264 Hits in 3.0 sec

Update-tolerant and Revocable Password Backup (Extended Version) [article]

Moritz Horsch and Johannes Braun and Dominique Metz and Johannes Buchmann
2017 arXiv   pre-print
We present PASCO, a backup solution for passwords that solves this challenge. PASCO backups need not to be updated, even when the user's password portfolio is changed.  ...  It is practically impossible for users to memorize a large portfolio of strong and individual passwords for their online accounts. A solution is to generate passwords randomly and store them.  ...  We explain the creation of the update-tolerant backup in Section 4.1 and how to restore the PALPAS data from a backup in Section 4.2.  ... 
arXiv:1704.02883v2 fatcat:hdc2llf655frnd4ysb67pam4km

Remote Credential Management with Mutual Attestation for Trusted Execution Environments [article]

Carlton Shepherd, Raja N. Akram, Konstantinos Markantonakis
2018 arXiv   pre-print
In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation.  ...  The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.  ...  Carlton Shepherd is supported by the EPSRC and the British government as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London (EP/K035584/1).  ... 
arXiv:1804.10707v2 fatcat:emyh7gvjjbgfxnprejuxnde2uq

Password Assistance

Moritz Horsch, Johannes Braun, Johannes Buchmann
2017 Open Identity Summit  
Users' passwords need to fulfil general security requirements and the password requirements of services. Furthermore, users need to cope with different password implementations at services.  ...  It supports users in all duties and tasks with regard to their passwords, from the creation of secure passwords to the recovery of them in case of loss.  ...  Update-tolerant and revocable password backup The last two user task are the creation of password backups and the provision of an emergency access to the passwords (cf. T5 and T6).  ... 
dblp:conf/openidentity/Horsch0B17 fatcat:7alznxpyanftlaxbjsgzjmkrou

SoK: Securing Email – A Stakeholder-Based Analysis (Extended Version) [article]

Jeremy Clark, P.C. van Oorschot, Scott Ruoti, Kent Seamons, Daniel Zappala
2021 arXiv   pre-print
in both ubiquity and interoperability.  ...  While email is the most ubiquitous and interoperable form of online communication today, it was not conceived with strong security guarantees, and the ensuing security enhancements are, by contrast, lacking  ...  Another possibility is to move email storage to edge devices owned by an end-user where content processing can be performed, with encrypted backup in the cloud to provide fault tolerance and portability  ... 
arXiv:1804.07706v3 fatcat:wbocbmeetve6vfkt3fzayjcelq

Passwords in peer-to-peer

Gunnar Kreitz, Oleksandr Bodriagov, Benjamin Greschbach, Guillermo Rodriguez-Cano, Sonja Buchegger
2012 2012 IEEE 12th International Conference on Peer-to-Peer Computing (P2P)  
One of the differences between typical peer-topeer (P2P) and client-server systems is the existence of user accounts.  ...  In addition to password logins, we also present supporting protocols to provide functionality related to password logins, such as resetting a forgotten password via e-mail or security questions.  ...  [14] for sharing their measurement results and Jay Lorch for excellent work as a shepherd of this paper.  ... 
doi:10.1109/p2p.2012.6335797 dblp:conf/p2p/KreitzBGRB12 fatcat:tu2phvq6cfg2jcvlm255lorsge

Securing distributed storage

Vishal Kher, Yongdae Kim
2005 Proceedings of the 2005 ACM workshop on Storage security and survivability - StorageSS '05  
The rapid increase of sensitive data and the growing number of government regulations that require longterm data retention and protection have forced enterprises to pay serious attention to storage security  ...  We cover a broad range of the storage security literature, present a critical review of the existing solutions, compare them, and highlight potential research issues.  ...  The main reasons are reduced performance and the high amount of complexity involved in performing key management, key storage, backups, and revocation.  ... 
doi:10.1145/1103780.1103783 dblp:conf/storagess/KherK05 fatcat:o4rpeto5xjhnrdqooyfo7nfb2e

CKMI: Comprehensive Key Management Infrastructure Design for Industrial Automation and Control Systems

Pramod T. C., Thejas G. S., S. S. Iyengar, N. R. Sunitha
2019 Future Internet  
The proposed design handles all the standard key management operations, viz. key generation, device registration, key establishment, key storage, device addition, key revocation, key update, key recovery  ...  , key archival, and key de-registration and destruction.  ...  Simplify the key update, key revocation, device addition and deletion operations. It is observed in the literature that the key update and key revocation of a device affects the entire system.  ... 
doi:10.3390/fi11060126 fatcat:klilb45eqragpejhicayoywaz4

Data Storage Security and Privacy in Cloud Computing: A Comprehensive Survey

Jeevitha B., Thriveni J., Venugopal K.
2016 International Journal of Computer Applications  
and consistency of data stored. ] propose a lightweight encryption algorithm and a security handshaking protocol for mobile devices and data security is achieved from client side before it is sent to  ...  Cloud Computing is a form of distributed computing wherein resources and application platforms are distributed over the Internet through on demand and pay on utilization basis.  ...  Jianghong et al., [31] propose a revocable-storage identity-based encryption (RS-IBE) [32] , which introduces the operations of user revocation and updating of ciphertext to provide the forward/backward  ... 
doi:10.5120/ijca2016912513 fatcat:y2hdci4lkrhkpfwbnykkibvhqi

