Visible to the public Biblio

Found 154 results

Filters: Keyword is Prototypes  [Clear All Filters]
2022-04-19
Alqarni, Hussain, Alnahari, Wael, Quasim, Mohammad Tabrez.  2021.  Internet of Things (IoT) Security Requirements: Issues Related to Sensors. 2021 National Computing Colleges Conference (NCCC). :1–6.
The last couple of years have seen IoT-enabled sensors continuing to experience massive growth. Sensors have enhanced the possibility of large-scale IoT deployments in grid systems, vehicles, homes, and so forth. A network that incorporates different embedded systems has the underlying capability of transmitting information and receiving instructions through distributed sensor networks. Sensors are especially essential in gathering different pieces of information that relate to different IoT devices. However, security has become a critical concern for sensor networks that are enabled by the IoT. This is partly because of their design limitations like limited memory, weak processing capability, weak processing ability, and exposure to entities that are malicious. Even more, some ad hoc wireless sensor networks that are enabled by IoT are to some extent also prone to frequent changes in topology. This dynamic aspect tends to aggravate the security issues that are associated with sensors, thus enhancing the need to find a lasting solution. This paper sheds light on the IoT security requirements with special attention to issues related to sensors.
2022-04-18
Helmiawan, Muhammad Agreindra, Julian, Eggi, Cahyan, Yavan, Saeppani, Asep.  2021.  Experimental Evaluation of Security Monitoring and Notification on Network Intrusion Detection System for Server Security. 2021 9th International Conference on Cyber and IT Service Management (CITSM). :1–6.
Security of data and information in servers connected to networks that provide services to user computers, is the most important thing to maintain data privacy and security in network security management mechanisms. Weaknesses in the server security system can be exploited by intruders to disrupt the security of the server. One way to maintain server security is to implement an intrusion detection system using the Intrusion Detection System. This research is experimenting to create a security system prototype, monitoring, and evaluating server security systems using Snort and alert notifications that can improve security monitoring for server security. The system can detect intrusion attacks and provide warning messages and attack information through the Intrusion Detection System monitoring system. The results show that snort and alert notifications on the security server can work well, efficiently, and can be handled quickly. Testing attacks with Secure Shell Protocol and File Transfer Protocol Brute Force, Ping of Death and scanning port attacks requires a detection time of no more than one second, and all detection test results are detected and send real-time notification alerts to the Administrator.
Yin, Yi, Tateiwa, Yuichiro, Zhang, Guoqiang, Wang, Yun.  2021.  Consistency Decision Between IPv6 Firewall Policy and Security Policy. 2021 4th International Conference on Information Communication and Signal Processing (ICICSP). :577–581.

Firewall is the first defense line for network security. Packet filtering is a basic function in firewall, which filter network packets according to a series of rules called firewall policy. The design of firewall policy is invariably under the instruction of security policy, which is a generic guideline that lists the needs for network access permissions. The design of firewall policy should observe the regulations of security policy. However, even for IPv4 firewall policy, it is extremely difficult to keep the consistency between security policy and firewall policy. Some consistency decision methods of security policy and IPv4 firewall policy were proposed. However, the address space of IPv6 address is a very large, the existing consistency decision methods can not be directly used to deal with IPv6 firewall policy. To resolve the above problem, in this paper, we use a formal technique to decide the consistency between IPv6 firewall policy and security policy effectively and rapidly. We also developed a prototype model and evaluated the effectiveness of the proposed method.

2022-04-13
Silva, Wagner, Garcia, Ana Cristina Bicharra.  2021.  Where is our data? A Blockchain-based Information Chain of Custody Model for Privacy Improvement 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD). :329–334.
