WorldWideScience

Sample records for network security electronic

  1. Secure electronic commerce communication system based on CA

    Science.gov (United States)

    Chen, Deyun; Zhang, Junfeng; Pei, Shujun

    2001-07-01

    In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

  2. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  3. Windows 2012 Server network security securing your Windows network systems and infrastructure

    CERN Document Server

    Rountree, Derrick

    2013-01-01

    Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

  4. Bechtel Hanford, Inc. network security plan for the environmental restoration contract

    International Nuclear Information System (INIS)

    McCaffrey, M.B.

    1997-01-01

    As part of the Computer Protection Program, this Network Security Plan identifies the specific security measures used to protect the Bechtel Hanford, Inc. (BHI) enterprise network. The network consists of the communication infrastructure and information systems used by BHI to perform work related to the Environmental Restoration Contract (ERC) at the Hanford Site. It provides electronic communication between the ERC-leased facilities in Richland, Washington and other facilities located on the Hanford Site. Network gateways to other site and offsite networks provide electronic communication with the rest of the Hanford community. The enterprise network is comprised of several individual networks that operate under different conditions and perform different functions. The principal network used by BHI is the Bechtel Local Area Network (BLAN). This document identifies specific security issues surrounding the BLAN and the measures BHI takes to protect it. The other BHI-operated networks are discussed from the perspective of the security impact they have on the BLAN. This plan addresses security for individual and shared computer systems connected to the BHI networks as well as the gateways between other site and external networks. It specifically does not address computer-based information systems that store or process particularly sensitive data, computer systems connected to other site networks (e.g., Hanford Local Area Network), or standalone computers located in ERC facilities

  5. Security for multihop wireless networks

    CERN Document Server

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  6. Managing Cisco network security

    CERN Document Server

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  7. Untangle network security

    CERN Document Server

    El-Bawab, Abd El-Monem A

    2014-01-01

    If you are a security engineer or a system administrator and want to secure your server infrastructure with the feature-rich Untangle, this book is for you. For individuals who want to start their career in the network security field, this book would serve as a perfect companion to learn the basics of network security and how to implement it using Untangle NGFW.

  8. RFID-based Electronic Identity Security Cloud Platform in Cyberspace

    OpenAIRE

    Bing Chen; Chengxiang Tan; Bo Jin; Xiang Zou; Yuebo Dai

    2012-01-01

    With the moving development of networks, especially Internet of Things, electronic identity administration in cyberspace is becoming more and more important. And personal identity management in cyberspace associated with individuals in reality has been one significant and urgent task for the further development of information construction in China. So this paper presents a RFID-based electronic identity security cloud platform in cyberspace to implement an efficient security management of cyb...

  9. Security and the networked society

    CERN Document Server

    Gregory, Mark

    2013-01-01

    This book examines technological and social events during 2011 and 2012, a period that saw the rise of the hacktivist, the move to mobile platforms, and the ubiquity of social networks. It covers key technological issues such as hacking, cyber-crime, cyber-security and cyber-warfare, the internet, smart phones, electronic security, and information privacy. This book traces the rise into prominence of these issues while also exploring the resulting cultural reaction. The authors' analysis forms the basis of a discussion on future technological directions and their potential impact on society. T

  10. Computer Network Security- The Challenges of Securing a Computer Network

    Science.gov (United States)

    Scotti, Vincent, Jr.

    2011-01-01

    This article is intended to give the reader an overall perspective on what it takes to design, implement, enforce and secure a computer network in the federal and corporate world to insure the confidentiality, integrity and availability of information. While we will be giving you an overview of network design and security, this article will concentrate on the technology and human factors of securing a network and the challenges faced by those doing so. It will cover the large number of policies and the limits of technology and physical efforts to enforce such policies.

  11. A DRM Security Architecture for Home Networks

    NARCIS (Netherlands)

    Popescu, B.C.; Crispo, B.; Kamperman, F.L.A.J.; Tanenbaum, A.S.; Kiayias, A.; Yung, M.

    2004-01-01

    This paper describes a security architecture allowing digital rights management in home networks consisting of consumer electronic devices. The idea is to allow devices to establish dynamic groups, so called "Authorized Domains", where legally acquired copyrighted content can seamlessly move from

  12. Wireshark network security

    CERN Document Server

    Verma, Piyush

    2015-01-01

    If you are network administrator or a security analyst with an interest in using Wireshark for security analysis, then this is the book for you. Basic familiarity with common network and application services terms and technologies is assumed.

  13. Human factors in network security

    OpenAIRE

    Jones, Francis B.

    1991-01-01

    Human factors, such as ethics and education, are important factors in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls

  14. Networks and network analysis for defence and security

    CERN Document Server

    Masys, Anthony J

    2014-01-01

    Networks and Network Analysis for Defence and Security discusses relevant theoretical frameworks and applications of network analysis in support of the defence and security domains. This book details real world applications of network analysis to support defence and security. Shocks to regional, national and global systems stemming from natural hazards, acts of armed violence, terrorism and serious and organized crime have significant defence and security implications. Today, nations face an uncertain and complex security landscape in which threats impact/target the physical, social, economic

  15. Gross anatomy of network security

    Science.gov (United States)

    Siu, Thomas J.

    2002-01-01

    Information security involves many branches of effort, including information assurance, host level security, physical security, and network security. Computer network security methods and implementations are given a top-down description to permit a medically focused audience to anchor this information to their daily practice. The depth of detail of network functionality and security measures, like that of the study of human anatomy, can be highly involved. Presented at the level of major gross anatomical systems, this paper will focus on network backbone implementation and perimeter defenses, then diagnostic tools, and finally the user practices (the human element). Physical security measures, though significant, have been defined as beyond the scope of this presentation.

  16. Wireless network security theories and applications

    CERN Document Server

    Chen, Lei; Zhang, Zihong

    2013-01-01

    Wireless Network Security Theories and Applications discusses the relevant security technologies, vulnerabilities, and potential threats, and introduces the corresponding security standards and protocols, as well as provides solutions to security concerns. Authors of each chapter in this book, mostly top researchers in relevant research fields in the U.S. and China, presented their research findings and results about the security of the following types of wireless networks: Wireless Cellular Networks, Wireless Local Area Networks (WLANs), Wireless Metropolitan Area Networks (WMANs), Bluetooth

  17. Network Security Validation Using Game Theory

    Science.gov (United States)

    Papadopoulou, Vicky; Gregoriades, Andreas

    Non-functional requirements (NFR) such as network security recently gained widespread attention in distributed information systems. Despite their importance however, there is no systematic approach to validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the distributed systems that depended on these networks. Security requirements specification need a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. This paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with an example that demonstrates the application of the approach.

  18. Building secure network by integrated technology

    International Nuclear Information System (INIS)

    An Dehai; Xu Rongsheng; Liu Baoxu

    2000-01-01

    The author introduces a method which can realize the most powerful network security prevention by the network security integrated technologies such as firewall, realtime monitor, network scanner, Web detection and security, etc

  19. Modified Small Business Network Security

    OpenAIRE

    Md. Belayet Ali; Oveget Das; Md. Shamim Hossain

    2012-01-01

    This paper covers some likely threats and effectivesteps for a secure small business. It also involves a flowchart tocomprehend the overall small business network security easilyand we identify a set of security issues and applyappropriate techniques to satisfy the correspondingsecurity requirements. In respect of all, this document isstrong enough for any small business network security.

  20. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  1. Network security

    CERN Document Server

    Perez, André

    2014-01-01

    This book introduces the security mechanisms deployed in Ethernet, Wireless-Fidelity (Wi-Fi), Internet Protocol (IP) and MultiProtocol Label Switching (MPLS) networks. These mechanisms are grouped throughout the book according to the following four functions: data protection, access control, network isolation, and data monitoring. Data protection is supplied by data confidentiality and integrity control services. Access control is provided by a third-party authentication service. Network isolation is supplied by the Virtual Private Network (VPN) service. Data monitoring consists of applying

  2. Security of electronic mental health communication and record-keeping in the digital age.

    Science.gov (United States)

    Elhai, Jon D; Frueh, B Christopher

    2016-02-01

    The mental health field has seen a trend in recent years of the increased use of information technology, including mobile phones, tablets, and laptop computers, to facilitate clinical treatment delivery to individual patients and for record keeping. However, little attention has been paid to ensuring that electronic communication with patients is private and secure. This is despite potentially deleterious consequences of a data breach, which are reported in the news media very frequently in modern times. In this article, we present typical security concerns associated with using technology in clinical services or research. We also discuss enhancing the privacy and security of electronic communication with clinical patients and research participants. We offer practical, easy-to-use software application solutions for clinicians and researchers to secure patient communication and records. We discuss such issues as using encrypted wireless networks, secure e-mail, encrypted messaging and videoconferencing, privacy on social networks, and others. © Copyright 2015 Physicians Postgraduate Press, Inc.

  3. Secure Wireless Sensor Networks: Problems and Solutions

    Directory of Open Access Journals (Sweden)

    Fei Hu

    2003-08-01

    Full Text Available As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis was placed on security. This paper analyzes security challenges in wireless sensor networks and summarizes key issues that should be solved for achieving the ad hoc security. It gives an overview of the current state of solutions on such key issues as secure routing, prevention of denial-of-service and key management service. We also present some secure methods to achieve security in wireless sensor networks. Finally we present our integrated approach to securing sensor networks.

  4. Network security with openSSL cryptography for secure communications

    CERN Document Server

    Viega, John; Chandra, Pravir

    2002-01-01

    Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

  5. Routing architecture and security for airborne networks

    Science.gov (United States)

    Deng, Hongmei; Xie, Peng; Li, Jason; Xu, Roger; Levy, Renato

    2009-05-01

    Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all these applications require proper routing security support to establish correct route between communicating platforms in a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet, LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks. Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper, we first identify a candidate routing architecture, which works as an underlying structure for our proposed security scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks. Based on these studies, we propose an integrated security solution to address routing security issues in airborne networks.

  6. Resistance and Security Index of Networks: Structural Information Perspective of Network Security.

    Science.gov (United States)

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-06-03

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks.

  7. Resistance and Security Index of Networks: Structural Information Perspective of Network Security

    Science.gov (United States)

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-01-01

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks. PMID:27255783

  8. Resistance and Security Index of Networks: Structural Information Perspective of Network Security

    Science.gov (United States)

    Li, Angsheng; Hu, Qifu; Liu, Jun; Pan, Yicheng

    2016-06-01

    Recently, Li and Pan defined the metric of the K-dimensional structure entropy of a structured noisy dataset G to be the information that controls the formation of the K-dimensional structure of G that is evolved by the rules, order and laws of G, excluding the random variations that occur in G. Here, we propose the notion of resistance of networks based on the one- and two-dimensional structural information of graphs. Given a graph G, we define the resistance of G, written , as the greatest overall number of bits required to determine the code of the module that is accessible via random walks with stationary distribution in G, from which the random walks cannot escape. We show that the resistance of networks follows the resistance law of networks, that is, for a network G, the resistance of G is , where and are the one- and two-dimensional structure entropies of G, respectively. Based on the resistance law, we define the security index of a network G to be the normalised resistance of G, that is, . We show that the resistance and security index are both well-defined measures for the security of the networks.

  9. Network Paradigm of Information Security

    Directory of Open Access Journals (Sweden)

    Alexandr Diomidovich Afanasyev

    2016-03-01

    Full Text Available An issue of topological analysis has been claimed as a key one while creating robust and secure network systems. Some examples of complex network applications in information security domain have been cited.

  10. Network perimeter security building defense in-depth

    CERN Document Server

    Riggs, Cliff

    2003-01-01

    PREFACEWho is this Book For?The Path to Network SecurityWho Should Read This Book?MANAGING NETWORK SECURITYThe Big Picture: Security Policies from A to ZAdministrative CountermeasuresPhysical CountermeasuresTechnological CountermeasuresCreating the Security Standards DocumentCreating the Configuration Guide DocumentPulling it All Together: Sample Security Policy CreationProteris Security Standards and ProceduresTHE NETWORK STACK AND SECURITYConnecting the NetworkProtocolsServers and HostsCRYPTOGRAPHY AND VPN TERMINOLOGYKeysCertificatesHashingDigital SignaturesCommon Encryption AlgorithmsSplit

  11. Design of the XML Security System for Electronic Commerce Application

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

  12. Security for Virtual Private Networks

    OpenAIRE

    Magdalena Nicoleta Iacob

    2015-01-01

    Network security must be a permanent concern for every company, given the fact that threats are evolving today more rapidly than in the past. This paper contains a general classification of cryptographic algorithms used in today networks and presents an implementation of virtual private networks using one of the most secure methods - digital certificates authentication.

  13. Unification of Information Security Policies for Network Security Solutions

    Directory of Open Access Journals (Sweden)

    D.S. Chernyavskiy

    2012-03-01

    Full Text Available Diversity of command languages on network security solutions’ (NSS interfaces causes problems in a process of information security policy (ISP deployment. Unified model for security policy representation and implementation in NSS could aid to avoid such problems and consequently enhance efficiency of the process. The proposed solution is Unified language for network security policy (ULNSP. The language is based on formal languages theory, and being coupled with its translator, ULNSP makes it possible to formalize and implement ISP independently of particular NSS.

  14. The Security Plan for the Joint Euratom/IAEA Remote Monitoring Network

    International Nuclear Information System (INIS)

    Stronkhorst, J.; Schoop, K.; Ruuska, K.; Kurek, S.; Levert, J.F.

    2015-01-01

    The European Commission and the IAEA have installed surveillance systems in all larger civil European nuclear facilities. The monitoring data is gathered by optical surveillance systems, electronic sealing systems and numerous measuring devices. The on-site joint Euratom/IAEA monitoring networks operate in general completely isolated from the operator's IT systems. To largely improve data security and reliability, remote data transmission (RDT) is installed on a growing number of sites, and the inspection data is daily transferred to the Data Collect Servers in Luxembourg and Vienna. A growing number of RDT connections and a growing number of security threats require an IT security policy that is pro-active as well as reactive in an efficient way. The risk based approach used in setting up the security plans assesses all elements of the monitoring network, from the implemented technical solution and the assessment of the security needs and threats, up to the incident handling and lessons learned. The results of the assessments are, for each individual RDT connection, described in the technical paragraphs and annexes, including system descriptions, network plans and contact information. The principles of secure data handling as implemented in the shared Euratom /IAEA monitoring network can apply to a broad range of industrial monitoring systems, where human interaction is in general the largest security risk. (author)

  15. Security for multi-hop wireless networks

    CERN Document Server

    Mahmoud, Mohamed M E A

    2014-01-01

    This Springer Brief discusses efficient security protocols and schemes for multi-hop wireless networks. It presents an overview of security requirements for these networks, explores challenges in securing networks and presents system models. The authors introduce mechanisms to reduce the overhead and identify malicious nodes that drop packets intentionally. Also included is a new, efficient cooperation incentive scheme to stimulate the selfish nodes to relay information packets and enforce fairness. Many examples are provided, along with predictions for future directions of the field. Security

  16. NOSArmor: Building a Secure Network Operating System

    Directory of Open Access Journals (Sweden)

    Hyeonseong Jo

    2018-01-01

    Full Text Available Software-Defined Networking (SDN, controlling underlying network devices (i.e., data plane in a logically centralized manner, is now actively adopted in many real world networking environments. It is clear that a network administrator can easily understand and manage his networking environments with the help of SDN. In SDN, a network operating system (NOS, also known as an SDN controller, is the most critical component because it should be involved in all transactions for controlling network devices, and thus the security of NOS cannot be highly exaggerated. However, in spite of its importance, no previous works have thoroughly investigated the security of NOS. In this work, to address this problem, we present the NOSArmor, which integrates several security mechanisms, named as security building block (SBB, into a consolidated SDN controller. NOSArmor consists of eight SBBs and each of them addresses different security principles of network assets. For example, while role-based authorization focuses on securing confidentiality of internal storage from malicious applications, OpenFlow protocol verifier protects availability of core service in the controller from malformed control messages received from switches. In addition, NOSArmor shows competitive performance compared to existing other controllers (i.e., ONOS, Floodlight with secureness of network assets.

  17. Security for 5G Mobile Wireless Networks

    OpenAIRE

    Fang, Dongfeng; Qian, Yi; Qingyang Hu, Rose

    2017-01-01

    The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use ca...

  18. 75 FR 2433 - Special Conditions: Boeing Model 747-8/-8F Airplanes, Systems and Data Networks Security...

    Science.gov (United States)

    2010-01-15

    ... Conditions No. 25-401-SC] Special Conditions: Boeing Model 747-8/-8F Airplanes, Systems and Data Networks Security--Protection of Airplane Systems and Data Networks From Unauthorized External Access AGENCY... that effective electronic system security protection strategies are implemented to protect the airplane...

  19. SEADE: Countering the Futility of Network Security

    Science.gov (United States)

    2015-10-01

    guards, and computer cages) and logical security measures (network firewall and intrusion detection). However, no matter how many layers of network...security built-in and with minimal security dependence on network security appliances (e.g., firewalls ). As Secretary of Defense Ashton Carter...based analysis that assumes nothing bad will happen to applications/data if those defenses prevent malware transactions at the entrance. The

  20. Secure Service Discovery in Home Networks

    NARCIS (Netherlands)

    Scholten, Johan; van Dijk, H.W.; De Cock, Danny; Preneel, Bart; Kung, Antonio; d'Hooge, Michel

    2006-01-01

    This paper presents an architecture for secure service discovery for use in home networks. We give an overview and rationale of a cluster-based home network architecture that bridges different, often vendor specific, network technologies. We show how it integrates security, communication, and

  1. Hybrid architecture for building secure sensor networks

    Science.gov (United States)

    Owens, Ken R., Jr.; Watkins, Steve E.

    2012-04-01

    Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

  2. Home Network Security

    NARCIS (Netherlands)

    Scholten, Hans; van Dijk, Hylke

    2008-01-01

    Service discovery and secure and safe service usage are essential elements in the deployment of home and personal networks. Because no system administrator is present, setup and daily operation of such a network has to be automated as much as possible with a high degree of user friendliness. To

  3. Vehicular ad hoc network security and privacy

    CERN Document Server

    Lin, X

    2015-01-01

    Unlike any other book in this area, this book provides innovative solutions to security issues, making this book a must read for anyone working with or studying security measures. Vehicular Ad Hoc Network Security and Privacy mainly focuses on security and privacy issues related to vehicular communication systems. It begins with a comprehensive introduction to vehicular ad hoc network and its unique security threats and privacy concerns and then illustrates how to address those challenges in highly dynamic and large size wireless network environments from multiple perspectives. This book is richly illustrated with detailed designs and results for approaching security and privacy threats.

  4. An Overview of Computer Network security and Research Technology

    OpenAIRE

    Rathore, Vandana

    2016-01-01

    The rapid development in the field of computer networks and systems brings both convenience and security threats for users. Security threats include network security and data security. Network security refers to the reliability, confidentiality, integrity and availability of the information in the system. The main objective of network security is to maintain the authenticity, integrity, confidentiality, availability of the network. This paper introduces the details of the technologies used in...

  5. Campus network security model study

    Science.gov (United States)

    Zhang, Yong-ku; Song, Li-ren

    2011-12-01

    Campus network security is growing importance, Design a very effective defense hacker attacks, viruses, data theft, and internal defense system, is the focus of the study in this paper. This paper compared the firewall; IDS based on the integrated, then design of a campus network security model, and detail the specific implementation principle.

  6. Survey of network and information security technology

    International Nuclear Information System (INIS)

    Liu Baoxu; Wang Xiaozhen

    2007-01-01

    With the rapidly development of the computer network technology and informationize working of our Country, Network and Information Security issues becomes the focal point problem that people shows solicitude for. On the basis analysing security threat and challenge of network information and their developing trend. This paper briefly analyses and discusses the main relatively study direction and content about the theory, technology and practice of Network and Information Security. (authors)

  7. Security Threats on Wireless Sensor Network Protocols

    OpenAIRE

    H. Gorine; M. Ramadan Elmezughi

    2016-01-01

    In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issue...

  8. International Nuclear Security Education Network (INSEN) and the Nuclear Security Training and Support Centre (NSSC) Network

    International Nuclear Information System (INIS)

    Nikonov, Dmitriy

    2013-01-01

    International Nuclear Security Education Network established in 2010: A partnership between the IAEA and universities, research institutions and other stakeholders - •Promotion of nuclear security education; • Development of educational materials; • Professional development for faculty members; • Collaborative research and resource sharing. Currently over 90 members from 38 member states. Mission: to enhance global nuclear security by developing, sharing and promoting excellence in nuclear security education. Nuclear Security Support Centre: Primary objectives are: • Develop human resources through the implementation of a tailored training programme; • Develop a network of experts; • Provide technical support for lifecycle equipment management and scientific support for the detection of and the response to nuclear security events

  9. A study of the security technology and a new security model for WiFi network

    Science.gov (United States)

    Huang, Jing

    2013-07-01

    The WiFi network is one of the most rapidly developing wireless communication networks, which makes wireless office and wireless life possible and greatly expands the application form and scope of the internet. At the same time, the WiFi network security has received wide attention, and this is also the key factor of WiFi network development. This paper makes a systematic introduction to the WiFi network and WiFi network security problems, and the WiFi network security technology are reviewed and compared. In order to solve the security problems in WiFi network, this paper presents a new WiFi network security model and the key exchange algorithm. Experiments are performed to test the performance of the model, the results show that the new security model can withstand external network attack and ensure stable and safe operation of WiFi network.

  10. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas

    Directory of Open Access Journals (Sweden)

    Ze Wang

    2015-09-01

    Full Text Available Network security is one of the most important issues in mobile sensor networks (MSNs. Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA is proposed to resist malicious attacks by using mobile nodes’ dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  11. Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

    Science.gov (United States)

    Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

    2015-09-25

    Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

  12. The research of computer network security and protection strategy

    Science.gov (United States)

    He, Jian

    2017-05-01

    With the widespread popularity of computer network applications, its security is also received a high degree of attention. Factors affecting the safety of network is complex, for to do a good job of network security is a systematic work, has the high challenge. For safety and reliability problems of computer network system, this paper combined with practical work experience, from the threat of network security, security technology, network some Suggestions and measures for the system design principle, in order to make the masses of users in computer networks to enhance safety awareness and master certain network security technology.

  13. Network Security: Policies and Guidelines for Effective Network Management

    Directory of Open Access Journals (Sweden)

    Jonathan Gana KOLO

    2008-12-01

    Full Text Available Network security and management in Information and Communication Technology (ICT is the ability to maintain the integrity of a system or network, its data and its immediate environment. The various innovations and uses to which networks are being put are growing by the day and hence are becoming complex and invariably more difficult to manage by the day. Computers are found in every business such as banking, insurance, hospital, education, manufacturing, etc. The widespread use of these systems implies crime and insecurity on a global scale. In addition, the tremendous benefits brought about by Internet have also widened the scope of crime and insecurity at an alarming rate. Also, ICT has fast become a primary differentiator for institution/organization leaders as it offers effective and convenient means of interaction with each other across the globe. This upsurge in the population of organizations depending on ICT for business transaction has brought with it a growing number of security threats and attacks on poorly managed and secured networks primarily to steal personal data, particularly financial information and password.This paper therefore proposes some policies and guidelines that should be followed by network administrators in organizations to help them ensure effective network management and security of ICT facilities and data.

  14. Network Security Visualization

    National Research Council Canada - National Science Library

    1999-01-01

    The application of interactive, three-dimensional viewing techniques to the representation of security-related, computer network status and events is expected to improve the timeliness and efficiency...

  15. Mining social networks and security informatics

    CERN Document Server

    Özyer, Tansel; Rokne, Jon; Khoury, Suheil

    2013-01-01

    Crime, terrorism and security are in the forefront of current societal concerns. This edited volume presents research based on social network techniques showing how data from crime and terror networks can be analyzed and how information can be extracted. The topics covered include crime data mining and visualization; organized crime detection; crime network visualization; computational criminology; aspects of terror network analyses and threat prediction including cyberterrorism and the related area of dark web; privacy issues in social networks; security informatics; graph algorithms for soci

  16. Wireless Network Security Vulnerabilities and Concerns

    Science.gov (United States)

    Mushtaq, Ahmad

    The dilemma of cyber communications insecurity has existed all the times since the beginning of the network communications. The problems and concerns of unauthorized access and hacking has existed form the time of introduction of world wide web communication and Internet's expansion for popular use in 1990s, and has remained till present time as one of the most important issues. The wireless network security is no exception. Serious and continuous efforts of investigation, research and development has been going on for the last several decades to achieve the goal of provision of 100 percent or full proof security for all the protocols of networking architectures including the wireless networking. Some very reliable and robust strategies have been developed and deployed which has made network communications more and more secure. However, the most desired goal of complete security has yet to see the light of the day. The latest Cyber War scenario, reported in the media of intrusion and hacking of each other's defense and secret agencies between the two super powers USA and China has further aggravated the situation. This sort of intrusion by hackers between other countries such as India and Pakistan, Israel and Middle East countries has also been going on and reported in the media frequently. The paper reviews and critically examines the strategies already in place, for wired network. Wireless Network Security and also suggests some directions and strategies for more robust aspects to be researched and deployed.

  17. Metro Optical Networks for Homeland Security

    Science.gov (United States)

    Bechtel, James H.

    Metro optical networks provide an enticing opportunity for strengthening homeland security. Many existing and emerging fiber-optic networks can be adapted for enhanced security applications. Applications include airports, theme parks, sports venues, and border surveillance systems. Here real-time high-quality video and captured images can be collected, transported, processed, and stored for security applications. Video and data collection are important also at correctional facilities, courts, infrastructure (e.g., dams, bridges, railroads, reservoirs, power stations), and at military and other government locations. The scaling of DWDM-based networks allows vast amounts of data to be collected and transported including biometric features of individuals at security check points. Here applications will be discussed along with potential solutions and challenges. Examples of solutions to these problems are given. This includes a discussion of metropolitan aggregation platforms for voice, video, and data that are SONET compliant for use in SONET networks and the use of DWDM technology for scaling and transporting a variety of protocols. Element management software allows not only network status monitoring, but also provides optimized allocation of network resources through the use of optical switches or electrical cross connects.

  18. Developing cyber security architecture for military networks using cognitive networking

    OpenAIRE

    Kärkkäinen, Anssi

    2015-01-01

    In recent years, the importance of cyber security has increased. Cyber security has not become a critical issue only for governmental or business actors, but also for armed forces that nowadays rely on national or even global networks in their daily activities. The Network Centric Warfare (NCW) paradigm has increased the significance of networking during last decades as it enables information superiority in which military combat power increased by networking the battlefield actors from perspe...

  19. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

    Directory of Open Access Journals (Sweden)

    Shibo Luo

    2015-12-01

    Full Text Available Software-Defined Networking-based Mobile Networks (SDN-MNs are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

  20. A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

    Science.gov (United States)

    Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

    2015-12-17

    Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

  1. SMEs, electronically-mediated working and data security: cause for concern?

    Directory of Open Access Journals (Sweden)

    Clear, F.

    2007-01-01

    Full Text Available Security of data is critical to the operations of firms. Without the ability to store, process and transmit data securely, operations may be compromised, with the potential for serious consequences to trading integrity. Thus the role that electronically-mediated working plays in business today and its dependency on data security is of critical interest, especially in light of the fact that much of this communication is based on the use of open networks (i.e. the Internet. This paper discusses findings from a ‘WestFocus’ survey on electronically-mediated working and telework amongst a sample of SMEs located in West London and adjacent counties in South-Eastern England in order to highlight the problems that such practice raises in terms of data security. Data collection involved a telephone survey undertaken in early 2006 of 378 firms classified into four industrial sectors (‘Media’, ‘Logistics’, ‘Internet Services’ and ‘Food Processing’. After establishing how ICTs and the Internet are being exploited as business applications for small firms, data security practice is explored on the basis of sector and size with a focus on telework. The paper goes on to highlight areas of concern in terms of data security policy and training practice. Findings show some sector and size influences.

  2. Techniques Used in String Matching for Network Security

    OpenAIRE

    Jamuna Bhandari

    2014-01-01

    String matching also known as pattern matching is one of primary concept for network security. In this area the effectiveness and efficiency of string matching algorithms is important for applications in network security such as network intrusion detection, virus detection, signature matching and web content filtering system. This paper presents brief review on some of string matching techniques used for network security.

  3. Security Shift in Future Network Architectures

    OpenAIRE

    Hartog, T.; Schotanus, H.A.; Verkoelen, C.A.A.

    2010-01-01

    In current practice military communication infrastructures are deployed as stand-alone networked information systems. Network-Enabled Capabilities (NEC) and combined military operations lead to new requirements which current communication architectures cannot deliver. This paper informs IT architects, information architects and security specialists about the separation of network and information security, the consequences of this shift and our view on future communication infrastructures in d...

  4. Information Security Policy Modeling for Network Security Systems

    Directory of Open Access Journals (Sweden)

    Dmitry Sergeevich Chernyavskiy

    2014-12-01

    Full Text Available Policy management for network security systems (NSSs is one of the most topical issues of network security management. Incorrect configurations of NSSs lead to system outages and appearance of vulnerabilities. Moreover, policy management process is a time-consuming task, which includes significant amount of manual work. These factors reduce efficiency of NSSs’ utilization. The paper discusses peculiarities of policy management process and existing approaches to policy modeling, presents a model aimed to formalize policies for NSSs independently on NSSs’ platforms and select the most effective NSSs for implementation of the policies.

  5. Security Aspects of an Enterprise-Wide Network Architecture.

    Science.gov (United States)

    Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

    1999-01-01

    Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

  6. 76 FR 67750 - Homeland Security Information Network Advisory Committee

    Science.gov (United States)

    2011-11-02

    ... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0107] Homeland Security Information Network... Information Network Advisory Committee. SUMMARY: The Secretary of Homeland Security has determined that the renewal of the Homeland Security Information Network Advisory Committee (HSINAC) is necessary and in the...

  7. Research on network information security model and system construction

    OpenAIRE

    Wang Haijun

    2016-01-01

    It briefly describes the impact of large data era on China’s network policy, but also brings more opportunities and challenges to the network information security. This paper reviews for the internationally accepted basic model and characteristics of network information security, and analyses the characteristics of network information security and their relationship. On the basis of the NIST security model, this paper describes three security control schemes in safety management model and the...

  8. Security in wireless sensor networks

    CERN Document Server

    Oreku, George S

    2016-01-01

    This monograph covers different aspects of sensor network security including new emerging technologies. The authors present a mathematical approach to the topic and give numerous practical examples as well as case studies to illustrate the theory. The target audience primarily comprises experts and practitioners in the field of sensor network security, but the book may also be beneficial for researchers in academia as well as for graduate students.

  9. Secure positioning in wireless networks

    DEFF Research Database (Denmark)

    Capkun, Srdjan; Hubaux, Jean-Pierre

    2006-01-01

    So far, the problem of positioning in wireless networks has been studied mainly in a non-adversarial settings. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call...... Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations....

  10. BackTrack testing wireless network security

    CERN Document Server

    Cardwell, Kevin

    2013-01-01

    Written in an easy-to-follow step-by-step format, you will be able to get started in next to no time with minimal effort and zero fuss.BackTrack: Testing Wireless Network Security is for anyone who has an interest in security and who wants to know more about wireless networks.All you need is some experience with networks and computers and you will be ready to go.

  11. Security Techniques for the Electronic Health Records.

    Science.gov (United States)

    Kruse, Clemens Scott; Smith, Brenna; Vanderlinden, Hannah; Nealand, Alexandra

    2017-08-01

    The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry. Considering current legal regulations, this review seeks to analyze and discuss prominent security techniques for healthcare organizations seeking to adopt a secure electronic health records system. Additionally, the researchers sought to establish a foundation for further research for security in the healthcare industry. The researchers utilized the Texas State University Library to gain access to three online databases: PubMed (MEDLINE), CINAHL, and ProQuest Nursing and Allied Health Source. These sources were used to conduct searches on literature concerning security of electronic health records containing several inclusion and exclusion criteria. Researchers collected and analyzed 25 journals and reviews discussing security of electronic health records, 20 of which mentioned specific security methods and techniques. The most frequently mentioned security measures and techniques are categorized into three themes: administrative, physical, and technical safeguards. The sensitive nature of the information contained within electronic health records has prompted the need for advanced security techniques that are able to put these worries at ease. It is imperative for security techniques to cover the vast threats that are present across the three pillars of healthcare.

  12. MLS-Net and SecureParser®: A New Method for Securing and Segregating Network Data

    Directory of Open Access Journals (Sweden)

    Robert A. Johnson

    2008-10-01

    Full Text Available A new method of network security and virtualization is presented which allows the consolidation of multiple network infrastructures dedicated to single security levels or communities of interest onto a single, virtualized network. An overview of the state of the art of network security protocols is presented, including the use of SSL, IPSec, and HAIPE IS, followed by a discussion of the SecureParser® technology and MLS-Net architecture, which in combination allow the virtualization of local network enclaves.

  13. Electronic healthcare information security

    CERN Document Server

    Dube, Kudakwashe; Shoniregun, Charles A

    2010-01-01

    The ever-increasing healthcare expenditure and pressing demand for improved quality and efficiency of patient care services are driving innovation in healthcare information management. The domain of healthcare has become a challenging testing ground for information security due to the complex nature of healthcare information and individual privacy. ""Electronic Healthcare Information Security"" explores the challenges of e-healthcare information and security policy technologies. It evaluates the effectiveness of security and privacy implementation systems for anonymization methods and techniqu

  14. Network Security via Biometric Recognition of Patterns of Gene Expression

    Science.gov (United States)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

  15. Network Security via Biometric Recognition of Patterns of Gene Expression

    Science.gov (United States)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

  16. A DNA-Inspired Encryption Methodology for Secure, Mobile Ad Hoc Networks

    Science.gov (United States)

    Shaw, Harry

    2012-01-01

    Users are pushing for greater physical mobility with their network and Internet access. Mobile ad hoc networks (MANET) can provide an efficient mobile network architecture, but security is a key concern. A figure summarizes differences in the state of network security for MANET and fixed networks. MANETs require the ability to distinguish trusted peers, and tolerate the ingress/egress of nodes on an unscheduled basis. Because the networks by their very nature are mobile and self-organizing, use of a Public Key Infra structure (PKI), X.509 certificates, RSA, and nonce ex changes becomes problematic if the ideal of MANET is to be achieved. Molecular biology models such as DNA evolution can provide a basis for a proprietary security architecture that achieves high degrees of diffusion and confusion, and resistance to cryptanalysis. A proprietary encryption mechanism was developed that uses the principles of DNA replication and steganography (hidden word cryptography) for confidentiality and authentication. The foundation of the approach includes organization of coded words and messages using base pairs organized into genes, an expandable genome consisting of DNA-based chromosome keys, and a DNA-based message encoding, replication, and evolution and fitness. In evolutionary computing, a fitness algorithm determines whether candidate solutions, in this case encrypted messages, are sufficiently encrypted to be transmitted. The technology provides a mechanism for confidential electronic traffic over a MANET without a PKI for authenticating users.

  17. Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

    Energy Technology Data Exchange (ETDEWEB)

    Orvis, W J; Krystosek, P; Smith, J

    2002-11-27

    With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does not consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these

  18. Covering the Monitoring Network: A Unified Framework to Protect E-Commerce Security

    Directory of Open Access Journals (Sweden)

    Lirong Qiu

    2017-01-01

    Full Text Available Multimedia applications in smart electronic commerce (e-commerce, such as online trading and Internet marketing, always face security in storage and transmission of digital images and videos. This study addresses the problem of security in e-commerce and proposes a unified framework to analyze the security data. First, to allocate the definite security resources optimally, we build our e-commerce monitoring model as an undirected network, where a monitored node is a vertex of the graph and a connection between vertices is an undirected edge. Moreover, we aim to find a minimal cover for the monitoring network as the optimal solution of resource allocation, which is defined as the network monitoring minimization problem (NMM. This problem is proved to be NP-hard. Second, by analyzing the latent threats, we design a novel and trusted monitoring system that can integrate incident monitoring, data analysis, risk assessment, and security warnings. This system does not touch users’ privacy data. Third, we propose a sequential model-based risk assessment method, which can predict the risk according to the text semantics. Our experimental results on web scale data demonstrate that our system is flexible enough when monitoring, which also verify the effectiveness and efficiency of our system.

  19. Design and realization of a network security model

    OpenAIRE

    WANG, Jiahai; HAN, Fangxi; Tang, Zheng; TAMURA, Hiroki; Ishii, Masahiro

    2002-01-01

    The security of information is a key problem in the development of network technology. The basic requirements of security of information clearly include confidentiality, integrity, authentication and non-repudiation. This paper proposes a network security model that is composed of security system, security connection and communication, and key management. The model carries out encrypting, decrypting, signature and ensures confidentiality, integrity, authentication and non-repudiation. Finally...

  20. Social Networks and Corporate Information Security

    Directory of Open Access Journals (Sweden)

    Ekaterina Gennadievna Kondratova

    2013-06-01

    Full Text Available It is defined in the article social networks as a tool in the hands of cyber-criminals to compromise the organization’s data. The author focuses on a list of threats to information security caused by social networks usage, which should be considered in the set up of information security management system of the company.

