A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.

System and method for secure three-party communications

In this paper, the fundamental insecurities hampering a scalable, wide-spread deployment of biometric authentication are examined, and a cryptosystem capable of using fingerprint data as its key is presented. For our application, we focus on situations where a private key stored on a smartcard is used for authentication in a networked environment, and we assume an attacker can launch o -line attacks against a stolen card.Juels and Sudan's fuzzy vault is used as a starting point for building and analyzing a secure authentication scheme using fingerprints and smartcards called a figerprint vault. Fingerprint minutiae coordinates mi are encoded as elements in a nite eld F and the secret key is encoded in a polynomial f(x) over F[x]. The polynomial is evaluated at the minutiae locations, and the pairs (mi, f(mi)) are stored along with random (ci, di) cha points such that di ≠ f(ci). Given a matching fingerprint, a valid user can seperate out enough true points from the cha points to reconstruct f(x), and hence the original secret key.The parameters of the vault are selected such that the attacker's vault unlocking complexity is maximized, subject to zero unlocking complexity with a matching fingerprint and a reasonable amount of error. For a feature location measurement variance of 9 pixels, the optimal vault is 269 times more difficult to unlock for an attacker compared to a user posessing a matching fingerprint, along with approximately a 30% chance of unlocking failure.

Secure smartcardbased fingerprint authentication

A survey of approaches combining safety and security for industrial control systems

A system and method authenticates users via any two or three of 1) Something the user knows; 2) Something the user has; and 3) A physical characteristic of the user.

System and method for authenticating users using two or more factors

With the fast development in ad hoc wireless communications and vehicular technology, it is foreseeable that, in the near future, traffic information will be collected and disseminated in real-time by mobile sensors instead of fixed sensors used in the current infrastructure-based traffic information systems. A distributed network of vehicles such as a vehicular ad hoc network (VANET) can easily turn into an infrastructure-less self-organizing traffic information system, where any vehicle can participate in collecting and reporting useful traffic information such as section travel time, flow rate, and density. Disseminating traffic information relies on broadcasting protocols. Recently, there have been a significant number of broadcasting protocols for VANETs reported in the literature. In this paper, we classify and provide an in-depth review of these protocols.

A Review of Information Dissemination Protocols for Vehicular Ad Hoc Networks

Trust management is an important aspect of information security in an organisation. It involves the complexity of relationships among people, computers and the organisational system. It becomes even more complex in the virtual enterprise environment where cross-organisational activities are involved. This paper presents a new paradigm for establishing trust across multiple organisations for external users on extranets. In our approach, the authorities of organisations administer their local users and at the same time can act as trust agents for distributing trust management information for other users in the virtual enterprise. Trust is propagated in the form of trust tokens through the web of trust. After collecting these trust tokens as recommendations, a new users can submit them to his destined organisation in order to acquire secure trust relation. By representing trust with a quantitative and comparable value, an automated mechanism for composing trust tokens is demonstrated.

Automated cross-organisational trust establishment on extranets

In this paper, we propose enhancing the current "knowledge factor" user authentication systems common on the Internet by incorporating multiple factor authentication using the mobile telephone networks. We suggest that the "possession factor" and the "location factor" can significantly enhance user authentication, and demonstrate how these two factors can be added for minimal cost. A prototype system is described.

Enhanced authentication services for Internet systems using mobile networks

Traditionally, network-based Intrusion Detection Systems (NIDS) monitor network traffic for signs of malicious activities. However, with the growing use of Virtual Private Networks (VPNs) that encrypt network traffic, the NIDS can no longer analyse the encrypted data. This essentially negates any protection offered by the NIDS. Although the encrypted traffic can be decrypted at a network gateway for analysis, this compromises on data confidentiality. In this paper, we propose a detection framework which allows a traditional NIDS to continue functioning, without compromising the confidentiality afforded by the VPN. Our approach uses Shamir's secret-sharing scheme and randomised network proxies to enable detection of malicious activities in encrypted channels. Additionally, this approach is able to detect any malicious attempts to forge network traffic with the intention of evading detection. Our experiments show that the probability of a successful evasion is low, at about 0.98\% in the worst case. We implement our approach in a prototype and present some preliminary results. Overall, the proposed approach is able to consistently detect intrusions and does not introduce any additional false positives.