The advancement of Information and Communication Technologies has brought numerous facilities and benefits to society. In this environment, surrounded by technologies, data, and personal information, have become an essential and coveted tool for many sectors. In this scenario, where a large amount of data has been collected, stored, and shared, privacy concerns arise, especially when dealing with sensitive data such as health data. The information owner generally has no control over his information, which can bring serious consequences such as increases in health insurance prices or put the individual in an uncomfortable situation with disclosing his physical or mental health. While privacy regulations, like the General Data Protection Regulation (GDPR), make it clear that the information owner must have full control and management over their data, disparities have been observed in most systems and platforms. Therefore, they are often not able to give consent or have control and management over their data. For the users to exercise their right to privacy and have sufficient control over their data, they must know everything that happens to them, where their data is, and where they have been. It is necessary that the entire life cycle, from generation to deletion of data, is managed by its owner. To this end, this article presents an Information Chain of Custody Model based on Blockchain technology, which allows from the traceability of information to the offer of tools that will enable the effective management of data, offering total control to its owner. The result showed that the prototype was very useful in the traceability of the information. With that it became clear the technical feasibility of this research.
2022-04-01
Rhunn, Tommy Cha Hweay, Raffei, Anis Farihan Mat, Rahman, Nur Shamsiah Abdul.  2021.  Internet of Things (IoT) Based Door Lock Security System. 2021 International Conference on Software Engineering Computer Systems and 4th International Conference on Computational Science and Information Management (ICSECS-ICOCSIM). :6–9.
A door enables you to enter a room without breaking through a wall. Also, a door enables you for privacy, environmental or security reasons. The problem statement which is the biometric system sometimes is sensitive and will not be able to sense the biological pattern of the employer’s fingerprint due to sweat and other factors. Next, people tend to misplace their key or RFID card. Apart from that, people tend to forget their pin number for a door lock. The objective of this paper is to present a secret knock intensity for door lock security system using Arduino and mobile. This project works by using a knock intensity and send the information to mobile application via wireless network to unlock or lock the door.
Kamal, Naheel Faisal, Malluhi, Qutaibah.  2021.  Client-Based Secure IoT Data Sharing using Untrusted Clouds. 2021 IEEE 7th World Forum on Internet of Things (WF-IoT). :409—414.
IoT systems commonly rely on cloud services. However, utilizing cloud providers can be problematic in terms of data security. Data stored in the cloud need to be secured from unauthorized malicious nodes and from the cloud providers themselves. Using a simple symmetric cipher can encrypt the data before uploading and decrypt it while retrieving. However, such a solution can be only applied between two parties with no support for multiple nodes. Whereas in IoT scenarios, many smart devices communicate and share data with each other. This paper proposes a solution that tackles the issue of sharing data securely between IoT devices by implementing a system that allows secure sharing of encrypted data in untrusted clouds. The implementation of the system performs the computation on connectionless clients with no involvement of the cloud server nor any third party. The cloud server is only used as a passive storage server. Analysis of the implemented prototype demonstrates that the system can be used in real-life applications with relatively small overhead. Based on the used hardware, key generation takes about 60 nanoseconds and the storage overhead is only a few kilobytes for large number of files and/or users.
Lin, Shanshan, Yin, Jie, Pei, Qingqi, Wang, Le, Wang, Zhangquan.  2021.  A Nested Incentive Scheme for Distributed File Sharing Systems. 2021 IEEE International Conference on Smart Internet of Things (SmartIoT). :60—65.
In the distributed file sharing system, a large number of users share bandwidth, upload resources and store them in a decentralized manner, thus offering both an abundant supply of high-quality resources and high-speed download. However, some users only enjoy the convenient service without uploading or sharing, which is called free riding. Free-riding may discourage other honest users. When free-riding users mount to a certain number, the platform may fail to work. The current available incentive mechanisms, such as reciprocal incentive mechanisms and reputation-based incentive mechanisms, which suffer simple incentive models, inability to achieve incentive circulation and dependence on a third-party trusted agency, are unable to completely solve the free-riding problem.In this paper we build a blockchain-based distributed file sharing platform and design a nested incentive scheme for this platform. The proposed nested incentive mechanism achieves the circulation of incentives in the platform and does not rely on any trusted third parties for incentive distribution, thus providing a better solution to free-riding. Our distributed file sharing platform prototype is built on the current mainstream blockchain. Nested incentive scheme experiments on this platform verify the effectiveness and superiority of our incentive scheme in solving the free-riding problem compared to other schemes.
