Search results

Wu et al.'s scheme has a security problem that is related to anonymity: attackers can determine by interception the identity of a legal user. This paper aims to propose a new secure authentication which combines a chaos system with an Arnold cat map. The scheme improves upon that of the Wu et al.'s scheme. The scheme proposed herein provides for full anonymity and improves the security of authentication messages for wireless communications.

A novel scheme that integrates a chaos sequence is used with an Arnold cat map for authentication messages. Authentication messages are shuffled using an Arnold cat map to improve the security of authentication in wireless communications. An analytic approach based on a chaos sequence with an Arnold cat map is developed to secure authentication. The proposed scheme is presented in this study to overcome the inherent drawbacks of existing designs.

The integrated scheme involves two steps. First, a chaos map is used to generate a set of chaos sequences that is added to the authentication messages. Second, the authentication messages are shuffled using an Arnold cat map. The main feature of the proposed design is such that the chaos systems are sensitive to the initial values of conditions. Sensitivity will lead to long-term behavior unpredictability to reflect the non-linear dynamic systems. Furthermore, to increase the complexity of the authentication message, the authors also use an Arnold cat map.

The proposed scheme provides functions that include full anonymity properties, protection of the real identity of the user, one-time password properties, timestamp benefits and sufficient complexity of the password. The analysis shows that the proposed scheme exhibits the advantages of the chaos system and is more secure than previous schemes. Notably, the proposed scheme is effective for wireless communications.

Riding on the wave of intelligent transportation systems, the vehicular ad hoc network (VANET) is becoming a popular research topic. VANET is designed to build an environment where the vehicles can exchange information about the traffic conditions or vehicle situation to help the vehicles avoid traffic accidents or traffic jams. In order to keep the privacy of vehicles, the vehicles must be anonymous and the routing must be untraceable while still being able to be verified as legal entities. The paper aims to discuss these issues.

The exchanged messages must be authenticated to be genuine and verified that they were sent by a legal vehicle. The vehicles also can mutually trust and communicate confidentially. In VANETs, road-side units (RSUs) are installed to help the vehicles to obtain message authentication or communicate confidentially. However, the coverage of RSUs is limited due to the high cost of wide area installation. Therefore the vehicles must be able to obtain message authentication by themselves – without an RSU.

The authors take the concept of random key pre-distribution used in wireless sensor networks, modify it into a random secret pre-distribution, and integrate it with identity-based cryptography to make anonymous message authentication and private communication easier and safer. The authors construct a two-tier structure. The tier 1, trust authority, assigns n anonymous identities and embeds n secrets into these identities to be the private secret keys for the tier 2, registered vehicles. At any time, the vehicles can randomly choose one of n anonymous identities to obtain message authentication or communicate confidentially with other vehicles.

The processes of building neighbor set, setting pairing value, and message authenticating are proposed in this paper. The proposed method can protect against the attacks of compromising, masquerading, forging, and replying, and can also achieve the security requirements of VANET in message authentication, confidential communication, anonymity, and un-traceability. The performance of the proposed method is superior to the related works.

Pervasive computing environment allows the users to access the services anywhere and anytime. Due to the dynamicity, mobility, security, heterogeneity, and openness have become a major challenging task in the Pervasive computing environment. To solve the security issues and to increase the communication reliability, an authentication-based access control approach is developed in this research to ensure the level of security in the Pervasive computing environment.

This paper aims to propose authentication-based access control approach performs the authentication mechanism using the hashing, encryption, and decryption function. The proposed approach effectively achieves the conditional traceability of user credentials to enhance security. Moreover, the performance of the proposed authentication-based access control approach is estimated using the experimental analysis, and performance improvement is proved using the evaluation metrics. It inherent the tradeoff between authentication and access control in the Pervasive computing environment. Here, the service provider requires authorization and authentication for the provision of service, whereas the end-users require unlinkability and untraceability for data transactions.

The proposed authentication-based access control obtained 0.76, 22.836 GB, and 3.35 sec for detection rate, memory, and time by considering password attack, and 22.772GB and 4.51 sec for memory and time by considering without attack scenario.

The communication between the user and the service provider is progressed using the user public key in such a way that the private key of the user can be generated through the encryption function.

In this paper, we present Dynamic Re‐keying with Key Hopping (DRKH) encryption protocol that uses RC4 encryption technique to ensure a strong security level with the advantage of low execution cost compared to other IEEE 802.11 security schemes. Low computational complexity makes DRKH suitable for solar‐ and battery‐powered handheld devices such as nodes in Solar ESS (Extended Service Set) and wireless sensor networks. Our design goal is to eventually integrate DRKH with different emerging wireless technologies. However, in this paper, we will focus on the integration of DRKH with 802.11 standard since it is the most widely deployed wireless technology. The results and analysis show that DRKH overcomes all the security threats with Wired Equivalent Privacy (WEP) protocol while consuming a much lower power than WEP, Wi‐Fi Protected Access (WPA) 1.0 and WPA 2.0.

