RACOON: a multiuser QoS design for mobile wireless body area networks.

Science.gov (United States)

Cheng, Shihheng; Huang, Chingyao; Tu, Chun Chen

2011-10-01

In this study, Random Contention-based Resource Allocation (RACOON) medium access control (MAC) protocol is proposed to support the quality of service (QoS) for multi-user mobile wireless body area networks (WBANs). Different from existing QoS designs that focus on a single WBAN, a multiuser WBAN QoS should further consider both inter-WBAN interference and inter-WBAN priorities. Similar problems have been studied in both overlapped wireless local area networks (WLANs) and Bluetooth piconets that need QoS supports. However, these solutions are designed for non-medical transmissions that do not consider any priority scheme for medical applications. Most importantly, these studies focus on only static or low mobility networks. Network mobility of WBANs will introduce unnecessary inter-network collisions and energy waste, which are not considered by these solutions. The proposed multiuser-QoS protocol, RACOON, simultaneously satisfies the inter WBAN QoS requirements and overcomes the performance degradation caused by WBAN mobility. Simulation results verify that RACOON provides better latency and energy control, as compared with WBAN QoS protocols without considering the inter-WBAN requirements.

McMAC: towards a MAC protocol with multi-constrained QoS provisioning for diverse traffic in Wireless Body Area Networks.

Science.gov (United States)

Monowar, Muhammad Mostafa; Hassan, Mohammad Mehedi; Bajaber, Fuad; Al-Hussein, Musaed; Alamri, Atif

2012-11-12

The emergence of heterogeneous applications with diverse requirements for resource-constrained Wireless Body Area Networks (WBANs) poses significant challenges for provisioning Quality of Service (QoS) with multi-constraints (delay and reliability) while preserving energy efficiency. To address such challenges, this paper proposes McMAC,a MAC protocol with multi-constrained QoS provisioning for diverse traffic classes in WBANs. McMAC classifies traffic based on their multi-constrained QoS demands and introduces a novel superframe structure based on the "transmit-whenever-appropriate"principle, which allows diverse periods for diverse traffic classes according to their respective QoS requirements. Furthermore, a novel emergency packet handling mechanism is proposedto ensure packet delivery with the least possible delay and the highest reliability. McMAC is also modeled analytically, and extensive simulations were performed to evaluate its performance. The results reveal that McMAC achieves the desired delay and reliability guarantee according to the requirements of a particular traffic class while achieving energy efficiency.

On Designing Thermal-Aware Localized QoS Routing Protocol for in-vivo Sensor Nodes in Wireless Body Area Networks.

Science.gov (United States)

Monowar, Muhammad Mostafa; Bajaber, Fuad

2015-06-15

In this paper, we address the thermal rise and Quality-of-Service (QoS) provisioning issue for an intra-body Wireless Body Area Network (WBAN) having in-vivo sensor nodes. We propose a thermal-aware QoS routing protocol, called TLQoS, that facilitates the system in achieving desired QoS in terms of delay and reliability for diverse traffic types, as well as avoids the formation of highly heated nodes known as hotspot(s), and keeps the temperature rise along the network to an acceptable level. TLQoS exploits modular architecture wherein different modules perform integrated operations in providing multiple QoS service with lower temperature rise. To address the challenges of highly dynamic wireless environment inside the human body. TLQoS implements potential-based localized routing that requires only local neighborhood information. TLQoS avoids routing loop formation as well as reduces the number of hop traversal exploiting hybrid potential, and tuning a configurable parameter. We perform extensive simulations of TLQoS, and the results show that TLQoS has significant performance improvements over state-of-the-art approaches.

QoS mapping algorithm for ETE QoS provisioning

Science.gov (United States)

Wu, Jian J.; Foster, Gerry

2002-08-01

End-to-End (ETE) Quality of Service (QoS) is critical for next generation wireless multimedia communication systems. To meet the ETE QoS requirements, Universal Mobile Telecommunication System (UMTS) requires not only meeting the 3GPP QoS requirements [1-2] but also mapping external network QoS classes to UMTS QoS classes. There are four Quality of Services (QoS) classes in UMTS; they are Conversational, Streaming, Interactive and Background. There are eight QoS classes for LAN in IEEE 802.1 (one reserved). ATM has four QoS categories. They are Constant Bit Rate (CBR) - highest priority, short queue for strict Cell Delay Variation (CDV), Variable Bit Rate (VBR) - second highest priority, short queues for real time, longer queues for non-real time, Guaranteed Frame Rate (GFR)/ Unspecified Bit Rate (UBR) with Minimum Desired Cell Rate (MDCR) - intermediate priority, dependent on service provider UBR/ Available Bit Rate (ABR) - lowest priority, long queues, large delay variation. DiffServ (DS) has six-bit DS codepoint (DSCP) available to determine the datagram's priority relative to other datagrams and therefore, up to 64 QoS classes are available from the IPv4 and IPv6 DSCP. Different organisations have tried to solve the QoS issues from their own perspective. However, none of them has a full picture for end-to-end QoS classes and how to map them among all QoS classes. Therefore, a universal QoS needs to be created and a new set of QoS classes to enable end-to-end (ETE) QoS provisioning is required. In this paper, a new set of ETE QoS classes is proposed and a mappings algorithm for different QoS classes that are proposed by different organisations is given. With our proposal, ETE QoS mapping and control can be implemented.

On Designing Thermal-Aware Localized QoS Routing Protocol for in-vivo Sensor Nodes in Wireless Body Area Networks

Directory of Open Access Journals (Sweden)

Muhammad Mostafa Monowar

2015-06-01

Full Text Available In this paper, we address the thermal rise and Quality-of-Service (QoS provisioning issue for an intra-body Wireless Body Area Network (WBAN having in-vivo sensor nodes. We propose a thermal-aware QoS routing protocol, called TLQoS, that facilitates the system in achieving desired QoS in terms of delay and reliability for diverse traffic types, as well as avoids the formation of highly heated nodes known as hotspot(s, and keeps the temperature rise along the network to an acceptable level. TLQoS exploits modular architecture wherein different modules perform integrated operations in providing multiple QoS service with lower temperature rise. To address the challenges of highly dynamic wireless environment inside the human body. TLQoS implements potential-based localized routing that requires only local neighborhood information. TLQoS avoids routing loop formation as well as reduces the number of hop traversal exploiting hybrid potential, and tuning a configurable parameter. We perform extensive simulations of TLQoS, and the results show that TLQoS has significant performance improvements over state-of-the-art approaches.

M ULTIPATH QOS A WARE R OUTING P ROTOCOL FOR ADHOC N ETWORK

OpenAIRE

Anupam Baliyan; Dr.Vikas Pareek

2014-01-01

Packet delivery ratio, delay, throughput, routing o verhead etc are the strict quality of service requi rements for applications in Ad hoc networks. So, the routin g protocol not only finds a suitable path but also the path should satisfy the QoS constraints also. Quality of services (QoS) aware routing is performed on the b asis of resource availability in the network and the flo w of QoS requirement. In this paper we developed a source routing protocol which...

Intelligent QoS routing algorithm based on improved AODV protocol for Ad Hoc networks

Science.gov (United States)

Huibin, Liu; Jun, Zhang

2016-04-01

Mobile Ad Hoc Networks were playing an increasingly important part in disaster reliefs, military battlefields and scientific explorations. However, networks routing difficulties are more and more outstanding due to inherent structures. This paper proposed an improved cuckoo searching-based Ad hoc On-Demand Distance Vector Routing protocol (CSAODV). It elaborately designs the calculation methods of optimal routing algorithm used by protocol and transmission mechanism of communication-package. In calculation of optimal routing algorithm by CS Algorithm, by increasing QoS constraint, the found optimal routing algorithm can conform to the requirements of specified bandwidth and time delay, and a certain balance can be obtained among computation spending, bandwidth and time delay. Take advantage of NS2 simulation software to take performance test on protocol in three circumstances and validate the feasibility and validity of CSAODV protocol. In results, CSAODV routing protocol is more adapt to the change of network topological structure than AODV protocol, which improves package delivery fraction of protocol effectively, reduce the transmission time delay of network, reduce the extra burden to network brought by controlling information, and improve the routing efficiency of network.

Security Protocols in a Nutshell

OpenAIRE

Toorani, Mohsen

2016-01-01

Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of pro...

IP access networks with QoS support

Science.gov (United States)

Sargento, Susana; Valadas, Rui J. M. T.; Goncalves, Jorge; Sousa, Henrique

2001-07-01

The increasing demand of new services and applications is pushing for drastic changes on the design of access networks targeted mainly for residential and SOHO users. Future access networks will provide full service integration (including multimedia), resource sharing at the packet level and QoS support. It is expected that using IP as the base technology, the ideal plug-and-play scenario, where the management actions of the access network operator are kept to a minimum, will be achieved easily. This paper proposes an architecture for access networks based on layer 2 or layer 3 multiplexers that allows a number of simplifications in the network elements and protocols (e.g. in the routing and addressing functions). We discuss two possible steps in the evolution of access networks towards a more efficient support of IP based services. The first one still provides no QoS support and was designed with the goal of reusing as much as possible current technologies; it is based on tunneling to transport PPP sessions. The second one introduces QoS support through the use of emerging technologies and protocols. We illustrate the different phases of a multimedia Internet access session, when using SIP for session initiation, COPS for the management of QoS policies including the AAA functions and RSVP for resource reservation.

McMAC: Towards a MAC Protocol with Multi-Constrained QoS Provisioning for Diverse Traffic in Wireless Body Area Networks

Directory of Open Access Journals (Sweden)

Muhammad Mostafa Monowar

2012-11-01

Full Text Available The emergence of heterogeneous applications with diverse requirements forresource-constrained Wireless Body Area Networks (WBANs poses significant challengesfor provisioning Quality of Service (QoS with multi-constraints (delay and reliability whilepreserving energy efficiency. To address such challenges, this paper proposes McMAC,a MAC protocol with multi-constrained QoS provisioning for diverse traffic classes inWBANs. McMAC classifies traffic based on their multi-constrained QoS demands andintroduces a novel superframe structure based on the "transmit-whenever-appropriate"principle, which allows diverse periods for diverse traffic classes according to their respectiveQoS requirements. Furthermore, a novel emergency packet handling mechanism is proposedto ensure packet delivery with the least possible delay and the highest reliability. McMACis also modeled analytically, and extensive simulations were performed to evaluate itsperformance. The results reveal that McMAC achieves the desired delay and reliabilityguarantee according to the requirements of a particular traffic class while achieving energyefficiency.

Autonomous QoS Management and Policing in Unmanaged Local Area Networks

Directory of Open Access Journals (Sweden)

Christopher Köhnen

2015-01-01

Full Text Available The high increase of bandwidth-intensive applications like high definition video streaming in home and small office environments leads to QoS challenges in hybrid wired/wireless local area networks. These networks are often not QoS aware and may contain bottlenecks in their topology. In addition, they often have a hybrid nature due to the used access technology consisting of, for example, Ethernet, wireless, and PowerLAN links. In this paper, we present the research work on a novel autonomous system for hybrid QoS in local area networks, called QoSiLAN, which does not rely on network infrastructure support but on host cooperation and works independently of the access technology. We present a new QoS Signalling Protocol, policing and admission control algorithms, and a new lightweight statistical bandwidth prediction algorithm for autonomous resource management in LANs. This new QoS framework enables link based, access-medium independent bandwidth management without network support. We provide evaluation results for the novel bandwidth prediction algorithm as well as for the QoSiLAN framework and its protocol, which highlight the features, robustness, and the effectiveness of the proposed system.

TD-LTE Wireless Private Network QoS Transmission Protection

Science.gov (United States)

Zhang, Jianming; Cheng, Chao; Wu, Zanhong

With the commencement of construction of the smart grid, the demand power business for reliability and security continues to improve, the reliability transmission of power TD-LTE Wireless Private Network are more and more attention. For TD-LTE power private network, it can provide different QoS services according to the user's business type, to protect the reliable transmission of business. This article describes in detail the AF module of PCC in the EPC network, specifically introduces set up AF module station and QoS mechanisms in the EPS load, fully considers the business characteristics of the special power network, establishing a suitable architecture for mapping QoS parameters, ensuring the implementation of each QoS business. Through using radio bearer management, we can achieve the reliable transmission of each business on physical channel.

Cross Layer QoS Provisioning in Home Networks

DEFF Research Database (Denmark)

Wang, Jiayuan; Brewka, Lukasz Jerzy; Ruepp, Sarah Renée

2011-01-01

This paper introduces an innovative QoS provisioning scheme in home networks, by utilizing Optical Wireless (OW) MAC specification proposed by Home Gigabit Access Project (OMEGA) project. The specification is characterized by its resource reservation protocol and the use of Time Division Multiple...... Access (TDMA). By adopting OW MAC to the widely supported Universal Plug and Play – Quality of Service (UPnP-QoS) Architecture in the simulated home domain, algorithms for cross layer mapping QoS requirements are proposed. Compared to utilizing WLAN MAC, our scheme is able to provide guaranteed Qo......S levels to streams with different priorities, especially to delay-sensitive services. Efficiencies of the algorithms and network performance are validated by analyzing the results collected from OPNET simulation models....

UPnP QoS and queuing in home networks

DEFF Research Database (Denmark)

Brewka, Lukasz Jerzy; Wessing, Henrik; Dittmann, Lars

2010-01-01

The QoS provisioning in home networks is being more often considered for future use cases, where mulitple high bandwidth flows are accomodated in the home environment. This paper investigates chosen characteristics of one of the home network control and management protocol suites, namely UPn......P. Using network modeling tools, we evaluate UPnP QoS architecture and its resource management influence on the end-to-end packet delay characteristics for different scheduling approaches....

CCSDS Advanced Orbiting Systems Virtual Channel Access Service for QoS MACHETE Model

Science.gov (United States)

Jennings, Esther H.; Segui, John S.

2011-01-01

To support various communications requirements imposed by different missions, interplanetary communication protocols need to be designed, validated, and evaluated carefully. Multimission Advanced Communications Hybrid Environment for Test and Evaluation (MACHETE), described in "Simulator of Space Communication Networks" (NPO-41373), NASA Tech Briefs, Vol. 29, No. 8 (August 2005), p. 44, combines various tools for simulation and performance analysis of space networks. The MACHETE environment supports orbital analysis, link budget analysis, communications network simulations, and hardware-in-the-loop testing. By building abstract behavioral models of network protocols, one can validate performance after identifying the appropriate metrics of interest. The innovators have extended the MACHETE model library to include a generic link-layer Virtual Channel (VC) model supporting quality-of-service (QoS) controls based on IP streams. The main purpose of this generic Virtual Channel model addition was to interface fine-grain flow-based QoS (quality of service) between the network and MAC layers of the QualNet simulator, a commercial component of MACHETE. This software model adds the capability of mapping IP streams, based on header fields, to virtual channel numbers, allowing extended QoS handling at link layer. This feature further refines the QoS v existing at the network layer. QoS at the network layer (e.g. diffserv) supports few QoS classes, so data from one class will be aggregated together; differentiating between flows internal to a class/priority is not supported. By adding QoS classification capability between network and MAC layers through VC, one maps multiple VCs onto the same physical link. Users then specify different VC weights, and different queuing and scheduling policies at the link layer. This VC model supports system performance analysis of various virtual channel link-layer QoS queuing schemes independent of the network-layer QoS systems.

Efficient secure two-party protocols

CERN Document Server

Hazay, Carmit

2010-01-01

The authors present a comprehensive study of efficient protocols and techniques for secure two-party computation -- both general constructions that can be used to securely compute any functionality, and protocols for specific problems of interest. The book focuses on techniques for constructing efficient protocols and proving them secure. In addition, the authors study different definitional paradigms and compare the efficiency of protocols achieved under these different definitions.The book opens with a general introduction to secure computation and then presents definitions of security for a

APIs for QoS configuration in Software Defined Networks

DEFF Research Database (Denmark)

Caba, Cosmin Marius; Soler, José

2015-01-01

The OpenFlow (OF) protocol is widely used in Software Defined Networking (SDN) to realize the communication between the controller and forwarding devices. OF allows great flexibility in managing traffic flows. However, OF alone is not enough to build more complex SDN services that require complete...... such as configuration of devices, ports, queues, etc. An Application Programming Interface (API) for dynamic configuration of QoS resources in the network devices is implemented herein, by using the capabilities of OVSDB. Further, the paper demonstrates the possibility to create network services with coarse granularity...... on top of the fine granular services exposed by the QoS configuration API at the SDNC. A series of tests emphasize the capabilities and the performance of the implemented QoS configuration API....

Summary Report on Unconditionally Secure Protocols

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Salvail, Louis; Cachin, Christian

This document describes the state of the art snd some of the main open problems in the area of unconditionally secure cryptographic protocols. The most essential part of a cryptographic protocol is not its being secure. Imagine a cryptographic protocol which is secure, but where we do not know...... that it is secure. Such a protocol would do little in providing security. When all comes to all, cryptographic security is done for the sake of people, and the essential part of security is for people what it has always been, namely to feel secure. To feel secure employing a given cryptographic protocol we need...... to know that is is secure. I.e. we need a proof that it is secure. Today the proof of security of essentially all practically employed cryptographic protocols relies on computational assumptions. To prove that currently employed ways to communicate securely over the Internet are secure we e.g. need...

Evaluation of QoS supported in Network Mobility NEMO environments

International Nuclear Information System (INIS)

Hussien, L F; Abdalla, A H; Habaebi, M H; Khalifa, O O; Hassan, W H

2013-01-01

Network mobility basic support (NEMO BS) protocol is an entire network, roaming as a unit which changes its point of attachment to the Internet and consequently its reachability in the network topology. NEMO BS doesn't provide QoS guarantees to its users same as traditional Internet IP and Mobile IPv6 as well. Typically, all the users will have same level of services without considering about their application requirements. This poses a problem to real-time applications that required QoS guarantees. To gain more effective control of the network, incorporated QoS is needed. Within QoS-enabled network the traffic flow can be distributed to various priorities. Also, the network bandwidth and resources can be allocated to different applications and users. Internet Engineering Task Force (IETF) working group has proposed several QoS solutions for static network such as IntServ, DiffServ and MPLS. These QoS solutions are designed in the context of a static environment (i.e. fixed hosts and networks). However, they are not fully adapted to mobile environments. They essentially demands to be extended and adjusted to meet up various challenges involved in mobile environments. With existing QoS mechanisms many proposals have been developed to provide QoS for individual mobile nodes (i.e. host mobility). In contrary, research based on the movement of the whole mobile network in IPv6 is still undertaking by the IETF working groups (i.e. network mobility). Few researches have been done in the area of providing QoS for roaming networks. Therefore, this paper aims to review and investigate (previous /and current) related works that have been developed to provide QoS in mobile network. Consequently, a new proposed scheme will be introduced to enhance QoS within NEMO environment, achieving by which seamless mobility to users of mobile network node (MNN)

Transmission Algorithm with QoS Considerations for a Sustainable MPEG Streaming Service

Directory of Open Access Journals (Sweden)

Sang-Hyong Kim

2017-03-01

Full Text Available With the proliferation of heterogeneous networks, there is a need to provide multimedia stream services in a sustainable manner. It is especially critical to maintain the Quality of Service (QoS standards. Existing multimedia streaming services have been studied to guarantee QoS on the receiving side. QoS has not been ensured due to the fact that the loss of streaming data to be transmitted has not been considered in network conditions. With an algorithm that considers the QoS and can reduce the overhead of the network, it will be possible to reduce the transmission error and wastage of communication network resources. In this paper, we propose a scheme that improves the reliability of multimedia transmissions by using an adaptive algorithm that switches between UDP (User Datagram Protocol and TCP (Transmission Control Protocol based on the size of the data. In addition, we present a method that retransmits essential portions of the multimedia data, thus improving transmission efficiency. We simulate an MPEG (Moving Picture Experts Group stream service and evaluate the performance of the proposed adaptive MPEG stream service.

An Application-Level QoS Control Method Based on Local Bandwidth Scheduling

Directory of Open Access Journals (Sweden)

Yong Wang

2018-01-01

Full Text Available Quality of service (QoS is an important performance indicator for Web applications and bandwidth is a key factor affecting QoS. Current methods use network protocols or ports to schedule bandwidth, which require tedious manual configurations or modifications of the underlying network. Some applications use dynamic ports and the traditional port-based bandwidth control methods cannot deal with them. A new QoS control method based on local bandwidth scheduling is proposed, which can schedule bandwidth at application level in a user-transparent way and it does not require tedious manual configurations. Experimental results indicate that the new method can effectively improve the QoS for applications, and it can be easily integrated into current Web applications without the need to modify the underlying network.

A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

Directory of Open Access Journals (Sweden)

Triana Mugia Rahayu

2015-06-01

Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

Science.gov (United States)

Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

2013-09-02

Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

Towards Internet QoS provisioning based on generic distributed QoS adaptive routing engine.

Science.gov (United States)

Haikal, Amira Y; Badawy, M; Ali, Hesham A

2014-01-01

Increasing efficiency and quality demands of modern Internet technologies drive today's network engineers to seek to provide quality of service (QoS). Internet QoS provisioning gives rise to several challenging issues. This paper introduces a generic distributed QoS adaptive routing engine (DQARE) architecture based on OSPFxQoS. The innovation of the proposed work in this paper is its undependability on the used QoS architectures and, moreover, splitting of the control strategy from data forwarding mechanisms, so we guarantee a set of absolute stable mechanisms on top of which Internet QoS can be built. DQARE architecture is furnished with three relevant traffic control schemes, namely, service differentiation, QoS routing, and traffic engineering. The main objective of this paper is to (i) provide a general configuration guideline for service differentiation, (ii) formalize the theoretical properties of different QoS routing algorithms and then introduce a QoS routing algorithm (QOPRA) based on dynamic programming technique, and (iii) propose QoS multipath forwarding (QMPF) model for paths diversity exploitation. NS2-based simulations proved the DQARE superiority in terms of delay, packet delivery ratio, throughput, and control overhead. Moreover, extensive simulations are used to compare the proposed QOPRA algorithm and QMPF model with their counterparts in the literature.

Towards Internet QoS Provisioning Based on Generic Distributed QoS Adaptive Routing Engine

Directory of Open Access Journals (Sweden)

Amira Y. Haikal

2014-01-01

Full Text Available Increasing efficiency and quality demands of modern Internet technologies drive today’s network engineers to seek to provide quality of service (QoS. Internet QoS provisioning gives rise to several challenging issues. This paper introduces a generic distributed QoS adaptive routing engine (DQARE architecture based on OSPFxQoS. The innovation of the proposed work in this paper is its undependability on the used QoS architectures and, moreover, splitting of the control strategy from data forwarding mechanisms, so we guarantee a set of absolute stable mechanisms on top of which Internet QoS can be built. DQARE architecture is furnished with three relevant traffic control schemes, namely, service differentiation, QoS routing, and traffic engineering. The main objective of this paper is to (i provide a general configuration guideline for service differentiation, (ii formalize the theoretical properties of different QoS routing algorithms and then introduce a QoS routing algorithm (QOPRA based on dynamic programming technique, and (iii propose QoS multipath forwarding (QMPF model for paths diversity exploitation. NS2-based simulations proved the DQARE superiority in terms of delay, packet delivery ratio, throughput, and control overhead. Moreover, extensive simulations are used to compare the proposed QOPRA algorithm and QMPF model with their counterparts in the literature.

Demarcation of Security in Authentication Protocols

DEFF Research Database (Denmark)

Ahmed, Naveed; Jensen, Christian D.

2011-01-01

Security analysis of communication protocols is a slippery business; many “secure” protocols later turn out to be insecure. Among many, two complains are more frequent: inadequate definition of security and unstated assumptions in the security model. In our experience, one principal cause...... for such state of affairs is an apparent overlap of security and correctness, which may lead to many sloppy security definitions and security models. Although there is no inherent need to separate security and correctness requirements, practically, such separation is significant. It makes security analysis...... easier, and enables us to define security goals with a fine granularity. We present one such separation, by introducing the notion of binding sequence as a security primitive. A binding sequence, roughly speaking, is the only required security property of an authentication protocol. All other...

Study of QoS control and reliable routing method for utility communication network. Application of differentiated service to the network and alternative route establishment by the IP routing protocol; Denryokuyo IP network no QoS seigyo to shinraisei kakuho no hoho. DiffServ ni yoru QoS seigyo no koka to IP ni yoru fuku root ka no kento

Energy Technology Data Exchange (ETDEWEB)

Oba, E.

2000-05-01

QoS control method which satisfies utilities communication network requirement and alternative route establishment method which is for sustaining communication during a failure are studied. Applicability of DiffServ (Differentiated Service), one of the most promising QoS control method on IP network and studying energetically in IETF WG, is studied and it is found most application used in the utility communication network except for relaying system information could he accommodated to the DiffServ network. An example of the napping of the utility communication applications to the DiffServ PHB (Per Hop Behavior) is shown in this paper. Regarding to the alternative route, usual IP routing protocol cannot establish alternative route which doesn't have common links and nodes in their paths for a destination. IP address duplication with some modification of routing protocol enables such alternative route establishment. MPLS, distance vector algorithm and link state algorithm are evaluated qualitatively, and as a result, we found MPLS is promising way to establish the route. Quantitative evaluation will be future work. (author)

Research on distributed QOS routing algorithm based on TCP/IP

Science.gov (United States)

Liu, Xiaoyue; Chen, Yongqiang

2011-10-01

At present, network environment follow protocol standard of IPV4 is intended to do the best effort of network to provide network applied service for users, however, not caring about service quality.Thus the packet loss rate is high, it cannot reach an ideal applied results. This article through the establishment of mathematical model, put forward a new distributed multi QOS routing algorithm, given the realization process of this distributed QOS routing algorithm, and simulation was carried out by simulation software. The results show the proposed algorithm can improve the utilization rate of network resources and the service quality of network application.

A HIPAA-compliant architecture for securing clinical images

Science.gov (United States)

Liu, Brent J.; Zhou, Zheng; Huang, H. K.

2005-04-01

The HIPAA (Health Insurance Portability and Accountability Act, Instituted April 2003) Security Standards mandate health institutions to protect health information against unauthorized use or disclosure. One approach to addressing this mandate is by utilizing user access control and generating audit trails of the various authorized as well as unauthorized user access of health data. Although most current clinical image systems (eg, PACS) have components that generate log files as a solution to address the HIPAA mandate, there is a lack of methodology to obtain and synthesize the pertinent data from the large volumes of log file data generated by these multiple components within a PACS. We have designed and developed a HIPAA Compliant Architecture specifically for tracking and auditing the image workflow of clinical imaging systems such as PACS. As an initial first step, a software toolkit was implemented based on the HIPAA Compliant architecture. The toolkit was implemented within a testbed PACS Simulator located in the Image Processing and Informatics (IPI) lab at the University of Southern California. Evaluation scenarios were developed where different user types performed legal and illegal access of PACS image data within each of the different components in the PACS Simulator. Results were based on whether the scenarios of unauthorized access were correctly identified and documented as well as normal operational activity.

Deterministic secure communication protocol without using entanglement

OpenAIRE

Cai, Qing-yu

2003-01-01

We show a deterministic secure direct communication protocol using single qubit in mixed state. The security of this protocol is based on the security proof of BB84 protocol. It can be realized with current technologies.

On capacity tradeoffs in secure DS-CDMA packet communications with QOS constraints

International Nuclear Information System (INIS)

Sattar, F.; Mufti, M.

2012-01-01

This paper presents a mathematical framework for analysis of effect of counter mode (CTR) encryption on the traffic capacity of packet communication systems based on direct-sequence, code-division, multiple-access (DS-CDMA). We specify QoS constraints in terms of minimum acceptable mean opinion score (MOS) of voice payload, maximum permissible resource utilization for CTR-mode re-keying and DS-CDMA processing gain. We quantify the trade-offs in system capacity as a function of these constraints. Results show that application of CTR encryption causes error expansion and respecting the QoS constraints while satisfying the desired encryption parameters results in reduction of traffic capacity. (author)

ATM QoS Experiments Using TCP Applications: Performance of TCP/IP Over ATM in a Variety of Errored Links

Science.gov (United States)

Frantz, Brian D.; Ivancic, William D.

2001-01-01

Asynchronous Transfer Mode (ATM) Quality of Service (QoS) experiments using the Transmission Control Protocol/Internet Protocol (TCP/IP) were performed for various link delays. The link delay was set to emulate a Wide Area Network (WAN) and a Satellite Link. The purpose of these experiments was to evaluate the ATM QoS requirements for applications that utilize advance TCP/IP protocols implemented with large windows and Selective ACKnowledgements (SACK). The effects of cell error, cell loss, and random bit errors on throughput were reported. The detailed test plan and test results are presented herein.

Bioinspired Security Analysis of Wireless Protocols

DEFF Research Database (Denmark)

Petrocchi, Marinella; Spognardi, Angelo; Santi, Paolo

2016-01-01

work, this paper investigates feasibility of adopting fraglets as model for specifying security protocols and analysing their properties. In particular, we give concrete sample analyses over a secure RFID protocol, showing evolution of the protocol run as chemical dynamics and simulating an adversary...

WiMAX security and quality of service an end-to-end perspective

CERN Document Server

Tang, Seok-Yee; Sharif, Hamid

2010-01-01

WiMAX is the first standard technology to deliver true broadband mobility at speeds that enable powerful multimedia applications such as Voice over Internet Protocol (VoIP), online gaming, mobile TV, and personalized infotainment. WiMAX Security and Quality of Service, focuses on the interdisciplinary subject of advanced Security and Quality of Service (QoS) in WiMAX wireless telecommunication systems including its models, standards, implementations, and applications. Split into 4 parts, Part A of the book is an end-to-end overview of the WiMAX architecture, protocol, and system requirements.

The extended TRIP supporting VoIP routing reservation with distributed QoS

Science.gov (United States)

Wang, Furong; Wu, Ye

2004-04-01

In this paper, an existing protocol, i.e. TRIP (Telephony Routing over IP) is developed to provide distributed QoS when making resource reservations for VoIP services such as H.323, SIP. Enhanced LSs (location servers) are deployed in ITADs (IP Telephony Administrative Domains) to take in charge of intra-domain routing policy because of small propagation price. It is an easy way to find an IP telephone route for intra-domain VoIP media association and simultaneously possess intra-domain load balancing features. For those routing reservations bridging domains, inter-domain routing policy is responsible for finding the shortest inter-domain route with enough resources. I propose the routing preference policy based on QoS price when the session traffic is shaped by a token bucket, related QoS messages, and message cooperation.

Maximally efficient protocols for direct secure quantum communication

Energy Technology Data Exchange (ETDEWEB)

Banerjee, Anindita [Department of Physics and Materials Science Engineering, Jaypee Institute of Information Technology, A-10, Sector-62, Noida, UP-201307 (India); Department of Physics and Center for Astroparticle Physics and Space Science, Bose Institute, Block EN, Sector V, Kolkata 700091 (India); Pathak, Anirban, E-mail: anirban.pathak@jiit.ac.in [Department of Physics and Materials Science Engineering, Jaypee Institute of Information Technology, A-10, Sector-62, Noida, UP-201307 (India); RCPTM, Joint Laboratory of Optics of Palacky University and Institute of Physics of Academy of Science of the Czech Republic, Faculty of Science, Palacky University, 17. Listopadu 12, 77146 Olomouc (Czech Republic)

2012-10-01

Two protocols for deterministic secure quantum communication (DSQC) using GHZ-like states have been proposed. It is shown that one of these protocols is maximally efficient and that can be modified to an equivalent protocol of quantum secure direct communication (QSDC). Security and efficiency of the proposed protocols are analyzed and compared. It is shown that dense coding is sufficient but not essential for DSQC and QSDC protocols. Maximally efficient QSDC protocols are shown to be more efficient than their DSQC counterparts. This additional efficiency arises at the cost of message transmission rate. -- Highlights: ► Two protocols for deterministic secure quantum communication (DSQC) are proposed. ► One of the above protocols is maximally efficient. ► It is modified to an equivalent protocol of quantum secure direct communication (QSDC). ► It is shown that dense coding is sufficient but not essential for DSQC and QSDC protocols. ► Efficient QSDC protocols are always more efficient than their DSQC counterparts.

Hybrid architecture for building secure sensor networks

Science.gov (United States)

Owens, Ken R., Jr.; Watkins, Steve E.

2012-04-01

Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

Providing end-to-end QoS for multimedia applications in 3G wireless networks

Science.gov (United States)

Guo, Katherine; Rangarajan, Samapth; Siddiqui, M. A.; Paul, Sanjoy

2003-11-01

As the usage of wireless packet data services increases, wireless carriers today are faced with the challenge of offering multimedia applications with QoS requirements within current 3G data networks. End-to-end QoS requires support at the application, network, link and medium access control (MAC) layers. We discuss existing CDMA2000 network architecture and show its shortcomings that prevent supporting multiple classes of traffic at the Radio Access Network (RAN). We then propose changes in RAN within the standards framework that enable support for multiple traffic classes. In addition, we discuss how Session Initiation Protocol (SIP) can be augmented with QoS signaling for supporting end-to-end QoS. We also review state of the art scheduling algorithms at the base station and provide possible extensions to these algorithms to support different classes of traffic as well as different classes of users.

Developing security protocols in χ-Spaces

DEFF Research Database (Denmark)

Crazzolara, Federico; Milicia, Giuseppe

2002-01-01

It is of paramount importance that a security protocol effectively enforces the desired security requirements. The apparent simplicity of informal protocol descriptions hides the inherent complexity of their interactions which, often, invalidate informal correctness arguments and justify the effort...

Security Protocols: Specification, Verification, Implementation, and Composition

DEFF Research Database (Denmark)

Almousa, Omar

An important aspect of Internet security is the security of cryptographic protocols that it deploys. We need to make sure that such protocols achieve their goals, whether in isolation or in composition, i.e., security protocols must not suffer from any aw that enables hostile intruders to break...... results. The most important generalization is the support for all security properties of the geometric fragment proposed by [Gut14]....... their security. Among others, tools like OFMC [MV09b] and Proverif [Bla01] are quite efficient for the automatic formal verification of a large class of protocols. These tools use different approaches such as symbolic model checking or static analysis. Either approach has its own pros and cons, and therefore, we...

A STRONG SECURITY PROTOCOL AGAINST FINGERPRINT DATABASE ATTACKS

Directory of Open Access Journals (Sweden)

U. Latha

2013-08-01

Full Text Available The Biometric data is subject to on-going changes and create a crucial problem in fingerprint database. To deal with this, a security protocol is proposed to protect the finger prints information from the prohibited users. Here, a security protocol is proposed to protect the finger prints information. The proposed system comprised of three phases namely, fingerprint reconstruction, feature extraction and development of trigon based security protocol. In fingerprint reconstruction, the different crack variance level finger prints images are reconstructed by the M-band Dual Tree Complex Wavelet Transform (DTCWT. After that features are extracted by binarization. A set of finger print images are utilized to evaluate the performance of security protocol and the result from this process guarantees the healthiness of the proposed trigon based security protocol. The implementation results show the effectiveness of proposed trigon based security protocol in protecting the finger print information and the achieved improvement in image reconstruction and the security process.

Effectiveness and Limitations of E-Mail Security Protocols

OpenAIRE

M. Tariq Banday

2011-01-01

Simple Mail Transport Protocol is the most widely adopted protocol for e-mail delivery. However, it lackssecurity features for privacy, authentication of sending party, integrity of e-mail message, nonrepudiationand consistency of e-mail envelope. To make e-mail communication secure and private,e-mail servers incorporate one or more security features using add-on security protocols. The add-onsecurity protocols provide a reasonable security but have several limitations. This paper discussesli...

Analysis of a security protocol in ?CRL

NARCIS (Netherlands)

J. Pang

2002-01-01

textabstractNeedham-Schroeder public-key protocol; With the growth and commercialization of the Internet, the security of communication between computers becomes a crucial point. A variety of security protocols based on cryptographic primitives are used to establish secure communication over

Impact of VoIP and QoS on Open and Distance Learning

Directory of Open Access Journals (Sweden)

Sanjay JASOLA

2006-07-01

Full Text Available Voice over Internet Protocol (VoIP is becoming a reality in many organizations. The potential for mobility in voice over wi-fi networks will derive demand for the technology. Wireless VoIP is poised to rival VoIP as an alternative telephony tool. Internet has been used to transport data in the form of packet. In the past, Internet did not support any kind of sophisticated quality of service (QoS mechanism. Although the type of service (TOS field in the Internet protocol (IP header has been existing and has been allowing the differentiated treatment of packets, it was never really used on a large scale. The voice is sensitive to delay and jitter so bandwidth must be guaranteed while transporting it. With the extensive use of Internet for carrying voice, there is a need to add QoS functionality in it. QoS with reference to VoIP has been discussed in the paper. Limited bandwidth and network latency are the issues which need to be considered while using wireless LAN for packetized voice data. Efforts of standards like 802.11e which will take care of these issues, have also been explored. The impact of these technologies on distance education has also been explored in the paper.

Simulation and Evaluation of CTP and Secure-CTP Protocols

Directory of Open Access Journals (Sweden)

P. Pecho

2010-04-01

Full Text Available The paper discusses characteristics and qualities of two routing protocols – Collection Tree Protocol and its secure modification. The original protocol, as well as other protocols for wireless sensors, solves only problems of ra- dio communication and limited resources. Our design of the secure protocol tries to solve also the essential security ob- jectives. For the evaluation of properties of our protocol in large networks, a TOSSIM simulator was used. Our effort was to show the influence of the modification of the routing protocol to its behavior and quality of routing trees. We have proved that adding security into protocol design does not necessarily mean higher demands for data transfer, power consumption or worse protocol efficiency. In the paper, we manifest that security in the protocol may be achieved with low cost and may offer similar performance as the original protocol.

Security analysis of session initiation protocol

OpenAIRE

Dobson, Lucas E.

2010-01-01

Approved for public release; distribution is unlimited The goal of this thesis is to investigate the security of the Session Initiation Protocol (SIP). This was accomplished by researching previously discovered protocol and implementation vulnerabilities, evaluating the current state of security tools and using those tools to discover new vulnerabilities in SIP software. The CVSS v2 system was used to score protocol and implementation vulnerabilities to give them a meaning that was us...

