Статті в журналах з теми "Trusted channel"
Щоб переглянути інші типи публікацій з цієї теми, перейдіть за посиланням: Trusted channel.
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся з топ-50 статей у журналах для дослідження на тему "Trusted channel".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Переглядайте статті в журналах для різних дисциплін та оформлюйте правильно вашу бібліографію.
1
Dawei, Zhang, Han Zhen, Jiang Yichen, Du Ye, and Li Meihong. "Protocol for trusted channel based on portable trusted module." China Communications 10, no. 11 (November 2013): 1–14. http://dx.doi.org/10.1109/cc.2013.6674205.
Повний текст джерела
2
Ma, Jun, Zhi Ying Wang, Jiang Chun Ren, Jiang Jiang Wu, Yong Cheng, and Song Zhu Mei. "Dynamic Trusted Domain: Preventing Data Leakage of Trusted Subjects." Applied Mechanics and Materials 48-49 (February 2011): 470–73. http://dx.doi.org/10.4028/www.scientific.net/amm.48-49.470.
Повний текст джерелаАнотація:
The existence of trusted subjects is a major complication in implementing multilevel secure (MLS) systems. In MLS, trusted subjects are granted with privileges to perform operations possibly violating mandatory access control policies. It is difficult to prevent them from data leakage with out too strict confinement. This paper reconsiders the privilege from the view of sensitive data and presents a dynamic trusted domain (DTD) mechanism for trusted subjects. In DTD, a domain is associated with a special label structure (LabelVector) distinguishing security policies and builds an isolated environment based on virtualization for a certain trusted subject. The channel for the trusted subject to communicate with outsider is controlled by a trusted request decision maker (TRDM). Only the request satisfies the rules on domain label and security levels can be passed through.
3
Dobele, Angela, Jane Fry, Sharyn Rundle-Thiele, and Tim Fry. "Caring for baby: what sources of information do mothers use and trust?" Journal of Services Marketing 31, no. 7 (October 9, 2017): 677–89. http://dx.doi.org/10.1108/jsm-02-2015-0104.
Повний текст джерелаАнотація:
Purpose A broad array of information channels exists for service customers. The purpose of this study is to better understand the relationship between the use of, and trust in, information channels, so that there is scope to increase the effectiveness of reliable information provision and, hence, to change behaviour. Design/methodology/approach This study empirically explored whether customers use channels they trust, and trust what they use, and examined the association between individual (demographic) factors and that trust. A total of 472 mothers completed an online survey. Findings The current study empirically explored channel trust and individual factors, finding that individual factors (such as education level) and trust warrant inclusion in traditional communication models such as Communication–Human Information Processing. The findings revealed that the more highly educated a customer is, the more likely it will be that a health professional is their most trusted channel, but the less likely it will be that they consider family the most trusted channel. Magazines are the least trusted information channel. Further, while informants’ most trusted information channel was healthcare professionals, this was not the most common information channel used. Research limitations/implications This study was limited to a female consumer sample focused upon one service (maternity and child health) and five key information channels, which limits the generalizability. Further, the data were collected via an internet survey, which have biased may the results on use and trust of the internet. Practical implications The findings showcase the importance of demographic factors and the relationship between trust in information sources and use. The insights developed provide a useful research agenda for the future. This study was limited to a female consumer sample focused upon one service (maternity and child health) and five key information channels, which limits the generalizability of the findings. The data were collected via an internet survey, which may bias the results on use and trust of the internet. Additionally, the data were collected over five years ago, which may have some impact on factors such as the role and importance of internet usage. However, these limitations do not detract from the primary focus of this study and the main findings remain new and relevant. Originality/value This study undertook an empirical exploration to examine information channel trust and individual factors, thereby extending the research focus beyond current traditional communication model approaches. Models such as Communication–Human Information Processing focus on individual cognitions and assume a staged sequence of decision-making following traditional decision-making models and ignoring channel attributes such as channel trust, thereby limiting understanding. The current study indicates that communication models will benefit from the addition of channel trust and additional individual factors (such as demographics) to extend understanding beyond individual cognitions.
4
Jang, Jinsoo, and Brent Byunghoon Kang. "Securing a communication channel for the trusted execution environment." Computers & Security 83 (June 2019): 79–92. http://dx.doi.org/10.1016/j.cose.2019.01.012.
Повний текст джерела
5
Liu, Hongbin, Han Zhou, Hao Chen, Yong Yan, Jianping Huang, Ao Xiong, Shaojie Yang, Jiewei Chen, and Shaoyong Guo. "A Federated Learning Multi-Task Scheduling Mechanism Based on Trusted Computing Sandbox." Sensors 23, no. 4 (February 13, 2023): 2093. http://dx.doi.org/10.3390/s23042093.
Повний текст джерелаАнотація:
At present, some studies have combined federated learning with blockchain, so that participants can conduct federated learning tasks under decentralized conditions, sharing and aggregating model parameters. However, these schemes do not take into account the trusted supervision of federated learning and the case of malicious node attacks. This paper introduces the concept of a trusted computing sandbox to solve this problem. A federated learning multi-task scheduling mechanism based on a trusted computing sandbox is designed and a decentralized trusted computing sandbox composed of computing resources provided by each participant is constructed as a state channel. The training process of the model is carried out in the channel and the malicious behavior is supervised by the smart contract, ensuring the data privacy of the participant node and the reliability of the calculation during the training process. In addition, considering the resource heterogeneity of participant nodes, the deep reinforcement learning method was used in this paper to solve the resource scheduling optimization problem in the process of constructing the state channel. The proposed algorithm aims to minimize the completion time of the system and improve the efficiency of the system while meeting the requirements of tasks on service quality as much as possible. Experimental results show that the proposed algorithm has better performance than the traditional heuristic algorithm and meta-heuristic algorithm.
6
El-Badry, Rania, Moustafa Youssef, and Ahmed Sultan. "Hidden Anchor: A Lightweight Approach for Physical Layer Location Privacy." Journal of Computer Systems, Networks, and Communications 2010 (2010): 1–12. http://dx.doi.org/10.1155/2010/749298.
Повний текст джерелаАнотація:
In hybrid wireless sensor networks, where trusted and un-trusted nodes coexist, it becomes important to allow trusted nodes to share information, especially, location information and prevent un-trusted nodes from gaining access to this information. We focus on anchor-based localization algorithms in WSNs, where a small set of specialized nodes, that is, anchor nodes, broadcast their location to the network and other nodes can use the broadcast information to estimate their own location. The main challenge is that both trusted and un-trusted nodes can measure the physical signal transmitted from anchor nodes and use it to estimate their locations. In this paper, we propose Hidden Anchor, an algorithm that provides anchor physical layer location privacy for different classes of localization algorithms. The Hidden Anchor algorithm exploits the inherently noisy wireless channel and uses identity cloning of neighboring trusted nodes to make anchors unobservable to un-trusted nodes while providing complete information to trusted nodes. Evaluation of the Hidden Anchor algorithm through analysis and simulation shows that it can hide the identity, and hence the location, of anchor nodes with very low overhead. In addition, the results show that by adding artificial noise, we can achieve significant improvement in anchor's location privacy.
7
Li, Xinyao, and Akhilesh Tyagi. "Cross-World Covert Channel on ARM Trustzone through PMU." Sensors 22, no. 19 (September 28, 2022): 7354. http://dx.doi.org/10.3390/s22197354.
