Online ISSN
1751-8717
Print ISSN
1751-8709
IET Information Security
Volume 1, Issue 4, December 2007
Volumes & issues:
Volume 1, Issue 4
December 2007
-
- Author(s): L. Lu ; R. Safavi-Naini ; J. Horton ; W. Susilo
- Source: IET Information Security, Volume 1, Issue 4, p. 143 –151
- DOI: 10.1049/iet-ifs:20060171
- Type: Article
- + Show details - Hide details
-
p.
143
–151
(9)
Firewalls are one of the essential components of secure networks. However, configuring firewall rule tables for large networks with complex security requirements is a difficult and error prone task. A method of representing firewall rule table that allows comparison of two tables is developed, and an algorithm that determines if two tables are equivalent is provided. (That is the set of packets that are permitted by the two tables are the same.) How such algorithm can assist system administrators to correctly implement organisational policy is discussed. The proposed approach is implemented and the results of the experiments are shown. - Author(s): C. Chigan ; L. Li ; Y. Ye
- Source: IET Information Security, Volume 1, Issue 4, p. 152 –162
- DOI: 10.1049/iet-ifs:20060026
- Type: Article
- + Show details - Hide details
-
p.
152
–162
(11)
Providing satisfactory security services in mobile ad hoc network (MANET) is indispensable to their mission critical applications; however, often a highly secure mechanism inevitably consumes a rather large amount of system resources, which in turn may unintentionally cause a security provisioning denial-of-service (SPDoS) attack. To avoid SPDoS attack, a framework is presented to design a resource-aware self-adaptive network security provisioning scheme for the resource constraint MANET. With the support of the offline optimal secure protocol selection module and the online self-adaptive security control module, the framework is capable of deploying different combinations of secure protocols to satisfy different security needs at different conditions for different applications. Consequently, the proposed self-adaptive security provisioning achieves the maximum overall network security services and network performance services, without causing the SPDoS attack. Moreover, it provides additional security capability via security services hopping - Author(s): O.O. Obi ; F.H. Ali ; E. Stipidis
- Source: IET Information Security, Volume 1, Issue 4, p. 163 –166
- DOI: 10.1049/iet-ifs:20060132
- Type: Article
- + Show details - Hide details
-
p.
163
–166
(4)
The Paillier scheme encryption, (m, r) → c=gmrN mod N2, where m is in ℤN, r is in ℤN*, N=pq (p, q being strong primes) and g is an element of ℤ*N2 of order a multiple of N, is decrypted by m mod N= (L(cλ mod N2)/L(gλ mod N2)) mod N, where L is defined on all u in ℤ*N2 such that u mod N = 1, by L(u)=(u−1)/N. In the generalisation of the scheme by Damgård and Jurik, the modulus N2 is replaced by N1+s, 1 ≤ s < p, q, but an explicit expression for decryption was not given. Rather a method, the only one known so far, was found for decryption, by first encoding the ciphertext and then using an algorithm of a quadratic order of complexity in s to extract the plaintext part by part therefrom.This gap is filled. An explicit expression for decryption in this setting is presented, which is more straight forward, linear in s in complexity and hence more efficient and reduces to the original Paillier L function for s=1. - Author(s): L. Dang ; W. Kou ; N. Dang ; H. Li ; B. Zhao ; K. Fan
- Source: IET Information Security, Volume 1, Issue 4, p. 167 –173
- DOI: 10.1049/iet-ifs:20070010
- Type: Article
- + Show details - Hide details
-
p.
167
–173
(7)
A secure and efficient mobile IP (MIP) registration protocol using certificateless signature scheme is proposed. The protocol minimises the registration time through minimal usage of an efficient certificateless signature scheme between a foreign agent (FA) and a home agent (HA). Protocol parameters can be kept resynchronised by reusing the initial values in the MIP registration in case the synchronisation between a mobile node (MN) and HA is lost. User anonymity is achieved via a temporary identity transmitted by a mobile user, instead of its true identity. Additional replay protection from the FA is included in the registration messages to prevent a possible replay attack. Numerical results and performance analyses demonstrate that the proposed protocol outperforms the existing ones in terms of the registration time, registration signalling traffic and computational load on an MN while providing improved security. For example, the proposed protocol reduces the registration time up to ∼83% compared with the protocol from Yang.
Comparing and debugging firewall rule tables
Self-adaptive approach for resource-aware security provisioning in wireless ad hoc networks
Explicit expression for decryption in a generalisation of the Paillier scheme
Mobile IP registration in certificateless public key infrastructure
Most viewed content for this Journal
Article
content/journals/iet-ifs
Journal
5
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article