Search results

The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile application to a Java Card applet. The usage of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing or mobile digital identities has continuously risen in recent years. This development makes the protection of personal and security sensitive data on mobile devices more important than ever.

A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys stored in applications.

To address this issue, this paper presents a solution for fine-grained secure application-to-applet communication based on Secure Remote Password (SRP-6a and SRP-5), an authenticated key agreement protocol, with a user-provided password at run-time.

By exploiting the Java Card cryptographic application programming interfaces (APIs) and minor adaptations to the protocol, which do not affect the security, the authors were able to implement this scheme on Java Cards with reasonable computation time.

With the development of integrated circuit and communication technology, digital secure communication has become a research hotspot. This paper aims to design a five-dimensional fractional-order chaotic secure communication circuit with sliding mode synchronous based on microcontroller (MCU).

First, a five-dimensional fractional-order chaotic system for encryption is constructed. The approximate numerical solution of fractional-order chaotic system is calculated by Adomian decomposition method, and the phase diagram is obtained. Then, combined with the complexity and 0–1 test algorithm, the parameters of fractional-order chaotic system for encryption are selected. In addition, a sliding mode controller based on the new reaching law is constructed, and its stability is proved. The chaotic system can be synchronized in a short time by using sliding mode control synchronization.

The electronic circuit is implemented to verify the feasibility and effectiveness of the designed scheme.

It is feasible to realize fractional-order chaotic secure communication using MCU, and further reducing the synchronization error is the focus of future work.

In this paper, a nine-dimensional chaotic system is designed and applied to secure communication.

Firstly, the equilibrium characteristics, dissipativity, bifurcation diagram and Lyapunov exponent spectrum are used to analyze the relevant characteristics of the proposed nine-dimensional chaotic system. In the analysis of Lyapunov exponential spectrum, when changing the linear parameters, the system shows two states, hyperchaos and chaos. For secure communication, there is a large secret key space. Secondly, C0 complexity and SEcomplexity of the system are analyzed, which shows that the system has sequences closer to random sequences.

The proposed nine-dimensional system has a large key space and more complex dynamic characteristics

The results show that the proposed nine-dimensional hyperchaotic system has excellent encryption capabilities and can play an important role in the field of secure communication.

The purpose of this paper is to study lightweight security scheme for Internet of Things (IoT) applications using Constrained Application Protocol (CoAP). Resource-constrained characteristics of IoT systems have ushered in compelling requirements for lightweight application protocol and security suites. CoAP has already been established as the candidate protocol for IoT systems. However, low overhead security scheme for CoAP is still an open problem. Existing security solutions like Datagram Transport Layer Security (DTLS) is not suitable, particularly due to its expensive handshaking, public key infrastructure (PKI)-based authentication and lengthy ciphersuite agreement process.

This paper proposes a lightweight security scheme in CoAP using Advanced Encryption Standard (AES) 128 symmetric key algorithm. The paper presents an object security (payload embedded)-based robust authentication mechanism with integrated key management. The paper introduces few unique modifications to CoAP header to optimize security operation and minimize communication cost.

It is resilient to number of security attacks like replay attack, meet-in-the-middle attack and secure under chosen plaintext attack. This scheme is generic in nature, applicable for gamut of IoT applications. The paper proves efficacy of our proposed scheme for vehicle tracking application in emulated laboratory setup. Specifically, it compares with DTLS-enabled CoAP to establish the lightweight feature of our proposed solution.

This paper mainly focuses on implementing in-vehicle tracking systems as an IoT application and used CoAP as the application protocol.

Such a lightweight security scheme would provide immense benefit in IoT systems so that resource constraint-sensing devices and nodes can be made secure. This would impact IoT eco systems to a large extent.

Such kind of security suite that provides both robustness and lightweight feature is hitherto not known to the authors, particularly in CoAP for IoT applications.

Nowadays, to design the information security mechanism for computing and communication systems, there are various approaches available like cryptographic approach, game-theoretic approach, quantitative–qualitative analysis-based approach, cognitive-behavioral approach, digital forensic-based approach and swarm computing-based approach. The contemporary research in these various fields is independent in nature. The purpose of this paper is to investigate the relationship between these various approaches to information security and cybernetics.