Повний текст джерелаАнотація:
The TrustZone technology is incorporated in a majority of recent ARM Cortex A and Cortex M processors widely deployed in the IoT world. Security critical code execution inside a so-called secure world is isolated from the rest of the application execution within a normal world. It provides hardware-isolated area called a trusted execution environment (TEE) in the processor for sensitive data and code. This paper demonstrates a vulnerability in the secure world in the form of a cross-world, secure world to normal world, covert channel. Performance counters or Performance Monitoring Unit (PMU) events are used to convey the information from the secure world to the normal world. An encoding program generates appropriate PMU event footprint given a secret S. A corresponding decoding program reads the PMU footprint and infers S using machine learning (ML). The machine learning model can be trained entirely from the data collected from the PMU in user space. Lack of synchronization between PMU start and PMU read adds noise to the encoding/decoding ML models. In order to account for this noise, this study proposes three different synchronization capabilities between the client and trusted applications in the covert channel. These are synchronous, semi-synchronous, and asynchronous. Previously proposed PMU based covert channels deploy L1 and LLC cache PMU events. The latency of these events tends to be 100–1000 cycles limiting the bandwidth of these covert channels. We propose to use microarchitecture level events with latency of 10–100 cycles captured through PMU for covert channel encoding leading to a potential 100× higher bandwidth. This study conducts a series of experiments to evaluate the proposed covert channels under various synchronization models on a TrustZone supported Cortex-A processor using OP-TEE framework. As stated earlier, switch from signaling based on PMU cache events to PMU microarchitectural events leads to approximately 15× higher covert channel bandwidth. This proposed finer-grained microarchitecture event encoding covert channel can achieve throughput of the order of 11 Kbits/s as opposed to previous work’s throughput of the order of 760 bits/s.
8
Ma, Wei, Xiaoyong Li, Congdong Lv, and Fei Li. "An Architectural Refinement Approach Based on Trusted Channel in MLS Environment." Open Automation and Control Systems Journal 6, no. 1 (December 31, 2014): 1862–69. http://dx.doi.org/10.2174/1874444301406011862.
Повний текст джерела
9
Fairchild, Alea M. "What is the Role of Third Party Logistics (3PL) Partners in an Omni-Channel Strategy?" International Journal of Operations Research and Information Systems 7, no. 1 (January 2016): 22–32. http://dx.doi.org/10.4018/ijoris.2016010102.
Повний текст джерелаАнотація:
The logistical infrastructure of the supply chains of online and offline sales channels of suppliers have been historically often completely separate. In the growing mobile commerce market, customers interact with suppliers using multiple touch points in one overall stream of information and goods which is considered an omni-channel. For larger suppliers, this can be an intricate chain of either their own resources or global partners. For many smaller suppliers, this is a chain of third parties adding value to the core competency of the supplier. The selection of a logistics partner for a small and medium-sized enterprise (SME) is a substantial investment in both infrastructure and a trusted relationship. But do SME suppliers know what they are looking for in an omni-channel strategy, and why? This article examines what characteristics an SME looks for in a 3PL partner in an omni-channel strategy, and discusses how an omni-channel strategy can be developed for these players.
10
Wang, Zhe, Hui Wang, Yuning Yang, Dejian Li, Zhe Zhang, and Tiantian Wu. "The research of the side-channel analysis method based on deep learning for trusted platform module." Journal of Physics: Conference Series 2358, no. 1 (October 1, 2022): 012016. http://dx.doi.org/10.1088/1742-6596/2358/1/012016.
Повний текст джерелаАнотація:
At present, the trusted platform module (TPM) has been widely used in electricity, finance, transportation, and other industries, and its security has attracted much attention. The research on the side-channel attack (SCA) can be conducive to improving the security design technology of trusted platform modules. The side channel attack on the trusted platform module is studied from the initial differential power analysis (DPA) to the machine learning method. This paper introduces the deep learning techniques in SCA and proposes a new SCA technique based on deep learning. Firstly, on basis of the characteristics of SCA on TPM, we improve the convolutional neural network (CNN) models, including ResNet, VGG, and Google Net. Then, for the SM4 cipher implemented with and without countermeasures, we implement some attack experiments by exploiting the SCA based on various deep learning models and compare the experimental results with the DPA attack. The experiment results show that under the same circumstance, the SCA based on the deep learning method is more effective. We compare the effects of different CNN models and hyper-parameters to provide the basis and data for further research.
11
MANDAL, PARTHA SARATHI, and ANIL K. GHOSH. "A STATISTICAL APPROACH TOWARDS SECURE LOCATION VERIFICATION IN NOISY WIRELESS CHANNELS." International Journal of Foundations of Computer Science 25, no. 05 (August 2014): 563–84. http://dx.doi.org/10.1142/s0129054114500221.
Повний текст джерелаАнотація:
Location verification in wireless sensor networks (WSNs) is quite challenging in the presence of malicious sensor nodes, which are called attackers. These attackers try to break the verification protocol by reporting their incorrect locations during the verification stage. In the literature of WSNs, most of the existing methods of location verification use a set of trusted verifiers, which are vulnerable to attacks by malicious nodes. These existing methods also use some distance estimation techniques, which are not accurate in noisy channels. In this article, we adopt a statistical approach for secure location verification to overcome these limitations. Our proposed method does not rely on any trusted entities and it takes care of the limited precision in distance estimation by using a suitable probability model for the noise. The resulting verification scheme detects and filters out all malicious nodes from the network with a very high probability even when it is in a noisy channel.
12
WANG, Haixiang, Jingyi CAO, and Zhe LIU. "Energy Internet and Its Trusted Protection Architecture." Wuhan University Journal of Natural Sciences 27, no. 2 (April 2022): 169–76. http://dx.doi.org/10.1051/wujns/2022272169.
Повний текст джерелаАнотація:
Through the combination of new energy and Internet technology, the Energy Internet deeply integrates various complex network systems such as power, transportation and natural gas, aiming to change the energy utilization model and promote the sustainable development of economy and society. The Energy Internet takes the power grid as the "Backbone Network" , integrating the autonomous units of distributed energy, and integrating information and energy through the open-peer information and energy integration architecture. Information interaction scenarios of the Energy Internet information interaction scenarios include "human-object" , "human-human" and "object-object" . In this new interconnection mechanism environment, the lack of any security defenses may leave the Energy Internet exposed to the risk of information leakage, theft and loss, resulting in immeasurable losses. From "human-object" , "object-object" and "human-human" interaction scenarios, the paper puts forward fine-grained access control mechanism, trusted computing environment building in IoT devices and trusted communication channel construction, and designs a trusted protection architecture for the Energy Internet to ensure the data security throughout its life cycle. We verify that the proposed architecture can provide trusted environment for the Energy Internet.
13
Shah, Syed Luqman, Irshad Ahmed Abbasi, Alwalid Bashier Gism Elseed, Sikandar Ali, Zahid Anwar, Qasim Rajpoot, and Maria Riaz. "TAMEC: Trusted Augmented Mobile Execution on Cloud." Scientific Programming 2021 (March 8, 2021): 1–8. http://dx.doi.org/10.1155/2021/5542852.
Повний текст джерелаАнотація:
Cloud computing has emerged as an attractive platform for individuals and businesses to augment their basic processing capabilities. Mobile devices with access to Internet are also turning towards clouds for resource-intensive tasks by working out a trade-off between resources required for performing computation on-device against those required for off-loading task to the cloud. However, as with desktop clients, mobile clients face significant concerns related to confidentiality and integrity of data and applications moved to and from the cloud. Cloud-related security solutions proposed for desktop clients could not be readily ported to mobile clients owing to the obvious limitation in their processing capabilities and restrained battery life. We address this problem by proposing architecture for secure exchange and trusted execution between mobile devices and cloud hosts. We establish a symmetric-key-based secure communication channel between mobile and cloud, backed by a trusted coordinator. We also employee a Trusted Platform Module- (TPM-) based attestation of the cloud nodes on which the data and applications of mobile device will be hosted. This gives a comprehensive solution for end-to-end secure and trusted interaction of the mobile device with cloud hosts.
14
CLARKSON, MICHAEL R., and FRED B. SCHNEIDER. "Quantification of integrity." Mathematical Structures in Computer Science 25, no. 2 (November 10, 2014): 207–58. http://dx.doi.org/10.1017/s0960129513000595.