2022-03-22
Bai, Zhihao, Wang, Ke, Zhu, Hang, Cao, Yinzhi, Jin, Xin.  2021.  Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks. 2021 IEEE Symposium on Security and Privacy (SP). :1575—1588.
Regular expression denial of service (ReDoS)— which exploits the super-linear running time of matching regular expressions against carefully crafted inputs—is an emerging class of DoS attacks to web services. One challenging question for a victim web service under ReDoS attacks is how to quickly recover its normal operation after ReDoS attacks, especially these zero-day ones exploiting previously unknown vulnerabilities.In this paper, we present RegexNet, the first payload-based, automated, reactive ReDoS recovery system for web services. RegexNet adopts a learning model, which is updated constantly in a feedback loop during runtime, to classify payloads of upcoming requests including the request contents and database query responses. If detected as a cause leading to ReDoS, RegexNet migrates those requests to a sandbox and isolates their execution for a fast, first-measure recovery.We have implemented a RegexNet prototype and integrated it with HAProxy and Node.js. Evaluation results show that RegexNet is effective in recovering the performance of web services against zero-day ReDoS attacks, responsive on reacting to attacks in sub-minute, and resilient to different ReDoS attack types including adaptive ones that are designed to evade RegexNet on purpose.
2022-03-14
Adarsh, S, Jain, Kurunandan.  2021.  Capturing Attacker Identity with Biteback Honeypot. 2021 International Conference on System, Computation, Automation and Networking (ICSCAN). :1–7.
Cyber attacks are increasing at a rapid pace targeting financial institutions and the corporate sector, especially during pandemics such as COVID-19. Honeypots are implemented in data centers and servers, to capture these types of attacks and malicious activities. In this work, an experimental prototype is created simulating the attacker and victim environments and the results are consolidated. Attacker information is extracted using the Meterpreter framework and uses reverse TCP for capturing the data. Normal honeypots does not capture an attacker and his identity. Information such as user ID, Internet Protocol(IP) address, proxy servers, incoming and outgoing traffic, webcam snapshot, Media Access Control(MAC) address, operating system architecture, and router information of the attacker such as ARP cache can be extracted by this honeypot with "biteback" feature.
Jin Kang, Hong, Qin Sim, Sheng, Lo, David.  2021.  IoTBox: Sandbox Mining to Prevent Interaction Threats in IoT Systems. 2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST). :182—193.
Internet of Things (IoT) apps provide great convenience but exposes us to new safety threats. Unlike traditional software systems, threats may emerge from the joint behavior of multiple apps. While prior studies use handcrafted safety and security policies to detect these threats, these policies may not anticipate all usages of the devices and apps in a smart home, causing false alarms. In this study, we propose to use the technique of mining sandboxes for securing an IoT environment. After a set of behaviors are analyzed from a bundle of apps and devices, a sandbox is deployed, which enforces that previously unseen behaviors are disallowed. Hence, the execution of malicious behavior, introduced from software updates or obscured through methods to hinder program analysis, is blocked.While sandbox mining techniques have been proposed for Android apps, we show and discuss why they are insufficient for detecting malicious behavior in a more complex IoT system. We prototype IoTBox to address these limitations. IoTBox explores behavior through a formal model of a smart home. In our empirical evaluation to detect malicious code changes, we find that IoTBox achieves substantially higher precision and recall compared to existing techniques for mining sandboxes.
2022-02-25
Phua, Thye Way, Patros, Panos, Kumar, Vimal.  2021.  Towards Embedding Data Provenance in Files. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC). :1319–1325.
