Search results

This study aims to evaluate the direct trust value for each node and calculate the trust value of all nodes satisfying the condition and update the trust value and value each trust update interval for a secure and efficient communication between sender and destination node. Hence, a Trusted Secure Geographic Routing Protocol (TSGRP) has been proposed for detecting attackers (presence of the hacker), considering the trust value for a node produced by combining the location trusted information and the direct trusted information.

Amelioration in the research studies related to mobile ad hoc networks (MANETs) and wireless sensor networks has shown greater concern in the presence of malicious nodes, due to which the delivery percentage in any given network can degrade to a larger extent, and hence make the network less reliable and more vulnerable to security.

TSGRP has outperformed the conventional protocols for detecting attacks in MANET. TSGRP is establishing a trust-based secure communication between the sender and destination node. The evaluated direct trust value is used after the transmission of route-request and route-reply packets, to evaluate the direct trust value of each node and a secure path is established between the sender and the destination node. The effectiveness of the proposed TSGRP is evaluated through NS-2 simulation.

The simulation results show the delay of the proposed method is 92% less than PRISM approach and the overhead of the proposed TSGRP approach is 61% less than PRISM approach.

The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile application to a Java Card applet. The usage of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing or mobile digital identities has continuously risen in recent years. This development makes the protection of personal and security sensitive data on mobile devices more important than ever.

A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys stored in applications.

To address this issue, this paper presents a solution for fine-grained secure application-to-applet communication based on Secure Remote Password (SRP-6a and SRP-5), an authenticated key agreement protocol, with a user-provided password at run-time.

By exploiting the Java Card cryptographic application programming interfaces (APIs) and minor adaptations to the protocol, which do not affect the security, the authors were able to implement this scheme on Java Cards with reasonable computation time.

Due to the connectivity of the multiple devices and the systems on the same network, rapid development has become possible in Internet of Things (IoTs) for the last decade. But, IoT is mostly affected with severe security challenges due to the potential vulnerabilities happened through the multiple connectivity of sensors, devices and system. In order to handle the security challenges, literature presents a handful of security protocols for IoT. The purpose of this paper is to present a threat profiling and elliptic curve cryptography (ECC)-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and authorization centre (AC) performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks. Finally, DPWSim is utilized for simulation of IoT and verification of proposed protocol to show that the protocol is secure against passive and active attacks.

In this work, the authors have presented a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and AC performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks.

DPWSim is utilized for simulation of IoT and verification of the proposed protocol to show that this protocol is secure against passive and active attacks. Also, attack analysis is carried out to prove the robustness of the proposed protocol against the password guessing attack, impersonation attack, server spoofing attack, stolen verifier attack and reply attack.

This paper presents a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs.

This paper addresses a gap in research literature in the fields of blockchain technology (BC), supply chain network dynamics (SC) and network effect phenomena (NE). Extant BC and SC literature describes the potential benefits to be reaped through the adoption of BC technology. While BC technology does not yet meet the researched expectations of adoption, performance and efficacy, the authors analyze the three inter-related fields (BC, SC and NE) to bridge this gap in theory.

This paper begins with a research review correlating the technological fundamentals of BC technology into fundamental value propositions for SC logistics contexts. The authors review the gap between these theoretical technological functions and the current ecosystem of BC applications. With an overarching understanding of BC in SC contexts, this paper then explores the phenomena of NE and attempts to synthesize various interrelated aspects of the three fields (BC, SC and NE). Research frameworks from extant literature are used for cross-comparing legacy software/information system solutions with potential and existing BC-based solutions. Case studies are utilized to support this analysis.

Several key considerations and themes are identified to better inform practitioner and researcher decision-making. Novel insights pertain to BC platform architecture and application modularity, integrated governance and decision-making capabilities, and the automation capabilities that arise from a healthy application and smart contract ecosystem.

The core contribution is the synthesis of network effect theory with SC phenomena and BC theory and the exploration of how these three fields are inter-related in the maturation of BC technology. Specifically, the authors deepen insights from extant literature by contextualizing findings with relevant interdisciplinary theoretical frameworks.

Mobile agent‐based e‐marketplaces are business applications that have been developed as flexible and efficient approaches to help companies or corporations to extend their businesses to outreach larger markets without regional and continental boundaries. Every distributed system is unable to avoid security problems due to the open internet environment. Mobile agent‐based e‐marketplaces are no exceptions. The purpose of this paper is to design and implement a framework and system of a secure and trustworthy mobile agent‐based e‐marketplace to overcome this problem.

The authors present an analysis and evaluation of a secure and trustworthy mobile agent‐based e‐marketplace, which was specified and prototyped. The experimental results of the implemented system are used to address the evaluation of the system. The discussion of the solution is also presented.

