IET Information Security
Volume 7, Issue 1, March 2013
Volumes & issues:
Volume 7, Issue 1
March 2013
-
- Author(s): Zheng Yan ; Guojun Wang ; Robert H. Deng ; Audun Jøsang
- Source: IET Information Security, Volume 7, Issue 1, p. 1 –2
- DOI: 10.1049/iet-ifs.2013.0043
- Type: Article
- + Show details - Hide details
-
p.
1
–2
(2)
Special Issue on Trust and Identity Management in Mobile and Internet Computing and Communications
-
- Author(s): Chun-Ta Li
- Source: IET Information Security, Volume 7, Issue 1, p. 3 –10
- DOI: 10.1049/iet-ifs.2012.0058
- Type: Article
- + Show details - Hide details
-
p.
3
–10
(8)
Password authentication has been widely used in computer networks to provide secure remote access control. In this study, the authors show that the improved password authentication and update scheme based on elliptic curve cryptography proposed by Islam and Biswas is vulnerable to offline password guessing, stolen-verifier and insider attacks. We propose an advanced smart card-based password authentication and update scheme and extend the scheme to provide the privacy of the client. By comparing the criteria with other related schemes, our scheme not only solves several hard security threats but also satisfies more functionality features.
- Author(s): Kun Peng
- Source: IET Information Security, Volume 7, Issue 1, p. 11 –21
- DOI: 10.1049/iet-ifs.2012.0076
- Type: Article
- + Show details - Hide details
-
p.
11
–21
(11)
Bid validity proof and verification is an efficiency bottleneck and privacy drawback in homomorphic e-auction. The existing bid validity proof technique is inefficient and only achieves honest-verifier zero knowledge (ZK). In this study, an efficient proof and verification technique is proposed to guarantee bid validity in homomorphic e-auction. The new proof technique is mainly based on hash function operations and only needs a very small number of costly public key cryptographic operations. Moreover, it can handle untrusted verifiers and achieve perfect ZK. As a result, efficiency and privacy of homomorphic e-auction applications are significantly improved. To the best of authors’ knowledge, it proof technique is the first to handle untrusted verifiers in e-auction applications.
- Author(s): Yueming Deng ; Guojun Wang ; Jiannong Cao ; Xin Xiao
- Source: IET Information Security, Volume 7, Issue 1, p. 22 –29
- DOI: 10.1049/iet-ifs.2012.0092
- Type: Article
- + Show details - Hide details
-
p.
22
–29
(8)
Seamless handoff is crucial for providing pervasive wireless access especially to support time-sensitive applications in 802.11i security enhanced WLAN, but it introduces large authentication delay to provide advanced security during a handoff. In order to reduce the authentication delay, the IEEE 802.11 work group has defined a pre-authentication scheme; however, the defined scheme works in the MAC layer and does not work in the network layer in IP routing-based multi-domain networks. In this study, the authors proposed a practical secure and fast handoff framework, called V2V, which not only extends the 802.11i pre-authentication scheme to overcome the above limitations, but also supports pre-configuration with dynamic host configuration protocol to reduce the handoff delay further. A prototype of the V2V system is implemented and the testing results show that one can reduce the overall handoff delay, including association, authentication, IP configuration and mobile IP location update, to no more than 50 ms, which can support most time-sensitive applications such as VoIP.
- Author(s): Xin Huang ; Bangdao Chen ; Andrew Markham ; Qinghua Wang ; Zheng Yan ; Andrew William Roscoe
- Source: IET Information Security, Volume 7, Issue 1, p. 30 –38
- DOI: 10.1049/iet-ifs.2012.0080
- Type: Article
- + Show details - Hide details
-
p.
30
–38
(9)
A body sensor network (BSN) is typically a wearable wireless sensor network. Security protection is critical to BSNs, since they collect sensitive personal information. Generally speaking, security protection of BSN relies on identity (ID) and key distribution protocols. Most existing protocols are designed to run in general wireless sensor networks, and are not suitable for BSNs. After carefully examining the characteristics of BSNs, the authors propose human interactive empirical channel-based security protocols, which include an elliptic curve Diffie–Hellman version of symmetric hash commitment before knowledge protocol and an elliptic curve Diffie–Hellman version of hash commitment before knowledge protocol. Using these protocols, dynamically distributing keys and IDs become possible. As opposite to present solutions, these protocols do not need any pre-deployment of keys or secrets. Therefore compromised and expired keys or IDs can be easily changed. These protocols exploit human users as temporary trusted third parties. The authors, thus, show that the human interactive channels can help them to design secure BSNs.
- Author(s): Xiaoyong Li and Junping Du
- Source: IET Information Security, Volume 7, Issue 1, p. 39 –50
- DOI: 10.1049/iet-ifs.2012.0232
- Type: Article
- + Show details - Hide details
-
p.
39
–50
(12)
In cloud computing, trust management is more important than ever before in the use of information and communication technologies. Owing to the dynamic nature of the cloud, continuous monitoring on trust attributes is necessary to enforce service-level agreements. This study presents Cloud-Trust, an adaptive trust management model for efficiently evaluating the competence of a cloud service based on its multiple trust attributes. In Cloud-Trust, two kinds of adaptive modelling tools (rough set and induced ordered weighted averaging (IOWA) operator) are organically integrated and successfully applied to trust data mining and knowledge discovery. Using rough set to discover knowledge from trust attributes makes the model surpass the limitations of traditional models, in which weights are assigned subjectively. Moreover, Cloud-Trust uses the IOWA operator to aggregate the global trust degree based on time series, thereby enabling better real-time performance. Experimental results show that Cloud-Trust converges more rapidly and accurately than do existing approaches, thereby verifying that it can effectively take on trust measurement tasks in cloud computing.
- Author(s): Weizhong Qiang ; Deqing Zou ; Shenglan Wang ; Laurence Tianruo Yang ; Hai Jin ; Lei Shi
- Source: IET Information Security, Volume 7, Issue 1, p. 51 –59
- DOI: 10.1049/iet-ifs.2012.0094
- Type: Article
- + Show details - Hide details
-
p.
51
–59
(9)
The security issue has been a challenging concern for cloud computing because of the multitenant usage model. In cloud, each application normally runs on a dynamic coalition that is composed by multiple virtual machines (VMs) running on different virtualised service nodes, which the authors called logic virtual domain (LVD). Moreover, the owners of cloud applications, who are also the tenants of cloud, would specify some security policies to control the access to those resources that they have paid for. Therefore the owners of cloud infrastructures have to provide the tenants with the mechanism to correctly configure and enforce the access control policies on resources that are from multiple service nodes, to meet the security requirements from cloud applications. To address the above challenge, this study presents the design and implementation about a multilayer access control architecture for LVD, named CloudAC, aiming to provide isolation control, information flow control and resource-sharing control among multiple VMs on Xen virtualisation platforms in cloud computing environment. The theory and technology this research formed will provide reliable security guarantee for resource configuration and application deployment on LVDs.
A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card
Efficient proof of bid validity with untrusted verifier in homomorphic e-auction
Practical secure and fast handoff framework for pervasive Wi-Fi access
Human interactive secure key and identity exchange protocols in body sensor networks
Adaptive and attribute-based trust model for service-level agreement guarantee in cloud computing
CloudAC: a cloud-oriented multilayer access control system for logic virtual domain
Most viewed content
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article