Most Viewed Article for an year in Academia!

International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html

SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS
https://www.academia.edu/38888363/SECURITY_and_PRIVACY_THREATS_ATTACKS_AND_COUNTERMEASURES_IN_INTERNET_OF_THINGS

Original Source URL : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf

http://airccse.org/journal/jnsa19_current.html

A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications

A Novel Fair Anonymous Contract Signing Protocol for E-Commerce Applications

H.Jayasree1 and Dr. A.Damodaram2

1Assoc. Prof, Dept. of IT, ATRI, Hyderabad.

2Director – Academic Audit Cell & Prof. of CSE Dept, JNTUH, Kukatpally, Hyderabad.

Abstract 

With the economy developing and popular Internet, the general concept of contract signing has changed. In the past, people usually sign a contract at the same time and same place face to face, but actually each party involved in contract may live in different part of earth, they want to sign something for business or some other things in economic, efficient, secure and fairway. A fair contract signing protocol allows two potentially mis-trusted parities to exchange their commitments (i.e., digital signatures) to an agreed contract over the Internet in a fair way, so that either each of them obtains the other’s signature, or neither party does. Based on the LUCAS signature scheme, a new digital anonymous contract signing protocol is proposed in this paper. Like the existing LUCAS-based solutions for the same problem, our protocol is fair, anonymous and optimistic. Furthermore, the proposed protocol satisfied a new property, i.e., it is abuse-free. That is, if the protocol is executed unsuccessfully, either of the two parties can not show the validity of intermediate results to others.

Keywords

Contract signing, fair-exchange, digital signatures, LUCAS, e-commerce, cryptographic protocols, security. 

Original Source URL : http://airccse.org/journal/nsa/0912nsa09.pdf

http://airccse.org/journal/jnsa12_current.html

Most Downloaded Article for an year in Academia!

International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html

SECURITY& PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS

https://www.academia.edu/38888363/SECURITY_and_PRIVACY_THREATS_ATTACKS_AND_COUNTERMEASURES_IN_INTERNET_OF_THINGS

https://www.academia.edu/41358823/Most_Downloaded_Article_for_an_year_in_Academia_-_International_Journal_of_Network_Security_and_Its_Applications_IJNSA_

HEALTHCARE IT: IS YOUR INFORMATION AT RISK?

HEALTHCARE IT: IS YOUR INFORMATION AT RISK?

Kimmarie Donahue1 and Syed (Shawon) M. Rahman, PhD2

1Information Assurance Project Lead, San Antonio, TX, USA

2Assistant Professor, University of Hawaii-Hilo, Hilo, USA and Adjunct Faculty, Capella University, Minneapolis,USA

ABSTRACT

Healthcare Information Technology (IT) has made great advances over the past few years and while these advances have enable healthcare professionals to provide higher quality healthcare to a larger number of individuals it also provides the criminal element more opportunities to access sensitive information, such as patient protected health information (PHI) and Personal identification Information (PII). Having an Information Assurance (IA) programallows for the protection of information and information systems andensures the organization is in compliance with all requires regulations, laws and directive is essential. While most organizations have such a policy in place, often it is inadequate to ensure the proper protection to prevent security breaches. The increase of data breaches in the last few years demonstrates the importance of an effective IA program. To ensure an effective IA policy, the policy must manage the operational risk, including identifying risks, assessment and mitigation of identified risks and ongoing monitoring to ensure compliance.