Nowadays, connected vehicles are becoming quite complex systems which are made up of different devices. In such a vehicle, there are several electronic control units (ECUs) that represent basic units of computation. These ECUs communicate with each other over the Controller Area Network (CAN) bus protocol which ensures a high communication rate. Even though it is an efficient standard which provides communication for in-vehicle networks, it is prone to various cybersecurity attacks. This paper aims to present a systematic literature review (SLR) which focuses on potential attacks on CAN bus networks. Then, it surveys the solutions proposed to overcome these attacks. In addition, it investigates the validation strategies aiming to check their accuracy and correctness.

The authors have adopted the SLR methodology to summarize existing research papers that focus on the potential attacks on CAN bus networks. In addition, they compare the selected papers by classifying them according to the adopted validation strategies. They identify also gaps in the existing literature and provide a set of open challenges that can significantly improve the existing works.

The study showed that most of the examined papers adopted the simulation as a validation strategy to imitate the system behavior and evaluate a set of performance criteria. Nevertheless, a little consideration has been given to the formal verification of the proposed systems.

Unlike the existing surveys, this paper presents the first SLR that identifies local and remote security attacks that can compromise in-vehicle and inter-vehicle communications. Moreover, it compares the reviewed papers while focusing on the used validation strategies.

The Grid is widely seen as the next generation Internet. Aims to share dynamic collections of individuals, institutions and resources by providing consistent, easy and inexpensive access to high‐end computational capabilities. Studies Grid security and specifically users' access control. It has been proved that the viability of these heterogeneous environments is highly dependent on their security design. Solutions trying to address all aspects of security were proposed by most existing Grid projects and collaborations; however the results were not always satisfactory. Reviews some of the most widely‐accepted security solutions, and collects the most efficient. Emphasizes access control procedures and the solutions addressing authentication and authorization issues. Identifies the most successful security schemes implemented and illustrates their effectiveness. Collects these mechanisms to form the backbone of a security mechanism, addressing authentication and authorization Grid‐specific problems. The proposed schemes can constitute the backbone of an effective Grid security architecture.

As more and more information is moved around the organization and the world using the growing E‐mail and electronic messaging infrastructure, what technologies are available to ensure that these messages are protected, that the recipient is positive of the sender′s identity and that messages are not damaged or altered in transit? The paper‐based world of message exchange takes these capabilities for granted by using envelopes and signatures. How are these and similar protection mechanisms implemented in the world of electronic documents, E‐mail and electronic messaging? Provides a survey of the technology used to provide digital signatures, message authentication and message protection. It explains how these technologies work and how they can be used in an existing messaging infrastructure to allow the sending and receiving of sensitive information.

The proliferation of mobile phones with integrated sensors makes large scale sensing possible at low cost. During mobile sensing, data mostly contain sensitive information of users such as their real-time location. When such information are not effectively secured, users’ privacy can be violated due to eavesdropping and information disclosure. In this paper, we demonstrated the possibility of unauthorized access to location information of a user during sensing due to the ineffective security mechanisms in most sensing applications. We analyzed 40 apps downloaded from Google Play Store and results showed a 100% success rate in traffic interception and disclosure of sensitive information of users. As a countermeasure, a security scheme which ensures encryption and authentication of sensed data using Advanced Encryption Standard 256-Galois Counter Mode was proposed. End-to-end security of location and motion data from smartphone sensors are ensured using the proposed security scheme. Security analysis of the proposed scheme showed it to be effective in protecting Android based sensor data against eavesdropping, information disclosure and data modification.

This paper presents a framework for analyzing e‐commerce security. The framework is developed by analyzing the relationships between e‐commerce security needs, threats, technologies and tools. Organizations can use the framework to evaluate and select security for e‐commerce.

The purpose of this paper is to investigate the latest research related to secure routing protocols in Wireless Sensor Network (WSN) and propose a new approach that can achieve a higher security level compared to the existing one. One of the main security issues in WSNs is the security of routing protocols. A typical WSN consists of a large number of small size, low-power, low-cost sensor devices. These devices are very resource-constrained and usually use cheap short-range radios to communicate with each other in an ad hoc fashion thus, achieving security in these networks is a big challenge, which is open for research.

The route updates and data messages of the protocol are authenticated using Edwards-curves Digital Signature Algorithm (EdDSA). Routing protocols play an essential role in WSNs, they ensure the delivery of the sensed data from the remote sensor nodes to back-end systems via a data sink. Routing protocols depend on route updates received from neighboring nodes to determine the best path to the sink. Manipulating these updates by inserting rouge nodes in the network that advertise false updates can lead to a catastrophic impact on the compromised WSN performance.

As a result, a new secure energy-aware routing protocol (SEARP) is proposed, which uses security enhanced clustering algorithm and EdDSA to authenticate route advertisements and messages. A secure clustering algorithm is also used as part of the proposed protocol to conserve energy, prolong network lifetime and counteract wormhole attacks.

In this paper, a SEARP is proposed to address network layer security attacks in WSNs. A secure clustering algorithm is also used as part of the proposed protocol to conserve energy, prolong network lifetime and counteract wormhole attacks. A simulation has been carried out using Sensoria Simulator and the performance evaluation has been discussed.