scholarly journals A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry

Energies ◽  
2021 ◽  
Vol 14 (21) ◽  
pp. 7437
Author(s):  
Haqi Khalid ◽  
Shaiful Jahari Hashim ◽  
Sharifah Mumtazah Syed Ahmad ◽  
Fazirulhisyam Hashim ◽  
Muhammad Akmal Chaudhary
Keyword(s):  
Automotive Industry ◽  
Rural Areas ◽  
Key Management ◽  
Secure Communication ◽  
Network Services ◽  
Car Sharing ◽  
Cross Domain ◽  
Network Connections ◽  
Connected Cars ◽  
Active Attacks

Connected vehicles have emerged as the latest revolution in the automotive industry, utilizing the advent of the Internet of Things (IoT). However, most IoT-connected cars mechanisms currently depend on available network services and need continuous network connections to allow users to connect to their vehicles. Nevertheless, the connectivity availability shortcoming in remote or rural areas with no network coverage makes vehicle sharing or any IoT-connected device problematic and undesirable. Furthermore, IoT-connected cars are vulnerable to various passive and active attacks (e.g., replay attacks, MiTM attacks, impersonation attacks, and offline guessing attacks). Adversaries could all use these attacks to disrupt networks posing a threat to the entire automotive industry. Therefore, to overcome this issue, we propose a hybrid online and offline multi-factor authentication cross-domain authentication method for a connected car-sharing environment based on the user’s smartphone. The proposed scheme lets users book a vehicle using the online booking phase based on the secured and trusted Kerberos workflow. Furthermore, an offline authentication phase uses the OTP algorithm to authenticate registered users even if the connectivity services are unavailable. The proposed scheme uses the AES-ECC algorithm to provide secure communication and efficient key management. The formal SOV logic verification was used to demonstrate the security of the proposed scheme. Furthermore, the AVISPA tool has been used to check that the proposed scheme is secured against passive and active attacks. Compared to the previous works, the scheme requires less computation due to the lightweight cryptographic algorithms utilized. Finally, the results showed that the proposed system provides seamless, secure, and efficient authentication operation for the automotive industry, specifically car-sharing systems, making the proposed system suitable for applications in limited and intermittent network connections.

scholarly journals Point-of-care testing (POCT) and IT security concepts

2020 ◽  
Vol 44 (2) ◽  
pp. 107-111 ◽  
Author(s):  
Wibke Johannis ◽  
Andreas Bietenbeck ◽  
Gebhart Malchau ◽  
Thomas Streichert
Keyword(s):  
Secure Communication ◽  
Point Of Care ◽  
Quality Criteria ◽  
Round Table ◽  
It Security ◽  
Point Of Care Testing ◽  
User Friendliness ◽  
Continuous Training ◽  
Network Connections ◽  
User Data

AbstractPoint-of-care testing (POCT) has been an essential service in hospitals for many years with a main focus on reliability, classical laboratory quality criteria and easy handling. Hospital information technology (IT) security regulations, however, have not yet been adapted to the specificities of POCT. Following the POCT Symposium in Munich, the “1st Round Table POCT-IT-Security Meeting” held in October 2019 in Cologne addressed these issues and managed to establish first consensus results in the essential fields of user, data and update management, as well as network connections and user-friendliness. First practical steps include optimizing the user management by connection to a directory service and definition of access control (including emergency authorization). Patient data economy on analyzers in combination with data and data transmission encryption as well as technically secure communication protocols are relevant steps in the fields of data management and network connections. An update management needs to be contractually defined for remote services and generally includes testing in a protocol-based scenario. Providing an organizational structure for POCT-IT security is a necessary prerequisite, as are continuous training and awareness for this topic with a strong focus on usability.

