Friday, December 27, 2019

Most Viewed Article for an year in Academia!

International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html

SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS
https://www.academia.edu/38888363/SECURITY_and_PRIVACY_THREATS_ATTACKS_AND_COUNTERMEASURES_IN_INTERNET_OF_THINGS

Original Source URL : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf

http://airccse.org/journal/jnsa19_current.html



at No comments:
Labels:

Wednesday, December 25, 2019

A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications

A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications
H.Jayasree1 and Dr. A.Damodaram2
1Assoc. Prof, Dept. of IT, ATRI, Hyderabad.
2Director – Academic Audit Cell & Prof. of CSE Dept, JNTUH, Kukatpally, Hyderabad.

Abstract 

With the economy developing and popular Internet, the general concept of contract signing has changed. In the past, people usually sign a contract at the same time and same place face to face, but actually each party involved in contract may live in different part of earth, they want to sign something for business or some other things in economic, efficient, secure and fairway. A fair contract signing protocol allows two potentially mis-trusted parities to exchange their commitments (i.e., digital signatures) to an agreed contract over the Internet in a fair way, so that either each of them obtains the other’s signature, or neither party does. Based on the LUCAS signature scheme, a new digital anonymous contract signing protocol is proposed in this paper. Like the existing LUCAS-based solutions for the same problem, our protocol is fair, anonymous and optimistic. Furthermore, the proposed protocol satisfied a new property, i.e., it is abuse-free. That is, if the protocol is executed unsuccessfully, either of the two parties can not show the validity of intermediate results to others.

Keywords

Contract signing, fair-exchange, digital signatures, LUCAS, e-commerce, cryptographic protocols, security. 




at No comments:
Labels: , , , , , ,

Thursday, December 19, 2019

Most Downloaded Article for an year in Academia!

at No comments:
Labels:

Wednesday, December 18, 2019

HEALTHCARE IT: IS YOUR INFORMATION AT RISK?

HEALTHCARE IT: IS YOUR INFORMATION AT RISK?

Kimmarie Donahue1 and Syed (Shawon) M. Rahman, PhD2
1Information Assurance Project Lead, San Antonio, TX, USA
2Assistant Professor, University of Hawaii-Hilo, Hilo, USA and Adjunct Faculty, Capella University, Minneapolis,USA

ABSTRACT

Healthcare Information Technology (IT) has made great advances over the past few years and while these advances have enable healthcare professionals to provide higher quality healthcare to a larger number of individuals it also provides the criminal element more opportunities to access sensitive information, such as patient protected health information (PHI) and Personal identification Information (PII). Having an Information Assurance (IA) programallows for the protection of information and information systems andensures the organization is in compliance with all requires regulations, laws and directive is essential. While most organizations have such a policy in place, often it is inadequate to ensure the proper protection to prevent security breaches. The increase of data breaches in the last few years demonstrates the importance of an effective IA program. To ensure an effective IA policy, the policy must manage the operational risk, including identifying risks, assessment and mitigation of identified risks and ongoing monitoring to ensure compliance.

KEYWORDS

Information Assurance, Personal Identification Information, Protected Health Information, and IT Security




at No comments:
Labels: , , ,

Friday, December 13, 2019

COMPARISON OF CERTIFICATE POLICIES FORMERGING PUBLIC KEY INFRASTRUCTURESDURING MERGER AND ACQUISITION OF COMPANIES

COMPARISON OF CERTIFICATE POLICIES FORMERGING PUBLIC KEY INFRASTRUCTURESDURING MERGER AND ACQUISITION OF COMPANIES
Balachandra Muniyal1, Prema K.V2, Mamatha Balachandra3
1Dept. of Information and Communication Technology, Manipal Institute of Technology, Manipal University, Manipal,India
2Dept. of Computer Science and Engineering, Modi Institute of Technological Sciences, Jaipur, India
3Dept. of Computer Science and Engineering, Manipal Institute of Technology, Manipal University, Manipal,India 


ABSTRACT

The Public Key Infrastructure(PKI) provides facilities for data encryption, digital signature and time stamping. It is a system where different authorities verify and authenticate the validity of each participant with the use of digital certificates. A Certificate Policy (CP) is a named set of rules and it indicates the applicability of a certificate in a Public Key Infrastructure. Sometimes two companies or organizations with different PKIs merge. Therefore it would be necessary that their PKIs are also able to merge. Sometimes, the unification of different PKIs is not possible because of the different certificate policies. This paper presents a method to compare and assess certificate policies during merger and acquisition of companies.

