54,114 Hits in 4.3 sec

Security protocol design via authentication tests

J.D. Guttman
Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15  
We describe a protocol design process, and illustrate its use by creating ATSPECT, an Authentication Test-based Secure Protocol for Electronic Commerce Transactions.  ...  The design process is organized around the authentication tests, a method for protocol verification based on the strand space theory.  ...  David Basin challenged me to use the authentication test heuristics for the design of a better, simpler electronic commerce protocol.  ... 
doi:10.1109/csfw.2002.1021809 dblp:conf/csfw/Guttman02 fatcat:xfeb6dk7vzgntensueonx74bye

Improving the cyber security of SCADA communication networks

Sandip C. Patel, Ganesh D. Bhatt, James H. Graham
2009 Communications of the ACM  
Only a few private SCADA protocols have advanced level of built-in security features, such as message authentication, since most of these protocols were designed primarily to maximize performance, reliability  ...  Hardly any open protocol has built-in security feature since open protocols were designed much before the 9/11 attacks in New York.  ... 
doi:10.1145/1538788.1538820 fatcat:74ssjqgd6ndvpgfanrc6slqlnu

Multi-point Security by a Multiplatform-compatible Multifunctional Authentication and Encryption Board

2019 Journal of Computing and Information Technology  
The system enforces the authentication protocol, includes error detection, and handles multiple devices according to their Operating Systems (OS) through their connections/ disconnections.  ...  It makes the connection faster than manual authentication and facilitates Machine-to-Machine (M2M) secure interactions, as required for IoT.  ...  It implements a star topology, and all the devices follow the authentication protocol. The sensors or peripherals can be connected to the gateway via a wired or wireless link.  ... 
doi:10.20532/cit.2018.1004174 fatcat:ich3rhw3ebbu3l3k2lf3mjfy34

A Tool for Supporting Developers in Analyzing the Security of Web-Based Security Protocols [chapter]

Giancarlo Pellegrino, Luca Compagna, Thomas Morreggia
2013 Lecture Notes in Computer Science  
This paper presents a tool that leverages on existing design verification and security testing techniques, and extends them to support developers in analyzing security protocols.  ...  However, none of the existing security testing techniques provides the features, scalability, and usability to support developers in assessing the security of protocol configurations and deviations.  ...  In conclusion, we presented a model-driven security analysis and testing tool. It supports the evaluation of the impact of implementation decisions and protocol configurations.  ... 
doi:10.1007/978-3-642-41707-8_19 fatcat:t7i4lj7tlrak5ieqzjo7dyuhle

Mobile IPv6 Security [chapter]

Tuomas Aura
2004 Lecture Notes in Computer Science  
This paper presents a case study of security protocol design: authentication of binding updates in Mobile IPv6.  ...  We go step by step through the threat analysis and show how each threat is addressed in the protocol design.  ...  The protocol design is unusual and it would not be considered secure by the measures of traditional security protocol analysis.  ... 
doi:10.1007/978-3-540-39871-4_18 fatcat:hte257y76vautio7uec7xhwjgq

Designing the mobile IPv6 security protocol

Tuomas Aura, Michael Roe
2006 Annales des télécommunications  
Mobile IPv6 is a network-layer mobility protocol for the IPv6 Internet. The protocol includes several security mechanisms, such as the return-routability tests for the care-of addresses.  ...  This paper explains the threat model and design principles that motivated the Mobile IPv6 security features.  ...  The protocol design is unusual and it would not be considered secure by the measures of traditional security protocol analysis.  ... 
doi:10.1007/bf03219911 fatcat:kc26pffkibh45euukmi7cezjwa

A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach

Figueroa-Lorenzo, Añorga, Arrizabalaga
2019 Sensors  
The security features leverage X.509v3 digital certificates for authentication of the server and client.  ...  Unfortunately, Modbus lacks basic security mechanisms, and this leads to multiple vulnerabilities, due to both design and implementation.  ...  that Modbus security problems are related to the protocol design.  ... 
doi:10.3390/s19204455 pmid:31615147 pmcid:PMC6832255 fatcat:4mjc2xgke5ddnch677pad5zkry

A Unilateral-to-Mutual Authentication Compiler for Key Exchange (with Applications to Client Authentication in TLS 1.3)

Hugo Krawczyk
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
applying the SIGMAC compiler to Π results in a provably secure mutually authenticated KE protocol.  ...  Our work is motivated in part by the ongoing work on the design of TLS 1.3, specifically the design of the client authentication mechanisms including the challenging case of post-handshake authentication  ...  Then, Π is secure according to the (mutual authentication) ACCE model. Acknowledgment.  ... 
doi:10.1145/2976749.2978325 dblp:conf/ccs/Krawczyk16 fatcat:ryymwghsunhx5hpru3cjw3qcza