Differential private collaborative Web services QoS prediction

KAUST Repository

Liu, An

2018-04-04

Collaborative Web services QoS prediction has proved to be an important tool to estimate accurately personalized QoS experienced by individual users, which is beneficial for a variety of operations in the service ecosystem, such as service selection, composition and recommendation. While a number of achievements have been attained on the study of improving the accuracy of collaborative QoS prediction, little work has been done for protecting user privacy in this process. In this paper, we propose a privacy-preserving collaborative QoS prediction framework which can protect the private data of users while retaining the ability of generating accurate QoS prediction. We introduce differential privacy, a rigorous and provable privacy model, into the process of collaborative QoS prediction. We first present DPS, a method that disguises a user’s observed QoS values by applying differential privacy to the user’s QoS data directly. We show how to integrate DPS with two representative collaborative QoS prediction approaches. To improve the utility of the disguised QoS data, we present DPA, another QoS disguising method which first aggregates a user’s QoS data before adding noise to achieve differential privacy. We evaluate the proposed methods by conducting extensive experiments on a real world Web services QoS dataset. Experimental results show our approach is feasible in practice.

Differential private collaborative Web services QoS prediction

KAUST Repository

Liu, An; Shen, Xindi; Li, Zhixu; Liu, Guanfeng; Xu, Jiajie; Zhao, Lei; Zheng, Kai; Shang, Shuo

2018-01-01

Collaborative Web services QoS prediction has proved to be an important tool to estimate accurately personalized QoS experienced by individual users, which is beneficial for a variety of operations in the service ecosystem, such as service selection, composition and recommendation. While a number of achievements have been attained on the study of improving the accuracy of collaborative QoS prediction, little work has been done for protecting user privacy in this process. In this paper, we propose a privacy-preserving collaborative QoS prediction framework which can protect the private data of users while retaining the ability of generating accurate QoS prediction. We introduce differential privacy, a rigorous and provable privacy model, into the process of collaborative QoS prediction. We first present DPS, a method that disguises a user’s observed QoS values by applying differential privacy to the user’s QoS data directly. We show how to integrate DPS with two representative collaborative QoS prediction approaches. To improve the utility of the disguised QoS data, we present DPA, another QoS disguising method which first aggregates a user’s QoS data before adding noise to achieve differential privacy. We evaluate the proposed methods by conducting extensive experiments on a real world Web services QoS dataset. Experimental results show our approach is feasible in practice.

Analysis of Security Protocols by Annotations

DEFF Research Database (Denmark)

Gao, Han

. The development of formal techniques, e.g. control flow analyses, that can check various security properties, is an important tool to meet this challenge. This dissertation contributes to the development of such techniques. In this dissertation, security protocols are modelled in the process calculus LYSA......The trend in Information Technology is that distributed systems and networks are becoming increasingly important, as most of the services and opportunities that characterise the modern society are based on these technologies. Communication among agents over networks has therefore acquired a great...... deal of research interest. In order to provide effective and reliable means of communication, more and more communication protocols are invented, and for most of them, security is a significant goal. It has long been a challenge to determine conclusively whether a given protocol is secure or not...

Sufficient Conditions for Vertical Composition of Security Protocols (Extended Version)

DEFF Research Database (Denmark)

Mödersheim, Sebastian Alexander; Viganò, Luca

a certain kind of channel as a goal and another secure protocol P2 that assumes this kind of channel, can we then derive that their vertical composition P2[P1] is secure? It is well known that protocol composition can lead to attacks even when the individual protocols are all secure in isolation......Vertical composition of security protocols means that an application protocol (e.g., a banking service) runs over a channel established by another protocol (e.g., a secure channel provided by TLS). This naturally gives rise to a compositionality question: given a secure protocol P1 that provides....... In this paper, we formalize seven easy-to-check static conditions that support a large class of channels and applications and that we prove to be su_cient for vertical security protocol composition....

QoS Parameters Evaluation in a VPN-MPLS Diffserv Network under a Complete Free Software Emulation Environment

Directory of Open Access Journals (Sweden)

Miroslava Aracely Zapata Rodríguez

2017-12-01

Full Text Available The use of Virtual Private Network – Multi Protocol Label Switching (VPN-MPLS networks has become very common inside enterprises thanks to their multiple advantages; such as, the private communication across a public network infrastructure between geographically diverse sites. This leads to a need for an efficient network in terms of Quality of Service (QoS to guarantee reliability and security of information. However, the implementation of a VPN-MPLS network is neither easy nor cheap for small and medium companies; hence, in most cases, it is required the use of emulators that are not free either. In this paper, we analyze a VPN-MPLS network in terms of QoS metrics: delay, jitter and packet loss. This evaluation was performed in a virtual environment using only free software tools under two test scenarios, with and without Differentiated Services (DiffServ. The results showed that a VPN-MPLS DiffServ network reduces the delay by approximately 96.78% in VoIP, 39.21% in Data and 66.83% in Streaming; furthermore, the jitter was reduced by approximately 27.88% in VoIP and 41.09% in Data.

A Lightweight Protocol for Secure Video Streaming.

Science.gov (United States)

Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

2018-05-14

The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

Security and SCADA protocols

International Nuclear Information System (INIS)

Igure, V. M.; Williams, R. D.

2006-01-01

Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview of security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)

QoS management of web services

CERN Document Server

Zheng, Zibin

2013-01-01

Quality-of-Service (QoS) is normally used to describe the non-functional characteristics of Web services and as a criterion for evaluating different Web services. QoS Management of Web Services presents an innovative QoS evaluation framework for these services. Moreover, three QoS prediction methods and two methods for creating fault-tolerant Web services are also proposed in this book. It not only provides the latest research findings, but also presents an excellent overview of the QoS management of Web services, making it a valuable resource for researchers and graduate students in service computing.   Zibin Zheng is an associate research fellow at the Shenzhen Research Institute, the Chinese University of Hong Kong, China. Professor Michael R. Lyu also works at the same institute.

A model based security testing method for protocol implementation.

Science.gov (United States)

Fu, Yu Long; Xin, Xiao Long

2014-01-01

The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation.

Cooperative Optimization QoS Cloud Routing Protocol Based on Bacterial Opportunistic Foraging and Chemotaxis Perception for Mobile Internet

Directory of Open Access Journals (Sweden)

Shujuan Wang

2015-01-01

Full Text Available In order to strengthen the mobile Internet mobility management and cloud platform resources utilization, optimizing the cloud routing efficiency is established, based on opportunistic bacterial foraging bionics, and puts forward a chemotaxis perception of collaborative optimization QoS (Quality of Services cloud routing mechanism. The cloud routing mechanism is based on bacterial opportunity to feed and bacterial motility and to establish the data transmission and forwarding of the bacterial population behavior characteristics. This mechanism is based on the characteristics of drug resistance of bacteria and the structure of the field, and through many iterations of the individual behavior and population behavior the bacteria can be spread to the food gathering area with a certain probability. Finally, QoS cloud routing path would be selected and optimized based on bacterial bionic optimization and hedge mapping relationship between mobile Internet node and bacterial population evolution iterations. Experimental results show that, compared with the standard dynamic routing schemes, the proposed scheme has shorter transmission delay, lower packet error ratio, QoS cloud routing loading, and QoS cloud route request overhead.

Fairness as a QoS Measure for Web Services

Directory of Open Access Journals (Sweden)

Stefano Bistarelli

2009-06-01

Full Text Available Service Oriented Architectures (SOAs are component-based architectures, characterized by reusability, modularization and composition, usually offered by HTTP (web services and often equipped with a Quality of Services (QoS measure. In order to guarantee the fairness property to each client requesting a service, we propose a fair version of the (Soft Concurrent Constraint language to deal with the negotiation phases of the Service Level Agreement (SLA protocol.

RSRP: A Robust Secure Routing Protocol in MANET

Directory of Open Access Journals (Sweden)

Sinha Ditipriya

2014-05-01

Full Text Available In this paper, we propose a novel algorithm RSRP to build a robust secure routing protocol in mobile ad-hoc networks (MANETs. This algorithm is based on some basic schemes such as RSA_CRT for encryption and decryption of messages; CRT for safety key generation, Shamir’s secret sharing principle for generation of secure routes. Those routes which are free from any malicious node and which belong to the set of disjoint routes between a source-destination pair are considered as probable routes. Shamir’s secret sharing principle is applied on those probable routes to obtain secure routes. Finally, most trustworthy and stable route is selected among those secure routes. Selection of the final route depends on some criteria of the nodes present in a route e.g.: battery power, mobility and trust value. In addition, complexity of key generation is reduced to a large extent by using RSA-CRT instead of RSA. In turn, the routing becomes less expensive and most secure and robust one. Performance of this routing protocol is then compared with non-secure routing protocols (AODV and DSR, secure routing scheme using secret sharing, security routing protocol using ZRP and SEAD depending on basic characteristics of these protocols. All such comparisons show that RSRP shows better performance in terms of computational cost, end-to-end delay and packet dropping in presence of malicious nodes in the MANET, keeping the overhead in terms of control packets same as other secure routing protocols.

Authentication Test-Based the RFID Authentication Protocol with Security Analysis

Directory of Open Access Journals (Sweden)

Minghui Wang

2014-08-01

Full Text Available To the problem of many recently proposed RFID authentication protocol was soon find security holes, we analyzed the main reason, which is that protocol design is not rigorous, and the correctness of the protocol cannot be guaranteed. To this end, authentication test method was adopted in the process of the formal analysis and strict proof to the proposed RFID protocol in this paper. Authentication Test is a new type of analysis and design method of security protocols based on Strand space model, and it can be used for most types of the security protocols. After analysis the security, the proposed protocol can meet the RFID security demand: information confidentiality, data integrity and identity authentication.

Unconditionally Secure Protocols

DEFF Research Database (Denmark)

Meldgaard, Sigurd Torkel

This thesis contains research on the theory of secure multi-party computation (MPC). Especially information theoretically (as opposed to computationally) secure protocols. It contains results from two main lines of work. One line on Information Theoretically Secure Oblivious RAMS, and how....... We construct an oblivious RAM that hides the client's access pattern with information theoretic security with an amortized $\\log^3 N$ query overhead. And how to employ a second server that is guaranteed not to conspire with the first to improve the overhead to $\\log^2 N$, while also avoiding...... they are used to speed up secure computation. An Oblivious RAM is a construction for a client with a small $O(1)$ internal memory to store $N$ pieces of data on a server while revealing nothing more than the size of the memory $N$, and the number of accesses. This specifically includes hiding the access pattern...

Feeling Is Believing: A Secure Template Exchange Protocol

NARCIS (Netherlands)

Buhan, I.R.; Doumen, J.M.; Hartel, Pieter H.; Veldhuis, Raymond N.J.; Lee, Seong-Whan; Li, Stan Z.

We use grip pattern based biometrics as a secure side channel to achieve pre-authentication in a protocol that sets up a secure channel between two hand held devices. The protocol efficiently calculates a shared secret key from biometric data. The protocol is used in an application where grip

Static Validation of Security Protocols

DEFF Research Database (Denmark)

Bodei, Chiara; Buchholtz, Mikael; Degano, P.

2005-01-01

We methodically expand protocol narrations into terms of a process algebra in order to specify some of the checks that need to be made in a protocol. We then apply static analysis technology to develop an automatic validation procedure for protocols. Finally, we demonstrate that these techniques ...... suffice to identify several authentication flaws in symmetric and asymmetric key protocols such as Needham-Schroeder symmetric key, Otway-Rees, Yahalom, Andrew secure RPC, Needham-Schroeder asymmetric key, and Beller-Chang-Yacobi MSR...

A secure key agreement protocol based on chaotic maps

International Nuclear Information System (INIS)

Wang Xing-Yuan; Luan Da-Peng

2013-01-01

To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.'s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of common attacks, but also solve the problems of key management and security issues existing in Gong et al.'s protocol

New View of Ping-Pong Protocol Security

International Nuclear Information System (INIS)

Zawadzki Piotr

2012-01-01

The ping-pong protocol offers confidential transmission of classic information without a prior key agreement. It is believed that it is quasi secure in lossless quantum channels. Serious doubts related to the analysis paradigm which has been used so far are presented in the study. The security of the protocol is reconsidered. (general)

A Forward-secure Grouping-proof Protocol for Multiple RFID Tags

Directory of Open Access Journals (Sweden)

Liu Ya-li

2012-09-01

Full Text Available Designing secure and robust grouping-proof protocols based on RFID characteristics becomes a hotspot in the research of security in Internet of Things (IOT. The proposed grouping-proof protocols recently have security and/or privacy omission and these schemes afford order-dependence by relaying message among tags through an RFID reader. In consequence, aiming at enhancing the robustness, improving scalability, reducing the computation costs on resource-constrained devices, and meanwhile combing Computational Intelligence (CI with Secure Multi-party Communication (SMC, a Forward-Secure Grouping-Proof Protocol (FSGP for multiple RFID tags based on Shamir's (, secret sharing is proposed. In comparison with the previous grouping-proof protocols, FSGP has the characteristics of forward-security and order-independence addressing the scalability issue by avoiding relaying message. Our protocol provides security enhancement, performance improvement, and meanwhile controls the computation cost, which equilibrates both security and low cost requirements for RFID tags.

Toward Synthesis, Analysis, and Certification of Security Protocols

Science.gov (United States)

Schumann, Johann

2004-01-01

Implemented security protocols are basically pieces of software which are used to (a) authenticate the other communication partners, (b) establish a secure communication channel between them (using insecure communication media), and (c) transfer data between the communication partners in such a way that these data only available to the desired receiver, but not to anyone else. Such an implementation usually consists of the following components: the protocol-engine, which controls in which sequence the messages of the protocol are sent over the network, and which controls the assembly/disassembly and processing (e.g., decryption) of the data. the cryptographic routines to actually encrypt or decrypt the data (using given keys), and t,he interface to the operating system and to the application. For a correct working of such a security protocol, all of these components must work flawlessly. Many formal-methods based techniques for the analysis of a security protocols have been developed. They range from using specific logics (e.g.: BAN-logic [4], or higher order logics [12] to model checking [2] approaches. In each approach, the analysis tries to prove that no (or at least not a modeled intruder) can get access to secret data. Otherwise, a scenario illustrating the &tack may be produced. Despite the seeming simplicity of security protocols ("only" a few messages are sent between the protocol partners in order to ensure a secure communication), many flaws have been detected. Unfortunately, even a perfect protocol engine does not guarantee flawless working of a security protocol, as incidents show. Many break-ins and security vulnerabilities are caused by exploiting errors in the implementation of the protocol engine or the underlying operating system. Attacks using buffer-overflows are a very common class of such attacks. Errors in the implementation of exception or error handling can open up additional vulnerabilities. For example, on a website with a log-in screen

Design and Implementation of a Secure Modbus Protocol

Science.gov (United States)

Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

SLA-aware differentiated QoS in elastic optical networks

Science.gov (United States)

Agrawal, Anuj; Vyas, Upama; Bhatia, Vimal; Prakash, Shashi

2017-07-01

The quality of service (QoS) offered by optical networks can be improved by accurate provisioning of service level specifications (SLSs) included in the service level agreement (SLA). A large number of users coexisting in the network require different services. Thus, a pragmatic network needs to offer a differentiated QoS to a variety of users according to the SLA contracted for different services at varying costs. In conventional wavelength division multiplexed (WDM) optical networks, service differentiation is feasible only for a limited number of users because of its fixed-grid structure. Newly introduced flex-grid based elastic optical networks (EONs) are more adaptive to traffic requirements as compared to the WDM networks because of the flexibility in their grid structure. Thus, we propose an efficient SLA provisioning algorithm with improved QoS for these flex-grid EONs empowered by optical orthogonal frequency division multiplexing (O-OFDM). The proposed algorithm, called SLA-aware differentiated QoS (SADQ), employs differentiation at the level of routing, spectrum allocation, and connection survivability. The proposed SADQ aims to accurately provision the SLA using such multilevel differentiation with an objective to improve the spectrum utilization from the network operator's perspective. SADQ is evaluated for three different CoSs under various traffic demand patterns and for different ratios of the number of requests belonging to the three considered CoSs. We propose two new SLA metrics for the improvement of functional QoS requirements, namely, security, confidentiality and survivability of high class of service (CoS) traffic. Since, to the best of our knowledge, the proposed SADQ is the first scheme in optical networks to employ exhaustive differentiation at the levels of routing, spectrum allocation, and survivability in a single algorithm, we first compare the performance of SADQ in EON and currently deployed WDM networks to assess the

Security Property Validation of the Sensor Network Encryption Protocol (SNEP

Directory of Open Access Journals (Sweden)

Salekul Islam

2015-07-01

Full Text Available Since wireless sensor networks (WSNs have been designed to be deployed in an unsecured, public environment, secured communication is really vital for their wide-spread use. Among all of the communication protocols developed for WSN, the Security Protocols for Sensor Networks (SPINS is exceptional, as it has been designed with security as a goal. SPINS is composed of two building blocks: Secure Network Encryption Protocol (SNEP and the “micro” version of the Timed Efficient Streaming Loss-tolerant Authentication (TESLA, named μTESLA. From the inception of SPINS, a number of efforts have been made to validate its security properties. In this paper, we have validated the security properties of SNEP by using an automated security protocol validation tool, named AVISPA. Using the protocol specification language, HLPSL, we model two combined scenarios—node to node key agreement and counter exchange protocols—followed by data transmission. Next, we validate the security properties of these combined protocols, using different AVISPA back-ends. AVISPA reports the models we have developed free from attacks. However, by analyzing the key distribution sub-protocol, we find one threat of a potential DoS attack that we have demonstrated by modeling in AVISPA. Finally, we propose a modification, and AVISPA reports this modified version free from the potential DoS attack.

An Analysis of QoS in ZigBee Network Based on Deviated Node Priority

Directory of Open Access Journals (Sweden)

Md. Jaminul Haque Biddut

2016-01-01

Full Text Available ZigBee is an IEEE 802.15.4 standardized communication protocol. It forms a flawless Wireless Sensor Network (WSN standard for interoperability at all levels of the network, particularly the application level which most closely touches the user. A large number of devices from different vendors can work seamlessly. These devices act as a network and send huge data traffic to the Coordinator. End devices at different zones have different roles in communication with each other. There has been a lack in executing their requests in a synchronized way based on task priority. This lack leads to massive data traffic loss and degrades the Quality of Service (QoS. One of the challenges is to analyze the QoS parameters in ZigBee network that help to detect the overall network performance. The contribution of this paper is twofold; first, a ZigBee Network is implemented based on node priority. It demonstrates a method to generate a new priority of devices with respect to their existing priority and zones’ priority as well. Second, the QoS is analyzed based on the new priority status for tasks preference purposes. The outcome of this paper shows that the QoS of the network is more conspicuous than non-priority based network.

On the Security of the Ping-Pong Protocol

OpenAIRE

Bostroem, Kim; Felbinger, Timo

2007-01-01

We briefly review the security of the ping-pong protocol in light of several attack scenarios suggested by various authors since the proposal of the protocol. We refute one recent attack on an ideal quantum channel, and show that a recent claim of falseness of our original security proof is erroneous.

On the security of the ping-pong protocol

International Nuclear Information System (INIS)

Bostroem, Kim; Felbinger, Timo

2008-01-01

We briefly review the security of the ping-pong protocol in light of several attack scenarios suggested by various authors since the proposal of the protocol. We refute one recent attack on an ideal quantum channel, and show that a recent claim of falseness of our original security proof is erroneous

On the security of the ping-pong protocol

Energy Technology Data Exchange (ETDEWEB)

Bostroem, Kim [Psychologisches Institut II, Universitaet Muenster, 48149 Muenster (Germany); Felbinger, Timo [Institut fuer Physik, Universitaet Potsdam, 14469 Potsdam (Germany)], E-mail: tjf@qipc.org

2008-05-26

We briefly review the security of the ping-pong protocol in light of several attack scenarios suggested by various authors since the proposal of the protocol. We refute one recent attack on an ideal quantum channel, and show that a recent claim of falseness of our original security proof is erroneous.

MQARR-AODV: A NOVEL MULTIPATH QOS AWARE RELIABLE REVERSE ON-DEMAND DISTANCE VECTOR ROUTING PROTOCOL FOR MOBILE AD-HOC NETWORKS

Directory of Open Access Journals (Sweden)

K.G. Santhiya

2012-12-01

Full Text Available MANET (Mobile Ad-hoc Network is an infra structure less wireless ad-hoc network that does not require any basic central control. The topology of the network changes drastically due to very fast mobility of nodes. So an adaptive routing protocol is needed for routing in MANET. AODV (Ad-hoc On-demand Distance Vector routing is the effective and prominent on-demand Ad-hoc routing protocols. During route establishment phase in traditional AODV, only one route reply message will be sent in the reverse path to establish routing path. The high mobility of nodes may affect the reply messages which lead to the retransmission of route request message by the sender which in turn leads to higher communication delay, power consumption and the reduction in the ratio of packets delivered. Sending multiple route reply messages and establishing multiple paths in a single path discovery will reduce the routing overhead involved in maintaining the connection between source and destination nodes. Multipath routing can render high scalability, end-to-end throughput and provide load balancing in MANET. The new proposed novel Multipath QoS aware reliable routing protocol establishes two routes of maximum node disjoint paths and the data transfer is carried out in the two paths simultaneously. To select best paths, the new proposed protocol uses three parameters Link Eminence, MAC overhead and node residual energy. The experimental values prove that the MQARR-AODV protocol achieves high reliability, stability, low latency and outperforms AODV by the less energy consumption, overhead and delay.

Model-Checking Driven Design of QoS-Based Routing Protocol for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Zhi Chen

2015-01-01

Full Text Available Accurate and reliable routing protocols with Quality of Service (QoS support determine the mission-critical application efficiency in WSNs. This paper proposes a model-checking design driven framework for designing the QoS-based routing protocols of WSNs, which involves the light-weight design process, the timed automata model, and the alternative QoS verification properties. The accurate feedback of continually model checking in the iterative design process effectively stimulates the parameter tuning of the protocols. We demonstrate the straightforward and modular characteristics of the proposed framework in designing a prototype QoS-based routing protocol. The prototype study shows that the model-checking design framework may complement other design methods and ensure the QoS implementation of the QoS-based routing protocol design for WSNs.

Security of a single-state semi-quantum key distribution protocol

Science.gov (United States)

Zhang, Wei; Qiu, Daowen; Mateus, Paulo

2018-06-01

Semi-quantum key distribution protocols are allowed to set up a secure secret key between two users. Compared with their full quantum counterparts, one of the two users is restricted to perform some "classical" or "semi-quantum" operations, which potentially makes them easily realizable by using less quantum resource. However, the semi-quantum key distribution protocols mainly rely on a two-way quantum channel. The eavesdropper has two opportunities to intercept the quantum states transmitted in the quantum communication stage. It may allow the eavesdropper to get more information and make the security analysis more complicated. In the past ten years, many semi-quantum key distribution protocols have been proposed and proved to be robust. However, there are few works concerning their unconditional security. It is doubted that how secure the semi-quantum ones are and how much noise they can tolerate to establish a secure secret key. In this paper, we prove the unconditional security of a single-state semi-quantum key distribution protocol proposed by Zou et al. (Phys Rev A 79:052312, 2009). We present a complete proof from information theory aspect by deriving a lower bound of the protocol's key rate in the asymptotic scenario. Using this bound, we figure out an error threshold value such that for all error rates that are less than this threshold value, the secure secret key can be established between the legitimate users definitely. Otherwise, the users should abort the protocol. We make an illustration of the protocol under the circumstance that the reverse quantum channel is a depolarizing one with parameter q. Additionally, we compare the error threshold value with some full quantum protocols and several existing semi-quantum ones whose unconditional security proofs have been provided recently.

Improving the security of quantum protocols via commit-and-open

NARCIS (Netherlands)

I.B. Damgård (Ivan); S. Fehr (Serge); C. Luneman; L. Salvail (Louis); C. Schaffner (Christian)

2009-01-01

htmlabstractWe consider two-party quantum protocols starting with a transmission of some random BB84 qubits followed by classical messages. We show a general compiler improving the security of such protocols: if the original protocol is secure against an almost honest adversary, then the

QoS Modeling for End-to-End Performance Evaluation over Networks with Wireless Access

Directory of Open Access Journals (Sweden)

Gómez Gerardo

2010-01-01

Full Text Available This paper presents an end-to-end Quality of Service (QoS model for assessing the performance of data services over networks with wireless access. The proposed model deals with performance degradation across protocol layers using a bottom-up strategy, starting with the physical layer and moving on up to the application layer. This approach makes it possible to analytically assess performance at different layers, thereby facilitating a possible end-to-end optimization process. As a representative case, a scenario where a set of mobile terminals connected to a streaming server through an IP access node has been studied. UDP, TCP, and the new TCP-Friendly Rate Control (TFRC protocols were analyzed at the transport layer. The radio interface consisted of a variable-rate multiuser and multichannel subsystem, including retransmissions and adaptive modulation and coding. The proposed analytical QoS model was validated on a real-time emulator of an end-to-end network with wireless access and proved to be very useful for the purposes of service performance estimation and optimization.

QoS Supported IPTV Service Architecture over Hybrid-Tree-Based Explicit Routed Multicast Network

Directory of Open Access Journals (Sweden)

Chih-Chao Wen

2012-01-01

Full Text Available With the rapid advance in multimedia streaming and multicast transport technology, current IP multicast protocols, especially PIM-SM, become the major channel delivery mechanism for IPTV system over Internet. The goals for IPTV service are to provide two-way interactive services for viewers to select popular program channel with high quality for watching during fast channel surfing period. However, existing IP multicast protocol cannot meet above QoS requirements for IPTV applications between media server and subscribers. Therefore, we propose a cooperative scheme of hybrid-tree based on explicit routed multicast, called as HT-ERM to combine the advantages of shared tree and source tree for QoS-supported IPTV service. To increase network utilization, the constrained shortest path first (CSPF routing algorithm is designed for construction of hybrid tree to deliver the high-quality video stream over watching channel and standard quality over surfing channel. Furthermore, the Resource Reservation Protocol- Traffic Engineering (RSVP-TE is used as signaling mechanism to set up QoS path for multicast channel admission control. Our simulation results demonstrated that the proposed HT-ERM scheme outperforms other multicast QoS-based delivery scheme in terms of channel switching delay, resource utilization, and blocking ratio for IPTV service.

Analysis of Security Protocols in Embedded Systems

DEFF Research Database (Denmark)

Bruni, Alessandro

Embedded real-time systems have been adopted in a wide range of safety-critical applications—including automotive, avionics, and train control systems—where the focus has long been on safety (i.e., protecting the external world from the potential damage caused by the system) rather than security (i.......e., protecting the system from the external world). With increased connectivity of these systems to external networks the attack surface has grown, and consequently there is a need for securing the system from external attacks. Introducing security protocols in safety critical systems requires careful...... in this direction is to extend saturation-based techniques so that enough state information can be modelled and analysed. Finally, we present a methodology for proving the same security properties in the computational model, by means of typing protocol implementations....

A Calculus for Control Flow Analysis of Security Protocols

DEFF Research Database (Denmark)

Buchholtz, Mikael; Nielson, Hanne Riis; Nielson, Flemming

2004-01-01

The design of a process calculus for anaysing security protocols is governed by three factors: how to express the security protocol in a precise and faithful manner, how to accommodate the variety of attack scenarios, and how to utilise the strengths (and limit the weaknesses) of the underlying...... analysis methodology. We pursue an analysis methodology based on control flow analysis in flow logic style and we have previously shown its ability to analyse a variety of security protocols. This paper develops a calculus, LysaNS that allows for much greater control and clarity in the description...

Improved security detection strategy in quantum secure direct communication protocol based on four-particle Green-Horne-Zeilinger state

Energy Technology Data Exchange (ETDEWEB)

Li, Jian; Nie, Jin-Rui; Li, Rui-Fan [Beijing Univ. of Posts and Telecommunications, Beijing (China). School of Computer; Jing, Bo [Beijing Univ. of Posts and Telecommunications, Beijing (China). School of Computer; Beijing Institute of Applied Meteorology, Beijing (China). Dept. of Computer Science

2012-06-15

To enhance the efficiency of eavesdropping detection in the quantum secure direct communication protocol, an improved quantum secure direct communication protocol based on a four-particle Green-Horne-Zeilinger (GHZ) state is presented. In the protocol, the four-particle GHZ state is used to detect eavesdroppers, and quantum dense coding is used to encode the message. In the security analysis, the method of entropy theory is introduced, and two detection strategies are compared quantitatively by using the constraint between the information that the eavesdroppers can obtain and the interference that has been introduced. If the eavesdropper wants to obtain all the information, the detection rate of the quantum secure direct communication using an Einstein-Podolsky-Rosen (EPR) pair block will be 50% and the detection rate of the presented protocol will be 87%. At last, the security of the proposed protocol is discussed. The analysis results indicate that the protocol proposed is more secure than the others. (orig.)

A Network-Attached Storage System Supporting Guaranteed QoS

Institute of Scientific and Technical Information of China (English)

KONG Hua-feng; YU Sheng-sheng; LU Hong-wei

2005-01-01

We propose a network-attached storage system that can support guaranteed Quality of Service (QoS), called POPNet Storage. The special policy of date access and disk scheduling is enable users to access files quickly and directly with guaranteed QoS in the POPNet Storage. The POPNet Storage implements a measurement-based admission control algorithm (PSMBAC) to determine whether to admit a new data access request stream and admit as many requests as possible while meeting the QoS guarantees to its clients. The data reconstruction algorithms in the POPNet Storage also put more emphasis on data availability and guaranteed QoS, thus it is designed to complete the data recovery as soon as possible and at the same time provide the guaranteed QoS for high-priority data access. The experiment results show that the POPNet Storage can provide more significant performance, reliability, and guaranteed QoS than conventional storage systems.

SecMon: End-to-End Quality and Security Monitoring System

OpenAIRE

Ciszkowski, Tomasz; Eliasson, Charlott; Fiedler, Markus; Kotulski, Zbigniew; Lupu, Radu; Mazurczyk, Wojciech

2008-01-01

The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communicating for Internet users. This also applies to Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by limited number of implementations. As a result, the lack of mandatory and widely applicable Q...

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

Science.gov (United States)

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-01-01

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

Directory of Open Access Journals (Sweden)

Muhammad Awais Javed

2016-06-01

Full Text Available Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

Science.gov (United States)

Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

2016-06-15

Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

Directory of Open Access Journals (Sweden)

B. Paramasivan

2014-01-01

Full Text Available Mobile ad hoc networks (MANETs are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

Science.gov (United States)

Paramasivan, B; Kaliappan, M

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

SDN-based QoS Aware Network Service Provisioning

DEFF Research Database (Denmark)

Caba, Cosmin Marius; Soler, José

2015-01-01

One of the applicability areas of SDN is for creating services for dynamic provisioning of network resources with strict QoS requirements. The research available in this field focuses mainly on the service logic implemented over the functionality of the SDN Controller (SDNC). However, there is much...... to be covered regarding the specific mechanisms used by the SDNC to enforce the QoS in the data plane devices. To this end, the current paper proposes a data plane QoS architecture, together with the invariants that have to be maintained by the SDNC in order to ensure predictable QoS for the network services....... More specifically, the paper will look into on demand provisioning of Virtual Circuits (VCs) with specific QoS, based on the SDN paradigm. The aim is to analyze and compare the strategies for network resources management for two cases: a coarse granular and a fine granular VC provisioning service...

A secured authentication protocol for wireless sensor networks using elliptic curves cryptography.

Science.gov (United States)

Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

2011-01-01

User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das' protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

Analysis of Security Protocols for Mobile Healthcare.

Science.gov (United States)

Wazid, Mohammad; Zeadally, Sherali; Das, Ashok Kumar; Odelu, Vanga

2016-11-01

Mobile Healthcare (mHealth) continues to improve because of significant improvements and the decreasing costs of Information Communication Technologies (ICTs). mHealth is a medical and public health practice, which is supported by mobile devices (for example, smartphones) and, patient monitoring devices (for example, various types of wearable sensors, etc.). An mHealth system enables healthcare experts and professionals to have ubiquitous access to a patient's health data along with providing any ongoing medical treatment at any time, any place, and from any device. It also helps the patient requiring continuous medical monitoring to stay in touch with the appropriate medical staff and healthcare experts remotely. Thus, mHealth has become a major driving force in improving the health of citizens today. First, we discuss the security requirements, issues and threats to the mHealth system. We then present a taxonomy of recently proposed security protocols for mHealth system based on features supported and possible attacks, computation cost and communication cost. Our detailed taxonomy demonstrates the strength and weaknesses of recently proposed security protocols for the mHealth system. Finally, we identify some of the challenges in the area of security protocols for mHealth systems that still need to be addressed in the future to enable cost-effective, secure and robust mHealth systems.

Language, Semantics, and Methods for Security Protocols

DEFF Research Database (Denmark)

Crazzolara, Federico

events. Methods like strand spaces and the inductive method of Paulson have been designed to support an intensional, event-based, style of reasoning. These methods have successfully tackled a number of protocols though in an ad hoc fashion. They make an informal spring from a protocol to its......-nets. They have persistent conditions and as we show in this thesis, unfold under reasonable assumptions to a more basic kind of nets. We relate SPL-nets to strand spaces and inductive rules, as well as trace languages and event structures so unifying a range of approaches, as well as providing conditions under...... reveal. The last few years have seen the emergence of successful intensional, event-based, formal approaches to reasoning about security protocols. The methods are concerned with reasoning about the events that a security protocol can perform, and make use of a causal dependency that exists between...

Providing QoS guarantee in 3G wireless networks

Science.gov (United States)

Chuah, MooiChoo; Huang, Min; Kumar, Suresh

2001-07-01

The third generation networks and services present opportunities to offer multimedia applications and services that meet end-to-end quality of service requirements. In this article, we present UMTS QoS architecture and its requirements. This includes the definition of QoS parameters, traffic classes, the end-to-end data delivery model, and the mapping of end-to-end services to the services provided by the network elements of the UMTS. End-to-end QoS of a user flow is achieved by the combination of the QoS control over UMTS Domain and the IP core Network. In the Third Generation Wireless network, UMTS bearer service manager is responsible to manage radio and transport resources to QoS-enabled applications. The UMTS bearer service consists of the Radio Access Bearer Service between Mobile Terminal and SGSN and Core Network bearer service between SGSN and GGSN. The Radio Access Bearer Service is further realized by the Radio Bearer Service (mostly air interface) and Iu bearer service. For the 3G air interface, one can provide differentiated QoS via intelligent burst allocation scheme, adaptive spreading factor control and weighted fair queueing scheduling algorithms. Next, we discuss the requirements for the transport technologies in the radio access network to provide differentiated QoS to multiple classes of traffic. We discuss both ATM based and IP based transport solutions. Last but not least, we discuss how QoS mechanism is provided in the core network to ensure e2e quality of service requirements. We discuss how mobile terminals that use RSVP as QoS signaling mechanisms can be are supported in the 3G network which may implement only IETF diffserv mechanism. . We discuss how one can map UMTS QoS classes with IETF diffserv code points. We also discuss 2G/3G handover scenarios and how the 2G/3G QoS parameters can be mapped.

Bundle Security Protocol for ION

Science.gov (United States)

Burleigh, Scott C.; Birrane, Edward J.; Krupiarz, Christopher

2011-01-01

This software implements bundle authentication, conforming to the Delay-Tolerant Networking (DTN) Internet Draft on Bundle Security Protocol (BSP), for the Interplanetary Overlay Network (ION) implementation of DTN. This is the only implementation of BSP that is integrated with ION.

Security Protocol Review Method Analyzer(SPRMAN)

OpenAIRE

Navaz, A. S. Syed; Narayanan, H. Iyyappa; Vinoth, R.

2013-01-01

This Paper is designed using J2EE (JSP, SERVLET), HTML as front end and a Oracle 9i is back end. SPRMAN is been developed for the client British Telecom (BT) UK., Telecom company. Actually the requirement of BT is, they are providing Network Security Related Products to their IT customers like Virtusa,Wipro,HCL etc., This product is framed out by set of protocols and these protocols are been associated with set of components. By grouping all these protocols and components together, product is...

Bidirectional Quantum Secure Direct Communication Network Protocol with Hyperentanglement

International Nuclear Information System (INIS)

Gu Bin; Chen Yulin; Huang Yugai; Fang Xia

2011-01-01

We propose a bidirectional quantum secure direct communication (QSDC) network protocol with the hyperentanglment in both the spatial-mode ad the polarization degrees of freedom of photon pairs which can in principle be produced with a beta barium borate crystal. The secret message can be encoded on the photon pairs with unitary operations in these two degrees of freedom independently. Compared with other QSDC network protocols, our QSDC network protocol has a higher capacity as each photon pair can carry 4 bits of information. Also, we discuss the security of our QSDC network protocol and its feasibility with current techniques. (general)

Novel Adaptive QoS Framework for Integrated UMTS/WLAN Environment

Directory of Open Access Journals (Sweden)

T. Shuminoski

2013-06-01

Full Text Available Since Quality of Service (QoS provisioning for multimedia traffic in integrated Wireless and Mobile Networks is becoming an increasingly important objective, in this paper we introduce a novel concept of an adaptive QoS cross-layer framework. The Adaptive QoS framework is proven via novel simulation results in integrated environment with UMTS and IEEE 802.11 networks. The aim of our novel framework is presenting a new module that shall provide the best QoS and lower cost for a given service using one or more wireless technologies in a given time. The analysis of simulation results has shown superior performances with a high level of QoS provisioning in a variety of network conditions. The performance of Adaptive QoS algorithm is evaluated using ns-miracle augmented with our dual-mode Mobile Equipments (MEs and using statistical analysis.

Analyzing security protocols in hierarchical networks

DEFF Research Database (Denmark)

Zhang, Ye; Nielson, Hanne Riis

2006-01-01

Validating security protocols is a well-known hard problem even in a simple setting of a single global network. But a real network often consists of, besides the public-accessed part, several sub-networks and thereby forms a hierarchical structure. In this paper we first present a process calculus...... capturing the characteristics of hierarchical networks and describe the behavior of protocols on such networks. We then develop a static analysis to automate the validation. Finally we demonstrate how the technique can benefit the protocol development and the design of network systems by presenting a series...