KEYWORDS

Information Assurance, Personal Identification Information, Protected Health Information, and IT Security

Original Source URL : http://airccse.org/journal/nsa/0912nsa08.pdf

http://airccse.org/journal/jnsa12_current.html

COMPARISON OF CERTIFICATE POLICIES FORMERGING PUBLIC KEY INFRASTRUCTURESDURING MERGER AND ACQUISITION OF COMPANIES

COMPARISON OF CERTIFICATE POLICIES FORMERGING PUBLIC KEY INFRASTRUCTURESDURING MERGER AND ACQUISITION OF COMPANIES

Balachandra Muniyal1, Prema K.V2, Mamatha Balachandra3

1Dept. of Information and Communication Technology, Manipal Institute of Technology, Manipal University, Manipal,India

2Dept. of Computer Science and Engineering, Modi Institute of Technological Sciences, Jaipur, India

3Dept. of Computer Science and Engineering, Manipal Institute of Technology, Manipal University, Manipal,India 

ABSTRACT

The Public Key Infrastructure(PKI) provides facilities for data encryption, digital signature and time stamping. It is a system where different authorities verify and authenticate the validity of each participant with the use of digital certificates. A Certificate Policy (CP) is a named set of rules and it indicates the applicability of a certificate in a Public Key Infrastructure. Sometimes two companies or organizations with different PKIs merge. Therefore it would be necessary that their PKIs are also able to merge. Sometimes, the unification of different PKIs is not possible because of the different certificate policies. This paper presents a method to compare and assess certificate policies during merger and acquisition of companies.

KEYWORDS

Public Key Infrastructure(PKI), Certification Authority(CA), Certificate Policy(CP), Certificate Practice Statement(CPS), Cross-Certification, PKI Interoperability. 

ORIGINAL SOURCE URL : http://airccse.org/journal/nsa/0912nsa07.pdf

http://airccse.org/journal/jnsa12_current.html

SECURITY V/S QOS FOR LTE AUTHENTICATION AND KEY AGREEMENT PROTOCOL

SECURITY V/S QOS FOR LTE AUTHENTICATION AND KEY AGREEMENT PROTOCOL

Jacques Bou Abdo1, Jacques Demerjian2 and Hakima Chaouchi3

1Nokia Siemens Networks, Beirut, Lebanon

2Faculty of Engineering, Antonine University, Baabda, Lebanon

3Telecom Sud Paris, Institut Telecom, CNRS SAMOVAR, UMR 5751, Paris, France

ABSTRACT

Protocol and technology convergence, the core of near future communication, will soon be forming the interoperating heterogeneous networks. Attaining a strict secure authentication without risking the QoS performance and call success rates is a major concern when it comes to wireless heterogeneous networks. In order to achieve this, a generic, fast and secure, Authentication and Key Agreement protocol is to be used; a version of which is to be implemented between each two technologies. In this research, different existing EPS-EPS AKA protocols will be compared with our proposed protocol EC-AKA (Ensure Confidentiality Authentication and Key Agreement) based on security, cost effectiveness, signaling overhead, delay and performance. It is proven that EC-AKA is the exclusive protocol satisfying the New Generation Network’s KPIs and it will be promoted as the target generic AKA protocol in heterogeneous networks.

KEYWORDS

Authentication, LTE Security, EPS, Mobile Security, AKA, EC-AKA, NGN

ORIGINAL SOURCE URL : http://airccse.org/journal/nsa/0912nsa06.pdf

http://airccse.org/journal/jnsa12_current.html

QUALITY ASSESSMENT OF ACCESS SECURITY CONTROLS OVER FINANCIAL INFORMATION

QUALITY ASSESSMENT OF ACCESS SECURITY CONTROLS OVER FINANCIAL INFORMATION

Angel R. Otero, Christian Sonnenberg and LuAnn Bean

Nathan M. Bisk College of Business, Florida Institute of Technology, Melbourne, Florida, USA

ABSTRACT

Information security necessitates the implementation of safeguards to guarantee an adequate defense against attacks, threats, and breaches from occurring. Nonetheless, even with “adequate” defensive efforts, the taste for accessing sensitive and confidential financial information is too tempting, and attacks continue to escalate. Organizations must plan ahead so that identified attacks, threats, and breaches are appropriately managed to a successful resolution. A proven method to address information security problems is achieved through the effective implementation of access security controls. This paper proposes a quantitative approach for organizations to evaluate access security controls over financial information using Analytic Hierarchy Process (AHP), and determines which controls best suit management’s goals and objectives. Through a case study, the approach is proven successful in providing a way for measuring the quality of access security controls over financial information based on multiple application-specific criteria.