A SCADA intermediate simulation platform to enhance the system security

Aamir Shahzad, Naixue Xiong, Muhammad Irfan, Malrey Lee, Shahid Hussain, B. Khaltar
2015 2015 17th International Conference on Advanced Communication Technology (ICACT)  
Some recommendations such as proper security plan, security polices, usage of authentication protocols, password management, remote access through security protocol (VPN, PKI and encryption), wireless  ...  In proposed study, based on existing security analysis of SCADA systems, the security implementation via cryptography mechanism has been placed between SCADA nodes during transmission of bytes.  ...  Distribute network protocol (DNP3) and other SCADA protocols, and their communication are fully supported by Test Harness simulation tool.  ... 
doi:10.1109/icact.2015.7224821 fatcat:zozejafx2vawbmfqobdos2v7am

Multichannel Protocols for User-Friendly and Scalable Initialization of Sensor Networks [chapter]

Toni Perković, Ivo Stančić, Luka Mališa, Mario Čagalj
2009 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
We also designed and tested a simple random number generator suitable for sensor platforms.  ...  A notable feature of the proposed "public key"-based key deployment protocol is that it is designed to be secure in a very strong attacker model, where an attacker can eavesdrop, jam and modify transmitted  ...  Our "public key" -based protocol is designed to be secure in this very strong attacker model.  ... 
doi:10.1007/978-3-642-05284-2_13 fatcat:vqytfia5dnaubp34ycohgizega

Modeling and verification of Extensible Authentication Protocol for Transport layer Security in Wireless LAN environment

Humayra Binte Ali, Md. Rezaul Karim, Manzur Ashraf, David M W Powers
2010 2010 2nd International Conference on Software Technology and Engineering  
constructs -such as Extensible Authentication Protocol (EAP) for Transport layer Security (TLS).In our analysis, we identify essential elements, model and verify the EAP -TLS protocol using SPIN.  ...  It will evidently provide an insight into the scope and utility of formal methods based on state space exploration in testing larger and complex systems, for example, the complete Wireless LAN authentication  ...  Since the design of a secure key management protocol is non-trivial, it is desirable to avoid creating new mechanisms for this.  ... 
doi:10.1109/icste.2010.5608759 fatcat:ikashat3sne27pvmabsrsxmkyq

Using mobile device screens for authentication

Andrea Bianchi, Ian Oakley, Dong Soo Kwon
2011 Proceedings of the 23rd Australian Computer-Human Interaction Conference on - OzCHI '11  
Authentication in public spaces, such as ATM PIN entry, is inherently susceptible to security attacks based on observation in person or via cameras.  ...  This paper addresses this problem with a system which allows users to enter a PIN on a standard mobile phone and then transmit it securely for authentication using modulated patterns of light shown on  ...  In fact, early tests of the 4bit protocol using MD5 128-bit encryption show unchanged error rates but lengthier authentication times (of 5.3 seconds).  ... 
doi:10.1145/2071536.2071542 dblp:conf/ozchi/BianchiOK11 fatcat:qivm7fxmxjex3fmtzy6fabvgli

Dual-stack Network Management Through One-time Authentication Mechanism

Yi-Chih Kao, Jui-Chun Liu, Yi-Quan Ke, Shi-Chun Tsai, Yi-Bing Lin
2020 IEEE Access  
Furthermore, authenticating both IPv4 and IPv6 increases the traceability of traffic logs when security attacks occur.  ...  The proposed authentication system resolves the inconvenience of separate IPv4 and IPv6 authentication and effectively improves the compatibility of the two protocols.  ...  This article was presented in part at the Fourth International Symposium on Mobile Internet Security, Taichung, Taiwan, October 2019.  ... 
doi:10.1109/access.2020.2974659 fatcat:czhwkcbmhfczvbhqxs7cs7omba

Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels [chapter]

Ran Canetti, Hugo Krawczyk
2001 Lecture Notes in Computer Science  
here); and (ii) the definition allows for simple modular proofs of security: one can design and prove security of key-exchange protocols in an idealized model where the communication links are perfectly  ...  We exemplify the usability of our results by applying them to obtain the proof of two classes of key-exchange protocols, Diffie-Hellman and key-transport, authenticated via symmetric or asymmetric techniques  ...  The other central goal of the paper is in simplifying the usability of the resultant security definitions via a modular approach to the design and analysis of ke protocols.  ... 
doi:10.1007/3-540-44987-6_28 fatcat:3dgqlk7rmzh6hgair42kimnwbm

Authentication Test-Based the RFID Authentication Protocol with Security Analysis

Minghui Wang, Junhua Pan
2014 Sensors & Transducers  
Authentication Test is a new type of analysis and design method of security protocols based on Strand space model, and it can be used for most types of the security protocols.  ...  To the problem of many recently proposed RFID authentication protocol was soon find security holes, we analyzed the main reason, which is that protocol design is not rigorous, and the correctness of the  ...  Acknowledgements This work was supported in part by a grant from 2013 Yancheng industrial supporting projects (The application security of RFID technology in the emerging industry, the intelligent management  ... 
doaj:900d220a36d548f294bdf6f148fd8e0a fatcat:la4ytatuafb73gnpalygd4p7lq
« Previous Showing results 1 — 15 out of 54,114 results