A walk on the client side: Monitoring enterprise Wifi networks using smartphone channel scans

2016 ◽  
Author(s):  
Jinghao Shi ◽  
Lei Meng ◽  
Aaron Striegel ◽  
Chunming Qiao ◽  
Dimitrios Koutsonikolas ◽  
...  
Keyword(s):  
Wifi Networks ◽  
Client Side

DYNAMIC REST SERVICES ORCHESTRATION USING THE KNOWLEDGE BASE

2019 ◽  
Author(s):  
Kostyantyn Kharchenko
Keyword(s):  
Knowledge Base ◽  
Service Oriented Architecture ◽  
Main Idea ◽  
The Real ◽  
Server Side ◽  
Service Oriented ◽  
Services Orchestration ◽  
Client Side ◽  
Abstract Operation ◽  
Microservice Architecture

The approach to organizing the automated calculations’ execution process using the web services (in particular, REST-services) is reviewed. The given solution will simplify the procedure of introduction of the new functionality in applied systems built according to the service-oriented architecture and microservice architecture principles. The main idea of the proposed solution is in maximum division of the server-side logic development and the client-side logic, when clients are used to set the abstract computation goals without any dependencies to existing applied services. It is proposed to rely on the centralized scheme to organize the computations (named as orchestration) and to put to the knowledge base the set of rules used to build (in multiple steps) the concrete computational scenario from the abstract goal. It is proposed to include the computing task’s execution subsystem to the software architecture of the applied system. This subsystem is composed of the service which is processing the incoming requests for execution, the service registry and the orchestration service. The clients send requests to the execution subsystem without any references to the real-world services to be called. The service registry searches the knowledge base for the corresponding input request template, then the abstract operation description search for the request template is performed. Each abstract operation may already have its implementation in the form of workflow composed of invocations of the real applied services’ operations. In case of absence of the corresponding workflow in the database, this workflow implementation could be synthesized dynamically according to the input and output data and the functionality description of the abstract operation and registered applied services. The workflows are executed by the orchestrator service. Thus, adding some new functions to the client side can be possible without any changes at the server side. And vice versa, adding new services can impact the execution of the calculations without updating the clients.

Comparative Study of Cryptography for Cloud Computing for Data Security

2019 ◽  
Vol 13 ◽  
Author(s):  
Priya Mathur ◽  
Amit Kumar Gupta ◽  
Prateek Vashishtha
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Elliptic Curve Cryptography ◽  
Plain Text ◽  
Hybrid Encryption ◽  
Cipher Text ◽  
Business Applications ◽  
Computing Grid ◽  
Cloud Servers ◽  
Client Side

Cloud computing is an emerging technique by which anyone can access the applications as utilities over the internet. Cloud computing is the technology which comprises of all the characteristics of the technologies like distributed computing, grid computing, and ubiquitous computing. Cloud computing allows everyone to create, to configure as well as to customize the business applications online. Cryptography is the technique which is use to convert the plain text into cipher text using various encryption techniques. The art and science used to introduce the secrecy in the information security in order to secure the messages is defined as cryptography. In this paper we are going to review few latest Cryptographic algorithms which are used to enhance the security of the data on the cloud servers. We are comparing Short Range Natural Number Modified RSA (SRNN), Elliptic Curve Cryptography Algorithm, Client Side Encryption Technique and Hybrid Encryption Technique to secure the data in cloud.

scholarly journals Associative Blockchain for Decentralized PKI Transparency

Cryptography ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 14
Author(s):  
Xavier Boyen ◽  
Udyani Herath ◽  
Matthew McKague ◽  
Douglas Stebila
Keyword(s):  
Formal Analysis ◽  
Fraud Detection ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Internet ◽  
Security Model ◽  
User Adoption ◽  
Browser Extension ◽  
History Of ◽  
Client Side

The conventional public key infrastructure (PKI) model, which powers most of the Internet, suffers from an excess of trust into certificate authorities (CAs), compounded by a lack of transparency which makes it vulnerable to hard-to-detect targeted stealth impersonation attacks. Existing approaches to make certificate issuance more transparent, including ones based on blockchains, are still somewhat centralized. We present decentralized PKI transparency (DPKIT): a decentralized client-based approach to enforcing transparency in certificate issuance and revocation while eliminating single points of failure. DPKIT efficiently leverages an existing blockchain to realize an append-only, distributed associative array, which allows anyone (or their browser) to audit and update the history of all publicly issued certificates and revocations for any domain. Our technical contributions include definitions for append-only associative ledgers, a security model for certificate transparency, and a formal analysis of our DPKIT construction with respect to the same. Intended as a client-side browser extension, DPKIT will be effective at fraud detection and prosecution, even under fledgling user adoption, and with better coverage and privacy than federated observatories, such as Google’s or the Electronic Frontier Foundation’s.

scholarly journals What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽  
2021 ◽  
Vol 12 (4) ◽  
pp. 142
Author(s):  
Weijing You ◽  
Lei Lei ◽  
Bo Chen ◽  
Limin Liu
Keyword(s):  
Experimental Evaluation ◽  
Cloud Storage ◽  
Security Analysis ◽  
Encrypted Data ◽  
Cloud Data ◽  
Storage Cost ◽  
Outsourced Data ◽  
Proof Of Ownership ◽  
Client Side ◽  
Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

scholarly journals Lags in the release, adoption, and propagation of npm vulnerability fixes

2021 ◽  
Vol 26 (3) ◽  
Author(s):  
Bodin Chinthanet ◽  
Raula Gaikovina Kula ◽  
Shane McIntosh ◽  
Takashi Ishio ◽  
Akinori Ihara ◽  
...  
Keyword(s):  
Empirical Study ◽  
Empirical Investigation ◽  
Third Party ◽  
Future Research ◽  
Software Ecosystem ◽  
Security Vulnerability ◽  
Preliminary Study ◽  
Client Side

AbstractSecurity vulnerability in third-party dependencies is a growing concern not only for developers of the affected software, but for the risks it poses to an entire software ecosystem, e.g., Heartbleed vulnerability. Recent studies show that developers are slow to respond to the threat of vulnerability, sometimes taking four to eleven months to act. To ensure quick adoption and propagation of a release that contains the fix (fixing release), we conduct an empirical investigation to identify lags that may occur between the vulnerable release and its fixing release (package-side fixing release). Through a preliminary study of 231 package-side fixing release of npm projects on GitHub, we observe that a fixing release is rarely released on its own, with up to 85.72% of the bundled commits being unrelated to a fix. We then compare the package-side fixing release with changes on a client-side (client-side fixing release). Through an empirical study of the adoption and propagation tendencies of 1,290 package-side fixing releases that impact throughout a network of 1,553,325 releases of npm packages, we find that stale clients require additional migration effort, even if the package-side fixing release was quick (i.e., package-side fixing releasetypeSpatch). Furthermore, we show the influence of factors such as the branch that the package-side fixing release lands on and the severity of vulnerability on its propagation. In addition to these lags we identify and characterize, this paper lays the groundwork for future research on how to mitigate propagation lags in an ecosystem.

SpoofCatch: A Client-Side Protection Tool Against Phishing Attacks

2021 ◽  
Vol 23 (2) ◽  
pp. 65-74
Author(s):  
Wilayat Khan ◽  
Aakash Ahmad ◽  
Aamir Qamar ◽  
Muhammad Kamran ◽  
Muhammad Altaf
Keyword(s):  
Phishing Attacks ◽  
Client Side
Sign in / Sign up

Export Citation Format

Share Document