Abstract: The growth of open networks created the interest to
commercialise it. The establishment of an electronic business
mechanism must be accompanied by a digital – electronic payment
system to transfer the value of transactions. Financial organizations
are requested to offer a secure e-payment synthesis with equivalent
level of security served in conventional paper-based payment
transactions. PKI, which is functioning as a chain of trust in security
architecture, can enable security services of cryptography to epayments,
in order to take advantage of the wider base either of
customer or of trading partners and the reduction of cost transaction
achieved by the use of Internet channels. The paper addresses the
possibilities and the implementation suggestions of PKI in relevance
to electronic payments by suggesting a framework that should be
followed.
Abstract: The need for Information Security in organizations, regardless of their type and size, is being addressed by emerging standards and recommended best practices. The various standards and practices which evolved in recent years and are still being developed and constantly revised, address the issue of Information Security from different angles. This paper attempts to provide an overview of Information Security Standards and Practices by briefly discussing some of the most popular ones. Through a comparative study of their similarities and differences, some insight can be obtained on how their combination may lead to an increased level of Information Security.
Abstract: The public sector holds large amounts of data of
various areas such as social affairs, economy, or tourism. Various
initiatives such as Open Government Data or the EU Directive on
public sector information aim to make these data available for public
and private service providers. Requirements for the provision of
public sector data are defined by legal and organizational
frameworks. Surprisingly, the defined requirements hardly cover
security aspects such as integrity or authenticity.
In this paper we discuss the importance of these missing
requirements and present a concept to assure the integrity and
authenticity of provided data based on electronic signatures. We
show that our concept is perfectly suitable for the provisioning of
unaltered data. We also show that our concept can also be extended
to data that needs to be anonymized before provisioning by
incorporating redactable signatures. Our proposed concept enhances
trust and reliability of provided public sector data.
Abstract: This work presents a new approach of securing a
wireless network. The configuration is focused on securing &
Protecting wireless network traffic for a small network such as a
home or dorm room. The security Mechanism provided both
authentication, allowing only known authorized users access to the
wireless network, and encryption, preventing anyone from reading
the wireless traffic. The mentioned solution utilizes the open source
free S/WAN software which implements the Internet Protocol
Security –IPSEC. In addition to wireless components, wireless NIC
in PC and wireless access point needs a machine running Linux to act
as security gateway. While the current configuration assumes that the
wireless PC clients are running Linux, Windows XP/VISTA/7 based
machines equipped with VPN software which will allow to interface
with this configuration.
Abstract: This paper analyzes the linkage between migration,
economic globalization and terrorism concerns. On a broad level, I
analyze Canadian economic and political considerations, searching
for causal relationships between political and economic actors on the
one hand, and Canadian immigration law on the other. Specifically,
the paper argues that there are contradictory impulses affecting state
sovereignty. These impulses are are currently being played out in the
field of Canadian immigration law through several proposed changes
to Canada-s Immigration and Refugee Protection Act (IRPA). These
changes reflect an ideological conception of sovereignty that is
intrinsically connected with decision-making capacity centered on an
individual. This conception of sovereign decision-making views
Parliamentary debate and bureaucratic inefficiencies as both equally
responsible for delaying essential decisions relating to the protection
of state sovereignty, economic benefits and immigration control This
paper discusses these concepts in relation to Canadian immigration
policy under Canadian governments over the past twenty five years.
Abstract: In recent years, the number of the cases of information
leaks is increasing. Companies and Research Institutions make various
actions against information thefts and security accidents. One of the
actions is adoption of the crime prevention system, including the
monitoring system by surveillance cameras. In order to solve
difficulties of multiple cameras monitoring, we develop the automatic
human tracking system using mobile agents through multiple
surveillance cameras to track target persons. In this paper, we develop
the monitor which confirms mobile agents tracing target persons, and
the simulator of video picture analysis to construct the tracking
algorithm.
Abstract: The history of technology and banking is examined as
it relates to risk and technological determinism. It is proposed that
the services that banks offer are determined by technology and that
banks must adopt new technologies to be competitive. The adoption
of technologies paradoxically forces the adoption of other new
technologies to protect the bank from the increased risk of
technology. This cycle will lead to bank examiners and regulators to
focus on human behavior, not on the ever changing technology.
Abstract: The proliferation of web application and the pervasiveness of mobile technology make web-based attacks even more attractive and even easier to launch. Web Application Firewall (WAF) is an intermediate tool between web server and users that provides comprehensive protection for web application. WAF is a negative security model where the detection and prevention mechanisms are based on predefined or user-defined attack signatures and patterns. However, WAF alone is not adequate to offer best defensive system against web vulnerabilities that are increasing in number and complexity daily. This paper presents a methodology to automatically design a positive security based model which identifies and allows only legitimate web queries. The paper shows a true positive rate of more than 90% can be achieved.
