发布求助
文献互助 智能选刊 最新文献

2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)最新文献

筛选
英文 中文
Adaptive online/offline RFID scheme for supply chain management systems 供应链管理系统的自适应在线/离线RFID方案
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970598
Zeeshan Bilal, K. Martin
{"title":"Adaptive online/offline RFID scheme for supply chain management systems","authors":"Zeeshan Bilal, K. Martin","doi":"10.1109/PRISMS.2014.6970598","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970598","url":null,"abstract":"This paper is concerned with RFID tagged objects in a supply chain management system. Such objects are read by multiple readers both in known locations (secure zone with online readers) as well as unknown locations (insecure zone with offline readers). In the secure zone, the primary requirement is to read a large number of tags with high speed. In the insecure zone, the primary requirement is to preserve the privacy of a tagged object. We present an EPCglobal Class-1 Gen-2 Version 1.2.0 standard compliant scheme which allows RFID tags to be authenticated by readers throughout the supply chain lifecycle while meeting the requirements of both the secure and insecure zones.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130057824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A keyboard that manages your passwords in Android 在安卓系统中管理密码的键盘
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970592
Faysal Boukayoua, B. Decker, Vincent Naessens
{"title":"A keyboard that manages your passwords in Android","authors":"Faysal Boukayoua, B. Decker, Vincent Naessens","doi":"10.1109/PRISMS.2014.6970592","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970592","url":null,"abstract":"During the recent years, smartphones and tablets have become a fixture of daily life. They are used to run ever more tasks and services. Unfortunately, when it comes to password management, users are confronted with greater security and usability concerns than in the non-mobile world. This work presents a password manager for Android that can accommodate any app. Existing platform mechanisms are leveraged to better protect against malware and device theft, than current solutions. Our approach also provides significant usability improvements. No modifications are required to existing applications or to the mobile platform.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130321013","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Android - On-device detection of SMS catchers and sniffers Android -在设备上检测短信捕获器和嗅探器
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970601
Peter Teufl, Thomas Zefferer, Christoph Wörgötter, Alexander Oprisnik, Daniel M. Hein
{"title":"Android - On-device detection of SMS catchers and sniffers","authors":"Peter Teufl, Thomas Zefferer, Christoph Wörgötter, Alexander Oprisnik, Daniel M. Hein","doi":"10.1109/PRISMS.2014.6970601","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970601","url":null,"abstract":"With 6.1 trillion text messages sent in 2010 alone, short message service (SMS) is still one of the most popular mobile communication services. Due to its continuing popularity, SMS technology is nowadays used in various fields of application. This also includes security-sensitive fields such as e-banking, or e-government. In these fields, SMS technology is for instance employed to authorize financial transactions or the creation of qualified electronic signatures. Modern smartphone platforms such as Google Android provide application developers with the means to include SMS functionality. This can be beneficial in most cases but also facilitates the implementation of malware that is able to send and receive SMS messages unnoticed by the legitimate end user. In this context, SMS sniffers and SMS catchers have recently attracted attention. This kind of malware intercepts incoming SMS messages either to spy on security-sensitive data transmitted via SMS or to receive SMS-based malware control commands. For security-sensitive SMS-based applications, SMS catchers pose a serious threat. A recent attack on SMS-based e-banking systems has employed SMS catchers on smartphones to steal 36.000.000 Euro from corporate and private bank accounts in Europe. Unfortunately, security software for smartphones is still in the fledging stages and current solutions are not able to reliably detect SMS catchers. To overcome this problem, we introduce different methods to detect SMS sniffers and SMS catchers on smartphones. We discuss benefits and limitations of the proposed methods and show how these methods can be assembled to a comprehensive detection workflow for SMS-based malware. By providing means to detect SMS catchers and sniffers on smartphones, our work contributes to the security of current and future SMS-based applications.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"87 8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121042659","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Do you think your passwords are secure? 你认为你的密码安全吗?
