A secure dynamic ID based remote user authentication scheme for multi-server environment

Since the number of server providing the facilities for the user is usually more than one, the authentication protocols for multi-server environment are required for practical applications. Most of password authentication schemes for multi-server environment are based on static ID, so the adversary can use this information to trace and identify the user's requests. It is unfavorable to be applied to special applications, such as e-commerce. In this paper, we develop a secure dynamic ID based remote user authentication scheme to achieve user's anonymity. The proposed scheme only uses hashing functions to implement a robust authentication scheme for the multi-server environment. It provides a secure method to update password without the help of third trusted party. The proposed scheme does not only satisfy all requirements for multi-server environment but also achieve efficient computation. Besides, our scheme provides complete functionality to suit with the real applications.     

Fractal: A mobile code-based framework for dynamic application protocol adaptation

The rapid growth of heterogeneous devices and diverse networks in our daily life, makes it is very difficult, if not impossible, to build a one-size-fits-all application or protocol, which can run well in such a dynamic environment. Adaptation has been considered as a general approach to address the mismatch problem between clients and servers; however, we envision that the missing part, which is also a big challenge, is how to inject and deploy adaptation functionality into the environment. In this paper we propose a novel application level protocol adaptation framework, Fractal, which uses the mobile code technology for protocol adaptation and leverages existing content distribution networks (CDN) for protocol adaptors (mobile codes) deployment. To the best of our knowledge, Fractal is the first application level protocol adaptation framework that considers the real deployment problem using mobile code and CDN. To evaluate the proposed framework, we have implemented two case studies: an adaptive message encryption protocol and an adaptive communication optimization protocol. In the adaptive message encryption protocol, Fractal always chooses a proper encryption algorithm according to different application requirements and device characteristics. And the adaptive communication optimization protocol is capable of dynamically selecting the best one from four communication protocols, including Direct sending, Gzip, Bitmap, and Vary-sized blocking, for different hardware and network configurations. In comparison with other adaptation approaches, evaluation results show the proposed adaptive approach performs very well on both the client side and server side. For some clients, the total communication overhead reduces 41% compared with no protocol adaptation mechanism, and 14% compared with the static protocol adaptation approach.     

Security in the Ajanta mobile agent system

A mobile agent is an object which can autonomously migrate in a distributed system to perform tasks on behalf of its creator. Security issues in regard to the protection of host resources, as well as the agent themselves, raise significant obstacles in practical applications of the agent paradigm. This article describes the security architecture of Ajanta, a Java‐based system for mobile agent programming. This architecture provides mechanisms to protect server resources from malicious agents, agent data from tampering by malicious servers and communication channels during its travel, and protection of name service data and the global namespace. We present here a proxy based mechanism for secure access to server resources by agents. Using Java's class loader model and thread group mechanism, isolated execution domains are created for agents at a server. An agent can contain three kinds of protected objects: read‐only objects whose tampering can be detected, encrypted objects for specific servers, and a secure append‐only log of objects. A generic authentication protocol is used for all client–server interactions when protection is required. Using this mechanism, the security model of Ajanta enforces protection of namespaces, and secure execution of control primitives such as agent recall or abort. Ajanta also supports communication between agents using RMI, which can be controlled if required by the servers' security policies. Copyright © 2001 John Wiley & Sons, Ltd.     

Defending RFID authentication protocols against DoS attacks

In this paper, we present a security weakness of a forward secure authentication protocol proposed by Tri Van Le et al. called O-FRAP which stands for Optimistic Forward secure RFID Authentication Protocol. In particular, we point out that in the O-FRAP protocol, the server can be subject to a denial-of-service attack due to a flaw in the database querying procedure. Our attack also applies to a simplified version of O-FRAP called O-RAP (Optimistic RFID Authentication Protocol) which is essentially O-FRAP but without a secret key updating procedure (and thus forward security). We then propose two improved protocols called O-FRAP⁺ and O-RAP⁺ which prevent the said denial-of-service attack. In addition, the O-FRAP⁺ protocol also addresses two security weaknesses of O-FRAP pointed out earlier by Khaled and Raphael. In terms of performance, comparing to O-FRAP, O-FRAP⁺ requires a few more computational steps but much less storage at the back-end server.     

Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography

Radio frequency identification (RFID) is a wireless technology for automatic identification and data capture. Security and privacy issues in the RFID systems have attracted much attention. Many approaches have been proposed to achieve the security and privacy goals. One of these approaches is RFID authentication protocols by which a server and tags can authorize each other through an intracity process. Recently, Chou proposed a RFID authentication protocol based on elliptic curve cryptography. However, this paper demonstrates that the Chou’s protocol does not satisfy tag privacy, forward privacy and authentication, and server authentication. Based on these security and privacy problems, we also show that Chou’s protocol is defenseless to impersonation attacks, tag cloning attacks and location tracking attacks. Therefore, we propose a more secure and efficient scheme, which does not only cover all the security flaws and weaknesses of related previous protocols, but also provides more functionality. We prove the security of the proposed improved protocol in the random oracle model.     