Повний текст джерелаАнотація:
Three integrity measures are introduced: contamination, channel suppression and program suppression. Contamination is a measure of how much untrusted information reaches trusted outputs; it is the dual of leakage, which is a measure of information-flow confidentiality. Channel suppression is a measure of how much information about inputs to a noisy channel is missing from the channel outputs. And program suppression is a measure of how much information about the correct output of a program is lost because of attacker influence and implementation errors. Program and channel suppression do not have interesting confidentiality duals. As a case study, a quantitative relationship between integrity, confidentiality and database privacy is examined.
15
Deeptha, R., and Rajeswari Mukesh. "Extending OpenID Connect Towards Mission Critical Applications." Cybernetics and Information Technologies 18, no. 3 (September 1, 2018): 93–110. http://dx.doi.org/10.2478/cait-2018-0041.
Повний текст джерелаАнотація:
Abstract Single Sign-On (SSO) decreases the complexity and eases the burden of managing many accounts with a single authentication mechanism. Mission critical application such as banking demands highly trusted identity provider to authenticate its users. The existing SSO protocol such as OpenID Connect protocol provides secure SSO but it is applicable only in the consumer-to-social-network scenarios. Owing to stringent security requirements, the SSO for banking service necessitates a highly trusted identity provider and a secured private channel for user access. The banking system depends on a dedicated central banking authority which controls the monetary policy and it must assume the role of the identity provider. This paper proposes an extension of OpenID Connect protocol that establishes a central identity provider for bank users, which facilitates the users to access different accounts using single login information. The proposed Enhanced OpenID Connect (EOIDC) modifies the authorization code flow of OpenID Connect to build a secure channel from a single trusted identity provider that supports multiple banking services. Moreover, the EOIDC tightens the security mechanism with the help of SAT to avoid impersonation attack using replay and redirect. The formal security analysis and validation demonstrate the strength of the EOIDC against possible attacks such as impersonation, eavesdropping, and a brute force login. The experimental results reveal that the proposed EOIDC system is efficient in providing secured SSO protocol for banking services.
16
Jiang, Nanlan, Sai Yang, and Pingping Xu. "Enabling Location Privacy Preservation in MANETs Based on Distance, Angle, and Spatial Cloaking." Electronics 9, no. 3 (March 8, 2020): 458. http://dx.doi.org/10.3390/electronics9030458.
Повний текст джерелаАнотація:
Preserving the location privacy of users in Mobile Ad hoc Networks (MANETs) is a significant challenge for location information. Most of the conventional Location Privacy Preservation (LPP) methods protect the privacy of the user while sacrificing the capability of retrieval on the server-side, that is, legitimate devices except the user itself cannot retrieve the location in most cases. On the other hand, applications such as geographic routing and location verification require the retrievability of locations on the access point, the base station, or a trusted server. Besides, with the development of networking technology such as caching technology, it is expected that more and more distributed location-based services will be deployed, which results in the risk of leaking location information in the wireless channel. Therefore, preserving location privacy in wireless channels without losing the retrievability of the real location is essential. In this paper, by focusing on the wireless channel, we propose a novel LPP enabled by distance (ranging result), angle, and the idea of spatial cloaking (DSC-LPP) to preserve location privacy in MANETs. DSC-LPP runs without the trusted third party nor the traditional cryptography tools in the line-of-sight environment, and it is suitable for MANETs such as the Internet of Things, even when the communication and computation capabilities of users are limited. Qualitative evaluation indicates that DSC-LPP can reduce the communication overhead when compared with k-anonymity, and the computation overhead of DSC-LPP is limited when compared with conventional cryptography. Meanwhile, the retrievability of DSC-LPP is higher than that of k-anonymity and differential privacy. Simulation results show that with the proper design of spatial divisions and parameters, other legitimate devices in a MANET can correctly retrieve the location of users with a high probability when adopting DSC-LPP.
17
Alder, Fritz, Jo Van Bulck, Jesse Spielman, David Oswald, and Frank Piessens. "Faulty Point Unit: ABI Poisoning Attacks on Trusted Execution Environments." Digital Threats: Research and Practice 3, no. 2 (June 30, 2022): 1–26. http://dx.doi.org/10.1145/3491264.
Повний текст джерелаАнотація:
This article analyzes a previously overlooked attack surface that allows unprivileged adversaries to impact floating-point computations in enclaves through the Application Binary Interface (ABI). In a comprehensive study across 7 industry-standard and research enclave shielding runtimes for Intel Software Guard Extensions (SGX), we show that control and state registers of the x87 Floating-Point Unit (FPU) and Intel Streaming SIMD Extensions are not always properly sanitized on enclave entry. We furthermore show that this attack goes beyond the x86 architecture and can also affect RISC-V enclaves. Focusing on SGX, we abuse the adversary’s control over precision and rounding modes as an ABI fault injection primitive to corrupt enclaved floating-point operations. Our analysis reveals that this is especially relevant for applications that use the older x87 FPU, which is still under certain conditions used by modern compilers. We exemplify the potential impact of ABI quality-degradation attacks for enclaved machine learning and for the SPEC benchmarks. We then explore the impact on confidentiality, showing that control over exception masks can be abused as a controlled channel to recover enclaved multiplication operands. Our findings, affecting 5 of 7 studied SGX runtimes and one RISC-V runtime, demonstrate the challenges of implementing high-assurance trusted execution across computing architectures.
18
Luo, Ya, and Yang Li. "A Method of Software Requirement Optimization and Selection Based on AGORA Extended Model." Advanced Materials Research 271-273 (July 2011): 1124–29. http://dx.doi.org/10.4028/www.scientific.net/amr.271-273.1124.
Повний текст джерелаАнотація:
With the widely used of software technology, how to build a trusted software system has become a hot topic in the academic field. However, to the multi-channel and multi-option of the realization for software systems, how to optimization and selection the requirement has become an important issue. Based on the AGORA extended model, this paper proposes a requirement optimization and selection method with some indicators, such as development costs, correctness and consistency.
19
Pham, Thu Anh, and Ngoc T. Dang. "Relay-Assisted Satellite QKD Systems using MMW Radio-over-FSO for Vehicular Networks." Journal of Science and Technology: Issue on Information and Communications Technology 18, no. 12.2 (December 29, 2020): 31. http://dx.doi.org/10.31130/ict-ud.2020.109.
Повний текст джерелаАнотація:
This paper aims at proposing a novel satellite quantum key distribution (QKD) system for vehicular networks. Quantum key from a satellite (i.e., a trusted node) is transmitted through a free-space optical (FSO) channel to a high-attitude platform (HAP) using radio-over-FSO (RoFSO) technique. HAP playing a role as a relaying node forwards the key to moving vehicles via millimeter-wave (MMW) channel. Key information generated is encoded on MMW subcarrier using binary phase shift keying (BPSK) signaling and then recovered at the receiver thanks to a dual-threshold detector. We derive the mathematical expressions for security analysis of the proposed QKD system in terms of quantum bit error rate and ergodic secret-key rate taking into account the channel loss and receiver noise. The numerical results confirm the feasibility of the proposed QKD system.
20
Ahmet Kurt, Suat Mercan, Enes Erdin, and Kemal Akkaya. "3-of-3 multisignature approach for enabling lightning network micro-payments on IoT devices." ITU Journal on Future and Evolving Technologies 2, no. 5 (July 23, 2021): 53–67. http://dx.doi.org/10.52953/wzpc8083.
Повний текст джерелаАнотація:
Bitcoin's success as a cryptocurrency enabled it to penetrate into many daily life transactions. Its problems regarding the transaction fees and long validation times are addressed through an innovative concept called the Lightning Network (LN) which works on top of Bitcoin by leveraging off-chain transactions. This made Bitcoin an attractive micropayment solution that can also be used within certain IoT applications (e.g., toll payments) since it eliminates the need for traditional centralized payment systems. Nevertheless, it is not possible to run LN and Bitcoin on resource-constrained IoT devices due to their storage, memory, and processing requirements. Therefore, in this paper, we propose an efficient and secure protocol that enables an IoT device to use LN's functions through a gateway LN node even if it is not trusted. The idea is to involve the IoT device only in signing operations, which is possible by replacing LN's original 2-of-2 multisignature channels with 3-of-3 multisignature channels. Once the gateway is delegated to open a channel for the IoT device in a secure manner, our protocol enforces the gateway to request the IoT device's cryptographic signature for all further operations on the channel such as sending payments or closing the channel. LN's Bitcoin transactions are revised to incorporate the 3-of-3 multisignature channels. In addition, we propose other changes to protect the IoT device's funds from getting stolen in possible revoked state broadcast attempts. We evaluated the proposed protocol using a Raspberry Pi considering a toll payment scenario. Our results show that timely payments can be sent and the computational and communication delays associated with the protocol are negligible.
21
Yang, Yun, Lie Wu, Chen Wang, and Hong Ai. "Research on Security Access and Authentication Technology of Power Terminal Based on TNC." Applied Mechanics and Materials 494-495 (February 2014): 1623–26. http://dx.doi.org/10.4028/www.scientific.net/amm.494-495.1623.
Повний текст джерелаАнотація:
Along with the construction of the strong smart grid, many intelligent terminal equipments and wireless communication devices are widely applied to the smart grid, bringing convenience to the construction of the smart grid business systems as well as some serious security issues of confidentiality. The data transmitted through the wireless channel by various types of wireless power terminals in the wireless network communication is vulnerable to eavesdropping and other attacks. In this paper, we proposed an security access architecture and authentication protocol of power terminal based on the theory of the trusted network connection (TNC) and gave the specific authentication protocol process based on the practical application in the smart grid environment. Eventually, we confirmed that the design of the scheme can ensure the integrity and security of the terminal itself according to the safety analysis, so as to build the trusted computing environment of electric power communication network system, ensuring the safety of the whole smart grid application environment.
22
Ryu, Jong Yeol, and Jung Hoon Lee. "Trust Degree-Based MISO Cooperative Communications with Two Relay Nodes." Wireless Communications and Mobile Computing 2019 (January 1, 2019): 1–13. http://dx.doi.org/10.1155/2019/7927358.
Повний текст джерелаАнотація:
In this paper, we propose transmission strategies in multiple-input-single-output (MISO) cooperative communications with two relay nodes in cases when the relay nodes have different trust degrees, where the trust degrees represent how much the relay nodes can be trusted for cooperation. For the given trust degrees and channel conditions, we first derive a relay selection strategy that maximizes the expected achievable rate. We then propose a cooperative transmission strategy of relays with an optimal cooperative beamforming vector that maximizes the expected achievable rate, which is a linear combination of weighted channel vectors. Finally, we derive the optimal transmission strategy, which is a mixed strategy between the relay selection and cooperative transmission strategies with respect to the trust degrees. Our analysis and numerical results show that the proposed transmission strategies increase the expected achievable rate by exploiting the trust degrees of the relay nodes, along with the channel conditions.
23
Farhi, Nitzan, Nir Nissim, and Yuval Elovici. "Malboard: A novel user keystroke impersonation attack and trusted detection framework based on side-channel analysis." Computers & Security 85 (August 2019): 240–69. http://dx.doi.org/10.1016/j.cose.2019.05.008.
Повний текст джерела
24
Annadurai, Soorya, and Bhargav J. Bhatkalkar. "Secure Multiparty Device Pairing Using Random Peephole Generations." Journal of Computational and Theoretical Nanoscience 17, no. 1 (January 1, 2020): 216–21. http://dx.doi.org/10.1166/jctn.2020.8653.
Повний текст джерелаАнотація:
A secure device pairing mechanism is used to establish a trusted communication channel between unassociated wireless devices. The broadcast nature of wireless communication opens the door for man-in-the-middle (MITM) attacks, and even other subtle forms of masquerader and misfeasor attacks. This paper introduces a simple device pairing approach to tackle such attacks seamlessly. The algorithm is compatible with a multitude of devices, whereas a majority of existing algorithms are based on two devices exclusively. This approach utilizes a human visual channel as an Out-Of-Band (OOB) channel to authenticate the public keys exchanged between the devices. The interactive nature of this approach forces user attention, hence improving the reliability and consistency of the device pairing process. To do so, we introduce the concept of ‘peepholes,’ and mathematically define it before demonstrating the algorithm’s methodology. Subsequent sections also demonstrate its robustness against attacks via misfeasors, masqueraders, and men-in-the-middle.
25
Ha, Yun-Sok, Kwang Taek Kim, Wook Nam, Hongzoo Park, Sangjun Yoo, Chan Ho Lee, Ho Seok Chung, et al. "Investigation of Information Acquisition Channel for Prostate Cancer High-Risk Group." Korean Journal of Urological Oncology 19, no. 3 (August 31, 2021): 174–82. http://dx.doi.org/10.22465/kjuo.2021.19.3.174.
Повний текст джерелаАнотація:
Purpose: The survey was conducted on Korean men to examine information acquisition channel for prostate cancer high risk group as part of the “Blue Ribbon Campaign” of the Korean Urological Oncology Society.Materials and Methods: An online survey of 500 men aged 50 years old or older was completed to query investigation of the status of prostate cancer awareness and information acquisition from February 4 to February 9, 2021.Results: Most men in their 50s and older are well aware that prostate cancer can also occur in young men in their 40s, so the rate of misunderstanding of the timing of prostate cancer screening after their 60s is very low. Two-thirds of all respondents (67.2%) were also confirmed that prostate cancer had no initial symptoms and was not included in the national cancer screening. Seventy-five percent of people look up information on their own in case of suspected prostate cancer, and 51.6% seek out knowledge on their own to prevent prostate cancer. Of the respondents, 27.4% of men contacted prostate cancer-related information within the past year, and the percentage of people contacted through ‘Internet/Phone,’ ‘People Around’ and ‘Television’ was high. The most trusted channel among prostate cancer information channels was ‘medical professionals,’ but the experience rate was not high, and the channel with high experience rate and reliability was shown as ‘television.’Conclusions: Much effort is still needed to understand the information acquisition behavior of Korean men and to improve awareness of early screening for prostate cancer.
26
Liu, Qiao, Guang Gong, Yong Wang, and Hui Li. "A Novel Secure Transmission Scheme in MIMO Two-Way Relay Channels with Physical Layer Approach." Mobile Information Systems 2017 (2017): 1–12. http://dx.doi.org/10.1155/2017/7843843.
Повний текст джерелаАнотація:
Security issue has been considered as one of the most pivotal aspects for the fifth-generation mobile network (5G) due to the increasing demands of security service as well as the growing occurrence of security threat. In this paper, instead of focusing on the security architecture in the upper layer, we investigate the secure transmission for a basic channel model in a heterogeneous network, that is, two-way relay channels. By exploiting the properties of the transmission medium in the physical layer, we propose a novel secure scheme for the aforementioned channel mode. With precoding design, the proposed scheme is able to achieve a high transmission efficiency as well as security. Two different approaches have been introduced: information theoretical approach and physical layer encryption approach. We show that our scheme is secure under three different adversarial models: (1) untrusted relay attack model, (2) trusted relay with eavesdropper attack model, and (3) untrusted relay with eavesdroppers attack model. We also derive the secrecy capacity of the two different approaches under the three attacks. Finally, we conduct three simulations of our proposed scheme. The simulation results agree with the theoretical analysis illustrating that our proposed scheme could achieve a better performance than the existing schemes.
27
Fischer, Andreas, Benny Fuhry, Jörn Kußmaul, Jonas Janneck, Florian Kerschbaum, and Eric Bodden. "Computation on Encrypted Data Using Dataflow Authentication." ACM Transactions on Privacy and Security 25, no. 3 (August 31, 2022): 1–36. http://dx.doi.org/10.1145/3513005.