  1. Security management of next generation telecommunications networks and services

    CERN Document Server

    Jacobs, Stuart

    2014-01-01

    This book will cover network management security issues and currently available security mechanisms by discussing how network architectures have evolved into the contemporary NGNs which support converged services (voice, video, TV, interactive information exchange, and classic data communications). It will also analyze existing security standards and their applicability to securing network management. This book will review 21st century security concepts of authentication, authorization, confidentiality, integrity, nonrepudiation, vulnerabilities, threats, risks, and effective approaches to enc

  2. The Security Research of Digital Library Network

    Science.gov (United States)

    Zhang, Xin; Song, Ding-Li; Yan, Shu

    Digital library is a self-development needs for the modern library to meet the development requirements of the times, changing the way services and so on. digital library from the hardware, technology, management and other aspects to objective analysis of the factors of threats to digital library network security. We should face up the problems of digital library network security: digital library network hardware are "not hard", the technology of digital library is relatively lag, digital library management system is imperfect and other problems; the government should take active measures to ensure that the library funding, to enhance the level of network hardware, to upgrade LAN and prevention technology, to improve network control technology, network monitoring technology; to strengthen safety management concepts, to prefect the safety management system; and to improve the level of security management modernization for digital library.

  3. Security of supply and regulation of energy networks

    International Nuclear Information System (INIS)

    Jamasb, Tooraj; Pollitt, Michael

    2008-01-01

    In recent years, the security of energy supplies has re-emerged as a central issue in the energy policy arena in the UK and elsewhere. This re-emergence takes place against a backdrop of increased liberalisation of the energy markets, so that security of supply needs to be revisited within this context. Security of supply is multifaceted, but is often discussed in terms of physical availability of energy sources and their commodity price risk. This paper discusses the relationship between security of supply and network regulation - that is, how the energy networks, and appropriate regulation of them, can contribute to security of supply in liberalised energy sectors. Energy networks are predominantly natural monopolies and as a result are generally subject to regulatory oversight. We discuss a range of issues and trends that pose challenges and opportunities to network regulation and which call for new and innovative measures. The paper identifies a number of areas where network regulation can play a significant role in increasing the security of supply of future energy systems. (author)

  4. Improving Network Security with Watchguard UTM Firewall

    OpenAIRE

    Lehmonen, Harri

    2017-01-01

    After working many years in close contact with end customers, the author has noticed that Finnish small and mid-size businesses are not paying as much attention to network security threats as they should. Even though different kind of security threats are probably present and reported often in news, very basic security practices are discarded and no resources are spent advancing the issue. The topic of this thesis is Improving Network Security with Watchguard’s UTM Firewall. It focuses o...

  5. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    National Research Council Canada - National Science Library

    Ganger, Gregory R

    2007-01-01

    This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

  6. Keystone Business Models for Network Security Processors

    OpenAIRE

    Arthur Low; Steven Muegge

    2013-01-01

    Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor...

  7. COMPREHENSIVE SURVEY OF POSSIBLE SECURITY ISSUES ON 4G NETWORKS

    OpenAIRE

    Sumant Ku Mohapatra; Biswa Ranjan Swain; Pravanjan Das

    2015-01-01

    This paper presents a brief study of recent advances in wireless network security issues. The paper makes a number of contributions to the wireless networking field. First, it studies the 4G mail threats and risk and their design decisions. Second, the security of 4G architecture with next generation network security and 8- security dimensions of 4G network. Third, security issues and possible threats on 4G are discussed. Finally, we proposed four layer security model which manage...

  8. 78 FR 7797 - Homeland Security Information Network Advisory Committee (HSINAC)

    Science.gov (United States)

    2013-02-04

    ... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2013-0005] Homeland Security Information Network... Committee Meeting. SUMMARY: The Homeland Security Information Network Advisory Committee (HSIN AC) will meet... received by the (Homeland Security Information Network Advisory Committee), go to http://www.regulations...

  9. International Nuclear Security Education Network (INSEN): Promoting nuclear security education

    International Nuclear Information System (INIS)

    Muhamad Samudi Yasir

    2013-01-01

    Full-text: The need for human resource development programmes in nuclear security was underlined at several International Atomic Energy Agency (IAEA) General Conferences and Board of Governors Meetings. Successive IAEA Nuclear Security Plans, the most recent of which was agreed by the Board of Governors in September 2009, give high priority to assisting States in establishing educational programmes in nuclear security in order to ensure the sustainability of nuclear security improvements. The current Nuclear Security Plan 1 covering 2010-2013 emphasizes on the importance of considering existing capacities at international, regional and national levels while designing nuclear security academic programmes. In the course of implementing the Plan, the IAEA developed a guide entitled Educational Programme in Nuclear Security (IAEA Nuclear Security Series No. 12) that consists of a model of a MAster of Science (M.Sc.) and a Certificate Programme in Nuclear Security. This guide was aims at assisting universities or other educational institutes to developed academic programmes in nuclear security. Independently, some universities already offered academic programmes covering some areas of nuclear security, while other universities have asked the IAEA to support the implementation of these programmes. In order to better address current and future request for assistance in this area, the IAEA establish a collaboration network-International Nuclear Security Education Network (INSEN), among universities who are providing nuclear security education or who are interested in starting an academic programme/ course(s) in nuclear security. Universiti Kebangsaan Malaysia (UKM) is a first local university became a member of INSEN since the beginning of the establishment. (author)

  10. Security for the Mythical Air-Dropped Sensor Network

    NARCIS (Netherlands)

    Gamage, C.D.; Bicakci, K.; Crispo, B.; Tanenbaum, A.S.

    2006-01-01

    The research area of very large scale wireless sensor networks made of low-cost sensors is gaining a lot of interest as witnessed by the large number of published papers. The security aspects of such networks are addressed as well, and in particular many security papers investigating the security

  11. Communication security in open health care networks.

    Science.gov (United States)

    Blobel, B; Pharow, P; Engel, K; Spiegel, V; Krohn, R

    1999-01-01

    Fulfilling the shared care paradigm, health care networks providing open systems' interoperability in health care are needed. Such communicating and co-operating health information systems, dealing with sensitive personal medical information across organisational, regional, national or even international boundaries, require appropriate security solutions. Based on the generic security model, within the European MEDSEC project an open approach for secure EDI like HL7, EDIFACT, XDT or XML has been developed. The consideration includes both securing the message in an unsecure network and the transport of the unprotected information via secure channels (SSL, TLS etc.). Regarding EDI, an open and widely usable security solution has been specified and practically implemented for the examples of secure mailing and secure file transfer (FTP) via wrapping the sensitive information expressed by the corresponding protocols. The results are currently prepared for standardisation.

  12. Auditing Albaha University Network Security using in-house Developed Penetration Tool

    Science.gov (United States)

    Alzahrani, M. E.

    2018-03-01

    Network security becomes very important aspect in any enterprise/organization computer network. If important information of the organization can be accessed by anyone it may be used against the organization for further own interest. Thus, network security comes into it roles. One of important aspect of security management is security audit. Security performance of Albaha university network is relatively low (in term of the total controls outlined in the ISO 27002 security control framework). This paper proposes network security audit tool to address issues in Albaha University network. The proposed penetration tool uses Nessus and Metasploit tool to find out the vulnerability of a site. A regular self-audit using inhouse developed tool will increase the overall security and performance of Albaha university network. Important results of the penetration test are discussed.

  13. The summarize of the technique about proactive network security protection

    International Nuclear Information System (INIS)

    Liu Baoxu; Li Xueying; Cao Aijuan; Yu Chuansong; Xu Rongsheng

    2003-01-01

    The proactive protection measures and the traditional passive security protection tools are complementarities each other. It also can supply the conventional network security protection system and enhance its capability of the security protection. Based upon sorts of existing network security technologies, this article analyses and summarizes the technologies, functions and the development directions of some key proactive network security protection tools. (authors)

  14. Security Modeling on the Supply Chain Networks

    Directory of Open Access Journals (Sweden)

    Marn-Ling Shing

    2007-10-01

    Full Text Available In order to keep the price down, a purchaser sends out the request for quotation to a group of suppliers in a supply chain network. The purchaser will then choose a supplier with the best combination of price and quality. A potential supplier will try to collect the related information about other suppliers so he/she can offer the best bid to the purchaser. Therefore, confidentiality becomes an important consideration for the design of a supply chain network. Chen et al. have proposed the application of the Bell-LaPadula model in the design of a secured supply chain network. In the Bell-LaPadula model, a subject can be in one of different security clearances and an object can be in one of various security classifications. All the possible combinations of (Security Clearance, Classification pair in the Bell-LaPadula model can be thought as different states in the Markov Chain model. This paper extends the work done by Chen et al., provides more details on the Markov Chain model and illustrates how to use it to monitor the security state transition in the supply chain network.

  15. Identifying the Key Weaknesses in Network Security at Colleges.

    Science.gov (United States)

    Olsen, Florence

    2000-01-01

    A new study identifies and ranks the 10 security gaps responsible for most outsider attacks on college computer networks. The list is intended to help campus system administrators establish priorities as they work to increase security. One network security expert urges that institutions utilize multiple security layers. (DB)

  16. Strategy and management of network security at KEK

    International Nuclear Information System (INIS)

    Kiyoharu Hashimoto; Teiji Nakamura; Hitoshi Hirose, Yukio Karita; Youhei Morita; Soh Suzuki; Fukuko Yuasa

    2001-01-01

    Recently the troubles related to the network security have often occurred at KEK. According to their security policy, the authors have started the strategy against the daily attacks. It consists of two fundamental things; the monitoring and the access control. To monitor the network, the authors have installed the intrusion detection system and have managed it since 1998. For the second thing, the authors arranged three categories to classify all hosts (about 5000 hosts) at KEK according to their security level. To realize these three categories, the authors filter the incoming packet from outside KEK whether it has a SYN flag or not. The network monitoring and the access control produced good effects in keeping the security level high. Since 2000 the authors have started the transition of LAN from shared-media network to switched network. Now almost part of LAN was re-configured and in this new LAN 10 Mbps 100 Mbps/1Gbps Ethernet are supported. Currently the authors are planning further speedup (10 Gbps) and redundancy of network. Not only LAN but also WAN, network speed will be upgraded to 10 Gbps thanks to the strong promotion of IT by Japanese government. In this very high speed network, the authors' current strategy will be affected and again the network security becomes a big issue. The authors describe the experiences in practice of the current strategy and management know-how together with the discussion on the new strategy

  17. Middleware-based Security for Hyperconnected Applications in Future In-Car Networks

    Directory of Open Access Journals (Sweden)

    Alexandre Bouard

    2013-12-01

    Full Text Available Today’s cars take advantage of powerful electronic platforms and provide more and more sophisticated connected services. More than just ensuring the role of a safe transportation mean, they process private information, industrial secrets, communicate with our smartphones, Internet and will soon host thirdparty applications. Their pervasive computerization makes them vulnerable to common security attacks, against which automotive technologies cannot protect. The transition toward Ethernet/IP-based on-board communication could be a first step to respond to these security and privacy issues. In this paper, we present a security framework leveraging local and distributed information flow techniques in order to secure the on-board network against internal and external untrusted components. We describe the implementation and integration of such a framework within an IP-based automotive middleware and provide its evaluation.

  18. Review of Social Networking Sites' Security and Privacy

    OpenAIRE

    YANG, SHUN

    2015-01-01

    Nowadays social media networking has dramatically increased. Social networking sites like Facebook make users create huge amount of profiles and share personal information within networking of different users. Social networking exposes personal information far beyond the group of friends. And that information or data on social media networking could be potential threat to people's information security and privacy. In this review, we are going to view the privacy risks and security problem...

  19. Security Investment in Contagious Networks.

    Science.gov (United States)

    Hasheminasab, Seyed Alireza; Tork Ladani, Behrouz

    2018-01-16

    Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players. © 2018 Society for Risk Analysis.

  20. Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

    Directory of Open Access Journals (Sweden)

    B. Paramasivan

    2014-01-01

    Full Text Available Mobile ad hoc networks (MANETs are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  1. Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

    Science.gov (United States)

    Paramasivan, B; Kaliappan, M

    2014-01-01

    Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  2. Network security: a survey of modern approaches

    International Nuclear Information System (INIS)

    Zafar, M.F.; Naheed, F.; Ahmad, Z.; Anwar, M.M.

    2008-01-01

    Security is an essential element of information technology (IT) infrastructure and applications. Concerns about security of networks and information systems have been growing along with the rapid increase in the number of network users and the value of their transactions. The hasty security threats have driven the development of security products known as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to detect and protect the network, server and desktop infrastructure ahead of the threat. Authentication and signing techniques are used to prevent integrity threats. Users, devices, and applications should always be authenticated and authorized before they are allowed to access networking resources. Though a lot of information is available on the internet about IDS and IPS but it all is spread on so many sites and one has to spend a considerable part of his precious time to search it. In this regard a thorough survey has been conducted to facilitate and assist the researchers. The issues and defend challenges in fighting with cyber attacks have been discussed. A comparison of the categories of network security technologies has been presented. In this paper an effort has been made to gather the scattered information and present it at one place. This survey will provide best available up-to-date advancement in the area. A brief description of open source IPS has also been presented. (author)

  3. Global Nuclear Safety and Security Network

    International Nuclear Information System (INIS)

    Guo Lingquan

    2013-01-01

    The objectives of the Regulatory Network are: - to contribute to the effectiveness of nuclear regulatory systems; - to contribute to continuous enhancements, and - to achieve and promote radiation and nuclear safety and security by: • Enhancing the effectiveness and efficiency of international cooperation in the regulation of nuclear and radiation safety of facilities and activities; • Enabling adequate access by regulators to relevant safety and security information; • Promoting dissemination of information on safety and security issues as well as information of good practices for addressing and resolving these issues; • Enabling synergies among different web based networks with a view to strengthening and enhancing the global nuclear safety framework and serving the specific needs of regulators and international organizations; • Providing additional information to the public on international regulatory cooperation in safety and security matters

  4. Directed Security Policies: A Stateful Network Implementation

    Directory of Open Access Journals (Sweden)

    Cornelius Diekmann

    2014-05-01

    Full Text Available Large systems are commonly internetworked. A security policy describes the communication relationship between the networked entities. The security policy defines rules, for example that A can connect to B, which results in a directed graph. However, this policy is often implemented in the network, for example by firewalls, such that A can establish a connection to B and all packets belonging to established connections are allowed. This stateful implementation is usually required for the network's functionality, but it introduces the backflow from B to A, which might contradict the security policy. We derive compliance criteria for a policy and its stateful implementation. In particular, we provide a criterion to verify the lack of side effects in linear time. Algorithms to automatically construct a stateful implementation of security policy rules are presented, which narrows the gap between formalization and real-world implementation. The solution scales to large networks, which is confirmed by a large real-world case study. Its correctness is guaranteed by the Isabelle/HOL theorem prover.

  5. Complex networks: Dynamics and security

    Indian Academy of Sciences (India)

    This paper presents a perspective in the study of complex networks by focusing on how dynamics may affect network security under attacks. ... Department of Mathematics and Statistics, Arizona State University, Tempe, Arizona 85287, USA; Institute of Mathematics and Computer Science, University of Sao Paulo, Brazil ...

  6. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  7. Lack of security of networked medical equipment in radiology.

    Science.gov (United States)

    Moses, Vinu; Korah, Ipeson

    2015-02-01

    OBJECTIVE. There are few articles in the literature describing the security and safety aspects of networked medical equipment in radiology departments. Most radiologists are unaware of the security issues. We review the security of the networked medical equipment of a typical radiology department. MATERIALS AND METHODS. All networked medical equipment in a radiology department was scanned for vulnerabilities with a port scanner and a network vulnerability scanner, and the vulnerabilities were classified using the Common Vulnerability Scoring System. A network sniffer was used to capture and analyze traffic on the radiology network for exposure of confidential patient data. We reviewed the use of antivirus software and firewalls on the networked medical equipment. USB ports and CD and DVD drives in the networked medical equipment were tested to see whether they allowed unauthorized access. Implementation of the virtual private network (VPN) that vendors use to access the radiology network was reviewed. RESULTS. Most of the networked medical equipment in our radiology department used vulnerable software with open ports and services. Of the 144 items scanned, 64 (44%) had at least one critical vulnerability, and 119 (83%) had at least one high-risk vulnerability. Most equipment did not encrypt traffic and allowed capture of confidential patient data. Of the 144 items scanned, two (1%) used antivirus software and three (2%) had a firewall enabled. The USB ports were not secure on 49 of the 58 (84%) items with USB ports, and the CD or DVD drive was not secure on 17 of the 31 (55%) items with a CD or DVD drive. One of three vendors had an insecure implementation of VPN access. CONCLUSION. Radiologists and the medical industry need to urgently review and rectify the security issues in existing networked medical equipment. We hope that the results of our study and this article also raise awareness among radiologists about the security issues of networked medical equipment.

  8. Evaluation of a Cyber Security System for Hospital Network.

    Science.gov (United States)

    Faysel, Mohammad A

    2015-01-01

    Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

  9. Multitask Learning-Based Security Event Forecast Methods for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hui He

    2016-01-01

    Full Text Available Wireless sensor networks have strong dynamics and uncertainty, including network topological changes, node disappearance or addition, and facing various threats. First, to strengthen the detection adaptability of wireless sensor networks to various security attacks, a region similarity multitask-based security event forecast method for wireless sensor networks is proposed. This method performs topology partitioning on a large-scale sensor network and calculates the similarity degree among regional subnetworks. The trend of unknown network security events can be predicted through multitask learning of the occurrence and transmission characteristics of known network security events. Second, in case of lacking regional data, the quantitative trend of unknown regional network security events can be calculated. This study introduces a sensor network security event forecast method named Prediction Network Security Incomplete Unmarked Data (PNSIUD method to forecast missing attack data in the target region according to the known partial data in similar regions. Experimental results indicate that for an unknown security event forecast the forecast accuracy and effects of the similarity forecast algorithm are better than those of single-task learning method. At the same time, the forecast accuracy of the PNSIUD method is better than that of the traditional support vector machine method.

  10. Securing Mobile Networks in an Operational Setting

    Science.gov (United States)

    Ivancic, William D.; Stewart, David H.; Bell, Terry L.; Paulsen, Phillip E.; Shell, Dan

    2004-01-01

    This paper describes a network demonstration and three month field trial of mobile networking using mobile-IPv4. The network was implemented as part of the US Coast Guard operational network which is a ".mil" network and requires stringent levels of security. The initial demonstrations took place in November 2002 and a three month field trial took place from July through September of 2003. The mobile network utilized encryptors capable of NSA-approved Type 1 algorithms, mobile router from Cisco Systems and 802.11 and satellite wireless links. This paper also describes a conceptual architecture for wide-scale deployment of secure mobile networking in operational environments where both private and public infrastructure is used. Additional issues presented include link costs, placement of encryptors and running routing protocols over layer-3 encryption devices.

  11. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security

    National Research Council Canada - National Science Library

    Ganger, Gregory

    2000-01-01

    This report contains the technical content of a recent funding proposal. In it, we propose a new approach to network security in which each individual device erects its own security perimeter and defends its own critical resources...

  12. Security For Wireless Sensor Network

    OpenAIRE

    Saurabh Singh,; Dr. Harsh Kumar Verma

    2011-01-01

    Wireless sensor network is highly vulnerable to attacks because it consists of various resourceconstrained devices with their low battery power, less memory, and associated low energy. Sensor nodescommunicate among themselves via wireless links. However, there are still a lot of unresolved issues in wireless sensor networks of which security is one of the hottest research issues. Sensor networks aredeployed in hostile environments. Environmental conditions along with resource-constraints give...

  13. A Cluster- Based Secure Active Network Environment

    Institute of Scientific and Technical Information of China (English)

    CHEN Xiao-lin; ZHOU Jing-yang; DAI Han; LU Sang-lu; CHEN Gui-hai

    2005-01-01

    We introduce a cluster-based secure active network environment (CSANE) which separates the processing of IP packets from that of active packets in active routers. In this environment, the active code authorized or trusted by privileged users is executed in the secure execution environment (EE) of the active router, while others are executed in the secure EE of the nodes in the distributed shared memory (DSM) cluster. With the supports of a multi-process Java virtual machine and KeyNote, untrusted active packets are controlled to securely consume resource. The DSM consistency management makes that active packets can be parallelly processed in the DSM cluster as if they were processed one by one in ANTS (Active Network Transport System). We demonstrate that CSANE has good security and scalability, but imposing little changes on traditional routers.

  14. Wireless Lan Network Security Method Wep (Wired Equivalent Privacy)

    OpenAIRE

    Ogy Charles Sario Tamawiwy; Nenny Anggraini, Skom., MT

    2008-01-01

    Scientific writing is about the WEP configuration on the WLAN network with RC4 encryption. The problem that arises is related aspects network security threats, strategic security and confidentiality of data in the network computer, the definition of encryption, definition kriptography algorithm, and algorithm functions.

  15. USign--a security enhanced electronic consent model.

    Science.gov (United States)

    Li, Yanyan; Xie, Mengjun; Bian, Jiang

    2014-01-01

    Electronic consent becomes increasingly popular in the healthcare sector given the many benefits it provides. However, security concerns, e.g., how to verify the identity of a person who is remotely accessing the electronic consent system in a secure and user-friendly manner, also arise along with the popularity of electronic consent. Unfortunately, existing electronic consent systems do not pay sufficient attention to those issues. They mainly rely on conventional password based authentication to verify the identity of an electronic consent user, which is far from being sufficient given that identity theft threat is real and significant in reality. In this paper, we present a security enhanced electronic consent model called USign. USign enhances the identity protection and authentication for electronic consent systems by leveraging handwritten signatures everyone is familiar with and mobile computing technologies that are becoming ubiquitous. We developed a prototype of USign and conducted preliminary evaluation on accuracy and usability of signature verification. Our experimental results show the feasibility of the proposed model.

  16. Multi-Level Secure Local Area Network

    OpenAIRE

    Naval Postgraduate School (U.S.); Center for Information Systems Studies Security and Research (CISR)

    2011-01-01

    Multi-Level Secure Local Area Network is a cost effective, multi-level, easy to use office environment leveraging existing high assurance technology. The Department of Defense and U.S. Government have an identified need to securely share information classified at differing security levels. Because there exist no commercial solutions to this problem, NPS is developing a MLS LAN. The MLS LAN extends high assurance capabilities of an evaluated multi-level secure system to commercial personal com...

  17. Cyber Security Research Frameworks For Coevolutionary Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  18. Keystone Business Models for Network Security Processors

    Directory of Open Access Journals (Sweden)

    Arthur Low

    2013-07-01

    Full Text Available Network security processors are critical components of high-performance systems built for cybersecurity. Development of a network security processor requires multi-domain experience in semiconductors and complex software security applications, and multiple iterations of both software and hardware implementations. Limited by the business models in use today, such an arduous task can be undertaken only by large incumbent companies and government organizations. Neither the “fabless semiconductor” models nor the silicon intellectual-property licensing (“IP-licensing” models allow small technology companies to successfully compete. This article describes an alternative approach that produces an ongoing stream of novel network security processors for niche markets through continuous innovation by both large and small companies. This approach, referred to here as the "business ecosystem model for network security processors", includes a flexible and reconfigurable technology platform, a “keystone” business model for the company that maintains the platform architecture, and an extended ecosystem of companies that both contribute and share in the value created by innovation. New opportunities for business model innovation by participating companies are made possible by the ecosystem model. This ecosystem model builds on: i the lessons learned from the experience of the first author as a senior integrated circuit architect for providers of public-key cryptography solutions and as the owner of a semiconductor startup, and ii the latest scholarly research on technology entrepreneurship, business models, platforms, and business ecosystems. This article will be of interest to all technology entrepreneurs, but it will be of particular interest to owners of small companies that provide security solutions and to specialized security professionals seeking to launch their own companies.

  19. Key Management for Secure Multicast over IPv6 Wireless Networks

    Directory of Open Access Journals (Sweden)

    Siddiqi Mohammad Umar

    2006-01-01

    Full Text Available Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for secure multicast over IPv6 wireless networks. Our key management framework includes two scenarios for securely distributing the group key and rekey messages for joining and leaving a mobile host in secure multicast group. In addition, we perform the security analysis and provide performance comparisons between our approach and two recently published scenarios. The benefits of our proposed techniques are that they minimize the number of transmissions required to rekey the multicast group and impose minimal storage requirements on the multicast group. In addition, our proposed schemes are also very desirable from the viewpoint of transmission bandwidth savings since an efficient rekeying mechanism is provided for membership changes and they significantly reduce the required bandwidth due to key updating in mobile networks. Moreover, they achieve the security and scalability requirements in wireless networks.

  20. Secure Multicast Routing Algorithm for Wireless Mesh Networks

    Directory of Open Access Journals (Sweden)

    Rakesh Matam

    2016-01-01

    Full Text Available Multicast is an indispensable communication technique in wireless mesh network (WMN. Many applications in WMN including multicast TV, audio and video conferencing, and multiplayer social gaming use multicast transmission. On the other hand, security in multicast transmissions is crucial, without which the network services are significantly disrupted. Existing secure routing protocols that address different active attacks are still vulnerable due to subtle nature of flaws in protocol design. Moreover, existing secure routing protocols assume that adversarial nodes cannot share an out-of-band communication channel which rules out the possibility of wormhole attack. In this paper, we propose SEMRAW (SEcure Multicast Routing Algorithm for Wireless mesh network that is resistant against all known active threats including wormhole attack. SEMRAW employs digital signatures to prevent a malicious node from gaining illegitimate access to the message contents. Security of SEMRAW is evaluated using the simulation paradigm approach.

  1. WIRELESS SENSOR NETWORKS – ARCHITECTURE, SECURITY REQUIREMENTS, SECURITY THREATS AND ITS COUNTERMEASURES

    OpenAIRE

    Ranjit Panigrahi; Kalpana Sharma; M.K. Ghose

    2013-01-01

    Wireless Sensor Network (WSN) has a huge range of applications such as battlefield, surveillance, emergency rescue operation and smart home technology etc. Apart from its inherent constraints such as limited memory and energy resources, when deployed in hostile environmental conditions, the sensor nodes are vulnerable to physical capture and other security constraints. These constraints put security as a major challenge for the researchers in the field of computer networking. T...

  2. Presentation of various types of electronic business available on the Internet, Advantages, Disadvantages, Key Requirements and Security, Implementation Model of an Electronic Business

    OpenAIRE

    Andreea A.S. Ionescu; Raul Serban

    2012-01-01

    This paper speaks about the advantages, disadvantages, key requirements necessary of an electronic business, the infrastructure of the Internet, the existing main networks on the Internet, standards used to develop electronic business and the security of an e-business environment. As we know in an organization the information is an asset that has value and should be protected and diversified. We also propose an implementation model of an electronic business that interconnects two concepts: ER...

  3. A network security situation prediction model based on wavelet neural network with optimized parameters

    Directory of Open Access Journals (Sweden)

    Haibo Zhang

    2016-08-01

    Full Text Available The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN with optimized parameters by the Improved Niche Genetic Algorithm (INGA. The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN, Genetic Algorithm-Back Propagation Neural Network (GA-BPNN and WNN.

  4. Network Security: What Non-Technical Administrators Must Know

    Science.gov (United States)

    Council, Chip

    2005-01-01

    Now it is increasingly critical that community college leaders become involved in network security and partner with their directors of information technology (IT). Network security involves more than just virus protection software and firewalls. It involves vigilance and requires top executive support. Leaders can help their IT directors to…

  5. Information Security of PHY Layer in Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weidong Fang

    2016-01-01

    Full Text Available Since the characteristics of wireless channel are open and broadcasting, wireless networks are very vulnerable to be attacked via eavesdropping, jamming, and interference. As traditional secure technologies are not suitable for PHY layer of wireless networks, physical-layer security issues become a focus of attention. In this paper, we firstly identify and summarize the threats and vulnerabilities in PHY layer of wireless networks. Then, we give a holistic overview of PHY layer secure schemes, which are divided into three categories: spatial domain-based, time domain-based, and frequency domain-based. Along the way, we analyze the pros and cons of current secure technologies in each category. In addition, we also conclude the techniques and methods used in these categories and point out the open research issues and directions in this area.

  6. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

    Science.gov (United States)

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-04-12

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  7. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Sabrina Boubiche

    2016-04-01

    Full Text Available Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  8. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-01-01

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach. PMID:27077866

  9. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    OpenAIRE

    Sun Qiong; Min Liu; Shiming Pang

    2013-01-01

    With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...

  10. Single-shot secure quantum network coding on butterfly network with free public communication

    Science.gov (United States)

    Owari, Masaki; Kato, Go; Hayashi, Masahito

    2018-01-01

    Quantum network coding on the butterfly network has been studied as a typical example of quantum multiple cast network. We propose a secure quantum network code for the butterfly network with free public classical communication in the multiple unicast setting under restricted eavesdropper’s power. This protocol certainly transmits quantum states when there is no attack. We also show the secrecy with shared randomness as additional resource when the eavesdropper wiretaps one of the channels in the butterfly network and also derives the information sending through public classical communication. Our protocol does not require verification process, which ensures single-shot security.

  11. Network and Database Security: Regulatory Compliance, Network, and Database Security - A Unified Process and Goal

    Directory of Open Access Journals (Sweden)

    Errol A. Blake

    2007-12-01

    Full Text Available Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role in helping secure databases. This paper will take the approach that if one make a conscientious effort to unifying the Database Security process, which includes Database Management System (DBMS selection process, following regulatory compliances, analyzing and learning from the mistakes of others, Implementing Networking Security Technologies, and Securing the Database, may prevent database breach.

  12. Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

    Science.gov (United States)

    Kraemer, Sara; Carayon, Pascale

    2007-03-01

    This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

  13. MAC layer security issues in wireless mesh networks

    Science.gov (United States)

    Reddy, K. Ganesh; Thilagam, P. Santhi

    2016-03-01

    Wireless Mesh Networks (WMNs) have emerged as a promising technology for a broad range of applications due to their self-organizing, self-configuring and self-healing capability, in addition to their low cost and easy maintenance. Securing WMNs is more challenging and complex issue due to their inherent characteristics such as shared wireless medium, multi-hop and inter-network communication, highly dynamic network topology and decentralized architecture. These vulnerable features expose the WMNs to several types of attacks in MAC layer. The existing MAC layer standards and implementations are inadequate to secure these features and fail to provide comprehensive security solutions to protect both backbone and client mesh. Hence, there is a need for developing efficient, scalable and integrated security solutions for WMNs. In this paper, we classify the MAC layer attacks and analyze the existing countermeasures. Based on attacks classification and countermeasures analysis, we derive the research directions to enhance the MAC layer security for WMNs.

  14. How to secure a wireless sensor network

    NARCIS (Netherlands)

    Law, Y.W.; Havinga, Paul J.M.

    2005-01-01

    The security of wireless sensor networks (WSNs) is a complex issue. While security research of WSNs is progressing at a tremendous pace, and many security techniques have been proposed, no comprehensive framework has so far emerged that attempts to tie the bits and pieces together to ease the

  15. Secure Media Independent Handover Message Transport in Heterogeneous Networks

    Directory of Open Access Journals (Sweden)

    Cho Choong-Ho

    2009-01-01

    Full Text Available The IEEE 802.21 framework for Media Independent Handover (MIH provides seamless vertical handover support for multimode mobile terminals. MIH messages are exchanged over various wireless media between mobile terminals and access networks to facilitate seamless handover. This calls for the need to secure MIH messages against network security threats in the wireless medium. In this paper, we first analyze IPSec/IKEv2 and DTLS security solution for secure MIH message transport. We show that handover latency can be an impediment to the use of IPSec and DTLS solutions. To overcome the handover overhead and hence minimize authentication time, a new secure MIH message transport solution, referred as MIHSec in this paper, is proposed. Experimental results are obtained for MIH between WLAN and Ethernet networks and the impacts of MIH message security on the handover latency are evaluated for IPSec, DTLS, and MIHSec security solutions. The effectiveness of MIHSec is demonstrated.

  16. PKI security in large-scale healthcare networks.

    Science.gov (United States)

    Mantas, Georgios; Lymberopoulos, Dimitrios; Komninos, Nikos

    2012-06-01

    During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a large-scale Internet-based healthcare network connecting a wide spectrum of healthcare units geographically distributed within a wide region. Furthermore, the proposed PKI infrastructure facilitates the trust issues that arise in a large-scale healthcare network including multi-domain PKI infrastructures.

  17. Wireless Network Penetration Testing and Security Auditing

    Directory of Open Access Journals (Sweden)

    Wang Shao-Long

    2016-01-01

    Full Text Available IEEE802.11 wireless wireless networks have security issues that are vulnerable to a variety of attacks. Due to using radio to transport data, attackers can bypass firewalls, sniff sensitive information, intercept packets and send malicious packets. Security auditing and penetration testing is expected to ensure wireless networks security. The contributions of this work are analyzed the vulnerability and types of attacks pertaining to IEEE 802.11 WLAN, performed well known attacks in a laboratory environment to conduct penetration tests to confirm whether our wireless network is hackable or not. WAIDPS is configured as auditing tool to view wireless attacks, such as WEP/WPA/WPA2 cracking, rouge access points, denial of service attack. WAIDPS is designed to detect wireless intrusion with additional features. Penetration testing and auditing will mitigate the risk and threatening to protect WALN.

  18. PKI security in large-scale healthcare networks

    OpenAIRE

    Mantas, G.; Lymberopoulos, D.; Komninos, N.

    2012-01-01

    During the past few years a lot of PKI (Public Key Infrastructures) infrastructures have been proposed for healthcare networks in order to ensure secure communication services and exchange of data among healthcare professionals. However, there is a plethora of challenges in these healthcare PKI infrastructures. Especially, there are a lot of challenges for PKI infrastructures deployed over large-scale healthcare networks. In this paper, we propose a PKI infrastructure to ensure security in a ...

  19. Seamless and secure communications over heterogeneous wireless networks

    CERN Document Server

    Cao, Jiannong

    2014-01-01

    This brief provides an overview of the requirements, challenges, design issues and major techniques for seamless and secure communications over heterogeneous wireless networks. It summarizes and provides detailed insights into the latest research on handoff management, mobility management, fast authentication and security management to support seamless and secure roaming for mobile clients. The reader will also learn about the challenges in developing relevant technologies and providing ubiquitous Internet access over heterogeneous wireless networks. The authors have extensive experience in im

  20. Securing Gateways within Clustered Power Centric Network of Nodes

    Directory of Open Access Journals (Sweden)

    Qaisar Javaid

    2016-01-01

    Full Text Available Knowledge Networks are gaining momentum within cyber world. Knowledge leads to innovation and for this reason organizations focus on research and information gathering in order to gain and improve existing knowledge. This of information era, which is primarily based on world wide web technologies, enables significantly expanded networks of people to communicate and collaborate 'virtually' across teams, across entire organizations and across the world, anytime and anywhere. Innovations in computing and telecommunications have transformed the corporations from structured and manageable types to interwoven network of blurred boundaries such as; ad hoc networks and mobile wireless networks, etc. This study explores knowledge networks in Information Technology and security leaks that are found, as well as measures that are taken to counter this menace which is coming up with optimal Secure Clustered Power Centric node network. The paper concludes these measures, evaluating and integrating them to come up with a secured network design.

  1. Electronic security device

    Science.gov (United States)

    Eschbach, Eugene A.; LeBlanc, Edward J.; Griffin, Jeffrey W.

    1992-01-01

    The present invention relates to a security device having a control box (12) containing an electronic system (50) and a communications loop (14) over which the system transmits a signal. The device is constructed so that the communications loop can extend from the control box across the boundary of a portal such as a door into a sealed enclosure into which access is restricted whereby the loop must be damaged or moved in order for an entry to be made into the enclosure. The device is adapted for detecting unauthorized entries into such enclosures such as rooms or containers and for recording the time at which such entries occur for later reference. Additionally, the device detects attempts to tamper or interfere with the operation of the device itself and records the time at which such events take place. In the preferred embodiment, the security device includes a microprocessor-based electronic system (50) and a detection module (72) capable of registering changes in the voltage and phase of the signal transmitted over the loop.

  2. Electronic security device

    International Nuclear Information System (INIS)

    Eschbach, E.A.; LeBlanc, E.J.; Griffin, J.W.

    1992-01-01

    The present invention relates to a security device having a control box containing an electronic system and a communications loop over which the system transmits a signal. The device is constructed so that the communications loop can extend from the control box across the boundary of a portal such as a door into a sealed enclosure into which access is restricted whereby the loop must be damaged or moved in order for an entry to be made into the enclosure. The device is adapted for detecting unauthorized entries into such enclosures such as rooms or containers and for recording the time at which such entries occur for later reference. Additionally, the device detects attempts to tamper or interfere with the operation of the device itself and records the time at which such events take place. In the preferred embodiment, the security device includes a microprocessor-based electronic system and a detection module capable of registering changes in the voltage and phase of the signal transmitted over the loop. 11 figs

  3. Network Security Risk Assessment System Based on Attack Graph and Markov Chain

    Science.gov (United States)

    Sun, Fuxiong; Pi, Juntao; Lv, Jin; Cao, Tian

    2017-10-01

    Network security risk assessment technology can be found in advance of the network problems and related vulnerabilities, it has become an important means to solve the problem of network security. Based on attack graph and Markov chain, this paper provides a Network Security Risk Assessment Model (NSRAM). Based on the network infiltration tests, NSRAM generates the attack graph by the breadth traversal algorithm. Combines with the international standard CVSS, the attack probability of atomic nodes are counted, and then the attack transition probabilities of ones are calculated by Markov chain. NSRAM selects the optimal attack path after comprehensive measurement to assessment network security risk. The simulation results show that NSRAM can reflect the actual situation of network security objectively.