Data provenance (keeping track of who did what, where, when and how) boasts of various attractive use cases for distributed systems, such as intrusion detection, forensic analysis and secure information dependability. This potential, however, can only be realized if provenance is accessible by its primary stakeholders: the end-users. Existing provenance systems are designed in a `all-or-nothing' fashion, making provenance inaccessible, difficult to extract and crucially, not controlled by its key stakeholders. To mitigate this, we propose that provenance be separated into system, data-specific and file-metadata provenance. Furthermore, we expand data-specific provenance as changes at a fine-grain level, or provenance-per-change, that is recorded alongside its source. We show that with the use of delta-encoding, provenance-per-change is viable, asserting our proposed architecture to be effectively realizable.
2022-02-22
Chen, Zhongyong, Han, Liegang, Xu, Yongshun, Yu, Zuwei.  2021.  Design and Implementation of A Vulnerability-Tolerant Reverse Proxy Based on Moving Target Defense for E-Government Application. 2021 2nd Information Communication Technologies Conference (ICTC). :270—273.
The digital transformation is injecting energy into economic growth and governance improvement for the China government. Digital governance and e-government services are playing a more and more important role in public management and social governance. Meanwhile, cyber-attacks and threats become the major challenges for e-government application systems. In this paper, we proposed a novel dynamic access entry scheme for web application, which provide a rapidly-changing defender-controlled attack surface based on Moving Target Defense (MTD) technology. The scheme can turn the static keywords of Uniform Resource Locator (URL) into the dynamic and random ones, which significantly increase the cost to adversaries attack. We present the prototype of the proposed scheme and evaluate the feasibility and effectiveness. The experimental results demonstrated the scheme is practical and effective.
Gao, Chungang, Wang, Yongjie, Xiong, Xinli, Zhao, Wendian.  2021.  MTDCD: an MTD Enhanced Cyber Deception Defense System. 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). 4:1412—1417.
Advanced persistent threat (APT) attackers usually conduct a large number of network reconnaissance before a formal attack to discover exploitable vulnerabilities in the target network and system. The static configuration in traditional network systems provides a great advantage for adversaries to find network targets and launch attacks. To reduce the effectiveness of adversaries' continuous reconnaissance attacks, this paper develops a moving target defense (MTD) enhanced cyber deception defense system based on software-defined networks (SDN). The system uses virtual network topology to confuse the target network and system information collected by adversaries. Also Besides, it uses IP address randomization to increase the dynamics of network deception to enhance its defense effectiveness. Finally, we implemented the system prototype and evaluated it. In a configuration where the virtual network topology scale is three network segments, and the address conversion cycle is 30 seconds, this system delayed the adversaries' discovery of vulnerable hosts by an average of seven times, reducing the probability of adversaries successfully attacking vulnerable hosts by 83%. At the same time, the increased system overhead is basically within 10%.
Ordouie, Navid, Soundararajan, Nirmala, Karne, Ramesh, Wijesinha, Alexander L..  2021.  Developing Computer Applications without any OS or Kernel in a Multi-core Architecture. 2021 International Symposium on Networks, Computers and Communications (ISNCC). :1—8.
Over the years, operating systems (OSs) have grown significantly in complexity and size providing attackers with more avenues to compromise their security. By eliminating the OS, it becomes possible to develop general-purpose non-embedded applications that are free of typical OS-related vulnerabilities. Such applications are simpler and smaller in size, making it easier secure the application code. Bare machine computing (BMC) applications run on ordinary desktops and laptops without the support of any operating system or centralized kernel. Many BMC applications have been developed previously for single-core systems. We show how to build BMC applications for multicore systems by presenting the design and implementation of a novel UDP-based bare machine prototype Web server for a multicore architecture. We also include preliminary experimental results from running the server on the Internet. This work provides a foundation for building secure computer applications that run on multicore systems without the need for intermediary software.