Повний текст джерелаАнотація:
Encrypting data before sending it to the cloud ensures data confidentiality but requires the cloud to compute on encrypted data. Trusted execution environments, such as Intel SGX enclaves, promise to provide a secure environment in which data can be decrypted and then processed. However, vulnerabilities in the executed program give attackers ample opportunities to execute arbitrary code inside the enclave. This code can modify the dataflow of the program and leak secrets via SGX side channels. Fully homomorphic encryption would be an alternative to compute on encrypted data without data leaks. However, due to its high computational complexity, its applicability to general-purpose computing remains limited. Researchers have made several proposals for transforming programs to perform encrypted computations on less powerful encryption schemes. Yet current approaches do not support programs making control-flow decisions based on encrypted data. We introduce the concept of dataflow authentication (DFAuth) to enable such programs. DFAuth prevents an adversary from arbitrarily deviating from the dataflow of a program. Our technique hence offers protections against the side-channel attacks described previously. We implemented two flavors of DFAuth, a Java bytecode-to-bytecode compiler, and an SGX enclave running a small and program-independent trusted code base. We applied DFAuth to a neural network performing machine learning on sensitive medical data and a smart charging scheduler for electric vehicles. Our transformation yields a neural network with encrypted weights, which can be evaluated on encrypted inputs in \( 12.55 \,\mathrm{m}\mathrm{s} \) . Our protected scheduler is capable of updating the encrypted charging plan in approximately 1.06 seconds.
28
M, Priyatharishini, and M. Nirmala Devi. "A compressive sensing algorithm for hardware trojan detection." International Journal of Electrical and Computer Engineering (IJECE) 9, no. 5 (October 1, 2019): 4035. http://dx.doi.org/10.11591/ijece.v9i5.pp4035-4043.
Повний текст джерелаАнотація:
Traditionally many fabless companies outsource the fabrication of IC design to the foundries, which may not be trusted always. In order to ensure trusted IC’s it is more significant to develop an efficient technique that detects the presence of hardware Trojan. This malicious insertion causes the logic variation in the nets or leaks some sensitive information from the chip, which reduces the reliability of the system. The conventional testing algorithm for generating test vectors reduces the detection sensitivity due to high process variations. In this work, we present a compressive sensing approach, which can significantly generate optimal test patterns compared to the ATPG vectors. This approach maximizes the probability of Trojan circuit activation, with a high level of Trojan detection rate. The side channel analysis such as power signatures are measured at different time stamps to isolate the Trojan effects. The effect of process noise is minimized by this power profile comparison approach, which provides high detection sensitivity for varying Trojan size and eliminates the requirement of golden chip. The proposed test generation approach is validated on ISCAS benchmark circuits, which achieves Trojan detection coverage on an average of 88.6% reduction in test length when compared to random pattern.
29
ŠKORIĆ, BORIS. "Quantum readout of Physical Unclonable Functions." International Journal of Quantum Information 10, no. 01 (February 2012): 1250001. http://dx.doi.org/10.1142/s0219749912500013.
Повний текст джерелаАнотація:
Physical unclonable functions (PUFs) are physical structures that are hard to clone and have a unique challenge-response behavior. The term PUF was coined by Pappu et al. in 2001. That work triggered a lot of interest, and since then a substantial number of papers has been written about the use of a wide variety of physical structures for different security purposes such as identification, authentication, read-proof key storage, key distribution, tamper evidence, anti-counterfeiting, software-to-hardware binding and trusted computing. In this paper we propose a new security primitive: the quantum-readout PUF (QR-PUF). This is a classical PUF, without internal quantum degrees of freedom, which is challenged using a quantum state, e.g. a single-photon state, and whose response is also a quantum state. By the no-cloning property of unknown quantum states, attackers cannot intercept challenges or responses without noticeably disturbing the readout process. Thus, a verifier who sends quantum states as challenges and receives the correct quantum states back can be certain that he is probing a specific QR-PUF without disturbances, even if the QR-PUF is far away "in the field" and under hostile control. For PUFs whose information content is not exceedingly large, all currently known PUF-based authentication and anti-counterfeiting schemes require trusted readout devices in the field. Our quantum readout scheme has no such requirement. Furthermore, we show how the QR-PUF authentication scheme can be interwoven with quantum key exchange (QKE), leading to an authenticated QKE protocol between two parties. This protocol has the special property that it requires no a priori secret shared by the two parties, and that the quantum channel is the authenticated channel, allowing for an unauthenticated classical channel. We provide security proofs for a limited class of attacks. The proofs depend on the physical unclonability of PUFs and on the practical infeasibility of building a quantum computer.
30
Hopfer, Suellen, Huong T. Duong, Samantha Garcia, and Sora P. Tanjasiri. "Health Information Source Characteristics Matter: Adapting the Dissemination of an HPV Vaccine Intervention to Reach Latina and Vietnamese Women." Journal of Primary Prevention 42, no. 5 (July 20, 2021): 511–29. http://dx.doi.org/10.1007/s10935-021-00643-2.
Повний текст джерелаАнотація:
AbstractLatina and Vietnamese women are disproportionately burdened by human papillomavirus (HPV)-associated cervical cancer and underutilize the HPV vaccine, which is an effective cancer prevention measure. To inform the adaptation of a National Cancer Institute’s evidence-based cancer control program, HPV Vaccine Decision Narratives, and because of the rapidly changing information concerning consumption patterns of young adults, we elicited preferences and characteristics associated with women’s interest in various health information sources, specifically for HPV vaccination. We conducted 50 interviews with young Latina and Vietnamese women at two Planned Parenthood health centers in Southern California. Interview questions were guided by the Channel Complementarity Theory and focused on understanding the multiple communication channels women turn to for health, and the characteristics that motivate their use. Our results showed that Latina and Vietnamese women turn to many sources, from online and social media to school health classes, mothers, and doctors. Specific characteristics that motivate women’s online use of health information included immediacy and access, convenience and credibility. When receiving HPV vaccine information, privacy, avoiding information overload, interpersonal engagement, and receiving health information from trusted sources was important. Our study advances the prevention literature by elevating the role of platform delivery considerations and emphasizing preferences to effectively reach Latina and Vietnamese women, who are disproportionately burdened by HPV cancers and are less aware of HPV vaccine prevention. These results can be used to further inform the dissemination of this cancer control program. Adaptation of the program should include changes to its delivery, such that trusted sources are used, and dissemination is coordinated to send a consistent message across multiple communication methods.
31
Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. "Computation on Encrypted Data using Dataflow Authentication." Proceedings on Privacy Enhancing Technologies 2020, no. 1 (January 1, 2020): 5–25. http://dx.doi.org/10.2478/popets-2020-0002.
Повний текст джерелаАнотація:
AbstractEncrypting data before sending it to the cloud protects it against attackers, but requires the cloud to compute on encrypted data. Trusted modules, such as SGX enclaves, promise to provide a secure environment in which data can be decrypted and then processed. However, vulnerabilities in the executed program, which becomes part of the trusted code base (TCB), give attackers ample opportunity to execute arbitrary code inside the enclave. This code can modify the dataflow of the program and leak secrets via SGX side-channels. Since any larger code base is rife with vulnerabilities, it is not a good idea to outsource entire programs to SGX enclaves. A secure alternative relying solely on cryptography would be fully homomorphic encryption. However, due to its high computational complexity it is unlikely to be adopted in the near future. Researchers have made several proposals for transforming programs to perform encrypted computations on less powerful encryption schemes. Yet current approaches do not support programs making control-flow decisions based on encrypted data.We introduce the concept of dataflow authentication (DFAuth) to enable such programs. DFAuth prevents an adversary from arbitrarily deviating from the dataflow of a program. Our technique hence offers protections against the side-channel attacks described above. We implemented DFAuth using a novel authenticated homomorphic encryption scheme, a Java bytecode-tobytecode compiler producing fully executable programs, and an SGX enclave running a small and program-independent TCB. We applied DFAuth to an existing neural network that performs machine learning on sensitive medical data. The transformation yields a neural network with encrypted weights, which can be evaluated on encrypted inputs in 0.86 s.