Towards intrusion detection for encrypted networks

This paper introduces location-based security services and discusses a new model for tamper-resistant location determination. These location-based security services are demonstrated in terms of a framework for both WAP and web-based Internet applications, which facilities the acquisition of location using the proposed model for tamper-resistant location determination. The framework is realized in two example applications that utilize location-based security services to enhance access control and audit facilities.

/pdf/enhancing-the-security-of-internet-applications-using-586c44znjl.pdf

Enhancing the security of Internet applications using location: a new model for tamper-resistant GSM location

Traditionally, network-based Intrusion Detection Systems (NIDS) monitor network traffic for signs of malicious activities. However, with the growing use of Virtual Private Networks (VPNs) that encrypt network traffic, the NIDS can no longer analyse the encrypted data. This essentially negates any protection offered by the NIDS. Although the encrypted traffic can be decrypted at a network gateway for analysis, this compromises on data confidentiality. In this paper, we propose a detection framework which allows a traditional NIDS to continue functioning, without compromising the confidentiality afforded by the VPN. Our approach uses Shamir's secret-sharing scheme and randomised network proxies to enable detection of malicious activities in encrypted channels. Additionally, this approach is able to detect any malicious attempts to forge network traffic with the intention of evading detection. Our experiments show that the probability of a successful evasion is low, at about 0.98% in the worst case. We implement our approach in a prototype and present some preliminary results. Overall, the proposed approach is able to consistently detect intrusions and does not introduce any additional false positives.

/pdf/towards-intrusion-detection-for-encrypted-networks-2y6jebru82.pdf

Towards Intrusion Detection for Encrypted Networks

Handle everyday research tasks with reliable, citation-backed results

Your personal Research Agent to handle research tasks with citation-backed results

Popular Tasks used by Researchers

How can I help with your research?

Meet SciSpace

Get more enhanced response by uploading the PDFs you want me to reference.

No relevant PDFs in your library

SciSpace is the AI research assistant for academics. Run systematic literature reviews on 280M+ papers, and write papers with cited sources. Trusted by 1M+ students, PhDs & researchers.

SciSpace | AI for Research

Analyze PDFs

Code & Manuscripts

Funding & Grants

Literature & Patents

Medical & Clinical Data

Systematic Review

Visualize & Present

Web & Data

Build a Google Scholar-like website for your research.

Build a website

Create charts and images for your research

Create a Chart

Write a paper for submission to a journal

Draft a manuscript

Patent Search

Design eye-catching scientific posters in minutes.

Scientific Poster Generation

Systematic Literature Review

One task is running at the moment. Your messages will be shown right after.

Drag and drop or click here to browse

Loved by <highlight>1 million+</highlight> researchers

Extract a list of specific topics and their sources from unstructured text

Topics

Compare and analyze relevant papers that matches with your search

Papers

Get insights from PDFs and bookmarked papers from your library

My library

Recent searches

Try searching for:

Catch AI-generated content in scholarly and non-scholarly content

{ai} Detector

Ai Writer

Get PDF Summaries, highlighted text explanations 

Chat with PDF

Effortlessly create in-text citations and bibliographies in APA and 2,500 other formats

Citation generator

Get explanations, summaries, and answers on academic papers

Ease up your research workflow with {scispace}'s cohort of exciting AI tools

Elevate your academic writing skills and convey your ideas the way you want

Paraphraser

Explore our range of reading and writing tools

Your file is being prepared and should be ready in a few minutes. If it's a large file, it might take a bit longer. You can close this window, and we'll email you the file when it's done.

You have reached a maximum limit of <strong>{limit}</strong> columns in the table. Remove at least <strong>1</strong> column to add or create another one.

Mark Looi

Author Tools

Chat about Author