scholarly journals Formal Analysis of SET and NSL Protocols Using the Interpretation Functions-Based Method

2012 ◽  
Vol 2012 ◽  
pp. 1-18 ◽  
Author(s):  
Hanane Houmani ◽  
Mohamed Mejri
Keyword(s):  
Communication Channel ◽  
Formal Analysis ◽  
Sufficient Conditions ◽  
Main Idea ◽  
The Internet ◽  
Cryptographic Protocol ◽  
Cryptographic Primitives ◽  
Algebraic Properties ◽  
Security Properties ◽  
Set Protocol

Most applications in the Internet such as e-banking and e-commerce use the SET and the NSL protocols to protect the communication channel between the client and the server. Then, it is crucial to ensure that these protocols respect some security properties such as confidentiality, authentication, and integrity. In this paper, we analyze the SET and the NSL protocols with respect to the confidentiality (secrecy) property. To perform this analysis, we use the interpretation functions-based method. The main idea behind the interpretation functions-based technique is to give sufficient conditions that allow to guarantee that a cryptographic protocol respects the secrecy property. The flexibility of the proposed conditions allows the verification of daily-life protocols such as SET and NSL. Also, this method could be used under different assumptions such as a variety of intruder abilities including algebraic properties of cryptographic primitives. The NSL protocol, for instance, is analyzed with and without the homomorphism property. We show also, using the SET protocol, the usefulness of this approach to correct weaknesses and problems discovered during the analysis.

scholarly journals Associative Blockchain for Decentralized PKI Transparency

Cryptography ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 14
Author(s):  
Xavier Boyen ◽  
Udyani Herath ◽  
Matthew McKague ◽  
Douglas Stebila
Keyword(s):  
Formal Analysis ◽  
Fraud Detection ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Internet ◽  
Security Model ◽  
User Adoption ◽  
Browser Extension ◽  
History Of ◽  
Client Side

The conventional public key infrastructure (PKI) model, which powers most of the Internet, suffers from an excess of trust into certificate authorities (CAs), compounded by a lack of transparency which makes it vulnerable to hard-to-detect targeted stealth impersonation attacks. Existing approaches to make certificate issuance more transparent, including ones based on blockchains, are still somewhat centralized. We present decentralized PKI transparency (DPKIT): a decentralized client-based approach to enforcing transparency in certificate issuance and revocation while eliminating single points of failure. DPKIT efficiently leverages an existing blockchain to realize an append-only, distributed associative array, which allows anyone (or their browser) to audit and update the history of all publicly issued certificates and revocations for any domain. Our technical contributions include definitions for append-only associative ledgers, a security model for certificate transparency, and a formal analysis of our DPKIT construction with respect to the same. Intended as a client-side browser extension, DPKIT will be effective at fraud detection and prosecution, even under fledgling user adoption, and with better coverage and privacy than federated observatories, such as Google’s or the Electronic Frontier Foundation’s.

scholarly journals Blockchain-Based Solutions for UAV-Assisted Connected Vehicle Networks in Smart Cities: A Review, Open Issues, and Future Perspectives

Telecom ◽  
2021 ◽  
Vol 2 (1) ◽  
pp. 108-140
Author(s):  
Paulo Álvares ◽  
Lion Silva ◽  
Naercio Magaia
Keyword(s):  
Traffic Congestion ◽  
Resource Constraints ◽  
Smart Cities ◽  
The Internet ◽  
Connected Vehicle ◽  
Sensitive Data ◽  
Internet Of Vehicles ◽  
Smart Vehicles ◽  
Security Properties ◽  
Vehicle Networks

It had been predicted that by 2020, nearly 26 billion devices would be connected to the Internet, with a big percentage being vehicles. The Internet of Vehicles (IoVa) is a concept that refers to the connection and cooperation of smart vehicles and devices in a network through the generation, transmission, and processing of data that aims at improving traffic congestion, travel time, and comfort, all the while reducing pollution and accidents. However, this transmission of sensitive data (e.g., location) needs to occur with defined security properties to safeguard vehicles and their drivers since attackers could use this data. Blockchain is a fairly recent technology that guarantees trust between nodes through cryptography mechanisms and consensus protocols in distributed, untrustful environments, like IoV networks. Much research has been done in implementing the former in the latter to impressive results, as Blockchain can cover and offer solutions to many IoV problems. However, these implementations have to deal with the challenge of IoV node’s resource constraints since they do not suffice for the computational and energy requirements of traditional Blockchain systems, which is one of the biggest limitations of Blockchain implementations in IoV. Finally, these two technologies can be used to build the foundations for smart cities, enabling new application models and better results for end-users.