An Implementation of Trusted Key Management Protocol (TKMP) in Wireless Network

2020 ◽  
Vol 17 (12) ◽  
pp. 5243-5249
Author(s):  
R. Jayaprakash ◽  
B. Radha
Keyword(s):  
Load Balancing ◽  
Wireless Network ◽  
Key Management ◽  
Secure Communication ◽  
Homomorphic Encryption ◽  
Selection Procedure ◽  
Communication Technologies ◽  
Path Selection ◽  
Management Protocol ◽  
Key Management Protocol

The Trusted Key Management Protocol (TKMP) provides one of the most secure communication technologies in MANET cluster-based data protection. For security reasons, TKMP is a trusted key that can be sent to all nodes in the communication cluster. This document introduces the Trusted Key Management Protocol (TKMP) feature to improve the quality of secure communications over a cluster-based wireless network. The proposed TKMP execution process includes CBPPRS (Cluster Based Privacy Preserving Routing Selection), LBCPR (Load Balancing Cluster Based Privacy Routing) and DLBPS (Dynamic Load Balancing Privacy Path Selection) procedure. To lock the data from the malicious node, the Paillier Cryptosystem (PC) encrypts packets with homomorphic encryption. The trust score makes it easier to update routing information and improves network throughput. The experimental results show that the proposed TKMP method works better than the other Trust-ECC method.

Security

2010 ◽  
pp. 194-216
Author(s):  
Valentin Cristea ◽  
Ciprian Dobre ◽  
Corina Stratan ◽  
Florin Pop
Keyword(s):  
Distributed Systems ◽  
Access Control ◽  
Key Management ◽  
Secure Communication ◽  
Large Scale ◽  
Internet Banking ◽  
Distributed Applications ◽  
Sensitive Information ◽  
Security Research ◽  
Security Models

Security in distributed systems is a combination of confidentiality, integrity and availability of their components. It mainly targets the communication channels between users and/or processes located in different computers, the access control of users / processes to resources and services, and the management of keys, users and user groups. Distributed systems are more vulnerable to security threats due to several characteristics such as their large scale, the distributed nature of the control, and the remote nature of the access. In addition, an increasing number of distributed applications (such as Internet banking) manipulate sensitive information and have special security requirements. After discussing important security concepts in the Background section, this chapter addresses several important problems that are at the aim of current research in the security of large scale distributed systems: security models (which represent the theoretical foundation for solving security problems), access control (more specific the access control in distributed multi-organizational platforms), secure communication (with emphasis on the secure group communication, which is a hot topic in security research today), security management (especially key management for collaborative environments), secure distributed architectures (which are the blueprints for designing and building security systems), and security environments / frameworks.

Retained-Key Encryption

2013 ◽  
Vol 5 (2) ◽  
pp. 1-17
Author(s):  
David Crowe ◽  
Wasim Al-Hamdani
Keyword(s):  
Key Management ◽  
Secure Communication ◽  
Communication Channel ◽  
User Authentication ◽  
Third Party ◽  
Management Model ◽  
Trusted Third Party ◽  
Software Application ◽  
Private Key ◽  
Alternative Means

This paper presents a synchronous encryption key management model that does not require the sender to disclose the encryption key in order to effect decryption. This eliminates the need for key exchange mechanisms, giving the sender improved control over their keys. The retained-key model is presented as being a software application that handles the initiation of a secure communication channel between sender and receiver, and facilitates user authentication by a trusted third party—presumably, the software’s vendor. This model is not intended to replace public/private key-based mechanisms, as they serve an important role in message signing and authentication. Rather, it seeks to provide an alternative means of decrypting messages in a secure fashion while allowing the sender to avoid the need to disclose the message’s key.

scholarly journals Implementation of a 46-node quantum metropolitan area network

2021 ◽  
Vol 7 (1) ◽  
Author(s):  
Teng-Yun Chen ◽  
Xiao Jiang ◽  
Shi-Biao Tang ◽  
Lei Zhou ◽  
Xiao Yuan ◽  
...  
Keyword(s):  
Metropolitan Area ◽  
Key Management ◽  
Text Messaging ◽  
Secure Communication ◽  
Field Tests ◽  
Area Network ◽  
Quantum Network ◽  
Standard Equipment ◽  
Metropolitan Area Network ◽  
Network Maintenance