Bidirectional QoS support for novelty detection applications based on hierarchical wireless sensor network model

Science.gov (United States)

Edwards, Mark; Hu, Fei; Kumar, Sunil

2004-10-01

The research on the Novelty Detection System (NDS) (called as VENUS) at the authors' universities has generated exciting results. For example, we can detect an abnormal behavior (such as cars thefts from the parking lot) from a series of video frames based on the cognitively motivated theory of habituation. In this paper, we would like to describe the implementation strategies of lower layer protocols for using large-scale Wireless Sensor Networks (WSN) to NDS with Quality-of-Service (QoS) support. Wireless data collection framework, consisting of small and low-power sensor nodes, provides an alternative mechanism to observe the physical world, by using various types of sensing capabilities that include images (and even videos using Panoptos), sound and basic physical measurements such as temperature. We do not want to lose any 'data query command' packets (in the downstream direction: sink-to-sensors) or have any bit-errors in them since they are so important to the whole sensor network. In the upstream direction (sensors-to-sink), we may tolerate the loss of some sensing data packets. But the 'interested' sensing flow should be assigned a higher priority in terms of multi-hop path choice, network bandwidth allocation, and sensing data packet generation frequency (we hope to generate more sensing data packet for that novel event in the specified network area). The focus of this paper is to investigate MAC-level Quality of Service (QoS) issue in Wireless Sensor Networks (WSN) for Novelty Detection applications. Although QoS has been widely studied in other types of networks including wired Internet, general ad hoc networks and mobile cellular networks, we argue that QoS in WSN has its own characteristics. In wired Internet, the main QoS parameters include delay, jitter and bandwidth. In mobile cellular networks, two most common QoS metrics are: handoff call dropping probability and new call blocking probability. Since the main task of WSN is to detect and report

QoS frameworks for Multimedia Traffic in Mobile Adhoc Networks: A Comparative Review

Directory of Open Access Journals (Sweden)

S. Soni

2017-06-01

Full Text Available MANETs (Mobile Adhoc Networks has gained an increased interest by the research community. Regular intelligent exchanges of multimedia will be typical in MANET, though the extended motivation on QoS (Quality of Service. However, various properties of the discussed QoS framework are provisioned for QoS as a challenging concern. Providing QoS provisioning is, to a great degree, challenging in MANETs in view of bouncing correspondences, center point movability and nonattendance of central coordination. Thus, most of the research has focused on giving QoS guarantees in MANETs coordinating traditions. Though huge numbers of QoS coordinating procedures have been proposed in composing, focusing on different QoS estimations yet none of the prescribed or discussed frameworks achieves a universal course of action. There exist several genuine necessary research areas of focus such as QoS metric assurance and cost limit layout, source level scheduling framework and QoS coordinating. In this paper, working and connecting of various QoS frameworks for MANETs is investigated throughout several veritable focus areas of research. After a comparative review, it is concluded that there is still a good scope of research for proposing a QoS framework for MANETs which could have cross-layer advantages, resource reservation, connection admission control, multi-constrained QoS parameters, hard QoS assurance, proactive routing advantages etc.

Secure and Efficient Protocol for Vehicular Ad Hoc Network with Privacy Preservation

Directory of Open Access Journals (Sweden)

Choi Hyoung-Kee

2011-01-01

Full Text Available Security is a fundamental issue for promising applications in a VANET. Designing a secure protocol for a VANET that accommodates efficiency, privacy, and traceability is difficult because of the contradictions between these qualities. In this paper, we present a secure yet efficient protocol for a VANET that satisfies these security requirements. Although much research has attempted to address similar issues, we contend that our proposed protocol outperforms other proposals that have been advanced. This claim is based on observations that show that the proposed protocol has such strengths as light computational load, efficient storage management, and dependability.

Study on Cloud Security Based on Trust Spanning Tree Protocol

Science.gov (United States)

Lai, Yingxu; Liu, Zenghui; Pan, Qiuyue; Liu, Jing

2015-09-01

Attacks executed on Spanning Tree Protocol (STP) expose the weakness of link layer protocols and put the higher layers in jeopardy. Although the problems have been studied for many years and various solutions have been proposed, many security issues remain. To enhance the security and credibility of layer-2 network, we propose a trust-based spanning tree protocol aiming at achieving a higher credibility of LAN switch with a simple and lightweight authentication mechanism. If correctly implemented in each trusted switch, the authentication of trust-based STP can guarantee the credibility of topology information that is announced to other switch in the LAN. To verify the enforcement of the trusted protocol, we present a new trust evaluation method of the STP using a specification-based state model. We implement a prototype of trust-based STP to investigate its practicality. Experiment shows that the trusted protocol can achieve security goals and effectively avoid STP attacks with a lower computation overhead and good convergence performance.

A Secure and Efficient Handover Authentication Protocol for Wireless Networks

Directory of Open Access Journals (Sweden)

Weijia Wang

2014-06-01

Full Text Available Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an effcient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable effciency features of PairHand, but enjoys the provable security in the random oracle model.

QoS and QoE Aware N-Screen Multicast Service

Directory of Open Access Journals (Sweden)

Ghulam Sarwar

2016-01-01

Full Text Available The paper focuses on ensuring the quality-of-service (QoS and quality-of-experience (QoE requirements of users having heterogeneous devices in a multicast session. QoS parameters such as bit rate, delays, and packet losses are good indicators for optimizing network services but fall short in characterizing user perception (QoE. In N-Screen service, the users have different devices with heterogeneous attributes like screen size, resolution, and access network interface, and the users have different QoE on N-Screen devices with the same QoS parameters. We formulate the objective function of the N-Screen multicast grouping to ensure the minimum user’s QoE with smaller bandwidth requirement. We propose a dynamic user reassignment scheme to maintain and satisfy the QoE by adapting the user’s membership to the varying network conditions. The proposed schemes combine the available bandwidth and multimedia visual quality to ensure the QoS and QoE. In the network architecture, we introduce the functions of the QoS and QoE aware multicast group management and the estimation schemes for the QoS and QoE parameters. The simulation results show that the proposed multicast service ensures the network QoS and guarantees the QoE of users in the varying network conditions.

A QoS aware services mashup model for cloud computing applications

Directory of Open Access Journals (Sweden)

Yee Ming Chen

2012-12-01

Full Text Available Purpose: With the popularity of cloud computing, cloud services have become to be application programming platform where users can create new applications mashup(composing the functionality offered byothers.By composing of distributed, cloud services dynamicallyto provide more complex tasks, services mashup provides an attractive way for building large-scale Internetapplications.Oneof the challenging issues of cloud services mashup is how to find service paths to route the service instances provider through whilemeeting the applications’ resource requirements so that the QoS constraints are satisfied. However, QoS aware service routing problem istypically NP-hard.The purpose of this paper is to propose a QoS Aware Services Mashup(QASM model to solve this problem more effectively.Design/methodology/approach: In this paper, we focus on the QoS aware services selection problem in cloud services mashup, for example, given the user service composition requirements and their QoS constraint descriptions, how to select the required serviceinstances and route the data flows through these instances so that the QoS requirements are satisfied. We design a heuristic algorithm to find service paths to route the data flows through whilemeeting the applications’ resource requirements and specific QoS constraints.Findings: This study propose a QoS Aware Services Mashup(QASM model to solve this problem more effectively. Simulations show that QASM can achieve desired QoS assurances as well as load balancing in cloud services environment.Originality/value: This paperpresent a QASM model for providing high performance distributedapplications in the cloud computing systems.

Information-theoretic security proof for quantum-key-distribution protocols

International Nuclear Information System (INIS)

Renner, Renato; Gisin, Nicolas; Kraus, Barbara

2005-01-01

We present a technique for proving the security of quantum-key-distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols, it suffices to consider collective attacks. Indeed, we give new lower and upper bounds on the secret-key rate which only involve entropies of two-qubit density operators and which are thus easy to compute. As an illustration of our results, we analyze the Bennett-Brassard 1984, the six-state, and the Bennett 1992 protocols with one-way error correction and privacy amplification. Surprisingly, the performance of these protocols is increased if one of the parties adds noise to the measurement data before the error correction. In particular, this additional noise makes the protocols more robust against noise in the quantum channel

Information-theoretic security proof for quantum-key-distribution protocols

Science.gov (United States)

Renner, Renato; Gisin, Nicolas; Kraus, Barbara

2005-07-01

We present a technique for proving the security of quantum-key-distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols, it suffices to consider collective attacks. Indeed, we give new lower and upper bounds on the secret-key rate which only involve entropies of two-qubit density operators and which are thus easy to compute. As an illustration of our results, we analyze the Bennett-Brassard 1984, the six-state, and the Bennett 1992 protocols with one-way error correction and privacy amplification. Surprisingly, the performance of these protocols is increased if one of the parties adds noise to the measurement data before the error correction. In particular, this additional noise makes the protocols more robust against noise in the quantum channel.

A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

DEFF Research Database (Denmark)

Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

2009-01-01

ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4’s physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist....... In particular we show that the End-to-End Application Key Establishment Protocol is flawed and we propose a secure protocol instead. We do so by using formal verification techniques based on static program analysis and process algebras. We present a way of using formal methods in wireless network security......, and propose a secure key establishment protocol for ZigBee networks....

Multi-party quantum key agreement protocol secure against collusion attacks

Science.gov (United States)

Wang, Ping; Sun, Zhiwei; Sun, Xiaoqiang

2017-07-01

The fairness of a secure multi-party quantum key agreement (MQKA) protocol requires that all involved parties are entirely peer entities and can equally influence the outcome of the protocol to establish a shared key wherein no one can decide the shared key alone. However, it is found that parts of the existing MQKA protocols are sensitive to collusion attacks, i.e., some of the dishonest participants can collaborate to predetermine the final key without being detected. In this paper, a multi-party QKA protocol resisting collusion attacks is proposed. Different from previous QKA protocol resisting N-1 coconspirators or resisting 1 coconspirators, we investigate the general circle-type MQKA protocol which can be secure against t dishonest participants' cooperation. Here, t < N. We hope the results of the presented paper will be helpful for further research on fair MQKA protocols.

QoS-aware self-adaptation of communication protocols in a pervasive service middleware

DEFF Research Database (Denmark)

Zhang, Weishan; Hansen, Klaus Marius; Fernandes, João

2010-01-01

Pervasive computing is characterized by heterogeneous devices that usually have scarce resources requiring optimized usage. These devices may use different communication protocols which can be switched at runtime. As different communication protocols have different quality of service (Qo......S) properties, this motivates optimized self-adaption of protocols for devices, e.g., considering power consumption and other QoS requirements, e.g. round trip time (RTT) for service invocations, throughput, and reliability. In this paper, we present an extensible approach for self-adaptation of communication...... protocols for pervasive web services, where protocols are designed as reusable connectors and our middleware infrastructure can hide the complexity of using different communication protocols to upper layers. We also propose to use Genetic Algorithms (GAs) to find optimized configurations at runtime...

Multiple access protocol for supporting multimedia services in wireless ATM networks

DEFF Research Database (Denmark)

Liu, Hong; Dittmann, Lars; Gliese, Ulrik Bo

1999-01-01

The furture broadband wireless asynchronous transfer mode (ATM) networks must provide seamless extension of multimedia services from the wireline ATM networks. This requires an effecient wireless access protocol to fulfill varying Quality-og-Service (QoS) requirements for multimedia applications....... In this paper, we propose a multiple access protocol using centralized and distributed channel access control techniques to provide QoS guarantees for multimedia services by taking advantage of the characteristics of different kinds of ATM traffics. Multimedia traffic, including constant bit rate (CBR...

Security of modified Ping-Pong protocol in noisy and lossy channel.

Science.gov (United States)

Han, Yun-Guang; Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Wang, Shuang; Guo, Guang-Can; Han, Zheng-Fu

2014-05-12

The "Ping-Pong" (PP) protocol is a two-way quantum key protocol based on entanglement. In this protocol, Bob prepares one maximally entangled pair of qubits, and sends one qubit to Alice. Then, Alice performs some necessary operations on this qubit and sends it back to Bob. Although this protocol was proposed in 2002, its security in the noisy and lossy channel has not been proven. In this report, we add a simple and experimentally feasible modification to the original PP protocol, and prove the security of this modified PP protocol against collective attacks when the noisy and lossy channel is taken into account. Simulation results show that our protocol is practical.

An agent-based QoS provisioning mechanism for WDM optical networks

Science.gov (United States)

Ouyang, Yong; Zeng, Qingji; Yue, Ling

2004-04-01

This paper addresses QoS provisioning mechanisms in the WDM optical networks. With the appearance of metropolitan optical network, a hierarchical metro and wide area optical network will be envisioned in the near future. This hierarchical optical transport network is often divided into optical domains by geography, administration and technology, which usually employ different QoS routing algorithms and policies. To provide end-to-end optical QoS is becoming a new challenge for the optical network design. In this paper, we first give an overview of issues on the QoS provisioning in data, control and management planes of the WDM optical network. And then three provisioning approaches are analyzed and compared. Finally, we propose an agent-based hybrid centralized/distributed QoS provisioning mechanism based on the concept of domain agent. This agent-based hybrid mechanism employs centralized approach in the domain and distributed approach between domains. It offers scalability and intra-domain optimal QoS routing. It also keeps independence and interoperability between domains.

QoS Predictability of Internet Services

Science.gov (United States)

Bilski, Tomasz

The paper presents problems of QoS (Quality of Service) predictability of network services (mainly in WAN environment). In the first part we present general remarks on QoS predictability problem, mentioning some research projects and available resources. The main part of the paper deals with QoS predictability in long-term as well as short-term viewpoints. We will try to answer a question: is it possible to predict network QoS/performance level with a use of statistical data from the past? The term quality of service has many meanings ranging from the user's qualitative perception of the service to a set of quantitative connection parameters (RTT (Round Trip Time), throughput, loss packet rate) necessary to achieve particular service quality. In the paper we will mostly use the second meaning of the term based on RFC 2386 [1]. Analyzed, statistical data on Internet performance are taken from the IEPM (Internet End-to-end Performance Measurement) database.

Network based control point for UPnP QoS architecture

DEFF Research Database (Denmark)

Brewka, Lukasz Jerzy; Wessing, Henrik; Rossello Busquet, Ana

2011-01-01

Enabling coexistence of non-UPnP Devices in an UPnP QoS Architecture is an important issue that might have a major impact on the deployment and usability of UPnP in future home networks. The work presented here shows potential issues of placing non-UPnP Device in the network managed by UPnP QoS. We...... address this issue by extensions to the UPnP QoS Architecture that can prevent non-UPnP Devices from degrading the overall QoS level. The obtained results show that deploying Network Based Control Point service with efficient traffic classifier, improves significantly the end-to-end packet delay...

Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

Science.gov (United States)

Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

2017-12-01

Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

Securing statically-verified communications protocols against timing attacks

DEFF Research Database (Denmark)

Buchholtz, Mikael; Gilmore, Stephen; Hillston, Jane

2004-01-01

We present a federated analysis of communication protocols which considers both security properties and timing. These are not entirely independent observations of a protocol; by using timing observations of an executing protocol it is possible to deduce derived information about the nature...... of the communication even in the presence of unbreakable encryption. Our analysis is based on expressing the protocol as a process algebra model and deriving from this process models analysable by the Imperial PEPA Compiler and the LySatool....

A Secured Authentication Protocol for SIP Using Elliptic Curves Cryptography

Science.gov (United States)

Chen, Tien-Ho; Yeh, Hsiu-Lien; Liu, Pin-Chuan; Hsiang, Han-Chen; Shih, Wei-Kuan

Session initiation protocol (SIP) is a technology regularly performed in Internet Telephony, and Hyper Text Transport Protocol (HTTP) as digest authentication is one of the major methods for SIP authentication mechanism. In 2005, Yang et al. pointed out that HTTP could not resist server spoofing attack and off-line guessing attack and proposed a secret authentication with Diffie-Hellman concept. In 2009, Tsai proposed a nonce based authentication protocol for SIP. In this paper, we demonstrate that their protocol could not resist the password guessing attack and insider attack. Furthermore, we propose an ECC-based authentication mechanism to solve their issues and present security analysis of our protocol to show that ours is suitable for applications with higher security requirement.

Performance comparison of secure comparison protocols

NARCIS (Netherlands)

Kerschbaum, F.; Biswas, D.; Hoogh, de S.J.A.

2009-01-01

Secure multiparty computation (SMC) has gained tremendous importance with the growth of the Internet and e-commerce, where mutually untrusted parties need to jointly compute a function of their private inputs. However, SMC protocols usually have very high computational complexities, rendering them

A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography.

Science.gov (United States)

Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Zhao, Jining

2015-03-01

Radio Frequency Identification(RFID) is an automatic identification technology, which can be widely used in healthcare environments to locate and track staff, equipment and patients. However, potential security and privacy problems in RFID system remain a challenge. In this paper, we design a mutual authentication protocol for RFID based on elliptic curve cryptography(ECC). We use pre-computing method within tag's communication, so that our protocol can get better efficiency. In terms of security, our protocol can achieve confidentiality, unforgeability, mutual authentication, tag's anonymity, availability and forward security. Our protocol also can overcome the weakness in the existing protocols. Therefore, our protocol is suitable for healthcare environments.

A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem.

Science.gov (United States)

Zhao, Zhenguo

2014-05-01

With the fast advancement of the wireless communication technology and the widespread use of medical systems, the radio frequency identification (RFID) technology has been widely used in healthcare environments. As the first important protocol for ensuring secure communication in healthcare environment, the RFID authentication protocols derive more and more attentions. Most of RFID authentication protocols are based on hash function or symmetric cryptography. To get more security properties, elliptic curve cryptosystem (ECC) has been used in the design of RFID authentication protocol. Recently, Liao and Hsiao proposed a new RFID authentication protocol using ECC and claimed their protocol could withstand various attacks. In this paper, we will show that their protocol suffers from the key compromise problem, i.e. an adversary could get the private key stored in the tag. To enhance the security, we propose a new RFID authentication protocol using ECC. Detailed analysis shows the proposed protocol not only could overcome weaknesses in Liao and Hsiao's protocol but also has the same performance. Therefore, it is more suitable for healthcare environments.

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

Directory of Open Access Journals (Sweden)

Jongho Moon

2017-01-01

Full Text Available Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

Science.gov (United States)

Amin, Ruhul; Biswas, G P

2015-08-01

Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

Semantics and logic for security protocols

NARCIS (Netherlands)

Jacobs, B.P.F.; Hasuo, I.

2009-01-01

This paper presents a sound BAN-like logic for reasoning about security protocols with theorem prover support. The logic has formulas for sending and receiving messages (with nonces, public and private encryptions, etc.), and has both temporal and epistemic operators (describing the knowledge of

Selection application for platforms and security protocols suitable for wireless sensor networks

International Nuclear Information System (INIS)

Moeller, S; Newe, T; Lochmann, S

2009-01-01

There is a great number of platforms and security protocols which can be used for wireless sensor networks (WSN). All these platforms and protocols have different properties with certain advantages and disadvantages. For a good choice of platform and an associated protocol, these advantages and disadvantages should be compared and the best for the appropriate WSN chosen. To select a Security protocol and a wireless platform suitable for a specific application a software tool will be developed. That tool will enable wireless network deployment engineers to easily select a suitable wireless platform for their application based on their network needs and application security requirements.

Financial Risk Ratios and Earnings Management: Reducing Uncertainties in Shariah-compliant Companies

Directory of Open Access Journals (Sweden)

Soheil Kazemian

2018-01-01

Full Text Available This study examines whether Shariah-compliant companies practice earnings management by investigating the relationship among the risk of financial distress, leverage, and free cash flow in discretionary accruals, which function as a substitute for earnings management. This empirical research is conducted on a sample of Malaysian Shariah-compliant companies from all industries in Bursa Malaysia from 2012 to 2014. Results show that Shariah-compliant companies are highly influenced by the risk of financial distress, leverage, and free cash flow. This study argues that working as either Shariah-compliant or non-Shariah-compliant does not affect the level of earnings management through financial distress, high leverage, and free cash flow by managers. Results should be of interest to stakeholders, shareholders, and regulatory bodies (i.e., the Shariah Advisory Council and the Securities Commission that oversee the accountability of corporate financial reporting to prevent earnings management in Shariah-compliant companies. Findings can also aid relevant authorities (i.e., the Shariah Advisory Council and the Security Commission in Malaysia in overcoming or reducing problems related to earnings management. This study is one of the most significant works in Malaysia in terms of sample size and methodology. It argues that the three elements of earnings management (i.e., financial distress, high leverage, and free cash flow influence better disclosure of reported earnings.

On the security of an anonymous roaming protocol in UMTS mobile networks

Directory of Open Access Journals (Sweden)

Shuhua Wu

2012-02-01

Full Text Available In this communication, we first show that the privacy-preserving roaming protocol recently proposed for mobile networks cannot achieve the claimed security level. Then we suggest an improved protocol to remedy its security problems.

A Secure Simplification of the PKMv2 Protocol in IEEE 802.16e-2005

DEFF Research Database (Denmark)

Yuksel, Ender; Nielson, Hanne Riis; Nielsen, Christoffer Rosenkilde

2007-01-01

Static analysis is successfully used for automatically validating security properties of classical cryptographic protocols. In this paper, we shall employ the same technique to a modern security protocol for wireless networks, namely the latest version of the Privacy and Key Management protocol...... for IEEE 802.16e, PKMv2. This protocol seems to have an exaggerated mixture of security features. Thus, we iteratively investigate which components are necessary for upholding the security properties and which can be omitted safely. This approach is based on the LySa process calculus and employs...

Adaptive Beaconing in Mobility Aware Clustering Based MAC Protocol for Safety Message Dissemination in VANET

Directory of Open Access Journals (Sweden)

Nishu Gupta

2017-01-01

Full Text Available Majority of research contributions in wireless access in vehicular environment (WAVE/IEEE 802.11p standard focus on life critical safety-related applications. These applications require regular status update of vehicle’s position referred to as beaconing. Periodic beaconing in vehicle to vehicle communication leads to severe network congestion in the communication channel. The condition worsens under high vehicular density where it impacts reliability and upper bound latency of safety messages. In this paper, WAVE compliant enhancement to the existing IEEE 802.11p protocol is presented which targets prioritized delivery of safety messages while simultaneously provisioning the dissemination of nonsafety messages. Proposed scheme relies on dynamic generation of beacons to mitigate channel congestion and inefficient bandwidth utilization by reducing transmission frequency of beacons. Through the use of clustering mechanism, different beaconing frequencies and different data transmission rates are assigned to prioritize vehicular mobility. Through extensive simulation results, the performance of the proposed approach is evaluated in terms of a wide range of quality of service (QoS parameters for two different transmission ranges. Results show that the proposed protocol provides significant enhancement and stability of the clustered topology in vehicular ad hoc network over existing standard and other protocols with similar applications.

Secure Multi-Player Protocols

DEFF Research Database (Denmark)

Fehr, Serge

While classically cryptography is concerned with the problem of private communication among two entities, say players, in modern cryptography multi-player protocols play an important role. And among these, it is probably fair to say that secret sharing, and its stronger version verifiable secret...... sharing (VSS), as well as multi-party computation (MPC) belong to the most appealing and/or useful ones. The former two are basic tools to achieve better robustness of cryptographic schemes against malfunction or misuse by “decentralizing” the security from one single to a whole group of individuals...... (captured by the term threshold cryptography). The latter allows—at least in principle—to execute any collaboration among a group of players in a secure way that guarantees the correctness of the outcome but simultaneously respects the privacy of the participants. In this work, we study three aspects...

Analysing Password Protocol Security Against Off-line Dictionary Attacks

NARCIS (Netherlands)

Corin, R.J.; Doumen, J.M.; Etalle, Sandro; Busi, Nadia; Gorrieri, Roberto; Martinelli, Fabio

We study the security of password protocols against off-line dictionary attacks. In addition to the standard adversary abilities, we also consider further cryptographic advantages given to the adversary when considering the password protocol being instantiated with particular encryption schemes. We

iQOS: evidence of pyrolysis and release of a toxicant from plastic.

Science.gov (United States)

Davis, Barbara; Williams, Monique; Talbot, Prue

2018-03-13

To evaluate performance of the I quit original smoking (iQOS) heat-not-burn system as a function of cleaning and puffing topography, investigate the validity of manufacturer's claims that this device does not burn tobacco and determine if the polymer-film filter is potentially harmful. iQOS performance was evaluated using five running conditions incorporating two different cleaning protocols. Heatsticks were visually and stereomicroscopically inspected preuse and postuse to determine the extent of tobacco plug charring (from pyrolysis) and polymer-film filter melting, and to elucidate the effects of cleaning on charring. Gas chromatography-mass spectrometry headspace analysis was conducted on unused polymer-film filters to determine if potentially toxic chemicals are emitted from the filter during heating. For all testing protocols, pressure drop decreased as puff number increased. Changes in testing protocols did not affect aerosol density. Charring due to pyrolysis (a form of organic matter thermochemical decomposition) was observed in the tobacco plug after use. When the manufacturer's cleaning instructions were followed, both charring of the tobacco plug and melting of the polymer-film filter increased. Headspace analysis of the polymer-film filter revealed the release of formaldehyde cyanohydrin at 90°C, which is well below the maximum temperature reached during normal usage. Device usage limitations may contribute to decreases in interpuff intervals, potentially increasing user's intake of nicotine and other harmful chemicals. This study found that the tobacco plug does char and that charring increases when the device is not cleaned between heatsticks. Release of formaldehyde cyanohydrin is a concern as it is highly toxic at very low concentrations. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2018. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

QoS Negotiation and Renegotiation Based on Mobile Agents

Institute of Scientific and Technical Information of China (English)

ZHANG Shi-bing; ZHANG Deng-yin

2006-01-01

The Quality of Service (QoS) has received more and more attention since QoS becomes increasingly important in the Internet development. Mobile software agents represent a valid alternative to the implementation of strategies for the negotiation. In this paper, a QoS negotiation and renegotiation system architecture based on mobile agents is proposed. The agents perform the task in the whole process. Therefore, such a system can reduce the network load, overcome latency, and avoid frequent exchange information between clients and server. The simulation results show that the proposed system could improve the network resource utility about 10%.

Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

Directory of Open Access Journals (Sweden)

Younsung Choi

2014-06-01

Full Text Available Wireless sensor networks (WSNs consist of sensors, gateways and users. Sensors are widely distributed to monitor various conditions, such as temperature, sound, speed and pressure but they have limited computational ability and energy. To reduce the resource use of sensors and enhance the security of WSNs, various user authentication protocols have been proposed. In 2011, Yeh et al. first proposed a user authentication protocol based on elliptic curve cryptography (ECC for WSNs. However, it turned out that Yeh et al.’s protocol does not provide mutual authentication, perfect forward secrecy, and key agreement between the user and sensor. Later in 2013, Shi et al. proposed a new user authentication protocol that improves both security and efficiency of Yeh et al.’s protocol. However, Shi et al.’s improvement introduces other security weaknesses. In this paper, we show that Shi et al.’s improved protocol is vulnerable to session key attack, stolen smart card attack, and sensor energy exhausting attack. In addition, we propose a new, security-enhanced user authentication protocol using ECC for WSNs.

Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography.

Science.gov (United States)

Choi, Younsung; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Nam, Junghyun; Won, Dongho

2014-06-10

Wireless sensor networks (WSNs) consist of sensors, gateways and users. Sensors are widely distributed to monitor various conditions, such as temperature, sound, speed and pressure but they have limited computational ability and energy. To reduce the resource use of sensors and enhance the security of WSNs, various user authentication protocols have been proposed. In 2011, Yeh et al. first proposed a user authentication protocol based on elliptic curve cryptography (ECC) for WSNs. However, it turned out that Yeh et al.'s protocol does not provide mutual authentication, perfect forward secrecy, and key agreement between the user and sensor. Later in 2013, Shi et al. proposed a new user authentication protocol that improves both security and efficiency of Yeh et al.'s protocol. However, Shi et al.'s improvement introduces other security weaknesses. In this paper, we show that Shi et al.'s improved protocol is vulnerable to session key attack, stolen smart card attack, and sensor energy exhausting attack. In addition, we propose a new, security-enhanced user authentication protocol using ECC for WSNs.

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance

Science.gov (United States)

Watzlaf, Valerie J.M.; Moeini, Sohrab; Firouzan, Patti

2010-01-01

Voice over the Internet Protocol (VoIP) systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR) therapy that can provide voice and video teleconferencing between patients and therapists. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR. PMID:25945172

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance.

Science.gov (United States)

Watzlaf, Valerie J M; Moeini, Sohrab; Firouzan, Patti

2010-01-01

Voice over the Internet Protocol (VoIP) systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR) therapy that can provide voice and video teleconferencing between patients and therapists. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR.

A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System.

Science.gov (United States)

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2015-08-01

Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency.

Compliant flooring to prevent fall-related injuries: a scoping review protocol.

Science.gov (United States)

Lachance, Chantelle C; Jurkowski, Michal P; Dymarz, Ania C; Mackey, Dawn C

2016-08-16

Fall-related injuries can have serious consequences for older adults, including increased risk of dependence in daily activities and mortality. Compliant flooring is a passive intervention that may reduce the incidence and severity of fall-related injuries in healthcare settings, including acute and long-term care, but few sites have implemented compliant flooring, in part because synthesised evidence about key performance aspects has not been available. We will conduct a scoping review to address the question: what is presented about the biomechanical efficacy, clinical effectiveness, cost-effectiveness, and workplace safety associated with compliant flooring systems that aim to prevent fall-related injuries? We will conduct a comprehensive and systematic literature search of academic databases (AgeLine, CINAHL, EBM Reviews, MEDLINE (Ovid), SportDiscus and Web of Science) and grey literature (clinical trial registries, theses/dissertations, abstracts/conference proceedings and relevant websites). 2 team members will independently screen records (first titles and abstracts, then full text) and extract data from included records. Numerical and narrative analyses will be presented by theme (biomechanical efficacy, clinical effectiveness, cost-effectiveness, workplace safety). This scoping review responds to the information needs of healthcare decision-makers tasked with preventing fall-related injuries. This review will summarise evidence about compliant flooring as a potential intervention for preventing fall-related injuries in older adults and identify gaps in evidence and new avenues for research. Results will be especially useful in long-term care, but also applicable in acute care, assisted living and home care. We will disseminate the review's findings via open-access publications, conference presentations, a webinar, a Stakeholder Symposium and a Knowledge-to-Action Report. Published by the BMJ Publishing Group Limited. For permission to use (where not

An Intelligent QoS Identification for Untrustworthy Web Services Via Two-phase Neural Networks

OpenAIRE

Wang, Weidong; Wang, Liqiang; Lu, Wei

2016-01-01

QoS identification for untrustworthy Web services is critical in QoS management in the service computing since the performance of untrustworthy Web services may result in QoS downgrade. The key issue is to intelligently learn the characteristics of trustworthy Web services from different QoS levels, then to identify the untrustworthy ones according to the characteristics of QoS metrics. As one of the intelligent identification approaches, deep neural network has emerged as a powerful techniqu...

Impersonation attack on a quantum secure direct communication and authentication protocol with improvement

Science.gov (United States)

Amerimehr, Ali; Hadain Dehkordi, Massoud

2018-03-01

We analyze the security of a quantum secure direct communication and authentication protocol based on single photons. We first give an impersonation attack on the protocol. The cryptanalysis shows that there is a gap in the authentication procedure of the protocol so that an opponent can reveal the secret information by an undetectable attempt. We then propose an improvement for the protocol and show it closes the gap by applying a mutual authentication procedure. In the improved protocol single photons are transmitted once in a session, so it is easy to implement as the primary protocol. Furthermore, we use a novel technique for secret order rearrangement of photons by which not only quantum storage is eliminated also a secret key can be reused securely. So the new protocol is applicable in practical approaches like embedded system devices.

Adaptive versus Non-Adaptive Security of Multi-Party Protocols

DEFF Research Database (Denmark)

Canetti, Ran; Damgård, Ivan Bjerre; Dziembowski, Stefan

2004-01-01

Security analysis of multi-party cryptographic protocols distinguishes between two types of adversarial settings: In the non-adaptive setting the set of corrupted parties is chosen in advance, before the interaction begins. In the adaptive setting the adversary chooses who to corrupt during...... the course of the computation. We study the relations between adaptive security (i.e., security in the adaptive setting) and nonadaptive security, according to two definitions and in several models of computation....

Typing and compositionality for security protocols: A generalization to the geometric fragment

DEFF Research Database (Denmark)

Almousa, Omar; Mödersheim, Sebastian Alexander; Modesti, Paolo

2015-01-01

We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that any security protocol that fulfils a number of sufficient conditions has an attack if it has a well-typed attack. The second kind considers the parallel composition of pro...... of protocols, showing that when running two protocols in parallel allows for an attack, then at least one of the protocols has an attack in isolation. The most important generalization over previous work is the support for all security properties of the geometric fragment.......We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that any security protocol that fulfils a number of sufficient conditions has an attack if it has a well-typed attack. The second kind considers the parallel composition...

Simple proof of the unconditional security of the Bennett 1992 quantum key distribution protocol

International Nuclear Information System (INIS)

Zhang Quan; Tang Chaojing

2002-01-01

It is generally accepted that quantum key distribution (QKD) could supply legitimate users with unconditional security during their communication. Quite a lot of satisfactory efforts have been achieved on experimentations with quantum cryptography. However, when the eavesdropper has extra-powerful computational ability, has access to a quantum computer, for example, and can carry into execution any eavesdropping measurement that is allowed by the laws of physics, the security against such attacks has not been widely studied and rigorously proved for most QKD protocols. Quite recently, Shor and Preskill proved concisely the unconditional security of the Bennett-Brassard 1984 (BB84) protocol. Their method is highly valued for its clarity of concept and concision of form. In order to take advantage of the Shor-Preskill technique in their proof of the unconditional security of the BB84 QKD protocol, we introduced in this paper a transformation that can translate the Bennett 1992 (B92) protocol into the BB84 protocol. By proving that the transformation leaks no more information to the eavesdropper, we proved the unconditional security of the B92 protocol. We also settled the problem proposed by Lo about how to prove the unconditional security of the B92 protocol with the Shor-Preskill method

Adaptive security protocol selection for mobile computing

NARCIS (Netherlands)

Pontes Soares Rocha, B.; Costa, D.N.O.; Moreira, R.A.; Rezende, C.G.; Loureiro, A.A.F.; Boukerche, A.

2010-01-01

The mobile computing paradigm has introduced new problems for application developers. Challenges include heterogeneity of hardware, software, and communication protocols, variability of resource limitations and varying wireless channel quality. In this scenario, security becomes a major concern for

Security of the arbitrated quantum signature protocols revisited

International Nuclear Information System (INIS)

Kejia, Zhang; Dan, Li; Qi, Su

2014-01-01

Recently, much attention has been paid to the study of arbitrated quantum signature (AQS). Among these studies, the cryptanalysis of some AQS protocols and a series of improved ideas have been proposed. Compared with the previous analysis, we present a security criterion, which can judge whether an AQS protocol is able to prevent the receiver (i.e. one participant in the signature protocol) from forging a legal signature. According to our results, it can be seen that most AQS protocols which are based on the Zeng and Keitel (ZK) model are susceptible to a forgery attack. Furthermore, we present an improved idea of the ZK protocol. Finally, some supplement discussions and several interesting topics are provided. (paper)

On Protocol Security in the Cryptographic Model

DEFF Research Database (Denmark)

Nielsen, Jesper Buus

you as possible. This is the general problem of secure multiparty computation. The usual way of formalizing the problem is to say that a number of parties who do not trust each other wish to compute some function of their local inputs, while keeping their inputs as secret as possible and guaranteeing...... the channels by which they communicate. A general solution to the secure multiparty computation problem is a compiler which given any feasible function describes an efficient protocol which allows the parties to compute the function securely on their local inputs over an open network. Over the past twenty...... years the secure multiparty computation problem has been the subject of a large body of research, both research into the models of multiparty computation and research aimed at realizing general secure multiparty computation. The main approach to realizing secure multiparty computation has been based...

An implementation of a security infrastructure compliant with the Italian Personal Data Protection Code in a web-based cooperative work system.

Science.gov (United States)

Eccher, Claudio; Eccher, Lorenzo; Izzo, Umberto

2005-01-01

In this poster we describe the security solutions implemented in a web-based cooperative work frame-work for managing heart failure patients among different health care professionals involved in the care process. The solution, developed in close collaboration with the Law Department of the University of Trento, is compliant with the new Italian Personal Data Protection Code, issued in 2003, that regulates also the storing and processing of health data.

Security analysis of standards-driven communication protocols for healthcare scenarios.

Science.gov (United States)

Masi, Massimiliano; Pugliese, Rosario; Tiezzi, Francesco

2012-12-01

The importance of the Electronic Health Record (EHR), that stores all healthcare-related data belonging to a patient, has been recognised in recent years by governments, institutions and industry. Initiatives like the Integrating the Healthcare Enterprise (IHE) have been developed for the definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large scale projects have been set up for enabling healthcare professionals to handle patients' EHRs. The success of applications developed in these contexts crucially depends on ensuring such security properties as confidentiality, authentication, and authorization. In this paper, we first propose a communication protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring patients' safety. By means of a formal analysis carried out by using the specification language COWS and the model checker CMC, we reveal a security flaw in the protocol thus demonstrating that to simply adopt the international standards does not guarantee the absence of such type of flaws. We then propose how to emend the IHE specifications and modify the protocol accordingly. Finally, we show how to tailor our protocol for application to more critical scenarios with no assumptions on the communication channels. To demonstrate feasibility and effectiveness of our protocols we have fully implemented them.

Secure Handshake in Wi-Fi Connection (A Secure and Enhanced Communication Protocol)

OpenAIRE

Ranbir Sinha; Nishant Behar; Devendra Singh

2012-01-01

This paper presents a concept of enhancing the security in wireless communication. A Computer Network is an interconnected group of autonomous computing nodes, which use a well-defined, mutually agreed set of rules and conventions known as protocols, interact with one-another meaningfully and allow resource sharing preferably in a predictable and controllable manner. Communication has a major impact on today’s business. It is desired to communicate data with high security. These days wireless...

A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks

Science.gov (United States)

2018-01-01

Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.’s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols. PMID:29702675

Seamless interworking architecture for WBAN in heterogeneous wireless networks with QoS guarantees.