  4. A Secure Network Coding-based Data Gathering Model and Its Protocol in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Qian Xiao

    2012-09-01

    Full Text Available To provide security for data gathering based on network coding in wireless sensor networks (WSNs, a secure network coding-based data gathering model is proposed, and a data-privacy preserving and pollution preventing (DPPaamp;PP protocol using network coding is designed. DPPaamp;PP makes use of a new proposed pollution symbol selection and pollution (PSSP scheme based on a new obfuscation idea to pollute existing symbols. Analyses of DPPaamp;PP show that it not only requires low overhead on computation and communication, but also provides high security on resisting brute-force attacks.

  5. Optical network security using unipolar Walsh code

    Science.gov (United States)

    Sikder, Somali; Sarkar, Madhumita; Ghosh, Shila

    2018-04-01

    Optical code-division multiple-access (OCDMA) is considered as a good technique to provide optical layer security. Many research works have been published to enhance optical network security by using optical signal processing. The paper, demonstrates the design of the AWG (arrayed waveguide grating) router-based optical network for spectral-amplitude-coding (SAC) OCDMA networks with Walsh Code to design a reconfigurable network codec by changing signature codes to against eavesdropping. In this paper we proposed a code reconfiguration scheme to improve the network access confidentiality changing the signature codes by cyclic rotations, for OCDMA system. Each of the OCDMA network users is assigned a unique signature code to transmit the information and at the receiving end each receiver correlates its own signature pattern a(n) with the receiving pattern s(n). The signal arriving at proper destination leads to s(n)=a(n).

  6. Secure-Network-Coding-Based File Sharing via Device-to-Device Communication

    Directory of Open Access Journals (Sweden)

    Lei Wang

    2017-01-01

    Full Text Available In order to increase the efficiency and security of file sharing in the next-generation networks, this paper proposes a large scale file sharing scheme based on secure network coding via device-to-device (D2D communication. In our scheme, when a user needs to share data with others in the same area, the source node and all the intermediate nodes need to perform secure network coding operation before forwarding the received data. This process continues until all the mobile devices in the networks successfully recover the original file. The experimental results show that secure network coding is very feasible and suitable for such file sharing. Moreover, the sharing efficiency and security outperform traditional replication-based sharing scheme.

  7. Security Awareness in Software-Defined Multi-Domain 5G Networks

    Directory of Open Access Journals (Sweden)

    Jani Suomalainen

    2018-03-01

    Full Text Available Fifth generation (5G technologies will boost the capacity and ease the management of mobile networks. Emerging virtualization and softwarization technologies enable more flexible customization of network services and facilitate cooperation between different actors. However, solutions are needed to enable users, operators, and service providers to gain an up-to-date awareness of the security and trustworthiness of 5G systems. We describe a novel framework and enablers for security monitoring, inferencing, and trust measuring. The framework leverages software-defined networking and big data technologies to customize monitoring for different applications. We present an approach for sharing security measurements across administrative domains. We describe scenarios where the correlation of multi-domain information improves the accuracy of security measures with respect to two threats: end-user location tracking and Internet of things (IoT authentication storms. We explore the security characteristics of data flows in software networks dedicated to different applications with a mobile network testbed.

  8. A tool for the security configuration of sensor networks

    International Nuclear Information System (INIS)

    Cionca, V; Newe, T; Dadarlat, V

    2009-01-01

    It is difficult to select a set of protocols that provides the appropriate level of security for a given application. It requires in depth analysis of the application with extensive knowledge of both security and sensor networks, which will generally not be available to nonexpert users like network deployers or clients. We present a method to configure security using only parameters taken from application space, and a tool that implements this method, thus automating the process of security configuration for non-expert users.

  9. A tool for the security configuration of sensor networks

    Energy Technology Data Exchange (ETDEWEB)

    Cionca, V; Newe, T [Electronic and Computer Engineering, University of Limerick (Ireland); Dadarlat, V, E-mail: Victor.Cionca@ul.i [Computer Science, Technical University of Cluj-Napoca (Romania)

    2009-07-01

    It is difficult to select a set of protocols that provides the appropriate level of security for a given application. It requires in depth analysis of the application with extensive knowledge of both security and sensor networks, which will generally not be available to nonexpert users like network deployers or clients. We present a method to configure security using only parameters taken from application space, and a tool that implements this method, thus automating the process of security configuration for non-expert users.

  10. Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

    OpenAIRE

    Hilker, Michael; Schommer, Christoph

    2008-01-01

    Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

  11. Analyzing security protocols in hierarchical networks

    DEFF Research Database (Denmark)

    Zhang, Ye; Nielson, Hanne Riis

    2006-01-01

    Validating security protocols is a well-known hard problem even in a simple setting of a single global network. But a real network often consists of, besides the public-accessed part, several sub-networks and thereby forms a hierarchical structure. In this paper we first present a process calculus...... capturing the characteristics of hierarchical networks and describe the behavior of protocols on such networks. We then develop a static analysis to automate the validation. Finally we demonstrate how the technique can benefit the protocol development and the design of network systems by presenting a series...

  12. Bayesian networks and food security - An introduction

    NARCIS (Netherlands)

    Stein, A.

    2004-01-01

    This paper gives an introduction to Bayesian networks. Networks are defined and put into a Bayesian context. Directed acyclical graphs play a crucial role here. Two simple examples from food security are addressed. Possible uses of Bayesian networks for implementation and further use in decision

  13. Computer and Network Security in Small Libraries: A Guide for Planning.

    Science.gov (United States)

    Williams, Robert L.

    This manual is intended to provide a free resource on essential network security concepts for non-technical managers of small libraries. Managers of other small nonprofit or community organizations will also benefit from it. An introduction defines network security; outlines three goals of network security; discusses why a library should be…

  14. Securing VoIP keeping your VoIP network safe

    CERN Document Server

    (Bud) Bates, Regis J Jr

    2015-01-01

    Securing VoIP: Keeping Your VoIP Network Safe will show you how to take the initiative to prevent hackers from recording and exploiting your company's secrets. Drawing upon years of practical experience and using numerous examples and case studies, technology guru Bud Bates discusses the business realities that necessitate VoIP system security and the threats to VoIP over both wire and wireless networks. He also provides essential guidance on how to conduct system security audits and how to integrate your existing IT security plan with your VoIP system and security plans, helping you prevent

  15. Keeping electronic records secure.

    Science.gov (United States)

    Easton, David

    2013-10-01

    Are electronic engineering maintenance records relating to the hospital estate or a medical device as important as electronic patient records? Computer maintenance management systems (CMMS) are increasingly being used to manage all-round maintenance activities. However, the accuracy of the data held on them, and a level of security that prevents tampering with records, or other unauthorised changes to them to 'cover' poor practice, are both essential, so that, should an individual be injured or killed on hospital grounds, and a law suit follow, the estates team can be confident that it has accurate data to prove it has fulfilled its duty of care. Here David Easton MSc CEng FIHEEM MIET, director of Zener Engineering Services, and chair of IHEEM's Medical Devices Advisory Group, discusses the issues around maintenance databases, and the security and integrity of maintenance data.

  16. Security Technologies for Open Networking Environments (STONE)

    Energy Technology Data Exchange (ETDEWEB)

    Muftic, Sead

    2005-03-31

    Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi

  17. Electronic security systems better ways to crime prevention

    CERN Document Server

    Walker, Philip

    2013-01-01

    Electronic Security Systems: Better Ways to Crime Prevention teaches the reader about the application of electronics for security purposes through the use of case histories, analogies, anecdotes, and other related materials. The book is divided into three parts. Part 1 covers the concepts behind security systems - its objectives, limitations, and components; the fundamentals of space detection; detection of intruder movement indoors and outdoors; surveillance; and alarm communication and control. Part 2 discusses equipments involved in security systems such as the different types of sensors,

  18. The study and implementation of the wireless network data security model

    Science.gov (United States)

    Lin, Haifeng

    2013-03-01

    In recent years, the rapid development of Internet technology and the advent of information age, people are increasing the strong demand for the information products and the market for information technology. Particularly, the network security requirements have become more sophisticated. This paper analyzes the wireless network in the data security vulnerabilities. And a list of wireless networks in the framework is the serious defects with the related problems. It has proposed the virtual private network technology and wireless network security defense structure; and it also given the wireless networks and related network intrusion detection model for the detection strategies.

  19. Security-Enhanced Autonomous Network Management

    Science.gov (United States)

    Zeng, Hui

    2015-01-01

    Ensuring reliable communication in next-generation space networks requires a novel network management system to support greater levels of autonomy and greater awareness of the environment and assets. Intelligent Automation, Inc., has developed a security-enhanced autonomous network management (SEANM) approach for space networks through cross-layer negotiation and network monitoring, analysis, and adaptation. The underlying technology is bundle-based delay/disruption-tolerant networking (DTN). The SEANM scheme allows a system to adaptively reconfigure its network elements based on awareness of network conditions, policies, and mission requirements. Although SEANM is generically applicable to any radio network, for validation purposes it has been prototyped and evaluated on two specific networks: a commercial off-the-shelf hardware test-bed using Institute of Electrical Engineers (IEEE) 802.11 Wi-Fi devices and a military hardware test-bed using AN/PRC-154 Rifleman Radio platforms. Testing has demonstrated that SEANM provides autonomous network management resulting in reliable communications in delay/disruptive-prone environments.

  20. Security of Mobile Devices and Wi-Fi Networks

    OpenAIRE

    Hong, Zimeng

    2015-01-01

    Along with the progress of times and the development of science and technology, mobile devices have become more and more popular. At the same time, an increasing number of Wi-Fi networks are being built for the demand of mobile devices. Therefore, the security between mobile devices and Wi-Fi networks became a main object in the IT area. The purpose of the thesis is to analyze security threats and give relative advises for all the mobile device and Wi-Fi network users. The thesis mainly ta...

  1. Assessment of energy security in China based on ecological network analysis: A perspective from the security of crude oil supply

    International Nuclear Information System (INIS)

    Lu, Weiwei; Su, Meirong; Zhang, Yan; Yang, Zhifeng; Chen, Bin; Liu, Gengyuan

    2014-01-01

    Energy security usually considers both the stability of energy supply and security of energy use and it is receiving increasing attention globally. Considering the strategic importance and sensitivity to international change of the crude oil supply, we decided to examine China’s energy security. An original network model was established based on ecological network analysis to holistically evaluate the security of the crude oil supply in China. Using this model, we found that the security of the crude oil supply in China generally increased from 2001 to 2010. The contribution of different compartments in the network to the overall energy security resembled a pyramid structure, with supply sources at the bottom, the consumption sector at the top, and the refining and transfer sectors in the middle. North and South America made the largest contribution to the security of the crude oil supply in China. We provide suggestions to improve the security of the crude oil supply in China based on our results and further scenario analysis. The original network model provides a new perspective for energy security assessment, which can be used as a baseline to develop other models and policy. - Highlights: • Ecological network analysis (ENA) is introduced into energy security assessment. • A model of crude oil supply network in China is established based on ENA. • A pyramid structure of the contributions of different compartments to energy security was found. • Suggestions for forming a stable network are given to improve energy security

  2. Teaching Network Security with IP Darkspace Data

    Science.gov (United States)

    Zseby, Tanja; Iglesias Vázquez, Félix; King, Alistair; Claffy, K. C.

    2016-01-01

    This paper presents a network security laboratory project for teaching network traffic anomaly detection methods to electrical engineering students. The project design follows a research-oriented teaching principle, enabling students to make their own discoveries in real network traffic, using data captured from a large IP darkspace monitor…

  3. Security electronics circuits manual

    CERN Document Server

    MARSTON, R M

    1998-01-01

    Security Electronics Circuits Manual is an invaluable guide for engineers and technicians in the security industry. It will also prove to be a useful guide for students and experimenters, as well as providing experienced amateurs and DIY enthusiasts with numerous ideas to protect their homes, businesses and properties.As with all Ray Marston's Circuits Manuals, the style is easy-to-read and non-mathematical, with the emphasis firmly on practical applications, circuits and design ideas. The ICs and other devices used in the practical circuits are modestly priced and readily available ty

  4. A improved Network Security Situation Awareness Model

    Directory of Open Access Journals (Sweden)

    Li Fangwei

    2015-08-01

    Full Text Available In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.

  5. The electronic security partnership of safety/security and information systems departments.

    Science.gov (United States)

    Yow, J Art

    2012-01-01

    The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

  6. a survey of security vulnerabilities in wireless sensor networks

    African Journals Online (AJOL)

    user

    which primarily are their stringent energy constraints to which sensing nodes typify and security vulnerabilities. Security concerns ... Keywords: Sensors, Wireless, Network, Vulnerabilities, Security. 1. .... If the node detects a transmission.

  7. Interfacing Nuclear Security and Safeguards through Education and Support Centre Networks

    International Nuclear Information System (INIS)

    Nikonov, D.

    2015-01-01

    This paper presents the work of the International Nuclear Security Education Network (INSEN) and the International Nuclear Security Training and Support Centre Network (NSSC) as the means to achieve sustainable human resource development in member states. The paper also examines how both security and safeguards can benefit from collaborative and coordinated activities when such networks focus on practical achievements. (author)

  8. Fair Secure Computation with Reputation Assumptions in the Mobile Social Networks

    Directory of Open Access Journals (Sweden)

    Yilei Wang

    2015-01-01

    Full Text Available With the rapid development of mobile devices and wireless technologies, mobile social networks become increasingly available. People can implement many applications on the basis of mobile social networks. Secure computation, like exchanging information and file sharing, is one of such applications. Fairness in secure computation, which means that either all parties implement the application or none of them does, is deemed as an impossible task in traditional secure computation without mobile social networks. Here we regard the applications in mobile social networks as specific functions and stress on the achievement of fairness on these functions within mobile social networks in the presence of two rational parties. Rational parties value their utilities when they participate in secure computation protocol in mobile social networks. Therefore, we introduce reputation derived from mobile social networks into the utility definition such that rational parties have incentives to implement the applications for a higher utility. To the best of our knowledge, the protocol is the first fair secure computation in mobile social networks. Furthermore, it finishes within constant rounds and allows both parties to know the terminal round.

  9. 78 FR 71631 - Committee Name: Homeland Security Information Network Advisory Committee (HSINAC)

    Science.gov (United States)

    2013-11-29

    ... DEPARTMENT OF HOMELAND SECURITY [DHS-2013-0037] Committee Name: Homeland Security Information.... SUMMARY: The Homeland Security Information Network Advisory Council (HSINAC) will meet December 17, 2013... , Phone: 202-343-4212. SUPPLEMENTARY INFORMATION: The Homeland Security Information Network Advisory...

  10. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

    Science.gov (United States)

    Somasundaram, M; Sivakumar, R

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

  11. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

    Science.gov (United States)

    Somasundaram, M.; Sivakumar, R.

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

  12. Security of Electronic Payment Systems: A Comprehensive Survey

    OpenAIRE

    Solat , Siamak

    2017-01-01

    This comprehensive survey deliberated over the security of electronic payment systems. In our research, we focused on either dominant systems or new attempts and innovations to improve the level of security of the electronic payment systems. This survey consists of the Card-present (CP) transactions and a review of its dominant system i.e. EMV including several researches at Cambridge university to designate variant types of attacks against this standard which demonstrates lack of a secure "o...

  13. Graphs for information security control in software defined networks

    Science.gov (United States)

    Grusho, Alexander A.; Abaev, Pavel O.; Shorgin, Sergey Ya.; Timonina, Elena E.

    2017-07-01

    Information security control in software defined networks (SDN) is connected with execution of the security policy rules regulating information accesses and protection against distribution of the malicious code and harmful influences. The paper offers a representation of a security policy in the form of hierarchical structure which in case of distribution of resources for the solution of tasks defines graphs of admissible interactions in a networks. These graphs define commutation tables of switches via the SDN controller.

  14. A security architecture for 5G networks

    OpenAIRE

    Arfaoui, Ghada; Bisson, Pascal; Blom, Rolf; Borgaonkar, Ravishankar; Englund, Håkan; Félix, Edith; Klaedtke, Felix; Nakarmi, Prajwol Kumar; Näslund, Mats; O’Hanlon, Piers; Papay, Juri; Suomalainen, Jani; Surridge, Mike; Wary, Jean-Philippe; Zahariev, Alexander

    2018-01-01

    5G networks will provide opportunities for the creation of new services, for new business models, and for new players to enter the mobile market. The networks will support efficient and cost-effective launch of a multitude of services, tailored for different vertical markets having varying service and security requirements, and involving a large number of actors. Key technology concepts are network slicing and network softwarisation, including network function virtualisation and software-defi...

  15. Wi-Fi Networks Security and Accessing Control

    OpenAIRE

    Tarek S. Sobh

    2013-01-01

    As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP) problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi...

  16. Developing security tools of WSN and WBAN networks applications

    CERN Document Server

    A M El-Bendary, Mohsen

    2015-01-01

    This book focuses on two of the most rapidly developing areas in wireless technology (WT) applications, namely, wireless sensors networks (WSNs) and wireless body area networks (WBANs). These networks can be considered smart applications of the recent WT revolutions. The book presents various security tools and scenarios for the proposed enhanced-security of WSNs, which are supplemented with numerous computer simulations. In the computer simulation section, WSN modeling is addressed using MATLAB programming language.

  17. On Delay and Security in Network Coding

    Science.gov (United States)

    Dikaliotis, Theodoros K.

    2013-01-01

    In this thesis, delay and security issues in network coding are considered. First, we study the delay incurred in the transmission of a fixed number of packets through acyclic networks comprised of erasure links. The two transmission schemes studied are routing with hop-by-hop retransmissions, where every node in the network simply stores and…

  18. Security Management Strategies for Protecting Your Library's Network.

    Science.gov (United States)

    Ives, David J.

    1996-01-01

    Presents security procedures for protecting a library's computer system from potential threats by patrons or personnel, and describes how security can be breached. A sidebar identifies four areas of concern in security management: the hardware, the operating system, the network, and the user interface. A selected bibliography of sources on…

  19. COLLABORATIVE NETWORK SECURITY MANAGEMENT SYSTEM BASED ON ASSOCIATION MINING RULE

    Directory of Open Access Journals (Sweden)

    Nisha Mariam Varughese

    2014-07-01

    Full Text Available Security is one of the major challenges in open network. There are so many types of attacks which follow fixed patterns or frequently change their patterns. It is difficult to find the malicious attack which does not have any fixed patterns. The Distributed Denial of Service (DDoS attacks like Botnets are used to slow down the system performance. To address such problems Collaborative Network Security Management System (CNSMS is proposed along with the association mining rule. CNSMS system is consists of collaborative Unified Threat Management (UTM, cloud based security centre and traffic prober. The traffic prober captures the internet traffic and given to the collaborative UTM. Traffic is analysed by the Collaborative UTM, to determine whether it contains any malicious attack or not. If any security event occurs, it will reports to the cloud based security centre. The security centre generates security rules based on association mining rule and distributes to the network. The cloud based security centre is used to store the huge amount of tragic, their logs and the security rule generated. The feedback is evaluated and the invalid rules are eliminated to improve the system efficiency.

  20. Campus Area Network Wi-Fi Security

    Directory of Open Access Journals (Sweden)

    Arjun K. Pillay

    2017-07-01

    Full Text Available Wireless connectivity devices such as mobile phones and laptops are being increasingly used by University students to access learning resources on campus networks and the Internet. Each of the mobile devices offers security protocols for connection to a Wi-Fi router. This paper presents an overview of Wi-Fi security and recommendations in relation to free Wi-Fi service at The University of Fiji.

  1. Adaptive and Reactive Security for Wireless Sensor Networks

    National Research Council Canada - National Science Library

    Stankovic, John A

    2007-01-01

    .... WSNs are also susceptible to malicious, non-random security attacks. For example, a wireless sensor network deployed in remote regions to detect and classify targets could be rendered inoperative by various security attacks...

  2. Applied network security monitoring collection, detection, and analysis

    CERN Document Server

    Sanders, Chris

    2013-01-01

    Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major di

  3. Network Security Hacks Tips & Tools for Protecting Your Privacy

    CERN Document Server

    Lockhart, Andrew

    2009-01-01

    This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending, and incident response.

  4. Security for Network Attached Storage Devices

    National Research Council Canada - National Science Library

    Gobioff, Howard

    1997-01-01

    This paper presents a novel cryptographic capability system addressing the security and performance needs of network attached storage systems in which file management functions occur at a different...

  5. Using OpenSSH to secure mobile LAN network traffic

    Science.gov (United States)

    Luu, Brian B.; Gopaul, Richard D.

    2002-08-01

    Mobile Internet Protocol (IP) Local Area Network (LAN) is a technique, developed by the U.S. Army Research Laboratory, which allows a LAN to be IP mobile when attaching to a foreign IP-based network and using this network as a means to retain connectivity to its home network. In this paper, we describe a technique that uses Open Secure Shell (OpenSSH) software to ensure secure, encrypted transmission of a mobile LAN's network traffic. Whenever a mobile LAN, implemented with Mobile IP LAN, moves to a foreign network, its gateway (router) obtains an IP address from the new network. IP tunnels, using IP encapsulation, are then established from the gateway through the foreign network to a home agent on its home network. These tunnels provide a virtual two-way connection to the home network for the mobile LAN as if the LAN were connected directly to its home network. Hence, when IP mobile, a mobile LAN's tunneled network traffic must traverse one or more foreign networks that may not be trusted. This traffic could be subject to eavesdropping, interception, modification, or redirection by malicious nodes in these foreign networks. To protect network traffic passing through the tunnels, OpenSSH is used as a means of encryption because it prevents surveillance, modification, and redirection of mobile LAN traffic passing across foreign networks. Since the software is found in the public domain, is available for most current operating systems, and is commonly used to provide secure network communications, OpenSSH is the software of choice.

  6. A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2009-01-01

    ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4’s physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist....... In particular we show that the End-to-End Application Key Establishment Protocol is flawed and we propose a secure protocol instead. We do so by using formal verification techniques based on static program analysis and process algebras. We present a way of using formal methods in wireless network security......, and propose a secure key establishment protocol for ZigBee networks....

  7. Security Concerns and Countermeasures in Network Coding Based Communications Systems

    DEFF Research Database (Denmark)

    Talooki, Vahid; Bassoli, Riccardo; Roetter, Daniel Enrique Lucani

    2015-01-01

    key protocol types, namely, state-aware and stateless protocols, specifying the benefits and disadvantages of each one of them. We also present the key security assumptions of network coding (NC) systems as well as a detailed analysis of the security goals and threats, both passive and active......This survey paper shows the state of the art in security mechanisms, where a deep review of the current research and the status of this topic is carried out. We start by introducing network coding and its variety applications in enhancing current traditional networks. In particular, we analyze two....... This paper also presents a detailed taxonomy and a timeline of the different NC security mechanisms and schemes reported in the literature. Current proposed security mechanisms and schemes for NC in the literature are classified later. Finally a timeline of these mechanism and schemes is presented....

  8. SecMAS: Security Enhanced Monitoring and Analysis Systems for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Ding Chao

    2016-01-01

    Full Text Available The monitoring, control, and security guarantee for the communication in the wireless sensor networks (WSNs are currently treated as three independent issues and addressed separately through specialized tools. However, most cases of WSNs applications requires the network administrator change the network configuration in a very short time to response to the change of observed phenomenon with security guarantee. To meet this requirement, we propose a security enhanced monitoring and control platform named SecMAS for WSNs, which provides the real-time visualization about network states and online reconfiguration of the network properties and behaviours in a resource-efficient way. Besides, basic cryptographic primitives and part of the anomaly detection functionalities are implemented in SecMAS to enabling the secure communication in WSNs. Furthermore, we conduct experiments to evaluate the performance of SecMAS in terms of the latency, throughput, communication overhead, and the security capacity. The experimental results demonstrate that the SecMAS system achieves stable, efficient and secure data collection with lightweight quick-response network control.

  9. Bidirectional Quantum Secure Direct Communication Network Protocol with Hyperentanglement

    International Nuclear Information System (INIS)

    Gu Bin; Chen Yulin; Huang Yugai; Fang Xia

    2011-01-01

    We propose a bidirectional quantum secure direct communication (QSDC) network protocol with the hyperentanglment in both the spatial-mode ad the polarization degrees of freedom of photon pairs which can in principle be produced with a beta barium borate crystal. The secret message can be encoded on the photon pairs with unitary operations in these two degrees of freedom independently. Compared with other QSDC network protocols, our QSDC network protocol has a higher capacity as each photon pair can carry 4 bits of information. Also, we discuss the security of our QSDC network protocol and its feasibility with current techniques. (general)

  10. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    Directory of Open Access Journals (Sweden)

    Triana Mugia Rahayu

    2015-06-01

    Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  11. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  12. Understand the Big Picture So You Can Plan for Network Security

    Science.gov (United States)

    Cervone, Frank

    2005-01-01

    This article discusses network security for libraries. It indicates that there were only six exploit (security exposure) problems, worldwide, reported to the CERT Coordination Center back in 1988. In that year, the CERT had just been established to provide a clearinghouse for exchanging information about network security problems. By 2003, the…

  13. A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

    Science.gov (United States)

    Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

    2013-09-02

    Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

  14. Internal Interface Diversification as a Security Measure in Sensor Networks

    Directory of Open Access Journals (Sweden)

    Sampsa Rauti

    2018-03-01

    Full Text Available More actuator and sensor devices are connected to the Internet of Things (IoT every day, and the network keeps growing, while software security of the devices is often incomplete. Sensor networks and the IoT in general currently cover a large number of devices with an identical internal interface structure. By diversifying the internal interfaces, the interfaces on each node of the network are made unique, and it is possible to break the software monoculture of easily exploitable identical systems. This paper proposes internal interface diversification as a security measure for sensor networks. We conduct a study on diversifiable internal interfaces in 20 IoT operating systems. We also present two proof-of-concept implementations and perform experiments to gauge the feasibility in the IoT environment. Internal interface diversification has practical limitations, and not all IoT operating systems have that many diversifiable interfaces. However, because of low resource requirements, compatibility with other security measures and wide applicability to several interfaces, we believe internal interface diversification is a promising and effective approach for securing nodes in sensor networks.

  15. Collective Study On Security Threats In VOIP Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Zulkifl Hasan

    2017-01-01

    Full Text Available The Collective study will critically evaluate the voice over internet protocol VOIP Security threats issues amp challenges in the communication over the network the solution provided by different vendors. Authors will be discussing all security issues different protocols but main focus will be on SIP protocol its implementation and vendors VOIP security system.

  16. The research of network database security technology based on web service

    Science.gov (United States)

    Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

    2013-03-01

    Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

  17. HARDWARE IMPLEMENTATION OF SECURE AODV FOR WIRELESS SENSOR NETWORKS

    Directory of Open Access Journals (Sweden)

    S. Sharmila

    2010-12-01

    Full Text Available Wireless Sensor Networks are extremely vulnerable to any kind of routing attacks due to several factors such as wireless transmission and resource-constrained nodes. In this respect, securing the packets is of great importance when designing the infrastructure and protocols of sensor networks. This paper describes the hardware architecture of secure routing for wireless sensor networks. The routing path is selected using Ad-hoc on demand distance vector routing protocol (AODV. The data packets are converted into digest using hash functions. The functionality of the proposed method is modeled using Verilog HDL in MODELSIM simulator and the performance is compared with various target devices. The results show that the data packets are secured and defend against the routing attacks with minimum energy consumption.

  18. Robust Networking Architecture and Secure Communication Scheme for Heterogeneous Wireless Sensor Networks

    Science.gov (United States)

    McNeal, McKenzie, III.

    2012-01-01

    Current networking architectures and communication protocols used for Wireless Sensor Networks (WSNs) have been designed to be energy efficient, low latency, and long network lifetime. One major issue that must be addressed is the security in data communication. Due to the limited capabilities of low cost and small sized sensor nodes, designing…

  19. A survey of visualization systems for network security.

    Science.gov (United States)

    Shiravi, Hadi; Shiravi, Ali; Ghorbani, Ali A

    2012-08-01

    Security Visualization is a very young term. It expresses the idea that common visualization techniques have been designed for use cases that are not supportive of security-related data, demanding novel techniques fine tuned for the purpose of thorough analysis. Significant amount of work has been published in this area, but little work has been done to study this emerging visualization discipline. We offer a comprehensive review of network security visualization and provide a taxonomy in the form of five use-case classes encompassing nearly all recent works in this area. We outline the incorporated visualization techniques and data sources and provide an informative table to display our findings. From the analysis of these systems, we examine issues and concerns regarding network security visualization and provide guidelines and directions for future researchers and visual system developers.

  20. Researches on the Security of Cluster-based Communication Protocol for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yanhong Sun

    2014-08-01

    Full Text Available Along with the in-depth application of sensor networks, the security issues have gradually become the bottleneck of wireless sensor applications. To provide a solution for security scheme is a common concern not only of researchers but also of providers, integrators and users of wireless sensor networks. Based on this demand, this paper focuses on the research of strengthening the security of cluster-based wireless sensor networks. Based on the systematic analysis of the clustering protocol and its security enhancement scheme, the paper introduces the broadcast authentication scheme, and proposes an SA-LEACH network security enhancement protocol. The performance analysis and simulation experiments prove that the protocol consumes less energy with the same security requirements, and when the base station is comparatively far from the network deployment area, it is more advantageous in terms of energy consumption and t more suitable for wireless sensor networks.

  1. A Feedback-Based Secure Path Approach for Wireless Sensor Network Data Collection

    Science.gov (United States)

    Mao, Yuxin; Wei, Guiyi

    2010-01-01

    The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose. PMID:22163424

  2. A feedback-based secure path approach for wireless sensor network data collection.

    Science.gov (United States)

    Mao, Yuxin; Wei, Guiyi

    2010-01-01

    The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose.

  3. A Feedback-Based Secure Path Approach for Wireless Sensor Network Data Collection

    Directory of Open Access Journals (Sweden)

    Guiyi Wei

    2010-10-01

    Full Text Available The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose.

  4. On securing wireless sensor network--novel authentication scheme against DOS attacks.

    Science.gov (United States)

    Raja, K Nirmal; Beno, M Marsaline

    2014-10-01

    Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

  5. Discussion on the Technology and Method of Computer Network Security Management

    Science.gov (United States)

    Zhou, Jianlei

    2017-09-01

    With the rapid development of information technology, the application of computer network technology has penetrated all aspects of society, changed people's way of life work to a certain extent, brought great convenience to people. But computer network technology is not a panacea, it can promote the function of social development, but also can cause damage to the community and the country. Due to computer network’ openness, easiness of sharing and other characteristics, it had a very negative impact on the computer network security, especially the loopholes in the technical aspects can cause damage on the network information. Based on this, this paper will do a brief analysis on the computer network security management problems and security measures.

  6. 47 CFR 64.2011 - Notification of customer proprietary network information security breaches.

    Science.gov (United States)

    2010-10-01

    ... information security breaches. 64.2011 Section 64.2011 Telecommunication FEDERAL COMMUNICATIONS COMMISSION... Proprietary Network Information § 64.2011 Notification of customer proprietary network information security... criminal investigation or national security, such agency may direct the carrier not to so disclose or...

  7. Quantum secure direct communication network with Einstein-Podolsky-Rosen pairs

    International Nuclear Information System (INIS)

    Deng Fuguo; Li Xihan; Li Chunyan; Zhou Ping; Zhou Hongyu

    2006-01-01

    We discuss the four requirements for a real point-to-point quantum secure direct communication (QSDC) first, and then present two efficient QSDC network schemes with an N ordered Einstein-Podolsky-Rosen pairs. Any one of the authorized users can communicate another one on the network securely and directly

  8. E-Commerce Privacy and Security System

    OpenAIRE

    Kuldeep Kaur; Dr. Ashutosh Pathak

    2015-01-01

    The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cybe...

  9. Secure, Mobile, Wireless Network Technology Designed, Developed, and Demonstrated

    Science.gov (United States)

    Ivancic, William D.; Paulsen, Phillip E.

    2004-01-01

    The inability to seamlessly disseminate data securely over a high-integrity, wireless broadband network has been identified as a primary technical barrier to providing an order-of-magnitude increase in aviation capacity and safety. Secure, autonomous communications to and from aircraft will enable advanced, automated, data-intensive air traffic management concepts, increase National Air Space (NAS) capacity, and potentially reduce the overall cost of air travel operations. For the first time ever, secure, mobile, network technology was designed, developed, and demonstrated with state-ofthe- art protocols and applications by a diverse, cooperative Government-industry team led by the NASA Glenn Research Center. This revolutionary technology solution will make fundamentally new airplane system capabilities possible by enabling secure, seamless network connections from platforms in motion (e.g., cars, ships, aircraft, and satellites) to existing terrestrial systems without the need for manual reconfiguration. Called Mobile Router, the new technology autonomously connects and configures networks as they traverse from one operating theater to another. The Mobile Router demonstration aboard the Neah Bay, a U.S. Coast Guard vessel stationed in Cleveland, Ohio, accomplished secure, seamless interoperability of mobile network systems across multiple domains without manual system reconfiguration. The Neah Bay was chosen because of its low cost and communications mission similarity to low-Earth-orbiting satellite platforms. This technology was successfully advanced from technology readiness level (TRL) 2 (concept and/or application formation) to TRL 6 (system model or prototype demonstration in a relevant environment). The secure, seamless interoperability offered by the Mobile Router and encryption device will enable several new, vehicle-specific and systemwide technologies to perform such things as remote, autonomous aircraft performance monitoring and early detection and

  10. Security in Wireless Sensor Networks for Open Controller

    OpenAIRE

    Engvall, Christoffer

    2013-01-01

    In this thesis we develop, evaluate and implement a security solution for Open Controllers wireless sensor network platform. A scenario is used to describe an exemplar application showing how our system is supposed to function. The security of the platform is analyzed using a well-established threat modeling process and attack trees which result in the identification of a number of risks, which could be security weaknesses. These attack trees visualize the security weaknesses in an easy to ac...

  11. On Using TPM for Secure Identities in Future Home Networks

    Directory of Open Access Journals (Sweden)

    Georg Carle

    2011-01-01

    Full Text Available Security should be integrated into future networks from the beginning, not as an extension. Secure identities and authentication schemes are an important step to fulfill this quest. In this article, we argue that home networks are a natural trust anchor for such schemes. We describe our concept of home networks as a universal point of reference for authentication, trust and access control, and show that our scheme can be applied to any next generation network. As home networks are no safe place, we apply Trusted Computing technology to prevent the abuse of identities, i.e., identity theft.

  12. Modeling Security Aspects of Network

    Science.gov (United States)

    Schoch, Elmar

    With more and more widespread usage of computer systems and networks, dependability becomes a paramount requirement. Dependability typically denotes tolerance or protection against all kinds of failures, errors and faults. Sources of failures can basically be accidental, e.g., in case of hardware errors or software bugs, or intentional due to some kind of malicious behavior. These intentional, malicious actions are subject of security. A more complete overview on the relations between dependability and security can be found in [31]. In parallel to the increased use of technology, misuse also has grown significantly, requiring measures to deal with it.

  13. Secure-Network-Coding-Based File Sharing via Device-to-Device Communication

    OpenAIRE

    Wang, Lei; Wang, Qing

    2017-01-01

    In order to increase the efficiency and security of file sharing in the next-generation networks, this paper proposes a large scale file sharing scheme based on secure network coding via device-to-device (D2D) communication. In our scheme, when a user needs to share data with others in the same area, the source node and all the intermediate nodes need to perform secure network coding operation before forwarding the received data. This process continues until all the mobile devices in the netw...

  14. Network model of security system

    Directory of Open Access Journals (Sweden)

    Adamczyk Piotr

    2016-01-01

    Full Text Available The article presents the concept of building a network security model and its application in the process of risk analysis. It indicates the possibility of a new definition of the role of the network models in the safety analysis. Special attention was paid to the development of the use of an algorithm describing the process of identifying the assets, vulnerability and threats in a given context. The aim of the article is to present how this algorithm reduced the complexity of the problem by eliminating from the base model these components that have no links with others component and as a result and it was possible to build a real network model corresponding to reality.

  15. Analysis on the University’s Network Security Level System in the Big Data Era

    Science.gov (United States)

    Li, Tianli

    2017-12-01

    The rapid development of science and technology, the continuous expansion of the scope of computer network applications, has gradually improved the social productive forces, has had a positive impact on the increase production efficiency and industrial scale of China's different industries. Combined with the actual application of computer network in the era of large data, we can see the existence of influencing factors such as network virus, hacker and other attack modes, threatening network security and posing a potential threat to the safe use of computer network in colleges and universities. In view of this unfavorable development situation, universities need to pay attention to the analysis of the situation of large data age, combined with the requirements of network security use, to build a reliable network space security system from the equipment, systems, data and other different levels. To avoid the security risks exist in the network. Based on this, this paper will analyze the hierarchical security system of cyberspace security in the era of large data.

