Permissioned blockchains are increasingly used in areas like supply chain management, financial transactions, and medical data sharing, where ensuring data consistency and security is critical. However, these systems ...
详细信息
Permissioned blockchains are increasingly used in areas like supply chain management, financial transactions, and medical data sharing, where ensuring data consistency and security is critical. However, these systems are vulnerable to threats such as DDoS attacks, forged transactions, and certificate authority compromises, primarily due to inadequate network layer admission control. Existing solutions, like static whitelisting, struggle with scalability and adaptability in dynamic environments. This paper proposes a novel admission control mechanism based on identity-based cryptography, utilizing multi-level anonymous identifiers and decentralized private key generation to enhance user authentication and privacy. The mechanism dynamically updates whitelists and selectively filters network traffic, ensuring a balance between security and performance. Experimental results validate its effectiveness in mitigating key threats while maintaining operational efficiency.
The majority of current security architectures for grid systems use public key infrastructure (PKI) to authenticate identities of grid members and to secure resource allocation to these members. identity-based cryptog...
详细信息
The majority of current security architectures for grid systems use public key infrastructure (PKI) to authenticate identities of grid members and to secure resource allocation to these members. identity-based cryptography (IBC) has some attractive properties that seem to align well with the demands of grid computing. This paper presents a comprehensive investigation into the use of identity-based techniques to provide an alternative grid security architecture. We propose a customised identity-based key agreement protocol, which fits nicely with the grid security infrastructure (GSI). We also present a delegation protocol, which is simpler and more efficient than existing delegation methods. Our study shows that properties of IBC can be exploited to provide grid security services in a more natural and clean way than more conventional public key cryptosystems, such as RSA.
Extended Access Control (EAC) is a security mechanism specified to allow only authorized Inspection System (IS) to read sensitive biometric data such as fingerprints from e-passports. Although European Union EAC schem...
详细信息
Extended Access Control (EAC) is a security mechanism specified to allow only authorized Inspection System (IS) to read sensitive biometric data such as fingerprints from e-passports. Although European Union EAC scheme offers more flexibility than Singapore scheme, there is clearly room for improvement. By adopting identity-based cryptography (IBC) technology, a simple and secure EAC implementation scheme (IBC-EAC) is proposed. The authorization mechanism based on IBC is more trustable because the access right to sensitive data is granted directly to the IS through Authorized Smartcard. A new authentication protocol based on IBC is performed between the e-passport chip and the Authorized Smartcard. The protocol also provides an important contribution towards terminal revocation. By using IBC-EAC scheme, the complexity of deploying and managing PKI can be reduced. And the computational cost for e-passport to verify the certificate chain in EU-EAC scheme can be saved. (c) 2010 Elsevier B.V. All rights reserved.
Security in mobile ad-hoc networks (MANETs) continues to attract attention after years of research. Recent advances in identity-based cryptography (IBC) sheds light on this problem and has become popular as a solution...
详细信息
Security in mobile ad-hoc networks (MANETs) continues to attract attention after years of research. Recent advances in identity-based cryptography (IBC) sheds light on this problem and has become popular as a solution base. We present a comprehensive picture and capture the state of the art of IBC security applications in MANETs based on a survey of publications on this topic since the emergence of IBC in 2001. In this paper, we also share insights into open research problems and point out interesting future directions in this area.
Vehicular Ad hoc Networks (VANET) broadcast messages regarding road and environmental conditions. Due to its design, VANET inadvertently introduced security and privacy issues. Many researchers have suggested various ...
详细信息
Vehicular Ad hoc Networks (VANET) broadcast messages regarding road and environmental conditions. Due to its design, VANET inadvertently introduced security and privacy issues. Many researchers have suggested various approaches to address these shortcomings as the deployment of VANET becomes more widespread. Nevertheless, these solutions could not address all the security and privacy shortcomings in VANET. Furthermore, the proposed approaches incur high costs in terms of computation due to the complexity involved in doing so sequentially. One of the significant approaches used in VANET security and privacy mitigation is identity-based schemes. This paper provides a comprehensive survey on VANETs and the entities involved, attack models, and an analysis of the security and privacy requirements for identity-based security and privacy schemes for VANETs.