基于Kerberos协议的移动网络鉴别技术

提出了一种方法，通过间接客户／代理模型把kerberos协议引入移动环境，从而为移动网络提供安全鉴别。该方法包含一个可移植的代理模块(不要求其可靠)和一个可运行在移动设备或IC卡上的轻型客户端模块。这种功能分离模式使Kerberos协议能比较容易地安装到因特网服务提供设备或移动计算设备上。同时也论证了本方法至少达到同Kerberos协议一样强的安全性。     

EC2C-PAKA: An efficient client-to-client password-authenticated key agreement

Most password-authenticated key agreement schemes described in the literature have focused on authenticated key agreement using a shared password between a client and a server. With rapid changes in the modern communication environment such as ad hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients. This paradigm is a quite different paradigm from the existing ones.In this paper, we study client-to-client password-authenticated key agreement (C2C-PAKA) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented a C2C-PAKA protocol under the cross-realm setting. However, the scheme was not formally treated, and subsequently found to be flawed. In addition, in this scheme, there is still opportunity for improvements both in the computation and communication aspects. We provide formal treatments for the C2C-PAKA protocol by using Bellare et al.’s security model. We also suggest an efficientC2C-PAKA protocol and prove that the protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.     

Wireless Handheld Devices Become Trusted Network Devices

ABSTRACT

In the world of information technology, a security model is only as secure as its weakest link. There are several layers of security and different measures that can currently be implemented. However, they lack coordination, and therefore potential security breaches might compromise the network. With wireless access becoming the norm, and users requiring “on the move communication” even within a campus, networks are expanding past the traditional wired networks by adding wireless access points. This gives customers the flexibility they require but leaves a net threat vector to the network. There have been various encryption and security steps taken to validate the communication and authentication of the devices and end users connecting. This project addresses the critical problem of secure authentication using the 802.1x standard, which will be implemented using Microsoft's Radius server elements. It will involve the enrollment of secure certificates on Windows mobile devices, thus securing mobile devices from physical attacks. To ensure that all steps are adhered to, that all necessary applications have been installed, and to handle Web service communication, an application will be created that will provide an automated solution.     

Efficient verifier-based password-authenticated key exchange in the three-party setting

In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.     

A PK-SIM card based end-to-end security framework for SMS

Since the first SMS (Short Message Services) message was sent in the UK in 1992, the SMS has become a mass communication tool and has been broadly used in mobile business applications. But the security issue of the SMS has often been considered as a crucial barrier to its application in many fields that need strong authentication and confidentiality, such as mobile-commerce. The Subscriber Identity Module (SIM) inside mobile phones is a tamper resistant device which contains strong authentication mechanism and has been used in remote user authentication system, e.g. WIM¹ card in Wireless Application Protocol (WAP). In this contribution, we design and realize a secure SIM card, named PK-SIM card, which is a standard SIM card with additional PKI functionality; based on the PK-SIM card, we present a security framework offering solutions for the development of secure mobile business applications using SMS as bearer. The security framework consists of a client device, in which a PK-SIM card is used to store security credentials, a Secure Access Gateway (SAG) which is used to receive and send secure SMS messages, a trusted third-party, Certification Authority (CA), which provides a public-key certification service and a Mobile Operator which provides the communication infrastructure for the SMS. Then we propose an authentication and session key distribution protocol which provides end-to-end security between the PK-SIM card and the SAG, and give a formal security analysis to the proposed protocol based on BAN authentication logic². Lastly, we provide a typical application of the security framework in Mobile Police Information System. The evaluations of the system have proved that the security framework is suitable for actual needs both in speed and security.     

Secure multidimensional range queries over outsourced data

In this paper, we study the problem of supporting multidimensional range queries on encrypted data. The problem is motivated by secure data outsourcing applications where a client may store his/her data on a remote server in encrypted form and want to execute queries using server??s computational capabilities. The solution approach is to compute a secure indexing tag of the data by applying bucketization (a generic form of data partitioning) which prevents the server from learning exact values but still allows it to check if a record satisfies the query predicate. Queries are evaluated in an approximate manner where the returned set of records may contain some false positives. These records then need to be weeded out by the client which comprises the computational overhead of our scheme. We develop a bucketization procedure for answering multidimensional range queries on multidimensional data. For a given bucketization scheme, we derive cost and disclosure-risk metrics that estimate client??s computational overhead and disclosure risk respectively. Given a multidimensional dataset, its bucketization is posed as an optimization problem where the goal is to minimize the risk of disclosure while keeping query cost (client??s computational overhead) below a certain user-specified threshold value. We provide a tunable data bucketization algorithm that allows the data owner to control the trade-off between disclosure risk and cost. We also study the trade-off characteristics through an extensive set of experiments on real and synthetic data.     