  16. A Secure Communication Suite for Underwater Acoustic Sensor Networks

    Directory of Open Access Journals (Sweden)

    Angelica Lo Duca

    2012-11-01

    Full Text Available In this paper we describe a security suite for Underwater Acoustic Sensor Networks comprising both fixed and mobile nodes. The security suite is composed of a secure routing protocol and a set of cryptographic primitives aimed at protecting the confidentiality and the integrity of underwater communication while taking into account the unique characteristics and constraints of the acoustic channel. By means of experiments and simulations based on real data, we show that the suite is suitable for an underwater networking environment as it introduces limited, and sometimes negligible, communication and power consumption overhead.

  17. Molecular transport network security using multi-wavelength optical spins.

    Science.gov (United States)

    Tunsiri, Surachai; Thammawongsa, Nopparat; Mitatha, Somsak; Yupapin, Preecha P

    2016-01-01

    Multi-wavelength generation system using an optical spin within the modified add-drop optical filter known as a PANDA ring resonator for molecular transport network security is proposed. By using the dark-bright soliton pair control, the optical capsules can be constructed and applied to securely transport the trapped molecules within the network. The advantage is that the dark and bright soliton pair (components) can securely propagate for long distance without electromagnetic interference. In operation, the optical intensity from PANDA ring resonator is fed into gold nano-antenna, where the surface plasmon oscillation between soliton pair and metallic waveguide is established.

  18. Secure Infrastructure-Less Network (SINET)

    Science.gov (United States)

    2017-06-01

    WIRELESS TECHNOLOGY IN MOBILE DEVICES ..................................................................................................18 1. 4G LTE ...System LOS Line of Sight LTE Long-Term Evolution MANET Mobile Ad-hoc Network MCP Mobility Capabilities Package MPR Multipoint Relays NFC...National Security Agency, 2003). CCI, while unclassified, still requires strict physical control measures to protect against loss or compromise

  19. An electronically controlled automatic security access gate

    Directory of Open Access Journals (Sweden)

    Jonathan A. ENOKELA

    2014-11-01

    Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

  20. Dynamic Construction Scheme for Virtualization Security Service in Software-Defined Networks.

    Science.gov (United States)

    Lin, Zhaowen; Tao, Dan; Wang, Zhenji

    2017-04-21

    For a Software Defined Network (SDN), security is an important factor affecting its large-scale deployment. The existing security solutions for SDN mainly focus on the controller itself, which has to handle all the security protection tasks by using the programmability of the network. This will undoubtedly involve a heavy burden for the controller. More devastatingly, once the controller itself is attacked, the entire network will be paralyzed. Motivated by this, this paper proposes a novel security protection architecture for SDN. We design a security service orchestration center in the control plane of SDN, and this center physically decouples from the SDN controller and constructs SDN security services. We adopt virtualization technology to construct a security meta-function library, and propose a dynamic security service composition construction algorithm based on web service composition technology. The rule-combining method is used to combine security meta-functions to construct security services which meet the requirements of users. Moreover, the RETE algorithm is introduced to improve the efficiency of the rule-combining method. We evaluate our solutions in a realistic scenario based on OpenStack. Substantial experimental results demonstrate the effectiveness of our solutions that contribute to achieve the effective security protection with a small burden of the SDN controller.

  1. Incentive Regulation and Utility Benchmarking for Electricity Network Security

    OpenAIRE

    Zhang, Y.; Nepal, R.

    2014-01-01

    The incentive regulation of costs related to physical and cyber security in electricity networks is an important but relatively unexplored and ambiguous issue. These costs can be part of cost efficiency benchmarking or, alternatively, dealt with separately. This paper discusses the issues and proposes options for incorporating network security costs within incentive regulation in a benchmarking framework. The relevant concerns and limitations associated with the accounting and classification ...

  2. Adaptive Security Architecture based on EC-MQV Algorithm in Personal Network (PN)

    DEFF Research Database (Denmark)

    Mihovska, Albena D.; Prasad, Neeli R.

    2007-01-01

    Abstract — Personal Networks (PNs) have been focused on in order to support the user’s business and private activities without jeopardizing privacy and security of the users and their data. In such a network, it is necessary to produce a proper key agreement method according to the feature...... of the network. One of the features of the network is that the personal devices have deferent capabilities such as computational ability, memory size, transmission power, processing speed and implementation cost. Therefore an adaptive security mechanism should be contrived for such a network of various device...... combinations based on user’s location and device’s capability. The paper proposes new adaptive security architecture with three levels of asymmetric key agreement scheme by using context-aware security manager (CASM) based on elliptic curve cryptosystem (EC-MQV)....

  3. A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Kyung Sup Kwak

    2011-01-01

    Full Text Available A Wireless Body Area Network (WBAN is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE applications. Since WBAN nodes are used to collect sensitive (life-critical information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS attacks in WBAN at Physical, Medium Access Control (MAC, Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP and Contention Free Period (CFP parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS in WBAN (since most of the data is carried in CFP period. As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

  4. A study of IEEE 802.15.4 security framework for wireless body area networks.

    Science.gov (United States)

    Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

    2011-01-01

    A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

  5. A Centrality-Based Security Game for Multi-Hop Networks

    NARCIS (Netherlands)

    Riehl, James Robert; Cao, Ming

    2018-01-01

    We formulate a network security problem as a zero-sum game between an attacker who tries to disrupt a network by disabling one or more nodes, and the nodes of the network who must allocate limited resources in defense of the network. The utility of the zero-sum game can be one of several network

  6. Security Situation Assessment of All-Optical Network Based on Evidential Reasoning Rule

    Directory of Open Access Journals (Sweden)

    Zhong-Nan Zhao

    2016-01-01

    Full Text Available It is important to determine the security situations of the all-optical network (AON, which is more vulnerable to hacker attacks and faults than other networks in some cases. A new approach of the security situation assessment to the all-optical network is developed in this paper. In the new assessment approach, the evidential reasoning (ER rule is used to integrate various evidences of the security factors including the optical faults and the special attacks in the AON. Furthermore, a new quantification method of the security situation is also proposed. A case study of an all-optical network is conducted to demonstrate the effectiveness and the practicability of the new proposed approach.

  7. Design, implementation and security of a typical educational laboratory computer network

    Directory of Open Access Journals (Sweden)

    Martin Pokorný

    2013-01-01

    Full Text Available Computer network used for laboratory training and for different types of network and security experiments represents a special environment where hazardous activities take place, which may not affect any production system or network. It is common that students need to have administrator privileges in this case which makes the overall security and maintenance of such a network a difficult task. We present our solution which has proved its usability for more than three years. First of all, four user requirements on the laboratory network are defined (access to educational network devices, to laboratory services, to the Internet, and administrator privileges of the end hosts, and four essential security rules are stipulated (enforceable end host security, controlled network access, level of network access according to the user privilege level, and rules for hazardous experiments, which protect the rest of the laboratory infrastructure as well as the outer university network and the Internet. The main part of the paper is dedicated to a design and implementation of these usability and security rules. We present a physical diagram of a typical laboratory network based on multiple circuits connecting end hosts to different networks, and a layout of rack devices. After that, a topological diagram of the network is described which is based on different VLANs and port-based access control using the IEEE 802.1x/EAP-TLS/RADIUS authentication to achieve defined level of network access. In the second part of the paper, the latest innovation of our network is presented that covers a transition to the system virtualization at the end host devices – inspiration came from a similar solution deployed at the Department of Telecommunications at Brno University of Technology. This improvement enables a greater flexibility in the end hosts maintenance and a simultaneous network access to the educational devices as well as to the Internet. In the end, a vision of a

  8. Competition in the domain of wireless networks security

    Science.gov (United States)

    Bednarczyk, Mariusz

    2017-04-01

    Wireless networks are very popular and have found wide spread usage amongst various segments, also in military environment. The deployment of wireless infrastructures allow to reduce the time it takes to install and dismantle communications networks. With wireless, users are more mobile and can easily get access to the network resources all the time. However, wireless technologies like WiFi or Bluetooth have security issues that hackers have extensively exploited over the years. In the paper several serious security flaws in wireless technologies are presented. Most of them enable to get access to the internal networks and easily carry out man-in-the-middle attacks. Very often, they are used to launch massive denial of service attacks that target the physical infrastructure as well as the RF spectrum. For instance, there are well known instances of Bluetooth connection spoofing in order to steal WiFi password stored in the mobile device. To raise the security awareness and protect wireless networks against an adversary attack, an analysis of attack methods and tools over time is presented in the article. The particular attention is paid to the severity, possible targets as well as the ability to persist in the context of protective measures. Results show that an adversary can take complete control of the victims' mobile device features if the users forget to use simple safety principles.

  9. 16th Department of Energy Computer Security Group Training Conference: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1994-04-01

    Various topic on computer security are presented. Integrity standards, smartcard systems, network firewalls, encryption systems, cryptography, computer security programs, multilevel security guards, electronic mail privacy, the central intelligence agency, internet security, and high-speed ATM networking are typical examples of discussed topics. Individual papers are indexed separately.

  10. Wireless Local Area Network (WLAN) Vulnerability Assessment and Security

    National Research Council Canada - National Science Library

    Kessel, Adam; Goodwin, Shane

    2005-01-01

    The proliferation of wireless computer equipment and Local Area Networks (LANs) create an increasingly common and growing threat to Marine Corps Network infrastructure and communication security (COMSEC...

  11. Information Systems at Enterprise. Design of Secure Network of Enterprise

    Science.gov (United States)

    Saigushev, N. Y.; Mikhailova, U. V.; Vedeneeva, O. A.; Tsaran, A. A.

    2018-05-01

    No enterprise and company can do without designing its own corporate network in today's information society. It accelerates and facilitates the work of employees at any level, but contains a big threat to confidential information of the company. In addition to the data theft attackers, there are plenty of information threats posed by modern malware effects. In this regard, the computational security of corporate networks is an important component of modern information technologies of computer security for any enterprise. This article says about the design of the protected corporate network of the enterprise that provides the computers on the network access to the Internet, as well interoperability with the branch. The access speed to the Internet at a high level is provided through the use of high-speed access channels and load balancing between devices. The security of the designed network is performed through the use of VLAN technology as well as access lists and AAA server.

  12. Security challenges for energy-harvesting wireless sensor networks

    DEFF Research Database (Denmark)

    Di Mauro, Alessio; Papini, Davide; Dragoni, Nicola

    2012-01-01

    With the recent introduction of Energy-Harvesting nodes, security is gaining more and more importance in sensor networks. By exploiting the ability of scavenging energy from the surrounding environment, the lifespan of a node has drastically increased. This is one of the reason why security needs...

  13. Abductive networks applied to electronic combat

    Science.gov (United States)

    Montgomery, Gerard J.; Hess, Paul; Hwang, Jong S.

    1990-08-01

    A practical approach to dealing with combinatorial decision problems and uncertainties associated with electronic combat through the use of networks of high-level functional elements called abductive networks is presented. It describes the application of the Abductory Induction Mechanism (AIMTM) a supervised inductive learning tool for synthesizing polynomial abductive networks to the electronic combat problem domain. From databases of historical expert-generated or simulated combat engagements AIM can often induce compact and robust network models for making effective real-time electronic combat decisions despite significant uncertainties or a combinatorial explosion of possible situations. The feasibility of applying abductive networks to realize advanced combat decision aiding capabilities was demonstrated by applying AIM to a set of electronic combat simulations. The networks synthesized by AIM generated accurate assessments of the intent lethality and overall risk associated with a variety of simulated threats and produced reasonable estimates of the expected effectiveness of a group of electronic countermeasures for a large number of simulated combat scenarios. This paper presents the application of abductive networks to electronic combat summarizes the results of experiments performed using AIM discusses the benefits and limitations of applying abductive networks to electronic combat and indicates why abductive networks can often result in capabilities not attainable using alternative approaches. 1. ELECTRONIC COMBAT. UNCERTAINTY. AND MACHINE LEARNING Electronic combat has become an essential part of the ability to make war and has become increasingly complex since

  14. NOTICE OF ELECTRICAL CUT - TEST OF THE SECURED NETWORK

    CERN Multimedia

    Electrical Service ST/EL

    2001-01-01

    The electrical service ST/EL will test the switching sequence between the secured network and the diesel generators on January 8, 2002. The normal network, general services of the sites Meyrin, Prevessin, SPS, Zone Nord, LHC1 and LHC18 will be cut between 6:00am and 6:10am. The secured network will be resupplied by the diesel generators after approximately 1 minute. The UPS network will not be affected. To facilitate the restart of the electrical network and to minimize the impact of the tests on critical equipment, we would like to ask you to stop any equipment that might suffer major inconveniences during the tests (e.g. computers). For any further information, please do not hesitate to contact the Technical Control Room TCR (72201) or G. Cumer (160592).

  15. Securing DSR with mobile agents in wireless ad hoc networks

    Directory of Open Access Journals (Sweden)

    Ahmed Abosamra

    2011-03-01

    Full Text Available Ad hoc wireless network consists of a set of wireless nodes communicating with each other without a pre-defined infrastructure. They communicate by forwarding packets which can reach wireless nodes that do not exist in the range of the direct radio transmission. Designing ad hoc network routing protocols is a challenging task because of its decentralized infrastructure which makes securing ad hoc networks more and more challenging. Dynamic Source Routing (DSR protocol is a popular routing protocol designed for use in wireless ad hoc networks. Mobile agent is a promising technology used in diverse fields of network applications. In this paper, we try to implement DSR using mobile agents for securing this type of wireless network. Hybrid encryption technique (symmetric key encryption/public key encryption is used to improve performance; where symmetric keys are used to encrypt routing data to authenticate and authorize node sending data, while, public keys are used for the exchange of symmetric keys between nodes. We found that DSR may be secured using mobile agents with competitive performance.

  16. Secure and Cost-Effective Distributed Aggregation for Mobile Sensor Networks.

    Science.gov (United States)

    Guo, Kehua; Zhang, Ping; Ma, Jianhua

    2016-04-23

    Secure data aggregation (SDA) schemes are widely used in distributed applications, such as mobile sensor networks, to reduce communication cost, prolong the network life cycle and provide security. However, most SDA are only suited for a single type of statistics (i.e., summation-based or comparison-based statistics) and are not applicable to obtaining multiple statistic results. Most SDA are also inefficient for dynamic networks. This paper presents multi-functional secure data aggregation (MFSDA), in which the mapping step and coding step are introduced to provide value-preserving and order-preserving and, later, to enable arbitrary statistics support in the same query. MFSDA is suited for dynamic networks because these active nodes can be counted directly from aggregation data. The proposed scheme is tolerant to many types of attacks. The network load of the proposed scheme is balanced, and no significant bottleneck exists. The MFSDA includes two versions: MFSDA-I and MFSDA-II. The first one can obtain accurate results, while the second one is a more generalized version that can significantly reduce network traffic at the expense of less accuracy loss.

  17. Security Property Validation of the Sensor Network Encryption Protocol (SNEP

    Directory of Open Access Journals (Sweden)

    Salekul Islam

    2015-07-01

    Full Text Available Since wireless sensor networks (WSNs have been designed to be deployed in an unsecured, public environment, secured communication is really vital for their wide-spread use. Among all of the communication protocols developed for WSN, the Security Protocols for Sensor Networks (SPINS is exceptional, as it has been designed with security as a goal. SPINS is composed of two building blocks: Secure Network Encryption Protocol (SNEP and the “micro” version of the Timed Efficient Streaming Loss-tolerant Authentication (TESLA, named μTESLA. From the inception of SPINS, a number of efforts have been made to validate its security properties. In this paper, we have validated the security properties of SNEP by using an automated security protocol validation tool, named AVISPA. Using the protocol specification language, HLPSL, we model two combined scenarios—node to node key agreement and counter exchange protocols—followed by data transmission. Next, we validate the security properties of these combined protocols, using different AVISPA back-ends. AVISPA reports the models we have developed free from attacks. However, by analyzing the key distribution sub-protocol, we find one threat of a potential DoS attack that we have demonstrated by modeling in AVISPA. Finally, we propose a modification, and AVISPA reports this modified version free from the potential DoS attack.

  18. Asynchronous transfer mode and Local Area Network emulation standards, protocols, and security implications

    OpenAIRE

    Kirwin, John P.

    1999-01-01

    A complex networking technology called Asynchronous Transfer Mode (ATM) and a networking protocol called Local Area Network Emulation (LANE) are being integrated into many naval networks without any security-driven naval configuration guidelines. No single publication is available that describes security issues of data delivery and signaling relating to the transition of Ethernet to LANE and ATM. The thesis' focus is to provide: (1) an overview and security analysis of standardized protocols ...

  19. Secure network for beamline control

    International Nuclear Information System (INIS)

    Ohata, T.; Fukui, T.; Ishii, M.; Furukawa, Y.; Nakatani, T.; Matsushita, T.; Takeuchi, M.; Tanaka, R.; Ishikawa, T.

    2001-01-01

    In SPring-8, beamline control system is constructed with a highly available distributed network system. The socket based communication protocol is used for the beamline control mainly. Beamline users can control the equipment by sending simple control commands to a server process, which is running on a beamline-managing computer (Ohata et al., SPring-8 beamline control system, ICALEPCS'99, Trieste, Italy, 1999). At the beginning the network was based on the shared topology at all beamlines. Consequently, it has a risk for misapplication of the user's program to access different machines on the network system cross over beamlines. It is serious problem for the SPring-8 beamline control system, because all beamlines controlled with unified software interfaces. We introduced the switching technology and the firewalls to support network access control. Also the virtual networking (VLAN: IEEE 802.1Q) and the gigabit Ethernet technology (IEEE 802.3ab) are introduced. Thus the network security and the reliability are guaranteed at the higher level in SPring-8 beamline

  20. Basic security measures for IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Oscar P. Sarmiento

    2008-05-01

    Full Text Available This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnera-bilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the unders-tanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco net-working equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively.

  1. Security Issues in Networks with Internet Access

    National Research Council Canada - National Science Library

    Landwehr, Carl E; Goldschlag, David M

    1997-01-01

    .... The principles are illustrated by describing the security issues a hypothetical company faces as the networks that support its operations evolve from strictly private, through a mix of Internet...

  2. GFI Network Security and PCI Compliance Power Tools

    CERN Document Server

    Posey, Brien

    2008-01-01

    Today all companies, U.S. federal agencies, and non-profit organizations have valuable data on their servers that needs to be secured. One of the challenges for IT experts is learning how to use new products in a time-efficient manner, so that new implementations can go quickly and smoothly. Learning how to set up sophisticated products is time-consuming, and can be confusing. GFI's LANguard Network Security Scanner reports vulnerabilities so that they can be mitigated before unauthorized intruders can wreck havoc on your network. To take advantage of the best things that GFI's LANguard Networ

  3. A multi-layered network of the (Colombian) sovereign securities market

    NARCIS (Netherlands)

    Renneboog, Luc; Leon Rincon, Carlos; Pérez, Jhonatan; Alexandrova-Kabadjova, Bilana; Diehl, Martin; Heuver, Richard; Martinez-Jaramillo, Serafín

    2015-01-01

    We study the network of Colombian sovereign securities settlements. With data from the settlement market infrastructure we study financial institutions’ transactions from three different trading and registering individual networks that we combine into a multi-layer network. Examining this network of

  4. Network security system for health and medical information using smart IC card

    Science.gov (United States)

    Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1998-07-01

    A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

  5. A study of cyber security in hospitality industry- threats and countermeasures: case study in Reno, Nevada

    OpenAIRE

    Shabani, Neda

    2017-01-01

    The purpose of this study is to analyze cyber security and security practices of electronic information and network system, network threats, and techniques to prevent the cyber attacks in hotels. Helping the information technology directors and chief information officers (CIO) is the aim of this study to advance policy for security of electronic information in hotels and suggesting some techniques and tools to secure the computer networks. This research is completely qualitative while the cas...

  6. Evaluation of Data Security Measures in a Network Environment Towards Developing Cooperate Data Security Guidelines

    OpenAIRE

    Ayub Hussein Shirandula; Dr. G. Wanyembi; Mr. Maina karume

    2012-01-01

    Data security in a networked environment is a topic that has become significant in organizations. As companies and organizations rely more on technology to run their businesses, connecting system to each other in different departments for efficiency data security is the concern for administrators. This research assessed the data security measures put in place at Mumias Sugar Company and the effort it was using to protect its data. The researcher also highlighted major security issues that wer...

  7. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  8. Simulation of Attacks for Security in Wireless Sensor Network.

    Science.gov (United States)

    Diaz, Alvaro; Sanchez, Pablo

    2016-11-18

    The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

  9. Simulation of Attacks for Security in Wireless Sensor Network

    Science.gov (United States)

    Diaz, Alvaro; Sanchez, Pablo

    2016-01-01

    The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

  10. Security Threats in Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Giannetsos, Athanasios

    2011-01-01

    Over the last few years, technological advances in the design of processors, memory, and radio communications have propelled an active interest in the area of distributed sensor networking, in which a number of independent, self-sustainable nodes collaborate to perform a large sensing task. Secur...

  11. A Survey on Secure Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Shihong Zou

    2017-01-01

    Full Text Available Combining tiny sensors and wireless communication technology, wireless body area network (WBAN is one of the most promising fields. Wearable and implantable sensors are utilized for collecting the physiological data to achieve continuously monitoring of people’s physical conditions. However, due to the openness of wireless environment and the significance and privacy of people’s physiological data, WBAN is vulnerable to various attacks; thus, strict security mechanisms are required to enable a secure WBAN. In this article, we mainly focus on a survey on the security issues in WBAN, including securing internal communication in WBAN and securing communication between WBAN and external users. For each part, we discuss and identify the security goals to be achieved. Meanwhile, relevant security solutions in existing research on WBAN are presented and their applicability is analyzed.

  12. Education and Training, and Knowledge Networks for Capacity-Building in Nuclear Security

    International Nuclear Information System (INIS)

    Mrabit, Khammar

    2014-01-01

    Conclusions: • Capacity Building (CB) is critical for States to establish and maintain effective and sustainable nuclear security regime. • IAEA is a worldwide platform promoting international cooperation for CB in nuclear security involving more than 160 countries and over 20 Organizations and Initiatives. • IAEA Division of Nuclear Security is ready to continue supporting States in developing their CB through: – Comprehensive Training Programme: more than 80 training events annually – International Nuclear Security Training and Support Centre Network (NSSC) – Comprehensive Education Programme – International Nuclear Security Network (INSEN)

  13. Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

    Science.gov (United States)

    Ivancic, William D.

    2009-01-01

    A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

  14. Enhanced Security and Pairing-free Handover Authentication Scheme for Mobile Wireless Networks

    Science.gov (United States)

    Chen, Rui; Shu, Guangqiang; Chen, Peng; Zhang, Lijun

    2017-10-01

    With the widely deployment of mobile wireless networks, we aim to propose a secure and seamless handover authentication scheme that allows users to roam freely in wireless networks without worrying about security and privacy issues. Given the open characteristic of wireless networks, safety and efficiency should be considered seriously. Several previous protocols are designed based on a bilinear pairing mapping, which is time-consuming and inefficient work, as well as unsuitable for practical situations. To address these issues, we designed a new pairing-free handover authentication scheme for mobile wireless networks. This scheme is an effective improvement of the protocol by Xu et al., which is suffer from the mobile node impersonation attack. Security analysis and simulation experiment indicate that the proposed protocol has many excellent security properties when compared with other recent similar handover schemes, such as mutual authentication and resistance to known network threats, as well as requiring lower computation and communication cost.

  15. Secure Geographic Routing in Ad Hoc and Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Zahariadis Theodore

    2010-01-01

    Full Text Available Security in sensor networks is one of the most relevant research topics in resource constrained wireless devices and networks. Several attacks can be suffered in ad hoc and wireless sensor networks (WSN, which are highly susceptible to attacks, due to the limited resources of the nodes. In this paper, we propose innovative and lightweight localization techniques that allow for intrusion identification and isolation schemes and provide accurate location information. This information is used by our routing protocol which additionally incorporates a distributed trust model to prevent several routing attacks to the network. We finally evaluate our algorithms for accurate localization and for secure routing which have been implemented and tested in real ad hoc and wireless sensor networks.

  16. E-commerce System Security Assessment based on Bayesian Network Algorithm Research

    OpenAIRE

    Ting Li; Xin Li

    2013-01-01

    Evaluation of e-commerce network security is based on assessment method Bayesian networks, and it first defines the vulnerability status of e-commerce system evaluation index and the vulnerability of the state model of e-commerce systems, and after the principle of the Bayesian network reliability of e-commerce system and the criticality of the vulnerabilities were analyzed, experiments show that the change method is a good evaluation of the security of e-commerce systems.

  17. Bayesian Network Models in Cyber Security: A Systematic Review

    NARCIS (Netherlands)

    Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

    2017-01-01

    Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these

  18. eHealth in Belgium, a new "secure" federal network: role of patients, health professions and social security services.

    Science.gov (United States)

    France, Francis Roger

    2011-02-01

    eHealth platform is the official federal network in Belgium (created by law on 21 August 2008) devoted to a secure exchange of health data in many types of applications, such as health care purposes, simplification of administrative procedures and contribution to health policy. It implies a controlled access to decentralized databases and uses encrypted personal data. The national identification number has been chosen in order to authenticate the requester, the patient, and the receiver of information exchange. Authorizations have to be respected in order to obtain personal health data. Several questions are raised about its security: the lack of mandatory request for systematic journaling on accesses to the electronic patient record as well as the absence of explicit procedures for sanctions in case of unauthorized access, the new role of social security administration in managing security where a eHealth manager can be both judge and party (in the function of trusted third party for health data encryption and of a required lawyer for texts proposed by physicians to the Commission for the protection of private life). Another critic concerns the number of physicians in minority and the absence of patients' delegates in the eHealth Board. At a time when the patient is becoming a partner in the care team, should not he be the gate-keeper for the access to his own health record? How could networks help him to get the appropriate knowledge to contribute to care and to write his testament of life? Recent laws (on private life, patient rights and euthanasia) have contributed to a behavioural change in citizens and physician attitudes. Recommendations are made in order to improve the acceptability of eHealth platform. Copyright © 2010 Elsevier Ireland Ltd. All rights reserved.

  19. Guifi.net: Security analysis of a heterogeneous community network

    OpenAIRE

    Ramos García, Patricia

    2018-01-01

    Guifi.net is a heterogeneous community network that brings Internet to rural areas or vulnerable groups. This opens the door to many advances, but encompasses some risks as well. The aim of this project is to assess the general security of Guifi.net from tests performed on a key network element: the router. In particular, MikroTik and Ubiquiti are the most used makes in Guifi.net and hence, the target of this project. Basic, yet important, security settings are tested. On the plus side, the ...

  20. CERN tests reveal security flaws with industrial network devices

    CERN Document Server

    Lüders, Stefan

    2006-01-01

    The CERN high energy particle physics facility at Geneva, Switzerland will incorporate a wide range of COTS industrial control systems within its next generation particle collider, the LHC. In particular, the Internet will be used to facilitate the remote access for accelerator and particle physicists and system experts based at several hundred locations around the globe. The integration of Industrial Ethernet and COTS PLCs within the LHC program focuses extreme attention on the industrial network cyber-security requirement. CERN's response has been to conduct operational research on the security resilience of networked industrial devices. As test team lead Stefan Lüders reports here, industrial networked devices put through the organisation's test procedures have generally shown up unexpected vulnerabilities.

  1. Teaching Network Security in a Virtual Learning Environment

    Science.gov (United States)

    Bergstrom, Laura; Grahn, Kaj J.; Karlstrom, Krister; Pulkkis, Goran; Astrom, Peik

    2004-01-01

    This article presents a virtual course with the topic network security. The course has been produced by Arcada Polytechnic as a part of the production team Computer Networks, Telecommunication and Telecommunication Systems in the Finnish Virtual Polytechnic. The article begins with an introduction to the evolution of the information security…

  2. Design and Analysis of Secure Routing Protocol for Wireless Sensor Networks

    Science.gov (United States)

    Wang, Jiong; Zhang, Hua

    2017-09-01

    In recent years, with the development of science and technology and the progress of the times, China's wireless network technology has become increasingly prosperous and it plays an important role in social production and life. In this context, in order to further to enhance the stability of wireless network data transmission and security enhancements, the staff need to focus on routing security and carry out related work. Based on this, this paper analyzes the design of wireless sensor based on secure routing protocol.

  3. A Security Scheme of 5G Ultradense Network Based on the Implicit Certificate

    Directory of Open Access Journals (Sweden)

    Zhonglin Chen

    2018-01-01

    Full Text Available The ultradense network (UDN is one of the most promising technologies in the fifth generation (5G to address the network system capacity issue. It can enhance spatial reuse through the flexible, intensive deployment of small base stations. A universal 5G UDN architecture is necessary to realize the autonomous and dynamic deployment of small base stations. However, the security of the 5G UDN is still in its infancy, and the data communication security among the network entities is facing new challenges. In this paper, we proposed a new security based on implicit certificate (IC scheme; the scheme solves the security problem among the access points (APs in a dynamic APs group (APG and between the AP and user equipment (UE. We present each phase regarding how two network entities obtain the Elliptic Curve Qu-Vanstone (ECQV implicit certificate scheme, verify each other’s identity, and share keys in an UDN. Finally, we extensively analyze our lightweight security communication model in terms of security and performance. The simulation on network bandwidth evaluation is also conducted to prove the efficiency of the solution.

  4. Social networking mining, visualization, and security

    CERN Document Server

    Dehuri, Satchidananda; Wang, Gi-Nam

    2014-01-01

    With the proliferation of social media and on-line communities in networked world a large gamut of data has been collected and stored in databases. The rate at which such data is stored is growing at a phenomenal rate and pushing the classical methods of data analysis to their limits. This book presents an integrated framework of recent empirical and theoretical research on social network analysis based on a wide range of techniques from various disciplines like data mining, social sciences, mathematics, statistics, physics, network science, machine learning with visualization techniques, and security. The book illustrates the potential of multi-disciplinary techniques in various real life problems and intends to motivate researchers in social network analysis to design more effective tools by integrating swarm intelligence and data mining.  

  5. Design and implementation of a high performance network security processor

    Science.gov (United States)

    Wang, Haixin; Bai, Guoqiang; Chen, Hongyi

    2010-03-01

    The last few years have seen many significant progresses in the field of application-specific processors. One example is network security processors (NSPs) that perform various cryptographic operations specified by network security protocols and help to offload the computation intensive burdens from network processors (NPs). This article presents a high performance NSP system architecture implementation intended for both internet protocol security (IPSec) and secure socket layer (SSL) protocol acceleration, which are widely employed in virtual private network (VPN) and e-commerce applications. The efficient dual one-way pipelined data transfer skeleton and optimised integration scheme of the heterogenous parallel crypto engine arrays lead to a Gbps rate NSP, which is programmable with domain specific descriptor-based instructions. The descriptor-based control flow fragments large data packets and distributes them to the crypto engine arrays, which fully utilises the parallel computation resources and improves the overall system data throughput. A prototyping platform for this NSP design is implemented with a Xilinx XC3S5000 based FPGA chip set. Results show that the design gives a peak throughput for the IPSec ESP tunnel mode of 2.85 Gbps with over 2100 full SSL handshakes per second at a clock rate of 95 MHz.

  6. End-to-end Information Flow Security Model for Software-Defined Networks

    Directory of Open Access Journals (Sweden)

    D. Ju. Chaly

    2015-01-01

    Full Text Available Software-defined networks (SDN are a novel paradigm of networking which became an enabler technology for many modern applications such as network virtualization, policy-based access control and many others. Software can provide flexibility and fast-paced innovations in the networking; however, it has a complex nature. In this connection there is an increasing necessity of means for assuring its correctness and security. Abstract models for SDN can tackle these challenges. This paper addresses to confidentiality and some integrity properties of SDNs. These are critical properties for multi-tenant SDN environments, since the network management software must ensure that no confidential data of one tenant are leaked to other tenants in spite of using the same physical infrastructure. We define a notion of end-to-end security in context of software-defined networks and propose a semantic model where the reasoning is possible about confidentiality, and we can check that confidential information flows do not interfere with non-confidential ones. We show that the model can be extended in order to reason about networks with secure and insecure links which can arise, for example, in wireless environments.The article is published in the authors’ wording.

  7. Laboratory Experiments for Network Security Instruction

    Science.gov (United States)

    Brustoloni, Jose Carlos

    2006-01-01

    We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an…

  8. The Systems Librarian: Implementing Wireless Networks without Compromising Security

    Science.gov (United States)

    Breeding, Marshall

    2005-01-01

    Many libraries are or soon will be offering Wi-Fi, also known as wireless networks. The largest perceived barriers to providing this service are concerns about security. The prime rule when deploying Wi-Fi is segregation, having a clear separation between a public wireless network and the rest of the library?s network. A number of devices can be…

  9. Security issues in healthcare applications using wireless medical sensor networks: a survey.

    Science.gov (United States)

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  10. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Hoon-Jae Lee

    2011-12-01

    Full Text Available Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs. Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  11. Evaluation on Electronic Securities Settlements Systems by AHP Methods

    Science.gov (United States)

    Fukaya, Kiyoyuki; Komoda, Norihisa

    Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

  12. Shared Electronic Health Record Systems: Key Legal and Security Challenges.

    Science.gov (United States)

    Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

    2017-11-01

    Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

  13. A Framework for Security Analysis of Mobile Wireless Networks

    DEFF Research Database (Denmark)

    Nanz, Sebastian; Hankin, Chris

    2006-01-01

    processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis......We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions...... of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol...

  14. Face recognition in securing optical telecom network equipment

    International Nuclear Information System (INIS)

    Ali, N.M.

    2015-01-01

    In this paper, face recognition is used with a microcontroller based hardware module to secure the telecommunication equipments like ONU (optical network units) or any other telecommunication equipment. The face recognition classifier value optimization adaption is deployed and in this scheme by increasing or decreasing the number of images in the database will automatically generate and adopt the classifier value for recognition of known and unknown persons. On recognizing and unknown persons. On recognizing an unknown person, the hardware module will send an SMS to the concerned security personnel for security preventive measures. (author)

  15. Key Exchange Trust Evaluation in Peer-to-Peer Sensor Networks With Unconditionally Secure Key Exchange

    Science.gov (United States)

    Gonzalez, Elias; Kish, Laszlo B.

    2016-03-01

    As the utilization of sensor networks continue to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. We propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. For a given sensor, the higher the portion of channels with unconditionally secure key exchange the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels.

  16. Assessment of Performance Measures for Security of the Maritime Transportation Network, Port Security Metrics : Proposed Measurement of Deterrence Capability

    Science.gov (United States)

    2007-01-03

    This report is the thirs in a series describing the development of performance measures pertaining to the security of the maritime transportation network (port security metrics). THe development of measures to guide improvements in maritime security ...

  17. Dynamic Security Assessment Of Computer Networks In Siem-Systems

    Directory of Open Access Journals (Sweden)

    Elena Vladimirovna Doynikova

    2015-10-01

    Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.

  18. Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

    Science.gov (United States)

    Gilliam, D. P.; Powell, J. D.

    2002-01-01

    This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

  19. Developing a secured social networking site using information security awareness techniques

    Directory of Open Access Journals (Sweden)

    Julius O. Okesola

    2014-11-01

    Full Text Available Background: Ever since social network sites (SNS became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it difficult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has confirmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it.

  20. A First Step Towards Network Security Virtualization: From Concept to Prototype

    Science.gov (United States)

    2015-10-01

    software - defined networking ( SDN ) technology to virtualize network security functions. At its core... network device. Some recent technologies suggest a method to control network flows dynamically at a network device, e.g., Software - Defined Networking ( SDN ... Software - Defined Networking ( SDN ) technology and its most popular realization, OpenFlow [17], [24]. More specifically, we will use SDN

  1. Main control computer security model of closed network systems protection against cyber attacks

    Science.gov (United States)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  2. Implantable Medical Devices; Networking Security Survey

    Directory of Open Access Journals (Sweden)

    Siamak Aram

    2016-08-01

    Full Text Available The industry of implantable medical devices (IMDs is constantly evolving, which is dictated by the pressing need to comprehensively address new challenges in the healthcare field. Accordingly, IMDs are becoming more and more sophisticated. Not long ago, the range of IMDs’ technical capacities was expanded, making it possible to establish Internet connection in case of necessity and/or emergency situation for the patient. At the same time, while the web connectivity of today’s implantable devices is rather advanced, the issue of equipping the IMDs with sufficiently strong security system remains unresolved. In fact, IMDs have relatively weak security mechanisms which render them vulnerable to cyber-attacks that compromise the quality of IMDs’ functionalities. This study revolves around the security deficiencies inherent to three types of sensor-based medical devices; biosensors, insulin pump systems and implantable cardioverter defibrillators. Manufacturers of these devices should take into consideration that security and effectiveness of the functionality of implants is highly dependent on the design. In this paper, we present a comprehensive study of IMDs’ architecture and specifically investigate their vulnerabilities at networking interface.