Concept and Applications of M-Commerce in India

2021 ◽  
Vol 1 (3) ◽  
pp. 58-60
Author(s):  
Katanakal Sarada ◽  
◽  
Dr. K. Nirmalamma ◽  
◽  
Keyword(s):  
Online Shopping ◽  
Main Idea ◽  
Mobile App ◽  
Smart Phones ◽  
The Internet ◽  
Portable Devices ◽  
Market Place ◽  
Desktop Computer ◽  
Goods And Services ◽  
The People

Mobile commerce is the buying and selling of goods and Services through wireless handled devices such as smart phones and tablets etc. Ecommerce Users to access M-commerce enables online shopping platforms without needing to use & a desktop computer. For example, purchase and sale of products. Online like banking and paying bills. (Virtual market place apps the Amazon mobile App, Android pay, Samsung pay etc...) The main idea behind M. commerce Is to enable various applications and services available on the internet to portable devices (mobiles, laptops, tables etc.) to overcome the constraints of a desktop computer. M commerce aims Serve all information and material needs of the people in a convenient and easy way.

Centralized, Distributed, and Everything in between

2022 ◽  
Vol 54 (7) ◽  
pp. 1-34
Author(s):  
Sophie Dramé-Maigné ◽  
Maryline Laurent ◽  
Laurent Castillo ◽  
Hervé Ganem
Keyword(s):  
Access Control ◽  
Future Research ◽  
The Internet ◽  
Research Directions ◽  
Security Issues ◽  
Security Properties ◽  
Future Research Directions ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

scholarly journals Enhancing formal specification and verification of e-commerce protocol

2017 ◽  
Vol 6 (1) ◽  
pp. 13
Author(s):  
Hasan Al-Refai ◽  
Khaldoun Batiha
Keyword(s):  
Formal Specification ◽  
Electronic Payment ◽  
Complex Phase ◽  
Transaction Process ◽  
Protocol Performance ◽  
Formal Specification And Verification ◽  
Security Properties ◽  
Set Protocol ◽  
Specification And Verification

Lots of work have been attempted to enhance the SET protocol performance special attention is on E-payment phase. This paper thoroughly analyzes recent works on payment phase; it has been found that this subject requires considerable enhancements, since there are areas, which require further study such as: E-payment phase in SET protocol.E-payment phase is vast and complex phase it has long series of steps. The behavior of environment is assumed by the phase and is restricted to the rules built by their proposed protocol. This paper will follow Ph-Spi calculus for formalizing and analyzing enhanced payment phase of SET protocol by reducing the number of transactions with many additional operators.A new agent controller will be formally modeled, which we can rely upon to make automated decisions during interaction with a dynamic protocol environment. So, this agent controller is used to terminate the transaction process in any case of fraud or attack. This paper is conjunction between our previous works of E-payment phase in SET protocol and other works in Ph-Spi calculus in purpose of analyzing and proving the main security properties: authentication and privacy to evaluate the efficiency of the enhanced security of electronic payment phase for SET protocol (E-SET) using Ph-Spi calculus.

scholarly journals Research of long radius technology for implementation of solutions of the Іnternet of things

Connectivity ◽  
2020 ◽  
Vol 148 (6) ◽  
Author(s):  
S. A. Zhezhkun ◽  
◽  
L. B. Veksler ◽  
S. M. Brezitsʹkyy ◽  
B. O. Tarasyuk
Keyword(s):  
Internet Of Things ◽  
Third Party ◽  
Security And Privacy ◽  
The Internet ◽  
Daily Lives ◽  
Advantages And Disadvantages ◽  
Iot Applications ◽  
Security Properties ◽  
Technical Features ◽  
The Internet Of Things

This article focuses on the analysis of promising technologies for long-range traffic transmission for the implementation of the Internet of Things. The result of the review of technical features of technologies, their advantages and disadvantages is given. A comparative analysis was performed. An analysis is made that in the future heterogeneous structures based on the integration of many used radio technologies will play a crucial role in the implementation of fifth generation networks and systems. The Internet of Things (IoT) is heavily affecting our daily lives in many domains, ranging from tiny wearable devices to large industrial systems. Consequently, a wide variety of IoT applications have been developed and deployed using different IoT frameworks. An IoT framework is a set of guiding rules, protocols, and standards which simplify the implementation of IoT applications. The success of these applications mainly depends on the ecosystem characteristics of the IoT framework, with the emphasis on the security mechanisms employed in it, where issues related to security and privacy are pivotal. In this paper, we survey the security of the main IoT frameworks, a total of 8 frameworks are considered. For each framework, we clarify the proposed architecture, the essentials of developing third-party smart apps, the compatible hardware, and the security features. Comparing security architectures shows that the same standards used for securing communications, whereas different methodologies followed for providing other security properties.

Sign in / Sign up

Export Citation Format

Share Document