Singh, Ashwini Kumar, Kushwaha, Nagendra.  2021.  Software and Hardware Security of IoT. 2021 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS). :1—5.
With the tremendous growth of IoT application, providing security to IoT systems has become more critical. In this paper, a technique is presented to ensure the safety of Internet of Things (IoT) devices. This technique ensures hardware and software security of IoT devices. Blockchain technology is used for software security and hardware logics are used for hardware security. For enabling a Blockchain, Ethereum Network is used for secure peer-to-peer transmission. A prototype model is also used using two IoT nodes to demonstrate the security logic.
2022-02-04
Xie, Xin, Liu, Xiulong, Guo, Song, Qi, Heng, Li, Keqiu.  2021.  A Lightweight Integrity Authentication Approach for RFID-enabled Supply Chains. IEEE INFOCOM 2021 - IEEE Conference on Computer Communications. :1—10.
Major manufacturers and retailers are increasingly using RFID systems in supply-chain scenarios, where theft of goods during transport typically causes significant economic losses for the consumer. Recent sample-based authentication methods attempt to use a small set of random sample tags to authenticate the integrity of the entire tag population, which significantly reduces the authentication time at the expense of slightly reduced reliability. The problem is that it still incurs extensive initialization overhead when writing the authentication information to all of the tags. This paper presents KTAuth, a lightweight integrity authentication approach to efficiently and reliably detect missing tags and counterfeit tags caused by stolen attacks. The competitive advantage of KTAuth is that it only requires writing the authentication information to a small set of deterministic key tags, offering a significant reduction in initialization costs. In addition, KTAuth strictly follows the C1G2 specifications and thus can be deployed on Commercial-Off-The-Shelf RFID systems. Furthermore, KTAuth proposes a novel authentication chain mechanism to verify the integrity of tags exclusively based on data stored on them. To evaluate the feasibility and deployability of KTAuth, we implemented a small-scale prototype system using mainstream RFID devices. Using the parameters achieved from the real experiments, we also conducted extensive simulations to evaluate the performance of KTAuth in large-scale RFID systems.
2022-01-31
Janak, Jan, Retty, Hema, Chee, Dana, Baloian, Artiom, Schulzrinne, Henning.  2021.  Talking After Lights Out: An Ad Hoc Network for Electric Grid Recovery. 2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :181–187.
When the electrical grid in a region suffers a major outage, e.g., after a catastrophic cyber attack, a “black start” may be required, where the grid is slowly restarted, carefully and incrementally adding generating capacity and demand. To ensure safe and effective black start, the grid control center has to be able to communicate with field personnel and with supervisory control and data acquisition (SCADA) systems. Voice and text communication are particularly critical. As part of the Defense Advanced Research Projects Agency (DARPA) Rapid Attack Detection, Isolation, and Characterization Systems (RADICS) program, we designed, tested and evaluated a self-configuring mesh network prototype called the Phoenix Secure Emergency Network (PhoenixSEN). PhoenixSEN provides a secure drop-in replacement for grid's primary communication networks during black start recovery. The network combines existing and new technologies, can work with a variety of link-layer protocols, emphasizes manageability and auto-configuration, and provides services and applications for coordination of people and devices including voice, text, and SCADA communication. We discuss the architecture of PhoenixSEN and evaluate a prototype on realistic grid infrastructure through a series of DARPA-led exercises.
Grabatin, Michael, Hommel, Wolfgang.  2021.  Self-sovereign Identity Management in Wireless Ad Hoc Mesh Networks. 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM). :480–486.

Verifying the identity of nodes within a wireless ad hoc mesh network and the authenticity of their messages in sufficiently secure, yet power-efficient ways is a long-standing challenge. This paper shows how the more recent concepts of self-sovereign identity management can be applied to Internet-of-Things mesh networks, using LoRaWAN as an example and applying Sovrin's decentralized identifiers and verifiable credentials in combination with Schnorr signatures for securing the communication with a focus on simplex and broadcast connections. Besides the concept and system architecture, the paper discusses an ESP32-based implementation using SX1276/SX1278 LoRa chips, adaptations made to the lmic- and MbedTLS-based software stack, and practically evaluates performance aspects in terms of data overhead, time-on-air impact, and power consumption.

