Security
What's worse than getting hit with a security breach? Getting hit with an easily preventable one.
-
ADTool: Security Analysis with Attack-Defense Trees
Graphical security models provide an intuitive but systematic methodology to visualize possible attacks and countermeasures and to enable the computation of various security related parameters. The AD...
Provided By University of Luton
-
An Efficient Dynamic ID Based Remote User Authentication Scheme Using Self-Certified Public Keys for Multi-Server Environment
Recently, Li et al. analyzed Lee et al.'s multi-server authentication scheme and proposed a novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. They ...
Provided By Beijing University of Posts and Telecommunications
-
Easily Implemented Rate Compatible Reconciliation Protocol for Quantum Key Distribution
Reconciliation is an important step to correct errors in Quantum Key Distribution (QKD). In QKD, after comparing basis, two legitimate parties possess two correlative keys which have some differences ...
Provided By Cornell University
-
Development of an Iris-Based Access Control System Using a Two-Level Segmentation Approach
Security of lives and assets has become a very interesting issue worldwide. Ability to restrict access to unauthorized users via an identification system that cannot be compromised at a very fast rate...
Provided By IJCTT-International Journal of Computer Trends and Technology
-
Local Privacy and Minimax Bounds: Sharp Rates for Probability Estimation
The authors provide a detailed study of the estimation of probability distributions - discrete and continuous - in a stringent setting in which data is kept private even from the statistician. They gi...
Provided By University of Calgary
-
Certified Computer-Aided Cryptography: Efficient Provably Secure Machine Code From High-Level Implementations
The authors present a computer-aided framework for proving concrete security bounds for cryptographic machine code implementations. The front-end of the framework is an interactive verification tool t...
Provided By IMDEA
-
Post-Quantum Security of Encrypted Key Exchange Protocol
The Encrypted Key Exchange (EKE) protocol combines the asymmetric and symmetric encryption algorithms to ensure two parties sharing a secret key. Here the authors analyze the post-quantum security of ...
Provided By Chinese Academy of Sciences
-
Keyed Side-Channel Based Hashing for IP Protection using Wavelets
The protection of Intelligent Property (IP) is a challenging task, especially in secured embedded systems where program code that is supposed to be a plagiarism cannot be simply read-out for further i...
Provided By Ruhr-Universitat Bochum
-
Hybrid Approach for the Fast Verification for Improved Versions of the UOV and Rainbow Signature Schemes
Multivariate cryptography is one of the main candidates to guarantee the security of communication in the post-quantum era. Especially in the area of digital signatures, multivariate cryptography offe...
Provided By Technische Universitat Clausthal
-
NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem
As a consequence of the growing popularity of smart mobile devices, mobile malware is clearly on the rise, with attackers targeting valuable user information and exploiting vulnerabilities of the mobi...
Provided By Technical Trading Solutions Ltd
-
Using LDGM Codes and Sparse Syndromes to Achieve Digital Signatures
The problem of replacing current cryptographic primitives which will be subject to quantum computer attacks with alternative post-quantum solutions is fostering research on code-based systems, which a...
Provided By University Of Zululand
-
MinimaLT: Minimal-latency Networking Through Better Security
Minimal Latency Tunneling (MinimaLT) is a new network protocol that provides ubiquitous encryption for maximal confidentiality, including protecting packet headers. MinimaLT provides server and user a...
Provided By University of Illinois
-
Lattice-Based Group Signatures with Logarithmic Signature Size
Group signatures are cryptographic primitives where users can anonymously sign messages in the name of a population they belong to. Gordon et al. (Asiacrypt 2010) suggested the first realization of gr...
Provided By Université Chouaib Doukkali
-
IDC White Paper: Next-Generation Application Delivery for Business in the Cloud
Organizations are leveraging the 4th tier of application delivery to tame the public Internet and facilitate common delivery strategies for both on-net and off-net enterprise applications and the dive...
Provided By Akamai
-
CSO Quick Pulse: The Importance of Improving and Adapting Web Security
With so much depending on Web site availability, CSOs are considering new ways to be cost-effectively proactive and vigilant. Learn about the challenges and options for web security deployment.
Provided By Akamai
-
Security Brief: Evolving Threats Demand New Approaches To Security
The threat environment we ae seeing today is radically different from what existed just six months ago. Six months from now, I expect to say the same thing. The actors behind the threats are evolving;...