32
Cao, Wen-Fei, Yi-Zheng Zhen, Yu-Lin Zheng, Shuai Zhao, Feihu Xu, Li Li, Zeng-Bing Chen, Nai-Le Liu, and Kai Chen. "Open-Destination Measurement-Device-Independent Quantum Key Distribution Network." Entropy 22, no. 10 (September 26, 2020): 1083. http://dx.doi.org/10.3390/e22101083.
Повний текст джерелаАнотація:
Quantum key distribution (QKD) networks hold promise for sharing secure randomness over multi-partities. Most existing QKD network schemes and demonstrations are based on trusted relays or limited to point-to-point scenario. Here, we propose a flexible and extensible scheme named as open-destination measurement-device-independent QKD network. The scheme enjoys security against untrusted relays and all detector side-channel attacks. Particularly, any users can accomplish key distribution under assistance of others in the network. As an illustration, we show in detail a four-user network where two users establish secure communication and present realistic simulations by taking into account imperfections of both sources and detectors.
33
Sattar, Zina. "A Practical E-Test System." International Journal of Emerging Technologies in Learning (iJET) 14, no. 21 (November 18, 2019): 110. http://dx.doi.org/10.3991/ijet.v14i21.10866.
Повний текст джерелаАнотація:
this article presents an encryption system which has many characteristics, like anonymity, originality, correctness, confidentiality, durability and confirmation as well as no need to any trusted authority. Besides that the submitted system gives an evidence of the successful submission by using anonymity property. Additional to use the anonymous return channel, also use the timed-based solution. The proposed system has been implemented and its results were measured. The preliminary findings in this paper seem very promising. Also, the results show that the system is applicable and will yield good results if applied to new generations of mobile phones. Furthermore, the results show that the method is more efficient and faster than the system already in place.
34
Molotkov, S. N. "On the robustness of information-theoretic authentication in quantum cryptography." Laser Physics Letters 19, no. 7 (May 19, 2022): 075203. http://dx.doi.org/10.1088/1612-202x/ac6a60.
Повний текст джерелаАнотація:
Abstract In addition to the quantum channel, an auxiliary classical authentic communication channel is required for quantum key distribution. To provide unconditional security in quantum cryptography, which based on the fundamental laws of quantum mechanics, information-theoretic authentication is required, and not authentication based on computational complexity. The paper provides a security proof of information-theoretic authentication in quantum cryptography using ɛ-ASU2 hash functions. The internal structure of ɛ-ASU2 hash functions is not used in the proof, so these hash functions can be implemented by a different composition of other hash functions, for example, including the composition ɛ-AXU2 functions with a reused key and subsequent encryption of the tag with a one-time pad key, which is taken from the previous session of quantum key distribution. It is also shown that information-theoretic authentication preserves composable security of the keys. This authentication method can also be used for key agrrement in in networks with trusted nodes (Molotkov 2022 Laser Phys. Lett. 19 045201–9; Arbekov and Molotkov 2020 Laser Phys. Lett. 17 055202–8) and with quantum key distribution.
35
Wimpenny, Gareth, Jan Šafář, Alan Grant, and Martin Bransby. "Securing the Automatic Identification System (AIS): Using public key cryptography to prevent spoofing whilst retaining backwards compatibility." Journal of Navigation 75, no. 2 (December 14, 2021): 333–45. http://dx.doi.org/10.1017/s0373463321000837.
Повний текст джерелаАнотація:
AbstractThe civilian Automatic Identification System (AIS) has no inherent protection against spoofing. Spoofed AIS messages have the potential to interfere with the safe navigation of a vessel by, amongst other approaches, spoofing maritime virtual aids to navigation and/or differential global navigation satellite system (DGNSS) correction data conveyed across it. Acting maliciously, a single transmitter may spoof thousands of AIS messages per minute with the potential to cause considerable nuisance; compromising information provided by AIS intended to enhance the mariner's situational awareness. This work describes an approach to authenticate AIS messages using public key cryptography (PKC) and thus provide unequivocal evidence that AIS messages originate from genuine sources and so can be trusted. Improvements to the proposed AIS authentication scheme are identified which address a security weakness and help avoid false positives to spoofing caused by changes to message syntax. A channel loading investigation concludes that sufficient bandwidth is available to routinely authenticate all AIS messages whilst retaining backwards compatibility by carrying PKC ‘digital signatures’ in a separate VHF Data Exchange System (VDES) side channel.
36
Chen, Yi, Hong Wen, Jinsong Wu, Huanhuan Song, Aidong Xu, Yixin Jiang, Tengyue Zhang, and Zhen Wang. "Clustering Based Physical-Layer Authentication in Edge Computing Systems with Asymmetric Resources." Sensors 19, no. 8 (April 24, 2019): 1926. http://dx.doi.org/10.3390/s19081926.
Повний текст джерелаАнотація:
In this paper, we propose a clustering based physical-layer authentication scheme (CPAS) to overcome the drawback of traditional cipher-based authentication schemes that suffer from heavy costs and are limited by energy-constrained intelligent devices. CPAS is a novel cross-layer secure authentication approach for edge computing system with asymmetric resources. The CPAS scheme combines clustering and lightweight symmetric cipher with physical-layer channel state information to provide two-way authentication between terminals and edge devices. By taking advantage of temporal and spatial uniqueness in physical layer channel responses, the non-cryptographic physical layer authentication techniques can achieve fast authentication. The lightweight symmetric cipher initiates user authentication at the start of a session to establish the trust connection. Based on theoretical analysis, the CPAS scheme is secure and simple, but there is no trusted party, while it can also resist small integer attacks, replay attacks, and spoofing attacks. Besides, experimental results show that the proposed scheme can boost the total success rate of access authentication and decrease the data frame loss rate, without notable increase in authentication latencies.
37
Karabacak, Fatih, Umit Ogras, and Sule Ozev. "Malicious Activity Detection in Lightweight Wearable and IoT Devices Using Signal Stitching." Sensors 21, no. 10 (May 13, 2021): 3408. http://dx.doi.org/10.3390/s21103408.
Повний текст джерелаАнотація:
The integrated circuit (IC) manufacturing process involves many players, from chip/board design and fabrication to firmware design and installation. In today’s global supply chain, any of these steps are prone to interference from rogue players, creating a security risk. Therefore, manufactured devices need to be verified to perform only their intended operations since it is not economically feasible to control the supply chain and use only trusted facilities. This paper presents a detection technique for malicious activity that can stem from hardware or firmware Trojans. The proposed technique relies on (i) repetitious side-channel sample collection of the active device, (ii) time-domain stitching, and (iii) frequency domain analysis. Since finding a trusted sample is generally impractical, the proposed technique is based on self-referencing to remove the effects of environmental or device-to-device variation in the frequency domain. We first observe that the power spectrum of the Trojan activity is confined to a low-frequency band. Then, we exploit this fact to achieve self-referencing using signal detection theory. The proposed technique’s effectiveness is demonstrated through experiments on a wearable electronics prototype and system-on-chip (SoC) under a variety of practical scenarios. Experimental results show the proposed detection technique enables a high overall detection coverage for malicious activities of varying types with 0.8 s monitoring time overhead, which is negligible.
38
Prema Sindhuri, B., and M. Kameswara Rao. "IoT security through web application firewall." International Journal of Engineering & Technology 7, no. 2.7 (March 18, 2018): 58. http://dx.doi.org/10.14419/ijet.v7i2.7.10259.