Abubakar, Mwrwan, Jaroucheh, Zakwan, Al Dubai, Ahmed, Buchanan, Bill.  2021.  A Decentralised Authentication and Access Control Mechanism for Medical Wearable Sensors Data. 2021 IEEE International Conference on Omni-Layer Intelligent Systems (COINS). :1—7.
Recent years have seen an increase in medical big data, which can be attributed to a paradigm shift experienced in medical data sharing induced by the growth of medical technology and the Internet of Things. The evidence of this potential has been proved during the recent covid-19 pandemic, which was characterised by the use of medical wearable devices to help with the medical data exchange between the healthcare providers and patients in a bid to contain the pandemic. However, the use of these technologies has also raised questions and concerns about security and privacy risks. To assist in resolving this issue, this paper proposes a blockchain-based access control framework for managing access to users’ medical data. This is facilitated by using a smart contract on the blockchain, which allows for delegated access control and secure user authentication. This solution leverages blockchain technology’s inherent autonomy and immutability to solve the existing access control challenges. We have presented the solution in the form of a medical wearable sensor prototype and a mobile app that uses the Ethereum blockchain in a real data sharing control scenario. Based on the empirical results, the proposed solution has proven effective. It has the potential to facilitate reliable data exchange while also protecting sensitive health information against potential threats. When subjected to security analysis and evaluation, the system exhibits performance improvements in data privacy levels, high security and lightweight access control design compared to the current centralised access control models.
2022-01-25
Calvo, Miguel, Beltrán, Marta.  2021.  Remote Attestation as a Service for Edge-Enabled IoT. 2021 IEEE International Conference on Services Computing (SCC). :329–339.
The Internet of Things integrates multiple hardware appliances from large cloud data centres to constrained devices embedded within the physical reality, from multiple vendors and providers, under the same infrastructure. These appliances are subject to different restrictions, have different available resources and show different risk profiles and vulnerabilities. In these scenarios, remote attestation mechanisms are essential, enabling the verification of a distant appliance’s internal state before allowing it to access sensitive data or execute critical workloads. This work proposes a new attestation approach based on a Trusted Platform Module (TPM), devoted to performing Remote Attestation as a Service (RAaaS) while guaranteeing essential properties such as flexibility, generality, domain separation and authorized initiation. The proposed solution can prove both edge devices and IoT devices reliability to services running on cloud data centres. Furthermore, the first prototype of this service has been validated and evaluated via a real use case.
Gonsher, Ian, Lei, Zhenhong.  2021.  Prototype of Force Feedback Tool for Mixed Reality Applications. 2021 IEEE International Symposium on Mixed and Augmented Reality Adjunct (ISMAR-Adjunct). :508—509.
This prototype demonstrates the viability of manipulating both physical and virtual objects with the same tool in order to maintain object permanence across both modes of interaction. Using oppositional force feedback, provided by a servo, and an augmented visual interface, provided by the user’s smartphone, this tool simulates the look and feel of a physical object within an augmented environment. Additionally, the tool is also able to manipulate physical objects that are not part of the augmented reality, such as a physical nut. By integrating both modes of interaction into the same tool, users can fluidly move between these different modes of interaction, manipulating both physical and virtual objects as the need arises. By overlaying this kind of visual and haptic augmentation onto a common tool such as a pair of pliers, we hope to further explore scenarios for collaborative telepresence in future work.
2022-01-10
Babrekar, Devika, Patel, Darsh, Patkar, Sachin, Lobo, Vivian Brian.  2021.  Blockchain-based Digital Locker using BigchainDB and InterPlanetary File System. 2021 6th International Conference on Communication and Electronics Systems (ICCES). :950–956.