KEYWORDS

Public Key Infrastructure(PKI), Certification Authority(CA), Certificate Policy(CP), Certificate Practice Statement(CPS), Cross-Certification, PKI Interoperability. 





at No comments:
Labels: , , , , ,

Wednesday, December 11, 2019

SECURITY V/S QOS FOR LTE AUTHENTICATION AND KEY AGREEMENT PROTOCOL

SECURITY V/S QOS FOR LTE AUTHENTICATION AND KEY AGREEMENT PROTOCOL
Jacques Bou Abdo1, Jacques Demerjian2 and Hakima Chaouchi3
1Nokia Siemens Networks, Beirut, Lebanon
2Faculty of Engineering, Antonine University, Baabda, Lebanon
3Telecom Sud Paris, Institut Telecom, CNRS SAMOVAR, UMR 5751, Paris, France

ABSTRACT

Protocol and technology convergence, the core of near future communication, will soon be forming the interoperating heterogeneous networks. Attaining a strict secure authentication without risking the QoS performance and call success rates is a major concern when it comes to wireless heterogeneous networks. In order to achieve this, a generic, fast and secure, Authentication and Key Agreement protocol is to be used; a version of which is to be implemented between each two technologies. In this research, different existing EPS-EPS AKA protocols will be compared with our proposed protocol EC-AKA (Ensure Confidentiality Authentication and Key Agreement) based on security, cost effectiveness, signaling overhead, delay and performance. It is proven that EC-AKA is the exclusive protocol satisfying the New Generation Network’s KPIs and it will be promoted as the target generic AKA protocol in heterogeneous networks.

KEYWORDS

Authentication, LTE Security, EPS, Mobile Security, AKA, EC-AKA, NGN






at No comments:
Labels: , , , , , ,

Friday, December 6, 2019

QUALITY ASSESSMENT OF ACCESS SECURITY CONTROLS OVER FINANCIAL INFORMATION

QUALITY ASSESSMENT OF ACCESS SECURITY CONTROLS OVER FINANCIAL INFORMATION

Angel R. Otero, Christian Sonnenberg and LuAnn Bean
Nathan M. Bisk College of Business, Florida Institute of Technology, Melbourne, Florida, USA

ABSTRACT

Information security necessitates the implementation of safeguards to guarantee an adequate defense against attacks, threats, and breaches from occurring. Nonetheless, even with “adequate” defensive efforts, the taste for accessing sensitive and confidential financial information is too tempting, and attacks continue to escalate. Organizations must plan ahead so that identified attacks, threats, and breaches are appropriately managed to a successful resolution. A proven method to address information security problems is achieved through the effective implementation of access security controls. This paper proposes a quantitative approach for organizations to evaluate access security controls over financial information using Analytic Hierarchy Process (AHP), and determines which controls best suit management’s goals and objectives. Through a case study, the approach is proven successful in providing a way for measuring the quality of access security controls over financial information based on multiple application-specific criteria.

KEYWORDS

Information Security, Access Security Controls, Internal Controls, Analytic Hierarchy Process, Pairwise Comparisons. 





at No comments:
Labels: , , , ,

Tuesday, December 3, 2019

Call for Papers - 6th International Conference on Cryptography and Information Security (CRIS 2020)


6th International Conference on Cryptography and Information Security (CRIS 2020)

January 25 ~ 26, 2020, Zurich, Switzerland

https://cosit2020.org/cris/index.html

Scope & Topics

6th International Conference on Cryptography and Information Security (CRIS 2020) provides a forum for researchers who address this issue and to present their work in a peer-reviewed forum. It aims to bring together scientists, researchers and students to exchange novel ideas and results in all aspects of cryptography, coding and Information security.

Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in applied cryptography and Information security.

Topics of interest include, but are not limited to, the following:

  • Cryptographic Protocols
  • Cryptography and Coding
  • Untraceability
  • Privacy and Authentication
  • Key Management
  • Trust Management
  • Quantum Cryptography
  • Computational Intelligence in Security
  • Artificial Immune Systems
  • Biological and Evolutionary Computation
  • Intelligent Agents and Systems
  • Reinforcement and Unsupervised Learning
  • Autonomy-Oriented Computing
  • Co-evolutionary Algorithms
  • Fuzzy Systems
  • Biometric Security
  • Trust Models and Metrics
  • Regulation and Trust Mechanisms
  • Data Integrity
  • Models for Authentication, Trust and Authorization
  • Wireless Network Security
  • Information Hiding
  • E- Commerce
  • Data and System Integrity
  • Access Control and Intrusion Detection
  • Intrusion Detection and Vulnerability Assessment
  • Authentication and Non-repudiation
  • Identification and Authentication
  • Insider Threats and Countermeasures
  • Intrusion Detection & Prevention
  • Secure Cloud Computing
  • Security Information Systems Architecture and Design and Security Patterns
  • Security Management
  • Security Requirements (Threats, Vulnerabilities, Risk, Formal Methods, etc.)
  • Sensor and Mobile Ad Hoc Network Security
  • Service, Systems Design and QoS Network Security
  • Software Security
  • Security and Privacy in Mobile Systems
  • Security and Privacy in Pervasive/Ubiquitous Computing
  • Security and Privacy in Web Services
  • Security and Privacy Policies
  • Security Area Control
  • Security Deployment
  • Security Engineering
  • Security for Grid Computing
  • Security in Distributed Systems

Paper Submission

Authors are invited to submit papers through the conference Submission System by December 07, 2019. Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this conference. The proceedings of the conference will be published by Computer Science Conference Proceedings in Computer Science & Information Technology (CS & IT) series (Confirmed).