To investigate the relationship between information security mechanisms and cybernetics, Norbert Wiener’s concepts and philosophy of the cybernetics have been used in the present work. For a detailed study, concepts, techniques and philosophy of the cybernetics have been extracted from the books of Norbert Wiener titled “The human use of human beings” and “Cybernetics or control and communication in the animal and the machine”.

By revisiting the concepts of the cybernetics from the information security perspectives, it has been found that the aspects of information security and the aspects of cybernetics have great bonding.

The present paper demonstrates how bonding between cybernetics and information security can be used to solve some of the complex research challenges in information security area.

The purpose of this paper is to clarify and demonstrate the core contributions of communication departments to organizational success beyond traditional ideas of messaging or information distribution. The main aim is to develop a better understanding of the different facets of value that the communication function delivers by introducing a distinction between strategic and operational contributions, following established management models.

The research is based on an extensive literature review at the nexus of communication management and strategic management research and ten qualitative case studies in large, internationally operating German organizations from different industries, combining in-depth interviews and document analyses.

The newly developed Communications Contributions Framework demonstrates that communications serve the corporation in four strategic and operational dimensions and emphasizes the critical role of communications in reflecting and adjusting organizational strategies, i.e. through identifying opportunities to innovate or securing intangible assets.

The paper outlines different application scenarios for how the new framework can be used in practice, i.e. as a multi-faceted rationale for explaining the impact of communication departments in the language of top management and reporting communication success in the logic of business.

The framework provides the first theoretically and empirically based “big picture” of communications’ contributions to corporate success, designed to lay ground for further discussions both in academia and in practice.

Aims to present intelligent authentication, authorization, and administration (I3A), a new concept that enables trust and information security between involved sides by agreement, rather than by over‐exercised enforcement. In order to understand the needs and motivators for the concept, seeks to discuss the areas of technology, policies, law, and human mindsets.

Discussing two examples of possible solutions that would use the concept in e‐commerce.

Offers an open platform for enabling I3A of cryptographic keys, certificates, and privileges and integrating the use of such with secured applications on a wide variety of devices and environments.

Probably the first real exposition of the new concept I3A.

The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .

In this study, the authors proposed a multi layer security approach for the detection of DDoS in IoT environment, which protects the smart devices from DDoS, this scheme also reduces the computational cost in the network under mobility condition.

Even though many works have been done for the security of wireless sensor network (WSN), all works have focused on encryption which depends on the key management strategy. In this study, the authors proposed a multilayer approach to analyze the layer wise security issues and also proposed a threshold-based countermeasure (TBC) for replay attack in each layer.

The results indicate that the proposed algorithm lowers the computational costs and energy consumption than in modern schemes. Also, the proposed research work improves the scalability of sensor networks using the TBC.

This study considers the potential of logistics 4.0 for supply chain (SC) optimization in French retail. The authors investigate the implementation of Industry 4.0 technologies to optimize SC performance in the retail sector and SC's role in the digital transformation in supply chain management (SCM).

The authors first carry out a comprehensive bibliographic taxonomy to highlight the different existing digital tools. Based on this, the authors posed three research questions (RQs) and hypotheses to examine the contribution of logistics 4.0 in improving the performance of retail logistics. Then, the authors considered a case study of retail in France based on qualitative and quantitative analysis to answer all the RQs and examine the hypotheses.

The results showed that digital tools such as Cyber Security Systems (CSS), Big Data Analytics (BDA) and Blockchain (BC) technology are the most effective and appropriate tools to optimize the SC performance in retail.

This research work showed that the implementation of these tools in retail can offer several benefits such as improved productivity, optimized delivery times, improved inventory management and secure real-time communication, which leads to improved profitability of the SC.

The study opens a door to develop practical roadmaps for companies that enable smart deliveries based on logistics 4.0.

This study proposes targeted modernization of the Department of Defense (DoD's) Joint Forces Ammunition Logistics information system by implementing the optimized innovative information technology open architecture design and integrating Radio Frequency Identification Device data technologies and real-time optimization and control mechanisms as the critical technology components of the solution. The innovative information technology, which pursues the focused logistics, will be deployed in 36 months at the estimated cost of $568 million in constant dollars. We estimate that the Systems, Applications, Products (SAP)-based enterprise integration solution that the Army currently pursues will cost another $1.5 billion through the year 2014; however, it is unlikely to deliver the intended technical capabilities.