Повний текст джерелаАнотація:
The current trend in home electronics needs to be Internet Connectivity. Internet of Things is a collection of many interconnected objects, services and devices that can communicate and share the data to achieve a common goal in different areas and applications using internet. Attacks on IoT devices are physical attacks, side channel attacks, cryptanalysis attacks, software attacks, network attacks. The network attacks does not require physical access to create a major disruption like DDos in the network. The attackers can insert themselves between us and our devices like Man in Middle Attack. A firewall acts as a barrier between a trusted network and an untrusted network. This is a proposed work to focus on the security challenges of IoT using web application firewall.
39
ANDRÉS, MIGUEL E., CATUSCIA PALAMIDESSI, and GEOFFREY SMITH. "Preface to the special issue on quantitative information flow." Mathematical Structures in Computer Science 25, no. 2 (November 10, 2014): 203–6. http://dx.doi.org/10.1017/s0960129513000583.
Повний текст джерелаАнотація:
A long-standing and fundamental issue in computer security is to control the flow of information, whether to prevent confidential information from being leaked, or to prevent trusted information from being tainted. While there have been many efforts aimed at preventing improper flows completely (see for example, the survey by Sabelfeld and Myers (2003)), it has long been recognized that perfection is often impossible in practice. A basic example is a login program – whenever it rejects an incorrect password, it unavoidably reveals that the secret password differs from the one that was entered. More subtly, systems may be vulnerable to side channel attacks, because observable characteristics like running time and power consumption may depend, at least partially, on sensitive information.
40
Crowe, David, and Wasim Al-Hamdani. "Retained-Key Encryption." International Journal of Interdisciplinary Telecommunications and Networking 5, no. 2 (April 2013): 1–17. http://dx.doi.org/10.4018/jitn.2013040101.
Повний текст джерелаАнотація:
This paper presents a synchronous encryption key management model that does not require the sender to disclose the encryption key in order to effect decryption. This eliminates the need for key exchange mechanisms, giving the sender improved control over their keys. The retained-key model is presented as being a software application that handles the initiation of a secure communication channel between sender and receiver, and facilitates user authentication by a trusted third party—presumably, the software’s vendor. This model is not intended to replace public/private key-based mechanisms, as they serve an important role in message signing and authentication. Rather, it seeks to provide an alternative means of decrypting messages in a secure fashion while allowing the sender to avoid the need to disclose the message’s key.
41
Shah, Shakir-Ullah, Jamil Ahmad, and Najeeb-ur Rehman. "Design and Implementation of Inter-operable and Secure Agent Migration Protocol." International Arab Journal of Information Technology 17, no. 4 (July 1, 2020): 461–70. http://dx.doi.org/10.34028/iajit/17/4/4.
Повний текст джерелаАнотація:
Mobile agent technology is an active research topic and has found its uses in various diverse areas ranging from simple personal assistance to complex distributed big data systems. Its usage permits offline and autonomous execution as compared to classical distributed systems. The free roaming nature of agents makes it prone to several security threats during its transit state, with an added overhead in its interoperability among different types of platforms. To address these problems, both software and hardware based approaches have been proposed to ensure protection at various transit points. However, these approaches do not ensure interoperability and protection to agents during transit over a channel, simultaneously. In this regard, an agent requires a trustworthy, interoperable, and adaptive protocol for secure migration. In this paper, to answer these research issues, we first analyse security flaws in existing agent protection frameworks. Second, we implemented a novel migration architecture which is: 1) fully inter-operable compliance to the Foundation for Intelligent Physical Agents (FIPA) and 2) trustworthy based on Computing Trusted Platform Module (TPM). The proposed approach is validated by testing on software TPM of IBM, JSR321, and jTPMTools as TPM and Trusted Computing Software Stack (TSS) interfaces, JADE-agent framework and 7Mobility Service (JIPMS). Validation is also performed on systems bearing physical TPM-chips. Moreover, some packages of JIPMS are also modified by embedding our proposed approach into their functions. Our performance results show that our approach merely adds an execution overhead during the binding and unbinding phases
42
Gebert-Persson, Sabine, Mikael Gidhagen, James E. Sallis, and Heléne Lundberg. "Online insurance claims: when more than trust matters." International Journal of Bank Marketing 37, no. 2 (April 1, 2019): 579–94. http://dx.doi.org/10.1108/ijbm-02-2018-0024.
Повний текст джерелаАнотація:
Purpose The purpose of this paper is to develop and test a theoretical framework explaining the adoption of online insurance claims characterised by infrequent interactions, inherent complexity and risk. It extends the technology acceptance model to include knowledge-related and trust-related beliefs. Design/methodology/approach The framework is tested with structural equation modelling using data from a survey of 292 customers who made online insurance claims. Findings are further explained through 30 telephone interviews conducted with online and offline claimants. Findings Previous research in financial services has shown trust to be equally or more important than perceived usefulness and perceived ease of use in forming attitudes towards adopting online insurance applications. The findings of this paper contradict this by showing, at best, a weak relationship between trusting attitude and intention to use the online service. Trust is somewhat meaningful; however, perceived ease of use, perceived usefulness and technology attitude are substantially more important in an online insurance claims setting. Research limitations/implications Contradictory results always beg further research to assure their robustness. Nevertheless, they can also point to a developing trend where trust in the internet channel, per se, is of diminishing importance. Internet and product knowledge are not as pertinent to forming intentions as usefulness and ease of use. Practical implications To encourage customers to adopt online applications for a trusted company, all emphasis should be on user friendliness and perceived usefulness of the online interface. Originality/value Compared to other channels, consumers are no longer naïve or distrustful of the online channel for interacting with a firm. If they perceive usefulness and ease of use, they will adopt the offered service.
43
Bouida, Zied, Athanasios Stavridis, Ali Ghrayeb, Harald Haas, Mazen Hasna, and Mohamed Ibnkahla. "Precoding-Aided Spatial Modulation for the Wiretap Channel with Relay Selection and Cooperative Jamming." Wireless Communications and Mobile Computing 2018 (August 5, 2018): 1–11. http://dx.doi.org/10.1155/2018/8407297.
Повний текст джерелаАнотація:
We propose in this paper a physical-layer security (PLS) scheme for dual-hop cooperative networks in an effort to enhance the communications secrecy. The underlying model comprises a transmitting node (Alice), a legitimate node (Bob), and an eavesdropper (Eve). It is assumed that there is no direct link between Alice and Bob, and the communication between them is done through trusted relays over two phases. In the first phase, precoding-aided spatial modulation (PSM) is employed, owing to its low interception probability, while simultaneously transmitting a jamming signal from Bob. In the second phase, the selected relay detects and transmits the intended signal, whereas the remaining relays transmit the jamming signal received from Bob. We analyze the performance of the proposed scheme in terms of the ergodic secrecy capacity (ESC), the secrecy outage probability (SOP), and the bit error rate (BER) at Bob and Eve. We obtain closed-form expressions for the ESC and SOP and we derive very tight upper-bounds for the BER. We also optimize the performance with respect to the power allocation among the participating relays in the second phase. We provide examples with numerical and simulation results through which we demonstrate the effectiveness of the proposed scheme.
44
Tang, Chunming, Yuyu Ma, and Xiang Yu. "Design and Implementation of Port Video Terminals Security Access Authentication System Using Blockchain Technology." E3S Web of Conferences 253 (2021): 03086. http://dx.doi.org/10.1051/e3sconf/202125303086.
Повний текст джерелаАнотація:
In the face of the increasing scale of port video surveillance systems, edge computing is gradually used to improve the real-time processing efficiency of surveillance systems and reduce the load on the cloud with the advantages of distributed computing. In order to improve the security factor of terminal access in the edge computing environment, this paper proposes a decentralized terminal security access authentication system based on blockchain, which realizes the identity registration, revocation and mutual authentication of two interfaces between terminal devices and edge computing through the smart contract technology of blockchain, and establishes a trusted channel for data transmission between terminals and edge nodes. Through the functional test of the system and the security analysis of the system on the Hyperledger Fabric platform, it shows that the system has more security attributes and higher security.
