Physical Sciences and Mathematics Commons^™

A Block Oriented Fingerprinting Scheme In Relational Database, Siyuan Liu, Shuhong Wang, Robert H. Deng, Weizhong Shao

Research Collection School Of Computing and Information Systems

The need for protecting rights over relational data is of ever increasing concern. There have recently been some pioneering works in this area. In this paper, we propose an effective fingerprinting scheme based on the idea of block method in the area of multimedia fingerprinting. The scheme ensures that certain bit positions of the data contain specific values. The bit positions are determined by the keys known only to the owner of the data and different buyers of the database have different bit positions and different specific values for those bit positions. The detection of the fingerprint can be completed …

Security Analysis And Improvement Of Return Routability Protocol, Ying Qiu, Jianying Zhou, Robert H. Deng

Research Collection School Of Computing and Information Systems

Mobile communication plays a more and more important role in computer networks. How to authenticate a new connecting address belonging to a said mobile node is one of the key issues in mobile networks. This paper analyzes the Return Routability (RR) protocol and proposes an improved security solution for the RR protocol without changing its architecture. With the improvement, three types of redirect attacks can be prevented.

Challenging Policies That Do Not Play Fair: A Credential Relevancy Framework Using Trust Negotiation Ontologies, Travis S. Leithead

Theses and Dissertations

This thesis challenges the assumption that policies will "play fair" within trust negotiation. Policies that do not "play fair" contain requirements for authentication that are misleading, irrelevant, and/or incorrect, based on the current transaction context. To detect these unfair policies, trust negotiation ontologies provide the context to determine the relevancy of a given credential set for a particular negotiation. We propose a credential relevancy framework for use in trust negotiation that utilizes ontologies to process the set of all available credentials C and produce a subset of credentials C' relevant to the context of a given negotiation. This credential relevancy …

Improving Routing Security Using A Decentralized Public Key Distribution Algorithm, Jeremy C. Goold

Theses and Dissertations

Today's society has developed a reliance on networking infrastructures. Health, financial, and many other institutions deploy mission critical and even life critical applications on local networks and the global Internet. The security of this infrastructure has been called into question over the last decade. In particular, the protocols directing traffic through the network have been found to be vulnerable. One such protocol is the Open Shortest Path First (OSPF) protocol. This thesis proposes a security extension to OSPF containing a decentralized certificate authentication scheme (DecentCA) that eliminates the single point of failure/attack present in current OSPF security extensions. An analysis …

Secure Context-Sensitive Authorization, Kazuhiro Minami, David Kotz

Dartmouth Scholarship

There is a recent trend toward rule-based authorization systems to achieve flexible security policies. Also, new sensing technologies in pervasive computing make it possible to define context-sensitive rules, such as “allow database access only to staff who are currently located in the main office.” However, these rules, or the facts that are needed to verify authority, often involve sensitive context information. This paper presents a secure context-sensitive authorization system that protects confidential information in facts or rules. Furthermore, our system allows multiple hosts in a distributed environment to perform the evaluation of an authorization query in a collaborative way; we …

Jess – A Java Security Scanner For Eclipse, Russell Spitler

Honors Theses

Secure software is the responsibility of every developer. In order to help a developer with this responsibility there are many automated source code security auditors. These tools perform a variety of functions, from finding calls to insecure functions to poorly generated random numbers. These programs have existed for years and perform the security audit with varying degrees of success.

Largely missing in the world of programming is such a security auditor for the Java programming language. Currently, Fortify Software produces the only Java source code security auditor; this is a commercially available package.

This void is what inspired JeSS, Java …

An Efficient Scheme For Authenticating Public Keys In Sensor Networks, Wenliang Du, Ronghua Wang, Peng Ning

Electrical Engineering and Computer Science - All Scholarship

With the advance of technology, Public Key Cryptography (PKC) will sooner or later be widely used in wireless sensor networks. Recently, it has been shown that the performance of some public key algorithms, such as Elliptic Curve Cryptography (ECC), is already close to being practical on sensor nodes. However, the energy consumption of PKC is still expensive, especially compared to symmetric-key algorithms. To maximize the lifetime of batteries, we should minimize the use of PKC whenever possible in sensor networks. This paper investigates how to replace one of the important PKC operations–the public key authentication–with symmetric key operations that are …

Searching For High-Value Rare Events With Uncheatable Grid Computing, Wenliang Du, Michael T. Goodrich

Electrical Engineering and Computer Science - All Scholarship

High-value rare-event searching is arguably the most natural application of grid computing, where computational tasks are distributed to a large collection of clients (which comprise the computation grid) in such a way that clients are rewarded for performing tasks assigned to them. Although natural, rare-event searching presents significant challenges for a computation supervisor, who partitions and distributes the search space out to clients while contending with “lazy” clients, who don’t do all their tasks, and “hoarding ” clients, who don’t report rare events back to the supervisor. We provide schemes, based on a technique we call chaff injection, for efficiently …

Searching For High-Value Rare Events With Uncheatable Grid Computing, Wenliang Du, Michael T. Goodrich

Electrical Engineering and Computer Science - All Scholarship

High-value rare-event searching is arguably the most natural application of grid computing, where computational tasks are distributed to a large collection of clients (which comprise the computation grid) in such a way that clients are rewarded for performing tasks assigned to them. Although natural, rare-event searching presents significant challenges for a computation supervisor, who partitions and distributes the search space out to clients while contending with “lazy” clients, who don’t do all their tasks, and “hoarding ” clients, who don’t report rare events back to the supervisor. We provide schemes, based on a technique we call chaff injection, for efficiently …

The Kerf Toolkit For Intrusion Analysis, Javed Aslam, Sergey Bratus, David Kotz, Ronald Peterson

Dartmouth Scholarship

No abstract provided.