Our identity as a human being is determined by the documents, not by appearance or physicality. The most important thing to prove the identity of humans is to show a government-issued document. Generally, from birth to death humans are recognized by documents because they are born with a birth certificate and they die with a death certificate. The main problem with these documents is that, they can be falsified or manipulated by others. Moreover in this digital era, they are stored in a centralized manner, which is prone to a cyber threat. This study aims to develop a blockchain environment to create, verify, and securely share documents in a decentralized manner. With the help of bigchainDB, interplanetary file system (IPFS), and asymmetric encryption, this research work will prototype the proposed solution called blockchain-based digital locker, which is similar to the DigiLocker released by the Department of Electronics and Information Technology (DeitY), Govt. of India. BigchainDB will help in treating each document as an asset by making it immutable with the help of IPFS and asymmetric encryption, where documents can not only be shared but also verified.
Shoshina, Anastasiia V., Borzunov, Georgii I., Ivanova, Ekaterina Y..  2021.  Application of Bio-inspired Algorithms to the Cryptanalysis of Asymmetric Ciphers on the Basis of Composite Number. 2021 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus). :2399–2403.
In some cases, the confidentiality of cryptographic algorithms used in digital communication is related to computational complexity mathematical problems, such as calculating the discrete logarithm, the knapsack problem, decomposing a composite number into prime divisors etc. This article describes the application of insolvability of factorization of a large composite number, and reviews previous work integer factorization using either the deterministic or the bio-inspired algorithms. This article focuses on the possibility of using bio-inspired methods to solve the problem of cryptanalysis of asymmetric encryption algorithms, which ones based on factorization of composite numbers. The purpose of this one is to reviewing previous work in integer factorization algorithms, developing a prototype of either the deterministic and the bio-inspired algorithm and the effectiveness of the developed algorithms and recommendations are made for future research paths.
2021-12-21
Hatakeyama, Koudai, Kotani, Daisuke, Okabe, Yasuo.  2021.  Zero Trust Federation: Sharing Context under User Control towards Zero Trust in Identity Federation. 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and Other Affiliated Events (PerCom Workshops). :514–519.
Perimeter models, which provide access control for protecting resources on networks, make authorization decisions using the source network of access requests as one of critical factors. However, such models are problematic because once a network is intruded, the attacker gains access to all of its resources. To overcome the above problem, a Zero Trust Network (ZTN) is proposed as a new security model in which access control is performed by authenticating users who request access and then authorizing such requests using various information about users and devices called contexts. To correctly make authorization decisions, this model must take a large amount of various contexts into account. However, in some cases, an access control mechanism cannot collect enough context to make decisions, e.g., when an organization that enforces access control joins the identity federation and uses systems operated by other organizations. This is because the contexts collected using the systems are stored in individual systems and no federation exists for sharing contexts. In this study, we propose the concept of a Zero Trust Federation (ZTF), which applies the concept of ZTN under the identity federation, and a method for sharing context among systems of organizations. Since context is sensitive to user privacy, we also propose a mechanism for sharing contexts under user control. We also verify context sharing by implementing a ZTF prototype.
2021-11-29
Imanimehr, Fatemeh, Gharaee, Hossein, Enayati, Alireza.  2020.  An Architecture for National Information Sharing and Alerting System. 2020 10th International Symposium onTelecommunications (IST). :217–221.
Protecting critical infrastructure from cyber threats is one of the most important obligations of governments to ensure the national and social security of the society. Developing national cyber situational awareness platform provides a protection of critical infrastructures. In such a way, each infrastructure, independently, generates its own situational awareness and shares it with other infrastructures through a national sharing and alerting center. The national information sharing and alerting center collects cyber information of infrastructures and draws a picture of national situational awareness by examining the potential effects of received threats on other infrastructures and predicting the national cyber status in near future. This paper represents the conceptual architecture for such national sharing system and suggests some brief description of its implementation.