scholarly journals Flush Code Eraser: Fast Attack Response Invalidating Cryptographic Sensitive Data

2020 ◽  
Vol 12 (2) ◽  
pp. 37-40
Author(s):  
Kazuo Sakiyama ◽  
Tatsuya Fujii ◽  
Kohei Matsuda ◽  
Noriyuki Miura
Keyword(s):  
Sensitive Data ◽  
Attack Response

Security Test by using F T M and Data Allocation Strategies on Leakage Detection

2005 ◽  
Vol 4 (2) ◽  
pp. 393-400
Author(s):  
Pallavali Radha ◽  
G. Sireesha
Keyword(s):  
Third Party ◽  
Distributed Data ◽  
Data Allocation ◽  
Security Testing ◽  
Sensitive Data ◽  
Sample Data ◽  
The One ◽  
Security Test ◽  
Data Request ◽  
Allocation Strategies

The data distributors work is to give sensitive data to a set of presumably trusted third party agents.The data i.e., sent to these third parties are available on the unauthorized places like web and or some ones systems, due to data leakage. The distributor must know the way the data was leaked from one or more agents instead of as opposed to having been independently gathered by other means. Our new proposal on data allocation strategies will improve the probability of identifying leakages along with Security attacks typically result from unintended behaviors or invalid inputs.  Due to too many invalid inputs in the real world programs is labor intensive about security testing.The most desirable thing is to automate or partially automate security-testing process. In this paper we represented Predicate/ Transition nets approach for security tests automated generationby using formal threat models to detect the agents using allocation strategies without modifying the original data.The guilty agent is the one who leaks the distributed data. To detect guilty agents more effectively the idea is to distribute the data intelligently to agents based on sample data request and explicit data request. The fake object implementation algorithms will improve the distributor chance of detecting guilty agents.

A Survey on Efand64257cient and Secure Techniques for Storing Sensitive Data on Cloud

2019 ◽  
Vol 7 (5) ◽  
pp. 1766-1777
Author(s):  
Supriya J. ◽  
Srusti K.S. ◽  
amana G ◽  
S. Sukhaniya Ragani ◽  
Raghavendra S. ◽  
...  
Keyword(s):  
Sensitive Data

Mobile Software Assurance Informed through Knowledge Graph Construction: The OWASP Threat of Insecure Data Storage

2020 ◽  
Vol 2 (2) ◽  
Author(s):  
Suzanna Schmeelk ◽  
Lixin Tao
Keyword(s):  
Data Storage ◽  
Program Analysis ◽  
Web Application ◽  
Security Analysis ◽  
Knowledge Graph ◽  
Healthcare Applications ◽  
Sensitive Data ◽  
Knowledge Graphs ◽  
Mobile Malware Detection ◽  
Software Assurance

Many organizations, to save costs, are movinheg to t Bring Your Own Mobile Device (BYOD) model and adopting applications built by third-parties at an unprecedented rate.  Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection, mitigation, and prevention.  This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project (OWASP).  OWASP maintains lists of the top ten security threats to web and mobile applications.  We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code.  We analyze 200+ healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten moble threats, the threat of “Insecure Data Storage.”  We find that many of the applications are storing personally identifying information (PII) in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.

scholarly journals An Autonomous Cybersecurity Framework for Next-generation Digital Service Chains

2021 ◽  
Vol 29 (4) ◽  
Author(s):  
Matteo Repetto ◽  
Domenico Striccoli ◽  
Giuseppe Piro ◽  
Alessandro Carrega ◽  
Gennaro Boggia ◽  
...  
Keyword(s):  
Business Models ◽  
Identity Management ◽  
Methodological Approach ◽  
Value Chains ◽  
Sensitive Data ◽  
Digital Service ◽  
Security Issues ◽  
Security Services ◽  
New Business ◽  
Access Control Management

AbstractToday, the digital economy is pushing new business models, based on the creation of value chains for data processing, through the interconnection of processes, products, services, software, and things across different domains and organizations. Despite the growing availability of communication infrastructures, computing paradigms, and software architectures that already effectively support the implementation of distributed multi-domain value chains, a comprehensive architecture is still missing that effectively fulfills all related security issues: mutual trustworthiness of entities in partially unknown topologies, identification and mitigation of advanced multi-vector threats, identity management and access control, management and propagation of sensitive data. In order to fill this gap, this work proposes a new methodological approach to design and implement heterogeneous security services for distributed systems that combine together digital resources and components from multiple domains. The framework is designed to support both existing and new security services, and focuses on three novel aspects: (i) full automation of the processes that manage the whole system, i.e., threat detection, collection of information and reaction to attacks and system anomalies; (ii) dynamic adaptation of operations and security tasks to newest attack patterns, and (iii) real-time adjustment of the level of detail of inspection and monitoring processes. The overall architecture as well as the functions and relationships of its logical components are described in detail, presenting also a concrete use case as an example of application of the proposed framework.

scholarly journals Blockchain-Based Solutions for UAV-Assisted Connected Vehicle Networks in Smart Cities: A Review, Open Issues, and Future Perspectives

Telecom ◽  
2021 ◽  
Vol 2 (1) ◽  
pp. 108-140
Author(s):  
Paulo Álvares ◽  
Lion Silva ◽  
Naercio Magaia
Keyword(s):  
Traffic Congestion ◽  
Resource Constraints ◽  
Smart Cities ◽  
The Internet ◽  
Connected Vehicle ◽  
Sensitive Data ◽  
Internet Of Vehicles ◽  
Smart Vehicles ◽  
Security Properties ◽  
Vehicle Networks

It had been predicted that by 2020, nearly 26 billion devices would be connected to the Internet, with a big percentage being vehicles. The Internet of Vehicles (IoVa) is a concept that refers to the connection and cooperation of smart vehicles and devices in a network through the generation, transmission, and processing of data that aims at improving traffic congestion, travel time, and comfort, all the while reducing pollution and accidents. However, this transmission of sensitive data (e.g., location) needs to occur with defined security properties to safeguard vehicles and their drivers since attackers could use this data. Blockchain is a fairly recent technology that guarantees trust between nodes through cryptography mechanisms and consensus protocols in distributed, untrustful environments, like IoV networks. Much research has been done in implementing the former in the latter to impressive results, as Blockchain can cover and offer solutions to many IoV problems. However, these implementations have to deal with the challenge of IoV node’s resource constraints since they do not suffice for the computational and energy requirements of traditional Blockchain systems, which is one of the biggest limitations of Blockchain implementations in IoV. Finally, these two technologies can be used to build the foundations for smart cities, enabling new application models and better results for end-users.

Sign in / Sign up

Export Citation Format

Share Document