Transformation of GRAFCET to PLC code including hierarchical structures

GRAFCET is an advantageous modelling language for the specification of controllers in discrete event systems. It allows for hierarchically structuring a control program's specification based on the elements enclosing steps, partial-Grafcets and forcing orders. A method is already available for the automatic transformation of Grafcets¹ into PLC code but this method cannot keep the hierarchical structures due to limitations of the PLC language SFC. In this contribution a systematic approach to automatically transform Grafcets into PLC code while retaining the hierarchical structures is described.     

A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards

Advancement in communication technology provides a scalable platform for various services, where a remote user can access the server from anywhere without moving from its place. It provides a unique opportunity for online services such that a user does not need to be physically present at the service center. These services adopt authentication and key agreement protocols in order to ensure authorized and secure access to the resources. Most of the authentication schemes proposed in the literature support a single-server environment, where the user has to register with each server. If a user wishes to access multiple application servers, he/she requires to register with each server. The multi-server authentication introduces a scalable platform such that a user can interact with any server using single registration. Recently, Chuang and Chen proposed an efficient multi-server authenticated key agreement scheme based on a user’s password and biometrics (Chuang and Chen, 2014). Their scheme is a lightweight, which requires the computation of only hash functions. In this paper, we first analyze Chuang and Chen’s scheme and then identify that their scheme does not resist stolen smart card attack which causes the user’s impersonation attack and server spoofing attack. We also show that their scheme fails to protect denial-of-service attack. We aim to propose an efficient improvement on Chuang and Chen’s scheme to overcome the weaknesses of their scheme, while also retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Chuang and Chen’s scheme. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against the replay and man-in-the-middle attacks. In addition, our scheme is comparable in terms of the communication and computational overheads with Chuang and Chen’s scheme and other related existing schemes.     

A lightweight authentication and key agreement protocol preserving user anonymity

Nowadays with widespread employment of the Internet, servers provide various services for legal users. The vital issue in client/server connections is authentication protocols that make the communication channel safe and secure against famous attacks. Recently, Kumari et al. and Chaudhry et al. proposed two authentication and key agreement protocols and illustrated that their proposed protocols are secure against various security attacks. However, in this paper we demonstrate that both protocols are vulnerable to off-line password guessing attacks. Moreover, we show that Kumari et al.’s protocol does not provide the property of user anonymity. In order to overcome these weaknesses, we propose a lightweight authentication and key agreement protocol. The correctness of the proposed protocol is proved using BAN logic. Security analysis demonstrates that the proposed protocol resists various security attacks and provides user anonymity. Furthermore, performance analysis confirms that the computation cost of the proposed protocol is acceptable.

     

Experiences building a communication‐oriented JavaOS

Mobile code makes it easier to maintain, debug, update, and customize a system. Active networks are one of the more interesting applications of mobile code: code is injected into the nodes of a network to customize the network's functionality, such as routing, and to add new features, such as special‐purpose congestion control and filtering algorithms. The challenge is to develop a communication‐oriented platform for such systems. We refer to mobile code targeted at low‐level, communication‐oriented systems like active networks as liquid software, the key distinction being that liquid software is focused on the efficient transfer of data, not high‐performance computation. To this end, we have designed and implemented Joust, which consists of a complete re‐implementation of the Java virtual machine (including both the runtime system and a just‐in‐time compiler), running on the Scout operating system (a configurable, communication‐oriented OS). The result is a configurable, high‐performance platform for running liquid software. We present the results of implementing two different applications of liquid software on Joust, including a prototype architecture for active networks. Copyright © 2000 John Wiley & Sons, Ltd.     

SPP: An anti-phishing single password protocol

Most users have multiple accounts on the Internet where each account is protected by a password. To avoid the headache in remembering and managing a long list of different and unrelated passwords, most users simply use the same password for multiple accounts. Unfortunately, the predominant HTTP basic authentication protocol (even over SSL) makes this common practice remarkably dangerous: an attacker can effectively steal users’ passwords for high-security servers (such as an online banking website) by setting up a malicious server or breaking into a low-security server (such as a high-school alumni website). Furthermore, the HTTP basic authentication protocol is vulnerable to phishing attacks because a client needs to reveal his password to the server that the client wants to login.In this paper, we propose a protocol that allows a client to securely use a single password across multiple servers, and also prevents phishing attacks. Our protocol achieves client authentication without the client revealing his password to the server at any point. Therefore, a compromised server cannot steal a client’s password and replay it to another server.Our protocol is simple, secure, efficient and user-friendly. In terms of simplicity, it only involves three messages. In terms of security, the protocol is secure against the attacks that have been discovered so far including the ones that are difficult to defend, such as the malicious server attacks described above and the recent phishing attacks. Essentially our protocol is an anti-phishing password protocol. In terms of efficiency, each run of our protocol only involves a total of four computations of a one-way hash function. In terms of usability, the protocol requires a user to remember only one password consisting of eight (or more) random characters, and this password can be used for all of his accounts.     

Transparently Obtaining Scalability for Java Applications on a Cluster

cJVM is a Java virtual machine (JVM) which provides a single system image of a traditional JVM while executing in a distributed fashion on the nodes of a cluster. cJVM virtualizes the cluster, transparently distributing the objects and threads of any pure Java application. The aim of cJVM is to obtain improved scalability for Java server applications by distributing the application's work among the cluster's computing resources. cJVM's architecture, its unique object model, thread, and memory models, were described by Y. Aridor et al. (1999, in “International Conference on Parallel Processing, September 21–24) and at http://www.haifa.il.ibm.com/projects/systech/cjvm.html. In this article, we focus on the optimization techniques employed in cJVM to achieve high scalability. In particular, we focus on the techniques used to enhance locality, thereby reducing the amount of communication generated by cJVM. Our optimization techniques are based on three principles. First, we employ a large number of mostly simple optimizations which address caching, locality of execution, and object migration. Second, we take advantage of the Java semantics and of common usage patterns in implementing the optimizations. Third, we use speculative optimizations, taking advantage of the fact that the cJVM run-time environment can correct false speculations. We have demonstrated the usefulness of these techniques on a large (10 Kloc), real, Java application where we demonstrate an 80% efficiency on a four-node cluster. This paper discusses the various techniques used and reports our results.     

开放式安全存储区域网模拟平台

模拟系统是研究与测试系统功能的重要方法,分析了现有存储区域网模拟系统,针对测试各类应用于保护存储区域网系统的安全机制,设计了开放式安全存储区域网模拟平台.使用线程模拟存储区域网系统中的主机、元数据服务器和存储设备,使用缓冲区模拟存储区域网系统中的通信,实现了接收访问请求和主机模块,构建了元数据和存储设备模块的框架,提供了实现元数据管理和存储设备中数据管理功能的功能接口,能模拟存储区域网的各项功能;在元数据和存储设备模块中提供了增加安全保护机制的安全接口,通过实现的不同安全保护机制,能模拟各类安全存储区域网系统,从而为测试各类应用于保护存储区域网系统的安全机制提供良好的平台;最后在元数据和存储设备模块中,通过功能接口实现了基本的元数据管理和存储设备中的数据管理功能,测试系统是否能正确地处理访问请求,完成存储区域网的功能.测试结果表明:开放式安全存储区域网模拟平台能模拟存储区域网处理访问请求的流程,为测试各类应用于保护存储区域网系统的安全机制提供了良好的基础.     

一种基于HTTP安全模型的设计和实现

文中提出了一种支持浏览器/服务器方式的灵活、可靠的安全模型。可用于解决浏览器服务器访问模式下的服务器方的访问控制以及浏览器和服务器间的安全通信问题。在不需要浏览器端事先作任何改动的情况下,由服务器方根据需要自动推送一安全模块(安全代理)到浏览器方,并和浏览器透明地进行集成,从而实现安全通信。是一个灵活、通用的安全系统。     

Distributed computing paradigms for collaborative signal and information processing in sensor networks

In this paper, we report the development of an energy-efficient, high-performance distributed computing paradigm to carry out Collaborative Signal and Information Processing (CSIP) in sensor networks using mobile agents. In this paradigm, the processing code is moved to the sensor nodes through mobile agents, in contrast to the client/server-based computing, where local data are transferred to a processing center. Although the client/server paradigm has been widely used in distributed computing, the many advantages of the mobile agent paradigm make it more suitable for sensor networks. The paper first presents simulation models for both the client/server paradigm and the mobile agent paradigm. We use the execution time, energy and energy*delay as metrics to measure the performance. Several experiments are designed to show the effect of different parameters on the performance of the paradigms. Experimental results show that the mobile agent paradigm performs much better when the number of nodes is large while the client/server paradigm is advantageous when the number of nodes is small. Based on this observation, we then propose a cluster-based hybrid computing paradigm to combine the advantages of these two paradigms. There are two schemes in this paradigm and simulation results show that there is always one scheme which performs better than either the client/server or the mobile agent paradigms. Thus, the cluster-based hybrid computing provides an energy-efficient and high-performance solution to CSIP.