KEYWORDS

Information Security, Access Security Controls, Internal Controls, Analytic Hierarchy Process, Pairwise Comparisons. 

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V11N6/11619ijnsa01.pdf

http://airccse.org/journal/jnsa19_current.html

Call for Papers - 6th International Conference on Cryptography and Information Security (CRIS 2020)

6^th International Conference on Cryptography and Information Security (CRIS 2020)

January 25 ~ 26, 2020, Zurich, Switzerland

https://cosit2020.org/cris/index.html

Scope & Topics

6^th International Conference on Cryptography and Information Security (CRIS 2020) provides a forum for researchers who address this issue and to present their work in a peer-reviewed forum. It aims to bring together scientists, researchers and students to exchange novel ideas and results in all aspects of cryptography, coding and Information security.

Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in applied cryptography and Information security.

Topics of interest include, but are not limited to, the following:

• Cryptographic Protocols
• Cryptography and Coding
• Untraceability
• Privacy and Authentication
• Key Management
• Trust Management
• Quantum Cryptography
• Computational Intelligence in Security
• Artificial Immune Systems
• Biological and Evolutionary Computation
• Intelligent Agents and Systems
• Reinforcement and Unsupervised Learning
• Autonomy-Oriented Computing
• Co-evolutionary Algorithms
• Fuzzy Systems
• Biometric Security
• Trust Models and Metrics
• Regulation and Trust Mechanisms
• Data Integrity
• Models for Authentication, Trust and Authorization
• Wireless Network Security
• Information Hiding
• E- Commerce
• Data and System Integrity
• Access Control and Intrusion Detection
• Intrusion Detection and Vulnerability Assessment
• Authentication and Non-repudiation
• Identification and Authentication
• Insider Threats and Countermeasures
• Intrusion Detection & Prevention
• Secure Cloud Computing
• Security Information Systems Architecture and Design and Security Patterns
• Security Management
• Security Requirements (Threats, Vulnerabilities, Risk, Formal Methods, etc.)
• Sensor and Mobile Ad Hoc Network Security
• Service, Systems Design and QoS Network Security
• Software Security
• Security and Privacy in Mobile Systems
• Security and Privacy in Pervasive/Ubiquitous Computing
• Security and Privacy in Web Services
• Security and Privacy Policies
• Security Area Control
• Security Deployment
• Security Engineering
• Security for Grid Computing
• Security in Distributed Systems

Paper Submission

Authors are invited to submit papers through the conference Submission System by December 07, 2019. Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this conference. The proceedings of the conference will be published by Computer Science Conference Proceedings in Computer Science & Information Technology (CS & IT) series (Confirmed).

Selected papers from CRIS 2020, after further revisions, will be published in the special issues of the following journals

• International Journal on Cryptography and Information Security (IJCIS)
• International Journal of Network Security & Its Applications (IJNSA) – ERA Indexed, UGC Listed
• International Journal of Wireless & Mobile Networks (IJWMN) – ERA Indexed
• International Journal of Security, Privacy and Trust Management (IJSPTM)
• Information Technology in Industry (ITII) – ESCI(WOS) Indexed

Important Dates

• Submission Deadline : December 07, 2019
• Authors Notification : December 26, 2019
• Registration & Camera-Ready Paper Due : January 08, 2020

Contact Us

Here's where you can reach us: cris@cosit2020.org or crissecretary@gmail.com

Submission System

https://cosit2020.org/submission/index.php

International Journal of Network Security & Its Applications (IJNSA)

International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html

Current Issue
November 2019, Volume 11, Number 6

Quality Assessment of Access Security Controls over Financial Information
Angel R. Otero, Christian Sonnenberg and LuAnn Bean, Florida Institute of Technology, USA

http://aircconline.com/ijnsa/V11N6/11619ijnsa01.pdf

http://airccse.org/journal/jnsa19_current.html