Provided By Akamai
-
Protect and Perform: Ensuring Online Business in Asia-Pacific
SMEs constitute a major proportion of online business in Asia. Since they typically have weaker Web security controls, SMEs are increasingly being targeted by attackers. This is steadily building awar...
Provided By Akamai
-
Towards Fresh Re-Keying with Leakage-Resilient PRFs: Cipher Design Principles and Analysis
Leakage-resilient cryptography aims at developing new algorithms for which physical security against side-channel attacks can be formally analyzed. Following the work of Dziembowski and Pietrzak at FO...
Provided By Technical University of Lodz
-
Six keys to effective reputational and IT risk management-2013 IBM Global Reputational Risk and IT Study
IT risks like data breaches and outages pose a serious and long-lasting threat to your corporate reputation. But other risks put you in jeopardy as well. In fact, did you know that your supply chain c...
Provided By IBM
-
Responding to - and recovering from - sophisticated attacks
We all know how major security incidents can affect a company’s data, networks and corporate brand. We also know that sophisticated attacks, designed to gain continuous access to critical information ...
Provided By IBM
-
Cryptanalysis of Grigoriev-Shpilrain Physical Asymmetric Scheme with Capacitors
In a paper published few days ago, Grigoriev and Shpilrain propose to build a system for transmission of information without a shared secret, or essentially a sort of public key cryptosystem, based on...
Provided By University College Dublin
-
EMV Migration for the US Parking Industry
EMV has revolutionized payments and is already in place in many regions across the globe. So far, the US has delayed its adoption of the new standards, which replace magnetic stripe payments with Chip...
Provided By CreditCall
-
Improvement and Efficient Implementation of a Lattice-based Signature Scheme
Lattice-based signature schemes constitute an interesting alternative to RSA and discrete logarithm based systems which may become insecure in the future, for example due to the possibility of quantum...
Provided By Technische Universitat Clausthal
-
Cryptoviral Extortion: A virus based approach
As the authors know that traditionally, "Cryptography" is used for information processing and communications, it helps people to store information securely and it is used very frequently for private c...
Provided By IJCTT-International Journal of Computer Trends and Technology
-
A Survey of Various Spectrum Sensing Techniques in Cognitive Radio Networks: Non Cooperative Systems
Cognitive Radio (CR) is a promising technology that can alleviate the spectrum shortage problem by enabling unlicensed users equipped with CRs to coexist with incumbent users in licensed spectrum band...
Provided By International Journal of Electronics Communication and Computer Engineering
-
A Comparison of Statistical Techniques for Detecting Side-Channel Information Leakage in Cryptographic Devices
The evaluation of the resilience of cryptographic devices against side-channel adversaries is an issue of increasing importance. The development of a standardized testing methodology for side-channel ...
Provided By University of Brighton
-
Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure
Recent trends in public-key infrastructure research explore the tradeoff between decreased trust in Certificate Authorities (CAs), resilience against attacks, communication overhead (bandwidth and lat...
Provided By Association for Computing Machinery
-
EMA: Closing Critical IT Security Gaps for More Effective Defense
An ENTERPRISE MANAGEMENT ASSOCIATES (EMA) White Paper. In the last few years, the scale and sophistication of IT security threats have grown at an explosive rate. Organizations have to contend with i...
Provided By FireEye
-
A Leakage Resilient MAC
The authors put forward a Message Authentication Code (MAC) for which they claim a high degree of resilience against a key-recovering attacker expoiting practical side channels. They achieve this by b...
Provided By University of Brighton
-
Security Explorer Trial
Take Security Explorer for a test drive, and see how it can deliver a unified solution for complete access control and security management across your entire Windows network. It’s a powerful, yet intu...
Provided By Dell Software
-
STRIDE: Sanctuary Trail - Refuge From Internet DDoS Entrapment
The authors propose STRIDE, a new DDoS-resilient Internet architecture that isolates attack traffic through viable band-width allocation, preventing a botnet from crowding out legitimate flows. This n...
Provided By Association for Computing Machinery
-
Privacy Preserving Recommendation System Based on Groups
Recommendation systems have received considerable attention in the recent decades. Yet with the development of information technology and social media, the risk in revealing private data to service pr...
