In this paper, the Buddy System is extended to allow long-running transactions comprising two or more web-service calls separated by human interaction.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121427273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Low complexity linear equalization of doubly selective channel 双选择通道的低复杂度线性均衡
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412130
S. Ghauri, Hasan Humayun, Mobeen Iqbal
{"title":"Low complexity linear equalization of doubly selective channel","authors":"S. Ghauri, Hasan Humayun, Mobeen Iqbal","doi":"10.1109/ICITST.2015.7412130","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412130","url":null,"abstract":"A communication system is always prone to impairments, impairments such as noise, inter symbol interference (ISI) etc. are a major threat in channels but they are always compensated by the receiver in communication system. The compensation is usually done by introducing equalization and its different techniques. Submitted paper starts with equalization methods for doubly selective channel. To recognize the technique like Maximum Likelihood (ML), similarly another technique called Zero Forcing (ZF) and finally this paper will focus on Minimum Mean Square Error (MMSE) techniques and its complexity reduction by using Conjugate Gradient method. In MMSE Serial Linear Equalizer (SLE), different windows from channel are taken and recover the original out of it, whereas MMSE Block Linear Equalizer (BLE) recovers the signal from the whole block. MMSE-BLE gives better performance than MMSE-SLE considering values of Bit Error Rate (BER). The channel model considered for MMSE was SISO and MIMO. The performance of MMSE-BLE is enhanced by reducing its complexity by using the iterative methods. We use Conjugate Gradient algorithm, which is one of the best among all the iterative methods.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131859546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Optimized hardware design and implementation of EC based key management scheme for WSN 优化了基于EC的无线传感器网络密钥管理方案的硬件设计和实现
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412079
P. Jilna, P. Deepthi, U. Jayaraj
{"title":"Optimized hardware design and implementation of EC based key management scheme for WSN","authors":"P. Jilna, P. Deepthi, U. Jayaraj","doi":"10.1109/ICITST.2015.7412079","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412079","url":null,"abstract":"This paper presents the design and implementation of an integrated architecture for key exchange and authentication in wireless sensor networks (WSNs) employing elliptic curve cryptography (ECC) for key management. Instead of implementing a standard algorithm such as SHA or AES for authentication, this paper considers an elliptic curve based message authentication code (MAC) for optimized design of overall structure through hardware reuse. The proposed architecture time shares the point multiplication unit between functionalities of key exchange and MAC there by reducing the structural complexity. The proposed architecture is implemented over GF(2163) on a Kintex 7 FPGA board using Xilinx ISE. The EC point multiplication is done using Lopez-Dahab algorithm and the finite field elements are represented using Gaussian normal basis to reduce the computational complexity and resist side channel attack.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"246 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133614972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Transparent authentication systems for mobile device security: A review 移动设备安全的透明认证系统:综述
2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2015-12-01 DOI: 10.1109/ICITST.2015.7412131
Saud S. Alotaibi, S. Furnell, N. Clarke
{"title":"Transparent authentication systems for mobile device security: A review","authors":"Saud S. Alotaibi, S. Furnell, N. Clarke","doi":"10.1109/ICITST.2015.7412131","DOIUrl":"https://doi.org/10.1109/ICITST.2015.7412131","url":null,"abstract":"Sensitive data such as text messages, contact lists, and personal information are stored on mobile devices. This makes authentication of paramount importance. More security is needed on mobile devices since, after point-of-entry authentication, the user can perform almost all tasks without having to re-authenticate. For this reason, many authentication methods have been suggested to improve the security of mobile devices in a transparent and continuous manner, providing a basis for convenient and secure user re-authentication. This paper presents a comprehensive analysis and literature review on transparent authentication systems for mobile device security. This review indicates a need to investigate when to authenticate the mobile user by focusing on the sensitivity level of the application, and understanding whether a certain application may require a protection or not.","PeriodicalId":249586,"journal":{"name":"2015 10th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116549974","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信