The evaluation and performance results show that the proposed framework and system have the ability to provide a secure and efficient e‐marketplace environment for trading products. The authors draw conclusions and highlight future work on this specific research area.

The performance and scalability are the two most important issues for mobile‐agent based systems together with their feasibility. The evaluation and performance results are used to reflect the results of the research in its entirety.

Supervisory control and data acquisition (SCADA) systems are widely used by utility companies during the production and distribution of oil, gas, chemicals, electric power, and water to control and monitor these operations. A cyber attack on a SCADA system cannot only result in a major financial disaster but also in devastating damage to public safety and health. The purpose of this paper is to survey the literature on the cyber security of SCADA systems and then suggest two categories of security solutions.

The paper proposes the use of secure socket layer/transport layer security (SSL/TLS) and IP security (IPsec) solutions, implemented on the test‐bed at the University of Louisville, as the optimal choices when considering the level of security a solution can provide and the difficulty of implementing such a security measure. The paper analyzes these two solution choices, discuss their advantages and disadvantages, and present details on efficient ways of implementing these solutions.

The SSL/TLS solution to the protocol security using public domain toolkits such as OpenSSL may provide a fast, effective, and economical solution. However, the SSL/TLS protocol and its implementation toolkits have their limitations so this approach may need another enhancement.

IPsec can be used to provide IP‐level security in addition to SSL/TLS.

The use of these enhanced security approaches in SCADA systems should effectively reduce the vulnerability of these critical systems to malicious cyber attacks, and thereby potentially avoiding the serious consequences of such attacks.

Mobile agent‐based e‐marketplace is one type of business application that has been developed as a flexible and efficient approach to help companies or corporations to extend their businesses to outreach larger markets without regional and continental boundaries. However, every distributed system is unable to avoid the security problems due to the open internet environment. Mobile agent‐based e‐marketplaces are no exception. Thus, the security of mobile agents is a crucial factor in the design of mobile agent‐based e‐marketplaces. To overcome this kind of problem, the purpose of this paper is to design and implement a framework and system of secure and trustworthy mobile agent based e‐marketplace.

This paper presents the system design for the system implementation based on the designed framework. It includes three major aspects: the design issues, system design and development environment and tools for system implementation. The system architecture, use case diagram and use case specifications are presented in the system design section.

The system design is an essential step that is required before a prototype system is implemented. The system is designed based on the described and outlined requirements and evaluation criteria, therefore, to support a secure and trustworthy trading environment. The paper is concluded by discussing and highlighting further research work.

This paper presents the system design for implementing a secure and trustworthy mobile agent‐based e‐marketplace system by using the latest version of UML modeling tool and techniques.

A wireless body area network (WBAN) is a collection of sensing devices attached to a person’s body that is typically used during health care to track their physical state. This paper aims to study the security challenges and various attacks that occurred while transferring a person’s sensitive medical diagnosis information in WBAN.

This technology has significantly gained prominence in the medical field. These wearable sensors are transferring information to doctors, and there are numerous possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. As a result, mutual authentication and session key negotiations are critical security challenges for wearable sensing devices in WBAN. This work proposes an improved mutual authentication and key agreement protocol for wearable sensing devices in WBAN. The existing related schemes require more computational and storage requirements, but the proposed method provides a flexible solution with less complexity.

As sensor devices are resource-constrained, proposed approach only makes use of cryptographic hash-functions and bit-wise XOR operations, hence it is lightweight and flexible. The protocol’s security is validated using the AVISPA tool, and it will withstand various security attacks. The proposed protocol’s simulation and performance analysis are compared to current relevant schemes and show that it produces efficient outcomes.

This technology has significantly gained prominence in the medical sector. These sensing devises transmit information to doctors, and there are possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. Hence, this paper proposes a lightweight and flexible protocol for mutual authentication and key agreement for wearable sensing devices in WBAN only makes use of cryptographic hash-functions and bit-wise XOR operations. The proposed protocol is simulated using AVISPA tool and its performance is better compared to the existing methods. This paper proposes a novel improved mutual authentication and key-agreement protocol for wearable sensing devices in WBAN.

The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .

In this study, the authors proposed a multi layer security approach for the detection of DDoS in IoT environment, which protects the smart devices from DDoS, this scheme also reduces the computational cost in the network under mobility condition.

Even though many works have been done for the security of wireless sensor network (WSN), all works have focused on encryption which depends on the key management strategy. In this study, the authors proposed a multilayer approach to analyze the layer wise security issues and also proposed a threshold-based countermeasure (TBC) for replay attack in each layer.

The results indicate that the proposed algorithm lowers the computational costs and energy consumption than in modern schemes. Also, the proposed research work improves the scalability of sensor networks using the TBC.