  3. Selection application for platforms and security protocols suitable for wireless sensor networks

    International Nuclear Information System (INIS)

    Moeller, S; Newe, T; Lochmann, S

    2009-01-01

    There is a great number of platforms and security protocols which can be used for wireless sensor networks (WSN). All these platforms and protocols have different properties with certain advantages and disadvantages. For a good choice of platform and an associated protocol, these advantages and disadvantages should be compared and the best for the appropriate WSN chosen. To select a Security protocol and a wireless platform suitable for a specific application a software tool will be developed. That tool will enable wireless network deployment engineers to easily select a suitable wireless platform for their application based on their network needs and application security requirements.

  4. Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

    Science.gov (United States)

    Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

    2015-01-01

    Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

  5. A hybridised variable neighbourhood tabu search heuristic to increase security in a utility network

    International Nuclear Information System (INIS)

    Janssens, Jochen; Talarico, Luca; Sörensen, Kenneth

    2016-01-01

    We propose a decision model aimed at increasing security in a utility network (e.g., electricity, gas, water or communication network). The network is modelled as a graph, the edges of which are unreliable. We assume that all edges (e.g., pipes, cables) have a certain, not necessarily equal, probability of failure, which can be reduced by selecting edge-specific security strategies. We develop a mathematical programming model and a metaheuristic approach that uses a greedy random adaptive search procedure to find an initial solution and uses tabu search hybridised with iterated local search and a variable neighbourhood descend heuristic to improve this solution. The main goal is to reduce the risk of service failure between an origin and a destination node by selecting the right combination of security measures for each network edge given a limited security budget. - Highlights: • A decision model aimed at increasing security in a utility network is proposed. • The goal is to reduce the risk of service failure given a limited security budget. • An exact approach and a variable neighbourhood tabu search heuristic are developed. • A generator for realistic networks is built and used to test the solution methods. • The hybridised heuristic reduces the total risk on average with 32%.

  6. IPv6 Network Security using Snort

    OpenAIRE

    Kaur, Ravreet; Kumar, Sumit

    2013-01-01

    IPv6 is new routing protocol. IPv6 is introduced by IETF mainly due IPv4 address exhaustion but it is also an enhanced version of IPv4. There are many changes in IPv6 header, some fields from IPv6 header has been deprecated from IPv6 and some are newly added. There is also common misconception among people that IPv6 is more secure than IPv4, which is not true. Now a day's intruders are targeting IPv6 networks as it is widely being accepted by many organization for their network. An intruder c...

  7. Bayesian Network Models in Cyber Security: A Systematic Review

    OpenAIRE

    Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

    2017-01-01

    Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteri...

  8. A security scheme of SMS system

    Science.gov (United States)

    Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

    2005-02-01

    With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

  9. Development of a cyber security risk model using Bayesian networks

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Son, Hanseong; Khalil ur, Rahman; Heo, Gyunyoung

    2015-01-01

    Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I and C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility. - Highlights: • We developed the cyber security risk model can be find the weak point of cyber security integrated two cyber analysis models by using Bayesian Network. • One is the activity-quality model signifies how people and/or organization comply with the cyber security regulatory guide. • Other is the architecture model represents the probability of cyber-attack on RPS architecture. • The cyber security risk model can provide evidence that is able to determine the key element for cyber security for RPS of a research reactor

  10. Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

    Science.gov (United States)

    Bui, Francis Minhthang; Hatzinakos, Dimitrios

    2007-12-01

    As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN), which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1) a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2) a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG) signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

  11. Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

    Directory of Open Access Journals (Sweden)

    Dimitrios Hatzinakos

    2008-03-01

    Full Text Available As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN, which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1 a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2 a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

  12. Secure Protocol and IP Core for Configuration of Networking Hardware IPs in the Smart Grid

    Directory of Open Access Journals (Sweden)

    Marcelo Urbina

    2018-02-01

    Full Text Available Nowadays, the incorporation and constant evolution of communication networks in the electricity sector have given rise to the so-called Smart Grid, which is why it is necessary to have devices that are capable of managing new communication protocols, guaranteeing the strict requirements of processing required by the electricity sector. In this context, intelligent electronic devices (IEDs with network architectures are currently available to meet the communication, real-time processing and interoperability requirements of the Smart Grid. The new generation IEDs include an Field Programmable Gate Array (FPGA, to support specialized networking switching architectures for the electric sector, as the IEEE 1588-aware High-availability Seamless Redundancy/Parallel Redundancy Protocol (HSR/PRP. Another advantage to using an FPGA is the ability to update or reconfigure the design to support new requirements that are being raised to the standards (IEC 61850. The update of the architecture implemented in the FPGA can be done remotely, but it is necessary to establish a cyber security mechanism since the communication link generates vulnerability in the case the attacker gains physical access to the network. The research presented in this paper proposes a secure protocol and Intellectual Property (IP core for configuring and monitoring the networking IPs implemented in a Field Programmable Gate Array (FPGA. The FPGA based implementation proposed overcomes this issue using a light Layer-2 protocol fully implemented on hardware and protected by strong cryptographic algorithms (AES-GCM, defined in the IEC 61850-90-5 standard. The proposed secure protocol and IP core are applicable in any field where remote configuration over Ethernet is required for IP cores in FPGAs. In this paper, the proposal is validated in communications hardware for Smart Grids.

  13. The application of data encryption technology in computer network communication security

    Science.gov (United States)

    Gong, Lina; Zhang, Li; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-04-01

    With the rapid development of Intemet and the extensive application of computer technology, the security of information becomes more and more serious, and the information security technology with data encryption technology as the core has also been developed greatly. Data encryption technology not only can encrypt and decrypt data, but also can realize digital signature, authentication and authentication and other functions, thus ensuring the confidentiality, integrity and confirmation of data transmission over the network. In order to improve the security of data in network communication, in this paper, a hybrid encryption system is used to encrypt and decrypt the triple DES algorithm with high security, and the two keys are encrypted with RSA algorithm, thus ensuring the security of the triple DES key and solving the problem of key management; At the same time to realize digital signature using Java security software, to ensure data integrity and non-repudiation. Finally, the data encryption system is developed by Java language. The data encryption system is simple and effective, with good security and practicality.

  14. Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

    OpenAIRE

    Somasundaram, M.; Sivakumar, R.

    2015-01-01

    Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient’s life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body fu...

  15. LEGAL SECURITY ON CELLPHONE TRADING THROUGH ELECTRONIC MEDIA IN INDONESIA

    Directory of Open Access Journals (Sweden)

    Aan Aswari

    2017-05-01

    Full Text Available The rapid growth of technology development brings impact on human life related to its utilization. This article analyzes legal security through several components in a cellphone trading through electronic media. This study is a conceptual idea and shows that the implementation of legal security in several components should provide solution to any potential conflicts. A good intention component should be applied to form an ideal legal relation from the beginning to the end and realization in performing its obligation reflect the concrete aspect. Warranty provides protection security for related parties with some governing regulations during transaction. However, some other supporting components have not been effectively contribute to balance the utilization of technology in trading. Keywords: legal security, trading, cellphone, electronic media

  16. Wireless networks of opportunity in support of secure field operations

    Science.gov (United States)

    Stehle, Roy H.; Lewis, Mark

    1997-02-01

    Under funding from the Defense Advanced Research Projects Agency (DARPA) for joint military and law enforcement technologies, demonstrations of secure information transfer in support of law enforcement and military operations other than war, using wireless and wired technology, were held in September 1996 at several locations in the United States. In this paper, the network architecture, protocols, and equipment supporting the demonstration's scenarios are presented, together with initial results, including lessons learned and desired system enhancements. Wireless networks of opportunity encompassed in-building (wireless-LAN), campus-wide (Metricom Inc.), metropolitan (AMPS cellular, CDPD), and national (one- and two-way satellite) systems. Evolving DARPA-sponsored packet radio technology was incorporated. All data was encrypted, using multilevel information system security initiative (MISSI)FORTEZZA technology, for carriage over unsecured and unclassified commercial networks. The identification and authentication process inherent in the security system permitted logging for database accesses and provided an audit trail useful in evidence gathering. Wireless and wireline communications support, to and between modeled crisis management centers, was demonstrated. Mechanisms for the guarded transport of data through the secret-high military tactical Internet were included, to support joint law enforcement and crisis management missions. A secure World Wide Web (WWW) browser forms the primary, user-friendly interface for information retrieval and submission. The WWW pages were structured to be sensitive to the bandwidth, error rate, and cost of the communications medium in use (e.g., the use of and resolution for graphical data). Both still and motion compressed video were demonstrated, along with secure voice transmission from laptop computers in the field. Issues of network bandwidth, airtime costs, and deployment status are discussed.

  17. Secure Communications over Wireless Networks Even 1-bit Feedback Helps Achieving Security

    KAUST Repository

    Rezki, Zouheir

    2016-01-06

    Recently, there have been a surge toward developing sophisticated security mechanisms based on a cross layer design. While an extensive progress has been realized toward establishing physical layer security as an important design paradigm to enhance security of existing wireless networks, only a little effort has been made toward designing practical coding schemes that achieve or approach the secrecy capacity. Most of existing results are tied to some simplifying assumptions that do not seem always reasonable (passive eavesdropper, perfect channel state information (CSI), etc.). Furthermore, it is still not very clear how to exploit physical layer security paradigms, together with existing cryptosystems, in order to add a supplementary level of protection for information transmission or to achieve key agreement. In this talk, we address the first part of the above problematic, i.e., the effect of channel uncertainty on network security. Particularly, we show that even a coarse estimate of the main channel (channel between the transmitter and the legitimate receiver) can help providing a positive secrecy rate. Specifically, we assume two types of channel uncertainty at the transmitter. The first one is a rate-limited feedback in a block fading channel where the feedback information can be proactive (at the beginning of the coherence block) or of ARQ-type. The second type of uncertainty takes the form of a noisy estimate of the main channel at the transmitter in a fast fading channel. In both cases, we provide upper and lower bounds on the secrecy capacity. We argue how our achievable schemes and upper bounding techniques extend to multi-user setting (broadcasting a single confidential message or multiple confidential messages to multiple legitimate receivers) and to multiple antenna channels.

  18. Secure Communications over Wireless Networks Even 1-bit Feedback Helps Achieving Security

    KAUST Repository

    Rezki, Zouheir

    2016-01-01

    Recently, there have been a surge toward developing sophisticated security mechanisms based on a cross layer design. While an extensive progress has been realized toward establishing physical layer security as an important design paradigm to enhance security of existing wireless networks, only a little effort has been made toward designing practical coding schemes that achieve or approach the secrecy capacity. Most of existing results are tied to some simplifying assumptions that do not seem always reasonable (passive eavesdropper, perfect channel state information (CSI), etc.). Furthermore, it is still not very clear how to exploit physical layer security paradigms, together with existing cryptosystems, in order to add a supplementary level of protection for information transmission or to achieve key agreement. In this talk, we address the first part of the above problematic, i.e., the effect of channel uncertainty on network security. Particularly, we show that even a coarse estimate of the main channel (channel between the transmitter and the legitimate receiver) can help providing a positive secrecy rate. Specifically, we assume two types of channel uncertainty at the transmitter. The first one is a rate-limited feedback in a block fading channel where the feedback information can be proactive (at the beginning of the coherence block) or of ARQ-type. The second type of uncertainty takes the form of a noisy estimate of the main channel at the transmitter in a fast fading channel. In both cases, we provide upper and lower bounds on the secrecy capacity. We argue how our achievable schemes and upper bounding techniques extend to multi-user setting (broadcasting a single confidential message or multiple confidential messages to multiple legitimate receivers) and to multiple antenna channels.

  19. Computationally Efficient Neural Network Intrusion Security Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Todd Vollmer; Milos Manic

    2009-08-01

    An enhanced version of an algorithm to provide anomaly based intrusion detection alerts for cyber security state awareness is detailed. A unique aspect is the training of an error back-propagation neural network with intrusion detection rule features to provide a recognition basis. Network packet details are subsequently provided to the trained network to produce a classification. This leverages rule knowledge sets to produce classifications for anomaly based systems. Several test cases executed on ICMP protocol revealed a 60% identification rate of true positives. This rate matched the previous work, but 70% less memory was used and the run time was reduced to less than 1 second from 37 seconds.

  20. Information report on electricity distribution network security and financing

    International Nuclear Information System (INIS)

    2011-01-01

    This report first outlines the degradation of electricity quality, and identifies the lack of investment as the main reason of the network weakness. It notices that the French network is much extended, and that the medium and low voltage networks need to be secured, and outlines that some legal measures have already been implemented to correct these problems. In its second part, the report comments the network manager's point of view, and denies his critics of the conceding authorities. It also discusses the network manager's investments, and finally formulates six propositions for a better future of the distribution network

  1. Design and Research of a New secure Authentication Protocol in GSM networks

    Directory of Open Access Journals (Sweden)

    Qi Ai-qin

    2016-01-01

    Full Text Available As the first line of defense in the security application system, Authentication is an important security service. Its typical scheme is challenge/response mechanism and this scheme which is simple-structured and easy to realize has been used worldwide. But these protocols have many following problems In the GSM networks such as the leakage of user indentity privacy, no security protection between home registers and foreign registers and the vicious intruders’ information stealing and so on. This paper presents an authentication protocol in GSM networks based on maths operation and modular square root technique . The analysis of the security and performance has also been done. The results show that it is more robust and secure compared to the previous agreements.

  2. Secure and Efficient Data Transmission over Body Sensor and Wireless Networks

    Directory of Open Access Journals (Sweden)

    Madhur Sikri

    2008-09-01

    Full Text Available This paper addresses the transmission of medical and context-aware data from mobile patients to healthcare centers over heterogeneous wireless networks. A handheld device, called personal wireless hub (PWH, of each mobile patient first gathers and aggregates the vital sign and context-aware data for various telemedicine applications. PWH transmits the aggregated data to the remote healthcare center over multiple wireless interfaces such as cellular, WLAN, and WiMAX. The aggregated data contain both periodic data and those nonperiodic unpredictable emergency messages that are sporadic and delayintolerant. This paper addresses the problem of providing QoS (e.g., minimum delay, sufficient data rate, acceptable blocking, and/or dropping rate by designing a packet scheduling and channel/network allocation algorithm over wireless networks. The proposed resource-efficient QoS mechanism is simple and collaborates with an adaptive security algorithm. The QoS and security are achieved mainly with the collaboration of differentiator, delay monitor, data classifier, and scheduler modules within the PWH. This paper also discusses secure data transmission over body sensor networks by introducing key establishment and management algorithms. Simulation results show that the proposed framework achieves low-blocking probability, meets delay requirements, and provides energy-efficient secure communication for the combination of vital signs and context-aware data.

  3. Secure and Efficient Data Transmission over Body Sensor and Wireless Networks

    Directory of Open Access Journals (Sweden)

    Challa Narasimha

    2008-01-01

    Full Text Available Abstract This paper addresses the transmission of medical and context-aware data from mobile patients to healthcare centers over heterogeneous wireless networks. A handheld device, called personal wireless hub (PWH, of each mobile patient first gathers and aggregates the vital sign and context-aware data for various telemedicine applications. PWH transmits the aggregated data to the remote healthcare center over multiple wireless interfaces such as cellular, WLAN, and WiMAX. The aggregated data contain both periodic data and those nonperiodic unpredictable emergency messages that are sporadic and delayintolerant. This paper addresses the problem of providing QoS (e.g., minimum delay, sufficient data rate, acceptable blocking, and/or dropping rate by designing a packet scheduling and channel/network allocation algorithm over wireless networks. The proposed resource-efficient QoS mechanism is simple and collaborates with an adaptive security algorithm. The QoS and security are achieved mainly with the collaboration of differentiator, delay monitor, data classifier, and scheduler modules within the PWH. This paper also discusses secure data transmission over body sensor networks by introducing key establishment and management algorithms. Simulation results show that the proposed framework achieves low-blocking probability, meets delay requirements, and provides energy-efficient secure communication for the combination of vital signs and context-aware data.

  4. A Game-Theoretical Approach to Multimedia Social Networks Security

    Science.gov (United States)

    Liu, Enqiang; Liu, Zengliang; Shao, Fei; Zhang, Zhiyong

    2014-01-01

    The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, security policies are adopted through game-theoretic analyses and decisions. Based on formalized utilities of security policies and security rules, the choice of security policies in content access is described as a game between the content provider and the content requester. By the game method for the combination of security policies utility and its influences on each party's benefits, the Nash equilibrium is achieved, that is, an optimal and stable combination of security policies, to establish and enhance trust among stakeholders. PMID:24977226

  5. Securing the Digital Economy

    Directory of Open Access Journals (Sweden)

    Valentin P. MĂZĂREANU

    2010-01-01

    Full Text Available The Digital economy has naturally led to thereconfiguration of communication and information processes.These processes are depending on the computer, starting fromthe personal one and reaching to computer networks, whetherlocal, metropolitan or global. These led to the development ofsuch information systems able to communicate information,systems that must also ensure the security of communicationsbetween computers within the company, but also betweencomputers of different parties, outside the company. As thecommunication between computers in the network has evolvedto electronic funds transfer (EFT, digital money andcommunication of personal data, internet banking, etc., theimportance of security issues of data transmitted over thenetwork also has increased. Even more as the network hasevolved into a “wireless” one.

  6. Towards adaptive security for convergent wireless sensor networks in beyond 3G environments

    DEFF Research Database (Denmark)

    Mitseva, Anelia; Aivaloglou, Efthimia; Marchitti, Maria-Antonietta

    2010-01-01

    The integration of wireless sensor networks with different network systems gives rise to many research challenges to ensure security, privacy and trust in the overall architecture. The main contribution of this paper is a generic security, privacy and trust framework providing context-aware adapt...

  7. Making Wireless Networks Secure for NASA Mission Critical Applications Using Virtual Private Network (VPN) Technology

    Science.gov (United States)

    Nichols, Kelvin F.; Best, Susan; Schneider, Larry

    2004-01-01

    With so many security issues involved with wireless networks, the technology has not been fully utilized in the area of mission critical applications. These applications would include the areas of telemetry, commanding, voice and video. Wireless networking would allow payload operators the mobility to take computers outside of the control room to their off ices and anywhere else in the facility that the wireless network was extended. But the risk is too great of having someone sit just inside of your wireless network coverage and intercept enough of your network traffic to steal proprietary data from a payload experiment or worse yet hack back into your system and do even greater harm by issuing harmful commands. Wired Equivalent Privacy (WEP) is improving but has a ways to go before it can be trusted to protect mission critical data. Today s hackers are becoming more aggressive and innovative, and in order to take advantage of the benefits that wireless networking offer, appropriate security measures need to be in place that will thwart hackers. The Virtual Private Network (VPN) offers a solution to the security problems that have kept wireless networks from being used for mission critical applications. VPN provides a level of encryption that will ensure that data is protected while it is being transmitted over a wireless local area network (LAN). The VPN allows a user to authenticate to the site that the user needs to access. Once this authentication has taken place the network traffic between that site and the user is encapsulated in VPN packets with the Triple Data Encryption Standard (3DES). 3DES is an encryption standard that uses a single secret key to encrypt and decrypt data. The length of the encryption key is 168 bits as opposed to its predecessor DES that has a 56-bit encryption key. Even though 3DES is the common encryption standard for today, the Advance Encryption Standard (AES), which provides even better encryption at a lower cycle cost is growing

  8. A Secure Network Coding Based on Broadcast Encryption in SDN

    Directory of Open Access Journals (Sweden)

    Yue Chen

    2016-01-01

    Full Text Available By allowing intermediate nodes to encode the received packets before sending them out, network coding improves the capacity and robustness of multicast applications. But it is vulnerable to the pollution attacks. Some signature schemes were proposed to thwart such attacks, but most of them need to be homomorphic that the keys cannot be generated and managed easily. In this paper, we propose a novel fast and secure switch network coding multicast (SSNC on the software defined networks (SDN. In our scheme, the complicated secure multicast management was separated from the fast data transmission based on the SDN. Multiple multicasts will be aggregated to one multicast group according to the requirements of services and the network status. Then, the controller will route aggregated multicast group with network coding; only the trusted switch will be allowed to join the network coding by using broadcast encryption. The proposed scheme can use the traditional cryptography without homomorphy, which greatly reduces the complexity of the computation and improves the efficiency of transmission.

  9. Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

    Science.gov (United States)

    Yang, Bin; Zhang, Jianfeng

    2017-06-28

    Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

  10. Effectiveness Of Security Controls On Electronic Health Records

    Directory of Open Access Journals (Sweden)

    Everleen Wanyonyi

    2017-12-01

    Full Text Available Electronic Health Record EHR systems enhance efficiency and effectiveness in handling patients information in healthcare. This study focused on the EHR security by initially establishing the nature of threats affecting the system and reviewing the implemented security safeguards. The study was done at a referral hospital level 6 government facility in Kenya. Purposive sampling was used to select a sample of 196 out of 385 staff and a questionnaire designed for qualitative data collection. Data was analyzed using SPSS software. Correlations and binary logistic regression were obtained. Binary Logistic Regression BLR was used to establish the effect of the safeguards predictors on EHR security. It was established that physical security contributes more to the security of an information system than administrative controls and technical controls in that order. BLR helped in predicting effective safeguards to control EHR security threats in limited resourced public health facilities.

  11. Secure Clustering and Symmetric Key Establishment in Heterogeneous Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Azarderskhsh Reza

    2011-01-01

    Full Text Available Information security in infrastructureless wireless sensor networks (WSNs is one of the most important research challenges. In these networks, sensor nodes are typically sprinkled liberally in the field in order to monitor, gather, disseminate, and provide the sensed data to the command node. Various studies have focused on key establishment schemes in homogeneous WSNs. However, recent research has shown that achieving survivability in WSNs requires a hierarchy and heterogeneous infrastructure. In this paper, to address security issues in the heterogeneous WSNs, we propose a secure clustering scheme along with a deterministic pairwise key management scheme based on public key cryptography. The proposed security mechanism guarantees that any two sensor nodes located in the same cluster and routing path can directly establish a pairwise key without disclosing any information to other nodes. Through security performance evaluation, it is shown that the proposed scheme guarantees node-to-node authentication, high resiliency against node capture, and minimum memory space requirement.

  12. COORDINATION IN MULTILEVEL NETWORK-CENTRIC CONTROL SYSTEMS OF REGIONAL SECURITY: APPROACH AND FORMAL MODEL

    Directory of Open Access Journals (Sweden)

    A. V. Masloboev

    2015-01-01

    Full Text Available The paper deals with development of methods and tools for mathematical and computer modeling of the multilevel network-centric control systems of regional security. This research is carried out under development strategy implementation of the Arctic zone of the Russian Federation and national safeguarding for the period before 2020 in the Murmansk region territory. Creation of unified interdepartmental multilevel computer-aided system is proposed intended for decision-making information support and socio-economic security monitoring of the Arctic regions of Russia. The distinctive features of the investigated system class are openness, self-organization, decentralization of management functions and decision-making, weak hierarchy in the decision-making circuit and goal generation capability inside itself. Research techniques include functional-target approach, mathematical apparatus of multilevel hierarchical system theory and principles of network-centric control of distributed systems with pro-active components and variable structure. The work considers network-centric management local decisions coordination problem-solving within the multilevel distributed systems intended for information support of regional security. The coordination problem-solving approach and problem formalization in the multilevel network-centric control systems of regional security have been proposed based on developed multilevel recurrent hierarchical model of regional socio-economic system complex security. The model provides coordination of regional security indexes, optimized by the different elements of multilevel control systems, subject to decentralized decision-making. The model specificity consists in application of functional-target technology and mathematical apparatus of multilevel hierarchical system theory for coordination procedures implementation of the network-centric management local decisions. The work-out and research results can find further

  13. 76 FR 10529 - Special Conditions: Gulfstream Model GVI Airplane; Electronic Systems Security Protection From...

    Science.gov (United States)

    2011-02-25

    ... Security Protection From Unauthorized External Access AGENCY: Federal Aviation Administration (FAA), DOT... electronic system security protection for the aircraft control domain and airline information domain from... identified and assessed, and that effective electronic system security protection strategies are implemented...

  14. 76 FR 36863 - Special Conditions: Gulfstream Model GVI Airplane; Electronic Systems Security Protection From...

    Science.gov (United States)

    2011-06-23

    ... Security Protection From Unauthorized External Access AGENCY: Federal Aviation Administration (FAA), DOT... for Gulfstream GVI airplanes. 1. The applicant must ensure electronic system security protection for... that effective electronic system security protection strategies are implemented to protect the airplane...

  15. Qualitative and Quantitative Security Analyses for ZigBee Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Yuksel, Ender

    methods and techniques in different areas and brings them together to create an efficient verification system. The overall ambition is to provide a wide range of powerful techniques for analyzing models with quantitative and qualitative security information. We stated a new approach that first verifies...... applications, home automation, and traffic control. The challenges for research in this area are due to the unique features of wireless sensor devices such as low processing power and associated low energy. On top of this, wireless sensor networks need secure communication as they operate in open fields...... low level security protocol s in a qualitative manner and guarantees absolute security, and then takes these verified protocols as actions of scenarios to be verified in a quantitative manner. Working on the emerging ZigBee wireless sensor networks, we used probabilistic verification that can return...

  16. ARQ Security in Wi-Fi and RFID Networks

    OpenAIRE

    Elsabagh, Mohamed; Abdallah, Yara; Youssef, Moustafa; Gamal, Hesham El

    2010-01-01

    In this paper, we present two practical ARQ-Based security schemes for Wi-Fi and RFID networks. Our proposed schemes enhance the confidentiality and authenticity functions of these networks, respectively. Both schemes build on the same idea; by exploiting the statistical independence between the multipath fading experienced by the legitimate nodes and potential adversaries, secret keys are established and then are continuously updated. The continuous key update property of both schemes makes ...

  17. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Directory of Open Access Journals (Sweden)

    Min-Joo Kang

    Full Text Available A novel intrusion detection system (IDS using a deep neural network (DNN is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN, therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN bus.

  18. Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

    Science.gov (United States)

    Kang, Min-Joo; Kang, Je-Won

    2016-01-01

    A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

  19. Managing the security of nursing data in the electronic health record.

    Science.gov (United States)

    Samadbeik, Mahnaz; Gorzin, Zahra; Khoshkam, Masomeh; Roudbari, Masoud

    2015-02-01

    The Electronic Health Record (EHR) is a patient care information resource for clinicians and nursing documentation is an essential part of comprehensive patient care. Ensuring privacy and the security of health information is a key component to building the trust required to realize the potential benefits of electronic health information exchange. This study was aimed to manage nursing data security in the EHR and also discover the viewpoints of hospital information system vendors (computer companies) and hospital information technology specialists about nursing data security. This research is a cross sectional analytic-descriptive study. The study populations were IT experts at the academic hospitals and computer companies of Tehran city in Iran. Data was collected by a self-developed questionnaire whose validity and reliability were confirmed using the experts' opinions and Cronbach's alpha coefficient respectively. Data was analyzed through Spss Version 18 and by descriptive and analytic statistics. The findings of the study revealed that user name and password were the most important methods to authenticate the nurses, with mean percent of 95% and 80%, respectively, and also the most significant level of information security protection were assigned to administrative and logical controls. There was no significant difference between opinions of both groups studied about the levels of information security protection and security requirements (p>0.05). Moreover the access to servers by authorized people, periodic security update, and the application of authentication and authorization were defined as the most basic security requirements from the viewpoint of more than 88 percent of recently-mentioned participants. Computer companies as system designers and hospitals information technology specialists as systems users and stakeholders present many important views about security requirements for EHR systems and nursing electronic documentation systems. Prioritizing

  20. Improving the security of the Hwang-Su protocol for mobile networks

    African Journals Online (AJOL)

    user

    Improving the security of the Hwang-Su protocol for mobile networks. Miloud Ait Hemad, My ... Furthermore, the wireless data channel is low data rate. These restrictions have an ..... Research in Security and Privacy. Wu T. Y. and Tsen Y. M., ...

  1. Secure Adaptive Topology Control for Wireless Ad-Hoc Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yen-Chieh Ouyang

    2010-02-01

    Full Text Available This paper presents a secure decentralized clustering algorithm for wireless ad-hoc sensor networks. The algorithm operates without a centralized controller, operates asynchronously, and does not require that the location of the sensors be known a priori. Based on the cluster-based topology, secure hierarchical communication protocols and dynamic quarantine strategies are introduced to defend against spam attacks, since this type of attacks can exhaust the energy of sensor nodes and will shorten the lifetime of a sensor network drastically. By adjusting the threshold of infected percentage of the cluster coverage, our scheme can dynamically coordinate the proportion of the quarantine region and adaptively achieve the cluster control and the neighborhood control of attacks. Simulation results show that the proposed approach is feasible and cost effective for wireless sensor networks.

  2. Virtualization of open-source secure web services to support data exchange in a pediatric critical care research network.

    Science.gov (United States)

    Frey, Lewis J; Sward, Katherine A; Newth, Christopher J L; Khemani, Robinder G; Cryer, Martin E; Thelen, Julie L; Enriquez, Rene; Shaoyu, Su; Pollack, Murray M; Harrison, Rick E; Meert, Kathleen L; Berg, Robert A; Wessel, David L; Shanley, Thomas P; Dalton, Heidi; Carcillo, Joseph; Jenkins, Tammara L; Dean, J Michael

    2015-11-01

    To examine the feasibility of deploying a virtual web service for sharing data within a research network, and to evaluate the impact on data consistency and quality. Virtual machines (VMs) encapsulated an open-source, semantically and syntactically interoperable secure web service infrastructure along with a shadow database. The VMs were deployed to 8 Collaborative Pediatric Critical Care Research Network Clinical Centers. Virtual web services could be deployed in hours. The interoperability of the web services reduced format misalignment from 56% to 1% and demonstrated that 99% of the data consistently transferred using the data dictionary and 1% needed human curation. Use of virtualized open-source secure web service technology could enable direct electronic abstraction of data from hospital databases for research purposes. © The Author 2015. Published by Oxford University Press on behalf of the American Medical Informatics Association. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

  3. Survey of current technologies of security management for distributed information systems; Bunsangata joho system no security iji kanri hoshiki no genjo

    Energy Technology Data Exchange (ETDEWEB)

    Matsui, S [Central Research Institute of Electric Power Industry, Tokyo (Japan)

    1997-05-01

    The latest situation of the security management for a distributed information system was examined and systematically summarized to indicate the management design in future. This paper describes the threat of the distributed information system to security, the risk for confidentiality, integrity, and availability due to the threat, and the measures to be taken. The basic technology of security management is classified into the `user certification to prevent an incorrect access` and the `encipherment to prevent data from being used incorrectly.` The technology for certification has been almost completed. It can be securely done using an expendable password or IC card system. In Internet, multiple enciphering technologies for constructing a virtual private network that can secure the almost the same security as for a private network can be used. In an electronic mail, the enciphering technology can also be used easily. The tool that manages the security of very many servers, clients, and networks is in the initial stage. 16 refs., 1 fig., 5 tabs.

  4. Physical and Cross-Layer Security Enhancement and Resource Allocation for Wireless Networks

    Science.gov (United States)

    Bashar, Muhammad Shafi Al

    2011-01-01

    In this dissertation, we present novel physical (PHY) and cross-layer design guidelines and resource adaptation algorithms to improve the security and user experience in the future wireless networks. Physical and cross-layer wireless security measures can provide stronger overall security with high efficiency and can also provide better…

  5. Secure system design and trustable computing

    CERN Document Server

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  6. From Wireless Sensor Networks to Wireless Body Area Networks: Formal Modeling and Verification on Security Using PAT

    Directory of Open Access Journals (Sweden)

    Tieming Chen

    2016-01-01

    Full Text Available Model checking has successfully been applied on verification of security protocols, but the modeling process is always tedious and proficient knowledge of formal method is also needed although the final verification could be automatic depending on specific tools. At the same time, due to the appearance of novel kind of networks, such as wireless sensor networks (WSN and wireless body area networks (WBAN, formal modeling and verification for these domain-specific systems are quite challenging. In this paper, a specific and novel formal modeling and verification method is proposed and implemented using an expandable tool called PAT to do WSN-specific security verification. At first, an abstract modeling data structure for CSP#, which is built in PAT, is developed to support the node mobility related specification for modeling location-based node activity. Then, the traditional Dolev-Yao model is redefined to facilitate modeling of location-specific attack behaviors on security mechanism. A throughout formal verification application on a location-based security protocol in WSN is described in detail to show the usability and effectiveness of the proposed methodology. Furthermore, also a novel location-based authentication security protocol in WBAN can be successfully modeled and verified directly using our method, which is, to the best of our knowledge, the first effort on employing model checking for automatic analysis of authentication protocol for WBAN.

  7. Improving the security of the Hwang-Su protocol for mobile networks

    African Journals Online (AJOL)

    user

    Improving the security of the Hwang-Su protocol for mobile networks. Miloud Ait ... But, it is threatened by weak ... Wireless networks (IEEE standard 802.11 1996, Gast 2005) have allowed computer systems to exchange data without cable.

  8. Security Engine Management of Router based on Security Policy

    OpenAIRE

    Su Hyung Jo; Ki Young Kim; Sang Ho Lee

    2007-01-01

    Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

  9. Efficiently securing data on a wireless sensor network

    International Nuclear Information System (INIS)

    Healy, M; Newe, T; Lewis, E

    2007-01-01

    Due to the sensitive nature of the data many wireless sensor networks are tasked to collect security of this data is an important concern. The best way to secure this data is to encrypt it using a secure encryption algorithm before it is transmitted over the air ways. However due to the constrained nature of the resources available on sensor nodes the cost, both in terms of power consumption and speed, of any software based encryption procedure can often out weigh the risks of the transmission being intercepted. We present a solution to reduce this cost of employing encryption by taking advantage of a resource already available on many sensor nodes; this resource being the encryption module available on the Chipcon CC2420 transceiver chip

  10. Adaptive Security in ODMAC for Multihop Energy Harvesting Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Di Mauro, Alessio; Fafoutis, Xenofon; Dragoni, Nicola

    2015-01-01

    Energy Harvesting Wireless Sensor Networks (EH-WSNs) represent an interesting new paradigm where individual nodes forming a network are powered by energy sources scavenged from the surrounding environment. This technique provides numerous advantages, but also new design challenges. Securing...... the communications under energy constraints represents one of these key challenges. The amount of energy available is theoretically infinite in the long run but highly variable over short periods of time, and managing it is a crucial aspect. In this paper we present an adaptive approach for security in multihop EH...

  11. Security in Wireless Sensor Networks Employing MACGSP6

    Science.gov (United States)

    Nitipaichit, Yuttasart

    2010-01-01

    Wireless Sensor Networks (WSNs) have unique characteristics which constrain them; including small energy stores, limited computation, and short range communication capability. Most traditional security algorithms use cryptographic primitives such as Public-key cryptography and are not optimized for energy usage. Employing these algorithms for the…

  12. Probabilistic modelling of security of supply in gas networks and evaluation of new infrastructure

    International Nuclear Information System (INIS)

    Praks, Pavel; Kopustinskas, Vytis; Masera, Marcelo

    2015-01-01

    The paper presents a probabilistic model to study security of supply in a gas network. The model is based on Monte-Carlo simulations with graph theory, and is implemented in the software tool ProGasNet. The software allows studying gas networks in various aspects including identification of weakest links and nodes, vulnerability analysis, bottleneck analysis, evaluation of new infrastructure etc. In this paper ProGasNet is applied to a benchmark network based on a real EU gas transmission network of several countries with the purpose of evaluating the security of supply effects of new infrastructure, either under construction, recently completed or under planning. The probabilistic model enables quantitative evaluations by comparing the reliability of gas supply in each consuming node of the network. - Highlights: • A Monte-Carlo algorithm for stochastic flow networks is presented. • Network elements can fail according to a given probabilistic model. • Priority supply pattern of gas transmission networks is assumed. • A real-world EU gas transmission network is presented and analyzed. • A risk ratio is used for security of supply quantification of a new infrastructure.

  13. Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

    Science.gov (United States)

    Nirmal Raja, K; Maraline Beno, M

    2017-07-01

    In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

  14. Formal Specification and Validation of Secure Connection Establishment in a Generic Access Network Scenario

    DEFF Research Database (Denmark)

    Fleischer, Paul; Kristensen, Lars Michael

    2008-01-01

    The Generic Access Network (GAN) architecture is defined by the 3rd Generation Partnership Project (3GPP), and allows telephone services, such as SMS and voice-calls, to be accessed via generic IP networks. The main usage of this is to allow mobile phones to use WiFi in addition to the usual GSM...... network. The GAN specification relies on the Internet Protocol Security layer (IPSec) and the Internet Key Exchange protocol (IKEv2) to provide encryption across IP networks, and thus avoid compromising the security of the telephone networks. The detailed usage of these two Internet protocols (IPSec...