Science.gov (United States)

Khan, Pervez; Ullah, Niamat; Ullah, Sana; Kwak, Kyung Sup

2011-10-01

The IEEE 802.15.6 standard is a communication standard optimized for low-power and short-range in-body/on-body nodes to serve a variety of medical, consumer electronics and entertainment applications. Providing high mobility with guaranteed Quality of Service (QoS) to a WBAN user in heterogeneous wireless networks is a challenging task. A WBAN uses a Personal Digital Assistant (PDA) to gather data from body sensors and forwards it to a remote server through wide range wireless networks. In this paper, we present a coexistence study of WBAN with Wireless Local Area Networks (WLAN) and Wireless Wide Area Networks (WWANs). The main issue is interworking of WBAN in heterogenous wireless networks including seamless handover, QoS, emergency services, cooperation and security. We propose a Seamless Interworking Architecture (SIA) for WBAN in heterogenous wireless networks based on a cost function. The cost function is based on power consumption and data throughput costs. Our simulation results show that the proposed scheme outperforms typical approaches in terms of throughput, delay and packet loss rate.

Secure Protocol for “Host — NFC Reader” Communication

Directory of Open Access Journals (Sweden)

A. O. Menshenin

2012-06-01

Full Text Available The paper presents a secure protocol for communication between host and NFC reader. The protocol protection scheme uses symmetric cipher with cyclic session key generation and provides confidentiality, integrity, end parties authentication and resistance to replay attacks. Deployment scenario in a typical electronic payment system is also presented.

Secure Certificateless Authentication and Road Message Dissemination Protocol in VANETs

Directory of Open Access Journals (Sweden)

Haowen Tan

2018-01-01

Full Text Available As a crucial component of Internet-of-Thing (IoT, vehicular ad hoc networks (VANETs have attracted increasing attentions from both academia and industry fields in recent years. With the extensive VANETs deployment in transportation systems of more and more countries, drivers’ driving experience can be drastically improved. In this case, the real-time road information needs to be disseminated to the correlated vehicles. However, due to inherent wireless communicating characteristics of VANETs, authentication and group key management strategies are indispensable for security assurance. Furthermore, effective road message dissemination mechanism is of significance. In this paper, we address the above problems by developing a certificateless authentication and road message dissemination protocol. In our design, certificateless signature and the relevant feedback mechanism are adopted for authentication and group key distribution. Subsequently, message evaluating and ranking strategy is introduced. Security analysis shows that our protocol achieves desirable security properties. Additionally, performance analysis demonstrates that the proposed protocol is efficient compared with the state of the art.

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance

Directory of Open Access Journals (Sweden)

Valerie J.M. Watzlaf

2010-10-01

Full Text Available Voice over the Internet Protocol (VoIP systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR therapy that can provide voice and video teleconferencing between patients and therapists.  Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care, and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR.   

Optimal Network QoS over the Internet of Vehicles for E-Health Applications

Directory of Open Access Journals (Sweden)

Di Lin

2016-01-01

Full Text Available Wireless technologies are pervasive to support ubiquitous healthcare applications. However, a critical issue of using wireless communications under a healthcare scenario is the electromagnetic interference (EMI caused by RF transmission, and a high level of EMI may lead to a critical malfunction of medical sensors. In consideration of EMI on medical sensors, we study the optimization of quality of service (QoS within the whole Internet of vehicles for E-health and propose a novel model to optimize the QoS by allocating the transmit power of each user. Our results show that the optimal power control policy depends on the objective of optimization problems: a greedy policy is optimal to maximize the summation of QoS of each user, whereas a fair policy is optimal to maximize the product of QoS of each user. Algorithms are taken to derive the optimal policies, and numerical results of optimizing QoS are presented for both objectives and QoS constraints.

The UMTS-AKA Protocols for Intelligent Transportation Systems

Directory of Open Access Journals (Sweden)

Hwang Min-Shiang

2009-01-01

Full Text Available The integration of communication protocols into transport systems is a much adored research area today. Much of seminal work has been reported on the topic of intelligent transportation systems (ITS in the recent years. Many advanced techniques have been garnered to improve online communication and to promote the security, comfort, and efficiency of ITS. Of primary importance to the effective application of ITS is the communication protocol used. A fascinating development is that the yesterday's Global System for Mobile Communication protocol is being replaced by the Universal Mobile Telecommunication System protocol, which is the third-generation mobile technology. This article attempts to identify a suitable communication system for ITS applications. It is impracticable to substantially modify the original UMTS-IMS-AKA protocol which is in practice because it can disturb the operation of the current system, and thus we explore other possibilities through this research. We investigate a novel protocol to make the original UMTS-IMS-AKA protocol compliant with ITS as well as adaptable into the current UMTS protocol.

Researches on the Security of Cluster-based Communication Protocol for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Yanhong Sun

2014-08-01

Full Text Available Along with the in-depth application of sensor networks, the security issues have gradually become the bottleneck of wireless sensor applications. To provide a solution for security scheme is a common concern not only of researchers but also of providers, integrators and users of wireless sensor networks. Based on this demand, this paper focuses on the research of strengthening the security of cluster-based wireless sensor networks. Based on the systematic analysis of the clustering protocol and its security enhancement scheme, the paper introduces the broadcast authentication scheme, and proposes an SA-LEACH network security enhancement protocol. The performance analysis and simulation experiments prove that the protocol consumes less energy with the same security requirements, and when the base station is comparatively far from the network deployment area, it is more advantageous in terms of energy consumption and t more suitable for wireless sensor networks.

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobile Ad Hoc Networks

Science.gov (United States)

2010-09-01

motivated research in behavior grading systems [56]. Peer-to-peer eCommerce appli- cations such as eBay, Amazon, uBid, and Yahoo have performed research that...Security in Mobile Ad Hoc Networks”. IEEE Security & Privacy , 72–75, 2008. 15. Chakeres, ID and EM Belding-Royer. “AODV Routing Protocol Implementa...Detection System”. Proceedings of IEEE Computer Society Symposium on Research in Security and Privacy , 240–250. 1992. 21. Devore, J.L. and N.R. Farnum

A Source Anonymity-Based Lightweight Secure AODV Protocol for Fog-Based MANET.

Science.gov (United States)

Fang, Weidong; Zhang, Wuxiong; Xiao, Jinchao; Yang, Yang; Chen, Wei

2017-06-17

Fog-based MANET (Mobile Ad hoc networks) is a novel paradigm of a mobile ad hoc network with the advantages of both mobility and fog computing. Meanwhile, as traditional routing protocol, ad hoc on-demand distance vector (AODV) routing protocol has been applied widely in fog-based MANET. Currently, how to improve the transmission performance and enhance security are the two major aspects in AODV's research field. However, the researches on joint energy efficiency and security seem to be seldom considered. In this paper, we propose a source anonymity-based lightweight secure AODV (SAL-SAODV) routing protocol to meet the above requirements. In SAL-SAODV protocol, source anonymous and secure transmitting schemes are proposed and applied. The scheme involves the following three parts: the source anonymity algorithm is employed to achieve the source node, without being tracked and located; the improved secure scheme based on the polynomial of CRC-4 is applied to substitute the RSA digital signature of SAODV and guarantee the data integrity, in addition to reducing the computation and energy consumption; the random delayed transmitting scheme (RDTM) is implemented to separate the check code and transmitted data, and achieve tamper-proof results. The simulation results show that the comprehensive performance of the proposed SAL-SAODV is a trade-off of the transmission performance, energy efficiency, and security, and better than AODV and SAODV.

On BAN logics for industrial security protocols

NARCIS (Netherlands)

Agray, N.; Hoek, van der W.; Vink, de E.P.; Dunin-Keplicz, B.; Nawarecki, E.

2002-01-01

This paper reports on two case-studies of applying BAN logic to industrial strength security protocols. These studies demonstrate the flexibility of the BAN language, as it caters for the addition of appropriate constructs and rules. We argue that, although a semantical foundation of the formalism

Compliant tiedown system for securing a cask for transporting radioactive materials to a vehicle

International Nuclear Information System (INIS)

Richardson, R.V.

1991-01-01

This patent describes a tiedown system for releasably securing a cask having opposing trunnions to a cradle assembly that in turn is mounted onto the deck and frame of a vehicle. The cradle assembly includes at least one cradle member for supporting the weight of the cask, and wherein the cask trunnions are displaceable in opposite vertical directions relative to the cradle member of the cradle assembly when the assembly is torsionally flexed, and the cask rotates relative to the cradle member, about a horizontally oriented axis comprising a compliant linkage means including a tie-bar means operably connected between the trunnions and moveably mounted within the cradle assembly for applying a biasing force on each of the trunnions that remains substantially constant despite the opposite vertical displacement of the trunnions relative to the cradle member that results from the torsional flexing of the vehicle deck

On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys

Directory of Open Access Journals (Sweden)

Junghyun Nam

2014-01-01

Full Text Available Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010: (1 the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2 the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3 the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

A QoS Scheme for a Congestion Core Network Based on Dissimilar QoS Structures in Smart-Phone Environments

Science.gov (United States)

Hong, Sung-Ryong; Na, Wonshik; Kang, Jang-Mook

2010-01-01

This study suggests an approach to effective transmission of multimedia content in a rapidly changing Internet environment including smart-phones. Guaranteeing QoS in networks is currently an important research topic. When transmitting Assured Forwarding (AF) packets in a Multi-DiffServ network environment, network A may assign priority in an order AF1, AF2, AF3 and AF4; on the other hand, network B may reverse the order to a priority AF4, AF3, AF2 and AF1. In this case, the AF1 packets that received the best quality of service in network A will receive the lowest in network B, which may result in dropping of packets in network B and vice versa. This study suggests a way to guarantee QoS between hosts by minimizing the loss of AF packet class when one network transmits AF class packets to another network with differing principles. It is expected that QoS guarantees and their experimental value may be utilized as principles which can be applied to various mobile-web environments based on smart-phones. PMID:22163453

Invariant-based reasoning about parameterized security protocols

NARCIS (Netherlands)

Mooij, A.J.

2010-01-01

We explore the applicability of the programming method of Feijen and van Gasteren to the domain of security protocols. This method addresses the derivation of concurrent programs from a formal specification, and it is based on common notions like invariants and pre- and post-conditions. We show that

A quantum secure direct communication protocol based on a five-particle cluster state and classical XOR operation

International Nuclear Information System (INIS)

Li Jian; Song Danjie; Guo Xiaojing; Jing Bo

2012-01-01

In order to transmit secure messages, a quantum secure direct communication protocol based on a five-particle cluster state and classical XOR operation is presented. The five-particle cluster state is used to detect eavesdroppers, and the classical XOR operation serving as a one-time-pad is used to ensure the security of the protocol. In the security analysis, the entropy theory method is introduced, and three detection strategies are compared quantitatively by using the constraint between the information that the eavesdroppers can obtain and the interference introduced. If the eavesdroppers intend to obtain all the information, the detection rate of the original ping-pong protocol is 50%; the second protocol, using two particles of the Einstein-Podolsky-Rosen pair as detection particles, is also 50%; while the presented protocol is 89%. Finally, the security of the proposed protocol is discussed, and the analysis results indicate that the protocol in this paper is more secure than the other two. (authors)

Uplink Cross-Layer Scheduling with Differential QoS Requirements in OFDMA Systems

Directory of Open Access Journals (Sweden)

Chen Wei

2010-01-01

Full Text Available Fair and efficient scheduling is a key issue in cross-layer design for wireless communication systems, such as 3GPP LTE and WiMAX. However, few works have considered the multiaccess of the traffic with differential QoS requirements in wireless systems. In this paper, we will consider an OFDMA-based wireless system with four types of traffic associated with differential QoS requirements, namely, minimum reserved rate, maximum sustainable rate, maximum latency, and tolerant jitter. Given these QoS requirements, the traffic scheduling will be formulated into a cross-layer optimization problem, which is convex fortunately. By separating the power allocation through the waterfilling algorithm in each user, this problem will further reduce to a kind of continuous quadratic knapsack problem in the base station which yields low complexity. It is then demonstrated that the proposed cross-layer method cannot only guarantee the application layer QoS requirements, but also minimizes the integrated residual workload in the MAC layer. To further enhance the ability of QoS assurance in heavily loaded scenario, a call admission control scheme will also be proposed. The simulation results show that the QoS requirements for the four types of traffic are guaranteed effectively by the proposed algorithms.

Using Kalman Filter to Guarantee QoS Robustness of Web Server

Institute of Scientific and Technical Information of China (English)

无

2006-01-01

The exponential growth of the Internet coupled with the increasing popularity of dynamically generated content on the World Wide Web, has created the need for more and faster Web servers capable of serving the over 100 million Internet users. To converge the control method has emerged as a promising technique to solve the Web QoS problem. In this paper, a model of adaptive session is presented and a session flow self-regulating algorism based on Kalman Filter are proposed towards Web Server. And a Web QoS self-regulating scheme is advanced. To attain the goal of on-line system identification, the optimized estimation of QoS parameters is fulfilled by utilizing Kalman Filter in full domain. The simulation results shows that the proposed scheme can guarantee the QoS with both robustness and stability .

An Efficient and Secure Arbitrary N-Party Quantum Key Agreement Protocol Using Bell States

Science.gov (United States)

Liu, Wen-Jie; Xu, Yong; Yang, Ching-Nung; Gao, Pei-Pei; Yu, Wen-Bin

2018-01-01

Two quantum key agreement protocols using Bell states and Bell measurement were recently proposed by Shukla et al. (Quantum Inf. Process. 13(11), 2391-2405, 2014). However, Zhu et al. pointed out that there are some security flaws and proposed an improved version (Quantum Inf. Process. 14(11), 4245-4254, 2015). In this study, we will show Zhu et al.'s improvement still exists some security problems, and its efficiency is not high enough. For solving these problems, we utilize four Pauli operations { I, Z, X, Y} to encode two bits instead of the original two operations { I, X} to encode one bit, and then propose an efficient and secure arbitrary N-party quantum key agreement protocol. In the protocol, the channel checking with decoy single photons is introduced to avoid the eavesdropper's flip attack, and a post-measurement mechanism is used to prevent against the collusion attack. The security analysis shows the present protocol can guarantee the correctness, security, privacy and fairness of quantum key agreement.

Handbook of compliant mechanisms

CERN Document Server

Howell, Larry L; Olsen, Brian M

2013-01-01

A fully illustrated reference book giving an easy-to-understand introduction to compliant mechanisms A broad compilation of compliant mechanisms to give inspiration and guidance to those interested in using compliant mechanisms in their designs, the Handbook of Compliant Mechanisms includes graphics and descriptions of many compliant mechanisms. It comprises an extensive categorization of devices that can be used to help readers identify compliant mechanisms related to their application. It also provides chapters on the basic background in compliant mechanisms, the categories o

Design and Research of a New secure Authentication Protocol in GSM networks

Directory of Open Access Journals (Sweden)

Qi Ai-qin

2016-01-01

Full Text Available As the first line of defense in the security application system, Authentication is an important security service. Its typical scheme is challenge/response mechanism and this scheme which is simple-structured and easy to realize has been used worldwide. But these protocols have many following problems In the GSM networks such as the leakage of user indentity privacy, no security protection between home registers and foreign registers and the vicious intruders’ information stealing and so on. This paper presents an authentication protocol in GSM networks based on maths operation and modular square root technique . The analysis of the security and performance has also been done. The results show that it is more robust and secure compared to the previous agreements.

Asynchronous transfer mode and Local Area Network emulation standards, protocols, and security implications

OpenAIRE

Kirwin, John P.

1999-01-01

A complex networking technology called Asynchronous Transfer Mode (ATM) and a networking protocol called Local Area Network Emulation (LANE) are being integrated into many naval networks without any security-driven naval configuration guidelines. No single publication is available that describes security issues of data delivery and signaling relating to the transition of Ethernet to LANE and ATM. The thesis' focus is to provide: (1) an overview and security analysis of standardized protocols ...

Strong Authentication Protocol based on Java Crypto Chip as a Secure Element

Directory of Open Access Journals (Sweden)

Majid Mumtaz

2016-10-01

Full Text Available Smart electronic devices and gadgets and their applications are becoming more and more popular. Most of those devices and their applications handle personal, financial, medical and other sensitive data that require security and privacy protection. In this paper we describe one aspect of such protection – user authentication protocol based on the use of X.509 certificates. The system uses Public Key Infrastructure (PKI, challenge/response protocol, mobile proxy servers, and Java cards with crypto capabilities used as a Secure Element. Innovative design of the protocol, its implementation, and evaluation results are described. In addition to end-user authentication, the described solution also supports the use of X.509 certificates for additional security services – confidentiality, integrity, and non-repudiation of transactions and data in an open network environment. The system uses Application Programming Interfaces (APIs to access Java cards functions and credentials that can be used as add-ons to enhance any mobile application with security features and services.

Practical security analysis of a quantum stream cipher by the Yuen 2000 protocol

International Nuclear Information System (INIS)

Hirota, Osamu

2007-01-01

There exists a great gap between one-time pad with perfect secrecy and conventional mathematical encryption. The Yuen 2000 (Y00) protocol or αη scheme may provide a protocol which covers from the conventional security to the ultimate one, depending on implementations. This paper presents the complexity-theoretic security analysis on some models of the Y00 protocol with nonlinear pseudo-random-number-generator and quantum noise diffusion mapping (QDM). Algebraic attacks and fast correlation attacks are applied with a model of the Y00 protocol with nonlinear filtering like the Toyocrypt stream cipher as the running key generator, and it is shown that these attacks in principle do not work on such models even when the mapping between running key and quantum state signal is fixed. In addition, a security property of the Y00 protocol with QDM is clarified. Consequently, we show that the Y00 protocol has a potential which cannot be realized by conventional cryptography and that it goes beyond mathematical encryption with physical encryption

Integration of LDSE and LTVS logs with HIPAA compliant auditing system (HCAS)

Science.gov (United States)

Zhou, Zheng; Liu, Brent J.; Huang, H. K.; Guo, Bing; Documet, Jorge; King, Nelson

2006-03-01

The deadline of HIPAA (Health Insurance Portability and Accountability Act) Security Rules has passed on February 2005; therefore being HIPAA compliant becomes extremely critical to healthcare providers. HIPAA mandates healthcare providers to protect the privacy and integrity of the health data and have the ability to demonstrate examples of mechanisms that can be used to accomplish this task. It is also required that a healthcare institution must be able to provide audit trails on image data access on demand for a specific patient. For these reasons, we have developed a HIPAA compliant auditing system (HCAS) for image data security in a PACS by auditing every image data access. The HCAS was presented in 2005 SPIE. This year, two new components, LDSE (Lossless Digital Signature Embedding) and LTVS (Patient Location Tracking and Verification System) logs, have been added to the HCAS. The LDSE can assure medical image integrity in a PACS, while the LTVS can provide access control for a PACS by creating a security zone in the clinical environment. By integrating the LDSE and LTVS logs with the HCAS, the privacy and integrity of image data can be audited as well. Thus, a PACS with the HCAS installed can become HIPAA compliant in image data privacy and integrity, access control, and audit control.

BP Network Control for Resource Allocation and QoS Ensurance in UAV Cloud

Directory of Open Access Journals (Sweden)

Ang Gao

2018-01-01

Full Text Available Unmanned aerial vehicle (UAV cloud can greatly enhance the intelligence of unmanned systems by dynamically unloading the compute-intensive applications to cloud. For the uncertain nature of UAV missions and fast-changing environment, different UAV applications may have different quality of service (QoS requirements. This paper proposes a mixed QoS ensurance and energy-balanced (MQEB architecture for UAV cloud from a view of control theory, which can support both hard and soft QoS ensurance with the consideration of energy saving. The hard and soft QoS requirements are decoupled by being normalized into a two-level cascaded feedback loop. The former is time slot loop (TS-Loop to enforce the absolute QoS ensurance for real-time applications, and the latter is contention window loop (CW-Loop to enforce the plastic QoS ensurance for non-real-time applications. Finally, the back propagating (BP neuron network is used for parameters’ self-tuning and controller design. The hardware experiments demonstrate the feasibility of MQEB. In heavy load, MQEB has greater throughput and better energy efficiency, and in light load, MQBE has lower total power consumption.

A QoS Framework with Traffic Request in Wireless Mesh Network

Science.gov (United States)

Fu, Bo; Huang, Hejiao

In this paper, we consider major issues in ensuring greater Quality-of-Service (QoS) in Wireless Mesh Networks (WMNs), specifically with regard to reliability and delay. To this end, we use traffic request to record QoS requirements of data flows. In order to achieve required QoS for all data flows efficiently and with high portability, we develop Network State Update Algorithm. All assumptions, definitions, and algorithms are made exclusively with WMNs in mind, guaranteeing the portability of our framework to various environments in WMNs. The simulation results in proof that our framework is correct.

PERFORMANCE ANALYSIS OF AI BASED QOS SCHEDULER FOR MOBILE WIMAX

Directory of Open Access Journals (Sweden)

D. David Neels Pon Kumar

2012-09-01

Full Text Available Interest in broadband wireless access (BWA has been growing due to increased user mobility and the need for data access at all times. IEEE 802.16e based WiMAX networks promise the best available quality of experience for mobile data service users. WiMAX networks incorporate several Quality of Service (QoS mechanisms at the Media Access Control (MAC level for guaranteed services for multimedia viz. data, voice and video. The problem of assuring QoS is how to allocate available resources among users to meet the QoS criteria such as delay, delay jitter, fairness and throughput requirements. IEEE standard does not include a standard scheduling mechanism and leaves it for various implementer differentiations. Although a lot of the real-time and non real-time packet scheduling schemes has been proposed, it needs to be modified to apply to Mobile WiMAX system that supports five kinds of service classes. In this paper, we propose a novel Priority based Scheduling scheme that uses Artificial Intelligence to support various services by considering the QoS constraints of each class. The simulation results show that slow mobility does not affect the performances and faster mobility and the increment in users beyond a particular load have their say in defining average throughput, average per user throughput, fairness index, average end to end delay and average delay jitter. Nevertheless the results are encouraging that the proposed scheme provides QoS support for each class efficiently.

A Protocol for Bidirectional Quantum Secure Communication Based on Genuine Four-Particle Entangled States

International Nuclear Information System (INIS)

Gao Gan; Wang Liping

2010-01-01

By swapping the entanglement of genuine four-particle entangled states, we propose a bidirectional quantum secure communication protocol. The biggest merit of this protocol is that the information leakage does not exist. In addition, the ideas of the 'two-step' transmission and the block transmission are employed in this protocol. In order to analyze the security of the second sequence transmission, decoy states are used. (general)

QOS-aware error recovery in wireless body sensor networks using adaptive network coding.

Science.gov (United States)

Razzaque, Mohammad Abdur; Javadi, Saeideh S; Coulibaly, Yahaya; Hira, Muta Tah

2014-12-29

Wireless body sensor networks (WBSNs) for healthcare and medical applications are real-time and life-critical infrastructures, which require a strict guarantee of quality of service (QoS), in terms of latency, error rate and reliability. Considering the criticality of healthcare and medical applications, WBSNs need to fulfill users/applications and the corresponding network's QoS requirements. For instance, for a real-time application to support on-time data delivery, a WBSN needs to guarantee a constrained delay at the network level. A network coding-based error recovery mechanism is an emerging mechanism that can be used in these systems to support QoS at very low energy, memory and hardware cost. However, in dynamic network environments and user requirements, the original non-adaptive version of network coding fails to support some of the network and user QoS requirements. This work explores the QoS requirements of WBSNs in both perspectives of QoS. Based on these requirements, this paper proposes an adaptive network coding-based, QoS-aware error recovery mechanism for WBSNs. It utilizes network-level and user-/application-level information to make it adaptive in both contexts. Thus, it provides improved QoS support adaptively in terms of reliability, energy efficiency and delay. Simulation results show the potential of the proposed mechanism in terms of adaptability, reliability, real-time data delivery and network lifetime compared to its counterparts.

Typing and Compositionality for Security Protocols: A Generalization to the Geometric Fragment (Extended Version)

DEFF Research Database (Denmark)

Almousa, Omar; Mödersheim, Sebastian Alexander; Modesti, Paolo

We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that if any security protocol that fulfils a number of sufficient conditions has an attack then it has a well-typed attack. The second kind considers the parallel composition o...... of protocols, showing that when running two protocols in parallel allows for an attack, then at least one of the protocols has an attack in isolation. The most important generalization over previous work is the support for all security properties of the geometric fragment.......We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that if any security protocol that fulfils a number of sufficient conditions has an attack then it has a well-typed attack. The second kind considers the parallel composition...

A Hybrid Analysis for Security Protocols with State

Science.gov (United States)

2014-07-16

http://www.mitre.org/publications/ technical-papers/completeness-of-cpsa. [19] Simon Meier, Cas Cremers , and David Basin. Efficient construction of...7] Cas Cremers and Sjouke Mauw. Operational semantics and verification of security protocols. Springer, 2012. [8] Anupam Datta, Ante Derek, John C

Secure and Efficient Data Transmission over Body Sensor and Wireless Networks

Directory of Open Access Journals (Sweden)

Madhur Sikri

2008-09-01

Full Text Available This paper addresses the transmission of medical and context-aware data from mobile patients to healthcare centers over heterogeneous wireless networks. A handheld device, called personal wireless hub (PWH, of each mobile patient first gathers and aggregates the vital sign and context-aware data for various telemedicine applications. PWH transmits the aggregated data to the remote healthcare center over multiple wireless interfaces such as cellular, WLAN, and WiMAX. The aggregated data contain both periodic data and those nonperiodic unpredictable emergency messages that are sporadic and delayintolerant. This paper addresses the problem of providing QoS (e.g., minimum delay, sufficient data rate, acceptable blocking, and/or dropping rate by designing a packet scheduling and channel/network allocation algorithm over wireless networks. The proposed resource-efficient QoS mechanism is simple and collaborates with an adaptive security algorithm. The QoS and security are achieved mainly with the collaboration of differentiator, delay monitor, data classifier, and scheduler modules within the PWH. This paper also discusses secure data transmission over body sensor networks by introducing key establishment and management algorithms. Simulation results show that the proposed framework achieves low-blocking probability, meets delay requirements, and provides energy-efficient secure communication for the combination of vital signs and context-aware data.

Secure and Efficient Data Transmission over Body Sensor and Wireless Networks

Directory of Open Access Journals (Sweden)

Challa Narasimha

2008-01-01

Full Text Available Abstract This paper addresses the transmission of medical and context-aware data from mobile patients to healthcare centers over heterogeneous wireless networks. A handheld device, called personal wireless hub (PWH, of each mobile patient first gathers and aggregates the vital sign and context-aware data for various telemedicine applications. PWH transmits the aggregated data to the remote healthcare center over multiple wireless interfaces such as cellular, WLAN, and WiMAX. The aggregated data contain both periodic data and those nonperiodic unpredictable emergency messages that are sporadic and delayintolerant. This paper addresses the problem of providing QoS (e.g., minimum delay, sufficient data rate, acceptable blocking, and/or dropping rate by designing a packet scheduling and channel/network allocation algorithm over wireless networks. The proposed resource-efficient QoS mechanism is simple and collaborates with an adaptive security algorithm. The QoS and security are achieved mainly with the collaboration of differentiator, delay monitor, data classifier, and scheduler modules within the PWH. This paper also discusses secure data transmission over body sensor networks by introducing key establishment and management algorithms. Simulation results show that the proposed framework achieves low-blocking probability, meets delay requirements, and provides energy-efficient secure communication for the combination of vital signs and context-aware data.

Security analysis of the “Ping–Pong” quantum communication protocol in the presence of collective-rotation noise

International Nuclear Information System (INIS)

Li, Jian; Li, Lingyun; Jin, Haifei; Li, Ruifan

2013-01-01

Environmental noise is inevitable in non-isolated systems. It is, therefore, necessary to analyze the security of the “Ping–Pong” protocol in a noisy environment. An excellent model for collective-rotation noise is introduced, and information theoretical methods are applied to analyze the security of this protocol. If noise level ε is lower than 11%, an eavesdropper can gain some, but not all, information freely without being detected. Otherwise, the protocol becomes insecure. We conclude that the use of ‘Ping–Pong’ protocol as a quantum secure direct communication (QSDC) protocol is quasi-secure, as declared by the original author when ε⩽11%.

Security analysis of the “Ping–Pong” quantum communication protocol in the presence of collective-rotation noise

Energy Technology Data Exchange (ETDEWEB)

Li, Jian; Li, Lingyun, E-mail: lilingyun@bupt.edu.cn; Jin, Haifei; Li, Ruifan

2013-11-22

Environmental noise is inevitable in non-isolated systems. It is, therefore, necessary to analyze the security of the “Ping–Pong” protocol in a noisy environment. An excellent model for collective-rotation noise is introduced, and information theoretical methods are applied to analyze the security of this protocol. If noise level ε is lower than 11%, an eavesdropper can gain some, but not all, information freely without being detected. Otherwise, the protocol becomes insecure. We conclude that the use of ‘Ping–Pong’ protocol as a quantum secure direct communication (QSDC) protocol is quasi-secure, as declared by the original author when ε⩽11%.

On using multiple routing metrics with destination sequenced distance vector protocol for MultiHop wireless ad hoc networks

Science.gov (United States)

Mehic, M.; Fazio, P.; Voznak, M.; Partila, P.; Komosny, D.; Tovarek, J.; Chmelikova, Z.

2016-05-01

A mobile ad hoc network is a collection of mobile nodes which communicate without a fixed backbone or centralized infrastructure. Due to the frequent mobility of nodes, routes connecting two distant nodes may change. Therefore, it is not possible to establish a priori fixed paths for message delivery through the network. Because of its importance, routing is the most studied problem in mobile ad hoc networks. In addition, if the Quality of Service (QoS) is demanded, one must guarantee the QoS not only over a single hop but over an entire wireless multi-hop path which may not be a trivial task. In turns, this requires the propagation of QoS information within the network. The key to the support of QoS reporting is QoS routing, which provides path QoS information at each source. To support QoS for real-time traffic one needs to know not only minimum delay on the path to the destination but also the bandwidth available on it. Therefore, throughput, end-to-end delay, and routing overhead are traditional performance metrics used to evaluate the performance of routing protocol. To obtain additional information about the link, most of quality-link metrics are based on calculation of the lost probabilities of links by broadcasting probe packets. In this paper, we address the problem of including multiple routing metrics in existing routing packets that are broadcasted through the network. We evaluate the efficiency of such approach with modified version of DSDV routing protocols in ns-3 simulator.

Improving the security of the Hwang-Su protocol for mobile networks

African Journals Online (AJOL)

user

Improving the security of the Hwang-Su protocol for mobile networks. Miloud Ait Hemad, My ... Furthermore, the wireless data channel is low data rate. These restrictions have an ..... Research in Security and Privacy. Wu T. Y. and Tsen Y. M., ...

Security of modified Ping-Pong protocol in noisy and lossy channel

OpenAIRE

Han, Yun-Guang; Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Wang, Shuang; Guo, Guang-Can; Han, Zheng-Fu

2014-01-01

The “Ping-Pong” (PP) protocol is a two-way quantum key protocol based on entanglement. In this protocol, Bob prepares one maximally entangled pair of qubits, and sends one qubit to Alice. Then, Alice performs some necessary operations on this qubit and sends it back to Bob. Although this protocol was proposed in 2002, its security in the noisy and lossy channel has not been proven. In this report, we add a simple and experimentally feasible modification to the original PP protocol, and prove ...

A Secure Protocol Based on a Sedentary Agent for Mobile Agent Environments

OpenAIRE

Abdelmorhit E. Rhazi; Samuel Pierre; Hanifa Boucheneb

2007-01-01

The main challenge when deploying mobile agent environments pertains to security issues concerning mobile agents and their executive platform. This paper proposes a secure protocol which protects mobile agents against attacks from malicious hosts in these environments. Protection is based on the perfect cooperation of a sedentary agent running inside a trusted third host. Results show that the protocol detects several attacks, such as denial of service, incorrect execution and re-execution of...

Providing QoS through machine-learning-driven adaptive multimedia applications.

Science.gov (United States)

Ruiz, Pedro M; Botía, Juan A; Gómez-Skarmeta, Antonio

2004-06-01

We investigate the optimization of the quality of service (QoS) offered by real-time multimedia adaptive applications through machine learning algorithms. These applications are able to adapt in real time their internal settings (i.e., video sizes, audio and video codecs, among others) to the unpredictably changing capacity of the network. Traditional adaptive applications just select a set of settings to consume less than the available bandwidth. We propose a novel approach in which the selected set of settings is the one which offers a better user-perceived QoS among all those combinations which satisfy the bandwidth restrictions. We use a genetic algorithm to decide when to trigger the adaptation process depending on the network conditions (i.e., loss-rate, jitter, etc.). Additionally, the selection of the new set of settings is done according to a set of rules which model the user-perceived QoS. These rules are learned using the SLIPPER rule induction algorithm over a set of examples extracted from scores provided by real users. We will demonstrate that the proposed approach guarantees a good user-perceived QoS even when the network conditions are constantly changing.

Quantum cryptography with finite resources: unconditional security bound for discrete-variable protocols with one-way postprocessing.

Science.gov (United States)

Scarani, Valerio; Renner, Renato

2008-05-23

We derive a bound for the security of quantum key distribution with finite resources under one-way postprocessing, based on a definition of security that is composable and has an operational meaning. While our proof relies on the assumption of collective attacks, unconditional security follows immediately for standard protocols such as Bennett-Brassard 1984 and six-states protocol. For single-qubit implementations of such protocols, we find that the secret key rate becomes positive when at least N approximately 10(5) signals are exchanged and processed. For any other discrete-variable protocol, unconditional security can be obtained using the exponential de Finetti theorem, but the additional overhead leads to very pessimistic estimates.

Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

Science.gov (United States)

Ivancic, William D.

2009-01-01

A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

Hacking a Bridge: An Exploratory Study of Compliance-Based Information Security Management in Banking Organization

Directory of Open Access Journals (Sweden)

Tesleem Fagade

2017-10-01

Full Text Available This work is approached through the lens of compliant security by drawing on the concepts of neutralization theory, a prominent postulation in the criminology domain and the 'big five' personality construct. This research is conducted based on a case study of ISO/IEC27001 Standard certified banks, to empirically evaluate the link between cybersecurity protocols violation and how employees rationalise security behaviour. We propose that compliance-based security has the propensity for a heightened sense of false security and vulnerability perception; by showing that systemic security violation in compliance-based security models can be explained by the level of linkages from the personality construct and the neutralization theory. Building on the survey responses from banking organization employees and the application of partial least square structural equation modelling (PLS-SME analysis to test the hypotheses and validate survey samples, we draw a strong inference to support the importance of individual security scenario effect as a vital complementary element of compliance-based security. Based on our initial findings, conceptual principles and practical guidelines for reducing insider threats and improving employees' compliance is presented. We then suggest how information security protocol violations can be addressed in that context.

Knowledge-Based Multiple Access Protocol in Broadband Wireless ATM Networks

DEFF Research Database (Denmark)

Liu, Hong; Gliese, Ulrik Bo; Dittmann, Lars

1999-01-01

In this paper, we propose a knowledge-based multiple access protocol for the extension of wireline ATM to wireless networks. The objective is to enable effecient transmission of all kinds of ATM traffic in the wireless channel with guaranteed QoS.The proposed protocol utilixes knowledge of the main...... guaranteed QoS requirements to a variety of ATM applications....

A two-step quantum secure direct communication protocol with hyperentanglement

International Nuclear Information System (INIS)

Gu Bin; Zhang Cheng-Yi; Huang Yu-Gai; Fang Xia

2011-01-01

We propose a two-step quantum secure direct communication (QSDC) protocol with hyperentanglement in both the spatial-mode and the polarization degrees of freedom of photon pairs which can in principle be produced with a beta barium borate crystal. The secret message can be encoded on the photon pairs with unitary operations in these two degrees of freedom independently. This QSDC protocol has a higher capacity than the original two-step QSDC protocol as each photon pair can carry 4 bits of information. Compared with the QSDC protocol based on hyperdense coding, this QSDC protocol has the immunity to Trojan horse attack strategies with the process for determining the number of the photons in each quantum signal as it is a one-way quantum communication protocol. (general)

Modelling the guaranteed QoS for wireless sensor networks: a network calculus approach

Directory of Open Access Journals (Sweden)

Yu Jianping

2011-01-01

Full Text Available Abstract Wireless sensor networks (WSNs became one of the high technology domains during the last 10 years. Real-time applications for them make it necessary to provide the guaranteed quality of service (QoS. The main contributions of this article are a system skeleton and a guaranteed QoS model that are suitable for the WSNs. To do it, we develop a sensor node model based on virtual buffer sharing and present a two-layer scheduling model using the network calculus. With the system skeleton, we develop a guaranteed QoS model, such as the upper bounds on buffer queue length/delay/effective bandwidth, and single-hop/multi-hops delay/jitter/effective bandwidth. Numerical results show the system skeleton and the guaranteed QoS model are scalable for different types of flows, including the self-similar traffic flows, and the parameters of flow regulators and service curves of sensor nodes affect them. Our proposal leads to buffer dimensioning, guaranteed QoS support and control in the WSNs.

QoS Enabled Resource Allocation Over an UPnP-QoS - GMPLS Controlled Edge

DEFF Research Database (Denmark)

Brewka, Lukasz Jerzy; Sköldström, Pontus; Gavler, Anders

2011-01-01

This paper focuses on the problem of coherent resource allocation within home and access networks. The interdomain QoS signaling discussed here enables the initiation of the QoS provisioning in the home and access from the end device in users home. The home network considered in this paper is UPn......P-QoS enabled while the access network is GMPLS based. We propose and implement an interface between aforementioned network segments allowing for end-to-end QoS establishment. We present the QoS parameters and mechanisms in both UPnP-QoS and GMPLS and how they can be matched to create a coherent Qo...

Efficient and secure authentication protocol for roaming user in ...

Indian Academy of Sciences (India)

BALU L PARNE

2018-05-29

May 29, 2018 ... 1 Department of Computer Science and Engineering, Visvesvaraya National Institute of Technology (VNIT), ... proposed protocol is presented by BAN logic and the security ..... with session key Sk of the HLR to protect from.

