選擇卷期
- 期刊
To provide seamless Internet services, most public buildings, including coffee shops, airports, and libraries, temporary personal computers are offered to users for network access. This has led to a potential risk that the secret information of the user may be leaked out once these temporary computers have been affected by Trojans. Generally, the service provider checks the authority of a user according to a series of authentication procedure. While a user enters the verification token into the public computers, an attacker may apply a key-logger to steal the password or personal information. In this article, we have first introduced the visual secret sharing technique with arbitrary-angle stacking to design an auxiliary authorization protocol. According to the stacked one-time password, users can have the access to network services without keying any secret information into the public computers. Moreover, the efficiency of AAVSS is favorable to resource-constrained mobile device.
- 期刊
With the popularity of the Internet and smart phones, e-commerce based on the Internet has rapidly developed by relying on its particular merits. However, the openness of the Internet makes payment security and privacy protection become the key of e-commerce development. This study gave a brief introduction of both traditional and improved Business to Customer (B2C) e-commerce and preformed the analogue simulation on shift left long (SLL) security protocol based on double encryption algorithm and traditional encryption algorithm under different sizes of data. The result showed that the double encryption algorithm could has lower complexity for encrypting and decrypting data, enabling to shorten the time of the encryption and decryption of the data; in terms of security, the decryption integrity of the data that was encrypted by double encryption algorithm was lower, and was basically garbled without logic. Thus, the security is guaranteed. In conclusion, the third-party privacy server in the improved B2C model can effectively guarantee the payment and privacy security of consumers.
- 期刊
With the growth of Virtual Reality (VR) and Augmented Reality (AR) in technologies such as artificial intelligence, wireless, 5G, big data, massive compute, industrial 4.0 and virtual stores. This paper improved the secure mechanism which existed some shortcomings. In order to accomplish the decentralized environment access control, it also proposed another new mechanism to achieve the requirements on the nonspecific internet. Besides, considering the security on storing and controlling and the use of administrative privileges of the VR and ARclouds is necessary. With the new mechanism, the problems such as mobile security or acting calculation which derived from VR and AR could be solved. This new research achieves a better circumstance. Developer staff's responsibility can be allocated; the systems can be compatibly integrated; on the other hand, the users' privacy of personal information can be strictly protected.
- 期刊
The safe and comfortable location based services are required for users in the internet of vehicles, at the same time, the privacy and confidential requirements are indispensable. Enciphering merely user's information cannot guarantee the safety of user's privacy, and the query itself may leak the user's location information and identity one. Aimed at the problem of privacy security in location based service under the internet of vehicles environment, in this paper, through analysis of LBS privacy security technology, in the V2I system of internet of vehicles, combining K area with fake names anonymous technology, a kind of improved PPA-IOV privacy protection algorithm is formed. Experimental verification indicated that the algorithm performs a higher anonymous success rate for users in the car network environment and reduced the average anonymous space, thus the service quality of user's query is improved.
- 期刊
In modern digital era, all organizations are completely dependent on Computers and related devices. For that reason, it is mandatory for the organization to manage computer security in order to run smoothly. This paper discusses a case study of Seiyun Community College (SYNCC) for managing computer security, analyzing the risk and threat to the organization's computer system. This case study is performed using the data collection method from the archives. The findings show that SYNCC is lacking in computer system security behind ISO 31000:2009 standard which leads to failure in running the organisation. Finally, from the analysis, it is recommended that SYNCC develop a security plan to cover all the aspects of the information and communication technology. Educating the users is also needed in order to implement the security policy.
- 期刊
Certificateless cryptosystem can overcome the costly certificate management in the traditional public key cryptosystem, and meanwhile it does not have the private key escrow problem in the identity-based cryptosystem. Proxy signature can allow a proxy signer authorized by an original signer to sign messages on behalf of the latter. In this paper, we show that a recently proposed certificateless proxy signature scheme in the standard model is vulnerable to the public key replacement attack. Through this kind of attack, a malicious original signer or proxy signer can forge a valid proxy signature. We analyse the reasons for the success of the attack and point out the flaw in the proof of the original scheme.
- 期刊
In this paper we present an identity (ID) based dynamic authenticated group key agreement protocol. Our protocol satisfies all the required security attributes and also provide forward and backward confidentiality. The security of our protocol is based on the bilinear Diffie-Hellman(DH) assumption. We extend Lee et al. ID based authenticated key agreement protocol from two party to a group of users by using bilinear pairing.
- 期刊
With the emerging of new types of network forms, services and cloud computation, the situation has transformed from one party to many parties at least one of both communication ends, that is "one-to-many," "many-to-one," and "many-to-many" situations. Most of the existing fully homomorphic encryption schemes only allow one party to encrypt the plaintext and another party to decrypt the ciphertext without the decryption keys. This form of cryptography loses efficiency under the demands of "one-to-many," "many-to-one," and "many-to-many" scenarios. In this paper, we combine the fully homomorphic encryption with proxy re-encryption to propose the fully homomorphic proxy re-encryption scheme which can be applied to "many-to-one" scenario, that is the fully homomorphic proxy re-encryption scheme allows one party to compute arbitrary functions over encrypted data for many parties without the decryption keys. Finally, IND-CPA, KP-CPA and master secret security proof of our proposal are given.
- 期刊
In recent years, with the rapid development of the Internet, information can be transmitted more and more rapidly, and the issue of confidentiality and security has become increasingly important. Compared with traditional information verification methods, biometric identification is more secure and convenient. This study used the MATLAB software to carry out the simulation of information verification performance of face recognition algorithm based on Local Directional Pattern Algorithm (LDP) and Principal Component Analysis (PCA). The face image data were from ORL database. The results showed that the increase of the training set samples could raise the accuracy of security information verification of the two algorithms and took less time, and under the same number of training samples, the algorithm of face recognition based on PCA, compared with face recognition algorithm based on LDP, had higher accuracy and less time consuming. In conclusion, PCA-based face recognition algorithm is more suitable for security information verification.
- 期刊
Upgrading the conventional electrical grid to smart grid offers more efficiency, resiliency, and reliability. Thus, the smart grid adoption is essential in today's modern countries and the information age. In smart grid, consumption reports are gathered from smart meters and sent to the control center and some control messages are sent vice versa. These bidirectional communications are subject to various security challenges. Because of the constrained resources of smart meters, employing lightweight communication protocols is critical. For this purpose, recently, scholars have proposed several lightweight communication protocols. Nonetheless, most of these protocols are not anonymous or fail to assuage the entire desired security features. Therefore, in this paper, we propose an efficient communication scheme that not only is anonymous, but also can thwart the well-known attacks. Our actual hardware performance analysis, which has been done on both 8-bit AVR and 32-bit ARM microcontrollers, confirms the outperformance of the proposed scheme.