Provided By Princeton Software
-
Universally Composable Symbolic Analysis for Two-Party Protocols based on Homomorphic Encryption
The authors consider a class of two-party function evaluation protocols in which the parties are allowed to use ideal functionalities as well as a set of powerful primitives, namely commitments, homom...
Provided By Aarhus University
-
User-Based Licensing for Endpoint Protection and BYOD
Can Smarter Licensing Improve Security? IT managers and security professionals don’t spend much time thinking about software licensing. But sometimes a smarter licensing plan can simplify IT administr...
Provided By Webroot Software
-
Closing the Circle: How to get manageable endpoint, mobile device and web security together
Endpoint protection has gotten more complicated. Endpoint protection has never been easy, but it once was at least straightforward. Workers had one computer, used the corporate email system and visite...
Provided By Webroot Software
-
IP Multimedia Subsystem: Security Evaluation
The IMS (IP Multimedia Subsystem) as network controller includes effective mechanisms for new services, regardless of the access technology. The network regroups all existing access IP-based technolog...
Provided By JATIT
-
Controlling & Managing Superuser Access
All kinds of IT professionals require access to privileged or shared accounts in order to perform their job. However, IT managers need to strike a balance between providing them the access they need t...
Provided By Dell Software
-
Top five questions you should ask before purchasing a two-factor authentication solution
You’ve made the smart choice to implement two-factor authentication, but where do you go from here? With all the solutions available today on the market, how can you be sure you’re making the best cho...
Provided By Dell Software
-
My Patch Compliance Rates are WHAT
Are you alarmed by patch compliance rates that aren’t anywhere near 100 percent? Do you wonder why it takes so long to apply required patches to all of your systems? Many organizations struggle to ef...
Provided By IBM
-
The Active Directory Management and Security You’ve Always Dreamed Of
The harsh reality about Windows security? Its native security structure has remained essentially unchanged since the release of Windows NT in 1993. Of course, today’s security requirements are drastic...
Provided By Dell Software
-
A Protocol for Secure Remote Updates of FPGA Configurations
The authors present a security protocol for the remote update of volatile FPGA configurations stored in non-volatile memory. Their approach can be implemented on existing FPGAs, as it sits entirely in...
Provided By Springer Healthcare
-
Autonomic Computing Applied to Network Security: A Survey
The constant increase in the number of computer network attack attempts has pushed researchers community to devise better security strategies. However, the rapid growth both in quantity and complexity...
Provided By Cyber Journals
-
Analysis and Implementation of a Fast Hash Function Based Upon Elliptic Curves
Hash functions are probably the most popular component employed in cryptographic applications for their well known advantages they provide over digital communication links. Hash algorithms bearing the...
Provided By Cyber Journals
-
Matching Between Important Points Using Dynamic Time Warping for Online Signature Verification
Online signature verification is one of the biometric features which can be used as a common method for identity verification. According to the previous studies, calculation of similarities between th...
Provided By Cyber Journals
-
Asynchronous Physical Unclonable Functions - ASYNCPUF
Physically Unclonable Functions (PUFs) exploit the physical characteristics of silicon and provide an alternative to storing digital encryption keys in non-volatile memory. A PUF maps a unique set of ...
Provided By Queens University
-
On the Security of Interferometric Quantum Key Distribution
Photonic quantum key distribution is commonly implemented using interferometers, devices that inherently cause the addition of vacuum ancillas, thus enlarging the quantum space in use. This enlargemen...
Provided By UCL Business PLC
-
Designing Rating Systems to Promote Mutual Security for Interconnected Networks
Interconnected Autonomous Systems (ASs) often share security risks. However, an AS lacks the incentive to make (sufficient) security investments if the cost exceeds its own benefit even though doing t...
Provided By UCL Business PLC
-
Secure Rate-Adaptive Reconciliation
The authors consider in this paper the problem of information reconciliation in the context of secret key agreement between two legitimate parties, Alice and Bob. Beginning the discussion with the sec...
Provided By Universidad Panamericana, Campus Guadalajara
-
The RAppArmor Package: Enforcing Security Policies in R Using Dynamic Sandboxing on Linux
With the increasing availability of public cloud computing facilities and scientific super computers, there is a great potential for making R available through public or shared resources. This allows ...
Provided By UCL Business PLC
-
Using Subthreshold SRAM to Design Low-Power Crypto Hardware
Cryptography and Security hardware architecture designing is in essential need for efficient power utilization which is achieved earlier by giving a range of tradeoff between speed and power consumpti...
Provided By Umm Al-Qura University
-
An Accurate System-Wide Anonymity Metric for Probabilistic Attacks
The authors give a critical analysis of the system-wide anonymity metric of Edman et al. which is based on the permanent value of a doubly-stochastic matrix. By providing an intuitive understanding of...
Provided By Wichita Collegiate School
-
Proposed Structure for High Level Security Enhancement
The increasing technology trends has turned each infrastructure to its new hazards. Present information policies designed are not readily equipped with up-to-date analysis or problems suffered through...
Provided By Umm Al-Qura University
-
On the Sender Cover Traffic Countermeasure Against an Improved Statistical Disclosure Attack
The statistical disclosure attack against a particular user of an anonymity system is known to be very effective in determining, after long-term observation of the system, the set of receivers that us...
Provided By Wichita Collegiate School
-
Securing Harari's Authentication Scheme
Code-based authentication schemes are very fast and efficient for implementation in small devices. The security of these schemes and the size of underlying coding matrices are often the main barriers ...
Provided By International Journal of Network Security
-
Reliable and Low Cost RFID Based Authentication System for Large Scale Deployment
Identification is very important nowadays; whether there is need to identify persons, animals or objects, RFIDs provide a very good solution to the problem of identification and authentication. No one...
Provided By International Journal of Network Security
-
Provably Secure and Efficient Identity-Based Signature Scheme Based on Cubic Residues
Many Identity Based Signature (IBS) schemes have been proposed so far. However, most of the schemes are based on bilinear pairings. Only a few IBS schemes are without pairings. Up to now, there still ...
Provided By International Journal of Network Security
-
Mutual Authentication Scheme with Smart Cards and Password under Trusted Computing
Only identities of the server and the user are authenticated in traditional smart cards based password authentication schemes, but the platform does not be verified, and which cannot provide enough pr...
Provided By International Journal of Network Security
-
An Efficient Password Authentication Scheme for Smart Card
Remote user authentication using smart cards is a good solution for many e-based applications. Smart card implementation ensures secure communications. Several schemes using timestamp for remote authe...
Provided By International Journal of Network Security
-
Publicly Verifiable Secret Sharing Schemes Using Bilinear Pairings
A non-interactive, simple and efficient Publicly Verifiable Secret Sharing (PVSS) is constructed based on the bi-linear pairing on elliptic curves, which has all advantages of Schoenmakers' PVSS. More...
Provided By International Journal of Network Security
-
Enhancing Koyama Scheme Using Selective Encryption Technique in RSA-Based Singular Cubic Curve with AVK
In this paper, the authors analyze application of Selective Encryption with Automatic Variable Key (AVK) for text based documents in Koyama Public Key Cryptosystem (PKC). In this paper, a new robust a...
Provided By International Journal of Network Security
-
Parallel Misuse and Anomaly Detection Model
In this paper, a novel hybrid model is being proposed for misuse and anomaly detection. C4.5 based binary decision trees are used for misuse and CBA (Classification Based Association) based classifier...
Provided By International Journal of Network Security
-
Differential Epidemic Model of Virus and Worms in Computer Network
A differential electronic Susceptible-Infectious-Removed-Susceptible (e-SIRS) epidemic model of virus and worms in a computer network has been formulated. Latent period, immune period and time for sel...
Provided By International Journal of Network Security
-
A New Secure Route Discovery Protocol for MANETs to Prevent Hidden Channel Attacks
In this paper, the authors propose a new secure route discovery protocol for MANETs that overcomes the vulnerabilities of Ariadne and EndairA, due to hidden channel attacks. It uses 'authentic neighbo...
Provided By International Journal of Network Security
-
An Improved and Secure Smart Card Based Dynamic Identity Authentication Protocol
Password is the most commonly used authentication technique in smart card based authentication protocols. During communication, the static identity based authentication protocols leaks out the user's ...
Provided By International Journal of Network Security
-
A Semi-Fragile Image Content Authentication Technique Based on Secure Hash in Frequency Domain
Image Authentication techniques enable the recipients to verify the integrity of the received image. In this paper, a semi-fragile image authentication technique based on secure hash generated with Or...
Provided By International Journal of Network Security
-
An Improved Efficient Remote Password Authentication Scheme With Smart Card Over Insecure Networks
In 2006, Liao et al. proposed a scheme over insecure networks. In 2006, Yoon-Yoo, and in 2008, Xiang et al. analyzed Liao et al.'s scheme and both of them pointed out, more or less, same vulnerabiliti...
Provided By International Journal of Network Security
-
PGP Modification for Securing Digital Envelope Mail Using COM+ and Web Services
Certified email is a value-added service for standard email systems, which guarantees the fairness, i.e., the intended recipient gets the mail content if and only if the mail originator receives a non...
Provided By International Journal of Network Security
-
An Enhanced Remote User Authentication Scheme With Smart Card
In 2000, Hwang and Li's proposed a new remote user authentication scheme with smart cards. Some researchers pointed out the security weaknesses of Hwang and Li's scheme and they also proposed some mod...
Provided By International Journal of Network Security
-
Combating Good Point Set Scanning-Based Self-Learning Worms by Using Predators
Good point set scanning-based self learning worms can reach a stupendous propagation speed in virtue of the non-uniform vulnerable-host distribution. In order to terminate such self-learning worms, th...
Provided By International Journal of Network Security
-
Authenticated Key Agreement Scheme with Privacy-Protection in the Three-Party Setting
Going along with the rapid development of web technologies, in some applications on demands, partners or staffs may make a great quantity of web transactions or personal communications anytime and any...
Provided By International Journal of Network Security
-
Secure Position Verification Approach for Wireless Ad-Hoc Networks
Wireless ad-hoc networks technologies share a common requirement: each node in the network has to know its current position at any time and to share this knowledge with other nodes in the network. An ...
Provided By International Journal of Network Security
-
A Novel Secure Self Proxy Signature Scheme
Recently, Kim et al.'s proposed a new type of proxy signature scheme, called self proxy signature scheme. In their scheme, a signer, delegates his/her signing capability to himself/herself and uses th...
Provided By International Journal of Network Security
-
Malware Detection, Supportive Software Agents and Its Classification Schemes
Over time, the task of curbing the emergence of malware and its dastard activities has been identified in terms of analysis, detection and containment of malware. Malware is a general term that is use...
Provided By International Journal of Network Security
-
A Quantum Based Challenge-Response User Authentication Scheme Over Noiseless Channel
In this paper, the authors propose a quantum user authentication protocol with a single photon based on short shared secret key and quantum bit error ratio verification. In this scheme, usage of propo...
Provided By International Journal of Network Security
-
Modelling and Verification of Extensible Authentication Protocol Using SPIN Model Checker
The Extensible Authentication Protocol (EAP) is a framework for transporting authentication credentials. EAP offers simpler interoperability and compatibility across authentication methods. EAP suppor...
Provided By International Journal of Network Security
-
Simple Three Party Key Exchange Protocols via Twin Diffie-Hellman Problem
In the secure communication areas authenticated key exchange protocol is one of the most important cryptographic mechanism. In 1992, Bellovin and Merrit proposed the first Encrypted Key Exchange (EKE)...
Provided By International Journal of Network Security
-
Removal of Certificates from Set Protocol Using Certificateless Public Key Cryptography
Secure Electronic Transaction (SET) is a standard e-commerce protocol for securing credit card transactions over insecure networks. In a transaction using SET, all the members need public key certific...
Provided By International Journal of Network Security
-
A Survey on Social Engineering and the Art of Deception
Now-a-days security of data and information is the area for which and every organization is concerned about. Each and every organization is using advanced technologies for protecting its data and info...
Provided By Amity University
-
A Review on Intrusion Detection System Based on Artificial Immune System
Various approaches from different fields have been proposed to improve the security of computer system. One such approach is Intrusion detection system monitors computer system in real-time for activi...
Provided By Amity University
-
Authentication System with Graphical Security and Sound Signature
This paper provides guidelines for implementing an authentication system which works on graphical password and includes sound signature. Click based graphical password provides security from brute for...
Provided By Amity University