  15. A secured authentication protocol for wireless sensor networks using elliptic curves cryptography.

    Science.gov (United States)

    Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

    2011-01-01

    User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das' protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

  16. Quantum secure direct communication network with superdense coding and decoy photons

    International Nuclear Information System (INIS)

    Deng Fuguo; Li Xihan; Li Chunyan; Zhou Ping; Zhou Hongyu

    2007-01-01

    A quantum secure direct communication network scheme is proposed with quantum superdense coding and decoy photons. The servers on a passive optical network prepare and measure the quantum signal, i.e. a sequence of the d-dimensional Bell states. After confirming the security of the photons received from the receiver, the sender codes his secret message on them directly. For preventing a dishonest server from eavesdropping, some decoy photons prepared by measuring one photon in the Bell states are used to replace some original photons. One of the users on the network can communicate to any other one. This scheme has the advantage of high capacity, and it is more convenient than others as only a sequence of photons is transmitted in quantum line

  17. Cloud-Based Virtual Laboratory for Network Security Education

    Science.gov (United States)

    Xu, Le; Huang, Dijiang; Tsai, Wei-Tek

    2014-01-01

    Hands-on experiments are essential for computer network security education. Existing laboratory solutions usually require significant effort to build, configure, and maintain and often do not support reconfigurability, flexibility, and scalability. This paper presents a cloud-based virtual laboratory education platform called V-Lab that provides a…

  18. Modelling and Simulation of National Electronic Product Code Network Demonstrator Project

    Science.gov (United States)

    Mo, John P. T.

    The National Electronic Product Code (EPC) Network Demonstrator Project (NDP) was the first large scale consumer goods track and trace investigation in the world using full EPC protocol system for applying RFID technology in supply chains. The NDP demonstrated the methods of sharing information securely using EPC Network, providing authentication to interacting parties, and enhancing the ability to track and trace movement of goods within the entire supply chain involving transactions among multiple enterprise. Due to project constraints, the actual run of the NDP was 3 months only and was unable to consolidate with quantitative results. This paper discusses the modelling and simulation of activities in the NDP in a discrete event simulation environment and provides an estimation of the potential benefits that can be derived from the NDP if it was continued for one whole year.

  19. Virtual Private Networks for mobile environments. Development of protocol for mobile security and algorithms for location update.

    OpenAIRE

    Tzvetkov, Vesselin Dimitrov

    2010-01-01

    The classical networks for broadcast, telephony and data are converging to services on the Next Generation Networks (NGN), which are introduced by all major Service Providers (SP). Major requirements on the future IP network are security and mobility, which are reflection of the Internet’s importance and wide use of portable smart devices. Secure IP mobility is the focus of this thesis, i.e. how the user can move through different access networks whilst maintaining uninterrupted and secure IP...

  20. On the security of an anonymous roaming protocol in UMTS mobile networks

    Directory of Open Access Journals (Sweden)

    Shuhua Wu

    2012-02-01

    Full Text Available In this communication, we first show that the privacy-preserving roaming protocol recently proposed for mobile networks cannot achieve the claimed security level. Then we suggest an improved protocol to remedy its security problems.

  1. QKD-Based Secured Burst Integrity Design for Optical Burst Switched Networks

    Science.gov (United States)

    Balamurugan, A. M.; Sivasubramanian, A.; Parvathavarthini, B.

    2016-03-01

    The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. It is quite evident that people prefer optical communication when it comes to large amount of data involving its transmission. The concept of switching in networks has matured enormously with several researches, architecture to implement and methods starting with Optical circuit switching to Optical Burst Switching. Optical burst switching is regarded as viable solution for switching bursts over networks but has several security vulnerabilities. However, this work exploited the security issues associated with Optical Burst Switching with respect to integrity of burst. This proposed Quantum Key based Secure Hash Algorithm (QKBSHA-512) with enhanced compression function design provides better avalanche effect over the conventional integrity algorithms.

  2. Sensor data security level estimation scheme for wireless sensor networks.

    Science.gov (United States)

    Ramos, Alex; Filho, Raimir Holanda

    2015-01-19

    Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

  3. Basic security measures for IEEE 802.11 wireless networks

    OpenAIRE

    Sarmiento, Oscar P.; Guerrero, Fabio G.; Rey Argote, David

    2008-01-01

    This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards: WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnerabilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educat...

  4. The mutual encouragement of the fear of crime and the security industry: The example of film narratives and electronic home security systems

    Directory of Open Access Journals (Sweden)

    Vladimira Ilić

    2016-02-01

    Full Text Available In a culture of fear, everyday life is experienced through the feeling of safety, part of which can be secured through certain electronic home security systems. Three films – Unlawful Entry (1992, Panic Room (2002 and When a Stranger Calls (2006 – will be used as examples in the attempt to consider the relationship between the fear of criminal activity – in this case break ins – and electronic home security systems. The basic premise of the research is that the culturally manufactured fear encourages the electronic home security system industry, the presence of which can, in turn, exasperate one’s fear of the risk of falling victim to violent crime.

  5. Quantum photonic network and physical layer security.

    Science.gov (United States)

    Sasaki, Masahide; Endo, Hiroyuki; Fujiwara, Mikio; Kitamura, Mitsuo; Ito, Toshiyuki; Shimizu, Ryosuke; Toyoshima, Morio

    2017-08-06

    Quantum communication and quantum cryptography are expected to enhance the transmission rate and the security (confidentiality of data transmission), respectively. We study a new scheme which can potentially bridge an intermediate region covered by these two schemes, which is referred to as quantum photonic network. The basic framework is information theoretically secure communications in a free space optical (FSO) wiretap channel, in which an eavesdropper has physically limited access to the main channel between the legitimate sender and receiver. We first review a theoretical framework to quantify the optimal balance of the transmission efficiency and the security level under power constraint and at finite code length. We then present experimental results on channel characterization based on 10 MHz on-off keying transmission in a 7.8 km terrestrial FSO wiretap channel.This article is part of the themed issue 'Quantum technology for the 21st century'. © 2017 The Author(s).

  6. Photonic layer security in fiber-optic networks and optical OFDM transmission

    Science.gov (United States)

    Wang, Zhenxing

    Currently the Internet is experiencing an explosive growth in the world. Such growth leads to an increased data transmission rate demand in fiber-optical networks. Optical orthogonal frequency multiplexing (OFDM) is considered as a promising solution to achieve data rate beyond 100Gb/s per wavelength channel. In the meanwhile, because of extensive data transmission and sharing, data security has become an important problem and receives considerable attention in current research literature. This thesis focuses on data security issues at the physical layer of optical networks involving code-division multiple access (CDMA) systems and steganography methods. The thesis also covers several implementation issues in optical OFDM transmission. Optical CDMA is regarded as a good candidate to provide photonic layer security in multi-access channels. In this thesis we provide a systematic analysis of the security performance of incoherent optical CDMA codes. Based on the analysis, we proposed and experimentally demonstrated several methods to improve the security performance of the optical CDMA systems, such as applying all-optical encryption, and code hopping using nonlinear wavelength conversion. Moreover, we demonstrate that the use of wireless CDMA codes in optical systems can enhance the security in one single-user end-to-end optical channel. Optical steganography is another method to provide photonic data security and involves hiding the existence of data transmissions. In the thesis, we demonstrate that an optical steganography channel can exist in phase modulated public channels as well as traditional on-off-keying (OOK) modulated channels, without data synchronization. We also demonstrate an optical steganography system with enhanced security by utilizing temporal phase modulation techniques. Additionally, as one type of an overlay channel, the optical steganography technology can carry the sensor data collected by wireless sensor network on top of public optical

  7. A Provably-Secure Transmission Scheme for Wireless Body Area Networks.

    Science.gov (United States)

    Omala, Anyembe Andrew; Robert, Niyifasha; Li, Fagen

    2016-11-01

    Wireless body area network (WBANs) is composed of sensors that collect and transmit a person's physiological data to health-care providers in real-time. In order to guarantee security of this data over open networks, a secure data transmission mechanism between WBAN and application provider's servers is of necessity. Modified medical data does not provide a true reflection of an individuals state of health and its subsequent use for diagnosis could lead to an irreversible medical condition. In this paper, we propose a lightweight certificateless signcryption scheme for secure transmission of data between WBAN and servers. Our proposed scheme not only provides confidentiality of data and authentication in a single logical step, it is lightweight and resistant to key escrow attacks. We further provide security proof that our scheme provides indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model. Compared with two other Diffie-Hellman based signcryption schemes proposed by Barbosa and Farshim (BF) and another by Yin and Liang (YL), our scheme consumes 46 % and 8 % less energy during signcryption than BF and YL scheme respectively.

  8. CRITICAL INFORMATION INFRASTRUCTURE SECURITY - NETWORK INTRUSION DETECTION SYSTEMS

    Directory of Open Access Journals (Sweden)

    Cristea DUMITRU

    2011-12-01

    Full Text Available Critical Information Infrastructure security will always be difficult to ensure, just because of the features that make it irreplaceable tor other critical infrastructures normal operation. It is decentralized, interconnected interdependent, controlled by multiple actors (mainly private and incorporating diverse types of technologies. It is almost axiomatic that the disruption of the Critical Information Infrastructure affects systems located much farther away, and the cyber problems have direct consequences on the real world. Indeed the Internet can be used as a multiplier in order to amplify the effects of an attack on some critical infrastructures. Security challenges increase with the technological progress. One of the last lines of defense which comes to complete the overall security scheme of the Critical Information Infrastructure is represented by the Network Intrusion Detection Systems.

  9. Analysis of the End-by-Hop Protocol for Secure Aggregation in Sensor Networks

    DEFF Research Database (Denmark)

    Zenner, Erik

    In order to save bandwidth and thus battery power, sensor network measurements are sometimes aggregated en-route while being reported back to the querying server. Authentication of the measurements then becomes a challenge if message integrity is important for the application. At ESAS 2007, the End......-by-Hop protocol for securing in-network aggregation for sensor nodes was presented. The solution was claimed to be secure and efficient and to provide the possibility of trading off bandwidth against computation time on the server. In this paper, we disprove these claims. We describe several attacks against...... the proposed solution and point out shortcomings in the original complexity analysis. In particular, we show that the proposed solution is inferior to a naive solution without in-network aggregation both in security and in efficiency....

  10. Proposal for an ad hoc computer network in the military electronic systems department at the military academy applying bluetooth technology

    Directory of Open Access Journals (Sweden)

    Miroslav R. Terzić

    2011-01-01

    Full Text Available The historical development of the Bluetooth module is given in the introduction of this paper. The importance of the Bluetooth standard for wireless connection on small distances is shown as well. The organization of the Department of Military Electronic Systems is presented with its area of duties, subordinate sections and deployment. The concept of a local area network for this Department, using Bluetooth technology, includes network topology and working regimes based on the main characteristics and technical specifications for the connection with Bluetooth technology. The Department's disperse computer network is proposed as a scatter net where one piconetwork includes the Head of Department and the Heads of Sections while other piconetworks are formed from the Heads of Sections and their subordinates. The security aspect of the presented network deals with basic computer network attack categories, protection methods and aspects. The paper concludes with some recommendations for the local area network using Bluetooth technology with respect to its economical and security aspects as well as to the managing principles of the Department.

  11. A model for the electronic support of practice-based research networks.

    Science.gov (United States)

    Peterson, Kevin A; Delaney, Brendan C; Arvanitis, Theodoros N; Taweel, Adel; Sandberg, Elisabeth A; Speedie, Stuart; Richard Hobbs, F D

    2012-01-01

    The principal goal of the electronic Primary Care Research Network (ePCRN) is to enable the development of an electronic infrastructure to support clinical research activities in primary care practice-based research networks (PBRNs). We describe the model that the ePCRN developed to enhance the growth and to expand the reach of PBRN research. Use cases and activity diagrams were developed from interviews with key informants from 11 PBRNs from the United States and United Kingdom. Discrete functions were identified and aggregated into logical components. Interaction diagrams were created, and an overall composite diagram was constructed describing the proposed software behavior. Software for each component was written and aggregated, and the resulting prototype application was pilot tested for feasibility. A practical model was then created by separating application activities into distinct software packages based on existing PBRN business rules, hardware requirements, network requirements, and security concerns. We present an information architecture that provides for essential interactions, activities, data flows, and structural elements necessary for providing support for PBRN translational research activities. The model describes research information exchange between investigators and clusters of independent data sites supported by a contracted research director. The model was designed to support recruitment for clinical trials, collection of aggregated anonymous data, and retrieval of identifiable data from previously consented patients across hundreds of practices. The proposed model advances our understanding of the fundamental roles and activities of PBRNs and defines the information exchange commonly used by PBRNs to successfully engage community health care clinicians in translational research activities. By describing the network architecture in a language familiar to that used by software developers, the model provides an important foundation for the

  12. Metrology network: a case study on the metrology network of defense and security from SIBRATEC

    International Nuclear Information System (INIS)

    Pereira, Marisa Ferraz Figueira

    2016-01-01

    This study is focused on understanding the effects of the infrastructure improvement of these laboratories and the role of network management in offering support and metrological services to the defense and security sector enterprises, within the project purposes. It is also aimed identify gaps on offering calibration and, or testing services to supply demands of the defense and security industries, and analyze adequacy of RDS project to demands of defense and security industries, with the purpose to contribute with information for future actions. The experimental research is qualitative type, with exploratory research characteristics, based on case study. It was structured in two parts, involving primary data collection and secondary data. In order to collect the primary data two questionnaires were prepared, one (Questionnaire A) to the five RDS laboratories representatives and other (Questionnaire B) to the contacts of 63 defense and security enterprises which need calibration and test services, possible customers of RDS laboratories. Answers from four representatives of RDS laboratories and from 26 defense and security enterprises were obtained. The collection of secondary data was obtained from documentary research. The analysis was made based on five dimensions defined in order to organize and improve the understanding of the research setting. They are RDS project coverage, regional, network management, metrological traceability and importance and visibility of RDS. The results indicated that the performance of RDS does not interfere, by that time, in the metrological traceability of the products of the defense and security enterprises that participated in the research. (author)

  13. Secure Chaotic Map Based Block Cryptosystem with Application to Camera Sensor Networks

    Directory of Open Access Journals (Sweden)

    Muhammad Khurram Khan

    2011-01-01

    Full Text Available Recently, Wang et al. presented an efficient logistic map based block encryption system. The encryption system employs feedback ciphertext to achieve plaintext dependence of sub-keys. Unfortunately, we discovered that their scheme is unable to withstand key stream attack. To improve its security, this paper proposes a novel chaotic map based block cryptosystem. At the same time, a secure architecture for camera sensor network is constructed. The network comprises a set of inexpensive camera sensors to capture the images, a sink node equipped with sufficient computation and storage capabilities and a data processing server. The transmission security between the sink node and the server is gained by utilizing the improved cipher. Both theoretical analysis and simulation results indicate that the improved algorithm can overcome the flaws and maintain all the merits of the original cryptosystem. In addition, computational costs and efficiency of the proposed scheme are encouraging for the practical implementation in the real environment as well as camera sensor network.

  14. Internet-Based Solutions for a Secure and Efficient Seismic Network

    Science.gov (United States)

    Bhadha, R.; Black, M.; Bruton, C.; Hauksson, E.; Stubailo, I.; Watkins, M.; Alvarez, M.; Thomas, V.

    2017-12-01

    The Southern California Seismic Network (SCSN), operated by Caltech and USGS, leverages modern Internet-based computing technologies to provide timely earthquake early warning for damage reduction, event notification, ShakeMap, and other data products. Here we present recent and ongoing innovations in telemetry, security, cloud computing, virtualization, and data analysis that have allowed us to develop a network that runs securely and efficiently.Earthquake early warning systems must process seismic data within seconds of being recorded, and SCSN maintains a robust and resilient network of more than 350 digital strong motion and broadband seismic stations to achieve this goal. We have continued to improve the path diversity and fault tolerance within our network, and have also developed new tools for latency monitoring and archiving.Cyberattacks are in the news almost daily, and with most of our seismic data streams running over the Internet, it is only a matter of time before SCSN is targeted. To ensure system integrity and availability across our network, we have implemented strong security, including encryption and Virtual Private Networks (VPNs).SCSN operates its own data center at Caltech, but we have also installed real-time servers on Amazon Web Services (AWS), to provide an additional level of redundancy, and eventually to allow full off-site operations continuity for our network. Our AWS systems receive data from Caltech-based import servers and directly from field locations, and are able to process the seismic data, calculate earthquake locations and magnitudes, and distribute earthquake alerts, directly from the cloud.We have also begun a virtualization project at our Caltech data center, allowing us to serve data from Virtual Machines (VMs), making efficient use of high-performance hardware and increasing flexibility and scalability of our data processing systems.Finally, we have developed new monitoring of station average noise levels at most stations

  15. Hardware Module for the Security Enhancement of Optical Telecom Network Equipment

    International Nuclear Information System (INIS)

    Nadeem; Ali, M.

    2015-01-01

    The telecommunication equipment physical security threats have increased not only in Pakistan but also anywhere in the world and hence, reducing the revenue. This new challenging and alarming situation is created for the telecom network provider. The main focus of this paper is to provide a low cost economical design for reducing the theft of the costly telecommunication equipment like optical network units (ONU). This system is based on instant messaging on the mobile in the event of theft through GSM modem. The proposed security module is dynamic, flexible and can also be integrated in the existing networks and separately having its own independent low power consumption source. The module will continuously work successfully under different scenarios such as completely isolated from other devices by power break down or by fibre cut. (author)

  16. Network secure communications based on beam halo-chaos

    International Nuclear Information System (INIS)

    Liu Qiang; Fang Jinqing; Li Yong

    2010-01-01

    Based on beam halo-chaos synchronization in the beam transport network (line)with small-world effect, using three synchronization methods:the driver-response synchronization, small-world topology coupling synchronization and multi-local small-world topology coupling synchronization, three kinds of secure communication projects were designed respectively, and were studied numerically by the Simulink tool of the Matlab software. Numerical experimental results demonstrate that encryption and decryption of the original signal are realized successfully. It provides effective theoretical foundation and reference for the next engineering design and network experiment. (authors)

  17. A STUDY ON NETWORK SECURITY TECHNIQUES

    OpenAIRE

    Dr.T.Hemalatha; Dr.G.Rashita Banu; Dr.Murtaza Ali

    2016-01-01

    Internet plays a vital role in our day today life. Data security in web application has become very crucial. The usage of internet becomes more and more in recent years. Through internet the information’s can be shared through many social networks like Facebook, twitter, LinkedIn, blogs etc. There is chance of hacking the data while sharing from one to one. To prevent the data being hacked there are so many techniques such as Digital Signature, Cryptography, Digital watermarking, Data Sanit...

  18. Secure relay selection based on learning with negative externality in wireless networks

    Science.gov (United States)

    Zhao, Caidan; Xiao, Liang; Kang, Shan; Chen, Guiquan; Li, Yunzhou; Huang, Lianfen

    2013-12-01

    In this paper, we formulate relay selection into a Chinese restaurant game. A secure relay selection strategy is proposed for a wireless network, where multiple source nodes send messages to their destination nodes via several relay nodes, which have different processing and transmission capabilities as well as security properties. The relay selection utilizes a learning-based algorithm for the source nodes to reach their best responses in the Chinese restaurant game. In particular, the relay selection takes into account the negative externality of relay sharing among the source nodes, which learn the capabilities and security properties of relay nodes according to the current signals and the signal history. Simulation results show that this strategy improves the user utility and the overall security performance in wireless networks. In addition, the relay strategy is robust against the signal errors and deviations of some user from the desired actions.

  19. Secure and Authenticated Data Communication in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Omar Alfandi

    2015-08-01

    Full Text Available Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory requirements. The implementation of the framework and the singular components have been tested and benchmarked in our testbed of IRISmotes.

  20. Secure Network-Centric Aviation Communication (SNAC)

    Science.gov (United States)

    Nelson, Paul H.; Muha, Mark A.; Sheehe, Charles J.

    2017-01-01

    The existing National Airspace System (NAS) communications capabilities are largely unsecured, are not designed for efficient use of spectrum and collectively are not capable of servicing the future needs of the NAS with the inclusion of new operators in Unmanned Aviation Systems (UAS) or On Demand Mobility (ODM). SNAC will provide a ubiquitous secure, network-based communications architecture that will provide new service capabilities and allow for the migration of current communications to SNAC over time. The necessary change in communication technologies to digital domains will allow for the adoption of security mechanisms, sharing of link technologies, large increase in spectrum utilization, new forms of resilience and redundancy and the possibly of spectrum reuse. SNAC consists of a long term open architectural approach with increasingly capable designs used to steer research and development and enable operating capabilities that run in parallel with current NAS systems.

  1. Secure energy efficient routing protocol for wireless sensor network

    Directory of Open Access Journals (Sweden)

    Das Ayan Kumar

    2016-03-01

    Full Text Available The ease of deployment of economic sensor networks has always been a boon to disaster management applications. However, their vulnerability to a number of security threats makes communication a challenging task. This paper proposes a new routing technique to prevent from both external threats and internal threats like hello flooding, eavesdropping and wormhole attack. In this approach one way hash chain is used to reduce the energy drainage. Level based event driven clustering also helps to save energy. The simulation results show that the proposed scheme extends network lifetime even when the cluster based wireless sensor network is under attack.

  2. Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks

    Science.gov (United States)

    Ramos, Alex; Filho, Raimir Holanda

    2015-01-01

    Due to their increasing dissemination, wireless sensor networks (WSNs) have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL) that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE), a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates. PMID:25608215

  3. Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Alex Ramos

    2015-01-01

    Full Text Available Due to their increasing dissemination, wireless sensor networks (WSNs have become the target of more and more sophisticated attacks, even capable of circumventing both attack detection and prevention mechanisms. This may cause WSN users, who totally trust these security mechanisms, to think that a sensor reading is secure, even when an adversary has corrupted it. For that reason, a scheme capable of estimating the security level (SL that these mechanisms provide to sensor data is needed, so that users can be aware of the actual security state of this data and can make better decisions on its use. However, existing security estimation schemes proposed for WSNs fully ignore detection mechanisms and analyze solely the security provided by prevention mechanisms. In this context, this work presents the sensor data security estimator (SDSE, a new comprehensive security estimation scheme for WSNs. SDSE is designed for estimating the sensor data security level based on security metrics that analyze both attack prevention and detection mechanisms. In order to validate our proposed scheme, we have carried out extensive simulations that show the high accuracy of SDSE estimates.

  4. Seluge++: a secure over-the-air programming scheme in wireless sensor networks.

    Science.gov (United States)

    Doroodgar, Farzan; Abdur Razzaque, Mohammad; Isnin, Ismail Fauzi

    2014-03-11

    Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.

  5. SCONES: Secure Content-Oriented Networking for Exploring Space, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — We envision a secure content-oriented internetwork as a natural generalization of the cache-and-forward architecture inherent in delay-tolerant networks. Using our...

  6. Host based internet protocol (IP) packet analysis to enhance network security

    International Nuclear Information System (INIS)

    Ahmad, T.; Ahmad, S.Z.; Yasin, M.M.

    2007-01-01

    Data communication in a computer network environment is facing serious security threats from numerous sources such as viruses, worms, Zombies etc. These threats can be broadly characterized as internal or external security threats. Internal threats are mainly attributed to sneaker-nets, utility modems and unauthorized users, which can be minimized by skillful network administration, password management and optimum usage policy definition. The external threats need more serious attention as these attacks are mostly coming from public networks such as Internet. Frequency and complexity of such attacks is much higher as compared to internal attacks. This paper presents a host based network layer screening of external and internal IP packets for logging, analyzing and real-time detection of possible IP spoofing and Denial of Service attacks. This work can also be used in tuning security rules definition for gateway firewalls. Software has been developed which intercepts IP traffic and analyses it with respect to integrity and origin of I P packet. The received IP packets are parsed and analyzed for possible signs of intrusion. The results show that by watching and categorizing composition of various transport protocol such as TCP, UDP, ICMP and others along with verifying the origin of received IP packet can help in devising real-time firewall rule and blocking possible external attack. This is highly desirable for fighting against zero day attacks and can result in a better Mean Time between Failures (MTBF) to increase the survivability of computer network. Used in a right context, packet screening and filtering can be a useful tool for provision of reliable and stable network services. (author)

  7. Secure real-time wireless video streaming in the aeronautical telecommunications network

    Science.gov (United States)

    Czernik, Pawel; Olszyna, Jakub

    2010-09-01

    As Air Traffic Control Systems move from a voice only environment to one in which clearances are issued via data link, there is a risk that an unauthorized entity may attempt to masquerade as either the pilot or controller. In order to protect against this and related attacks, air-ground communications must be secured. The challenge is to add security in an environment in which bandwidth is limited. The Aeronautical Telecommunications Network (ATN) is an enabling digital network communications technology that addresses capacity and efficiency issues associated with current aeronautical voice communication systems. Equally important, the ATN facilitates migration to free flight, where direct computer-to-computer communication will automate air traffic management, minimize controller and pilot workload, and improve overall aircraft routing efficiency. Protecting ATN communications is critical since safety-of-flight is seriously affected if an unauthorized entity, a hacker for example, is able to penetrate an otherwise reliable communications system and accidentally or maliciously introduce erroneous information that jeopardizes the overall safety and integrity of a given airspace. However, an ATN security implementation must address the challenges associated with aircraft mobility, limited bandwidth communication channels, and uninterrupted operation across organizational and geopolitical boundaries. This paper provides a brief overview of the ATN, the ATN security concept, and begins a basic introduction to the relevant security concepts of security threats, security services and security mechanisms. Security mechanisms are further examined by presenting the fundamental building blocks of symmetric encipherment, asymmetric encipherment, and hash functions. The second part of this paper presents the project of cryptographiclly secure wireless communication between Unmanned Aerial Vehicles (UAV) and the ground station in the ATM system, based on the ARM9 processor

  8. A Novel Re-keying Function Protocol (NRFP For Wireless Sensor Network Security

    Directory of Open Access Journals (Sweden)

    Naif Alsharabi

    2008-12-01

    Full Text Available This paper describes a novel re-keying function protocol (NRFP for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs, covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

  9. A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security.

    Science.gov (United States)

    Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

    2008-12-04

    This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

  10. Personal, Electronic, Secure National Library of Medicine Hosts Health Records Conference

    Science.gov (United States)

    ... Bar Home Current Issue Past Issues EHR Personal, Electronic, Secure: National Library of Medicine Hosts Health Records ... One suggestion for saving money is to implement electronic personal health records. With this in mind, the ...

  11. CompTIA Security+ Review Guide Sy0-201

    CERN Document Server

    Stewart, James M

    2011-01-01

    This review guide is broken into six parts, each one corresponding to one of the six domain areas of the Security+ exam: systems security, network infrastructure, access control, assessments and audits, cryptography, and organizational security. You'll find this book to be essential reading if you are studying for Security+ certification and want to get up to speed on the most recent security topics. The CD-ROM contains more than 120 review questions, two bonus exams, electronic flashcards, and a searchable key term database.

  12. A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design.

    Science.gov (United States)

    Selimis, Georgios; Huang, Li; Massé, Fabien; Tsekoura, Ioanna; Ashouei, Maryam; Catthoor, Francky; Huisken, Jos; Stuyt, Jan; Dolmans, Guido; Penders, Julien; De Groot, Harmke

    2011-10-01

    In order for wireless body area networks to meet widespread adoption, a number of security implications must be explored to promote and maintain fundamental medical ethical principles and social expectations. As a result, integration of security functionality to sensor nodes is required. Integrating security functionality to a wireless sensor node increases the size of the stored software program in program memory, the required time that the sensor's microprocessor needs to process the data and the wireless network traffic which is exchanged among sensors. This security overhead has dominant impact on the energy dissipation which is strongly related to the lifetime of the sensor, a critical aspect in wireless sensor network (WSN) technology. Strict definition of the security functionality, complete hardware model (microprocessor and radio), WBAN topology and the structure of the medium access control (MAC) frame are required for an accurate estimation of the energy that security introduces into the WBAN. In this work, we define a lightweight security scheme for WBAN, we estimate the additional energy consumption that the security scheme introduces to WBAN based on commercial available off-the-shelf hardware components (microprocessor and radio), the network topology and the MAC frame. Furthermore, we propose a new microcontroller design in order to reduce the energy consumption of the system. Experimental results and comparisons with other works are given.

  13. Network security vulnerabilities and personal privacy issues in Healthcare Information Systems: a case study in a private hospital in Turkey.

    Science.gov (United States)

    Namoğlu, Nihan; Ulgen, Yekta

    2013-01-01

    Healthcare industry has become widely dependent on information technology and internet as it moves from paper to electronic records. Healthcare Information System has to provide a high quality service to patients and a productive knowledge share between healthcare staff by means of patient data. With the internet being commonly used across hospitals, healthcare industry got its own share from cyber threats like other industries in the world. The challenge is allowing knowledge transfer to hospital staff while still ensuring compliance with security mandates. Working in collaboration with a private hospital in Turkey; this study aims to reveal the essential elements of a 21st century business continuity plan for hospitals while presenting the security vulnerabilities in the current hospital information systems and personal privacy auditing standards proposed by regulations and laws. We will survey the accreditation criteria in Turkey and counterparts in US and EU. We will also interview with medical staff in the hospital to understand the needs for personal privacy and the technical staff to perceive the technical requirements in terms of network security configuration and deployment. As hospitals are adopting electronic transactions, it should be considered a must to protect these electronic health records in terms of personal privacy aspects.

  14. A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

    DEFF Research Database (Denmark)

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2010-01-01

    ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4's physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist...

  15. Security in the Dutch electronic patient record system

    NARCIS (Netherlands)

    van 't Noordende, G.

    2010-01-01

    In this article, we analyze the security architecture of the Dutch Electronic Patient Dossier (EPD) system. Intended as a mandatory infrastructure for exchanging medical records of most if not all patients in the Netherlands among authorized parties (particularly, physicians), the EPD has to address

  16. On the Effect of Security and Communication Factors in the Reliability of Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Damian Rusinek

    2014-03-01

    Full Text Available The ensuring reliability of wireless sensor networks (WSN is one of most important problems to be solved. In this article, the influence of the security and communication factors in the reliability of Wireless Sensor Networks was analyzed. Balancing security against performance in WSN is another issue to be solved. These factors should be considered during security analysis of quality of protection of realized protocol. In the article, we analyze wireless sensor network where hierarchical topologies is implemented with high performance routing sensors that forward big amount of data. We present the experiment results which were performed by high-performance Imote2 sensor platform and TinyOS operating system.

  17. Secure Trust Based Key Management Routing Framework for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jugminder Kaur

    2016-01-01

    Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Several trust based routing protocols are designed that play an important role in enhancing the performance of a wireless network. However they still have some disadvantages like limited energy resources, susceptibility to physical capture, and little protection against various attacks due to insecure wireless communication channels. This paper presents a secure trust based key management (STKF routing framework that establishes a secure trustworthy route depending upon the present and past node to node interactions. This route is then updated by isolating the malicious or compromised nodes from the route, if any, and a dedicated link is created between every pair of nodes in the selected route with the help of “q” composite random key predistribution scheme (RKPS to ensure data delivery from source to destination. The performance of trust aware secure routing framework (TSRF is compared with the proposed routing scheme. The results indicate that STKF provides an effective mechanism for finding out a secure route with better trustworthiness than TSRF which avoids the data dropping, thereby increasing the data delivery ratio. Also the distance required to reach the destination in the proposed protocol is less hence effectively utilizing the resources.

  18. Unified compression and encryption algorithm for fast and secure network communications

    International Nuclear Information System (INIS)

    Rizvi, S.M.J.; Hussain, M.; Qaiser, N.

    2005-01-01

    Compression and encryption of data are two vital requirements for the fast and secure transmission of data in the network based communications. In this paper an algorithm is presented based on adaptive Huffman encoding for unified compression and encryption of Unicode encoded textual data. The Huffman encoding weakness that same tree is needed for decoding is utilized in the algorithm presented as an extra layer of security, which is updated whenever the frequency change is above the specified threshold level. The results show that we get compression comparable to popular zip format and in addition to that data has got an additional layer of encryption that makes it more secure. Thus unified algorithm presented here can be used for network communications between different branches of banks, e- Government programs and national database and registration centers where data transmission requires both compression and encryption. (author)

  19. Security of Electronic Banking

    OpenAIRE

    Pařil, Jan

    2015-01-01

    Hlavním zaměřením diplomové práce je elektronické bankovnictví a jeho bezpečnost. Práce obsahuje zhodnocení současného stavu zabezpečení elektronického bankovnictví, možné hrozby napadení elektronického bankovnictví a rizika prolomení zabezpečení. Další část vyhodnocuje dotazník, který zjišťoval spokojenost uživatelů s bezpečností elektronického bankovnictví. Jsou doporučeny nové formy zabezpečení. The main focus of the thesis is an electronic banking and security. The work includes evalua...

  20. A Multi-Attribute Pheromone Ant Secure Routing Algorithm Based on Reputation Value for Sensor Networks

    Directory of Open Access Journals (Sweden)

    Lin Zhang

    2017-03-01

    Full Text Available With the development of wireless sensor networks, certain network problems have become more prominent, such as limited node resources, low data transmission security, and short network life cycles. To solve these problems effectively, it is important to design an efficient and trusted secure routing algorithm for wireless sensor networks. Traditional ant-colony optimization algorithms exhibit only local convergence, without considering the residual energy of the nodes and many other problems. This paper introduces a multi-attribute pheromone ant secure routing algorithm based on reputation value (MPASR. This algorithm can reduce the energy consumption of a network and improve the reliability of the nodes’ reputations by filtering nodes with higher coincidence rates and improving the method used to update the nodes’ communication behaviors. At the same time, the node reputation value, the residual node energy and the transmission delay are combined to formulate a synthetic pheromone that is used in the formula for calculating the random proportion rule in traditional ant-colony optimization to select the optimal data transmission path. Simulation results show that the improved algorithm can increase both the security of data transmission and the quality of routing service.

  1. A Multi-Attribute Pheromone Ant Secure Routing Algorithm Based on Reputation Value for Sensor Networks

    Science.gov (United States)

    Zhang, Lin; Yin, Na; Fu, Xiong; Lin, Qiaomin; Wang, Ruchuan

    2017-01-01

    With the development of wireless sensor networks, certain network problems have become more prominent, such as limited node resources, low data transmission security, and short network life cycles. To solve these problems effectively, it is important to design an efficient and trusted secure routing algorithm for wireless sensor networks. Traditional ant-colony optimization algorithms exhibit only local convergence, without considering the residual energy of the nodes and many other problems. This paper introduces a multi-attribute pheromone ant secure routing algorithm based on reputation value (MPASR). This algorithm can reduce the energy consumption of a network and improve the reliability of the nodes’ reputations by filtering nodes with higher coincidence rates and improving the method used to update the nodes’ communication behaviors. At the same time, the node reputation value, the residual node energy and the transmission delay are combined to formulate a synthetic pheromone that is used in the formula for calculating the random proportion rule in traditional ant-colony optimization to select the optimal data transmission path. Simulation results show that the improved algorithm can increase both the security of data transmission and the quality of routing service. PMID:28282894

  2. Security Policy for a Generic Space Exploration Communication Network Architecture

    Science.gov (United States)

    Ivancic, William D.; Sheehe, Charles J.; Vaden, Karl R.

    2016-01-01

    This document is one of three. It describes various security mechanisms and a security policy profile for a generic space-based communication architecture. Two other documents accompany this document- an Operations Concept (OpsCon) and a communication architecture document. The OpsCon should be read first followed by the security policy profile described by this document and then the architecture document. The overall goal is to design a generic space exploration communication network architecture that is affordable, deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited reconfiguration throughout system development and deployment. System deployment includes subsystem development in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and operation in space.

  3. Secure Rateless Deluge: Pollution-Resistant Reprogramming and Data Dissemination for Wireless Sensor Networks

    NARCIS (Netherlands)

    Law, Y.W.; Zhang, Yu; Jin meifang, J.; Palaniswami, Marimuthu; Havinga, Paul J.M.

    A network reprogramming protocol is made for updating the firmware of a wireless sensor network (WSN) in situ. For security reasons, every firmware update must be authenticated to prevent an attacker from installing its code in the network. While existing schemes can provide authentication services,

  4. Secure Electronic Cards in Public Services

    Directory of Open Access Journals (Sweden)

    Cristian TOMA

    2008-01-01

    Full Text Available The paper presents the electronic wallet solution implemented within a GSM SIM technology for accessing public services. The solution is implemented in the medical field to provide information on the patient’s medical history and payment for private medical services. The security issue is a very important one as the patient’s history is confidential and the payment has to be safe.

  5. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    KAUST Repository

    Shafie, Ahmed El

    2017-06-12

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  6. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    KAUST Repository

    Shafie, Ahmed El; Salem, Ahmed Sultan; Mabrouk, Asma; Tourki, Kamel; Al-Dhahir, Naofal

    2017-01-01

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  7. Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks.

    Science.gov (United States)

    Nkenyereye, Lewis; Kwon, Joonho; Choi, Yoon-Ho

    2017-09-23

    In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities' authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol.

  8. Diagnostic Neural Network Systems for the Electronic Circuits

    International Nuclear Information System (INIS)

    Mohamed, A.H.