Security Analysis Of Michael: The Ieee 802.11i Message Integrity Code, Jianyong Huang, Jennifer Seberry, Willy Susilo, Martin W. Bunder

Faculty of Informatics - Papers (Archive)

The latest IEEE 802.11i uses a keyed hash function, called Michael, as the message integrity code. This paper describes some properties and weaknesses of Michael. We provide a necessary and sufficient condition for finding collisions of Michael. Our observation reveals that the collision status of Michael only depends on the second last block message and the output of the block function in the third last round. We show that Michael is not collision-free by providing a method to find collisions of this keyed hash function. Moreover, we develop a method to find fixed points of Michael. If the output …

Recommendations For Wireless Network Security Policy: An Analysis And Classification Of Current And Emerging Threats And Solutions For Different Organisations, Andrew Woodward

Research outputs pre 2011

Since their inception, 802.11 wireless networks have been plagued by a wide range of security problems. These problems relate to both data security and denial of service attacks, and there have been many solutions created by different vendors address these problems. However, the number of different types of attack, and the many possible solutions, makes it a difficult task to put in place an appropriate wireless network security policy. Such a policy must address both the size and nature of the enterprise, and the resources available to it. Measures such as WEP and MAC filtering are only appropriate for home …

Physician Secure Thyself, Patricia Williams

Research outputs pre 2011

Whilst discussion rages on the issues relating to security of medical data and the reason why it is important, there is little published information on how to tackle even basic security challenges for medical practice in Australia. Research suggests an underestimation of the threats to medical data by medical practitioners, hence there is sufficient reason to promote development of tools to assist medical practice with technical issues they are unfamiliar with. This paper provides an initial dialogue on how these security issues should be addressed. Included is a framework for risk assessment and elaboration of the implementation process to make …

The Underestimation Of Threats To Patients Data In Clinical Practice, Patricia Williams

Research outputs pre 2011

Issues in the security of medical data present a greater challenge than in other data security environments. The complexity of the threats and ethics involved, coupled with the poor management of these threats makes the protection of data in clinical practice problematic. This paper discusses the security threats to medical data in terms of confidentiality, privacy, integrity, misuse and availability, and reviews the issue of responsibility with reference to clinical governance. Finally. the paper uncovers some of the underlying reasons for the underestimation of the threats to medical data by the medical profession.

Protecting The Communication Structure In Sensor Networks, S. Olariu, Q. Xu, M. Eltoweissy, A. Wadaa

Computer Science Faculty Publications

In the near future wireless sensor networks will be employed in a wide variety of applications establishing ubiquitous networks that will pervade society. The inherent vulnerability of these massively deployed networks to a multitude of threats, including physical tampering with nodes exacerbates concerns about privacy and security. For example, denial of service attacks (DoS) that compromise or disrupt communications or target nodes serving key roles in the network, e.g. sink nodes, can easily undermine the functionality as well as the performance delivered by the network. Particularly vulnerable are the components of the communications or operation infrastructure. Although, by construction, most …

Active Security Mechanisms For Wireless Sensor Networks And Energy Optimization For Passive Security Routing, Lydia Ray

LSU Doctoral Dissertations

Wireless sensor networks consisting of numerous tiny low power autonomous sensor nodes provide us with the remarkable ability to remotely view and interact with the previously unobservable physical world. However, incorporating computation intensive security measures in sensor networks with limited resources is a challenging research issue. The objective of our thesis is to explore different security aspects of sensor networks and provide novel solutions for significant problems. We classify security mechanisms into two categories - active category and passive category. The problem of providing a secure communication infrastructure among randomly deployed sensor nodes requires active security measurements. Key pre-distribution is …

Energy-Rate Based Mac Protocol For Wireless Sensor Networks And Key Pre-Distribution Schemes, Ramaraju Kalidindi

LSU Master's Theses

Sensor networks are typically unattended because of their deployment in hazardous, hostile or remote environments. This makes the problem of conserving energy at individual sensor nodes challenging. S-MAC and PAMAS are two MAC protocols which periodically put nodes (selected at random) to sleep in order to achieve energy savings. Unlike these protocols, we propose an approach in which node duty cycles (i.e sleep and wake schedules) are based on their criticality. A distributed algorithm is used to find sets of winners and losers, who are then assigned appropriate slots in our TDMA based MAC protocol. We introduce the concept of …