In this paper, an identity-based key agreement protocol for securing mobile telephony in GSM and UMTS networks is presented. The approach allows two mobile phones to perform a session key agreement over an unsecured c...
详细信息
In this paper, an identity-based key agreement protocol for securing mobile telephony in GSM and UMTS networks is presented. The approach allows two mobile phones to perform a session key agreement over an unsecured channel and between different providers using telephone numbers as public keys. Using the created session key, a symmetric encryption of all call data can be performed. Solutions to the problems of multi-domain key generation, key distribution, multi-domain public parameter distribution and inter-domain key agreement are presented. Furthermore, the proposed approach can be speeded up using server-aided cryptography, by outsourcing computationally expensive cryptographic operations to a high-performance backend computing server. The feasibility of the approach is illustrated by presenting experimental results based on a Symbian implementation running on N95-1 and N82-1 Nokia smartphones.
A body sensor network (BSN), is a network of sensors deployed on a person's body, usually for health care monitoring. Since the sensors collect personal medical data, security and privacy are important components ...
详细信息
ISBN:
(纸本)9781595938145
A body sensor network (BSN), is a network of sensors deployed on a person's body, usually for health care monitoring. Since the sensors collect personal medical data, security and privacy are important components in a body sensor network. At the same time, the collected data has to readily available in the event of art emergency. In this paper, we present IBE-Lite, a lightweight identity-based encryption suitable for sensors. and developed protocols based oil IBE-Lite for a BSN.
Traditional approaches for communication security do not work well in disruption- and delay-tolerant networks (DTNs). Recently, the use of identity-based cryptography (IBC) has been proposed as one way to help solve s...
详细信息
ISBN:
(纸本)9781595936882
Traditional approaches for communication security do not work well in disruption- and delay-tolerant networks (DTNs). Recently, the use of identity-based cryptography (IBC) has been proposed as one way to help solve some of the DTN security issues. We analyze the applicability of IBC in this context and conclude that for authentication and integrity, IBC has no significant advantage over traditional cryptography, but it can indeed enable better ways of providing confidentiality. Additionally, we show a way of bootstrapping the needed security associations for IBC use from an existing authentication infrastructure.
Transport layer security (TLS) protocol is widely used in e-business and information systems for providing security attributes such as authentication, confidentiality and integrity. However, the certificate-based mech...
详细信息
ISBN:
(纸本)9780769536866
Transport layer security (TLS) protocol is widely used in e-business and information systems for providing security attributes such as authentication, confidentiality and integrity. However, the certificate-based mechanism which is adopted by most TLS handshake protocols results in complex certificate management overheads and long handshake latency. To overcome these disadvantages, a series of handshake protocols were presented that applies identity-based encryption, signature, signcryption, and authenticated key agreement schemes respectively. Security analysis indicates that the identity-based protocols have equivalent security level but more security attributes than the standard certificate-based schemes and the ones proposed in the literature so far. Experiment results show that our schemes have commensurate cryptographic computation overheads comparing with other schemes, but achieve shorter handshake latency especially in bandwidth-limited environments because of less communication traffic.
The deployment of secure vehicle-to-vehicle communication is essential for recent technologies such as autonomous driving and traffic optimizations. In this paper we experiment with the use of license plates as a mean...
详细信息
ISBN:
(纸本)9781728129495
The deployment of secure vehicle-to-vehicle communication is essential for recent technologies such as autonomous driving and traffic optimizations. In this paper we experiment with the use of license plates as a mean to identify vehicles and use this identification number to bootstrap security based on identity-based cryptographic schemes. Since the deployment of the public-key infrastructure may be difficult at a large scale for the automotive environment, the use of identity-based cryptography may offer benefits since it does not require public-key certificates. We present experiments based on Android smartphones in order to determine the feasibility of deploying this technology. Our experiments are concerned with both the impact of the underlying cryptographic primitives and the range at which license plates can be recognized by smartphone cameras.
暂无评论