    2014-01-01

    Neural Networks is one of the most important artificial intelligent approaches for solving the diagnostic processes. This research concerns with uses the neural networks for diagnosis of the electronic circuits. Modern electronic systems contain both the analog and digital circuits. But, diagnosis of the analog circuits suffers from great complexity due to their nonlinearity. To overcome this problem, the proposed system introduces a diagnostic system that uses the neural network to diagnose both the digital and analog circuits. So, it can face the new requirements for the modern electronic systems. A fault dictionary method was implemented in the system. Experimental results are presented on three electronic systems. They are: artificial kidney, wireless network and personal computer systems. The proposed system has improved the performance of the diagnostic systems when applied for these practical cases

  9. The electronic identification, signature and security of information systems

    Directory of Open Access Journals (Sweden)

    Horovèák Pavel

    2002-12-01

    Full Text Available The contribution deals with the actual methods and technologies of information and communication systems security. It introduces the overview of electronic identification elements such as static password, dynamic password and single sign-on. Into this category belong also biometric and dynamic characteristics of verified person. Widespread is authentication based on identification elements ownership, such as various cards and authentication calculators. In the next part is specified a definition and characterization of electronic signature, its basic functions and certificate categories. Practical utilization of electronic signature consists of electronic signature acquirement, signature of outgoing email message, receiving of electronic signature and verification of electronic signature. The use of electronic signature is continuously growing and in connection with legislation development it exercises in all resorts.

  10. Healthcare information privacy and security regulatory compliance and data security in the age of electronic health records

    CERN Document Server

    Robichau, Bernard Peter

    2014-01-01

    Healthcare is a huge market--20% of yearly GDP in the U.S. It employs tens of thousands of computer programmers and IT administrators Regulations mandate electronic health records by 2015 (for anyone dealing with Medicare/Medicaid), which means new concerns for privacy and security Many medical organizations lagging, putting them at risk for government fines and private lawsuits when a breach in security occurs. Healthcare IT is the growth industry right now, and the need for guidance in regard to privacy and security is huge.

  11. Security analysis of electronic voting and online banking systems

    OpenAIRE

    Tjøstheim, Thomas

    2007-01-01

    The main focus of this dissertation is on security analysis of electronic voting and online banking systems. Six papers form the basis of the thesis and include the following topics: a model for analysis of voting systems, a case study where we apply the proposed model, a new scheme for remote electronic voting, and three case studies of commercial online banking solutions in Norway.

  12. Reputation-based secure sensor localization in wireless sensor networks.

    Science.gov (United States)

    He, Jingsha; Xu, Jing; Zhu, Xingye; Zhang, Yuqiang; Zhang, Ting; Fu, Wanqing

    2014-01-01

    Location information of sensor nodes in wireless sensor networks (WSNs) is very important, for it makes information that is collected and reported by the sensor nodes spatially meaningful for applications. Since most current sensor localization schemes rely on location information that is provided by beacon nodes for the regular sensor nodes to locate themselves, the accuracy of localization depends on the accuracy of location information from the beacon nodes. Therefore, the security and reliability of the beacon nodes become critical in the localization of regular sensor nodes. In this paper, we propose a reputation-based security scheme for sensor localization to improve the security and the accuracy of sensor localization in hostile or untrusted environments. In our proposed scheme, the reputation of each beacon node is evaluated based on a reputation evaluation model so that regular sensor nodes can get credible location information from highly reputable beacon nodes to accomplish localization. We also perform a set of simulation experiments to demonstrate the effectiveness of the proposed reputation-based security scheme. And our simulation results show that the proposed security scheme can enhance the security and, hence, improve the accuracy of sensor localization in hostile or untrusted environments.

  13. A Framework for Secure Data Delivery in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Leonidas PERLEPES

    2012-03-01

    Full Text Available Typical sensor nodes are resource constrained devices containing user level applications, operating system components, and device drivers in a single address space, with no form of memory protection. A malicious user could easily capture a node and tamper the applications running on it, in order to perform different types of attacks. In this paper, we propose a 3-layer Security Framework composed by physical security schemes, cryptography of communication channels and live forensics protection techniques that allows for secure WSN deployments. Each of the abovementioned techniques maximizes the security levels leading to a tamper proof sensor node. By applying the proposed security framework, secure communication between nodes is guaranteed, identified captured nodes are silenced and their destructive effect on the rest of the network infrastructure is minimized due to the early measures applied. Our main concern is to propose a framework that balances its attributes between robustness, as long as security is concerned and cost effective implementation as far as resources (energy consumption are concerned.

  14. An adaptive secret key-directed cryptographic scheme for secure transmission in wireless sensor networks

    International Nuclear Information System (INIS)

    Muhammad, K.; Jan, Z.; Khan, Z

    2015-01-01

    Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)

  15. Security of medical data transfer and storage in Internet. Cryptography, antiviral security and electronic signature problems, which must be solved in nearest future in practical context.

    Science.gov (United States)

    Kasztelowicz, Piotr; Czubenko, Marek; Zieba, Iwona

    2003-01-01

    The informatical revolution in computer age, which gives significant benefit in transfer of medical information requests to pay still more attention for aspect of network security. All known advantages of network technologies--first of all simplicity of copying, multiplication and sending information to many individuals can be also dangerous, if illegal, not permitted persons get access to medical data bases. Internet is assumed to be as especially "anarchic" medium, therefore in order to use it in professional work any security principles should be bewared. In our presentation we will try to find the optimal security solution in organisational and technological aspects for any medical network. In our opinion the harmonious co-operation between users, medical authorities and network administrators is core of the success.

  16. Improving the security of the Hwang-Su protocol for mobile networks ...

    African Journals Online (AJOL)

    The mobile networks are experiencing a growing success. This success is mainly due to the fact that these networks providing the mobility of users, the transmission of data through open air and the requirement of low power. But, it is threatened by weak security, especially at the level of authentication. Hwang and Su have ...

  17. Security and privacy preserving in social networks

    CERN Document Server

    Chbeir, Richard

    2013-01-01

    This volume aims at assessing the current approaches and technologies, as well as to outline the major challenges and future perspectives related to the security and privacy protection of social networks. It provides the reader with an overview of the state-of-the art techniques, studies, and approaches as well as outlining future directions in this field. A wide range of interdisciplinary contributions from various research groups ensures for a balanced and complete perspective.

  18. Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

    Science.gov (United States)

    Fathirad, Iraj; Devlin, John; Jiang, Frank

    2012-09-01

    The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

  19. Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD).

    Science.gov (United States)

    Cao, Yuan; Zhao, Yongli; Colman-Meixner, Carlos; Yu, Xiaosong; Zhang, Jie

    2017-10-30

    Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.

  20. Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

    Science.gov (United States)

    Roy-Chowdhury, Ayan (Inventor); Baras, John S. (Inventor)

    2014-01-01

    A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

  1. New-generation security network with synergistic IP sensors

    Science.gov (United States)

    Peshko, Igor

    2007-09-01

    Global Dynamic Monitoring and Security Network (GDMSN) for real-time monitoring of (1) environmental and atmospheric conditions: chemical, biological, radiological and nuclear hazards, climate/man-induced catastrophe areas and terrorism threats; (2) water, soil, food chain quantifiers, and public health care; (3) large government/public/ industrial/ military areas is proposed. Each GDMSN branch contains stationary or mobile terminals (ground, sea, air, or space manned/unmanned vehicles) equipped with portable sensors. The sensory data are transferred via telephone, Internet, TV, security camera and other wire/wireless or optical communication lines. Each sensor is a self-registering, self-reporting, plug-and-play, portable unit that uses unified electrical and/or optical connectors and operates with IP communication protocol. The variant of the system based just on optical technologies cannot be disabled by artificial high-power radio- or gamma-pulses or sunbursts. Each sensor, being supplied with a battery and monitoring means, can be used as a separate portable unit. Military personnel, police officers, firefighters, miners, rescue teams, and nuclear power plant personnel may individually use these sensors. Terminals may be supplied with sensors essential for that specific location. A miniature "universal" optical gas sensor for specific applications in life support and monitoring systems was designed and tested. The sensor is based on the physics of absorption and/or luminescence spectroscopy. It can operate at high pressures and elevated temperatures, such as in professional and military diving equipment, submarines, underground shelters, mines, command stations, aircraft, space shuttles, etc. To enable this capability, the multiple light emitters, detectors and data processing electronics are located within a specially protected chamber.

  2. Develop security architecture for both in-house healthcare information systems and electronic patient record

    Science.gov (United States)

    Zhang, Jianguo; Chen, Xiaomeng; Zhuang, Jun; Jiang, Jianrong; Zhang, Xiaoyan; Wu, Dongqing; Huang, H. K.

    2003-05-01

    In this paper, we presented a new security approach to provide security measures and features in both healthcare information systems (PACS, RIS/HIS), and electronic patient record (EPR). We introduced two security components, certificate authoring (CA) system and patient record digital signature management (DSPR) system, as well as electronic envelope technology, into the current hospital healthcare information infrastructure to provide security measures and functions such as confidential or privacy, authenticity, integrity, reliability, non-repudiation, and authentication for in-house healthcare information systems daily operating, and EPR exchanging among the hospitals or healthcare administration levels, and the DSPR component manages the all the digital signatures of patient medical records signed through using an-symmetry key encryption technologies. The electronic envelopes used for EPR exchanging are created based on the information of signers, digital signatures, and identifications of patient records stored in CAS and DSMS, as well as the destinations and the remote users. The CAS and DSMS were developed and integrated into a RIS-integrated PACS, and the integration of these new security components is seamless and painless. The electronic envelopes designed for EPR were used successfully in multimedia data transmission.

  3. A Systematic Approach for Understanding and Modeling the Performance of Network Security Devices

    OpenAIRE

    Beyene, Yordanos

    2014-01-01

    In this dissertation, we attempt to understand and predict the performance of security devices. More specifically, we examine the following types of questions: (a) Given a security device, and a traffic load, can we predict the performance of the device? (b) Given a traffic load and a security device, how can we tune the performance of the device to achieve the desired trade-off between security and performance? We consider both stateful firewalls and Network Intrusion Prevention systems (NIP...

  4. A novel proposed network security management approach for cyber attacks

    International Nuclear Information System (INIS)

    Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

    2007-01-01

    Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

  5. Design and Implementation of a Secure Wireless Mote-Based Medical Sensor Network

    Science.gov (United States)

    Malasri, Kriangsiri; Wang, Lan

    2009-01-01

    A medical sensor network can wirelessly monitor vital signs of humans, making it useful for long-term health care without sacrificing patient comfort and mobility. For such a network to be viable, its design must protect data privacy and authenticity given that medical data are highly sensitive. We identify the unique security challenges of such a sensor network and propose a set of resource-efficient mechanisms to address these challenges. Our solution includes (1) a novel two-tier scheme for verifying the authenticity of patient data, (2) a secure key agreement protocol to set up shared keys between sensor nodes and base stations, and (3) symmetric encryption/decryption for protecting data confidentiality and integrity. We have implemented the proposed mechanisms on a wireless mote platform, and our results confirm their feasibility. PMID:22454585

  6. An adaptive cryptographic accelerator for network storage security on dynamically reconfigurable platform

    Science.gov (United States)

    Tang, Li; Liu, Jing-Ning; Feng, Dan; Tong, Wei

    2008-12-01

    Existing security solutions in network storage environment perform poorly because cryptographic operations (encryption and decryption) implemented in software can dramatically reduce system performance. In this paper we propose a cryptographic hardware accelerator on dynamically reconfigurable platform for the security of high performance network storage system. We employ a dynamic reconfigurable platform based on a FPGA to implement a PowerPCbased embedded system, which executes cryptographic algorithms. To reduce the reconfiguration latency, we apply prefetch scheduling. Moreover, the processing elements could be dynamically configured to support different cryptographic algorithms according to the request received by the accelerator. In the experiment, we have implemented AES (Rijndael) and 3DES cryptographic algorithms in the reconfigurable accelerator. Our proposed reconfigurable cryptographic accelerator could dramatically increase the performance comparing with the traditional software-based network storage systems.

  7. Legal Analysis of Constructing Network Security System --View of Network Security Culture%建立网络安全保障体系的法律思考——以网络安全文化为视角

    Institute of Scientific and Technical Information of China (English)

    王铁占; 安海兴

    2011-01-01

    The information network movement system frequency suffers the destruction, has the value information to steal repeatedly, is main threat which the current network security faces. Under the network security culture frame, through legislation, establishes the stan perfect network security legal li government by law function and be an urgent matter. the enhancement networking legislation and the safety control administration dard network security service industry development the legal framework, the ability system, raises the network user safety idea, the display morals in the so on, the establishment should to the threat network security safeguard system%信息网络运行系统频遭破坏导致有价值信息屡被窃取,是当前网络安全面临的主要威胁。在网络安全文化框架下,通过加强网络技术立法与安全管理行政立法,建立规范网络安全服务业发展的法律体系,完善网络安全法律责任制度,培养网络用户安全理念,发挥道德在法治中的作用,建立应对威胁的网络安全保障体系是当务之急。

  8. A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security

    Science.gov (United States)

    Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

    2008-01-01

    This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding innetwork processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks. PMID:27873963

  9. Secure Network Coding against Wiretapping and Byzantine Attacks

    Directory of Open Access Journals (Sweden)

    Qin Guo

    2010-01-01

    Full Text Available In wireless networks, an attacker can tune a receiver and tap the communication between two nodes. Whether or not some meaningful information is obtained by tapping a wireless connection depends on the transmission scheme. In this paper, we design some secure network coding by combining information-theoretic approaches with cryptographic approaches. It ensures that the wiretapper cannot get any meaningful information no matter how many channels are wiretapped. In addition, if each source packet is augmented with a hash symbol which is computed from a simple nonlinear polynomial function of the data symbols, then the probability of detecting the modification is very high.

  10. Security management based on trust determination in cognitive radio networks

    Science.gov (United States)

    Li, Jianwu; Feng, Zebing; Wei, Zhiqing; Feng, Zhiyong; Zhang, Ping

    2014-12-01

    Security has played a major role in cognitive radio networks. Numerous researches have mainly focused on attacking detection based on source localization and detection probability. However, few of them took the penalty of attackers into consideration and neglected how to implement effective punitive measures against attackers. To address this issue, this article proposes a novel penalty mechanism based on cognitive trust value. The main feature of this mechanism has been realized by six functions: authentication, interactive, configuration, trust value collection, storage and update, and punishment. Data fusion center (FC) and cluster heads (CHs) have been put forward as a hierarchical architecture to manage trust value of cognitive users. Misbehaving users would be punished by FC by declining their trust value; thus, guaranteeing network security via distinguishing attack users is of great necessity. Simulation results verify the rationality and effectiveness of our proposed mechanism.

  11. An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

    Directory of Open Access Journals (Sweden)

    Le Xuan Hung

    2008-12-01

    Full Text Available For many sensor network applications such as military or homeland security, it is essential for users (sinks to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1 Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2 The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3 The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4 Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5 No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

  12. Analysis of the security and privacy requirements of cloud-based electronic health records systems.

    Science.gov (United States)

    Rodrigues, Joel J P C; de la Torre, Isabel; Fernández, Gonzalo; López-Coronado, Miguel

    2013-08-21

    The Cloud Computing paradigm offers eHealth systems the opportunity to enhance the features and functionality that they offer. However, moving patients' medical information to the Cloud implies several risks in terms of the security and privacy of sensitive health records. In this paper, the risks of hosting Electronic Health Records (EHRs) on the servers of third-party Cloud service providers are reviewed. To protect the confidentiality of patient information and facilitate the process, some suggestions for health care providers are made. Moreover, security issues that Cloud service providers should address in their platforms are considered. To show that, before moving patient health records to the Cloud, security and privacy concerns must be considered by both health care providers and Cloud service providers. Security requirements of a generic Cloud service provider are analyzed. To study the latest in Cloud-based computing solutions, bibliographic material was obtained mainly from Medline sources. Furthermore, direct contact was made with several Cloud service providers. Some of the security issues that should be considered by both Cloud service providers and their health care customers are role-based access, network security mechanisms, data encryption, digital signatures, and access monitoring. Furthermore, to guarantee the safety of the information and comply with privacy policies, the Cloud service provider must be compliant with various certifications and third-party requirements, such as SAS70 Type II, PCI DSS Level 1, ISO 27001, and the US Federal Information Security Management Act (FISMA). Storing sensitive information such as EHRs in the Cloud means that precautions must be taken to ensure the safety and confidentiality of the data. A relationship built on trust with the Cloud service provider is essential to ensure a transparent process. Cloud service providers must make certain that all security mechanisms are in place to avoid unauthorized access

  13. Method for secure electronic voting system: face recognition based approach

    Science.gov (United States)

    Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

    2017-06-01

    In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

  14. A SECURE MESSAGE TRANSMISSION SYSTEM ARCHITECTURE FOR COMPUTER NETWORKS EMPLOYING SMART CARDS

    Directory of Open Access Journals (Sweden)

    Geylani KARDAŞ

    2008-01-01

    Full Text Available In this study, we introduce a mobile system architecture which employs smart cards for secure message transmission in computer networks. The use of smart card provides two security services as authentication and confidentiality in our design. The security of the system is provided by asymmetric encryption. Hence, smart cards are used to store personal account information as well as private key of each user for encryption / decryption operations. This offers further security, authentication and mobility to the system architecture. A real implementation of the proposed architecture which utilizes the JavaCard technology is also discussed in this study.

  15. Secure Data Exchange in Environmental Health Monitoring System through Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Amang Sudarsono

    2016-04-01

    Full Text Available Recently, disseminating latest sensory information regarding the status of environmental health in the surroundings of human life is one of very important circumstances which must be known by everyone. These circumstances should be accessible at anytime and anywhere by everyone through any type of end-user devices, both fixed and mobile devices, i.e., Desktop PCs, Laptop PCs, and Smartphones. Wireless Sensor Network (WSN is one of the networks which deals with data sensors distribution from sensor nodes to the gateway node toward a Data Center Server. However, there is a big possibility for many adversaries to intercept and even manipulate data sensors crossing the network. Hence, a secure data sensor exchange in the system would be strongly desirable. In this research, we propose an environmental health conditions monitoring system through WSN and its implementation with considering secure data sensor exchange within the network and secure data sensor access. This work may contribute to support a part of smart cities and take in part the Internet of Thing (IoT technology. In our proposed system, we collect some environmental health information such as temperature, humidity, luminosity, noise, carbon monoxide (CO and carbon dioxide (CO2 from sensor nodes. We keep the confidentiality and integrity of transmitted data sensors propagating through IEEE802.15.4-based communication toward a gateway node. Further, the collected data sensors in the gateway are synchronized to the Data Center Server through a secure TCP/IP connection for permanently storing. At anytime and anywhere, only legitimated users who successfully pass-through an attribute-based authentication system are able to access the data sensors.

  16. Kajian Literatur Sinkronisasi Waktu Dengan Network Time Protocol Untuk Pemantauan Aktivitas Jaringan Telekomunikasi

    Directory of Open Access Journals (Sweden)

    Ahmad Budi Setiawan

    2015-12-01

    Abstract Network providers are providing services or networks that enable the implementation of electronic transactions. Each network operator is required to align the time in electronic transactions. The purpose is to provide time alignment of the time standard and provide a time frame for all forms of electronic transactions with the principles of accuracy and traceability. Indonesian Time Alignment System uses the principle of traceability and accuracy principles. The protocols used in the alignment of the time server in Indonesia-based Network Time Protocol. This study discusses the implementation of time synchronization with a network time protocol as a form of telecommunications network security monitoring. The method used in this study is a descriptive narrative on the implementation of time synchronization. Results of this study are input to the policy in the security of electronic transactions through time synchronization

  17. Secure Group Formation Protocol for a Medical Sensor Network Prototype

    DEFF Research Database (Denmark)

    Andersen, Jacob

    2009-01-01

    , and experience from user workshops and observations of clinicians at work on a hospital ward show that if the security mechanisms are not well designed, the technology is either rejected altogether, or they are circumvented leaving the system wide open to attacks. Our work targets the problem of designing......Designing security mechanisms such as privacy and access control for medical sensor networks is a challenging task; as such systems may be operated very frequently, at a quick pace, and at times in emergency situations. Understandably, clinicians hold extra unproductive tasks in low regard...... wireless sensors to be both secure and usable by exploring different solutions on a fully functional prototype platform. In this paper, we present an Elliptic Curve Cryptography (ECC) based protocol, which offers fully secure sensor set-up in a few seconds on standard (Telos) hardware. We evaluate...

  18. Applying Real Options Thinking to Information Security in Networked Organizations

    NARCIS (Netherlands)

    Daneva, Maia

    2006-01-01

    An information security strategy of an organization participating in a networked business sets out the plans for designing a variety of actions that ensure confidentiality, availability, and integrity of company’s key information assets. The actions are concerned with authentication and

  19. Identification of electrons in the ZEUS hadron-electron separator with neural networks

    International Nuclear Information System (INIS)

    Carstens, J.O.

    1994-10-01

    An electron finder for the ZEUS experiment was constructed, which is specialized to electrons in the momentum range 0.5 to 3.0 GeV/c. For the first time this electron finder connects the informations of the calorimeter with those of the hadron-electron separator (HES). For this purpose the electron finder was equipped with a neural network. The electron finder reached on a data set of photoproduction events with conversion electrons an efficiency and discriminance of E=(62.9±2.2±0.6)% and D=(91.4±0.8±1.1)%. From these two quantities it can be calculated that the electron finder the ratio electrons to background increases by the factoe E/(1-D)=7.4 (Signal amplification). For the comparison: A neural net, to which only calorimeter informations have been made available, reached at the same efficiency a signal amplification of 2.4. A simple cut in the variable HES-signal reaches a signal amplification of 6.3. Hints were given, how training data sets with electrons and hadrons of higher energies can be obtained. With such data sets the working range of the electron finder can be without problems extended to higher momenta. As preparation for the construction of the electron finder an introduction to the foundations of the mathematics and the application of neural networks was given. By means of examples different methods for the convergence improvement have been tested. Numerous representations mediate illustrative imaginations on the mathematical process of the training of neural networks

  20. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-11

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

  1. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-01

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

  2. Quality of Security Service: Adaptive Security

    National Research Council Canada - National Science Library

    Levin, Timothy E; Irvine, Cynthia E; Spyropoulou, Evdoxia

    2004-01-01

    The premise of Quality of Security Service is that system and network management functions can be more effective if variable levels of security services and requirements can be presented to users or network tasks...

  3. A Survey on Security and Privacy in Emerging Sensor Networks: From Viewpoint of Close-Loop

    Science.gov (United States)

    Zhang, Lifu; Zhang, Heng

    2016-01-01

    Nowadays, as the next generation sensor networks, Cyber-Physical Systems (CPSs) refer to the complex networked systems that have both physical subsystems and cyber components, and the information flow between different subsystems and components is across a communication network, which forms a closed-loop. New generation sensor networks are found in a growing number of applications and have received increasing attention from many inter-disciplines. Opportunities and challenges in the design, analysis, verification and validation of sensor networks co-exists, among which security and privacy are two important ingredients. This paper presents a survey on some recent results in the security and privacy aspects of emerging sensor networks from the viewpoint of the closed-loop. This paper also discusses several future research directions under these two umbrellas. PMID:27023559

  4. Security measures effect over performance in service provider network

    African Journals Online (AJOL)

    pc

    2018-03-05

    Mar 5, 2018 ... Abstract—network security is defined as a set of policies and actions taken by a ... These threats are linked with the following factors that are ... typically smaller than those in the service provider space. ... Service providers cannot manage to provide ... e the DB performance effect ... r the business needs [10].

  5. Software defined wireless sensor networks security challenges

    CSIR Research Space (South Africa)

    Kgogo, T

    2017-09-01

    Full Text Available party development [28]. Moreover, there is a new attack that fingerprints SDN network and launches more efficient resource consumption attacks like DDoS. In general, SDN security vulnerabilities comes from the absence of integration with existing... resilience in NOX that uses its component organization. Moreover, a Primary-Backup method was introduced to enhanve the resilience of the SDN. “SDN-based DDoS blocking scheme” [38] DoS/DDoS attack specifically on the controller DDoS Blocking...

  6. Fault-tolerant and QoS based Network Layer for Security Management

    Directory of Open Access Journals (Sweden)

    Mohamed Naceur Abdelkrim

    2013-07-01

    Full Text Available Wireless sensor networks have profound effects on many application fields like security management which need an immediate, fast and energy efficient route. In this paper, we define a fault-tolerant and QoS based network layer for security management of chemical products warehouse which can be classified as real-time and mission critical application. This application generate routine data packets and alert packets caused by unusual events which need a high reliability, short end to end delay and low packet loss rate constraints. After each node compute his hop count and build his neighbors table in the initialization phase, packets can be routed to the sink. We use FELGossiping protocol for routine data packets and node-disjoint multipath routing protocol for alert packets. Furthermore, we utilize the information gathering phase of FELGossiping to update the neighbors table and detect the failed nodes, and we adapt the network topology changes by rerun the initialization phase when chemical units were added or removed from the warehouse. Analysis shows that the network layer is energy efficient and can meet the QoS constraints of unusual events packets.

  7. The Influence of Trust and Security in the Use of Electronic Payment System in Manado

    OpenAIRE

    Tani, Frangky

    2015-01-01

    Electronic payment is the way to make in the process of buying and selling customers in real estate market or online market easier. Electronic payments give innovation to consumer with transaction overseas like online shopping. This study aims to determine the influence of trust and security in the use of electronic payment system. Where the independent variables are trust and security influence in using electronic payment system as the dependent variable. This research used quantitative meth...

  8. Secure Cooperation of Autonomous Mobile Sensors Using an Underwater Acoustic Network

    Directory of Open Access Journals (Sweden)

    Gianluca Dini

    2012-02-01

    Full Text Available Methodologies and algorithms are presented for the secure cooperation of a team of autonomous mobile underwater sensors, connected through an acoustic communication network, within surveillance and patrolling applications. In particular, the work proposes a cooperative algorithm in which the mobile underwater sensors (installed on Autonomous Underwater Vehicles—AUVs respond to simple local rules based on the available information to perform the mission and maintain the communication link with the network (behavioral approach. The algorithm is intrinsically robust: with loss of communication among the vehicles the coverage performance (i.e., the mission goal is degraded but not lost. The ensuing form of graceful degradation provides also a reactive measure against Denial of Service. The cooperative algorithm relies on the fact that the available information from the other sensors, though not necessarily complete, is trustworthy. To ensure trustworthiness, a security suite has been designed, specifically oriented to the underwater scenario, and in particular with the goal of reducing the communication overhead introduced by security in terms of number and size of messages. The paper gives implementation details on the integration between the security suite and the cooperative algorithm and provides statistics on the performance of the system as collected during the UAN project sea trial held in Trondheim, Norway, in May 2011.

  9. Security Implications of Electronic Commerce: A Survey of Consumers and Businesses.

    Science.gov (United States)

    Furnell, S. M.; Karweni, T.

    1999-01-01

    Examines general requirement for security technologies that provide a basis for trust in the electronic commerce environment. Discusses the results of two surveys that included general Internet users who are potential customers as well as commercial businesses, that considered attitudes to electronic commerce in general and options relating to…

  10. Image-based electronic patient records for secured collaborative medical applications.

    Science.gov (United States)

    Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

    2005-01-01

    We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

  11. An additional DNS feature for different routing of electronic mail inside and outside of a campus network

    International Nuclear Information System (INIS)

    Bobyshev, A.; Ernst, M.

    2001-01-01

    Several years ago DESY faced the need to change the Electronic Mail Service to support it on a central cluster of servers. The centralized architecture was necessary for deployment of unified internal E-Mail standards, better quality of service and security. To implement a new policy for Electronic Mail Service and avoid huge modifications to a few hundreds network nodes, an additional DNS feature has been added to ISC's (Internet Software Consortium) software bind-4.9.7. The DNS servers running at DESY are capable of distinguishing between DNS queries coming from inside and outside of the campus network and reply with different list of MX (Mail Exchanger) records. The external hosts always get a list of MX records pointing to the central mail servers while the internal hosts may use different paths for mail exchange within the campus network. A modified version of DNS software has been used at DESY since 1997. It is fully compliant with the original goal of the project and shows good operational performance and reliability

  12. [Research and implementation of the TLS network transport security technology based on DICOM standard].

    Science.gov (United States)

    Lu, Xiaoqi; Wang, Lei; Zhao, Jianfeng

    2012-02-01

    With the development of medical information, Picture Archiving and Communications System (PACS), Hospital Information System/Radiology Information System(HIS/RIS) and other medical information management system become popular and developed, and interoperability between these systems becomes more frequent. So, these enclosed systems will be open and regionalized by means of network, and this is inevitable. If the trend becomes true, the security of information transmission may be the first problem to be solved. Based on the need for network security, we investigated the Digital Imaging and Communications in Medicine (DICOM) Standard and Transport Layer Security (TLS) Protocol, and implemented the TLS transmission of the DICOM medical information with OpenSSL toolkit and DCMTK toolkit.

  13. Low-power secure body area network for vital sensors toward IEEE802.15.6.

    Science.gov (United States)

    Kuroda, Masahiro; Qiu, Shuye; Tochikubo, Osamu

    2009-01-01

    Many healthcare/medical services have started using personal area networks, such as Bluetooth and ZigBee; these networks consist of various types of vital sensors. These works focus on generalized functions for sensor networks that expect enough battery capacity and low-power CPU/RF (Radio Frequency) modules, but less attention to easy-to-use privacy protection. In this paper, we propose a commercially-deployable secure body area network (S-BAN) with reduced computational burden on a real sensor that has limited RAM/ROM sizes and CPU/RF power consumption under a light-weight battery. Our proposed S-BAN provides vital data ordering among sensors that are involved in an S-BAN and also provides low-power networking with zero-administration security by automatic private key generation. We design and implement the power-efficient media access control (MAC) with resource-constraint security in sensors. Then, we evaluate the power efficiency of the S-BAN consisting of small sensors, such as an accessory type ECG and ring-type SpO2. The evaluation of power efficiency of the S-BAN using real sensors convinces us in deploying S-BAN and will also help us in providing feedbacks to the IEEE802.15.6 MAC, which will be the standard for BANs.

  14. LEGAL SECURITY ON CELLPHONE TRADING THROUGH ELECTRONIC MEDIA IN INDONESIA

    OpenAIRE

    Aan Aswari

    2017-01-01

    The rapid growth of technology development brings impact on human life related to its utilization. This article analyzes legal security through several components in a cellphone trading through electronic media. This study is a conceptual idea and shows that the implementation of legal security in several components should provide solution to any potential conflicts. A good intention component should be applied to form an ideal legal relation from the beginning to the end and realization in p...

  15. Legal Security on Cellphone Trading Through Electronic Media in Indonesia

    OpenAIRE

    Aswari, Aan; Pasamai, Syamsudin; Qomar, Nurul; Abbas, Ilham

    2017-01-01

    The rapid growth of technology development brings impact on human life related to its utilization. This article analyzes legal security through several components in a cellphone trading through electronic media. This study is a conceptual idea and shows that the implementation of legal security in several components should provide solution to any potential conflicts. A good intention component should be applied to form an ideal legal relation from the beginning to the end and realization in p...

  16. Security Evaluation of the Cyber Networks under Advanced Persistent Threats

    NARCIS (Netherlands)

    Yang, L.; Li, Pengdeng; Yang, Xiaofan; Tang, Yuan Yan

    2017-01-01

    Advanced persistent threats (APTs) pose a grave threat to cyberspace, because they deactivate all the conventional cyber defense mechanisms. This paper addresses the issue of evaluating the security of the cyber networks under APTs. For this purpose, a dynamic model capturing the APT-based

  17. Construction of Monitoring Model and Algorithm Design on Passenger Security during Shipping Based on Improved Bayesian Network

    Science.gov (United States)

    Wang, Jiali; Zhang, Qingnian; Ji, Wenfeng

    2014-01-01

    A large number of data is needed by the computation of the objective Bayesian network, but the data is hard to get in actual computation. The calculation method of Bayesian network was improved in this paper, and the fuzzy-precise Bayesian network was obtained. Then, the fuzzy-precise Bayesian network was used to reason Bayesian network model when the data is limited. The security of passengers during shipping is affected by various factors, and it is hard to predict and control. The index system that has the impact on the passenger safety during shipping was established on basis of the multifield coupling theory in this paper. Meanwhile, the fuzzy-precise Bayesian network was applied to monitor the security of passengers in the shipping process. The model was applied to monitor the passenger safety during shipping of a shipping company in Hainan, and the effectiveness of this model was examined. This research work provides guidance for guaranteeing security of passengers during shipping. PMID:25254227

  18. Security and trust in online social networks

    CERN Document Server

    Carminati, Barbara; Viviani, Marco; Viviani, Marco; Carminati, Barbara

    2013-01-01

    The enormous success and diffusion that online social networks (OSNs) are encountering nowadays is vastly apparent. Users' social interactions now occur using online social media as communication channels; personal information and activities are easily exchanged both for recreational and business purposes in order to obtain social or economic advantages. In this scenario, OSNs are considered critical applications with respect to the security of users and their resources, for their characteristics alone: the large amount of personal information they manage, big economic upturn connected to thei

  19. Research on Influence of Cloud Environment on Traditional Network Security

    Science.gov (United States)

    Ming, Xiaobo; Guo, Jinhua

    2018-02-01

    Cloud computing is a symbol of the progress of modern information network, cloud computing provides a lot of convenience to the Internet users, but it also brings a lot of risk to the Internet users. Second, one of the main reasons for Internet users to choose cloud computing is that the network security performance is great, it also is the cornerstone of cloud computing applications. This paper briefly explores the impact on cloud environment on traditional cybersecurity, and puts forward corresponding solutions.

  20. An assessment of technology-based service encounters & network security on the e-health care systems of medical centers in Taiwan

    Directory of Open Access Journals (Sweden)

    Chang Ching

    2008-04-01

    Full Text Available Abstract Background Enhancing service efficiency and quality has always been one of the most important factors to heighten competitiveness in the health care service industry. Thus, how to utilize information technology to reduce work load for staff and expeditiously improve work efficiency and healthcare service quality is presently the top priority for every healthcare institution. In this fast changing modern society, e-health care systems are currently the best possible way to achieve enhanced service efficiency and quality under the restraint of healthcare cost control. The electronic medical record system and the online appointment system are the core features in employing e-health care systems in the technology-based service encounters. Methods This study implemented the Service Encounters Evaluation Model, the European Customer Satisfaction Index, the Attribute Model and the Overall Affect Model for model inference. A total of 700 copies of questionnaires from two authoritative southern Taiwan medical centers providing the electronic medical record system and the online appointment system service were distributed, among which 590 valid copies were retrieved with a response rate of 84.3%. We then used SPSS 11.0 and the Linear Structural Relationship Model (LISREL 8.54 to analyze and evaluate the data. Results The findings are as follows: (1 Technology-based service encounters have a positive impact on service quality, but not patient satisfaction; (2 After experiencing technology-based service encounters, the cognition of the service quality has a positive effect on patient satisfaction; and (3 Network security contributes a positive moderating effect on service quality and patient satisfaction. Conclusion It revealed that the impact of electronic workflow (online appointment system service on service quality was greater than electronic facilities (electronic medical record systems in technology-based service encounters. Convenience and

  1. An assessment of technology-based service encounters & network security on the e-health care systems of medical centers in Taiwan.

    Science.gov (United States)

    Chang, Hsin Hsin; Chang, Ching Sheng

    2008-04-17

    Enhancing service efficiency and quality has always been one of the most important factors to heighten competitiveness in the health care service industry. Thus, how to utilize information technology to reduce work load for staff and expeditiously improve work efficiency and healthcare service quality is presently the top priority for every healthcare institution. In this fast changing modern society, e-health care systems are currently the best possible way to achieve enhanced service efficiency and quality under the restraint of healthcare cost control. The electronic medical record system and the online appointment system are the core features in employing e-health care systems in the technology-based service encounters. This study implemented the Service Encounters Evaluation Model, the European Customer Satisfaction Index, the Attribute Model and the Overall Affect Model for model inference. A total of 700 copies of questionnaires from two authoritative southern Taiwan medical centers providing the electronic medical record system and the online appointment system service were distributed, among which 590 valid copies were retrieved with a response rate of 84.3%. We then used SPSS 11.0 and the Linear Structural Relationship Model (LISREL 8.54) to analyze and evaluate the data. The findings are as follows: (1) Technology-based service encounters have a positive impact on service quality, but not patient satisfaction; (2) After experiencing technology-based service encounters, the cognition of the service quality has a positive effect on patient satisfaction; and (3) Network security contributes a positive moderating effect on service quality and patient satisfaction. It revealed that the impact of electronic workflow (online appointment system service) on service quality was greater than electronic facilities (electronic medical record systems) in technology-based service encounters. Convenience and credibility are the most important factors of service quality

  2. Practising EU Security Governance in the Transatlantic Context: A Fragmentation of Power or Networked Hegemony?

    Directory of Open Access Journals (Sweden)

    Benjamin Zyla

    2013-07-01

    Full Text Available Security governance is commonly understood as an answer to the new and constantly changing security environment after the Cold War. In the context of the European Union (EU, the governance approach is believed to understand better the evolving institutional characters, networks, and processes of the EU’s actions in global politics. By employing a neo-Gramscian framework we challenge the 'orthodox view' in the EU governance literature that networks are flexible and hierarchy-immune responses to increasingly global policy challenges. We argue that networks in and of themselves reproduce existing power structures, and discuss the presence and replication of hegemony through these networks by examining the EU’s governance system post the Lisbon Treaty.