AbstractQuantum key distribution (QKD) enables secure key exchanges between two remote users. The ultimate goal of secure communication is to establish a global quantum network. The existing field tests suggest that quantum networks are feasible. To achieve a practical quantum network, we need to overcome several challenges including realizing versatile topologies for large scales, simple network maintenance, extendable configuration and robustness to node failures. To this end, we present a field operation of a quantum metropolitan-area network with 46 nodes and show that all these challenges can be overcome with cutting-edge quantum technologies. In particular, we realize different topological structures and continuously run the network for 31 months, by employing standard equipment for network maintenance with an extendable configuration. We realize QKD pairing and key management with a sophisticated key control centre. In this implementation, the final keys have been used for secure communication such as real-time voice telephone, text messaging and file transmission with one-time pad encryption, which can support 11 pairs of users to make audio calls simultaneously. Combined with intercity quantum backbone and ground–satellite links, our metropolitan implementation paves the way toward a global quantum network.

scholarly journals Application Level Security in a Public Library: A Case Study

2018 ◽  
Vol 37 (4) ◽  
pp. 107-118
Author(s):  
Richard Thomchick ◽  
Tonia San Nicolas-Rocca
Keyword(s):  
Secure Communication ◽  
Public Library ◽  
Transport Protocol ◽  
Sensitive Information ◽  
Privacy And Security ◽  
The Public ◽  
Security Challenges ◽  
Personally Identifiable Information ◽  
Active Attacks

Libraries have historically made great efforts to ensure the confidentiality of patron personally identifiable information (PII), but the rapid, widespread adoption of information technology and the internet have given rise to new privacy and security challenges. Hypertext Transport Protocol Secure (HTTPS) is a form of Hypertext Transport Protocol (HTTP) that enables secure communication over the public internet and provides a deterministic way to guarantee data confidentiality so that attackers cannot eavesdrop on communications. HTTPS has been used to protect sensitive information exchanges, but security exploits such as passive and active attacks have exposed the need to implement HTTPS in a more rigorous and pervasive manner. This report is intended to shed light on the state of HTTPS implementation in libraries, and to suggest ways in which libraries can evaluate and improve application security so that they can better protect the confidentiality of PII about library patrons.

scholarly journals HCDA: Efficient Pairing-Free Homographic Key Management for Dynamic Cross-Domain Authentication in VANETs

Symmetry ◽  
2020 ◽  
Vol 12 (6) ◽  
pp. 1003 ◽  
Author(s):  
Haowen Tan ◽  
Shichang Xuan ◽  
Ilyong Chung
Keyword(s):  
Key Management ◽  
Vehicular Networks ◽  
Vehicular Ad Hoc Networks ◽  
Intelligent Transportation System ◽  
Homomorphic Encryption ◽  
Mutual Authentication ◽  
Time Interval ◽  
Short Time Interval ◽  
Driving Experience ◽  
Cross Domain

Emerging as the effective strategy of intelligent transportation system (ITS), vehicular ad hoc networks (VANETs) have the capacity of drastically improving the driving experience and road safety. In typical VANET scenarios, high mobility and volatility of vehicles result in dynamic topology of vehicular networks. That is, individual vehicle may pass through the effective domain of multiple neighboring road-side-units (RSUs) during a comparatively short time interval. Hence, efficient and low-latency cross-domain verification with all the successive RSUs is of significance. Recently, a lot of research on VANET authentication and key distribution was presented, while the critical cross-domain authentication (CDA) issue has not been properly addressed. Particularly, the existing CDA solutions mainly reply on the acquired confidential keying information from the neighboring entities (RSUs and vehicles), while too much trustworthiness is granted to the involved RSUs. Please note that the RSUs are distributively located and may be compromised or disabled by adversary, thus vital vehicle information may be revealed. Furthermore, frequent data interactions between RSUs and cloud server are always the major requisite so as to achieve mutual authentication with cross-domain vehicles, which leads to heavy bandwidth consumption and high latency. In this paper, we address the above VANET cross-domain authentication issue under the novel RSU edge networks assumption. Please note that RSUs are assumed to be semi-trustworthy entity in our design, where critical vehicular keying messages remain secrecy. Homomorphic encryption design is applied for all involved RSUs and vehicles. In this way, successive RSUs could efficiently verify the cross-domain vehicle with the transited certificate from the neighbor RSUs and vehicle itself, while the identity and secrets of each vehicle is hidden all the time. Afterwards, dynamic updating towards the anonymous vehicle identity is conducted upon validation, where conditional privacy preserving is available. Moreover, pairing-free mutual authentication method is used for efficiency consideration. Formal security analysis is given, proving that the HCDA mechanism yields desirable security properties on VANET cross domain authentication issue. Performance discussions demonstrate efficiency of the proposed HCDA scheme compared with the state-of-the-art.