Abstract: Persuasive technology has been applied in marketing,
health, environmental conservation, safety and other domains and is
found to be quite effective in changing people-s attitude and
behaviours. This research extends the application domains of
persuasive technology to information security awareness and uses a
theory-driven approach to evaluate the effectiveness of a web-based
program developed based on the principles of persuasive technology
to improve the information security awareness of end users. The
findings confirm the existence of a very strong effect of the webbased
program in raising users- attitude towards information security
aware behavior. This finding is useful to the IT researchers and
practitioners in developing appropriate and effective education
strategies for improving the information security attitudes for endusers.
Abstract: One main drawback of intrusion detection system is the
inability of detecting new attacks which do not have known
signatures. In this paper we discuss an intrusion detection method
that proposes independent component analysis (ICA) based feature
selection heuristics and using rough fuzzy for clustering data. ICA is
to separate these independent components (ICs) from the monitored
variables. Rough set has to decrease the amount of data and get rid of
redundancy and Fuzzy methods allow objects to belong to several
clusters simultaneously, with different degrees of membership. Our
approach allows us to recognize not only known attacks but also to
detect activity that may be the result of a new, unknown attack. The
experimental results on Knowledge Discovery and Data Mining-
(KDDCup 1999) dataset.
Abstract: Prior research evidenced that unimodal biometric
systems have several tradeoffs like noisy data, intra-class variations,
restricted degrees of freedom, non-universality, spoof attacks, and
unacceptable error rates. In order for the biometric system to be more
secure and to provide high performance accuracy, more than one
form of biometrics are required. Hence, the need arise for multimodal
biometrics using combinations of different biometric modalities. This
paper introduces a multimodal biometric system (MMBS) based on
fusion of whole dorsal hand geometry and fingerprints that acquires
right and left (Rt/Lt) near-infra-red (NIR) dorsal hand geometry (HG)
shape and (Rt/Lt) index and ring fingerprints (FP). Database of 100
volunteers were acquired using the designed prototype. The acquired
images were found to have good quality for all features and patterns
extraction to all modalities. HG features based on the hand shape
anatomical landmarks were extracted. Robust and fast algorithms for
FP minutia points feature extraction and matching were used. Feature
vectors that belong to similar biometric traits were fused using
feature fusion methodologies. Scores obtained from different
biometric trait matchers were fused using the Min-Max
transformation-based score fusion technique. Final normalized scores
were merged using the sum of scores method to obtain a single
decision about the personal identity based on multiple independent
sources. High individuality of the fused traits and user acceptability
of the designed system along with its experimental high performance
biometric measures showed that this MMBS can be considered for
med-high security levels biometric identification purposes.
Abstract: Adapting wireless devices to communicate within grid
networks empowers us by providing range of possibilities.. These
devices create a mechanism for consumers and publishers to create
modern networks with or without peer device utilization. Emerging
mobile networks creates new challenges in the areas of reliability,
security, and adaptability. In this paper, we propose a system
encompassing mobility management using AAA context transfer for
mobile grid networks. This system ultimately results in seamless task
processing and reduced packet loss, communication delays,
bandwidth, and errors.
Abstract: Spam mails are unwanted mails sent to large number
of users. Spam mails not only consume the network resources, but
cause security threats as well. This paper proposes an efficient
technique to detect, and to prevent spam mail in the sender side rather
than the receiver side. This technique is based on a counter set on the
sender server. When a mail is transmitted to the server, the mail server
checks the number of the recipients based on its counter policy. The
counter policy performed by the mail server is based on some
pre-defined criteria. When the number of recipients exceeds the
counter policy, the mail server discontinues the rest of the process, and
sends a failure mail to sender of the mail; otherwise the mail is
transmitted through the network. By using this technique, the usage of
network resources such as bandwidth, and memory is preserved. The
simulation results in real network show that when the counter is set on
the sender side, the time required for spam mail detection is 100 times
faster than the time the counter is set on the receiver side, and the
network resources are preserved largely compared with other
anti-spam mail techniques in the receiver side.
Abstract: IPsec has now become a standard information security
technology throughout the Internet society. It provides a well-defined
architecture that takes into account confidentiality, authentication,
integrity, secure key exchange and protection mechanism against
replay attack also. For the connectionless security services on packet
basis, IETF IPsec Working Group has standardized two extension
headers (AH&ESP), key exchange and authentication protocols. It is
also working on lightweight key exchange protocol and MIB's for
security management. IPsec technology has been implemented on
various platforms in IPv4 and IPv6, gradually replacing old
application-specific security mechanisms. IPv4 and IPv6 are not
directly compatible, so programs and systems designed to one
standard can not communicate with those designed to the other. We
propose the design and implementation of controlled Internet security
system, which is IPsec-based Internet information security system in
IPv4/IPv6 network and also we show the data of performance
measurement. With the features like improved scalability and
routing, security, ease-of-configuration, and higher performance of
IPv6, the controlled Internet security system provides consistent
security policy and integrated security management on IPsec-based
Internet security system.