On Adaptive vs. Non-adaptive Security of Multiparty Protocols

DEFF Research Database (Denmark)

Canetti, Ran; Damgård, Ivan Bjerre; Dziembowski, Stefan

2001-01-01

highlights of our results are: – - According to the definition of Dodis-Micali-Rogaway (which is set in the information-theoretic model), adaptive and non-adaptive security are equivalent. This holds for both honest-but-curious and Byzantine adversaries, and for any number of parties. – - According......Security analysis of multiparty cryptographic protocols distinguishes between two types of adversarialsettings: In the non-adaptive setting, the set of corrupted parties is chosen in advance, before the interaction begins. In the adaptive setting, the adversary chooses who to corrupt during...... the course of the computation. We study the relations between adaptive security (i.e., security in the adaptive setting) and non-adaptive security, according to two definitions and in several models of computation. While affirming some prevailing beliefs, we also obtain some unexpected results. Some...

Integration of QoS provisioning in home and access networks

DEFF Research Database (Denmark)

Popov, Mikhail; Gavler, A.; Sköldström, P.

2010-01-01

Approaches for QoS provisioning using UPnP for home networks and GMPLS for access networks are described. A solution for interworking the UPnP and the GMPLS at the residential gateway is proposed.......Approaches for QoS provisioning using UPnP for home networks and GMPLS for access networks are described. A solution for interworking the UPnP and the GMPLS at the residential gateway is proposed....

Performance Enhancements of UMTS networks using end-to-end QoS provisioning

DEFF Research Database (Denmark)

Wang, Haibo; Prasad, Devendra; Teyeb, Oumer

2005-01-01

This paper investigates the end-to-end(E2E) quality of service(QoS) provisioning approaches for UMTS networks together with DiffServ IP network. The effort was put on QoS classes mapping from DiffServ to UMTS, Access Control(AC), buffering and scheduling optimization. The DiffServ Code Point (DSCP......) was utilized in the whole UMTS QoS provisioning to differentiate different type of traffics. The overall algorithm was optimized to guarantee the E2E QoS parameters of each service class, especially for realtime applications, as well as to improve the bandwidth utilization. Simulation shows that the enhanced...

A Novel Re-keying Function Protocol (NRFP For Wireless Sensor Network Security

Directory of Open Access Journals (Sweden)

Naif Alsharabi

2008-12-01

Full Text Available This paper describes a novel re-keying function protocol (NRFP for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs, covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security

Science.gov (United States)

Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

2008-01-01

This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding innetwork processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks. PMID:27873963

A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security.

Science.gov (United States)

Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

2008-12-04

This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

Cryptanalysis and improvement of quantum secure communication network protocol with entangled photons for mobile communications

International Nuclear Information System (INIS)

Gao, Gan

2014-01-01

Recently, a communication protocol called controlled bidirectional quantum secret direct communication for mobile networks was proposed by Chou et al (2014 Mobile Netw. Appl. 19 121). We study the security of the proposed communication protocol and find that it is not secure. The controller, Telecom Company, may eavesdrop secret messages from mobile devices without being detected. Finally, we give a possible improvement of the communication protocol. (paper)

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks.

Science.gov (United States)

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A; Zulkarnain, Zuriati A

2016-06-22

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol's semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery.

A Robust Service Selection Method Based on Uncertain QoS

Directory of Open Access Journals (Sweden)

Yanping Chen

2016-01-01

Full Text Available Nowadays, the number of Web services on the Internet is quickly increasing. Meanwhile, different service providers offer numerous services with the similar functions. Quality of Service (QoS has become an important factor used to select the most appropriate service for users. The most prominent QoS-based service selection models only take the certain attributes into account, which is an ideal assumption. In the real world, there are a large number of uncertain factors. In particular, at the runtime, QoS may become very poor or unacceptable. In order to solve the problem, a global service selection model based on uncertain QoS was proposed, including the corresponding normalization and aggregation functions, and then a robust optimization model adopted to transform the model. Experiment results show that the proposed method can effectively select services with high robustness and optimality.

On the security of a novel key agreement protocol based on chaotic maps

International Nuclear Information System (INIS)

Xiang Tao; Wong, K.-W.; Liao Xiaofeng

2009-01-01

Recently, Xiao et al. proposed a novel key agreement protocol based on Chebyshev chaotic map. In this paper, the security of the protocol is analyzed, and two attack methods can be found in different scenarios. The essential principle of Xiao et al.'s scheme is summarized. It is also pointed out with proof that any attempt along this line to improve the security of Chebyshev map is redundant.

Final report for the protocol extensions for ATM Security Laboratory Directed Research and Development Project

Energy Technology Data Exchange (ETDEWEB)

Tarman, T.D.; Pierson, L.G.; Brenkosh, J.P. [and others

1996-03-01

This is the summary report for the Protocol Extensions for Asynchronous Transfer Mode project, funded under Sandia`s Laboratory Directed Research and Development program. During this one-year effort, techniques were examined for integrating security enhancements within standard ATM protocols, and mechanisms were developed to validate these techniques and to provide a basic set of ATM security assurances. Based on our experience during this project, recommendations were presented to the ATM Forum (a world-wide consortium of ATM product developers, service providers, and users) to assist with the development of security-related enhancements to their ATM specifications. As a result of this project, Sandia has taken a leading role in the formation of the ATM Forum`s Security Working Group, and has gained valuable alliances and leading-edge experience with emerging ATM security technologies and protocols.

A secure distributed logistic regression protocol for the detection of rare adverse drug events.

Science.gov (United States)

El Emam, Khaled; Samet, Saeed; Arbuckle, Luk; Tamblyn, Robyn; Earle, Craig; Kantarcioglu, Murat

2013-05-01

There is limited capacity to assess the comparative risks of medications after they enter the market. For rare adverse events, the pooling of data from multiple sources is necessary to have the power and sufficient population heterogeneity to detect differences in safety and effectiveness in genetic, ethnic and clinically defined subpopulations. However, combining datasets from different data custodians or jurisdictions to perform an analysis on the pooled data creates significant privacy concerns that would need to be addressed. Existing protocols for addressing these concerns can result in reduced analysis accuracy and can allow sensitive information to leak. To develop a secure distributed multi-party computation protocol for logistic regression that provides strong privacy guarantees. We developed a secure distributed logistic regression protocol using a single analysis center with multiple sites providing data. A theoretical security analysis demonstrates that the protocol is robust to plausible collusion attacks and does not allow the parties to gain new information from the data that are exchanged among them. The computational performance and accuracy of the protocol were evaluated on simulated datasets. The computational performance scales linearly as the dataset sizes increase. The addition of sites results in an exponential growth in computation time. However, for up to five sites, the time is still short and would not affect practical applications. The model parameters are the same as the results on pooled raw data analyzed in SAS, demonstrating high model accuracy. The proposed protocol and prototype system would allow the development of logistic regression models in a secure manner without requiring the sharing of personal health information. This can alleviate one of the key barriers to the establishment of large-scale post-marketing surveillance programs. We extended the secure protocol to account for correlations among patients within sites through

Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

Science.gov (United States)

Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

2017-08-01

We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

OPTIMISATION OF BUFFER SIZE FOR ENHANCING QOS OF VIDEO TRAFFIC USING CROSS LAYERED HYBRID TRANSPORT LAYER PROTOCOL APPROACH

OpenAIRE

S. Matilda; B. Palaniappan

2011-01-01

Video streaming is gaining importance, with the wide popularity of multimedia rich applications in the Internet. Video streams are delay sensitive and require seamless flow for continuous visualization. Properly designed buffers offer a solution to queuing delay. The diagonally opposite QoS metrics associated with video traffic poses an optimization problem, in the design of buffers. This paper is a continuation of our previous work [1] and deals with the design of buffers. It aims at finding...

An Improved Protocol for Controlled Deterministic Secure Quantum Communication Using Five-Qubit Entangled State

Science.gov (United States)

Kao, Shih-Hung; Lin, Jason; Tsai, Chia-Wei; Hwang, Tzonelih

2018-03-01

In early 2009, Xiu et al. (Opt. Commun. 282(2) 333-337 2009) presented a controlled deterministic secure quantum communication (CDSQC) protocol via a newly constructed five-qubit entangled quantum state. Later, Qin et al. (Opt. Commun. 282(13), 2656-2658 2009) pointed out two security loopholes in Xiu et al.'s protocol: (1) A correlation-elicitation (CE) attack can reveal the entire secret message; (2) A leakage of partial information for the receiver is noticed. Then, Xiu et al. (Opt. Commun. 283(2), 344-347 2010) presented a revised CDSQC protocol to remedy the CE attack problem. However, the information leakage problem still remains open. This work proposes a new CDSQC protocol using the same five-qubit entangled state which can work without the above mentioned security problems. Moreover, the Trojan Horse attacks can be automatically avoided without using detecting devices in the new CDSQC.

An Improved Protocol for Controlled Deterministic Secure Quantum Communication Using Five-Qubit Entangled State

Science.gov (United States)

Kao, Shih-Hung; Lin, Jason; Tsai, Chia-Wei; Hwang, Tzonelih

2018-06-01

In early 2009, Xiu et al. (Opt. Commun. 282(2) 333-337 2009) presented a controlled deterministic secure quantum communication (CDSQC) protocol via a newly constructed five-qubit entangled quantum state. Later, Qin et al. (Opt. Commun. 282(13), 2656-2658 2009) pointed out two security loopholes in Xiu et al.'s protocol: (1) A correlation-elicitation (CE) attack can reveal the entire secret message; (2) A leakage of partial information for the receiver is noticed. Then, Xiu et al. (Opt. Commun. 283(2), 344-347 2010) presented a revised CDSQC protocol to remedy the CE attack problem. However, the information leakage problem still remains open. This work proposes a new CDSQC protocol using the same five-qubit entangled state which can work without the above mentioned security problems. Moreover, the Trojan Horse attacks can be automatically avoided without using detecting devices in the new CDSQC.

Protocols development for security and privacy of radio frequency identification systems

Science.gov (United States)

Sabbagha, Fatin

There are benefits to adopting radio frequency identification (RFID) technology, although there are methods of attack that can compromise the system. This research determined how that may happen and what possible solutions can keep that from happening. Protocols were developed to implement better security. In addition, new topologies were developed to handle the problems of the key management. Previously proposed protocols focused on providing mutual authentication and privacy between readers and tags. However, those protocols are still vulnerable to be attacked. These protocols were analyzed and the disadvantages shown for each one. Previous works assumed that the channels between readers and the servers were secure. In the proposed protocols, a compromised reader is considered along with how to prevent tags from being read by that reader. The new protocols provide mutual authentication between readers and tags and, at the same time, remove the compromised reader from the system. Three protocols are proposed. In the first protocol, a mutual authentication is achieved and a compromised reader is not allowed in the network. In the second protocol, the number of times a reader contacts the server is reduced. The third protocol provides authentication and privacy between tags and readers using a trusted third party. The developed topology is implemented using python language and simulates work to check the efficiency regarding the processing time. The three protocols are implemented by writing codes in C language and then compiling them in MSP430. IAR Embedded workbench is used, which is an integrated development environment with the C/C++ compiler to generate a faster code and to debug the microcontroller. In summary, the goal of this research is to find solutions for the problems on previously proposed protocols, handle a compromised reader, and solve key management problems.

Shor-Preskill-type security proof for concatenated Bennett-Brassard 1984 quantum-key-distribution protocol

International Nuclear Information System (INIS)

Hwang, Won-Young; Matsumoto, Keiji; Imai, Hiroshi; Kim, Jaewan; Lee, Hai-Woong

2003-01-01

We discuss a long code problem in the Bennett-Brassard 1984 (BB84) quantum-key-distribution protocol and describe how it can be overcome by concatenation of the protocol. Observing that concatenated modified Lo-Chau protocol finally reduces to the concatenated BB84 protocol, we give the unconditional security of the concatenated BB84 protocol

Three-pass protocol scheme for bitmap image security by using vernam cipher algorithm

Science.gov (United States)

Rachmawati, D.; Budiman, M. A.; Aulya, L.

2018-02-01

Confidentiality, integrity, and efficiency are the crucial aspects of data security. Among the other digital data, image data is too prone to abuse of operation like duplication, modification, etc. There are some data security techniques, one of them is cryptography. The security of Vernam Cipher cryptography algorithm is very dependent on the key exchange process. If the key is leaked, security of this algorithm will collapse. Therefore, a method that minimizes key leakage during the exchange of messages is required. The method which is used, is known as Three-Pass Protocol. This protocol enables message delivery process without the key exchange. Therefore, the sending messages process can reach the receiver safely without fear of key leakage. The system is built by using Java programming language. The materials which are used for system testing are image in size 200×200 pixel, 300×300 pixel, 500×500 pixel, 800×800 pixel and 1000×1000 pixel. The result of experiments showed that Vernam Cipher algorithm in Three-Pass Protocol scheme could restore the original image.

Assessing Measurements of QoS for global Cloud Computing Services

DEFF Research Database (Denmark)

Pedersen, Jens Myrup; Riaz, M. Tahir; Júnior, Joaquim Celestino

2011-01-01

Many global distributed cloud computing applications and services running over the Internet, between globally dispersed clients and servers, will require certain levels of Quality of Service (QoS) in order to deliver and give a sufficiently smooth user experience. This would be essential for real......-time streaming multimedia applications like online gaming and watching movies on a pay as you use basis hosted in a cloud computing environment. However, guaranteeing or even predicting QoS in global and diverse networks supporting complex hosting of application services is a very challenging issue that needs...... a stepwise refinement approach to be solved as the technology of cloud computing matures. In this paper, we investigate if latency in terms of simple Ping measurements can be used as an indicator for other QoS parameters such as jitter and throughput. The experiments were carried out on a global scale...

3D Digital Legos for Teaching Security Protocols

Science.gov (United States)

Yu, Li; Harrison, L.; Lu, Aidong; Li, Zhiwei; Wang, Weichao

2011-01-01

We have designed and developed a 3D digital Lego system as an education tool for teaching security protocols effectively in Information Assurance courses (Lego is a trademark of the LEGO Group. Here, we use it only to represent the pieces of a construction set.). Our approach applies the pedagogical methods learned from toy construction sets by…

Compliant Space Mechanisms

Data.gov (United States)

National Aeronautics and Space Administration — OBJECTIVES The proposed research will combine the areas of compliant mechanisms and space technology. Compliant mechanisms perform their function through the elastic...

Hardening CISCO Devices based on Cryptography and Security Protocols - Part One: Background Theory

Directory of Open Access Journals (Sweden)

Faisal Waheed

2018-07-01

Full Text Available Network Security is a vital part of any corporate and enterprise network. Network attacks greatly compromise not only the sensitive data of the consumers but also cause outages to these networks. Thus inadequately protected networks need to be “hardened”. The hardening of network devices refers to the hardware and software components, device operating system’s features, management controls, access-list restrictions, operational configurations and above all making sure that the data and credentials are not stored or transferred in ‘plaintext’ over the network. This article investigates the use of cryptography and network protocols based on encryption, to meet the need for essential security requirements. Use of non-secure protocols, underrating and misconfigurations of management protection are reasons behind network devices not properly being hardened; hence leaving vulnerabilities for the intruders. The gap identified after conducting intense search and review of past work is used as the foundation to present solutions. When performing cryptography techniques by encrypting packets using tunnelling and security protocols, management level credentials are encrypted. These include password encryption and exceptional analysis of the emulated IOS (Internetwork Operating System. Necessary testing is carried out to evaluate an acceptable level of protection of these devices. In a virtual testing environment, security flaws are found mainly in the emulated IOS. The discoveries does not depend on the hardware or chassis of a networking device. Since routers primarily rely on its Operating System (OS, attackers focus on manipulating the command line configuration before initiating an attack. Substantial work is devoted to implementation and testing of a router based on Cryptography and Security Protocols in the border router. This is deployed at the core layer and acts as the first point of entry of any trusted and untrusted traffic. A step

Bio-Inspired Distributed Transmission Power Control Considering QoS Fairness in Wireless Body Area Sensor Networks.

Science.gov (United States)

Lee, Chan-Jae; Jung, Ji-Young; Lee, Jung-Ryun

2017-10-14

Recently, the development of wireless body area sensor network (WBASN) has accelerated due to the rapid development of wireless technology. In the WBASN environment, many WBASNs coexist where communication ranges overlap with each other, resulting in the possibility of interference. Although nodes in a WBASN typically operate at a low power level, to avoid adversely affecting the human body, high transmission rates may be required to support some applications. In addition to this, since many varieties of applications exist in the WBASN environment, each prospective user may have different quality of service (QoS) requirements. Hence, the following issues should be considered in the WBASN environment: (1) interference between adjacent WBASNs, which influences the performance of a specific system, and (2) the degree of satisfaction on the QoS of each user, i.e., the required QoS such as user throughput should be considered to ensure that all users in the network are provided with a fair QoS satisfaction. Thus, in this paper, we propose a transmission power adjustment algorithm that addresses interference problems and guarantees QoS fairness between users. First, we use a new utility function to measure the degree of the satisfaction on the QoS for each user. Then, the transmission power of each sensor node is calculated using the Cucker-Smale model, and the QoS satisfaction of each user is synchronized dispersively. The results of simulations show that the proposed algorithm performs better than existing algorithms, with respect to QoS fairness and energy efficiency.

Priority Queues with Fractional Service for Tiered Delay QoS

Directory of Open Access Journals (Sweden)

Gary Chang

2015-12-01

Full Text Available Packet scheduling is key to quality of service (QoS capabilities of broadband wired and wireless networks. In a heterogeneous traffic environment, a comprehensive QoS packet scheduler must strike a balance between flow fairness and access delay. Many advanced packet scheduling solutions have targeted fair bandwidth allocation while protecting delay-constrained traffic by adding priority queue(s on top of a fair bandwidth scheduler. Priority queues are known to cause performance uncertainties and, thus, various modifications have been proposed. In this paper, we present a packet queueing engine dubbed Fractional Service Buffer (FSB, which, when coupled with a configurable flow scheduler, can achieve desired QoS objectives, such as fair throughputs and differentiated delay guarantees. Key performance metrics, such as delay limit and probability of delay limit violation, are derived as a function of key FSB parameters for each delay class in the packet queueing engine using diffusion approximations. OPNET simulations verify these analytical results.

Upper bounds for the security of two distributed-phase reference protocols of quantum cryptography

International Nuclear Information System (INIS)

Branciard, Cyril; Gisin, Nicolas; Scarani, Valerio

2008-01-01

The differential-phase-shift (DPS) and the coherent-one-way (COW) are among the most practical protocols for quantum cryptography, and are therefore the object of fast-paced experimental developments. The assessment of their security is also a challenge for theorists: the existing tools, that allow to prove security against the most general attacks, do not apply to these two protocols in any straightforward way. We present new upper bounds for their security in the limit of large distances (d∼>50 km with typical values in optical fibers) by considering a large class of collective attacks, namely those in which the adversary attaches ancillary quantum systems to each pulse or to each pair of pulses. We introduce also two modified versions of the COW protocol, which may prove more robust than the original one

Empowerment and BYOx: Towards Improved IS Security Compliance

DEFF Research Database (Denmark)

Welck, Maximilian von; Trenz, Manuel; Jensen, Tina Blegind

2017-01-01

Non-compliant employees continue to pose a serious threat to information systems security. Most attempts to increase compliant behavior rely on measures that reduce employees’ latitude. However, recent studies suggest that this indeed eventuates in less compliance due to adverse behaviors...... outline how this novel approach to improve IS security compliance can be developed and investigated further....

Security of Semi-Device-Independent Random Number Expansion Protocols.

Science.gov (United States)

Li, Dan-Dan; Wen, Qiao-Yan; Wang, Yu-Kun; Zhou, Yu-Qian; Gao, Fei

2015-10-27

Semi-device-independent random number expansion (SDI-RNE) protocols require some truly random numbers to generate fresh ones, with making no assumptions on the internal working of quantum devices except for the dimension of the Hilbert space. The generated randomness is certified by non-classical correlation in the prepare-and-measure test. Until now, the analytical relations between the amount of the generated randomness and the degree of non-classical correlation, which are crucial for evaluating the security of SDI-RNE protocols, are not clear under both the ideal condition and the practical one. In the paper, first, we give the analytical relation between the above two factors under the ideal condition. As well, we derive the analytical relation under the practical conditions, where devices' behavior is not independent and identical in each round and there exists deviation in estimating the non-classical behavior of devices. Furthermore, we choose a different randomness extractor (i.e., two-universal random function) and give the security proof.

Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols

OpenAIRE

R. Kabila

2008-01-01

IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on l...

Anticipation of Traffic Demands to Guarantee QoS in IP/Optical Networks

Directory of Open Access Journals (Sweden)

Carolina Pinart

2010-09-01

Full Text Available Traffic in the Internet backbone is expected to grow above a few Tbit/s in 2020. To cope with this, operators are moving to IP/optical network architectures, where IP is the convergence layer for all services. On the other hand, the quality of service (QoS requirements of future applications encompasses the individualization of services and the assurance of stricter quality parameters such as latency, jitter or capacity. In other words, future optical networks will not only transport more IP data, but they will also have to offer differentiated QoS requirements to services. Finally, some emerging applications, e.g., grid computing, need greater flexibility in the usage of network resources, which involves establishing and releasing connections as if they were virtualized resources controlled by other elements or layers. In this context, traffic-driven lightpath provisioning and service-plane approaches arise as very interesting candidate solutions to solve the main challenges described above. This work reviews the concepts of service-oriented and self-managed networks and relates them to propose an integrated approach to assure QoS by offering flow-aware networking in the sense that traffic demands will be anticipated in a suitable way, lightpaths will be established taking into account QoS information (i.e., impairments and complex services will be decomposed into optical connections so that the above techniques can be employed to assure QoS for any service.

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Directory of Open Access Journals (Sweden)

Aamir Shahzad

2015-07-01

Full Text Available Information technology (IT security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods.

Design and Analysis of Secure Routing Protocol for Wireless Sensor Networks

Science.gov (United States)

Wang, Jiong; Zhang, Hua

2017-09-01

In recent years, with the development of science and technology and the progress of the times, China's wireless network technology has become increasingly prosperous and it plays an important role in social production and life. In this context, in order to further to enhance the stability of wireless network data transmission and security enhancements, the staff need to focus on routing security and carry out related work. Based on this, this paper analyzes the design of wireless sensor based on secure routing protocol.

On the security of semi-device-independent QKD protocols

Science.gov (United States)

Chaturvedi, Anubhav; Ray, Maharshi; Veynar, Ryszard; Pawłowski, Marcin

2018-06-01

While fully device-independent security in (BB84-like) prepare-and-measure quantum key distribution (QKD) is impossible, it can be guaranteed against individual attacks in a semi-device-independent (SDI) scenario, wherein no assumptions are made on the characteristics of the hardware used except for an upper bound on the dimension of the communicated system. Studying security under such minimal assumptions is especially relevant in the context of the recent quantum hacking attacks wherein the eavesdroppers can not only construct the devices used by the communicating parties but are also able to remotely alter their behavior. In this work, we study the security of a SDIQKD protocol based on the prepare-and-measure quantum implementation of a well-known cryptographic primitive, the random access code (RAC). We consider imperfect detectors and establish the critical values of the security parameters (the observed success probability of the RAC and the detection efficiency) required for guaranteeing security against eavesdroppers with and without quantum memory. Furthermore, we suggest a minimal characterization of the preparation device in order to lower the requirements for establishing a secure key.

Middleware Support for Media Streaming Establishment Driven by User-oriented QoS Requirements

NARCIS (Netherlands)

Hesselman, C.E.W.; Widya, I.A.; van Halteren, Aart; Nieuwenhuis, Lambertus Johannes Maria; Scholten, Johan; van Sinderen, Marten J.

2000-01-01

The requirements for the QoS of distributed applications are traditionally expressed in terms of network oriented or systems oriented parameters. In general, the users of these services are not interested or capable of specifying the QoS of their services in such technical terms. In this paper, we

Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks.

Science.gov (United States)

Nkenyereye, Lewis; Kwon, Joonho; Choi, Yoon-Ho

2017-09-23

In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities' authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol.

Privacy-Enhancing Security Protocol in LTE Initial Attack

Directory of Open Access Journals (Sweden)

Uijin Jang

2014-12-01

Full Text Available Long-Term Evolution (LTE is a fourth-generation mobile communication technology implemented throughout the world. It is the communication means of smartphones that send and receive all of the private date of individuals. M2M, IOT, etc., are the base technologies of mobile communication that will be used in the future cyber world. However, identification parameters, such as International Mobile Subscriber Identity (IMSI, Radio Network Temporary Identities (RNTI, etc., in the initial attach section for accessing the LTE network are presented with the vulnerability of being exposed as clear text. Such vulnerability does not end in a mere identification parameter, but can lead to a secondary attack using the identification parameter, such as replication of the smartphone, illegal use of the mobile communication network, etc. This paper proposes a security protocol to safely transmit identification parameters in different cases of the initial attach. The proposed security protocol solves the exposed vulnerability by encrypting the parameters in transmission. Using an OPNET simulator, it is shown that the average rate of delay and processing ratio are efficient in comparison to the existing process.

Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks.

Science.gov (United States)

Saleem, Kashif; Derhab, Abdelouahid; Orgun, Mehmet A; Al-Muhtadi, Jalal; Rodrigues, Joel J P C; Khalil, Mohammed Sayim; Ali Ahmed, Adel

2016-03-31

The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs) composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP) involves an artificial immune system (AIS) that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP) that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2) and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks.

Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks

Science.gov (United States)

Saleem, Kashif; Derhab, Abdelouahid; Orgun, Mehmet A.; Al-Muhtadi, Jalal; Rodrigues, Joel J. P. C.; Khalil, Mohammed Sayim; Ali Ahmed, Adel

2016-01-01

The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs) composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP) involves an artificial immune system (AIS) that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP) that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2) and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks. PMID:27043572

Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Kashif Saleem

2016-03-01

Full Text Available The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP involves an artificial immune system (AIS that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2 and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks.

On the implementation of a deterministic secure coding protocol using polarization entangled photons

OpenAIRE

Ostermeyer, Martin; Walenta, Nino

2007-01-01

We demonstrate a prototype-implementation of deterministic information encoding for quantum key distribution (QKD) following the ping-pong coding protocol [K. Bostroem, T. Felbinger, Phys. Rev. Lett. 89 (2002) 187902-1]. Due to the deterministic nature of this protocol the need for post-processing the key is distinctly reduced compared to non-deterministic protocols. In the course of our implementation we analyze the practicability of the protocol and discuss some security aspects of informat...

Dividend policies of shariah-compliant and non-shariah-compliant firms

DEFF Research Database (Denmark)

Farooq, Omar; Tbeur, Oumkeltoum

2013-01-01

Do shariah-compliant firms pay higher dividends than other firms? Using data from the MENA (Morocco, Egypt, Saudi Arabia, United Arab Emirates, Jordan, Kuwait, and Bahrain) region, this paper shows that shariah-compliant firms not only have higher payout ratios but also have higher likelihood...

Securing the Global Airspace System Via Identity-Based Security

Science.gov (United States)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

A Comparison of Internet Protocol (IPv6 Security Guidelines

Directory of Open Access Journals (Sweden)

Steffen Hermann

2014-01-01

Full Text Available The next generation of the Internet Protocol (IPv6 is currently about to be introduced in many organizations. However, its security features are still a very novel area of expertise for many practitioners. This study evaluates guidelines for secure deployment of IPv6, published by the U.S. NIST and the German federal agency BSI, for topicality, completeness and depth. The later two are scores defined in this paper and are based on the Requests for Comments relevant for IPv6 that were categorized, weighted and ranked for importance using an expert survey. Both guides turn out to be of practical value, but have a specific focus and are directed towards different audiences. Moreover, recommendations for possible improvements are presented. Our results could also support strategic management decisions on security priorities as well as for the choice of security guidelines for IPv6 roll-outs.

Adaptive Radio Resource Allocation in Hierarchical QoS Scheduling for IEEE 802.16 Systems

DEFF Research Database (Denmark)

Wang, Hua; Dittmann, Lars

2007-01-01

Future mobile communication systems such as IEEE 802.16 are expected to deliver a variety of multimedia services with diverse QoS requirements. To guarantee the QoS provision, appropriate scheduler architecture and scheduling algorithms have to be carefully designed. In this paper, we propose...

A protocol for the secure two-party quantum scalar product

Energy Technology Data Exchange (ETDEWEB)

He, Li-Bao, E-mail: helibao@mail.ustc.edu.cn [National High Performance Computing Center, Department of Computer Science and Technology, USTC, Hefei 230027 (China); Suzhou Institute for Advanced Study, USTC, Suzhou 215123 (China); Huang, Liu-Sheng; Yang, Wei; Xu, Rui [National High Performance Computing Center, Department of Computer Science and Technology, USTC, Hefei 230027 (China); Suzhou Institute for Advanced Study, USTC, Suzhou 215123 (China)

2012-03-19

Secure scalar product serves as an important primitive for secure multi-party computation and has a wide application in different areas, such as statistical analysis, data mining, computational geometry, etc. How to collaboratively compute the correct scalar product result without leaking any participants' private information becomes the primary principle of designing secure scalar product schemes. In this Letter, we present a secure two-party quantum scalar product scheme via quantum entanglement and quantum measurement with the help of a non-colluding third party (TP). Furthermore, the scheme is proven to be secure under various kinds of outside attacks and participant attacks. -- Highlights: ► We extend the secure two-party scalar product to the quantum field. ► Our protocol is built upon quantum entanglement and quantum measurement. ► Communication cost is acceptable if the elements of participants' private vectors are not too sparse. ► Participants will leak no private information under the no-collusion model.

A protocol for the secure two-party quantum scalar product

International Nuclear Information System (INIS)

He, Li-Bao; Huang, Liu-Sheng; Yang, Wei; Xu, Rui

2012-01-01

Secure scalar product serves as an important primitive for secure multi-party computation and has a wide application in different areas, such as statistical analysis, data mining, computational geometry, etc. How to collaboratively compute the correct scalar product result without leaking any participants' private information becomes the primary principle of designing secure scalar product schemes. In this Letter, we present a secure two-party quantum scalar product scheme via quantum entanglement and quantum measurement with the help of a non-colluding third party (TP). Furthermore, the scheme is proven to be secure under various kinds of outside attacks and participant attacks. -- Highlights: ► We extend the secure two-party scalar product to the quantum field. ► Our protocol is built upon quantum entanglement and quantum measurement. ► Communication cost is acceptable if the elements of participants' private vectors are not too sparse. ► Participants will leak no private information under the no-collusion model.

QoS Routing in Ad-Hoc Networks Using GA and Multi-Objective Optimization

Directory of Open Access Journals (Sweden)

Admir Barolli

2011-01-01

Full Text Available Much work has been done on routing in Ad-hoc networks, but the proposed routing solutions only deal with the best effort data traffic. Connections with Quality of Service (QoS requirements, such as voice channels with delay and bandwidth constraints, are not supported. The QoS routing has been receiving increasingly intensive attention, but searching for the shortest path with many metrics is an NP-complete problem. For this reason, approximated solutions and heuristic algorithms should be developed for multi-path constraints QoS routing. Also, the routing methods should be adaptive, flexible, and intelligent. In this paper, we use Genetic Algorithms (GAs and multi-objective optimization for QoS routing in Ad-hoc Networks. In order to reduce the search space of GA, we implemented a search space reduction algorithm, which reduces the search space for GAMAN (GA-based routing algorithm for Mobile Ad-hoc Networks to find a new route. We evaluate the performance of GAMAN by computer simulations and show that GAMAN has better behaviour than GLBR (Genetic Load Balancing Routing.

Resource management framework for QoS scheduling in IEEE 802.16 WiMAX networks

DEFF Research Database (Denmark)

Wang, Hua; Dittmann, Lars

2009-01-01

IEEE 802.16, also known as WiMAX, has received much attention recently for its capability to support multiple types of applications with diverse Quality-of-Service (QoS) requirements. Beyond what the standard has defined, radio resource management (RRM) still remains an open issue, which plays...... an important role in QoS provisioning for different types of services. In this chapter, we propose a downlink resource management framework for QoS scheduling in OFDMA based WiMAX systems. Our framework consists of a dynamic resource allocation (DRA) module and a connection admission control (CAC) module...

Downlink resource management for QoS scheduling in IEEE 802.16 WiMAX networks

DEFF Research Database (Denmark)

Wang, Hua; Dittmann, Lars

2010-01-01

IEEE 802.16, also known as WiMAX, has received much attention recently for its capability to support multiple types of applications with diverse Quality-of-Service (QoS) requirements. Beyond what the standard has defined, radio resource management (RRM) still remains an open issue, which plays...... an important role in QoS provisioning for different types of services. In this paper, we propose a downlink resource management framework for QoS scheduling in OFDMA based WiMAX systems. Our framework consists of a dynamic resource allocation (DRA) module and a connection admission control (CAC) module. A two...

Analiza protokola kvaliteta usluga telekomunikacionih mreža / Analysis of quality of service protocols in telecommunication networks

Directory of Open Access Journals (Sweden)

Milojko Jevtović

2003-05-01

Full Text Available Protokoli kvaliteta usluga (Quality of Service - QoS sadašnjih i budućih telekomunikacionih mreža razvijeni su, pored ostalog, sa ciljem da podrže različite klase usluga (Class of Service - CoS komunikaciju u realnom vremenu, kao i prenos multimedijalnih poruka preko paketskih IP (Internet Protocol mreža. U raduje dat pregled karakteristika tih protokola i ocena njihovih konkretnih mogućnosti u obezbeđenju kvaliteta usluga unutar sistema ('s vrha do dna', tj. vertikalno u OSI arhitekturi kao i 'horizontalno' odnosno s kraja na kraj veze, tj. između izvora i odredišta. / Today's and future telecommunication networks must enable transmission throughout heterogeneous environment, using different Quality of Service protocols, Quality of Service protocols use a variety of complementary mechanisms to enable deterministic end-to-end different data delivery. The analysis of these protocols and their efficiency in providing QoS and CoS has been given in this paper.

Healthcare Blockchain System Using Smart Contracts for Secure Automated Remote Patient Monitoring.

Science.gov (United States)

Griggs, Kristen N; Ossipova, Olya; Kohlios, Christopher P; Baccarini, Alessandro N; Howson, Emily A; Hayajneh, Thaier

2018-06-06

As Internet of Things (IoT) devices and other remote patient monitoring systems increase in popularity, security concerns about the transfer and logging of data transactions arise. In order to handle the protected health information (PHI) generated by these devices, we propose utilizing blockchain-based smart contracts to facilitate secure analysis and management of medical sensors. Using a private blockchain based on the Ethereum protocol, we created a system where the sensors communicate with a smart device that calls smart contracts and writes records of all events on the blockchain. This smart contract system would support real-time patient monitoring and medical interventions by sending notifications to patients and medical professionals, while also maintaining a secure record of who has initiated these activities. This would resolve many security vulnerabilities associated with remote patient monitoring and automate the delivery of notifications to all involved parties in a HIPAA compliant manner.

Metro Optical Networks for Homeland Security

Science.gov (United States)

Bechtel, James H.

Metro optical networks provide an enticing opportunity for strengthening homeland security. Many existing and emerging fiber-optic networks can be adapted for enhanced security applications. Applications include airports, theme parks, sports venues, and border surveillance systems. Here real-time high-quality video and captured images can be collected, transported, processed, and stored for security applications. Video and data collection are important also at correctional facilities, courts, infrastructure (e.g., dams, bridges, railroads, reservoirs, power stations), and at military and other government locations. The scaling of DWDM-based networks allows vast amounts of data to be collected and transported including biometric features of individuals at security check points. Here applications will be discussed along with potential solutions and challenges. Examples of solutions to these problems are given. This includes a discussion of metropolitan aggregation platforms for voice, video, and data that are SONET compliant for use in SONET networks and the use of DWDM technology for scaling and transporting a variety of protocols. Element management software allows not only network status monitoring, but also provides optimized allocation of network resources through the use of optical switches or electrical cross connects.

A new method for improving security in MANETs AODV Protocol

Directory of Open Access Journals (Sweden)

Zahra Alishahi

2012-10-01

Full Text Available In mobile ad hoc network (MANET, secure communication is more challenging task due to its fundamental characteristics like having less infrastructure, wireless link, distributed cooperation, dynamic topology, lack of association, resource constrained and physical vulnerability of node. In MANET, attacks can be broadly classified in two categories: routing attacks and data forwarding attacks. Any action not following rules of routing protocols belongs to routing attacks. The main objective of routing attacks is to disrupt normal functioning of network by advertising false routing updates. On the other hand, data forwarding attacks include actions such as modification or dropping data packet, which does not disrupt routing protocol. In this paper, we address the “Packet Drop Attack”, which is a serious threat to operational mobile ad hoc networks. The consequence of not forwarding other packets or dropping other packets prevents any kind of communication to be established in the network. Therefore, there is a need to address the packet dropping event takes higher priority for the mobile ad hoc networks to emerge and to operate, successfully. In this paper, we propose a method to secure ad hoc on-demand distance vector (AODV routing protocol. The proposed method provides security for routing packets where the malicious node acts as a black-hole and drops packets. In this method, the collaboration of a group of nodes is used to make accurate decisions. Validating received RREPs allows the source to select trusted path to its destination. The simulation results show that the proposed mechanism is able to detect any number of attackers.

Can the use of the Leggett-Garg inequality enhance security of the BB84 protocol?

Science.gov (United States)

Shenoy H., Akshata; Aravinda, S.; Srikanth, R.; Home, Dipankar

2017-08-01

Prima facie, there are good reasons to answer in the negative the question posed in the title: the Bennett-Brassard 1984 (BB84) protocol is provably secure subject to the assumption of trusted devices, while the Leggett-Garg-type inequality (LGI) does not seem to be readily adaptable to the device independent (DI) or semi-DI scenario. Nevertheless, interestingly, here we identify a specific device attack, which has been shown to render the standard BB84 protocol completely insecure, but against which our formulated LGI-assisted BB84 protocol (based on an appropriate form of LGI) is secure.

Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

International Nuclear Information System (INIS)

Wang Yang; Bao Wan-Su; Li Hong-Wei; Zhou Chun; Li Yuan

2014-01-01

Similar to device-independent quantum key distribution (DI-QKD), semi-device-independent quantum key distribution (SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices. The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a one-way prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD. (general)

BROSMAP: A Novel Broadcast Based Secure Mobile Agent Protocol for Distributed Service Applications

Directory of Open Access Journals (Sweden)

Dina Shehada

2017-01-01

Full Text Available Mobile agents are smart programs that migrate from one platform to another to perform the user task. Mobile agents offer flexibility and performance enhancements to systems and service real-time applications. However, security in mobile agent systems is a great concern. In this paper, we propose a novel Broadcast based Secure Mobile Agent Protocol (BROSMAP for distributed service applications that provides mutual authentication, authorization, accountability, nonrepudiation, integrity, and confidentiality. The proposed system also provides protection from man in the middle, replay, repudiation, and modification attacks. We proved the efficiency of the proposed protocol through formal verification with Scyther verification tool.

Buffer Management of Multi-Queue QoS Switches with Class Segregation

OpenAIRE

Itoh, Toshiya; Yoshimoto, Seiji

2013-01-01

In this paper, we focus on buffer management of multi-queue QoS switches in which packets of different values are segregated in different queues. Our model consists of $m$ queues and $m$ packet values $0 < v_{1} < v_{2} < ... < v_{m}$. Recently, Al-Bawani and Souza [IPL 113(4), pp.145-150, 2013] presented an online algorithm GREEDY for buffer management of multi-queue QoS switches with class segregation and showed thatif $m$ queues have the same size, then the competitive ratio of GREEDY is $...

Performance evaluation of secured DICOM image communication with next generation internet protocol IPv6

Science.gov (United States)

Yu, Fenghai; Zhang, Jianguo; Chen, Xiaomeng; Huang, H. K.

2005-04-01

Next Generation Internet (NGI) technology with new communication protocol IPv6 emerges as a potential solution for low-cost and high-speed networks for image data transmission. IPv6 is designed to solve many of the problems of the current version of IP (known as IPv4) with regard to address depletion, security, autoconfiguration, extensibility, and more. We choose CTN (Central Test Node) DICOM software developed by The Mallinckrodt Institute of Radiology to implement IPv6/IPv4 enabled DICOM communication software on different operating systems (Windows/Linux), and used this DICOM software to evaluate the performance of the IPv6/IPv4 enabled DICOM image communication with different security setting and environments. We compared the security communications of IPsec with SSL/TLS on different TCP/IP protocols (IPv6/IPv4), and find that there are some trade-offs to choose security solution between IPsec and SSL/TLS in the security implementation of IPv6/IPv4 communication networks.

Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols

NARCIS (Netherlands)

Pettorossi, Alberto; Delzanno, Giorgio; Etalle, Sandro

2001-01-01

We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder

Pre-Authentication Schemes for UMTS-WLAN Interworking

Directory of Open Access Journals (Sweden)

Ali Al Shidhani

2009-01-01

Full Text Available Interworking Universal Mobile Telecommunication System (UMTS and IEEE 802.11 Wireless Local Area Networks (WLANs introduce new challenges including the design of secured and fast handover protocols. Handover operations within and between networks must not compromise the security of the networks involved. In addition, handovers must be instantaneous to sustain the quality of service (QoS of the applications running on the User Equipment (UE. There is a need to design fast and secured handover protocols to operate in UMTS-WLAN interworking architectures. This paper proposes two secured pre-authentication protocols in the UMTS-WLAN interworking architectures. Performance analysis of the proposed protocols show superior results in comparison to existing protocols in terms of authentication signaling cost, authentication delay and load on critical nodes involved in the authentication procedure. Additionally, the security of the proposed protocols was verified by the Automated Validation of Internet Security Protocols and Applications (AVISPA security analyzer.

A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

Directory of Open Access Journals (Sweden)

Siniša Tomović

2016-01-01

Full Text Available The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

[A security protocol for the exchange of personal medical data via Internet: monitoring treatment and drug effects].

Science.gov (United States)

Viviani, R; Fischer, J; Spitzer, M; Freudenmann, R W

2004-04-01

We present a security protocol for the exchange of medical data via the Internet, based on the type/domain model. We discuss two applications of the protocol: in a system for the exchange of data for quality assurance, and in an on-line database of adverse reactions to drug use. We state that a type/domain security protocol can successfully comply with the complex requirements for data privacy and accessibility typical of such applications.

QoS INVESTIGATION ON MOODLE’S VIDEO CONFERENCE

Directory of Open Access Journals (Sweden)

LINAWATI LINAWATI

2011-06-01

Full Text Available Learning Management System (LMS supports e-learning as a distant learning. Moodle is one of open source LMS applications that allow embedding multimedia into learning activity in a course, such as video conference session. The paper investigates quality of service (QoS of video conference session embedded in Moodle, i.e. end-to-end delay, jitter, throughput, packet loss and PSNR. Three scenarios were implemented in the experiment. The scenarios were applied on both wire and wireless transmission, and p2p and p2m connections. The investigation results show that the QoS of video conference session meets the standards issued by ITU-T G.1010 and G.114, for minimum bandwidth of 128 kbps. Thus the application of video conferencing that is integrated in Moodle can run well with minimum bandwidth of 128 Kbps. 

Design of Surface micromachined Compliant MEMS

Energy Technology Data Exchange (ETDEWEB)

Bradley, Joe Anthony [Iowa State Univ., Ames, IA (United States)

2001-01-01

The consideration of compliant mechanisms as Microelectromechanical Systems (MEMS) is the focus of this research endeavor. MEMS are micron to millimeter devices that combine electrical, mechanical, and information processing capabilities on the same device. These MEMS need some mechanical motion or parts that move relative to each other. This relative motion, using multiple parts, is not desired because of the assembly requirement and the friction introduced. Compliant devices limits or eliminates friction and the need for multi-component assembly. Compliant devices improve designs by creating single piece mechanisms. The purpose of this research is to validate surface micromachining as a viable fabrication process for compliant MEMS designs. Specifically, this research has sought to fabricate a micro-compliant gripper and a micro-compliant clamp to illustrate the process. While other researchers have created compliant MEMS, most have used comb-drive actuation methods and bulk micromachining processes. This research focuses on fully-compliant devices that use device flexibility for motion and actuation. Validation of these compliant MEMS is achieved by structural optimization of device design and functional performance testing. This research contributes to the ongoing research in MEMS by evaluating the potential of using surface micromachining as a process for fabricating compliant micro-mechanisms.

Design of Surface Micromachined Compliant MEMS

Energy Technology Data Exchange (ETDEWEB)

Bradley, Joe Anthony [Iowa State Univ., Ames, IA (United States)

2002-12-31

The consideration of compliant mechanisms as Microelectromechanical Systems (MEMS) is the focus of this research endeavor. MEMS are micron to millimeter devices that combine electrical, mechanical, and information processing capabilities on the same device. These MEMS need some mechanical motion or parts that move relative to each other. This relative motion, using multiple parts, is not desired because of the assembly requirement and the friction introduced. Compliant devices limits or eliminates friction and the need for multi-component assembly. Compliant devices improve designs by creating single piece mechanisms. The purpose of this research is to validate surface micromachining as a viable fabrication process for compliant MEMS designs. Specifically, this research has sought to fabricate a micro-compliant gripper and a micro-compliant clamp to illustrate the process. While other researchers have created compliant MEMs, most have used comb-drive actuation methods and bulk micromachining processes. This research focused on fully-compliant devices that use device flexibility for motion and actuation. Validation of these compliant MEMS is achieved by structural optimization of device design and functional performance testing. This research contributes to the ongoing research in MEMS by evaluating the potential of using surface micromachining as a process for fabricating compliant micro-mechanisms.

Potential of Sharia-compliant investments

OpenAIRE

Ishuayed, Mohamed; Ruiz, Frédéric

2016-01-01

Islamic finance and Sharia-compliant investing has seen substantial growth over the years. As more investors are interested in becoming fully Sharia-compliant, the question of what may they be giving up in exchange arises. This has led us to analyze the potential of Sharia-compliant investments. It is well known that having a Sharia-compliant investment portfolio could be rather restrictive as some sectors and investment instruments are forbidden such as tobacco, alcohol, gambling, pork produ...

Improving the security of the Hwang-Su protocol for mobile networks

African Journals Online (AJOL)

user

Improving the security of the Hwang-Su protocol for mobile networks. Miloud Ait ... But, it is threatened by weak ... Wireless networks (IEEE standard 802.11 1996, Gast 2005) have allowed computer systems to exchange data without cable.

Secure Group Formation Protocol for a Medical Sensor Network Prototype

DEFF Research Database (Denmark)

Andersen, Jacob

2009-01-01

, and experience from user workshops and observations of clinicians at work on a hospital ward show that if the security mechanisms are not well designed, the technology is either rejected altogether, or they are circumvented leaving the system wide open to attacks. Our work targets the problem of designing......Designing security mechanisms such as privacy and access control for medical sensor networks is a challenging task; as such systems may be operated very frequently, at a quick pace, and at times in emergency situations. Understandably, clinicians hold extra unproductive tasks in low regard...... wireless sensors to be both secure and usable by exploring different solutions on a fully functional prototype platform. In this paper, we present an Elliptic Curve Cryptography (ECC) based protocol, which offers fully secure sensor set-up in a few seconds on standard (Telos) hardware. We evaluate...

A secure medical data exchange protocol based on cloud environment.

Science.gov (United States)

Chen, Chin-Ling; Yang, Tsai-Tung; Shih, Tzay-Farn

2014-09-01

In recent years, health care technologies already became matured such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concern issue. In spite of many literatures discussed about medical systems, but these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a secure medical data exchange protocol based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples use medical resources on the cloud environment to seek medical advice conveniently.

A security analysis of version 2 of the Network Time Protocol (NTP): A report to the privacy and security research group

Science.gov (United States)

Bishop, Matt

1991-01-01

The Network Time Protocol is being used throughout the Internet to provide an accurate time service. The security requirements are examined of such a service, version 2 of the NTP protocol is analyzed to determine how well it meets these requirements, and improvements are suggested where appropriate.

Modification of CAS-protocol for improvement of security web-applications from unauthorized access

Directory of Open Access Journals (Sweden)

Alexey I Igorevich Alexandrov

2017-07-01

Full Text Available Dissemination of information technologies and the expansion of their application demand constantly increasing security level for users, operating with confidential information and personal data. The problem of setting up secure user identification is probably one of the most common tasks, which occur in the process of software development. Today, despite the availability of a large amount of authentication tools, new solutions, mechanisms and technologies are being introduced regularly. Primarily, it is done to increase the security level of data protection against unauthorized access. This article describes the experience of using central user authentication service based on CAS-protocol (CAS – Central Authentication Service and free open source software, analyzing its main advantages and disadvantages and describing the possibility of its modification, which would increase security of web-based information systems from being accessed illegally. The article contains recommendations for setting a maximum time limit for users working on services, integrated with central authentication; and, analyses the research of implementing modern web-technologies while using user authentication system based on CAS-protocol. In addition, it describes the ways of CAS-server modernization for developing additional modules: a module for collecting and analyzing the use of information systems, and another one, for a user management system. Furthermore, CAS-protocol can be used at universities and other organizations for creating a unified information environment in education.

Security Enhanced EMV-Based Mobile Payment Protocol

Directory of Open Access Journals (Sweden)

Ming-Hour Yang

2014-01-01

Full Text Available Near field communication has enabled customers to put their credit cards into a smartphone and use the phone for credit card transaction. But EMV contactless payment allows unauthorized readers to access credit cards. Besides, in offline transaction, a merchant’s reader cannot verify whether a card has been revoked. Therefore, we propose an EMV-compatible payment protocol to mitigate the transaction risk. And our modifications to the EMV standard are transparent to merchants and users. We also encrypt the communications between a card and a reader to prevent eavesdropping on sensitive data. The protocol is able to resist impersonation attacks and to avoid the security threats in EMV. In offline transactions, our scheme requires a user to apply for a temporary offline certificate in advance. With the certificate, banks no longer need to lower customer’s credits for risk control, and users can have online-equivalent credits in offline transactions.

Communication Framework for Tele-rehabilitation Systems with QoS Guarantee

Directory of Open Access Journals (Sweden)

Dandanov Nikolay

2017-01-01

Full Text Available Nowadays, there is great interest in developing telemedicine technologies. These technologies will provide health care from distance swiftly and lightly, as well as reduce the expenses for activities, such as rehabilitation. Telemedicine applications are possible due to the advances in information technologies and the ever-expanding communication network infrastructure. The network characteristics bandwidth, packet loss, latency, jitter and policies are crucial for the performance of tele-rehabilitation systems. Because in tele-rehabilitation human lives are at stake, guaranteeing the Quality of Service (QoS is important. In this paper, an approach for assuring the QoS for information transmission in tele-rehabilitation systems is proposed.

Performance Analysis of Secure and Private Billing Protocols for Smart Metering

Directory of Open Access Journals (Sweden)

Tom Eccles

2017-11-01

Full Text Available Traditional utility metering is to be replaced by smart metering. Smart metering enables fine-grained utility consumption measurements. These fine-grained measurements raise privacy concerns due to the lifestyle information which can be inferred from the precise time at which utilities were consumed. This paper outlines and compares two privacy-respecting time of use billing protocols for smart metering and investigates their performance on a variety of hardware. These protocols protect the privacy of customers by never transmitting the fine-grained utility readings outside of the customer’s home network. One protocol favors complexity on the trusted smart meter hardware while the other uses homomorphic commitments to offload computation to a third device. Both protocols are designed to operate on top of existing cryptographic secure channel protocols in place on smart meters. Proof of concept software implementations of these protocols have been written and their suitability for real world application to low-performance smart meter hardware is discussed. These protocols may also have application to other privacy conscious aggregation systems, such as electronic voting.

A Personalized QoS Prediction Approach for CPS Service Recommendation Based on Reputation and Location-Aware Collaborative Filtering.

Science.gov (United States)

Kuang, Li; Yu, Long; Huang, Lan; Wang, Yin; Ma, Pengju; Li, Chuanbin; Zhu, Yujia

2018-05-14

With the rapid development of cyber-physical systems (CPS), building cyber-physical systems with high quality of service (QoS) has become an urgent requirement in both academia and industry. During the procedure of building Cyber-physical systems, it has been found that a large number of functionally equivalent services exist, so it becomes an urgent task to recommend suitable services from the large number of services available in CPS. However, since it is time-consuming, and even impractical, for a single user to invoke all of the services in CPS to experience their QoS, a robust QoS prediction method is needed to predict unknown QoS values. A commonly used method in QoS prediction is collaborative filtering, however, it is hard to deal with the data sparsity and cold start problem, and meanwhile most of the existing methods ignore the data credibility issue. Thence, in order to solve both of these challenging problems, in this paper, we design a framework of QoS prediction for CPS services, and propose a personalized QoS prediction approach based on reputation and location-aware collaborative filtering. Our approach first calculates the reputation of users by using the Dirichlet probability distribution, so as to identify untrusted users and process their unreliable data, and then it digs out the geographic neighborhood in three levels to improve the similarity calculation of users and services. Finally, the data from geographical neighbors of users and services are fused to predict the unknown QoS values. The experiments using real datasets show that our proposed approach outperforms other existing methods in terms of accuracy, efficiency, and robustness.

Research on the business QoS and trustworthy and controllable strategies mechanism for energy internet

Science.gov (United States)

Zhang, Geng; Lu, Meiling; Zhang, Dahua; Zhou, Liang; Li, Likang

2017-01-01

Energy internet is a kind of power sharing network, which can realize the bidirectional flow of energy information on the basis of the existing power grid. It puts forward higher requirements for reliability and controllability of information communication, and all kinds of business QoS of the backbone network. So the research of business QoS and trustworthy and controllable strategies mechanism have an important significance for the development of energy internet. This paper mainly studies how to use the software defined network (SDN) to achieve business QoS, and provide QoS support for all kinds of business of the energy internet. Combined with the current development situation of the energy internet in our country, this paper researches the trustworthy and controllable strategies mechanism for energy internet, and proposes the transition scheme of the IPv6 credible network architecture based on SDN. This coordinates the contradiction between the growing demand for energy internet applications and the limitations of the energy internet technology itself.

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

Directory of Open Access Journals (Sweden)

Aamir Shahzad

2016-06-01

Full Text Available Substantial changes have occurred in the Information Technology (IT sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

Science.gov (United States)

Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

2016-06-14

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

Science.gov (United States)

Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

2016-01-01

Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network. PMID:27314351

A Novel QKD-based Secure Edge Router Architecture Design for Burst Confidentiality in Optical Burst Switched Networks

Science.gov (United States)

Balamurugan, A. M.; Sivasubramanian, A.

2014-06-01

The Optical Burst Switching (OBS) is an emergent result to the technology issue that could achieve a viable network in future. They have the ability to meet the bandwidth requisite of those applications that call for intensive bandwidth. The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. The concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution and quality of service (QoS). This paper proposes a framework based on QKD based secure edge router architecture design to provide burst confidentiality. The QKD protocol offers high level of confidentiality as it is indestructible. The design architecture was implemented in FPGA using diverse models and the results were taken. The results show that the proposed model is suitable for real time secure routing applications of the Optical burst switched networks.

Backup key generation model for one-time password security protocol

Science.gov (United States)

Jeyanthi, N.; Kundu, Sourav

2017-11-01

The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications’user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token.

Efficient medium access control protocol for geostationary satellite systems

Institute of Scientific and Technical Information of China (English)

王丽娜; 顾学迈

2004-01-01

This paper proposes an efficient medium access control (MAC) protocol based on multifrequency-time division multiple access (MF-TDMA) for geostationary satellite systems deploying multiple spot-beams and onboard processing,which uses a method of random reservation access with movable boundaries to dynamically request the transmission slots and can transmit different types of traffic. The simulation results have shown that our designed MAC protocol can achieve a high bandwidth utilization, while providing the required quality of service (QoS) for each class of service.

QoS-aware ant routing with security constraints in optical fibre networks by using RGB pheromones

DEFF Research Database (Denmark)

Al-Momin, Mohammad; Lazaridis, Pavlos; Cosmas, John

2016-01-01

for these different traffic types. In this paper, a novel technology is proposed to satisfy the requirements of different traffic types which vary in terms of bandwidth, latency and security. Oyster Optics Technology has been used to introduce the security as a new significant QoS factor....

Power Saving MAC Protocols for WSNs and Optimization of S-MAC Protocol

Directory of Open Access Journals (Sweden)

Simarpreet Kaur

2012-11-01

Full Text Available Low power MAC protocols have received a lot of consideration in the last few years because of their influence on the lifetime of wireless sensor networks. Since, sensors typically operate on batteries, replacement of which is often difficult. A lot of work has been done to minimize the energy expenditure and prolong the sensor lifetime through energy efficient designs, across layers. Meanwhile, the sensor network should be able to maintain a certain throughput in order to fulfill the QoS requirements of the end user, and to ensure the constancy of the network. This paper introduces different types of MAC protocols used for WSNs and proposes S‐MAC, a Medium‐Access Control protocol designed for Wireless Sensor Networks. S‐MAC uses a few innovative techniques to reduce energy consumption and support selfconfiguration. A new protocol is suggested to improve the energy efficiency, latency and throughput of existing MAC protocol for WSNs. A modification of the protocol is then proposed to eliminate the need for some nodes to stay awake longer than the other nodes which improves the energy efficiency, latency and throughput and hence increases the life span of a wireless sensor network.

An Improved Constraint-Based System for the Verification of Security Protocols

NARCIS (Netherlands)

Corin, R.J.; Etalle, Sandro

We propose a constraint-based system for the verification of security protocols that improves upon the one developed by Millen and Shmatikov [30]. Our system features (1) a significantly more efficient implementation, (2) a monotonic behavior, which also allows to detect flaws associated to partial

An Improved Constraint-based system for the verification of security protocols

NARCIS (Netherlands)

Corin, R.J.; Etalle, Sandro; Hermenegildo, Manuel V.; Puebla, German

We propose a constraint-based system for the verification of security protocols that improves upon the one developed by Millen and Shmatikov. Our system features (1) a significantly more efficient implementation, (2) a monotonic behavior, which also allows to detect aws associated to partial runs

ALPHA: Proposal of Mapping QoS Parameters between UPnP Home Network and GMPLS Access

DEFF Research Database (Denmark)

Brewka, Lukasz Jerzy; Sköldström, Pontus; Gavler, Anders

2011-01-01

This paper is treating the interdomain QoS signaling between the home and access domains with a focus on applying it for providing QoS between a UPnP-QoS based home network and GMPLS based access network. The work presented here is defining a possible approach for an interface between UPn...

Adaptive QoS provision for IEEE 802.16e BWA networks based on cross-layer design

Directory of Open Access Journals (Sweden)

Kuo GS

2011-01-01

Full Text Available Abstract This article proposes an integrated framework for adaptive QoS provision in IEEE 802.16e broadband wireless access networks based on cross-layer design. On one hand, an efficient admission control (AC algorithm is proposed along with a semi-reservation scheme to guarantee the connection-level QoS. First, to guarantee the service continuity for handoff connections and resource efficiency, our semi-reservation scheme considers both users' handoff probability and average resource consumption together, which effectively avoids resource over-reservation and insufficient reservation. For AC, a new/handoff connection is accepted only when the target cell has enough resource to afford both instantaneous and average resource consumption to meet the average source rate request. On the other hand, a joint resource allocation and packet scheduling scheme is designed to provide packet-level QoS guarantee in term of "QoS rate", which can ensure fairness for the services with identical priority level in case of bandwidth shortage. Particularly, an enhanced bandwidth request scheme is designed to reduce unnecessary BR delay and redundant signaling overhead caused by the existing one in IEEE 802.16e, which further improves the packet-level QoS performance and resource efficiency for uplink transmission. Simulation results show that the proposed approach not only balances the tradeoff among connection blocking rate, connection dropping rate, and connection failure rate, but also achieves low mean packet dropping rate (PDR, small deviation of PDR, and low QoS outage rate. Moreover, high resource efficiency is ensured.

Modeling and Simulation of a Novel Relay Node Based Secure Routing Protocol Using Multiple Mobile Sink for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Madhumathy Perumal

2015-01-01

Full Text Available Data gathering and optimal path selection for wireless sensor networks (WSN using existing protocols result in collision. Increase in collision further increases the possibility of packet drop. Thus there is a necessity to eliminate collision during data aggregation. Increasing the efficiency is the need of the hour with maximum security. This paper is an effort to come up with a reliable and energy efficient WSN routing and secure protocol with minimum delay. This technique is named as relay node based secure routing protocol for multiple mobile sink (RSRPMS. This protocol finds the rendezvous point for optimal transmission of data using a “splitting tree” technique in tree-shaped network topology and then to determine all the subsequent positions of a sink the “Biased Random Walk” model is used. In case of an event, the sink gathers the data from all sources, when they are in the sensing range of rendezvous point. Otherwise relay node is selected from its neighbor to transfer packets from rendezvous point to sink. A symmetric key cryptography is used for secure transmission. The proposed relay node based secure routing protocol for multiple mobile sink (RSRPMS is experimented and simulation results are compared with Intelligent Agent-Based Routing (IAR protocol to prove that there is increase in the network lifetime compared with other routing protocols.

A Cloud-User Protocol Based on Ciphertext Watermarking Technology

Directory of Open Access Journals (Sweden)

Keyang Liu

2017-01-01

Full Text Available With the growth of cloud computing technology, more and more Cloud Service Providers (CSPs begin to provide cloud computing service to users and ask for users’ permission of using their data to improve the quality of service (QoS. Since these data are stored in the form of plain text, they bring about users’ worry for the risk of privacy leakage. However, the existing watermark embedding and encryption technology is not suitable for protecting the Right to Be Forgotten. Hence, we propose a new Cloud-User protocol as a solution for plain text outsourcing problem. We only allow users and CSPs to embed the ciphertext watermark, which is generated and embedded by Trusted Third Party (TTP, into the ciphertext data for transferring. Then, the receiver decrypts it and obtains the watermarked data in plain text. In the arbitration stage, feature extraction and the identity of user will be used to identify the data. The fixed Hamming distance code can help raise the system’s capability for watermarks as much as possible. Extracted watermark can locate the unauthorized distributor and protect the right of honest CSP. The results of experiments demonstrate the security and validity of our protocol.

Statistical Delay QoS Provisioning for Energy-Efficient Spectrum-Sharing Based Wireless Ad Hoc Sensor Networks

Directory of Open Access Journals (Sweden)

Yichen Wang

2016-01-01

Full Text Available In this paper, we develop the statistical delay quality-of-service (QoS provisioning framework for the energy-efficient spectrum-sharing based wireless ad hoc sensor network (WAHSN, which is characterized by the delay-bound violation probability. Based on the established delay QoS provisioning framework, we formulate the nonconvex optimization problem which aims at maximizing the average energy efficiency of the sensor node in the WAHSN while meeting PU’s statistical delay QoS requirement as well as satisfying sensor node’s average transmission rate, average transmitting power, and peak transmitting power constraints. By employing the theories of fractional programming, convex hull, and probabilistic transmission, we convert the original fractional-structured nonconvex problem to the additively structured parametric convex problem and obtain the optimal power allocation strategy under the given parameter via Lagrangian method. Finally, we derive the optimal average energy efficiency and corresponding optimal power allocation scheme by employing the Dinkelbach method. Simulation results show that our derived optimal power allocation strategy can be dynamically adjusted based on PU’s delay QoS requirement as well as the channel conditions. The impact of PU’s delay QoS requirement on sensor node’s energy efficiency is also illustrated.

Optimal capacity and buffer size estimation under Generalized Markov Fluids Models and QoS parameters

International Nuclear Information System (INIS)

Bavio, José; Marrón, Beatriz

2014-01-01

Quality of service (QoS) for internet traffic management requires good traffic models and good estimation of sharing network resource. A link of a network processes all traffic and it is designed with certain capacity C and buffer size B. A Generalized Markov Fluid model (GMFM), introduced by Marrón (2011), is assumed for the sources because describes in a versatile way the traffic, allows estimation based on traffic traces, and also consistent effective bandwidth estimation can be done. QoS, interpreted as buffer overflow probability, can be estimated for GMFM through the effective bandwidth estimation and solving the optimization problem presented in Courcoubetis (2002), the so call inf-sup formulas. In this work we implement a code to solve the inf-sup problem and other optimization related with it, that allow us to do traffic engineering in links of data networks to calculate both, minimum capacity required when QoS and buffer size are given or minimum buffer size required when QoS and capacity are given

Analisa Horizontal Handover Terhadap Qos Layanan Streaming Multimedia E-Learning Pada Jaringan WLAN 802.11

Directory of Open Access Journals (Sweden)

I M.O. Widyantara

2015-06-01

Full Text Available In this globalization era, the state of the user who no longer occupies in a single place, but always moving, it is necessary to continuity of communication that will cause a handover. This paper intends to analyze the effect of 802.11 WLAN horizontal handover to the QoS of streaming e-learning. Methods of data collection process using the Cisco 3500 series access point that supports handover with existing network systems, ad-hoc network and type of hard handover. The results of the data analysis showed that the handover process is able to improve the QoS by gradually restored gradually, to get back to normal QoS

Establishing rational networking using the DL04 quantum secure direct communication protocol

Science.gov (United States)

Qin, Huawang; Tang, Wallace K. S.; Tso, Raylin

2018-06-01

The first rational quantum secure direct communication scheme is proposed, in which we use the game theory with incomplete information to model the rational behavior of the participant, and give the strategy space and utility function. The rational participant can get his maximal utility when he performs the protocol faithfully, and then the Nash equilibrium of the protocol can be achieved. Compared to the traditional schemes, our scheme will be more practical in the presence of rational participant.

Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

Directory of Open Access Journals (Sweden)

Erdal IRMAK

2017-12-01

Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

A Secure and Effective Anonymous Integrity Checking Protocol for Data Storage in Multicloud

Directory of Open Access Journals (Sweden)

Lingwei Song

2015-01-01

Full Text Available How to verify the integrity of outsourced data is an important problem in cloud storage. Most of previous work focuses on three aspects, which are providing data dynamics, public verifiability, and privacy against verifiers with the help of a third party auditor. In this paper, we propose an identity-based data storage and integrity verification protocol on untrusted cloud. And the proposed protocol can guarantee fair results without any third verifying auditor. The theoretical analysis and simulation results show that our protocols are secure and efficient.

Compromises Between Quality of Service Metrics and Energy Consumption of Hierarchical and Flat Routing Protocols for Wireless Sensors Network

Directory of Open Access Journals (Sweden)

Abdelbari BEN YAGOUTA

2016-11-01

Full Text Available Wireless Sensor Network (WSN is wireless network composed of spatially distributed and tiny autonomous nodes, which cooperatively monitor physical or environmental conditions. Among the concerns of these networks is prolonging the lifetime by saving nodes energy. There are several protocols specially designed for WSNs based on energy conservation. However, many WSNs applications require QoS (Quality of Service criteria, such as latency, reliability and throughput. In this paper, we will compare three routing protocols for wireless sensors network LEACH (Low Energy Adaptive Clustering Hierarchy, AODV (Ad hoc on demand Distance Vector and LABILE (Link Quality-Based Lexical Routing using Castalia simulator in terms of energy consumption, throughput, reliability and latency time of packets received by sink under different conditions to determinate the best configurations that offers the most suitable compromises between energy conservation and all QoS metrics for each routing protocols. The results show that, the best configurations that offer the suitable compromises between energy conservation and all QoS metrics is a large number of deployed nodes with low packet rate for LEACH (300 nodes and 1 packet/s, a medium number of deployed nodes with low packet rate For AODV (100 nodes and 1 packet/s and a very low nodes density with low packet rate for LABILE (50 nodes and 1 packet/s.

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

Science.gov (United States)

You, Ilsun; Kwon, Soonhyun; Choudhary, Gaurav; Sharma, Vishal; Seo, Jung Taek

2018-06-08

The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows⁻Abadi⁻Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two

An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System

Directory of Open Access Journals (Sweden)

Ilsun You

2018-06-01

Full Text Available The Internet of Things (IoT utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN, but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN, which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO and the Security-Enhanced Option (SEO. The protocol is validated through Burrows–Abadi–Needham (BAN logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with

Mixed integer nonlinear programming model of wireless pricing scheme with QoS attribute of bandwidth and end-to-end delay

Science.gov (United States)

Irmeilyana, Puspita, Fitri Maya; Indrawati

2016-02-01

The pricing for wireless networks is developed by considering linearity factors, elasticity price and price factors. Mixed Integer Nonlinear Programming of wireless pricing model is proposed as the nonlinear programming problem that can be solved optimally using LINGO 13.0. The solutions are expected to give some information about the connections between the acceptance factor and the price. Previous model worked on the model that focuses on bandwidth as the QoS attribute. The models attempt to maximize the total price for a connection based on QoS parameter. The QoS attributes used will be the bandwidth and the end to end delay that affect the traffic. The maximum goal to maximum price is achieved when the provider determine the requirement for the increment or decrement of price change due to QoS change and amount of QoS value.

Security protocol specification and verification with AnBx

DEFF Research Database (Denmark)

Bugliesi, Michele; Calzavara, Stefano; Mödersheim, Sebastian Alexander

2016-01-01

Designing distributed protocols is complex and requires actions at very different levels: from the design of an interaction flow supporting the desired application-specific guarantees to the selection of the most appropriate network-level protection mechanisms. To tame this complexity, we propose...... with a novel notion of forwarding channels, enforcing specific security guarantees from the message originator to the final recipient along a number of intermediate forwarding agents. We give a formal semantics of AnBx in terms of a state transition system expressed in the AVISPA Intermediate Format. We devise...

A Novel Prioritization Scheme to Improve QoS in IEEE 802.11e Networks

Directory of Open Access Journals (Sweden)

Navid Tadayon

2010-01-01

Full Text Available IEEE 802.11 WLAN utilizes a distributed function at its MAC layer, namely, DCF to access the wireless medium. Due to its distributed nature, DCF is able to guarantee working stability in a wireless medium while maintaining the assembling and maintenance cost in a low level. However, DCF is inefficient in dealing with real-time traffics due to its incapability on providing QoS. IEEE 802.11e was introduced as a supplementary standard to cope with this problem. This standard introduces an Enhanced Distributed Coordination Function (EDCF that works based on diff-Serve model and can serve multiple classes of traffics (by using different prioritizations schemes. With the emergence of new time-sensitive applications, EDCF has proved to be yet inefficient in dealing with these kinds of traffics because it could not provide network with well-differentiated QoS. In this study, we propose a novel prioritization scheme to improve QoS level in IEEE 802.11e network. In this scheme, we replace Uniform PDF with Gamma PDF, which has salient differentiating properties. We investigate the suitability and superiority of this scheme on furnishing network with well-differentiated QoS using probabilistic analysis. We strengthen our claims by extensive simulation runs.

An Efficient and Secure Certificateless Authentication Protocol for Healthcare System on Wireless Medical Sensor Networks

Science.gov (United States)

Guo, Rui; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua

2013-01-01

Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks. PMID:23710147

E-mail security: mail clients must use encrypted protocols

CERN Multimedia

2006-01-01

In the coming weeks, users of mail clients other than Outlook (e.g. Pine, Mozilla, Mac Mail, etc.) may receive an e-mail from Mail-service@cern.ch with instructions to update the security settings of their mail client. The aim of this campaign is to enforce the use of encrypted and authenticated mail protocols in order to prevent the propagation of viruses and protect passwords from theft. As a first step, from 6 June 2006 onwards, access to mail servers from outside CERN will require a securely configured mail client as described in the help page http://cern.ch/mmmservices/Help/?kbid=191040. On this page most users will also find tools that will update their mail client settings automatically. Note that Outlook clients and WebMail access are not affected. The Mail Team

QoS Negotiation in Real-Time Systems and its Application to Automated Flight Control

Science.gov (United States)

2000-11-01

QoS Negotiation in Real - Time Systems and Its Application to Automated Flight Control Tarek F. Abdelzaher, Member, IEEE, Ella M. Atkins, Member, IEEE...been committed to those that arrived earlier. In hard- real - time systems , a static analysis may be performed to guarantee a priori that all requests be...DATE 2000 2. REPORT TYPE 3. DATES COVERED 00-00-2000 to 00-00-2000 4. TITLE AND SUBTITLE QoS Negotiation in Real - Time Systems and its

QoS testing of service-based applications

OpenAIRE

Driss , Maha; Jamoussi , Yassine; Ben Ghézala , Henda Hajjami

2008-01-01

International audience; Web services (WSs) are becoming increasingly popular because of their potential in several application domains including e-Enterprise, e-Business, e-Government, and e-Science. Based on open XML standards, WS technology allows the construction of massively distributed and loosely coupled applications. A service composition mechanism should satisfy not only functional properties but also non-functional Quality of Service (QoS) ones. In this paper, we introduce a discrete...

Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

Science.gov (United States)

Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

2017-09-18

Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

Further improvements in competitive guarantees for QoS buffering

NARCIS (Netherlands)

Bansal, N.; Fleischer, L.K.; Kimbrel, T.; Mahdian, M.; Schieber, B.; Sviridenko, M.; Diaz, J.; Karhumäki, J.; Lepistö, A.; Sannella, D.

2004-01-01

We study the behavior of algorithms for buffering packets weighted by different levels of Quality of Service (QoS) guarantees in a single queue. Buffer space is limited, and packet loss occurs when the buffer overflows. We describe a modification of the previously proposed ``preemptive greedy{''}

Vertical Protocol Composition

DEFF Research Database (Denmark)

Groß, Thomas; Mödersheim, Sebastian Alexander

2011-01-01

The security of key exchange and secure channel protocols, such as TLS, has been studied intensively. However, only few works have considered what happens when the established keys are actually used—to run some protocol securely over the established “channel”. We call this a vertical protocol.......e., that the combination cannot introduce attacks that the individual protocols in isolation do not have. In this work, we prove a composability result in the symbolic model that allows for arbitrary vertical composition (including self-composition). It holds for protocols from any suite of channel and application...

ANCS: Achieving QoS through Dynamic Allocation of Network Resources in Virtualized Clouds

Directory of Open Access Journals (Sweden)

Cheol-Ho Hong

2016-01-01

Full Text Available To meet the various requirements of cloud computing users, research on guaranteeing Quality of Service (QoS is gaining widespread attention in the field of cloud computing. However, as cloud computing platforms adopt virtualization as an enabling technology, it becomes challenging to distribute system resources to each user according to the diverse requirements. Although ample research has been conducted in order to meet QoS requirements, the proposed solutions lack simultaneous support for multiple policies, degrade the aggregated throughput of network resources, and incur CPU overhead. In this paper, we propose a new mechanism, called ANCS (Advanced Network Credit Scheduler, to guarantee QoS through dynamic allocation of network resources in virtualization. To meet the various network demands of cloud users, ANCS aims to concurrently provide multiple performance policies; these include weight-based proportional sharing, minimum bandwidth reservation, and maximum bandwidth limitation. In addition, ANCS develops an efficient work-conserving scheduling method for maximizing network resource utilization. Finally, ANCS can achieve low CPU overhead via its lightweight design, which is important for practical deployment.

Enhanced Secure Trusted AODV (ESTA Protocol to Mitigate Blackhole Attack in Mobile Ad Hoc Networks

Directory of Open Access Journals (Sweden)

Dilraj Singh

2015-09-01

Full Text Available The self-organizing nature of the Mobile Ad hoc Networks (MANETs provide a communication channel anywhere, anytime without any pre-existing network infrastructure. However, it is exposed to various vulnerabilities that may be exploited by the malicious nodes. One such malicious behavior is introduced by blackhole nodes, which can be easily introduced in the network and, in turn, such nodes try to crumble the working of the network by dropping the maximum data under transmission. In this paper, a new protocol is proposed which is based on the widely used Ad hoc On-Demand Distance Vector (AODV protocol, Enhanced Secure Trusted AODV (ESTA, which makes use of multiple paths along with use of trust and asymmetric cryptography to ensure data security. The results, based on NS-3 simulation, reveal that the proposed protocol is effectively able to counter the blackhole nodes in three different scenarios.

