发布求助
文献互助 智能选刊 最新文献

2009 International Conference for Internet Technology and Secured Transactions, (ICITST)最新文献

筛选
英文 中文
Potential misuse of NFC enabled mobile phones with embedded security elements as contactless attack platforms 潜在的滥用NFC功能的手机嵌入安全元素作为非接触式攻击平台
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402513
L. Francis, G. Hancke, K. Mayes, K. Markantonakis
{"title":"Potential misuse of NFC enabled mobile phones with embedded security elements as contactless attack platforms","authors":"L. Francis, G. Hancke, K. Mayes, K. Markantonakis","doi":"10.1109/ICITST.2009.5402513","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402513","url":null,"abstract":"In this paper we investigate the possibility that a Near Field Communication (NFC) enabled mobile phone, with an embedded Secure Element (SE), could be used as a mobile token cloning and skimming platform. We show how an attacker could use a NFC mobile phone as such an attack platform by exploiting the existing security controls of the embedded SE and the available contactless APIs. To illustrate the feasibility of these actions we also show how to practically skim and emulate certain tokens typically used in payment and access control applications with a NFC mobile phone. Although such attacks can also be implemented on other contactless platforms, such as custom-built card emulators and modified readers, the NFC-enabled mobile phone has a legitimate form factor, which would be accepted by merchants and arouse less suspicion in public. Finally, we propose several security countermeasures for NFC phones that could prevent such misuse.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133511455","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
Islamic knowledge ontology creation 伊斯兰知识本体创造
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402635
S. Saad, N. Salim, Hakim Zainal
{"title":"Islamic knowledge ontology creation","authors":"S. Saad, N. Salim, Hakim Zainal","doi":"10.1109/ICITST.2009.5402635","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402635","url":null,"abstract":"Ontology is one of the essential topics in the scope of an important area of current computer science and Semantic Web. Ontologies present well defined, straightforward and standardized form of the repositories (vast and reliable knowledge) where it can be interoperable and machine understandable. There are many possible utilization of ontologies from automatic annotation of web resources to domain representation and reasoning task. Ontology is an effective conceptualism used for the semantic web. However there is none of the research try to construct an ontology from Islamic knowledge which consist of Holy Quran, Hadiths and etc. Therefore as a first stage, in this paper we try to propose a simple methodology in order to extract a concept based on Al-Quran. Finally, we discuss about the experiment that have been conducted.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133513436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
Open source software for personal information managers and personal knowledge management 开源软件,用于个人信息管理和个人知识管理
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402558
K. M. Khan, Umesha Naik
{"title":"Open source software for personal information managers and personal knowledge management","authors":"K. M. Khan, Umesha Naik","doi":"10.1109/ICITST.2009.5402558","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402558","url":null,"abstract":"Technology is common in the domain of knowledge distribution, but it rarely enhances the process of knowledge use. Distribution delivers knowledge to the potential user's desktop but cannot dictate what he or she does with it thereafter. It would be interesting to envision technologies that help to manage personal knowledge as it applies to decisions and actions. The viewpoints about knowledge vary from individual, community, society, personnel development or national development. Personal Knowledge Management (PKM) integrates Personal Information Management (PIM), focused on individual skills, with Knowledge Management (KM). KM Software is a subset of Enterprise content management software and which contains a range of software that specialises in the way information is collected, stored and/or accessed. This article focuses on KM skills, PKM and PIM Open Sources Software, Social Personal Management and also highlights the Comparison of knowledge base management software and its use.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133769353","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Sequenced picture captcha: generation and its strength analysis 序列图片验证码:生成及其强度分析
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5435097
A. Jain, Ashish Jain, Aditya Raj, Tushar Pahwa
{"title":"Sequenced picture captcha: generation and its strength analysis","authors":"A. Jain, Ashish Jain, Aditya Raj, Tushar Pahwa","doi":"10.1109/ICITST.2009.5435097","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5435097","url":null,"abstract":"CAPTCHAs are employed on web systems to differentiate between human users and automated programs which indulge in spamming and other fraudulent activities. CAPTCHAs currently in use have been broken and rendered ineffective as a result of continuous evolution in CAPTCHA breaking. Thus, there is a need to employ stronger CAPTCHAs to keep these breaking attacks at bay while retaining ease of implementation on websites and ease of use for humans. In this paper, we introduce Sequenced Picture Captcha (SPC) which comprises of object pictures, each of which is accompanied by a Tag. The user is required to determine the logical sequence of the displayed object pictures based on the Tags. Hence, the user is required to identify both the object pictures and the Tags. Thus, Tagging introduces two levels of security. Moreover, being a Picture CAPTCHA, SPC inherits the advantages of high user convenience and simplicity of operation.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124238928","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
State of the art in wireless LAN security — Results and implications of an empirical study concerning German companies and federal authorities 无线局域网安全的最新进展——一项关于德国公司和联邦当局的实证研究的结果和影响
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402585
D. Fischer, B. Markscheffel
{"title":"State of the art in wireless LAN security — Results and implications of an empirical study concerning German companies and federal authorities","authors":"D. Fischer, B. Markscheffel","doi":"10.1109/ICITST.2009.5402585","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402585","url":null,"abstract":"The paper presents first findings of a study in wireless LAN security (WLAN) in German companies and federal authorities. The study was conducted in spring 2009. We formulate hypotheses derived from several studies in WLAN security. We analyze how the situation in Germany fits these assumptions. Degree of familiarity, frequency of use and reasons for not using wireless LAN security measures are being investigated. Furthermore, we discuss correlations between companies' characteristics and the use of security measures.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124539535","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Intelligent strategies and techniques for effective cyber security, infrastructure protection and privacy 有效的网络安全、基础设施保护和隐私的智能策略和技术
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402581
E. Hooper