Abstract: Digital signature is a useful primitive to attain the integrity and authenticity in various wire or wireless communications. Proxy signature is one type of the digital signatures. It helps the proxy signer to sign messages on behalf of the original signer. It is very useful when the original signer (e.g. the president of a company) is not available to sign a specific document. If the original signer can not forge valid proxy signatures through impersonating the proxy signer, it will be robust in a virtual environment; thus the original signer can not shift any illegal action initiated by herself to the proxy signer. In this paper, we propose a new proxy signature scheme. The new scheme can prevent the original signer from impersonating the proxy signer to sign messages. The proposed scheme is based on the regular ElGamal signature. In addition, the fair privacy of the proxy signer is maintained. That means, the privacy of the proxy signer is preserved; and the privacy can be revealed when it is necessary.
Abstract: The most common forensic activity is searching a hard
disk for string of data. Nowadays, investigators and analysts are
increasingly experiencing large, even terabyte sized data sets when
conducting digital investigations. Therefore consecutive searching can
take weeks to complete successfully. There are two primary search
methods: index-based search and bitwise search. Index-based
searching is very fast after the initial indexing but initial indexing
takes a long time. In this paper, we discuss a high speed bitwise search
model for large-scale digital forensic investigations. We used pattern
matching board, which is generally used for network security, to
search for string and complex regular expressions. Our results indicate
that in many cases, the use of pattern matching board can substantially
increase the performance of digital forensic search tools.
Abstract: In this study, a novel approach of image embedding is introduced. The proposed method consists of three main steps. First, the edge of the image is detected using Sobel mask filters. Second, the least significant bit LSB of each pixel is used. Finally, a gray level connectivity is applied using a fuzzy approach and the ASCII code is used for information hiding. The prior bit of the LSB represents the edged image after gray level connectivity, and the remaining six bits represent the original image with very little difference in contrast. The proposed method embeds three images in one image and includes, as a special case of data embedding, information hiding, identifying and authenticating text embedded within the digital images. Image embedding method is considered to be one of the good compression methods, in terms of reserving memory space. Moreover, information hiding within digital image can be used for security information transfer. The creation and extraction of three embedded images, and hiding text information is discussed and illustrated, in the following sections.
Abstract: Innovations and innovative activity get the increasing
value for successful financial and economic activity of the countries
and regions. The level of innovative sphere development determines
place of a country or a region in world economy and forms a basis of
steady economic growth. This article is devoted to different aspects
of organization of the national economic safety in the conditions of
innovative development, its problems, risks and threats. Economy
can be considered as aspiring for transition to innovative way only
with finding of economic safety: financial independence, power
stability and technological progress. There are statistical indicators,
defining the level of economic security and factors, threatening
economic safety of the state. The research is based on the analysis of
factors and indicators in conditions of innovative development. The
paper is illustrated by the examples of possible estimated system of
the economic safety level.
Abstract: Quantum cryptography offers a way of key agreement,
which is unbreakable by any external adversary. Authentication is
of crucial importance, as perfect secrecy is worthless if the identity
of the addressee cannot be ensured before sending important information.
Message authentication has been studied thoroughly, but no
approach seems to be able to explicitly counter meet-in-the-middle
impersonation attacks. The goal of this paper is the development of
an authentication scheme being resistant against active adversaries
controlling the communication channel. The scheme is built on top
of a key-establishment protocol and is unconditionally secure if built
upon quantum cryptographic key exchange. In general, the security
is the same as for the key-agreement protocol lying underneath.
Abstract: In this paper an efficient implementation of Ripemd-
160 hash function is presented. Hash functions are a special family
of cryptographic algorithms, which is used in technological
applications with requirements for security, confidentiality and
validity. Applications like PKI, IPSec, DSA, MAC-s incorporate
hash functions and are used widely today. The Ripemd-160 is
emanated from the necessity for existence of very strong algorithms
in cryptanalysis. The proposed hardware implementation can be
synthesized easily for a variety of FPGA and ASIC technologies.
Simulation results, using commercial tools, verified the efficiency of
the implementation in terms of performance and throughput. Special
care has been taken so that the proposed implementation doesn-t
introduce extra design complexity; while in parallel functionality was
kept to the required levels.