Pub Date : 2008-11-25DOI: 10.1109/NTMS.2008.ECP.74
Basel Alomair, R. Poovendran
Due to the stringent computational capabilities of low-cost RFID tags, many lightweight authentication protocols have been proposed recently aiming to achieve secure authentication via bitwise operations. Following each proposal, a series of papers have been published to point out serious limitations on the security of such protocols. In this paper, we provide a detailed analysis of the security of bitwise authentication protocols in the presence of active adversaries. We divide bitwise operations into two main categories and address the security limitations of each category. Our work aims to provide guidelines for protocol designers in order to avoid pitfalls that can dangerously undermine the security of the designed protocols.
{"title":"On the Authentication of RFID Systems with Bitwise Operations","authors":"Basel Alomair, R. Poovendran","doi":"10.1109/NTMS.2008.ECP.74","DOIUrl":"https://doi.org/10.1109/NTMS.2008.ECP.74","url":null,"abstract":"Due to the stringent computational capabilities of low-cost RFID tags, many lightweight authentication protocols have been proposed recently aiming to achieve secure authentication via bitwise operations. Following each proposal, a series of papers have been published to point out serious limitations on the security of such protocols. In this paper, we provide a detailed analysis of the security of bitwise authentication protocols in the presence of active adversaries. We divide bitwise operations into two main categories and address the security limitations of each category. Our work aims to provide guidelines for protocol designers in order to avoid pitfalls that can dangerously undermine the security of the designed protocols.","PeriodicalId":432307,"journal":{"name":"2008 New Technologies, Mobility and Security","volume":"361 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115933512","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays, security is considered as one of the most critical parameter for the acceptance of any wireless networking technology. Nevertheless, security in wireless mesh network (WMN) is still in its infancy as little attention has been rendered to this topic by the research community. So far the security issue in wireless mesh networking has rarely been addressed. As entire security of the network is as strong as the weakest component, integration of security mechanisms of heterogeneous wireless networks in the open wireless network environment has paramount significance. In this paper, we analyze the security- related characteristics, the fundamental security requirements and possible security attacks of wireless mesh network. We also propose a heterogeneous wireless network integration model along with the description of security reference points at the boundaries of the heterogeneous wireless networks. Finally, a possible application scenario based on our proposed model is described.
{"title":"Survey of Security Requirements, Attacks and Network Integration in Wireless Mesh Networks","authors":"Hassen Redwan, Ki-Hyung Kim","doi":"10.1109/FCST.2008.15","DOIUrl":"https://doi.org/10.1109/FCST.2008.15","url":null,"abstract":"Nowadays, security is considered as one of the most critical parameter for the acceptance of any wireless networking technology. Nevertheless, security in wireless mesh network (WMN) is still in its infancy as little attention has been rendered to this topic by the research community. So far the security issue in wireless mesh networking has rarely been addressed. As entire security of the network is as strong as the weakest component, integration of security mechanisms of heterogeneous wireless networks in the open wireless network environment has paramount significance. In this paper, we analyze the security- related characteristics, the fundamental security requirements and possible security attacks of wireless mesh network. We also propose a heterogeneous wireless network integration model along with the description of security reference points at the boundaries of the heterogeneous wireless networks. Finally, a possible application scenario based on our proposed model is described.","PeriodicalId":432307,"journal":{"name":"2008 New Technologies, Mobility and Security","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131970043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-25DOI: 10.1109/NTMS.2008.ECP.73
P. Papazoglou, Dimitrios Alexios Karras, R. C. Papademetriou
An improved simulation model is presented in this paper for modeling resource allocation strategies in wireless communications based on new event scheduling mechanisms involving real time systems methodologies. Such mechanisms are more suitable than the currently utilized Calendar Queue algorithm for simulating concurrent events in cellular networks. The proposed simulation model is based on a novel real time event scheduling algorithm extending the known in Discrete Event Simulation methodology, Calendar Queue algorithm. The new algorithm is analyzed and its implementation issues involving multithreading technology are discussed. The application of the new scheme in modeling GSM cellular networks shows significant enhancements with regards to network modeling performance compared to rival simulation modeling techniques.
{"title":"On Improved Event Scheduling Mechanisms for Wireless Communications Simulation Modelling","authors":"P. Papazoglou, Dimitrios Alexios Karras, R. C. Papademetriou","doi":"10.1109/NTMS.2008.ECP.73","DOIUrl":"https://doi.org/10.1109/NTMS.2008.ECP.73","url":null,"abstract":"An improved simulation model is presented in this paper for modeling resource allocation strategies in wireless communications based on new event scheduling mechanisms involving real time systems methodologies. Such mechanisms are more suitable than the currently utilized Calendar Queue algorithm for simulating concurrent events in cellular networks. The proposed simulation model is based on a novel real time event scheduling algorithm extending the known in Discrete Event Simulation methodology, Calendar Queue algorithm. The new algorithm is analyzed and its implementation issues involving multithreading technology are discussed. The application of the new scheme in modeling GSM cellular networks shows significant enhancements with regards to network modeling performance compared to rival simulation modeling techniques.","PeriodicalId":432307,"journal":{"name":"2008 New Technologies, Mobility and Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132402033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-25DOI: 10.1109/NTMS.2008.ECP.52
A. Sayouti, Fatima Qrichi Aniba, H. Medromi
In this paper we defend the advantages of a representation of agent behaviors, based on the concept of interaction. Although the behavior of an agent is usually included in its structure, we dissociate here the concept of agent from that of interaction, each one being associated with a specific ontology. This approach is especially valuable for increasing the reutilisability of the interactions, which are very often generic even in contexts where the agents are not. In a first part, we describe and compare our approach to the classic one. Then a list of properties is given to show the benefit to consider an interaction, not only as a communication means, but also as an entity shared by all agents and not reserved to some of them. An illustration of our approach is given in a road traffic application using VRML.