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970600
Dominik Ziegler, Mattias Rauter, Christof Stromberger, Peter Teufl, Daniel M. Hein
{"title":"Do you think your passwords are secure?","authors":"Dominik Ziegler, Mattias Rauter, Christof Stromberger, Peter Teufl, Daniel M. Hein","doi":"10.1109/PRISMS.2014.6970600","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970600","url":null,"abstract":"Many systems rely on passwords for authentication. Due to numerous accounts for different services, users have to choose and remember a significant number of passwords. Password-Manager applications address this issue by storing the user's passwords. They are especially useful on mobile devices, because of the ubiquitous access to the account passwords. Password-Managers often use key derivation functions to convert a master password into a cryptographic key suitable for encrypting the list of passwords, thus protecting the passwords against unauthorized, off-line access. Therefore, design and implementation flaws in the key derivation function impact password security significantly. Design and implementation problems in the key derivation function can render the encryption on the password list useless, by for example allowing efficient bruteforce attacks, or - even worse - direct decryption of the stored passwords. In this paper, we analyze the key derivation functions of popular Android Password-Managers with often startling results. With this analysis, we want to raise the awareness of developers of security critical apps for security, and provide an overview about the current state of implementation security of security-critical applications.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127318045","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
One-pass authenticated key establishment protocol on bilinear pairings for Wireless Sensor Networks 无线传感器网络双线性对的一遍认证密钥建立协议
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970595
M. R. Mishra, J. Kar, B. Majhi
{"title":"One-pass authenticated key establishment protocol on bilinear pairings for Wireless Sensor Networks","authors":"M. R. Mishra, J. Kar, B. Majhi","doi":"10.1109/PRISMS.2014.6970595","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970595","url":null,"abstract":"The article proposes one-pass authenticated key establishment protocol in random oracles for Wireless Sensor Networks. Security of the protocol relies on Computational Diffie-Hellman Problem on Bilinear Pairings. In one-pass key establishment protocol, the initiator computes a session key and a related message. The key token is to be sent to the intended receiver using receiver's public key and sender secret key. From the received key token the receiver compute the session key, which is the same as the one computed by the sender, using sender public key and receiver's secret key. Because of low communication overhead, the scheme is better suited for Wireless Sensor Networks(WSNs) than the traditional key establishment protocol to establish the session key between two adjacent nodes","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"39 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120982285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Security and privacy in the Internet of Things: Current status and open issues 物联网中的安全和隐私:现状和开放问题
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970594
Mohamed Abomhara, G. M. Køien
{"title":"Security and privacy in the Internet of Things: Current status and open issues","authors":"Mohamed Abomhara, G. M. Køien","doi":"10.1109/PRISMS.2014.6970594","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970594","url":null,"abstract":"The Internet of Things at large will foster billions of devices, people and services to interconnect and exchange information and useful data. As IoT systems will be ubiquitous and pervasive, a number of security and privacy issues will arise. Credible, economical, efficient and effective security and privacy for IoT are required to ensure exact and accurate confidentiality, integrity, authentication, and access control, among others. In this paper, the IoT vision, existing security threats, and open challenges in the domain of IoT are discussed. The current state of research on IoT security requirements is discussed and future research directions with respect to IoT security and privacy are presented.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125438278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 322
Android encryption systems Android加密系统
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970599
Peter Teufl, Andreas Fitzek, Daniel M. Hein, Alexander Marsalek, Alexander Oprisnik, Thomas Zefferer
{"title":"Android encryption systems","authors":"Peter Teufl, Andreas Fitzek, Daniel M. Hein, Alexander Marsalek, Alexander Oprisnik, Thomas Zefferer","doi":"10.1109/PRISMS.2014.6970599","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970599","url":null,"abstract":"The high usability of smartphones and tablets is embraced by consumers as well as the corporate and public sector. However, especially in the non-consumer area the factor security plays a decisive role for the platform-selection process. All of the current companies within the mobile device sector added a wide range of security features to the initially consumer-oriented devices (Apple, Google, Microsoft), or have dealt with security as a core feature from the beginning (RIM, now Blackerry). One of the key security features for protecting data on the device or in device backups are encryption systems, which are available in the majority of current devices. However, even under the assumption that the systems are implemented correctly, there is a wide range of parameters, specific use cases, and weaknesses that need to be considered when deploying mobile devices in security-critical environments. As the second part in a series of papers (the first part was on iOS), this work analyzes the deployment of the Android platform and the usage of its encryption systems within a security-critical context. For this purpose, Android's different encryption systems are assessed and their susceptibility to different attacks is analyzed in detail. Based on these results a workflow is presented, which supports deployment of the Android platform and usage of its encryption systems within security-critical application scenarios.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130416202","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
An improvement of the batch-authentication and key agreement framework for P2P-based online social networks 基于p2p的在线社交网络批认证和密钥协议框架的改进
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970596
Huihui Yang, V. Oleshchuk
{"title":"An improvement of the batch-authentication and key agreement framework for P2P-based online social networks","authors":"Huihui Yang, V. Oleshchuk","doi":"10.1109/PRISMS.2014.6970596","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970596","url":null,"abstract":"Batch authentication is the way to authenticate multiple users simultaneously to provide better efficiency. In [1], three batch authentication protocols are proposed based on different primitives, to provide simultaneous authentication of multiple users in online social networks (OSNs). In this paper, we briefly introduce the original protocols, describe their security vulnerabilities and related attacks, and propose modifications to make them secure again.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"142 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116380127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Security pairings using physical layer properties of wireless communications 使用无线通信物理层属性的安全配对
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970593
Jani Suomalainen, Antti Evesti, A. Kotelba
{"title":"Security pairings using physical layer properties of wireless communications","authors":"Jani Suomalainen, Antti Evesti, A. Kotelba","doi":"10.1109/PRISMS.2014.6970593","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970593","url":null,"abstract":"New security solutions in the physical communication layer - secret key extraction from the radio channel and information-theoretic secrecy - protect confidentiality of communication without cryptographic establishment of secret keys. Unfortunately, they currently lack authentication. Cryptographic mechanisms are still needed to secure the first contact between previously unknown devices - to guarantee that security pairings are made as the user intends. In this paper, we contribute by analyzing how five different security pairing approaches can be realized or complemented with physical layer solutions. We propose new solutions for replacing the use of expensive crypto algorithms with secret key extraction. We note that information-theoretic secrecy solutions are less capable of surviving without cryptographic authentication. However, in some information-theoretic secrecy approaches, secure out-of-band delivery of channel state information can authenticate receivers.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"92 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124271898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Distributed privacy-preserving mean estimation 分布式隐私保护均值估计
2014 International Conference on Privacy and Security in Mobile Systems (PRISMS) Pub Date : 2014-05-11 DOI: 10.1109/PRISMS.2014.6970597
Mirco Schönfeld, M. Werner
{"title":"Distributed privacy-preserving mean estimation","authors":"Mirco Schönfeld, M. Werner","doi":"10.1109/PRISMS.2014.6970597","DOIUrl":"https://doi.org/10.1109/PRISMS.2014.6970597","url":null,"abstract":"Due to the rise of mobile computing and smartphones, a lot of information about groups has become accessible. This information shall often be kept secret. Hence distributed algorithms for privacy-preserving distribution estimation are needed. Most research currently focuses on privacy in a database, where a single entity has collected the secret information and privacy is ensured between query results and the database. In fully distributed systems such as sensor networks it is often infeasible to move the data towards a central entity for processing. Instead, distributed algorithms are needed. With this paper we propose a fully distributed, privacy-friendly, consensus-based approach. In our approach all nodes cooperate to generate a sufficiently random obfuscation of their secret values until the estimated and obfuscated values of the individual nodes can be safely published. Then the calculations can be done on this replacement containing only non-secret values but recovering some aspects (mean, standard deviation) of the original distribution.","PeriodicalId":272766,"journal":{"name":"2014 International Conference on Privacy and Security in Mobile Systems (PRISMS)","volume":"2014 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125997398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信