scholarly journals A Secure Enhanced Non-Cooperative Cognitive Division Multiple Access for Vehicle-to-Vehicle Communication

Sensors ◽  
2020 ◽  
Vol 20 (4) ◽  
pp. 1000
Author(s):  
Mohammed Abdulhakim Al-Absi ◽  
Ahmed Abdulhakim Al-Absi ◽  
Hoon Jae Lee
Keyword(s):  
Rural Areas ◽  
Key Management ◽  
Multiple Access ◽  
Ad Hoc ◽  
Packet Transmission ◽  
Third Party ◽  
Security Requirements ◽  
Communication Overhead ◽  
Privacy And Security ◽  
Environmental Models

The growth of the Internet has led to the increasing usage of smart infotainment applications on the vehicular ad-hoc network (VANET). Preserving privacy and security regarding the provision of smart infotainment applications while on the go is most desired. Thus, a secure authentication scheme is required. Many privacy-preserving security schemes have been developed in recent times using cryptography approaches. However, these incur key management and communication overhead. The usage of third-party servers incurs the overhead of key computation, storage and distribution. Post completion of the initialization phase, the message is secured using cryptography and is shared among vehicles. The design of the proposed secure enhanced non-cooperative cognitive division multiple access ( S − ENCCMA ) aims to eliminate the need for the local message available with the parties to be released for provisioning secure safety-related applications. To overcome the research challenges, this work presents a novel security scheme, namely secure non-cooperative cognitive medium access ( S − ENCCMA ). The experiment is conducted to evaluate the overhead incurred in provisioning security to ENCCMA . The outcome shows that the overhead incurred by S − ENCCMA over ENCCMA was negligible to provide the real-time security requirements of smart infotainment applications, which is experimentally shown in this paper in terms of throughput, collision and successful packet transmission considering varied environmental models such as cities, highways and rural areas.

Security Threats in Mobile Ad Hoc Network

2015 ◽  
Vol 1 (2) ◽  
Author(s):  
Anuj Joshi ◽  
Pallavi Srivastava ◽  
Poonam Singh
Keyword(s):  
Key Management ◽  
Ad Hoc Network ◽  
Network Architecture ◽  
Secure Communication ◽  
Ad Hoc ◽  
Mobile Ad Hoc Network ◽  
Primary Concern ◽  
Security Threats ◽  
Main Challenge ◽  
Mobile Ad Hoc

Mobile Ad Hoc Network (MANET) is a collection of communication devices or nodes that wish to communicate without any fixed infrastructure and pre-determined organization of available links. The nodes in MANET themselves are responsible for dynamically discovering other nodes to communicate. Although the ongoing trend is to adopt ad hoc networks for commercial uses due to the property of its capability in forming temporary network without the aid of any established infrastructure or centralized administration. Due to this unique property, the main challenge is the vulnerability to security attacks. A number of challenges like open peer-to-peer network architecture, stringent resource constraints, shared wireless medium, dynamic network topology etc. are posed in MANET. As MANET is quickly spreading for, security challenges has become a primary concern to provide secure communication. In this paper, we identify the existent security threats an ad hoc network faces, the security services required to be achieved and the countermeasures for attacks in each layer. To accomplish our goal, we have done literature survey in gathering information related to various types of attacks and solutions, as well as we have identified the challenges and proposed solutions to overcome them. In conclusion, we focus on the findings and future works which may be interesting for the researchers like robust key management, trust based systems, data security in different layer etc. However, in short, we can say that the complete security solution requires the prevention, detection and reaction mechanisms applied in MANET.

Sign in / Sign up

Export Citation Format

Share Document