{"title":"Intelligent strategies and techniques for effective cyber security, infrastructure protection and privacy","authors":"E. Hooper","doi":"10.1109/ICITST.2009.5402581","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402581","url":null,"abstract":"There has been increasing challenges in the effective design of critical information infrastructures for effective security, privacy and data protection. The increase in transmission of highly sensitive data and challenges of data protection and of privacy, data loss prevention has major significant implications for systems engineering, systems integration, and systems analysis, design and validation. Furthermore, the design and development of complex integrated systems engineering and network systems lack effective transparency, auditability, validation and implementation of adequate security measures for transfers of highly sensitive metadata across global networks using third party and outsourced networks and the Internet and global privacy regulatory requirements for such data transfer across international borders. The major problem with current state of art approaches of controls for global critical infrastructures of Virtual Private Networks (VPN) depend on inadequate third-party systems. Thus current approaches lack transparency, auditability and validation of the implementation of adequate privacy and security controls for data transfers of highly sensitive metadata across global networks. The paper examines the effectivene strategies for effective critical information infrastructures protection, privacy and cyber security for complex large data transfers across multiple network zones.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114818254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A model and design of a security provider for Java applications Java应用程序安全提供程序的模型和设计
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402592
Abdul Ghafoor Abbasi, S. Muftic, Gernot Schmoelzer
{"title":"A model and design of a security provider for Java applications","authors":"Abdul Ghafoor Abbasi, S. Muftic, Gernot Schmoelzer","doi":"10.1109/ICITST.2009.5402592","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402592","url":null,"abstract":"The model and design of a generic security provider provides a comprehensive set of security services, mechanisms, encapsulation methods, and security protocols for Java applications. The model is structured in four layers; each layer provides services to the upper layer and the top layer provide services to applications. The services reflect security requirements derived from a wide range of applications; from small desktop applications to large distributed enterprise environments. Based on the abstract model, this paper describes design and implementation of an instance of the provider comprising various generic security modules: symmetric key cryptography, asymmetric key cryptography, hashing, encapsulation, certificates management, creation and verification of signatures, and various network security protocols. This paper also describes the properties extensibility, flexibility, abstraction, and compatibility of the Java Security Provider.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124043424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
MagicNET: XACML authorization policies for mobile agents MagicNET:移动代理的XACML授权策略
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402600
Alessandro Giambruno, M. A. Shibli, S. Muftic, A. Lioy
{"title":"MagicNET: XACML authorization policies for mobile agents","authors":"Alessandro Giambruno, M. A. Shibli, S. Muftic, A. Lioy","doi":"10.1109/ICITST.2009.5402600","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402600","url":null,"abstract":"One approach to authorization of mobile agents is to use XACML policies by assigning roles to agents and then enforcing role-based authorization. In this paper we show how traditional XACML polices, used for user access control in distributed environments, can be used for mobile agents' access control. We use such polices to manage delegation of access rights from users to agents while at the same time following the core principles of the XACML standard. We also propose a combination of policies that map users to their mobile agents and make access control decisions for mobile agents by evaluating complex policy sets.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124715163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Compact and user-friendly representation of IPv6 addressing approach and masking 紧凑和用户友好的表示IPv6寻址方法和掩码
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402594
Muhammad Ehsan ul Haq, Muhammad Raza Perwaz, Kabeer Ahmed
{"title":"Compact and user-friendly representation of IPv6 addressing approach and masking","authors":"Muhammad Ehsan ul Haq, Muhammad Raza Perwaz, Kabeer Ahmed","doi":"10.1109/ICITST.2009.5402594","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402594","url":null,"abstract":"This paper presents a friendly representation of currently implemented IPv6 address and proposes a more compact and end-user friendly format for IT professionals. It has been evaluated that the next generation IPv6 address would not only facilitate network professionals but also be used by all communities. IPv6 will also be employed on objects other than communication devices for tracking and remote administration viz. household electronic devices, mobile devices and even assign Human beings to track them. Considering the fact that it would be harder to remember 32 characters long IPv6 address separated by colons by humans like remembering telephone numbers, this paper presents an alpha-numeric IPv6 address Masking which contains 0-9, a-z, A-Z, . (dot) and - (Hyphen) using base64 number system. Total length of address reduces from 39 characters (32 + 7 colons) to the maximum of 22 characters that is approximately 56% (22/39*100). The proposed 22 characters address which is a user-friendly address could be further compressed by using ¿6 5 4 rule¿ which has also been proposed in this paper.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129791803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The impact of information security on Latin America 信息安全对拉丁美洲的影响
2009 International Conference for Internet Technology and Secured Transactions, (ICITST) Pub Date : 2009-11-01 DOI: 10.1109/ICITST.2009.5402535
J. M. Gonçalves, F. Fernandes
{"title":"The impact of information security on Latin America","authors":"J. M. Gonçalves, F. Fernandes","doi":"10.1109/ICITST.2009.5402535","DOIUrl":"https://doi.org/10.1109/ICITST.2009.5402535","url":null,"abstract":"This paper focuses on the experience of PRODESP, one of the biggest Data Centers in Latin America in the treatment of security incidents on the Internet and initiatives to curb these incidents. It is shown how the CSIRT - Computer Security Incident Response Team - acts. CSIRT is a group created in a Data Center in the public sector to address the problem of lack of treatment for incidents of security. The paper shows the solution adopted with the implementation and constant monitoring of the environment of the Internet. The paper further exploits a pioneering initiative of this group in regard to participation in the National Consortium of Honeypots in deployment in Brazil, to ensure further security of Internet users and how the team interacts with other congeners groups in the world to create and ensure a safe environment for the user community in general.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"06 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127230434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信