A USER-DEPENDENT PERFECT-SCHEDULING MULTIPLE ACCESS PROTOCOL FOR VOICE-DATA INTEGRATION IN WIRELESS NETWORKS

Institute of Scientific and Technical Information of China (English)

Zhou Yajian; Li Jiandong; Liu Kai

2002-01-01

A novel Multiple Access Control (MAC) protocol - User-dependent Perfect-scheduling Multiple Access (UPMA) protocol, which supports joint transmission of voice and data packets,is proposed. By this protocol, the bandwidth can be allocated dynamically to the uplink and downlink traffic with on-demand assignment and the transmission of Mobile Terminals (MTs)can be perfectly scheduled by means of polling. Meanwhile, a unique frame structure is designed to guarantee Quality of Service (QoS) in voice traffic supporting. An effective collision resolution algorithm is also proposed to guarantee rapid channel access for activated MTs. Finally, performance of UPMA protocol is evaluated by simulation and compared with MPRMA protocol.Simulation results show that UPMA protocol has better performance.

Data port security lock

Science.gov (United States)

Quinby, Joseph D [Albuquerque, NM; Hall, Clarence S [Albuquerque, NM

2008-06-24

In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

The ultimate security bounds of quantum key distribution protocols

International Nuclear Information System (INIS)

Nikolopoulos, G.M.; Alber, G.

2005-01-01

Full text: Quantum key distribution (QKD) protocols exploit quantum correlations in order to establish a secure key between two legitimate users. Recent work on QKD has revealed a remarkable link between quantum and secret correlations. In this talk we report on recent results concerning the ultimate upper security bounds of various QKD schemes (i.e., the maximal disturbance up to which the two legitimate users share quantum correlations) under the assumption of general coherent attacks. In particular, we derive an analytic expression for the ultimate upper security bound of QKD schemes that use two mutually unbiased bases. As long as the two legitimate users focus on the sifted key and treat each pair of data independently during the post processing, our results are valid for arbitrary dimensions of the information carriers. The bound we have derived is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is also discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions, however, such equivalence is generally no longer valid. (author)

Simple algorithm for improved security in the FDDI protocol

Science.gov (United States)

Lundy, G. M.; Jones, Benjamin

1993-02-01

We propose a modification to the Fiber Distributed Data Interface (FDDI) protocol based on a simple algorithm which will improve confidential communication capability. This proposed modification provides a simple and reliable system which exploits some of the inherent security properties in a fiber optic ring network. This method differs from conventional methods in that end to end encryption can be facilitated at the media access control sublayer of the data link layer in the OSI network model. Our method is based on a variation of the bit stream cipher method. The transmitting station takes the intended confidential message and uses a simple modulo two addition operation against an initialization vector. The encrypted message is virtually unbreakable without the initialization vector. None of the stations on the ring will have access to both the encrypted message and the initialization vector except the transmitting and receiving stations. The generation of the initialization vector is unique for each confidential transmission and thus provides a unique approach to the key distribution problem. The FDDI protocol is of particular interest to the military in terms of LAN/MAN implementations. Both the Army and the Navy are considering the standard as the basis for future network systems. A simple and reliable security mechanism with the potential to support realtime communications is a necessary consideration in the implementation of these systems. The proposed method offers several advantages over traditional methods in terms of speed, reliability, and standardization.

Secured Communication for Business Process Outsourcing Using Optimized Arithmetic Cryptography Protocol Based on Virtual Parties

Science.gov (United States)

Pathak, Rohit; Joshi, Satyadhar

Within a span of over a decade, India has become one of the most favored destinations across the world for Business Process Outsourcing (BPO) operations. India has rapidly achieved the status of being the most preferred destination for BPO for companies located in the US and Europe. Security and privacy are the two major issues needed to be addressed by the Indian software industry to have an increased and long-term outsourcing contract from the US. Another important issue is about sharing employee’s information to ensure that data and vital information of an outsourcing company is secured and protected. To ensure that the confidentiality of a client’s information is maintained, BPOs need to implement some data security measures. In this paper, we propose a new protocol for specifically for BPO Secure Multi-Party Computation (SMC). As there are many computations and surveys which involve confidential data from many parties or organizations and the concerned data is property of the organization, preservation and security of this data is of prime importance for such type of computations. Although the computation requires data from all the parties, but none of the associated parties would want to reveal their data to the other parties. We have proposed a new efficient and scalable protocol to perform computation on encrypted information. The information is encrypted in a manner that it does not affect the result of the computation. It uses modifier tokens which are distributed among virtual parties, and finally used in the computation. The computation function uses the acquired data and modifier tokens to compute right result from the encrypted data. Thus without revealing the data, right result can be computed and privacy of the parties is maintained. We have given a probabilistic security analysis of hacking the protocol and shown how zero hacking security can be achieved. Also we have analyzed the specific case of Indian BPO.

Meta-Key: A Secure Data-Sharing Protocol under Blockchain-Based Decentralised Storage Architecture

OpenAIRE

Fu, Yue

2017-01-01

In this paper a secure data-sharing protocol under blockchain-based decentralised storage architecture is proposed, which fulfils users who need to share their encrypted data on-cloud. It implements a remote data-sharing mechanism that enables data owners to share their encrypted data to other users without revealing the original key. Nor do they have to download on-cloud data with re-encryption and re-uploading. Data security as well as efficiency are ensured by symmetric encryption, whose k...

Design and Analysis of Optimization Algorithms to Minimize Cryptographic Processing in BGP Security Protocols.

Science.gov (United States)

Sriram, Vinay K; Montgomery, Doug

2017-07-01

The Internet is subject to attacks due to vulnerabilities in its routing protocols. One proposed approach to attain greater security is to cryptographically protect network reachability announcements exchanged between Border Gateway Protocol (BGP) routers. This study proposes and evaluates the performance and efficiency of various optimization algorithms for validation of digitally signed BGP updates. In particular, this investigation focuses on the BGPSEC (BGP with SECurity extensions) protocol, currently under consideration for standardization in the Internet Engineering Task Force. We analyze three basic BGPSEC update processing algorithms: Unoptimized, Cache Common Segments (CCS) optimization, and Best Path Only (BPO) optimization. We further propose and study cache management schemes to be used in conjunction with the CCS and BPO algorithms. The performance metrics used in the analyses are: (1) routing table convergence time after BGPSEC peering reset or router reboot events and (2) peak-second signature verification workload. Both analytical modeling and detailed trace-driven simulation were performed. Results show that the BPO algorithm is 330% to 628% faster than the unoptimized algorithm for routing table convergence in a typical Internet core-facing provider edge router.

Dynamic QoS Evaluation of Multimedia Contents in Wireless Networks by “Double-Boomerang” Watermarking

Directory of Open Access Journals (Sweden)

Gaetano Giunta

2010-03-01

Full Text Available This work presents a cooperative network-aware processing of multimedia content for dynamic quality of service management in wireless IP networks. Our technique can be also used for quality control in UMTS environments, exploiting the tracing watermarking recently introduced in literature. In this work, we use the transmitted video-sequences to monitor the QoS in a videoconference call. The video-sequence of every active user travels on the communication link, one time as video (transparent mode, one time as watermark (hidden mode describing a boomerang trajectory. The results obtained through our simulation trials confirm the validity of such approach. In fact, the advantages of distributing the management process are (i an easier and more precise localization of the cause of QoS problems, (ii a better knowledge of local situations, (iii a lower complexity for a single QoS agent and (iv an increase in possible actions.

Delay-Tolerant, Low-Power Protocols for Large Security-Critical Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Claudio S. Malavenda

2012-01-01

Full Text Available This paper reports the analysis, implementation, and experimental testing of a delay-tolerant and energy-aware protocol for a wireless sensor node, oriented to security applications. The solution proposed takes advantages from different domains considering as a guideline the low power consumption and facing the problems of seamless and lossy connectivity offered by the wireless medium along with very limited resources offered by a wireless network node. The paper is organized as follows: first we give an overview on delay-tolerant wireless sensor networking (DTN; then we perform a simulation-based comparative analysis of state-of-the-art DTN approaches and illustrate the improvement offered by the proposed protocol; finally we present experimental data gathered from the implementation of the proposed protocol on a proprietary hardware node.

Design and Analysis of a secure multi-party communication protocol

OpenAIRE

Herberth, Klaus

2016-01-01

In the past years digital communication became an important aspect in every day life. Everything is shared and discussed in groups of friends, family or business part- ners without a proper way to protect that information. This master thesis introduces the first secure robust multi-party communication protocol which mimics a physical conversation with the help of a Diffie-Hellman key tree and social behaviours. Robust- ness against offline group members is reached by taking advantage of trans...

Compliant walker

Science.gov (United States)

Kerley, James J. (Inventor); Eklund, Wayne D. (Inventor); Crane, J. Allen (Inventor)

1992-01-01

A compliant walker is provided for humans having limited use of their legs and lower back. It includes an upright wheel frame which at least partially surrounds an upright user wearing a partial body harness. It is attached to the frame by means of cable compliant apparatus consisting of sets of cable segments and angle bracket members connected between opposite side members of the frame and adjacent side portions of the harness. Novelty is believed to exist in the combination of a wheeled frame including a side support structure, a body harness, and compliance means connecting the body harness to the side support structure for flexibility holding and supporting a person in a substantially upright position when the user sags in the frame when taking weight off the lower extremities.

Security bound of two-basis quantum-key-distribution protocols using qudits

International Nuclear Information System (INIS)

Nikolopoulos, Georgios M.; Alber, Gernot

2005-01-01

We investigate the security bounds of quantum-cryptographic protocols using d-level systems. In particular, we focus on schemes that use two mutually unbiased bases, thus extending the Bennett-Brassard 1984 quantum-key-distribution scheme to higher dimensions. Under the assumption of general coherent attacks, we derive an analytic expression for the ultimate upper security bound of such quantum-cryptography schemes. This bound is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions such an equivalence is generally no longer valid

Secure Protocol and IP Core for Configuration of Networking Hardware IPs in the Smart Grid

Directory of Open Access Journals (Sweden)

Marcelo Urbina

2018-02-01

Full Text Available Nowadays, the incorporation and constant evolution of communication networks in the electricity sector have given rise to the so-called Smart Grid, which is why it is necessary to have devices that are capable of managing new communication protocols, guaranteeing the strict requirements of processing required by the electricity sector. In this context, intelligent electronic devices (IEDs with network architectures are currently available to meet the communication, real-time processing and interoperability requirements of the Smart Grid. The new generation IEDs include an Field Programmable Gate Array (FPGA, to support specialized networking switching architectures for the electric sector, as the IEEE 1588-aware High-availability Seamless Redundancy/Parallel Redundancy Protocol (HSR/PRP. Another advantage to using an FPGA is the ability to update or reconfigure the design to support new requirements that are being raised to the standards (IEC 61850. The update of the architecture implemented in the FPGA can be done remotely, but it is necessary to establish a cyber security mechanism since the communication link generates vulnerability in the case the attacker gains physical access to the network. The research presented in this paper proposes a secure protocol and Intellectual Property (IP core for configuring and monitoring the networking IPs implemented in a Field Programmable Gate Array (FPGA. The FPGA based implementation proposed overcomes this issue using a light Layer-2 protocol fully implemented on hardware and protected by strong cryptographic algorithms (AES-GCM, defined in the IEC 61850-90-5 standard. The proposed secure protocol and IP core are applicable in any field where remote configuration over Ethernet is required for IP cores in FPGAs. In this paper, the proposal is validated in communications hardware for Smart Grids.

An Empirical Study and some Improvements of the MiniMac Protocol for Secure Computation

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Lauritsen, Rasmus; Toft, Tomas

2014-01-01

Recent developments in Multi-party Computation (MPC) has resulted in very efficient protocols for dishonest majority in the preprocessing model. In particular, two very promising protocols for Boolean circuits have been proposed by Nielsen et al. (nicknamed TinyOT) and by Damg˚ard and Zakarias...... suggest a modification of MiniMac that achieves increased parallelism at no extra communication cost. This gives an asymptotic improvement of the original protocol as well as an 8-fold speed-up of our implementation. We compare the resulting protocol to TinyOT for the case of secure computation in parallel...... of a large number of AES encryptions and find that it performs better than results reported so far on TinyOT, on the same hardware.p...

SC²: Secure Communication over Smart Cards

DEFF Research Database (Denmark)

Dragoni, Nicola; Lostal, Eduardo; Papini, Davide

2012-01-01

The Security-by-Contract (S×C) framework has recently been proposed to support software evolution in open multi-application smart cards. The key idea lies in the notion of contract, a specification of the security behavior of an application that must be compliant with the security policy of the c...

SYMMETRIC ENCRYPTION USING PRE-SHARED PUBLIC PARAMETERS FOR A SECURE TFTP PROTOCOL

Directory of Open Access Journals (Sweden)

N. N. MOHAMED

2017-01-01

Full Text Available Advances in the communication technology of embedded systems have led to the situation where nowadays almost all systems should implement security for data safety. Trivial File Transfer Protocol (TFTP has advantages for use in embedded systems due to its speed and simplicity, however without security mechanisms, it is vulnerable to various attacks. As an example, during upgrading of Wireless Access Points (WAPs, attackers can access the information and modify it, and then install malicious code to interrupt the system. This work proposes security implementation of Diffie Hellman Key Exchange in TFTP by pre-sharing public parameters that enable two parties to achieve same secret key without the risk of Man-In-The-Middle (MITM attacks. The implementation is integrated with compression and encryption methods to significantly reduce computational requirements in TFTP communication.

Hand forces exerted by long-term care staff when pushing wheelchairs on compliant and non-compliant flooring.

Science.gov (United States)

Lachance, Chantelle C; Korall, Alexandra M B; Russell, Colin M; Feldman, Fabio; Robinovitch, Stephen N; Mackey, Dawn C

2018-09-01

Purpose-designed compliant flooring and carpeting have been promoted as a means for reducing fall-related injuries in high-risk environments, such as long-term care. However, it is not known whether these surfaces influence the forces that long-term care staff exert when pushing residents in wheelchairs. We studied 14 direct-care staff who pushed a loaded wheelchair instrumented with a triaxial load cell to test the effects on hand force of flooring overlay (vinyl versus carpet) and flooring subfloor (concrete versus compliant rubber [brand: SmartCells]). During straight-line pushing, carpet overlay increased initial and sustained hand forces compared to vinyl overlay by 22-49% over a concrete subfloor and by 8-20% over a compliant subfloor. Compliant subflooring increased initial and sustained hand forces compared to concrete subflooring by 18-31% when under a vinyl overlay. In contrast, compliant flooring caused no change in initial or sustained hand forces compared to concrete subflooring when under a carpet overlay. Copyright © 2018 Elsevier Ltd. All rights reserved.

Design of a Secure System Considering Quality of Service

Directory of Open Access Journals (Sweden)

Seondong Heo

2014-11-01

Full Text Available Improvements in networking technologies have provided users with useful information services. Such information services may bring convenience and efficiency, but might be accompanied by vulnerabilities to a variety of attacks. Therefore, a variety of research to enhance the security of the systems and get the services at the same time has been carried out. Especially, research on intrusion-tolerant systems (ITSs has been conducted in order to survive against every intrusion, rather than to detect and prevent them. In this paper, an ITS based on effective resource conversion (ERC is presented to achieve the goal of intrusion-tolerance. Instead of using the fixed number of virtual machines (VMs to process requests and recover as in conventional approaches, the ITS based on ERC can transform the assigned resources depending on the system status. This scheme is proved to maintain a certain level of quality of service (QoS and quality of security service (QoSS in threatening environments. The performance of ERC is compared with previous studies on ITS by CSIM 20, and it is verified that the proposed scheme is more effective in retaining a specific level of QoS and QoSS.

An Adaptive QoS Routing Solution for MANET Based Multimedia Communications in Emergency Cases

Science.gov (United States)

Ramrekha, Tipu Arvind; Politis, Christos

The Mobile Ad hoc Networks (MANET) is a wireless network deprived of any fixed central authoritative routing entity. It relies entirely on collaborating nodes forwarding packets from source to destination. This paper describes the design, implementation and performance evaluation of CHAMELEON, an adaptive Quality of Service (QoS) routing solution, with improved delay and jitter performances, enabling multimedia communication for MANETs in extreme emergency situations such as forest fire and terrorist attacks as defined in the PEACE project. CHAMELEON is designed to adapt its routing behaviour according to the size of a MANET. The reactive Ad Hoc on-Demand Distance Vector Routing (AODV) and proactive Optimized Link State Routing (OLSR) protocols are deemed appropriate for CHAMELEON through their performance evaluation in terms of delay and jitter for different MANET sizes in a building fire emergency scenario. CHAMELEON is then implemented in NS-2 and evaluated similarly. The paper concludes with a summary of findings so far and intended future work.

Live chat alternative security protocol

Science.gov (United States)

Rahman, J. P. R.; Nugraha, E.; Febriany, A.

2018-05-01

Indonesia is one of the largest e-commerce markets in Southeast Asia, as many as 5 million people do transactions in e-commerce, therefore more and more people use live chat service to communicate with customer service. In live chat, the customer service often asks customers’ data such as, full name, address, e-mail, transaction id, which aims to verify the purchase of the product. One of the risks that will happen is sniffing which will lead to the theft of confidential information that will cause huge losses to the customer. The anticipation that will be done is build an alternative security protocol for user interaction in live chat by using a cryptographic algorithm that is useful for protecting confidential messages. Live chat requires confidentiality and data integration with encryption and hash functions. The used algorithm are Rijndael 256 bits, RSA, and SHA256. To increase the complexity, the Rijndael algorithm will be modified in the S-box and ShiftRow sections based on the shannon principle rule, the results show that all pass the Randomness test, but the modification in Shiftrow indicates a better avalanche effect. Therefore the message will be difficult to be stolen or changed.

IDMA-Based MAC Protocol for Satellite Networks with Consideration on Channel Quality

Directory of Open Access Journals (Sweden)

Gongliang Liu

2014-01-01

Full Text Available In order to overcome the shortcomings of existing medium access control (MAC protocols based on TDMA or CDMA in satellite networks, interleave division multiple access (IDMA technique is introduced into satellite communication networks. Therefore, a novel wide-band IDMA MAC protocol based on channel quality is proposed in this paper, consisting of a dynamic power allocation algorithm, a rate adaptation algorithm, and a call admission control (CAC scheme. Firstly, the power allocation algorithm combining the technique of IDMA SINR-evolution and channel quality prediction is developed to guarantee high power efficiency even in terrible channel conditions. Secondly, the effective rate adaptation algorithm, based on accurate channel information per timeslot and by the means of rate degradation, can be realized. What is more, based on channel quality prediction, the CAC scheme, combining the new power allocation algorithm, rate scheduling, and buffering strategies together, is proposed for the emerging IDMA systems, which can support a variety of traffic types, and offering quality of service (QoS requirements corresponding to different priority levels. Simulation results show that the new wide-band IDMA MAC protocol can make accurate estimation of available resource considering the effect of multiuser detection (MUD and QoS requirements of multimedia traffic, leading to low outage probability as well as high overall system throughput.

Automatic provisioning of end-to-end QoS into the home

DEFF Research Database (Denmark)

Brewka, Lukasz Jerzy; Skoldström, Pontus; Nelis, Jelle

2011-01-01

Due to a growing number of high bandwidth applications today (such as HDTV), and an increasing amount of network and cloud based applications, service providers need to pay attention to QoS in their networks. We believe there is a need for an end-to-end approach reaching into the home as well....... The Home Gateway (HG) as a key component of the home network is crucial for enabling the end-to-end solutions. UPnP-QoS has been proposed as an inhome solution for resource reservations. In this paper we assess a solution for automatic QoS reservations, on behalf of non-UPnP-QoS aware applications....... Additionally we focus on an integrated end-to-end solution, combining GMPLS-based reservations in e.g., access/metro and UPnP-QoS based reservation in the home network....

A Secure Network Coding-based Data Gathering Model and Its Protocol in Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Qian Xiao

2012-09-01

Full Text Available To provide security for data gathering based on network coding in wireless sensor networks (WSNs, a secure network coding-based data gathering model is proposed, and a data-privacy preserving and pollution preventing (DPPaamp;PP protocol using network coding is designed. DPPaamp;PP makes use of a new proposed pollution symbol selection and pollution (PSSP scheme based on a new obfuscation idea to pollute existing symbols. Analyses of DPPaamp;PP show that it not only requires low overhead on computation and communication, but also provides high security on resisting brute-force attacks.

Compliant Interfacial Layers in Thermoelectric Devices

Science.gov (United States)

Firdosy, Samad A. (Inventor); Li, Billy Chun-Yip (Inventor); Ravi, Vilupanur A. (Inventor); Fleurial, Jean-Pierre (Inventor); Caillat, Thierry (Inventor); Anjunyan, Harut (Inventor)

2017-01-01

A thermoelectric power generation device is disclosed using one or more mechanically compliant and thermally and electrically conductive layers at the thermoelectric material interfaces to accommodate high temperature differentials and stresses induced thereby. The compliant material may be metal foam or metal graphite composite (e.g. using nickel) and is particularly beneficial in high temperature thermoelectric generators employing Zintl thermoelectric materials. The compliant material may be disposed between the thermoelectric segments of the device or between a thermoelectric segment and the hot or cold side interconnect of the device.

Dynamic quality of service model for improving performance of multimedia real-time transmission in industrial networks.

Science.gov (United States)

Gopalakrishnan, Ravichandran C; Karunakaran, Manivannan

2014-01-01

Nowadays, quality of service (QoS) is very popular in various research areas like distributed systems, multimedia real-time applications and networking. The requirements of these systems are to satisfy reliability, uptime, security constraints and throughput as well as application specific requirements. The real-time multimedia applications are commonly distributed over the network and meet various time constraints across networks without creating any intervention over control flows. In particular, video compressors make variable bit-rate streams that mismatch the constant-bit-rate channels typically provided by classical real-time protocols, severely reducing the efficiency of network utilization. Thus, it is necessary to enlarge the communication bandwidth to transfer the compressed multimedia streams using Flexible Time Triggered- Enhanced Switched Ethernet (FTT-ESE) protocol. FTT-ESE provides automation to calculate the compression level and change the bandwidth of the stream. This paper focuses on low-latency multimedia transmission over Ethernet with dynamic quality-of-service (QoS) management. This proposed framework deals with a dynamic QoS for multimedia transmission over Ethernet with FTT-ESE protocol. This paper also presents distinct QoS metrics based both on the image quality and network features. Some experiments with recorded and live video streams show the advantages of the proposed framework. To validate the solution we have designed and implemented a simulator based on the Matlab/Simulink, which is a tool to evaluate different network architecture using Simulink blocks.

Improving the security of a quantum secret sharing protocol between multiparty and multiparty without entanglement

International Nuclear Information System (INIS)

Han Lianfang; Liu Yimin; Shi Shouhua; Zhang Zhanjun

2007-01-01

Recently Yan and Gao [F.L. Yan, T. Gao, Phys. Rev. A 72 (2005) 012304] have proposed a quantum secret sharing protocol which allows a secret message to be shared between one group of m parties and another group of n parties. The protocol is claimed to be secure. In this Letter, first we show that any subgroup consisting of evil cooperative parties (or one and only one evil party) can successfully cheat other parties to obtain the secret message without being detected. Then we improve the original Yan-Gao protocol such that the insider's cheats are prevented

Drag reduction through self-texturing compliant bionic materials

OpenAIRE

Eryong Liu; Longyang Li; Gang Wang; Zhixiang Zeng; Wenjie Zhao; Qunji Xue

2017-01-01

Compliant fish skin is effectively in reducing drag, thus the design and application of compliant bionic materials may be a good choice for drag reduction. Here we consider the drag reduction of compliant bionic materials. First, ZnO and PDMS mesh modified with n-octadecane were prepared, the drag reduction of self-texturing compliant n-octadecane were studied. The results show that the mesh modified by ZnO and PDMS possess excellent lipophilic and hydrophobic, thus n-octadecane at solid, sem...

GUI implementation of image encryption and decryption using Open CV-Python script on secured TFTP protocol

Science.gov (United States)

Reddy, K. Rasool; Rao, Ch. Madhava

2018-04-01

Currently safety is one of the primary concerns in the transmission of images due to increasing the use of images within the industrial applications. So it's necessary to secure the image facts from unauthorized individuals. There are various strategies are investigated to secure the facts. In that encryption is certainly one of maximum distinguished method. This paper gives a sophisticated Rijndael (AES) algorithm to shield the facts from unauthorized humans. Here Exponential Key Change (EKE) concept is also introduced to exchange the key between client and server. The things are exchange in a network among client and server through a simple protocol is known as Trivial File Transfer Protocol (TFTP). This protocol is used mainly in embedded servers to transfer the data and also provide protection to the data if protection capabilities are integrated. In this paper, implementing a GUI environment for image encryption and decryption. All these experiments carried out on Linux environment the usage of Open CV-Python script.

The Security Analysis of Two-Step Quantum Direct Communication Protocol in Collective-Rotation Noise Channel

International Nuclear Information System (INIS)

Li Jian; Sun Feng-Qi; Pan Ze-Shi; Nie Jin-Rui; Chen Yan-Hua; Yuan Kai-Guo

2015-01-01

To analyze the security of two-step quantum direct communication protocol (QDCP) by using Einstein–Podolsky–Rosen pair proposed by Deng et al. [Phys. Rev. A 68 (2003) 042317] in collective-rotation noise channel, an excellent model of noise analysis is proposed. In the security analysis, the method of the entropy theory is introduced, and is compared with QDCP, an error rate point Q 0 (M : (Q 0 , 1.0)) is given. In different noise levels, if Eve wants to obtain the same amount of information, the error rate Q is distinguishable. The larger the noise level ϵ is, the larger the error rate Q is. When the noise level ϵ is lower than 11%, the high error rate is 0.153 without eavesdropping. Lastly, the security of the proposed protocol is discussed. It turns out that the quantum channel will be safe when Q < 0.153. Similarly, if error rate Q > 0.153 = Q 0 , eavesdropping information I > 1, which means that there exist eavesdroppers in the quantum channel, and the quantum channel will not be safe anymore. (paper)

Multi-Class load balancing scheme for QoS and energy ...

African Journals Online (AJOL)

Multi-Class load balancing scheme for QoS and energy conservation in cloud computing. ... If you would like more information about how to print, save, and work with PDFs, Highwire Press provides a helpful Frequently Asked Questions about PDFs. Alternatively, you can download the PDF file directly to your computer, from ...

DICOM image secure communications with Internet protocols IPv6 and IPv4.

Science.gov (United States)

Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

2007-01-01

Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

Protocol and the post-human performativity of security techniques.

Science.gov (United States)

O'Grady, Nathaniel

2016-07-01

This article explores the deployment of exercises by the United Kingdom Fire and Rescue Service. Exercises stage, simulate and act out potential future emergencies and in so doing help the Fire and Rescue Service prepare for future emergencies. Specifically, exercises operate to assess and develop protocol; sets of guidelines which plan out the actions undertaken by the Fire and Rescue Service in responding to a fire. In the article I outline and assess the forms of knowledge and technologies, what I call the 'aesthetic forces', by which the exercise makes present and imagines future emergencies. By critically engaging with Karen Barad's notion of post-human performativity, I argue that exercises provide a site where such forces can entangle with one another; creating a bricolage through which future emergencies are evoked sensually and representatively, ultimately making it possible to experience emergencies in the present. This understanding of exercises allows also for critical appraisal of protocol both as phenomena that are produced through the enmeshing of different aesthetic forces and as devices which premise the operation of the security apparatus on contingency.

Security Implications of OPC, OLE, DCOM, and RPC in Control Systems

Energy Technology Data Exchange (ETDEWEB)

2006-01-01

OPC is a collection of software programming standards and interfaces used in the process control industry. It is intended to provide open connectivity and vendor equipment interoperability. The use of OPC technology simplifies the development of control systems that integrate components from multiple vendors and support multiple control protocols. OPC-compliant products are available from most control system vendors, and are widely used in the process control industry. OPC was originally known as OLE for Process Control; the first standards for OPC were based on underlying services in the Microsoft Windows computing environment. These underlying services (OLE [Object Linking and Embedding], DCOM [Distributed Component Object Model], and RPC [Remote Procedure Call]) have been the source of many severe security vulnerabilities. It is not feasible to automatically apply vendor patches and service packs to mitigate these vulnerabilities in a control systems environment. Control systems using the original OPC data access technology can thus inherit the vulnerabilities associated with these services. Current OPC standardization efforts are moving away from the original focus on Microsoft protocols, with a distinct trend toward web-based protocols that are independent of any particular operating system. However, the installed base of OPC equipment consists mainly of legacy implementations of the OLE for Process Control protocols.

Secure E-Commerce Protocol

OpenAIRE

Khalid Haseeb, Muhammad Arshad, Shoukat Ali, Shazia Yasin

2011-01-01

E-commerce has presented a new way of doing business all over the world using internet.Organizations have changed their way of doing business from a traditional approach to embrace ecommerceprocesses. As individuals and businesses increase information sharing, a concernregarding the exchange of money securely and conveniently over the internet increases. Therefore,security is a necessity in an e-commerce transaction. The purpose of this paper is to present atoken based Secure E-commerce Proto...

A framework for QoS & mobility in the Internet next generation

NARCIS (Netherlands)

Rexhepi, Vlora; Karagiannis, Georgios; Heijenk, Geert; Pras, Aiko

2000-01-01

It is expected that the Internet next generation architecture will support applications with different quality of service requirements, independently of whether their location is fixed or mobile. However, enabling QoS in Internet is a tough challenge, and it gets even tougher when the mobile

A framework for QoS & mobility in the Internet next generation

NARCIS (Netherlands)

Karagiannis, Georgios; Rexhepi, Vlora; Heijenk, Geert

It is expected that the next generation Internet architecture will support applications with different quality of service requirements, independently of whether their location is fixed or movable. However, enabling QoS in Internet is a tough challenge, and it gets even tougher when the mobile

Dynamic Resource Allocation and QoS Control Capabilities of the Japanese Academic Backbone Network

Directory of Open Access Journals (Sweden)

Michihiro Aoki

2010-08-01

Full Text Available Dynamic resource control capabilities have become increasingly important for academic networks that must support big scientific research projects at the same time as less data intensive research and educational activities. This paper describes the dynamic resource allocation and QoS control capabilities of the Japanese academic backbone network, called SINET3, which supports a variety of academic applications with a wide range of network services. The article describes the network architecture, networking technologies, resource allocation, QoS control, and layer-1 bandwidth on-demand services. It also details typical services developed for scientific research, including the user interface, resource control, and management functions, and includes performance evaluations.

Double C-NOT attack and counterattack on `Three-step semi-quantum secure direct communication protocol'

Science.gov (United States)

Gu, Jun; Lin, Po-hua; Hwang, Tzonelih

2018-07-01

Recently, Zou and Qiu (Sci China Phys Mech Astron 57:1696-1702, 2014) proposed a three-step semi-quantum secure direct communication protocol allowing a classical participant who does not have a quantum register to securely send his/her secret message to a quantum participant. However, this study points out that an eavesdropper can use the double C-NOT attack to obtain the secret message. To solve this problem, a modification is proposed.

Drag reduction through self-texturing compliant bionic materials

Science.gov (United States)

Liu, Eryong; Li, Longyang; Wang, Gang; Zeng, Zhixiang; Zhao, Wenjie; Xue, Qunji

2017-01-01

Compliant fish skin is effectively in reducing drag, thus the design and application of compliant bionic materials may be a good choice for drag reduction. Here we consider the drag reduction of compliant bionic materials. First, ZnO and PDMS mesh modified with n-octadecane were prepared, the drag reduction of self-texturing compliant n-octadecane were studied. The results show that the mesh modified by ZnO and PDMS possess excellent lipophilic and hydrophobic, thus n-octadecane at solid, semisolid and liquid state all have good adhesion with modified mesh. The states of n-octadecane changed with temperature, thus, the surface contact angle and adhesive force all varies obviously at different state. The contact angle decreases with temperature, the adhesive force shows a lower value at semisolid state. Furthermore, the drag testing results show that the compliant n-octadecane film is more effectively in drag reduction than superhydrophobic ZnO/PDMS film, indicating that the drag reduction mechanism of n-octadecane is significantly different with superhydrophobic film. Further research shows that the water flow leads to self-texturing of semisolid state n-octadecane, which is similar with compliant fish skin. Therefore, the compliant bionic materials of semisolid state n-octadecane with regular bulge plays a major role in the drag reduction.

Molecules for security measures: from keypad locks to advanced communication protocols.

Science.gov (United States)

Andréasson, J; Pischel, U

2018-04-03

The idea of using molecules in the context of information security has sparked the interest of researchers from many scientific disciplines. This is clearly manifested in the diversity of the molecular platforms and the analytical techniques used for this purpose, some of which we highlight in this Tutorial Review. Moreover, those molecular systems can be used to emulate a broad spectrum of security measures. For a long time, molecular keypad locks enjoyed a clear preference and the review starts off with a description of how these devices developed. In the last few years, however, the field has evolved into something larger. Examples include more complex authentication protocols (multi-factor authentication and one-time passwords), the recognition of erroneous procedures in data transmission (parity devices), as well as steganographic and cryptographic protection.

Caracterización de IPv6

Directory of Open Access Journals (Sweden)

Carlos A. Castillo Medina

2013-05-01

Full Text Available The present paper attempts to survey the current state of the network protocol called IPv6; starting from the evolution of IPv4 (which motivated the design of new features to the details that are comprised in the new version of the Internet Protocol. The main sections explain the drawbacks of IPv4 that can be overcome by implementing IPv6, highlighting aspects such as security, mobility, and Quality of Service (QoS.

Analysis of the End-by-Hop Protocol for Secure Aggregation in Sensor Networks

DEFF Research Database (Denmark)

Zenner, Erik

In order to save bandwidth and thus battery power, sensor network measurements are sometimes aggregated en-route while being reported back to the querying server. Authentication of the measurements then becomes a challenge if message integrity is important for the application. At ESAS 2007, the End......-by-Hop protocol for securing in-network aggregation for sensor nodes was presented. The solution was claimed to be secure and efficient and to provide the possibility of trading off bandwidth against computation time on the server. In this paper, we disprove these claims. We describe several attacks against...... the proposed solution and point out shortcomings in the original complexity analysis. In particular, we show that the proposed solution is inferior to a naive solution without in-network aggregation both in security and in efficiency....

Generation of Compliant Mechanisms using Hybrid Genetic Algorithm

Science.gov (United States)

Sharma, D.; Deb, K.

2014-10-01

Compliant mechanism is a single piece elastic structure which can deform to perform the assigned task. In this work, compliant mechanisms are evolved using a constraint based bi-objective optimization formulation which requires one user defined parameter ( η). This user defined parameter limits a gap between a desired path and an actual path traced by the compliant mechanism. The non-linear and discrete optimization problems are solved using the hybrid Genetic Algorithm (GA) wherein domain specific initialization, two-dimensional crossover operator and repairing techniques are adopted. A bit-wise local search method is used with elitist non-dominated sorting genetic algorithm to further refine the compliant mechanisms. Parallel computations are performed on the master-slave architecture to reduce the computation time. A parametric study is carried out for η value which suggests a range to evolve topologically different compliant mechanisms. The applied and boundary conditions to the compliant mechanisms are considered the variables that are evolved by the hybrid GA. The post-analysis of results unveils that the complaint mechanisms are always supported at unique location that can evolve the non-dominated solutions.

QoS Provisioning Techniques for Future Fiber-Wireless (FiWi Access Networks

Directory of Open Access Journals (Sweden)

Martin Maier

2010-04-01

Full Text Available A plethora of enabling optical and wireless access-metro network technologies have been emerging that can be used to build future-proof bimodal fiber-wireless (FiWi networks. Hybrid FiWi networks aim at providing wired and wireless quad-play services over the same infrastructure simultaneously and hold great promise to mitigate the digital divide and change the way we live and work by replacing commuting with teleworking. After overviewing enabling optical and wireless network technologies and their QoS provisioning techniques, we elaborate on enabling radio-over-fiber (RoF and radio-and-fiber (R&F technologies. We describe and investigate new QoS provisioning techniques for future FiWi networks, ranging from traffic class mapping, scheduling, and resource management to advanced aggregation techniques, congestion control, and layer-2 path selection algorithms.

QoS Differential Scheduling in Cognitive-Radio-Based Smart Grid Networks: An Adaptive Dynamic Programming Approach.

Science.gov (United States)

Yu, Rong; Zhong, Weifeng; Xie, Shengli; Zhang, Yan; Zhang, Yun

2016-02-01

As the next-generation power grid, smart grid will be integrated with a variety of novel communication technologies to support the explosive data traffic and the diverse requirements of quality of service (QoS). Cognitive radio (CR), which has the favorable ability to improve the spectrum utilization, provides an efficient and reliable solution for smart grid communications networks. In this paper, we study the QoS differential scheduling problem in the CR-based smart grid communications networks. The scheduler is responsible for managing the spectrum resources and arranging the data transmissions of smart grid users (SGUs). To guarantee the differential QoS, the SGUs are assigned to have different priorities according to their roles and their current situations in the smart grid. Based on the QoS-aware priority policy, the scheduler adjusts the channels allocation to minimize the transmission delay of SGUs. The entire transmission scheduling problem is formulated as a semi-Markov decision process and solved by the methodology of adaptive dynamic programming. A heuristic dynamic programming (HDP) architecture is established for the scheduling problem. By the online network training, the HDP can learn from the activities of primary users and SGUs, and adjust the scheduling decision to achieve the purpose of transmission delay minimization. Simulation results illustrate that the proposed priority policy ensures the low transmission delay of high priority SGUs. In addition, the emergency data transmission delay is also reduced to a significantly low level, guaranteeing the differential QoS in smart grid.

A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

Directory of Open Access Journals (Sweden)

Chenyu Wang

2018-01-01

Full Text Available With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that (1 their description of the adversary’s abilities is inaccurate; (2 their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.