{"title":"Interactions Between Agents As Shared Resources in Multi-Agents Systems","authors":"A. Sayouti, Fatima Qrichi Aniba, H. Medromi","doi":"10.1109/NTMS.2008.ECP.52","DOIUrl":"https://doi.org/10.1109/NTMS.2008.ECP.52","url":null,"abstract":"In this paper we defend the advantages of a representation of agent behaviors, based on the concept of interaction. Although the behavior of an agent is usually included in its structure, we dissociate here the concept of agent from that of interaction, each one being associated with a specific ontology. This approach is especially valuable for increasing the reutilisability of the interactions, which are very often generic even in contexts where the agents are not. In a first part, we describe and compare our approach to the classic one. Then a list of properties is given to show the benefit to consider an interaction, not only as a communication means, but also as an entity shared by all agents and not reserved to some of them. An illustration of our approach is given in a road traffic application using VRML.","PeriodicalId":432307,"journal":{"name":"2008 New Technologies, Mobility and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130629711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-01DOI: 10.1109/NTMS.2008.ECP.100
Shuai Liu, Wei Li, Lingyu Wang
Over-encryption is a technique for managing evolving access control requirements in outsourced databases. In over-encryption, a data owner and outsourcing server collectively encrypt resources in such a way that users' accesses can be effectively controlled without the need for shipping the resources back to the owner. One potential limitation of the original over-encryption scheme is that it requires publishing a large amount of tokens. In this paper, we present a new key-assignment approach based on secret sharing. We first give two different key derivation schemes, and then we combine them as one scheme. We analyze the amount of public tokens required by the original over-encryption scheme and our scheme, and we show that our scheme can provide the same over-encryption capability more efficiently.
{"title":"Towards Efficient Over-Encryption in Outsourced Databases Using Secret Sharing","authors":"Shuai Liu, Wei Li, Lingyu Wang","doi":"10.1109/NTMS.2008.ECP.100","DOIUrl":"https://doi.org/10.1109/NTMS.2008.ECP.100","url":null,"abstract":"Over-encryption is a technique for managing evolving access control requirements in outsourced databases. In over-encryption, a data owner and outsourcing server collectively encrypt resources in such a way that users' accesses can be effectively controlled without the need for shipping the resources back to the owner. One potential limitation of the original over-encryption scheme is that it requires publishing a large amount of tokens. In this paper, we present a new key-assignment approach based on secret sharing. We first give two different key derivation schemes, and then we combine them as one scheme. We analyze the amount of public tokens required by the original over-encryption scheme and our scheme, and we show that our scheme can provide the same over-encryption capability more efficiently.","PeriodicalId":432307,"journal":{"name":"2008 New Technologies, Mobility and Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125573712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-01DOI: 10.1109/NTMS.2008.ECP.99
M. Badra, P. Urien
Nowadays, the TLS protocol (transport layer security) is the de facto standard for securing transactions across the Internet. It provides end-to-end secure communications with one way or mutual authentication between two network nodes. However, this protocol suffers from serious vulnerabilities because classical software implementations are not trusted and allow the use of falsified credentials (e.g. revoked and false certificates) and provide an unsecured storage of credentials (private keys, passwords, etc.). In this paper, we introduce the TLS smart card to prevent those issues and we describe the TLS Tandem protocol, a TLS extension cohabiting between two TLS software installed in both a docking host and a smart card. The card of our architecture, after which the TLS authentication is successfully performed, derives secret keys from the master secret key, and transmits these values to the TLS software installed in the docking host. We discuss the performance and the efficiency of TLS Tandem. The implementation and performances analysis are performed using smart cards and Java Card libraries.
{"title":"TLS Tandem","authors":"M. Badra, P. Urien","doi":"10.1109/NTMS.2008.ECP.99","DOIUrl":"https://doi.org/10.1109/NTMS.2008.ECP.99","url":null,"abstract":"Nowadays, the TLS protocol (transport layer security) is the de facto standard for securing transactions across the Internet. It provides end-to-end secure communications with one way or mutual authentication between two network nodes. However, this protocol suffers from serious vulnerabilities because classical software implementations are not trusted and allow the use of falsified credentials (e.g. revoked and false certificates) and provide an unsecured storage of credentials (private keys, passwords, etc.). In this paper, we introduce the TLS smart card to prevent those issues and we describe the TLS Tandem protocol, a TLS extension cohabiting between two TLS software installed in both a docking host and a smart card. The card of our architecture, after which the TLS authentication is successfully performed, derives secret keys from the master secret key, and transmits these values to the TLS software installed in the docking host. We discuss the performance and the efficiency of TLS Tandem. The implementation and performances analysis are performed using smart cards and Java Card libraries.","PeriodicalId":432307,"journal":{"name":"2008 New Technologies, Mobility and Security","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125119536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: