Biblio

The Representational State Transfer (REST) is a distributed application architecture style which adopted on providing various network services. The identity authentication protocol Kerberos has been used to guarantee the security identity authentication of many service platforms. However, the deployment of Kerberos protocol is limited by the defects such as password guessing attacks, data tampering, and replay attacks. In this paper, an optimized Kerberos protocol is proposed and applied in a REST-style Cloud Storage Architecture. Firstly, we propose a Lately Used Newly (LUN) key replacement method to resist the password guessing attacks in Kerberos protocol. Secondly, we propose a formatted signature algorithm and a combination of signature string and time stamp method to cope with the problems of tampering and replay attacks which in deploying Kerberos. Finally, we build a security protection module using the optimized Kerberos protocol to guarantee a secure identity authentication and the reliable data communication between the client and the server. Analyses show that the module significantly improves the security of Kerberos protocol in REST-style cloud storage services.

Wireless sensor networks (WSNs) have the potential to be widely used in many applications. Due to lack of a protected physical boundary, wireless communications are vulnerable to unauthorized interception and detection. While encryption can provide the integrality and confidentiality of the message, it is much more difficult to adequately address the source location privacy. For static deployed WSNs, adversary can easily perform trace-back attack to locate the source nodes by monitoring the traffic. The eavesdropped messages will leak the direction information of the source location by statistic analysis on traffic flow. In this paper, we propose a theoretical analysis measurement to address the quantitative amount of the information leakage from the eavesdropped message. Through this scheme, we analyze the conditions that satisfy the optimum protection for routing protocol design. Based on the proposed principle, we design a routing algorithm to minimize the information leakage by distributing the routing path uniformly in WSN. The theoretical analysis shows the proposed routing algorithm can provide approximate maximization of source location privacy. The simulation results show the proposed routing algorithm is very efficient and can be used for practical applications.