HITACHI security concept for industrial control systems

International Nuclear Information System (INIS)

Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

2012-01-01

Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

An SDN-Based Authentication Mechanism for Securing Neighbor Discovery Protocol in IPv6

Directory of Open Access Journals (Sweden)

Yiqin Lu

2017-01-01

Full Text Available The Neighbor Discovery Protocol (NDP is one of the main protocols in the Internet Protocol version 6 (IPv6 suite, and it provides many basic functions for the normal operation of IPv6 in a local area network (LAN, such as address autoconfiguration and address resolution. However, it has many vulnerabilities that can be used by malicious nodes to launch attacks, because the NDP messages are easily spoofed without protection. Surrounding this problem, many solutions have been proposed for securing NDP, but these solutions either proposed new protocols that need to be supported by all nodes or built mechanisms that require the cooperation of all nodes, which is inevitable in the traditional distributed networks. Nevertheless, Software-Defined Networking (SDN provides a new perspective to think about protecting NDP. In this paper, we proposed an SDN-based authentication mechanism to verify the identity of NDP packets transmitted in a LAN. Using the centralized control and programmability of SDN, it can effectively prevent the spoofing attacks and other derived attacks based on spoofing. In addition, this mechanism needs no additional protocol supporting or configuration at hosts and routers and does not introduce any dedicated devices.

Compliant thermal microactuators

DEFF Research Database (Denmark)

Jonsmann, Jacques; Sigmund, Ole; Bouwstra, Siebe

1999-01-01

Two dimensional compliant metallic thermal microactuators are designed using topology optimisation, and microfabricated using rapid prototyping techniques. Structures are characterised using advanced image analysis, yielding a very high precision. Characterised structures behave in accordance...

Network Architecture: lessons from the past, vision for the future

CERN Multimedia

CERN. Geneva

2004-01-01

The Architectural Principles of the Internet have dominated the past decade. Orthogonal to the telecommunications industry principles, they dramatically changed the networking landscape because they relied on iconoclastic ideas. First, the Internet end-to-end principle, which stipulates that the network should intervene minimally on the end-to-end traffic, pushing the complexity to the end-systems. Second, the ban of centralized functions: all the Internet techniques (routing, DNS, management) are based on distributed, decentralized mechanisms. Third, the absolute domination of connectionless (stateless) protocols (as with IP, HTTTP). However, when facing new requirements: multimedia traffic, security, Grid applications, these principles appear sometimes as architectural barriers. Multimedia requires QoS guarantees, but stateless systems are not good at QoS. Security requires active, intelligent networks, but dumb routers or plain end-to-end mail systems are insufficient. Grid applications require...

Collaborative QoS Prediction for Mobile Service with Data Filtering and SlopeOne Model

Directory of Open Access Journals (Sweden)

Yuyu Yin

2017-01-01

Full Text Available The mobile service is a widely used carrier for mobile applications. With the increase of the number of mobile services, for service recommendation and selection, the nonfunctional properties (also known as quality of service, QoS become increasingly important. However, in many cases, the number of mobile services invoked by a user is quite limited, which leads to the large number of missing QoS values. In recent years, many prediction algorithms, such as algorithms extended from collaborative filtering (CF, are proposed to predict QoS values. However, the ideas of most existing algorithms are borrowed from the recommender system community, not specific for mobile service. In this paper, we first propose a data filtering-extended SlopeOne model (filtering-based CF, which is based on the characteristics of a mobile service and considers the relation with location. Also, using the data filtering technique in FB-CF and matrix factorization (MF, this paper proposes another model FB-MF (filtering-based MF. We also build an ensemble model, which combines the prediction results of FB-CF model and FB-MF model. We conduct sufficient experiments, and the experimental results demonstrate that our models outperform all compared methods and achieve good results in high data sparsity scenario.

Dynamic Model of Islamic Hybrid Securities: Empirical Evidence From Malaysia Islamic Capital Market

Directory of Open Access Journals (Sweden)

Jaafar Pyeman

2016-12-01

Full Text Available Capital structure selection is fundamentally important in corporate financial management as it influence on mutually return and risk to stakeholders. Despite of Malaysia’s position as one of the major players of Islamic Financial Market, there are still lack of studies has been conducted on the capital structure of shariah compliant firms especially related to hybrid securities. The objective of this study is to determine the hybrid securities issuance model among the shariah compliant firms in Malaysia. As such, this study is to expand the literature review by providing comprehensive analysis on the hybrid capital structure and to develop dynamic Islamic hybrid securities model for shariah compliant firms. We use panel data of 50 companies that have been issuing the hybrid securities from the year of 2004- 2012. The outcomes of the studies are based on the dynamic model GMM estimation for the determinants of hybrid securities. Based on our model, risk and growth are considered as the most determinant factors for issuing convertible bond and loan stock. These results suggest that, the firms that have high risk but having good growth prospect will choose hybrid securities of convertible bond. The model also support the backdoor equity listing hypothesis by Stein (1992 where the hybrid securities enable the profitable firms to venture into positive NPV project by issuing convertible bond as it offer lower coupon rate as compare to the normal debt rate

Traffic Agents for Improving QoS in Mixed Infrastructure and Ad Hoc Modes Wireless LAN

Directory of Open Access Journals (Sweden)

Yuan Hai-Feng

2006-01-01

Full Text Available As an important complement to infrastructured wireless networks, mobile ad hoc networks (MANET are more flexible in providing wireless access services, but more difficult in meeting different quality of service (QoS requirements for mobile customers. Both infrastructure and ad hoc network structures are supported in wireless local area networks (WLAN, which can offer high data-rate wireless multimedia services to the mobile stations (MSs in a limited geographical area. For those out-of-coverage MSs, how to effectively connect them to the access point (AP and provide QoS support is a challenging issue. By mixing the infrastructure and the ad hoc modes in WLAN, we propose in this paper a new coverage improvement scheme that can identify suitable idle MSs in good service zones as traffic agents (TAs to relay traffic from those out-of-coverage MSs to the AP. The service coverage area of WLAN is then expanded. The QoS requirements (e.g., bandwidth of those MSs are considered in the selection process of corresponding TAs. Mathematical analysis, verified by computer simulations, shows that the proposed TA scheme can effectively reduce blocking probability when traffic load is light.

A New Resources Provisioning Method Based on QoS Differentiation and VM Resizing in IaaS

Directory of Open Access Journals (Sweden)

Rongdong Hu

2015-01-01

Full Text Available In order to improve the host energy efficiency in IaaS, we proposed an adaptive host resource provisioning method, CoST, which is based on QoS differentiation and VM resizing. The control model can adaptively adjust control parameters according to real time application performance, in order to cope with changes in load. CoST takes advantage of the fact that different types of applications have different sensitivity degrees to performance and cost. It places two different types of VMs on the same host and dynamically adjusts their sizes based on the load forecasting and QoS feedback. It not only guarantees the performance defined in SLA, but also keeps the host running in energy-efficient state. Real Google cluster trace and host power data are used to evaluate the proposed method. Experimental results show that CoST can provide performance-sensitive application with a steady QoS and simultaneously speed up the overall processing of performance-tolerant application by 20~66%. The host energy efficiency is significantly improved by 7~23%.

Are wearable devices ready for HTTPS? Measuring the cost of secure communication protocols on wearable devices

OpenAIRE

Kolamunna, Harini; Chauhan, Jagmohan; Hu, Yining; Thilakarathna, Kanchana; Perino, Diego; Makaroff, Dwight; Seneviratne, Aruna

2016-01-01

The majority of available wearable devices require communication with Internet servers for data analysis and storage, and rely on a paired smartphone to enable secure communication. However, wearable devices are mostly equipped with WiFi network interfaces, enabling direct communication with the Internet. Secure communication protocols should then run on these wearables itself, yet it is not clear if they can be efficiently supported. In this paper, we show that wearable devices are ready for...

A compliant underactuated hand with suction flow for underwater mobile manipulation

KAUST Repository

Stuart, Hannah S.

2014-05-01

© 2014 IEEE. Fingertip suction is investigated using a compliant, underactuated, tendon-driven hand designed for underwater mobile manipulation. Tendon routing and joint stiffnesses are designed to provide ease of closure while maintaining finger rigidity, allowing the hand to pinch small objects, as well as secure large objects, without diminishing strength. While the hand is designed to grasp a range of objects, the addition of light suction flow to the fingertips is especially effective for small, low-friction (slippery) objects. Numerical simulations confirm that changing suction parameters can increase the object acquisition region, providing guidelines for future versions of the hand.

A compliant underactuated hand with suction flow for underwater mobile manipulation

KAUST Repository

Stuart, Hannah S.; Wang, Shiquan; Gardineer, Bayard; Christensen, David L.; Aukes, Daniel M.; Cutkosky, Mark

2014-01-01

© 2014 IEEE. Fingertip suction is investigated using a compliant, underactuated, tendon-driven hand designed for underwater mobile manipulation. Tendon routing and joint stiffnesses are designed to provide ease of closure while maintaining finger rigidity, allowing the hand to pinch small objects, as well as secure large objects, without diminishing strength. While the hand is designed to grasp a range of objects, the addition of light suction flow to the fingertips is especially effective for small, low-friction (slippery) objects. Numerical simulations confirm that changing suction parameters can increase the object acquisition region, providing guidelines for future versions of the hand.

Using latency as a QoS indicator for global cloud computing services

DEFF Research Database (Denmark)

Pedersen, Jens Myrup; Riaz, Tahir; Dubalski, Bozydar

2013-01-01

Many globally distributed cloud computing (CC) applications and services running over the Internet, between globally dispersed clients and servers, will require certain levels of QoS in order to deliver and give a sufficiently smooth user experience. This would be essential for real-time streaming...

Topology synthesis of large-displacement compliant mechanisms

DEFF Research Database (Denmark)

Pedersen, Claus B. Wittendorf; Buhl, Thomas; Sigmund, Ole

2001-01-01

This paper describes the use of topology optimization as a synthesis tool for the design of large-displacement compliant mechanisms. An objective function for the synthesis of large-displacement mechanisms is proposed together with a formulation for synthesis of path-generating compliant mechanisms...

Compliant walking appears metabolically advantageous at extreme step lengths.

Science.gov (United States)

Kim, Jaehoon; Bertram, John E A

2018-05-19

Humans alter gait in response to unusual gait circumstances to accomplish the task of walking. For instance, subjects spontaneously increase leg compliance at a step length threshold as step length increases. Here we test the hypothesis that this transition occurs based on the level of energy expenditure, where compliant walking becomes less energetically demanding at long step lengths. To map and compare the metabolic cost of normal and compliant walking as step length increases. 10 healthy individuals walked on a treadmill using progressively increasing step lengths (100%, 120%, 140% and 160% of preferred step length), in both normal and compliant leg walking as energy expenditure was recorded via indirect calorimetry. Leg compliance was controlled by lowering the center-of-mass trajectory during stance, forcing the leg to flex and extend as the body moved over the foot contact. For normal step lengths, compliant leg walking was more costly than normal walking gait, but compliant leg walking energetic cost did not increase as rapidly for longer step lengths. This led to an intersection between normal and compliant walking cost curves at 114% relative step length (regression analysis; r 2  = 0.92 for normal walking; r 2  = 0.65 for compliant walking). Compliant leg walking is less energetically demanding at longer step lengths where a spontaneous shift to compliant walking has been observed, suggesting the human motor control system is sensitive to energetic requirements and will employ alternate movement patterns if advantageous strategies are available. The transition could be attributed to the interplay between (i) leg work controlling body travel during single stance and (ii) leg work to control energy loss in the step-to-step transition. Compliant leg walking requires more stance leg work at normal step lengths, but involves less energy loss at the step-to-step transition for very long steps. Copyright © 2018 Elsevier B.V. All rights reserved.

Learning-Based QoS Control Algorithms for Next Generation Internet of Things

Directory of Open Access Journals (Sweden)

Sungwook Kim

2015-01-01

Full Text Available The Internet has become an evolving entity, growing in importance and creating new value through its expansion and added utilization. The Internet of Things (IoT is a new concept associated with the future Internet and has recently become popular in a dynamic and global network infrastructure. However, in an IoT implementation, it is difficult to satisfy different Quality of Service (QoS requirements and achieve rapid service composition and deployment. In this paper, we propose a new QoS control scheme for IoT systems. Based on the Markov game model, the proposed scheme can effectively allocate IoT resources while maximizing system performance. In multiagent environments, a game theory approach can provide an effective decision-making framework for resource allocation problems. To verify the results of our study, we perform a simulation and confirm that the proposed scheme can achieve considerably improved system performance compared to existing schemes.

Hybrid-secure MPC 

DEFF Research Database (Denmark)

Lucas, Christoph; Raub, Dominik; Maurer, Ueli

2010-01-01

of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

Security and privacy in biometrics

CERN Document Server

Campisi, Patrizio

2013-01-01

This important text/reference presents the latest secure and privacy-compliant techniques in automatic human recognition. Featuring viewpoints from an international selection of experts in the field, the comprehensive coverage spans both theory and practical implementations, taking into consideration all ethical and legal issues. Topics and features: presents a unique focus on novel approaches and new architectures for unimodal and multimodal template protection; examines signal processing techniques in the encrypted domain, security and privacy leakage assessment, and aspects of standardizati

Improving Podcast Distribution on Gwanda using PrivHab: a Multiagent Secure Georouting Protocol.

Directory of Open Access Journals (Sweden)

Adrián SÁNCHEZ-CARMONA

2015-12-01

Full Text Available We present PrivHab, a multiagent secure georouting protocol that improves podcast distribution on Gwanda, Zimbabwe. PrivHab learns the whereabouts of the nodes of the network to select an itinerary for each agent carrying a piece of data. PrivHab makes use of cryptographic techniques to make the decisions while preserving nodes' privacy. PrivHab uses a waypoint-based georouting that achieves a high performance and low overhead in rugged terrain areas that are plenty of physical obstacles. The store-carry-and-forward approach used is based on mobile agents and is designed to operate in areas that lack network infrastructure. The PrivHab protocol is compared with a set of well-known delay-tolerant routing algorithms and shown to outperform them.

Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

Science.gov (United States)

Pathak, Rohit; Joshi, Satyadhar

With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP

AN AUTOMATED END-TO-END MULTI-AGENT QOS BASED ARCHITECTURE FOR SELECTION OF GEOSPATIAL WEB SERVICES

Directory of Open Access Journals (Sweden)

M. Shah

2012-07-01

With the proliferation of web services published over the internet, multiple web services may provide similar functionality, but with different non-functional properties. Thus, Quality of Service (QoS offers a metric to differentiate the services and their service providers. In a quality-driven selection of web services, it is important to consider non-functional properties of the web service so as to satisfy the constraints or requirements of the end users. The main intent of this paper is to build an automated end-to-end multi-agent based solution to provide the best-fit web service to service requester based on QoS.

Analysis of security protocols based on challenge-response

Institute of Scientific and Technical Information of China (English)

LUO JunZhou; YANG Ming

2007-01-01

Security protocol is specified as the procedure of challenge-response, which uses applied cryptography to confirm the existence of other principals and fulfill some data negotiation such as session keys. Most of the existing analysis methods,which either adopt theorem proving techniques such as state exploration or logic reasoning techniques such as authentication logic, face the conflicts between analysis power and operability. To solve the problem, a new efficient method is proposed that provides SSM semantics-based definition of secrecy and authentication goals and applies authentication logic as fundamental analysis techniques,in which secrecy analysis is split into two parts: Explicit-Information-Leakage and Implicit-Information-Leakage, and correspondence analysis is concluded as the analysis of the existence relationship of Strands and the agreement of Strand parameters. This new method owns both the power of the Strand Space Model and concision of authentication logic.

Fuzzy Logic-based Intelligent Scheme for Enhancing QoS of Vertical Handover Decision in Vehicular Ad-hoc Networks

Science.gov (United States)

Azzali, F.; Ghazali, O.; Omar, M. H.

2017-08-01

The design of next generation networks in various technologies under the “Anywhere, Anytime” paradigm offers seamless connectivity across different coverage. A conventional algorithm such as RSSThreshold algorithm, that only uses the received strength signal (RSS) as a metric, will decrease handover performance regarding handover latency, delay, packet loss, and handover failure probability. Moreover, the RSS-based algorithm is only suitable for horizontal handover decision to examine the quality of service (QoS) compared to the vertical handover decision in advanced technologies. In the next generation network, vertical handover can be started based on the user’s convenience or choice rather than connectivity reasons. This study proposes a vertical handover decision algorithm that uses a Fuzzy Logic (FL) algorithm, to increase QoS performance in heterogeneous vehicular ad-hoc networks (VANET). The study uses network simulator 2.29 (NS 2.29) along with the mobility traffic network and generator to implement simulation scenarios and topologies. This helps the simulation to achieve a realistic VANET mobility scenario. The required analysis on the performance of QoS in the vertical handover can thus be conducted. The proposed Fuzzy Logic algorithm shows improvement over the conventional algorithm (RSSThreshold) in the average percentage of handover QoS whereby it achieves 20%, 21% and 13% improvement on handover latency, delay, and packet loss respectively. This is achieved through triggering a process in layer two and three that enhances the handover performance.

WiMax network planning and optimization

CERN Document Server

Zhang, Yan

2009-01-01

This book offers a comprehensive explanation on how to dimension, plan, and optimize WiMAX networks. The first part of the text introduces WiMAX networks architecture, physical layer, standard, protocols, security mechanisms, and highly related radio access technologies. It covers system framework, topology, capacity, mobility management, handoff management, congestion control, medium access control (MAC), scheduling, Quality of Service (QoS), and WiMAX mesh networks and security. Enabling easy understanding of key concepts and technologies, the second part presents practical examples and illu

Soporte de QoS con 802.11e para tráfico heterogéneo en ambientes MANET

OpenAIRE

Murazzo, María Antonia; Rodríguez, Nelson R.; Guevara, Miguel José; Scheffer, María

2014-01-01

Hoy en día existe una gran necesidad de mejorar la calidad de servicio (QoS) ofrecida en redes móviles Ad Hoc (Mobile Ad-Hoc Networks -MANET-) que actualmente sólo ofrecen servicio best effort. Esto posee gran impacto en las aplicaciones que se corren, las cuales generan tráficos con diferentes requerimientos de recursos de la red. El presente trabajo tiene como objetivo fundamental analizar el comportamiento de la implementación de QoS en la sub capa MAC mediante 802.11e en ambientes con trá...

Impact of the codec and various QoS methods on the final quality of the transferred voice in an IP network

International Nuclear Information System (INIS)

Slavata, Oldřich; Holub, Jan

2015-01-01

This paper deals with an analysis of the relation between the codec that is used, the QoS method, and the final voice transmission quality. The Cisco 2811 router is used for adjusting QoS. VoIP client Linphone is used for adjusting the codec. The criterion for transmission quality is the MOS parameter investigated with the ITU-T P.862 PESQ and P.863 POLQA algorithms

A survey of bio-inspired compliant legged robot designs

International Nuclear Information System (INIS)

Zhou Xiaodong; Bi Shusheng

2012-01-01

The roles of biological springs in vertebrate animals and their implementations in compliant legged robots offer significant advantages over the rigid legged ones in certain types of scenarios. A large number of robotics institutes have been attempting to work in conjunction with biologists and incorporated these principles into the design of biologically inspired robots. The motivation of this review is to investigate the most published compliant legged robots and categorize them according to the types of compliant elements adopted in their mechanical structures. Based on the typical robots investigated, the trade-off between each category is summarized. In addition, the most significant performances of these robots are compared quantitatively, and multiple available solutions for the future compliant legged robot design are suggested. Finally, the design challenges for compliant legged robots are analysed. This review will provide useful guidance for robotic designers in creating new designs by inheriting the virtues of those successful robots according to the specific tasks. (topical review)

Design and optimization of a bend-and-sweep compliant mechanism

International Nuclear Information System (INIS)

Tummala, Y; Frecker, M I; Wissa, A A; Hubbard Jr, J E

2013-01-01

A novel contact aided compliant mechanism called bend-and-sweep compliant mechanism is presented in this paper. This mechanism has nonlinear stiffness properties in two orthogonal directions. An angled compliant joint (ACJ) is the fundamental element of this mechanism. Geometric parameters of ACJs determine the stiffness of the compliant mechanism. This paper presents the design and optimization of bend-and-sweep compliant mechanism. A multi-objective optimization problem was formulated for design optimization of the bend-and-sweep compliant mechanism. The objectives of the optimization problem were to maximize or minimize the bending and sweep displacements, depending on the situation, while minimizing the von Mises stress and mass of each mechanism. This optimization problem was solved using NSGA-II (a genetic algorithm). The results of this optimization for a single ACJ during upstroke and downstroke are presented in this paper. Results of two different loading conditions used during optimization of a single ACJ for upstroke are presented. Finally, optimization results comparing the performance of compliant mechanisms with one and two ACJs are also presented. It can be inferred from these results that the number of ACJs and the design of each ACJ determines the stiffness of the bend-and-sweep compliant mechanism. These mechanisms can be used in various applications. The goal of this research is to improve the performance of ornithopters by passively morphing their wings. In order to achieve a bio-inspired wing gait called continuous vortex gait, the wings of the ornithopter need to bend, and sweep simultaneously. This can be achieved by inserting the bend-and-sweep compliant mechanism into the leading edge wing spar of the ornithopters. (paper)

Preliminary Assessment of a Compliant Gait Exoskeleton.

Science.gov (United States)

Cestari, Manuel; Sanz-Merodio, Daniel; Garcia, Elena

2017-06-01

Current commercial wearable gait exoskeletons contain joints with stiff actuators that cannot adapt to unpredictable environments. These actuators consume a significant amount of energy, and their stiffness may not be appropriate for safe human-machine interactions. Adjustable compliant actuators are being designed and implemented because of their ability to minimize large forces due to shocks, to safely interact with the user, and to store and release energy in passive elastic elements. Introduction of such compliant actuation in gait exoskeletons, however, has been limited by the larger power-to-weight and volume ratio requirement. This article presents a preliminary assessment of the first compliant exoskeleton for children. Compliant actuation systems developed by our research group were integrated into the ATLAS exoskeleton prototype. The resulting device is a compliant exoskeleton, the ATLAS-C prototype. The exoskeleton is coupled with a special standing frame to provide balance while allowing a semi-natural gait. Experiments show that when comparing the behavior of the joints under different stiffness conditions, the inherent compliance of the implemented actuators showed natural adaptability during the gait cycle and in regions of shock absorption. Torque tracking of the joint is achieved, identifying the areas of loading response. The implementation of a state machine in the control of knee motion allowed reutilization of the stored energy during deflection at the end of the support phase to partially propel the leg and achieve a more natural and free swing.

Development of A General Principle Solution Forisoagrinet Compliant Networking System Components in Animal Husbandry

Science.gov (United States)

Kuhlmann, Arne; Herd, Daniel; Röβler, Benjamin; Gallmann, Eva; Jungbluth, Thomas

In pig production software and electronic systems are widely used for process control and management. Unfortunately most devices on farms are proprietary solutions and autonomically working. To unify data communication of devices in agricultural husbandry, the international standard ISOagriNET (ISO 17532:2007) was developed. It defines data formats and exchange protocols, to link up devices like climate controls, feeding systems and sensors, but also management software. The aim of the research project, "Information and Data Collection in Livestock Systems" is to develop an ISOagriNET compliant IT system, a so called Farming Cell. It integrates all electronic components to acquire the available data and information for pig fattening. That way, an additional benefit to humans, animals and the environment regarding process control and documentation, can be generated. Developing the Farming Cell is very complex; in detail it is very difficult and long-winded to integrate hardware and software by various vendors into an ISOagriNET compliant IT system. This ISOagriNET prototype shows as a test environment the potential of this new standard.

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

Science.gov (United States)

Sklavos, N.; Selimis, G.; Koufopavlou, O.

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

International Nuclear Information System (INIS)

Sklavos, N; Selimis, G; Koufopavlou, O

2005-01-01

The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given

Voice over Internet Protocol (VOIP Pada Jaringan Nirkabel Berbasis Raspberry Pi

Directory of Open Access Journals (Sweden)

Rini Handayani

2017-05-01

Full Text Available Voice Over Internet Protocol (VoIP merupakan satu teknologi telekomunikasi yang mampu melewatkan layanan komunikasi dalam jaringan Internet Protocol sehingga memungkinkan antar pengguna berkomunikasi suara dalam jaringan IP. Kelebihan dari VoIP ini mampu melakukan efisiensi bandwith dan biaya pengelolaan dengan memanfaatkan Raspberry Pi sebagai server VoIP. Dalam penelitian ini, VoIP dibangun pada Sistem Operasi Linux dengan aplikasi Asterisk dan RasPBX yang diintegrasikan pada Raspberry Pi dengan menggunakan jaringan nirkabel lokal sebagai media transmisi. Sistem ini diujikan dengan menggunakan dua tipe client, yaitu PC dan smartphone dengan mengukur QoS dengan rata-rata delay 0.4463ms, rata-rata throughput 16.36KBps, rata-rata packet loss 0.889% dan jitter 1.102ms.

Cryptographic Protocols:

DEFF Research Database (Denmark)

Geisler, Martin Joakim Bittel

cryptography was thus concerned with message confidentiality and integrity. Modern cryptography cover a much wider range of subjects including the area of secure multiparty computation, which will be the main topic of this dissertation. Our first contribution is a new protocol for secure comparison, presented...... implemented the comparison protocol in Java and benchmarks show that is it highly competitive and practical. The biggest contribution of this dissertation is a general framework for secure multiparty computation. Instead of making new ad hoc implementations for each protocol, we want a single and extensible...... in Chapter 2. Comparisons play a key role in many systems such as online auctions and benchmarks — it is not unreasonable to say that when parties come together for a multiparty computation, it is because they want to make decisions that depend on private information. Decisions depend on comparisons. We have...

A QoS Optimization Approach in Cognitive Body Area Networks for Healthcare Applications.

Science.gov (United States)

Ahmed, Tauseef; Le Moullec, Yannick

2017-04-06

Wireless body area networks are increasingly featuring cognitive capabilities. This work deals with the emerging concept of cognitive body area networks. In particular, the paper addresses two important issues, namely spectrum sharing and interferences. We propose methods for channel and power allocation. The former builds upon a reinforcement learning mechanism, whereas the latter is based on convex optimization. Furthermore, we also propose a mathematical channel model for off-body communication links in line with the IEEE 802.15.6 standard. Simulation results for a nursing home scenario show that the proposed approach yields the best performance in terms of throughput and QoS for dynamic environments. For example, in a highly demanding scenario our approach can provide throughput up to 7 Mbps, while giving an average of 97.2% of time QoS satisfaction in terms of throughput. Simulation results also show that the power optimization algorithm enables reducing transmission power by approximately 4.5 dBm, thereby sensibly and significantly reducing interference.

The Study of MSADQ/CDMA Protocol in Voice/Data Integration Packet Networks

Institute of Scientific and Technical Information of China (English)

无

2001-01-01

A new packet medium access protocol, namely, minislot signalingaccess based on distributed queues(MSADQ/CDMA), is proposed in voice and data intergration CDMA networks. The MSADQ protocol is based on distributed queues and collision resolution algorithm. Through proper management of the PN codes, the number of random competition collision reduces greatly, the multiple access interference (MAI) decreases. It has several special access signaling channels to carry the voice and data access request. Each slot is devided into several control minislots (CMSs), in which the Data Terminals (DT) or Voice Terminals (VT) transmit their request. According to the voice and data traffic character, the signaling access structure is proposed. The code assign rules and queue managing rules are also proposed to ensure the QoS requirement of each traffic. Comparisions with other three protocol are developed by simulation, which shows that MSADQ/CDMA protocol occupies less PN codes, but still has very good performance.

Faithful deterministic secure quantum communication and authentication protocol based on hyperentanglement against collective noise

International Nuclear Information System (INIS)

Chang Yan; Zhang Shi-Bin; Yan Li-Li; Han Gui-Hua

2015-01-01

Higher channel capacity and security are difficult to reach in a noisy channel. The loss of photons and the distortion of the qubit state are caused by noise. To solve these problems, in our study, a hyperentangled Bell state is used to design faithful deterministic secure quantum communication and authentication protocol over collective-rotation and collective-dephasing noisy channel, which doubles the channel capacity compared with using an ordinary Bell state as a carrier; a logical hyperentangled Bell state immune to collective-rotation and collective-dephasing noise is constructed. The secret message is divided into several parts to transmit, however the identity strings of Alice and Bob are reused. Unitary operations are not used. (paper)

STFTP: Secure TFTP Protocol for Embedded Multi-Agent Systems Communication

Directory of Open Access Journals (Sweden)

ZAGAR, D.

2013-05-01

Full Text Available Today's embedded systems have evolved into multipurpose devices moving towards an embedded multi-agent system (MAS infrastructure. With the involvement of MAS in embedded systems, one remaining issues is establishing communication between agents in low computational power and low memory embedded systems without present Embedded Operating System (EOS. One solution is the extension of an outdated Trivial File Transfer Protocol (TFTP. The main advantage of using TFTP in embedded systems is the easy implementation. However, the problem at hand is the overall lack of security mechanisms in TFTP. This paper proposes an extension to the existing TFTP in a form of added security mechanisms: STFTP. The authentication is proposed using Digest Access Authentication process whereas the data encryption can be performed by various cryptographic algorithms. The proposal is experimentally tested using two embedded systems based on micro-controller architecture. Communication is analyzed for authentication, data rate and transfer time versus various data encryption ciphers and files sizes. STFTP results in an expected drop in performance, which is in the range of similar encryption algorithms. The system could be improved by using embedded systems of higher computational power or by the use of hardware encryption modules.

Turbine airfoil with a compliant outer wall

Science.gov (United States)

Campbell, Christian X [Oviedo, FL; Morrison, Jay A [Oviedo, FL

2012-04-03

A turbine airfoil usable in a turbine engine with a cooling system and a compliant dual wall configuration configured to enable thermal expansion between inner and outer layers while eliminating stress formation in the outer layer is disclosed. The compliant dual wall configuration may be formed a dual wall formed from inner and outer layers separated by a support structure. The outer layer may be a compliant layer configured such that the outer layer may thermally expand and thereby reduce the stress within the outer layer. The outer layer may be formed from a nonplanar surface configured to thermally expand. In another embodiment, the outer layer may be planar and include a plurality of slots enabling unrestricted thermal expansion in a direction aligned with the outer layer.

Compliant electro-thermal microactuators

DEFF Research Database (Denmark)

Jonsmann, Jacques; Sigmund, Ole; Bouwstra, Siebe

1999-01-01

This paper describes design, microfabrication and characterisation of topology optimised compliant electro-thermal microactuators. The actuators are fabricated by a fast prototyping process using laser micromachining and electroplating. Actuators are characterised with respect to displacement...

A Survey of E-Commerce Security

Institute of Scientific and Technical Information of China (English)

QIN Zhiguang; LUO Xucheng; GAO Rong

2004-01-01

E-commerce is a very active field of Intemet research. A very important aspect of e-commerce is its security. Because of the variety of e-commerce applications, many security policies,protocols and techniques are involved in the deployment of the security. The related standards and protocols ofe-commerce are studied in this paper. The general model of e-commerce security is set forth.In this model, two most important e-commerce protocols including secure sockets layer (SSL) and secure electronic transaction (SET) are analyzed. The open problems and new trends of e-commerce security are presented.

Universally composable protocols with relaxed set-up assumptions

DEFF Research Database (Denmark)

Barak, Boaz; Canetti, Ran; Nielsen, Jesper Buus

2004-01-01

A desirable goal for cryptographic protocols is to guarantee security when the protocol is composed with other protocol instances. Universally composable (UC) protocols provide this guarantee in a strong sense: A protocol remains secure even when composed concurrently with an unbounded number of ...

Design of compliant mechanisms with selective compliance

International Nuclear Information System (INIS)

Hasse, Alexander; Campanile, Lucio Flavio

2009-01-01

Conventional mechanisms provide a defined mobility, which expresses the number of degrees of freedom of the mechanism. This allows the system to be driven by a low number of control outputs. This property is virtually retained in the case of compliant mechanisms with lumped compliance, which are obtained by replacing the conventional hinges by solid-state ones. Compliant mechanisms with distributed compliance have, in general, an infinite number of degrees of freedom and therefore cannot guarantee defined kinematics. In this paper the concept of compliant mechanisms with selective compliance is introduced. This special class of compliant mechanisms combines the advantages of distributed compliance with the easy controllability of systems with defined kinematics. The task is accomplished by introducing a new design criterion based on a modal formulation. After this design criterion has been implemented in an optimization formulation for a formal optimization procedure, mechanisms are obtained in which a freely chosen deformation pattern is associated with a low deformation energy while other deformation patterns are considerably stiffer. Besides the description of the modal design criterion and the associated objective function, the sensitivity analysis of the objective function is presented and an application example is shown

Efficient Secure Multiparty Subset Computation

Directory of Open Access Journals (Sweden)

Sufang Zhou

2017-01-01

Full Text Available Secure subset problem is important in secure multiparty computation, which is a vital field in cryptography. Most of the existing protocols for this problem can only keep the elements of one set private, while leaking the elements of the other set. In other words, they cannot solve the secure subset problem perfectly. While a few studies have addressed actual secure subsets, these protocols were mainly based on the oblivious polynomial evaluations with inefficient computation. In this study, we first design an efficient secure subset protocol for sets whose elements are drawn from a known set based on a new encoding method and homomorphic encryption scheme. If the elements of the sets are taken from a large domain, the existing protocol is inefficient. Using the Bloom filter and homomorphic encryption scheme, we further present an efficient protocol with linear computational complexity in the cardinality of the large set, and this is considered to be practical for inputs consisting of a large number of data. However, the second protocol that we design may yield a false positive. This probability can be rapidly decreased by reexecuting the protocol with different hash functions. Furthermore, we present the experimental performance analyses of these protocols.

Design of a statically balanced fully compliant grasper

NARCIS (Netherlands)

Lamers, A.J.; Gallego Sanchez, J.A.; Herder, Justus Laurens

2015-01-01

Monolithic and thus fully compliant surgical graspers are promising when they provide equal or better force feedback than conventional graspers. In this work for the first time a fully compliant grasper is designed to exhibit zero stiffness and zero operation force. The design problem is addressed

A CONTEXT AWARE BASED PRE-HANDOFF SUPPORT APPROACH TO PROVIDE OPTIMAL QOS FOR STREAMING APPLICATIONS OVER VEHICULAR AD HOC NETWORKS – HOSA

Directory of Open Access Journals (Sweden)

K. RAMESH BABU

2015-06-01

Full Text Available Large variations in network Quality of Service (QoS such as bandwidth, latency, jitter, and reliability may occur during media transfer over vehicular ad hoc networks (VANET. Usage of VANET over mobile and wireless computing applications experience “bursty” QoS behavior during the execution over distributed network scenarios. Applications such as streaming media services need to adapt their functionalities to any change in network status. Moreover, an enhanced software platform is necessary to provide adaptive network management services to upper software components. HOSA, a handoff service broker based architecture for QoS adaptation over VANET supports in providing awareness. HOSA is structured as a middleware platform both to provide QoS awareness to streaming applications as well to manage dynamic ad hoc network resources with support over handoff in an adaptive fashion. HOSA is well analyzed over routing schemes such as TIBSCRPH, SIP and ABSRP where performance of HOSA was measured using throughput, traffic intensity and end to end delay. HOSA has been analyzed using JXTA development toolkit over C++ implemented classes to demonstrate its performance over varying node mobility established using vehicular mobility based conference application.

Correct mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme on ping-pong protocol

OpenAIRE

Zhang, Zhanjun

2004-01-01

Comment: The wrong mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme [PRL90(03)157901]on ping-pong protocol have been pointed out and corrected

Modelling of a biologically inspired robotic fish driven by compliant parts

International Nuclear Information System (INIS)

Daou, Hadi El; Salumäe, Taavi; Kruusmaa, Maarja; Chambers, Lily D; Megill, William M

2014-01-01

Inspired by biological swimmers such as fish, a robot composed of a rigid head, a compliant body and a rigid caudal fin was built. It has the geometrical properties of a subcarangiform swimmer of the same size. The head houses a servo-motor which actuates the compliant body and the caudal fin. It achieves this by applying a concentrated moment on a point near the compliant body base. In this paper, the dynamics of the compliant body driving the robotic fish is modelled and experimentally validated. Lighthill’s elongated body theory is used to define the hydrodynamic forces on the compliant part and Rayleigh proportional damping is used to model damping. Based on the assumed modes method, an energetic approach is used to write the equations of motion of the compliant body and to compute the relationship between the applied moment and the resulting lateral deflections. Experiments on the compliant body were carried out to validate the model predictions. The results showed that a good match was achieved between the measured and predicted deformations. A discussion of the swimming motions between the real fish and the robot is presented. (paper)

Calidad de servicio (QoS en procesos: Escenarios de procesamiento con aspectos

Directory of Open Access Journals (Sweden)

Hector Manuel Soto Pérez

2016-12-01

En resumen el presente trabajo estudia conceptos básicos de calidad de servicio y algunos de sus marcos de aplicación siguiendo un enfoque aspectual. Planteando posibles casos de uso genéricos para aplicar mejoras en la prestación de la QoS mediante aspectos en la planificación y gestión de recursos de aplicaciones tradicionales.

IEC 61850 and IEC 62351 Cyber Security Acceleration Workshop

Energy Technology Data Exchange (ETDEWEB)

Clements, Samuel L.; Edgar, Thomas W.; Manz, David O.

2012-04-01

The purpose of this workshop was to identify and discuss concerns with the use and adoption of IEC 62351 security standard for IEC 61850 compliant control system products. The industry participants discussed performance, interoperability, adoption, challenges, business cases, and future issues.

A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

Science.gov (United States)

Mehmood, Zahid; Chen, Gongliang; Li, Jianhua; Li, Linsen; Alzahrani, Bander

2017-01-01

Over the past few years, Session Initiation Protocol (SIP) is found as a substantial application-layer protocol for the multimedia services. It is extensively used for managing, altering, terminating and distributing the multimedia sessions. Authentication plays a pivotal role in SIP environment. Currently, Lu et al. presented an authentication protocol for SIP and profess that newly proposed protocol is protected against all the familiar attacks. However, the detailed analysis describes that the Lu et al.'s protocol is exposed against server masquerading attack and user's masquerading attack. Moreover, it also fails to protect the user's identity as well as it possesses incorrect login and authentication phase. In order to establish a suitable and efficient protocol, having ability to overcome all these discrepancies, a robust ECC-based novel mutual authentication mechanism with anonymity for SIP is presented in this manuscript. The improved protocol contains an explicit parameter for user to cope the issues of security and correctness and is found to be more secure and relatively effective to protect the user's privacy, user's masquerading and server masquerading as it is verified through the comprehensive formal and informal security analysis.

A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

Directory of Open Access Journals (Sweden)

Zahid Mehmood