Selected papers from CRIS 2020, after further revisions, will be published in the special issues of the following journals


Important Dates

  • Submission Deadline : December 07, 2019
  • Authors Notification : December 26, 2019
  • Registration & Camera-Ready Paper Due : January 08, 2020

Contact Us

Here's where you can reach us: cris@cosit2020.org or crissecretary@gmail.com

Submission System

https://cosit2020.org/submission/index.php







at No comments:
Labels:

Monday, December 2, 2019

International Journal of Network Security & Its Applications (IJNSA)

International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html

Current Issue
November 2019, Volume 11, Number 6

Quality Assessment of Access Security Controls over Financial Information
Angel R. Otero, Christian Sonnenberg and LuAnn Bean, Florida Institute of Technology, USA

http://aircconline.com/ijnsa/V11N6/11619ijnsa01.pdf

http://airccse.org/journal/jnsa19_current.html


at No comments:
Labels:

Thursday, November 28, 2019

Call for Papers - 6th International Conference on Software Engineering (SEC 2020)

6th International Conference on Software Engineering (SEC 2020)
https://cosit2020.org/sec/index.html
January 25 ~ 26, 2020, Zurich, Switzerland

Submission Deadline : December 01, 2019

Contact us:

Here's where you can reach us : sec@cosit2020.org or secconf20@yahoo.com


at No comments:
Labels:

Tuesday, November 26, 2019

Call for Papers - International Journal of Network Security & Its Applications (IJNSA)


International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html
                
Scope & Topics

The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.

Topics of Interest include, but are not limited to, the following:

  • Network and Wireless Network Security
  • Mobile, Ad Hoc and Sensor Network Security
  • Peer-to-Peer Network Security
  • Database and System Security
  • Intrusion Detection and Prevention
  • Internet Security & Applications
  • Security & Network Management
  • E-mail security, Spam, Phishing, E-mail fraud
  • Virus, worms, Trojan Protection
  • Security threats & countermeasures (DDoS, MiM, Session Hijacking, Replay attack etc,)
  • Ubiquitous Computing Security
  • Web 2.0 security
  • Cryptographic protocols
  • Performance Evaluations of Protocols & Security Application

Paper submission

Authors are invited to submit papers for this journal through e-mail ijnsa@airccse.org or Submission System.  Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this Journal.

Important Dates

·         Submission Deadline : December 14, 2019
·         Notification                  : January 14, 2020
·         Final Manuscript Due  : January 22, 2020
·         Publication Date          : Determined by the Editor-in-Chief

Contact Us

Here's where you can reach us : ijnsa@airccse.org or ijnsa@aircconline.com

Submission System

http://coneco2009.com/submissions/imagination/home.html

Current issue URL : http://airccse.org/journal/jnsa19_current.html

Here you can reach us in social Medias

Facebook : https://www.facebook.com/profile.php?id=100009698498932
Twitter : https://twitter.com/CapeIjnsa
Academia : https://independent.academia.edu/BrendonClarke



at No comments:
Labels: ,

Tuesday, November 19, 2019

HANDOFF BASED SECURE CHECKPOINTING AND LOG BASED ROLLBACK RECOVERY FOR MOBILE HOSTS

HANDOFF BASED SECURE CHECKPOINTING AND LOG BASED ROLLBACK RECOVERY FOR MOBILE HOSTS
Priyanka Dey1 and Suparna Biswas2
1,2Department of Computer Science & Engineering, West Bengal University of Technology, Salt Lake, Kolkata

ABSTRACT

An efficient fault tolerant algorithm based on movement-based secure checkpointing and logging for mobile computing system is proposed here. The recovery scheme proposed here combines independent checkpointing and message logging. Here we consider mobility rate of the user in checkpointing so that mobile host can manage recovery information such as checkpoints and logs properly so that a mobile host takes less recovery time after failure. Mobile hosts save checkpoints when number of hand-off exceeds a predefined hand-off threshold value. Current approaches save logs in base station. But this approach maximizes recovery time if message passing frequency is large. If a mobile host saves log in its own memory, recovery cost will be less because log retrieval time will be small after failure. But there is a probability of memory crash of a mobile host. In that case logs can not be retrieved if it is saved only in mobile node. If the failure is transient then logs can be retrieved from the memory of mobile node. Hence in this algorithm mobile hosts also save log in own memory and base station. In case of crash recovery, log will be retrieved from base station and in case of transient failure recovery logs will be retrieved from mobile host. In this algorithm recovery probability is optimized and total recovery time is reduced in comparison to existing works. Logs are very small in size. Hence saving logs in mobile hosts does not cause much memory overhead. Hand-off threshold is a function of mobility rate, message passing frequency and failure rate of mobile hosts. This algorithm describes a secure checkpointing technique as a method for providing fault tolerance while preventing information leakage through the checkpoint data.

KEYWORDS

Fault-Tolerance, Mobile Computing, Checkpointing, Logging, hand-off, recovery time, crash failure,transient failure. 






at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)...