Storekeeper: A Security-Enhanced Cloud Storage Aggregation Service

Sancha Pereira, Andre Alves, Nuno Santos, Ricardo Chaves
2016 2016 IEEE 35th Symposium on Reliable Distributed Systems (SRDS)  
This decentralization brings new challenges related with file update propagation, access control, user authentication, and key management that are addressed by Storekeeper.  ...  However, due to the proliferation of cloud storage accounts and lack of interoperability between cloud services, managing and sharing cloud-hosted files is a nightmare for many users.  ...  Acknowledgments: This work was partially supported by the EC through project H2020-645342 (reTHINK), and by national funds through Fundação para a Ciência e a Tecnologia (FCT) with reference UID/CEC/50021  ... 
doi:10.1109/srds.2016.023 dblp:conf/srds/PereiraASC16 fatcat:2l2io2vqjbetrpkyucy6euz53e

An Optimised Key cryptography for Securing Cloud Data Sharing and Storage Environment

2015 International Journal of Science and Research (IJSR)  
With the advent of the World Wide Web and the emergence of e-commerce applications and social networks, organizations across the world generate a large amount of data daily.  ...  Secure cryptographic architecture and working methodology are proposed in this paper for optimal services over the cloud.  ...  With param and PK, people who cooperate with sender can update sender's data on the server.  ... 
doi:10.21275/v4i12.sub159012 fatcat:mllf232ef5evpfrawl4rev5h4q

Land Registry Framework Based on Self-Sovereign Identity (SSI) for Environmental Sustainability

Mohammed Shuaib, Noor Hafizah Hassan, Sahnius Usman, Shadab Alam, Surbhi Bhatia, Parul Agarwal, Sheikh Mohammad Idrees
2022 Sustainability  
Providing a system user with a unique and secure identity is a prerequisite for authentication and authorization aspects of a security system.  ...  A secure and reliable digital identity solution is the need of the hour.  ...  The owner/seller can manage their digital identity using user agents by establishing and saving DIDs and cryptographic keys in their digital wallets, storing passwords and credentials, creating backup  ... 
doi:10.3390/su14095400 fatcat:qswa3g2nmnfypjfyqopelljl7y

Data Security and Privacy Protection for Cloud Storage: A Survey

Pan Yang, Neal N. Xiong, Jingli Ren
2020 IEEE Access  
Secondly, we give a detailed analysis on challenges and requirements of data security and privacy protection in cloud storage system.  ...  In this paper, we make a comprehensive review of the literatures on data security and privacy issues, data encryption technology, and applicable countermeasures in cloud storage system.  ...  The revocable IBE revocation algorithm usually takes the public parameter P P , user ID, revocation list RL, revocation time t and state st as input, and the updated revocation list as output.  ... 
doi:10.1109/access.2020.3009876 fatcat:6kcb3junlzhvvcq3qhztumpdqq

Blockchain-Based Authentication in Internet of Vehicles: A Survey

Sohail Abbas, Manar Abu Talib, Afaf Ahmed, Faheem Khan, Shabir Ahmad, Do-Hyeun Kim
2021 Sensors  
tools, and attacks counteracted.  ...  First, a detailed background on IoV and blockchain is provided, followed by a wide range of security requirements, challenges, and possible attacks in vehicular networks.  ...  backups and replications.  ... 
doi:10.3390/s21237927 pmid:34883933 fatcat:4j2dypzokfc35j7zgbokunhkie

Citizen Electronic Identities using TPM 2.0 [article]

Thomas Nyman, Jan-Erik Ekberg, N. Asokan
2014 arXiv   pre-print
The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions.  ...  At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices.  ...  The TPM 2.0 specification has a millisecond-resolution clock that is guaranteed to advance when the TPM is powered on, but it also has periodic backup to NV memory, i.e. within certain tolerance it behaves  ... 
arXiv:1409.1023v2 fatcat:epdumjbiabf6nlaz6ewyjlt2em

Augmenting storage with an intrusion response primitive to ensure the security of critical data

Ashish Gehani, Surendar Chandra, Gershon Kedem
2006 Proceedings of the 2006 ACM Symposium on Information, computer and communications security - ASIACCS '06  
If this operation is effected manually, the delay between the alarm and the response may be enough for an intruder to cause significant damage.  ...  If it is activated when an intrusion appears likely to succeed, it guarantees the confidentiality, integrity and availability of the protected data even after a system is compromised.  ...  When a system penetration is detected, data from a backup prior to the intrusion is extracted and used to replace the tainted version.  ... 
doi:10.1145/1128817.1128836 dblp:conf/ccs/GehaniCK06 fatcat:a2lwelg4dnckrj4wcl34j57esu
« Previous Showing results 1 — 15 out of 264 results