45
Hieu, Le Quang, and Nguyen Thi Loan. "Determinants of Gen Z Online Buying Behavior: A Quantitative Research." Asian Journal of Applied Science and Technology 06, no. 02 (2022): 36–48. http://dx.doi.org/10.38177/ajast.2022.6206.
Повний текст джерелаАнотація:
Online shopping is growing at the fastest rate and gradually becoming a popular and trusted shopping channel of customers around the world, in which, the customer group accounts for a large proportion and tends to lead consumer behavior. Current and future online is generation Z. Therefore, this article focuses on analyzing factors affecting online shopping behavior of Gen Z in Vietnam, thereby proposing solutions to help businesses continue to approach and conquer this group of potential customers. To achieve the goal, the study conducted an online survey of 374 Gen Z e-buyers by means of convenient sampling nationwide, combined with the use of SPSS 25.0 software in factor analysis and linear regression analysis. Research results show that, STT, TDU are the factors that have a decisive impact on the online shopping behavior of Gen Z buyers.
46
Wiese, Moritz, and Holger Boche. "Mosaics of combinatorial designs for information-theoretic security." Designs, Codes and Cryptography 90, no. 3 (January 5, 2022): 593–632. http://dx.doi.org/10.1007/s10623-021-00994-1.
Повний текст джерелаАнотація:
AbstractWe study security functions which can serve to establish semantic security for the two central problems of information-theoretic security: the wiretap channel, and privacy amplification for secret key generation. The security functions are functional forms of mosaics of combinatorial designs, more precisely, of group divisible designs and balanced incomplete block designs. Every member of a mosaic is associated with a unique color, and each color corresponds to a unique message or key value. Every block index of the mosaic corresponds to a public seed shared between the two trusted communicating parties. The seed set should be as small as possible. We give explicit examples which have an optimal or nearly optimal trade-off of seed length versus color (i.e., message or key) rate. We also derive bounds for the security performance of security functions given by functional forms of mosaics of designs.
47
Gupta, Manik, Rakesh Kumar, Shashi Shekhar, Bhisham Sharma, Ram Bahadur Patel, Shaily Jain, Imed Ben Dhaou, and Celestine Iwendi. "Game Theory-Based Authentication Framework to Secure Internet of Vehicles with Blockchain." Sensors 22, no. 14 (July 7, 2022): 5119. http://dx.doi.org/10.3390/s22145119.
Повний текст джерелаАнотація:
The Internet of Vehicles (IoV) is a new paradigm for vehicular networks. Using diverse access methods, IoV enables vehicles to connect with their surroundings. However, without data security, IoV settings might be hazardous. Because of the IoV’s openness and self-organization, they are prone to malevolent attack. To overcome this problem, this paper proposes a revolutionary blockchain-enabled game theory-based authentication mechanism for securing IoVs. Here, a three layer multi-trusted authorization solution is provided in which authentication of vehicles can be performed from initial entry to movement into different trusted authorities’ areas without any delay by the use of Physical Unclonable Functions (PUFs) in the beginning and later through duel gaming, and a dynamic Proof-of-Work (dPoW) consensus mechanism. Formal and informal security analyses justify the framework’s credibility in more depth with mathematical proofs. A rigorous comparative study demonstrates that the suggested framework achieves greater security and functionality characteristics and provides lower transaction and computation overhead than many of the available solutions so far. However, these solutions never considered the prime concerns of physical cloning and side-channel attacks. However, the framework in this paper is capable of handling them along with all the other security attacks the previous work can handle. Finally, the suggested framework has been subjected to a blockchain implementation to demonstrate its efficacy with duel gaming to achieve authentication in addition to its capability of using lower burdened blockchain at the physical layer, which current blockchain-based authentication models for IoVs do not support.
48
Chien, Hung-Yu, and Nian-Zu Wang. "A Novel MQTT 5.0-Based Over-the-Air Updating Architecture Facilitating Stronger Security." Electronics 11, no. 23 (November 25, 2022): 3899. http://dx.doi.org/10.3390/electronics11233899.
Повний текст джерелаАнотація:
Over-the-air (OTA) updating is a critical mechanism for secure internet of things (IoT) systems for remotely updating the firmware (or keys) of IoT devices. Message queue telemetry transport (MQTT) is a very popular internet of things (IoT) communication protocol globally. Therefore, MQTT also becomes popular in facilitating the OTA mechanism in many IoT platforms, such as the Amazon IoT platform. In these IoT platforms, the MQTT broker acts as the message broker and as an OTA server simultaneously; in these broker-based OTA architectures, it is quite common that an IoT application manager not only uploads the new firmware/software to the broker but also delegates his signing authority on the firmware/software to the same broker. If the broker is secure and trusted, this OTA model works well; however, it incurs lots of security concerns if the broker is not fully trusted or if it is curious. Many MQTT deployments do not own their own brokers, but rely on a third-party broker, which sometimes is a freeware program or is maintained by a curious third party. Therefore, a secure OTA process should protect privacy against these brokers. This paper designs a novel MQTT-based OTA model in which an IoT application manager can fully control the OTA process through an end-to-end (E2E) channel. We design the model using MQTT 5.0’s new features and functions. The analysis shows that the new model greatly enhances security and privacy properties while maintaining high efficiency.
49
Mukherjee, Jaydeep. "Managing Sales Team at Balram Beverages." Vision: The Journal of Business Perspective 21, no. 4 (November 30, 2017): 473–78. http://dx.doi.org/10.1177/0972262917733196.
Повний текст джерелаАнотація:
Shyam Sundar, General Manager (Sales and Marketing) at Balram Beverages Pvt. Limited (BBPL), was pondering over the final decision regarding whom to offer the post of Deputy General Manager - Sales. Choice was between Sandeep, Arun and Vimal. Sandeep was an ex-employee of BBPL and had worked with Shyam from 2006 to 2015 as a Sales Manager - Route to Market. Arun Mohan was from a very reputed Indian fast moving consumer goods company, which operated through an entirely different channel than BBPL, and dominated the packaged fruit juice market in India. Shyam expected the sales figures of Coca Cola and BBPL would increase considerably over the next few years due to the natural growth in the market and the planned increase in the product portfolio. The key to harnessing the growth and profitability would be essentially by expanding the distribution channel to include the fruit juice / milk product specific retail outlets, and by driving execution excellence and productivity of the sales force. He wondered how important would be the stability of the sales force as compared to the need to infuse new talent and knowhow about new channels in the sales team. It was further complicated by the resignation of Vimal Dhingra, one of his best performing and trusted Market Expansion Managers, who was tasked with growing the untapped and small rural markets. Vimal however shared that only if he were offered the position of DGM - Sales by BBPL, he would be ready to take back his resignation. How much risk he could take in recruiting someone in senior level of the sales team was a debate for him, also the likely signal that his choice would give to the entire 200 strong field force was unknown.
50
Shliakhtina, E. A., and D. Y. Gamayunov. "GROUP AUTHENTICATION SCHEME BASED ON ZERO-KNOWLEDGE PROOF." Prikladnaya Diskretnaya Matematika, no. 51 (2021): 68–84. http://dx.doi.org/10.17223/20710410/51/3.
Повний текст джерелаАнотація:
In this paper, we address the problem of mutual authentication in user groups in decentralized messaging systems without trusted third party. We propose a mutual authentication algorithm for groups using zero-knowledge proof. Using the algorithm, which is based on trust chains existing in decentralized network, users are able to authenticate each other without establishing a shared secret over side channel. The proposed algorithm is based on Democratic Group Signature protocol (DGS) and Communication-Computation Efficient Group Key algorithm for large and dynamic groups (CCEGK). We have performed security analysis of the proposed mutual authentication scheme against several attacks including Sybil attack and have made complexity estimation for the algorithm. The algorithm is implemented in an experimental P2P group messaging application, and using this implementation we estimate overhead of the authentication scheme and convergence time for several initial configurations of user groups and trust chains.