Related papers: Exploring the Techniques of Information Security C…
Authentication systems are designed to give the right person access to an organization's information system and to restrict it from the wrong person. Such systems are designed by IT professionals to protect an organization's assets (e.g.,…
Though not yet widely deployed, password-authenticated key exchange (PAKE) protocols have been the subject of several recent standardization efforts, partly because of their resistance against various guessing attacks, but also because they…
Industrial control systems (ICSs) increasingly rely on digital technologies vulnerable to cyber attacks. Cyber attackers can infiltrate ICSs and execute malicious actions. Individually, each action seems innocuous. But taken together, they…
Increased connectivity has made us all more vulnerable. Cyberspace, besides all its benefits, spawned more devices to hack and more opportunities to commit cybercrime. Criminals have found it lucrative to target both individuals and…
This paper systematizes knowledge about secure software supply chain patterns. It identifies four stages of a software supply chain attack and proposes three security properties crucial for a secured supply chain: transparency, validity,…
Traditionally, publicly available repositories of certificates offer the usual response to the problem of public key distribution. After issuing a public-key certificate a certification authority (CA) - in the frame of a particular…
As the quantum computing era approaches, securing classical cryptographic protocols becomes imperative. Public key cryptography is widely used for signature and key exchange but it is the type of cryptography more threatened by quantum…
APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…
Privacy-aware processing of personal data on the web of services requires managing a number of issues arising both from the technical and the legal domain. Several approaches have been proposed to matching privacy requirements (on the…
Computer systems are facing biggest threat in the form of malicious data which causing denial of service, information theft, financial and credibility loss etc. No defense technique has been proved successful in handling these threats.…
There are often situations where two remote users each have data, and wish to (i) verify the equality of their data, and (ii) whenever a discrepancy is found afterwards, determine which of the two modified his data. The most common example…
Internet of Things (IoT) have gained popularity in recent times. With an increase in the number of IoT devices, security and privacy vulnerabilities are also increasing. For sensitive domains like healthcare and industrial sectors, such…
Resource Public Key Infrastructure (RPKI) is a critical security mechanism for BGP, but the complexity of its architecture is a growing concern as its adoption scales. Current RPKI design heavily reuses legacy PKI components, such as X.509…
This paper mainly depicts the conceptual overview of vertical integration, semantic interoperability architecture such as Educational Sector Architectural Framework (ESAF) for New Zealand government and different interoperability framework…
Protected Health Information (PHI) sharing significantly enhances patient care quality and coordination, contributing to more accurate diagnoses, efficient treatment plans, and a comprehensive understanding of patient history. Compliance…
Governments across the world are testing different uses of the blockchain for the delivery of their public services. Blockchain hashing - or the insertion of data in the blockchain - is one of the potential applications of the blockchain in…
Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more…
With the ubiquitous nature of information technology solutions that facilitate communication in the modern world, cyber attacks are increasing in volume and becoming more sophisticated in nature. From classic network-based Denial of Service…
Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…
The 3GPP 5G Service-based Architecture (SBA) security specifications leave several details on how to setup an appropriate Public Key Infrastructure (PKI) for 5G SBA, unspecified. In this work, we propose 5G-SBA-PKI, a public key…