  3. An intrusion prevention system as a proactive security mechanism in network infrastructure

    Directory of Open Access Journals (Sweden)

    Dulanović Nenad

    2008-01-01

    Full Text Available A properly configured firewall is a good starting point in securing a computer network. However, complex network environments that involve higher number of participants and endpoints require better security infrastructure. Intrusion Detection Systems (IDS, proposed as a solution to perimeter defense, have many open problems and it is clear that better solutions must be found. Due to many unsolved problems associated with IDS, Intrusion Prevention Systems (IPS are introduced. The main idea in IPS is to be proactive. This paper gives an insight of Cobrador Bouncer IPS implementation. System architecture is given and three different Bouncer IPS deployment modes are presented. The Bouncer IPS as a proactive honeypot is also discussed.

  4. Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

    Energy Technology Data Exchange (ETDEWEB)

    Guo, Ying; Shi, Ronghua [School of Information Science and Engineering, Central South University, Changsha 410083 (China); Zeng, Guihua [Department of Electronic Engineering, Shanghai Jiaotong University, Shanghai 200030 (China)], E-mail: sdguoying@gmail.com, E-mail: rhshi@mail.edu.com, E-mail: ghzeng@sjtu.edu.cn

    2010-04-15

    A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

  5. Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

    International Nuclear Information System (INIS)

    Guo, Ying; Shi, Ronghua; Zeng, Guihua

    2010-01-01

    A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

  6. Asynchronous Group Key Distribution on top of the CC2420 Security Mechanisms for Sensor Networks

    DEFF Research Database (Denmark)

    Hansen, Morten Tranberg

    2009-01-01

    scheme with no time synchronization requirements. The scheme decreases the number of key updates by providing them on an as needed basis according to the amount of network traffic. We evaluate the CC2420 radio security mechanism and show how to use it as a basis to implement secure group communication......A sensor network is a network consisting of small, inexpensive, low-powered sensor nodes that communicate to complete a common task. Sensor nodes are characterized by having limited communication and computation capabilities, energy, and storage. They often are deployed in hostile environments...... creating a demand for encryption and authentication of the messages sent between them. Due to severe resource constraints on the sensor nodes, efficient key distribution schemes and secure communication protocols with low overhead are desired. In this paper we present an asynchronous group key distribution...

  7. ON SECURE FULL DUPLEX COMMUNICATION IN MOBILE AD HOC NETWORK

    OpenAIRE

    S. C. Dutta; Sudha Singh; D. K. Singh

    2013-01-01

    This paper is to establish Ad Hoc network in mobile phones and start fully secured full duplex communication in any situation. This type of communication will be cost effective and it will be fastest way of communication in case of any server failure or server error.

  8. Security, privacy and ethics in electronic records management in the ...

    African Journals Online (AJOL)

    Security, privacy and ethics in electronic records management in the South African public sector. ... Computers have become such valuable tools for conducting business ... One great advantage of the computers is the ease with which a large

  9. Experimental Platform for Usability Testing of Secure Medical Sensor Network Protocols

    DEFF Research Database (Denmark)

    Andersen, Jacob; Lo, Benny P.; Yang, Guang-Zhong

    2008-01-01

    designed security mechanisms are essential. Several experimental sensor network platforms have emerged in recent years targeted for clinical use. However, few of them consider the importance of security issues such as privacy and access control, and how these can impact the usability of the platform, while......Implementing security mechanisms such as access control for clinical use is a challenging research issue in BSN due to its required heterogeneous operating responses ranging from chronic diseases management to emergency care. To ensure the clinical uptake of the BSN technology, appropriately...... others develop BSN security without considering how a prototype implementation would be received by clinicians in real-life situations. The purpose of this paper is to present our initial effort in building a flexible experimental platform for providing a basic infrastructure with symmetric AES...

  10. Key management issue in SCADA networks: A review

    Directory of Open Access Journals (Sweden)

    Abdalhossein Rezai

    2017-02-01

    Full Text Available Supervisory Control And Data Acquisition (SCADA networks have a vital role in Critical Infrastructures (CIs such as public transports, power generation systems, gas, water and oil industries, so that there are concerns on security issues in these networks. The utilized Remote Terminal Units (RTUs and Intelligence Electronic Devices (IEDs in these networks have resource limitations, which make security applications a challenging issue. Efficient key management schemes are required besides lightweight ciphers for securing the SCADA communications. Many key management schemes have been developed to address the tradeoff between SCADA constrain and security, but which scheme is the most effective is still debatable. This paper presents a review of the existing key management schemes in SCADA networks, which provides directions for further researches in this field.

  11. Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Juan-Mariano de Goyeneche

    2009-05-01

    Full Text Available Security in wireless sensor networks is difficult to achieve because of the resource limitations of the sensor nodes. We propose a trust-based decision framework for wireless sensor networks coupled with a non-deterministic routing protocol. Both provide a mechanism to effectively detect and confine common attacks, and, unlike previous approaches, allow bad reputation feedback to the network. This approach has been extensively simulated, obtaining good results, even for unrealistically complex attack scenarios.

  12. Twitter, Facebook, and Ten Red Balloons: Social Network Problem Solving and Homeland Security

    OpenAIRE

    Ford, Christopher M.

    2011-01-01

    This article appeared in Homeland Security Affairs (February 2011), v.7 no.1 This essay, the winner of the Center for Homeland Defense and Security (CHDS) Essay Contest in 2010, looks at how homeland security could benefit from crowd-sourced applications accessed through social networking tools such as Twitter and Facebook. Christopher M. Ford looks at the apparent efficacy of two such endeavors: the Defense Advanced Research Projects Agency'۪s (DARPA) competition to find ten 8-foot balloo...

  13. Wireless Sensor Network Security Enhancement Using Directional Antennas: State of the Art and Research Challenges.

    Science.gov (United States)

    Curiac, Daniel-Ioan

    2016-04-07

    Being often deployed in remote or hostile environments, wireless sensor networks are vulnerable to various types of security attacks. A possible solution to reduce the security risks is to use directional antennas instead of omnidirectional ones or in conjunction with them. Due to their increased complexity, higher costs and larger sizes, directional antennas are not traditionally used in wireless sensor networks, but recent technology trends may support this method. This paper surveys existing state of the art approaches in the field, offering a broad perspective of the future use of directional antennas in mitigating security risks, together with new challenges and open research issues.

  14. Secure anonymous mutual authentication for star two-tier wireless body area networks.

    Science.gov (United States)

    Ibrahim, Maged Hamada; Kumari, Saru; Das, Ashok Kumar; Wazid, Mohammad; Odelu, Vanga

    2016-10-01

    Mutual authentication is a very important service that must be established between sensor nodes in wireless body area network (WBAN) to ensure the originality and integrity of the patient's data sent by sensors distributed on different parts of the body. However, mutual authentication service is not enough. An adversary can benefit from monitoring the traffic and knowing which sensor is in transmission of patient's data. Observing the traffic (even without disclosing the context) and knowing its origin, it can reveal to the adversary information about the patient's medical conditions. Therefore, anonymity of the communicating sensors is an important service as well. Few works have been conducted in the area of mutual authentication among sensor nodes in WBAN. However, none of them has considered anonymity among body sensor nodes. Up to our knowledge, our protocol is the first attempt to consider this service in a two-tier WBAN. We propose a new secure protocol to realize anonymous mutual authentication and confidential transmission for star two-tier WBAN topology. The proposed protocol uses simple cryptographic primitives. We prove the security of the proposed protocol using the widely-accepted Burrows-Abadi-Needham (BAN) logic, and also through rigorous informal security analysis. In addition, to demonstrate the practicality of our protocol, we evaluate it using NS-2 simulator. BAN logic and informal security analysis prove that our proposed protocol achieves the necessary security requirements and goals of an authentication service. The simulation results show the impact on the various network parameters, such as end-to-end delay and throughput. The nodes in the network require to store few hundred bits. Nodes require to perform very few hash invocations, which are computationally very efficient. The communication cost of the proposed protocol is few hundred bits in one round of communication. Due to the low computation cost, the energy consumed by the nodes is

  15. Develop a solution for protecting and securing enterprise networks from malicious attacks

    Science.gov (United States)

    Kamuru, Harshitha; Nijim, Mais

    2014-05-01

    In the world of computer and network security, there are myriad ways to launch an attack, which, from the perspective of a network, can usually be defined as "traffic that has huge malicious intent." Firewall acts as one of the measure in order to secure the device from incoming unauthorized data. There are infinite number of computer attacks that no firewall can prevent, such as those executed locally on the machine by a malicious user. From the network's perspective, there are numerous types of attack. All the attacks that degrade the effectiveness of data can be grouped into two types: brute force and precision. The Firewall that belongs to Juniper has the capability to protect against both types of attack. Denial of Service (DoS) attacks are one of the most well-known network security threats under brute force attacks, which is largely due to the high-profile way in which they can affect networks. Over the years, some of the largest, most respected Internet sites have been effectively taken offline by Denial of Service (DOS) attacks. A DoS attack typically has a singular focus, namely, to cause the services running on a particular host or network to become unavailable. Some DoS attacks exploit vulnerabilities in an operating system and cause it to crash, such as the infamous Win nuke attack. Others submerge a network or device with traffic so that there are no more resources to handle legitimate traffic. Precision attacks typically involve multiple phases and often involves a bit more thought than brute force attacks, all the way from reconnaissance to machine ownership. Before a precision attack is launched, information about the victim needs to be gathered. This information gathering typically takes the form of various types of scans to determine available hosts, networks, and ports. The hosts available on a network can be determined by ping sweeps. The available ports on a machine can be located by port scans. Screens cover a wide variety of attack traffic

  16. Evaluation of Secure 802.1X Port-Based Network Access Authentication Over 802.11 Wireless Local Area Networks

    National Research Council Canada - National Science Library

    Ozturk, Huseyin

    2003-01-01

    ... addressed. Failing to examine the security risks of WLAN technology and to take the necessary countermeasures may result in unauthorized entry into the legacy local area networks and other attacks...

  17. UGV: security analysis of subsystem control network

    Science.gov (United States)

    Abbott-McCune, Sam; Kobezak, Philip; Tront, Joseph; Marchany, Randy; Wicks, Al

    2013-05-01

    Unmanned Ground vehicles (UGVs) are becoming prolific in the heterogeneous superset of robotic platforms. The sensors which provide odometry, localization, perception, and vehicle diagnostics are fused to give the robotic platform a sense of the environment it is traversing. The automotive industry CAN bus has dominated the industry due to the fault tolerance and the message structure allowing high priority messages to reach the desired node in a real time environment. UGVs are being researched and produced at an accelerated rate to preform arduous, repetitive, and dangerous missions that are associated with a military action in a protracted conflict. The technology and applications of the research will inevitably be turned into dual-use platforms to aid civil agencies in the performance of their various operations. Our motivation is security of the holistic system; however as subsystems are outsourced in the design, the overall security of the system may be diminished. We will focus on the CAN bus topology and the vulnerabilities introduced in UGVs and recognizable security vulnerabilities that are inherent in the communications architecture. We will show how data can be extracted from an add-on CAN bus that can be customized to monitor subsystems. The information can be altered or spoofed to force the vehicle to exhibit unwanted actions or render the UGV unusable for the designed mission. The military relies heavily on technology to maintain information dominance, and the security of the information introduced onto the network by UGVs must be safeguarded from vulnerabilities that can be exploited.

  18. Secure neighborhood discovery: A fundamental element for mobile ad hoc networking

    DEFF Research Database (Denmark)

    Papadimitratos, P.; Poturalski, M.; Schaller, P.

    2008-01-01

    Pervasive computing systems will likely be deployed in the near future, with the proliferation of wireless devices and the emergence of ad hoc networking as key enablers. Coping with mobility and the volatility of wireless communications in such systems is critical. Neighborhood discovery (ND......) - the discovery of devices directly reachable for communication or in physical proximity - becomes a fundamental requirement and building block for various applications. However, the very nature of wireless mobile networks makes it easy to abuse ND and thereby compromise the overlying protocols and applications....... Thus, providing methods to mitigate this vulnerability and secure ND is crucial. In this article we focus on this problem and provide definitions of neighborhood types and ND protocol properties, as well as a broad classification of attacks. Our ND literature survey reveals that securing ND is indeed...

  19. A Secure and Efficient Handover Authentication Protocol for Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weijia Wang

    2014-06-01

    Full Text Available Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an effcient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable effciency features of PairHand, but enjoys the provable security in the random oracle model.

  20. Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

    Institute of Scientific and Technical Information of China (English)

    XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

    2006-01-01

    Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

  1. Security Economics and European Policy

    Science.gov (United States)

    Anderson, Ross; Böhme, Rainer; Clayton, Richard; Moor, Tyler

    In September 2007, we were awarded a contract by the European Network and Information Security Agency (ENISA) to investigate failures in the market for secure electronic communications within the European Union, and come up with policy recommendations. In the process, we spoke to a large number of stakeholders, and held a consultative meeting in December 2007 in Brussels to present draft proposals, which established most had wide stakeholder support. The formal outcome of our work was a detailed report, “Security Economics and the Internal Market”, published by ENISA in March 2008. This paper presents a much abridged version: in it, we present the recommendations we made, along with a summary of our reasoning.

  2. Security and SCADA protocols

    International Nuclear Information System (INIS)

    Igure, V. M.; Williams, R. D.

    2006-01-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

  3. Analysis of The Game Mechanism in The Field of Network Security between China and the US and The Prospect of The Future

    Directory of Open Access Journals (Sweden)

    Wang Xiang

    2016-12-01

    Full Text Available In the field of Sino-US relations, the network space plays a very important role during a very short period of time. In recent years, the intensity and frequency of Chinese and American network security game has increased significantly, which has increased the instability of Sino-US relations. This paper reviews the network security game events between China and the US in recent years, and points out that network security has become a high risk problem in the relationship between China and the US and it has become the factors affecting the whole area. Network security issues need cooperation between China and the US to develop guidelines for the conduct of Cyberspace. As regards the prospect of Sino-US cyber security relations in the future, this paper argues that the strength and strategy in the Internet field of China and the US lead to the likelihood that China and the US fall into the “prisoner’s dilemma”. China and the US have to control the network security game to prevent damage to the overall situation of Sino-US relations; this is very urgent. Strengthening the network security fields of cooperation between China and the US is an inevitable choice both in terms of necessity and possibility.

  4. A comprehensive Network Security Risk Model for process control networks.

    Science.gov (United States)

    Henry, Matthew H; Haimes, Yacov Y

    2009-02-01

    The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

  5. Secure Plug-in Electric Vehicle PEV Charging in a Smart Grid Network

    Directory of Open Access Journals (Sweden)

    Khaled Shuaib

    2017-07-01

    Full Text Available Charging of plug-in electric vehicles (PEVs exposes smart grid systems and their users to different kinds of security and privacy attacks. Hence, a secure charging protocol is required for PEV charging. Existing PEV charging protocols are usually based on insufficiently represented and simplified charging models that do not consider the user’s charging modes (charging at a private location, charging as a guest user, roaming within one’s own supplier network or roaming within other suppliers’ networks. However, the requirement for charging protocols depends greatly on the user’s charging mode. Consequently, available solutions do not provide complete protocol specifications. Moreover, existing protocols do not support anonymous user authentication and payment simultaneously. In this paper, we propose a comprehensive end-to-end charging protocol that addresses the security and privacy issues in PEV charging. The proposed protocol uses nested signatures to protect users’ privacy from external suppliers, their own suppliers and third parties. Our approach supports anonymous user authentication, anonymous payment, as well as anonymous message exchange between suppliers within a hierarchical smart grid architecture. We have verified our protocol using the AVISPA software verification tool and the results showed that our protocol is secure and works as desired.

  6. Worst-Case Cooperative Jamming for Secure Communications in CIoT Networks

    Directory of Open Access Journals (Sweden)

    Zhen Li

    2016-03-01

    Full Text Available The Internet of Things (IoT is a significant branch of the ongoing advances in the Internet and mobile communications. Yet, the use of a large number of IoT devices can severely worsen the spectrum scarcity problem. The usable spectrum resources are almost entirely occupied, and thus, the increasing demands of radio access from IoT devices cannot be met. To tackle this problem, the Cognitive Internet of Things (CIoT has been proposed. In a CIoT network, secondary users, i.e., sensors and actuators, can access the licensed spectrum bands provided by licensed primary users (such as cellular telephones. Security is a major concern in CIoT networks. However, the traditional encryption method at upper layers (such as symmetric and asymmetric ciphers may not be suitable for CIoT networks since these networks are composed of low-profile devices. In this paper, we address the security issues in spectrum-leasing-based CIoT networks using physical layer methods. Considering that the CIoT networks are cooperative in nature, we propose to employ cooperative jamming to achieve secure transmission. In our proposed cooperative jamming scheme, a certain secondary user is employed as the helper to harvest energy transmitted by the source and then uses the harvested energy to generate an artificial noise that jams the eavesdropper without interfering with the legitimate receivers. The goal is to minimize the Signal to Interference plus Noise Ratio (SINR at the eavesdropper subject to the Quality of Service (QoS constraints of the primary traffic and the secondary traffic. We formulate the minimization problem into a two-stage robust optimization problem based on the worst-case Channel State Information of the Eavesdropper (ECSI. By using Semi-Definite Programming (SDP, the optimal solutions of the transmit covariance matrices can be obtained. Moreover, in order to build an incentive mechanism for the secondary users, we propose an auction framework based on the

  7. Junos Security

    CERN Document Server

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  8. Breach of Personal Security through Applicative use of Online Social Networks

    Directory of Open Access Journals (Sweden)

    Bojan Nikolovski

    2013-11-01

    Full Text Available Throughout this article there is an attempt to indicate the threats of potential to breach of personal security through applicative use of internet as well as applicative use of online social networks. In addition to many other ways of privacy protection applicative users of social network’s sites must take into considerations the risk of distributing private data. Through a series of actions and settings users can customize the security settings with the ultimate goal of reducing the risk of attack on their privacy.

  9. Electronic Networking as an Avenue of Enhanced Professional Interchange.

    Science.gov (United States)

    Ratcliff, James L.

    Electronic networking is communication between two or more people that involves one or more telecommunications media. There is electronic networking software available for most computers, including IBM, Apple, and Radio Shack personal computers. Depending upon the sophistication of the hardware and software used, individuals and groups can…

  10. Electronic Field Data Collection in Support of Satellite-Based Food Security Monitoring in Tanzania

    Science.gov (United States)

    Nakalembe, C. L.; Dempewolf, J.; Justice, C. J.; Becker-Reshef, I.; Tumbo, S.; Maurice, S.; Mbilinyi, B.; Ibrahim, K.; Materu, S.

    2016-12-01

    In Tanzania agricultural extension agents traditionally collect field data on agriculture and food security on paper, covering most villages throughout the country. The process is expensive, slow and cumbersome and prone to data transcription errors when the data get entered at the district offices into electronic spreadsheets. Field data on the status and condition of agricultural crops, the population's nutritional status, food storage levels and other parameters are needed in near realtime for early warning to make critical but most importantly timely and appropriate decisions that are informed with verified data from the ground. With the ubiquitous distribution of cell phones, which are now used by the vast majority of the population in Tanzania including most farmers, new, efficient and cost-effective methods for field data collection have become available. Using smartphones and tablets data on crop conditions, pest and diseases, natural disasters and livelihoods can be collected and made available and easily accessible in near realtime. In this project we implemented a process for obtaining high quality electronic field data using the GeoODK application with a large network of field extension agents in Tanzania and Uganda. These efforts contribute to work being done on developing an advanced agriculture monitoring system for Tanzania, incorporating traditional data collection with satellite information and field data. The outcomes feed directly into the National Food Security Bulletin for Tanzania produced by the Ministry of Agriculture as well as a form a firm evidence base and field scale monitoring of the disaster risk financing in Uganda.

  11. Securing ad hoc wireless sensor networks under Byzantine attacks by implementing non-cryptographic method

    Directory of Open Access Journals (Sweden)

    Shabir Ahmad Sofi

    2017-05-01

    Full Text Available Ad Hoc wireless sensor network (WSN is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. The level of security and performance are always somehow related to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. Byzantine attacks disrupt the communication between nodes in the network without regard to its own resource consumption. This paper discusses the performance of cluster based WSN comparing LEACH with Advanced node based clusters under byzantine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mitigate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the malicious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack.

  12. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    OpenAIRE

    Hoon-Jae Lee; Pardeep Kumar

    2011-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are ...

  13. A security analysis of the Dutch electronic patient record system

    NARCIS (Netherlands)

    van 't Noordende, G.

    2010-01-01

    In this article, we analyze the security architecture of the Dutch Electronic Patient Dossier (EPD) system. Intended as a national infrastructure for exchanging medical patient records among authorized parties (particularly, physicians), the EPD has to address a number of requirements, ranging from

  14. An Efficient Electronic English Auction System with a Secure On-Shelf Mechanism and Privacy Preserving

    Directory of Open Access Journals (Sweden)

    Hong Zhong

    2016-01-01

    Full Text Available With the rapid development of the Internet, electronic commerce has become more and more popular. As an important element of e-commerce, many Internet companies such as Yahoo! and eBay have launched electronic auction systems. However, like most electronic commerce products, safety is an important issue that should be addressed. Many researchers have proposed secure electronic auction mechanisms, but we found that some of them do not exhibit the property of unlinkability, which leads to the leakage of users’ privacy. Considering the importance of privacy preservation, we have designed a new auction mechanism. Through symmetrical key establishment in the registration phase, all messages transmitted over the Internet would be protected and, meanwhile, achieve the property of unlinkability. The security analysis and performance analysis show that our protocol fulfills more security properties and is more efficient for implementation compared with recent works.

  15. An Efficient and Secure Certificateless Authentication Protocol for Healthcare System on Wireless Medical Sensor Networks

    Science.gov (United States)

    Guo, Rui; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua

    2013-01-01

    Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks. PMID:23710147

  16. Trust framework for a secured routing in wireless sensor network

    Directory of Open Access Journals (Sweden)

    Ouassila Hoceini

    2015-11-01

    Full Text Available Traditional techniques to eliminate insider attacks developed for wired and wireless ad hoc networks are not well suited for wireless sensors networks due to their resource constraints nature. In order to protect WSNs against malicious and selfish behavior, some trust-based systems have recently been modeled. The resource efficiency and dependability of a trust system are the most fundamental requirements for any wireless sensor network (WSN. In this paper, we propose a Trust Framework for a Secured Routing in Wireless Sensor Network (TSR scheme, which works with clustered networks. This approach can effectively reduce the cost of trust evaluation and guarantee a better selection of safest paths that lead to the base station. Theoretical as well as simulation results show that our scheme requires less communication overheads and consumes less energy as compared to the current typical trust systems for WSNs. Moreover, it detects selfish and defective nodes and prevents us of insider attacks

  17. Quantitative Analysis of the Security of Software-Defined Network Controller Using Threat/Effort Model

    Directory of Open Access Journals (Sweden)

    Zehui Wu

    2017-01-01

    Full Text Available SDN-based controller, which is responsible for the configuration and management of the network, is the core of Software-Defined Networks. Current methods, which focus on the secure mechanism, use qualitative analysis to estimate the security of controllers, leading to inaccurate results frequently. In this paper, we employ a quantitative approach to overcome the above shortage. Under the analysis of the controller threat model we give the formal model results of the APIs, the protocol interfaces, and the data items of controller and further provide our Threat/Effort quantitative calculation model. With the help of Threat/Effort model, we are able to compare not only the security of different versions of the same kind controller but also different kinds of controllers and provide a basis for controller selection and secure development. We evaluated our approach in four widely used SDN-based controllers which are POX, OpenDaylight, Floodlight, and Ryu. The test, which shows the similarity outcomes with the traditional qualitative analysis, demonstrates that with our approach we are able to get the specific security values of different controllers and presents more accurate results.

  18. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

    Directory of Open Access Journals (Sweden)

    Aamir Shahzad

    2016-06-01

    Full Text Available Substantial changes have occurred in the Information Technology (IT sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  19. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

    Science.gov (United States)

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-06-14

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  20. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

    Science.gov (United States)

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-01-01

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network. PMID:27314351

  1. Anticipating WPS PIN Vulnerability to Secure Wireless Network

    Directory of Open Access Journals (Sweden)

    Indra Dwi Rianto

    2013-12-01

    Full Text Available WiFi Protected Setup (WPS is a standardized function supported by numerous vendors of wireless routers and access point to help set up connection to a wireless local area network. It is designed to simplify the set up and generally enabled by default. Due to design flaw, the WPS or QSS PIN is susceptible to a brute forceattack. In this paper, we test the security vulnerability occurred, evaluate the performance and give recommendations to anticipate the attack.

  2. Taiwan's perspective on electronic medical records' security and privacy protection: lessons learned from HIPAA.

    Science.gov (United States)

    Yang, Che-Ming; Lin, Herng-Ching; Chang, Polun; Jian, Wen-Shan

    2006-06-01

    The protection of patients' health information is a very important concern in the information age. The purpose of this study is to ascertain what constitutes an effective legal framework in protecting both the security and privacy of health information, especially electronic medical records. All sorts of bills regarding electronic medical data protection have been proposed around the world including Health Insurance Portability and Accountability Act (HIPAA) of the U.S. The trend of a centralized bill that focuses on managing computerized health information is the part that needs our further attention. Under the sponsor of Taiwan's Department of Health (DOH), our expert panel drafted the "Medical Information Security and Privacy Protection Guidelines", which identifies nine principles and entails 12 articles, in the hope that medical organizations will have an effective reference in how to manage their medical information in a confidential and secured fashion especially in electronic transactions.

  3. Neural network based electron identification in the ZEUS calorimeter

    International Nuclear Information System (INIS)

    Abramowicz, H.; Caldwell, A.; Sinkus, R.

    1995-01-01

    We present an electron identification algorithm based on a neural network approach applied to the ZEUS uranium calorimeter. The study is motivated by the need to select deep inelastic, neutral current, electron proton interactions characterized by the presence of a scattered electron in the final state. The performance of the algorithm is compared to an electron identification method based on a classical probabilistic approach. By means of a principle component analysis the improvement in the performance is traced back to the number of variables used in the neural network approach. (orig.)

  4. An enhanced performance through agent-based secure approach for mobile ad hoc networks

    Science.gov (United States)

    Bisen, Dhananjay; Sharma, Sanjeev

    2018-01-01

    This paper proposes an agent-based secure enhanced performance approach (AB-SEP) for mobile ad hoc network. In this approach, agent nodes are selected through optimal node reliability as a factor. This factor is calculated on the basis of node performance features such as degree difference, normalised distance value, energy level, mobility and optimal hello interval of node. After selection of agent nodes, a procedure of malicious behaviour detection is performed using fuzzy-based secure architecture (FBSA). To evaluate the performance of the proposed approach, comparative analysis is done with conventional schemes using performance parameters such as packet delivery ratio, throughput, total packet forwarding, network overhead, end-to-end delay and percentage of malicious detection.

  5. A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

    Science.gov (United States)

    Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

    2016-01-01

    Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods. PMID:28042831

  6. A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network.

    Science.gov (United States)

    Pirbhulal, Sandeep; Zhang, Heye; E Alahi, Md Eshrat; Ghayvat, Hemant; Mukhopadhyay, Subhas Chandra; Zhang, Yuan-Ting; Wu, Wanqing

    2016-12-30

    Wireless sensor networks (WSNs) provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP) to develop the Internet of Things (IoT) for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i) how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii) how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA) based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

  7. A Novel Secure IoT-Based Smart Home Automation System Using a Wireless Sensor Network

    Directory of Open Access Journals (Sweden)

    Sandeep Pirbhulal

    2016-12-01

    Full Text Available Wireless sensor networks (WSNs provide noteworthy benefits over traditional approaches for several applications, including smart homes, healthcare, environmental monitoring, and homeland security. WSNs are integrated with the Internet Protocol (IP to develop the Internet of Things (IoT for connecting everyday life objects to the internet. Hence, major challenges of WSNs include: (i how to efficiently utilize small size and low-power nodes to implement security during data transmission among several sensor nodes; (ii how to resolve security issues associated with the harsh and complex environmental conditions during data transmission over a long coverage range. In this study, a secure IoT-based smart home automation system was developed. To facilitate energy-efficient data encryption, a method namely Triangle Based Security Algorithm (TBSA based on efficient key generation mechanism was proposed. The proposed TBSA in integration of the low power Wi-Fi were included in WSNs with the Internet to develop a novel IoT-based smart home which could provide secure data transmission among several associated sensor nodes in the network over a long converge range. The developed IoT based system has outstanding performance by fulfilling all the necessary security requirements. The experimental results showed that the proposed TBSA algorithm consumed less energy in comparison with some existing methods.

  8. Protocols for Detection and Removal of Wormholes for Secure Routing and Neighborhood Creation in Wireless Ad Hoc Networks

    Science.gov (United States)

    Hayajneh, Thaier Saleh

    2009-01-01

    Wireless ad hoc networks are suitable and sometimes the only solution for several applications. Many applications, particularly those in military and critical civilian domains (such as battlefield surveillance and emergency rescue) require that ad hoc networks be secure and stable. In fact, security is one of the main barriers to the extensive use…

  9. From Paper-based to Electronic Securities Posttrading

    DEFF Research Database (Denmark)

    Rapp, Hermann; Parisi, Cristiana

    centuries old business practices in the investment industry. This study focuses on CREST, a leading settlement infrastructure that facilitated the leap from paper-based to electronic post-trading in London. In 1993 it started as a project of the Bank of England, and today, CREST is operated by Euroclear......Over recent decades, securities post-trading has seen a radical change from paper-based to electronic procedures. Technological advances have facilitated digitisation as a global trend. While in the investment industry technology has also been a key driver for financial automation since the late...... United Kingdom & Ireland (EUI). Research objectives of this study are to investigate the industry context, how the CREST project was managed and introduced at a time of crisis, how the technology was designed, and its impact on financial markets and today’s UK and European infrastructure. Twenty...

  10. Simulation analysis of security performance of DPSKOCDMA network via virtual user scheme

    Directory of Open Access Journals (Sweden)

    Vishav Jyoti

    2012-07-01

    Full Text Available A novel technique to enhance the security of an optical code division multipleaccess (OCDMA system against eavesdropping is proposed. It has been observed that whena single user is active in the network, an eavesdropper can easily sift the data beingtransmitted without decoding. To increase the security, a virtual user scheme is proposed andsimulated on a differential phase shift keying (DPSK OCDMA system. By using the virtualuser scheme, the security of the DPSK-OCDMA system can be effectively improved and themultiple access interference, which is generally considered to be a limitation of the OCDMAsystem, is used to increase the confidentiality of the system.

  11. Neuronal synchrony detection on single-electron neural networks

    International Nuclear Information System (INIS)

    Oya, Takahide; Asai, Tetsuya; Kagaya, Ryo; Hirose, Tetsuya; Amemiya, Yoshihito

    2006-01-01

    Synchrony detection between burst and non-burst spikes is known to be one functional example of depressing synapses. Kanazawa et al. demonstrated synchrony detection with MOS depressing synapse circuits. They found that the performance of a network with depressing synapses that discriminates between burst and random input spikes increases non-monotonically as the static device mismatch is increased. We designed a single-electron depressing synapse and constructed the same network as in Kanazawa's study to develop noise-tolerant single-electron circuits. We examined the temperature characteristics and explored possible architecture that enables single-electron circuits to operate at T > 0 K

  12. TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

    OpenAIRE

    Sen-Tarng Lai

    2015-01-01

    E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

  13. 76 FR 14794 - Special Conditions: Boeing Model 747-8 Airplanes, Systems and Data Networks Security-Isolation or...

    Science.gov (United States)

    2011-03-18

    ... Networks Security--Isolation or Protection From Unauthorized Passenger Domain Systems Access AGENCY... systems and data networks. The applicable airworthiness regulations do not contain adequate or appropriate... connected networks. The network architecture would be used for a diverse set of functions, including: 1...

  14. Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

    OpenAIRE

    Vladislav D. Veksler; Norbou Buchler; Blaine E. Hoffman; Daniel N. Cassenti; Char Sample; Shridat Sugrim

    2018-01-01

    Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision li...

  15. Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292)

    NARCIS (Netherlands)

    Dacer, Marc; Kargl, Frank; König, Hartmut; Valdes, Alfonso

    2014-01-01

    This report documents the program and the outcomes of Dagstuhl Seminar 14292 “Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures”. The main objective of the seminar was to discuss new approaches and ideas for securing industrial control systems. It

  16. SOME QUESTIONS OF THE GRID AND NEURAL NETWORK MODELING OF AIRPORT AVIATION SECURITY CONTROL TASKS

    Directory of Open Access Journals (Sweden)

    N. Elisov Lev

    2017-01-01

    Full Text Available The authors’ original problem-solution-approach concerning aviation security management in civil aviation apply- ing parallel calculation processes method and the usage of neural computers is considered in this work. The statement of secure environment modeling problems for grid models and with the use of neural networks is presented. The research sub- ject area of this article is airport activity in the field of civil aviation, considered in the context of aviation security, defined as the state of aviation security against unlawful interference with the aviation field. The key issue in this subject area is aviation safety provision at an acceptable level. In this case, airport security level management becomes one of the main objectives of aviation security. Aviation security management is organizational-regulation in modern systems that can no longer correspond to changing requirements, increasingly getting complex and determined by external and internal envi- ronment factors, associated with a set of potential threats to airport activity. Optimal control requires the most accurate identification of management parameters and their quantitative assessment. The authors examine the possibility of applica- tion of mathematical methods for the modeling of security management processes and procedures in their latest works. Par- allel computing methods and network neurocomputing for modeling of airport security control processes are examined in this work. It is shown that the methods’ practical application of the methods is possible along with the decision support system, where the decision maker plays the leading role.

  17. Securing optical code-division multiple-access networks with a postswitching coding scheme of signature reconfiguration

    Science.gov (United States)

    Huang, Jen-Fa; Meng, Sheng-Hui; Lin, Ying-Chen

    2014-11-01

    The optical code-division multiple-access (OCDMA) technique is considered a good candidate for providing optical layer security. An enhanced OCDMA network security mechanism with a pseudonoise (PN) random digital signals type of maximal-length sequence (M-sequence) code switching to protect against eavesdropping is presented. Signature codes unique to individual OCDMA-network users are reconfigured according to the register state of the controlling electrical shift registers. Examples of signature reconfiguration following state switching of the controlling shift register for both the network user and the eavesdropper are numerically illustrated. Dynamically changing the PN state of the shift register to reconfigure the user signature sequence is shown; this hinders eavesdroppers' efforts to decode correct data sequences. The proposed scheme increases the probability of eavesdroppers committing errors in decoding and thereby substantially enhances the degree of an OCDMA network's confidentiality.

  18. Security of electronic medical information and patient privacy: what you need to know.

    Science.gov (United States)

    Andriole, Katherine P

    2014-12-01

    The responsibility that physicians have to protect their patients from harm extends to protecting the privacy and confidentiality of patient health information including that contained within radiological images. The intent of HIPAA and subsequent HIPAA Privacy and Security Rules is to keep patients' private information confidential while allowing providers access to and maintaining the integrity of relevant information needed to provide care. Failure to comply with electronic protected health information (ePHI) regulations could result in financial or criminal penalties or both. Protected health information refers to anything that can reasonably be used to identify a patient (eg, name, age, date of birth, social security number, radiology examination accession number). The basic tools and techniques used to maintain medical information security and patient privacy described in this article include physical safeguards such as computer device isolation and data backup, technical safeguards such as firewalls and secure transmission modes, and administrative safeguards including documentation of security policies, training of staff, and audit tracking through system logs. Other important concepts related to privacy and security are explained, including user authentication, authorization, availability, confidentiality, data integrity, and nonrepudiation. Patient privacy and security of medical information are critical elements in today's electronic health care environment. Radiology has led the way in adopting digital systems to make possible the availability of medical information anywhere anytime, and in identifying and working to eliminate any risks to patients. Copyright © 2014 American College of Radiology. Published by Elsevier Inc. All rights reserved.

  19. Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

    Science.gov (United States)

    Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

    2018-04-28

    Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

  20. Security research roadmap; Security-tutkimuksen roadmap

    Energy Technology Data Exchange (ETDEWEB)

    Naumanen, M.; Rouhiainen, V. (eds.)

    2006-02-15

    Requirements for increasing security have arisen in Europe after highly visible and tragic events in Madrid and in London. While responsibility for security rests largely with the national activities, the EU has also started planning a research area .Space and security. as a part of the 7th Framework Programme. As the justification for this research area it has been presented that technology alone can not assure security, but security can not be assured without the support of technology. Furthermore, the justification highlights that security and military research are becoming ever closer. The old separation between civil and military research is decreasing, because it has been noticed that both areas are nowadays utilising the same knowledge. In Finland, there is already now noteworthy entrepreneurship related to security. Although some of the companies are currently only operating in Finland, others are already international leaders in their area. The importance of the security area is increasing and remarkable potential for new growth business areas can already be identified. This however also requires an increase in research efforts. VTT has a broad range of security research ongoing in many technology areas. The main areas have been concentrating on public safety and security, but VTT is participating also in several research projects related to the defence technology. For identifying and defining in more detail the expertise and research goals, the Security research roadmap was developed. The roadmap identified three particularly significant areas related to security. The assurance of critical infrastructure emphasises the protection of energy networks, information networks, water supply, traffic and transport, and obviously also the citizens. For assuring the activities of entrepreneurship, significant areas include the security of production and services, the security of sites and assets, and information security for embedded systems. The most important