Sample records for qos-compliant security protocol

  1. A Mobility-Aware QoS Signaling Protocol for Ambient Networks

    NASA Astrophysics Data System (ADS)

    Jeong, Seong-Ho; Lee, Sung-Hyuck; Bang, Jongho

    Mobility-aware quality of service (QoS) signaling is crucial to provide seamless multimedia services in the ambient environment where mobile nodes may move frequently between different wireless access networks. The mobility of an IP-based node in ambient networks affects routing paths, and as a result, can have a significant impact on the operation and state management of QoS signaling protocols. In this paper, we first analyze the impact of mobility on QoS signaling protocols and how the protocols operate in mobility scenarios. We then propose an efficient mobility-aware QoS signaling protocol which can operate adaptively in ambient networks. The key features of the protocol include the fast discovery of a crossover node where the old and new paths converge or diverge due to handover and the localized state management for seamless services. Our analytical and simulation/experimental results show that the proposed/implemented protocol works better than existing protocols in the IP-based mobile environment.

  2. Real-Time QoS Routing Protocols in Wireless Multimedia Sensor Networks: Study and Analysis.

    PubMed

    Alanazi, Adwan; Elleithy, Khaled

    2015-09-02

    Many routing protocols have been proposed for wireless sensor networks. These routing protocols are almost always based on energy efficiency. However, recent advances in complementary metal-oxide semiconductor (CMOS) cameras and small microphones have led to the development of Wireless Multimedia Sensor Networks (WMSN) as a class of wireless sensor networks which pose additional challenges. The transmission of imaging and video data needs routing protocols with both energy efficiency and Quality of Service (QoS) characteristics in order to guarantee the efficient use of the sensor nodes and effective access to the collected data. Also, with integration of real time applications in Wireless Senor Networks (WSNs), the use of QoS routing protocols is not only becoming a significant topic, but is also gaining the attention of researchers. In designing an efficient QoS routing protocol, the reliability and guarantee of end-to-end delay are critical events while conserving energy. Thus, considerable research has been focused on designing energy efficient and robust QoS routing protocols. In this paper, we present a state of the art research work based on real-time QoS routing protocols for WMSNs that have already been proposed. This paper categorizes the real-time QoS routing protocols into probabilistic and deterministic protocols. In addition, both categories are classified into soft and hard real time protocols by highlighting the QoS issues including the limitations and features of each protocol. Furthermore, we have compared the performance of mobility-aware query based real-time QoS routing protocols from each category using Network Simulator-2 (NS2). This paper also focuses on the design challenges and future research directions as well as highlights the characteristics of each QoS routing protocol.

  3. Real-Time QoS Routing Protocols in Wireless Multimedia Sensor Networks: Study and Analysis

    PubMed Central

    Alanazi, Adwan; Elleithy, Khaled

    2015-01-01

    Many routing protocols have been proposed for wireless sensor networks. These routing protocols are almost always based on energy efficiency. However, recent advances in complementary metal-oxide semiconductor (CMOS) cameras and small microphones have led to the development of Wireless Multimedia Sensor Networks (WMSN) as a class of wireless sensor networks which pose additional challenges. The transmission of imaging and video data needs routing protocols with both energy efficiency and Quality of Service (QoS) characteristics in order to guarantee the efficient use of the sensor nodes and effective access to the collected data. Also, with integration of real time applications in Wireless Senor Networks (WSNs), the use of QoS routing protocols is not only becoming a significant topic, but is also gaining the attention of researchers. In designing an efficient QoS routing protocol, the reliability and guarantee of end-to-end delay are critical events while conserving energy. Thus, considerable research has been focused on designing energy efficient and robust QoS routing protocols. In this paper, we present a state of the art research work based on real-time QoS routing protocols for WMSNs that have already been proposed. This paper categorizes the real-time QoS routing protocols into probabilistic and deterministic protocols. In addition, both categories are classified into soft and hard real time protocols by highlighting the QoS issues including the limitations and features of each protocol. Furthermore, we have compared the performance of mobility-aware query based real-time QoS routing protocols from each category using Network Simulator-2 (NS2). This paper also focuses on the design challenges and future research directions as well as highlights the characteristics of each QoS routing protocol. PMID:26364639

  4. Integrating QoS and security functions in an IP-VPN gateway

    NASA Astrophysics Data System (ADS)

    Fan, Kuo-Pao; Chang, Shu-Hsin; Lin, Kuan-Ming; Pen, Mau-Jy

    2001-10-01

    IP-based Virtual Private Network becomes more and more popular. It can not only reduce the enterprise communication cost but also increase the revenue of the service provider. The common IP-VPN application types include Intranet VPN, Extranet VPN, and remote access VPN. For the large IP-VPN market, some vendors develop dedicated IP-VPN devices; while some vendors add the VPN functions into their existing network equipment such as router, access gateway, etc. The functions in the IP-VPN device include security, QoS, and management. The common security functions supported are IPSec (IP Security), IKE (Internet Key Exchange), and Firewall. The QoS functions include bandwidth control and packet scheduling. In the management component, policy-based network management is under standardization in IETF. In this paper, we discuss issues on how to integrate the QoS and security functions in an IP-VPN Gateway. We propose three approaches to do this. They are (1) perform Qos first (2) perform IPSec first and (3) reserve fixed bandwidth for IPSec. We also compare the advantages and disadvantages of the three proposed approaches.

  5. Cross-layer protocol design for QoS optimization in real-time wireless sensor networks

    NASA Astrophysics Data System (ADS)

    Hortos, William S.

    2010-04-01

    The metrics of quality of service (QoS) for each sensor type in a wireless sensor network can be associated with metrics for multimedia that describe the quality of fused information, e.g., throughput, delay, jitter, packet error rate, information correlation, etc. These QoS metrics are typically set at the highest, or application, layer of the protocol stack to ensure that performance requirements for each type of sensor data are satisfied. Application-layer metrics, in turn, depend on the support of the lower protocol layers: session, transport, network, data link (MAC), and physical. The dependencies of the QoS metrics on the performance of the higher layers of the Open System Interconnection (OSI) reference model of the WSN protocol, together with that of the lower three layers, are the basis for a comprehensive approach to QoS optimization for multiple sensor types in a general WSN model. The cross-layer design accounts for the distributed power consumption along energy-constrained routes and their constituent nodes. Following the author's previous work, the cross-layer interactions in the WSN protocol are represented by a set of concatenated protocol parameters and enabling resource levels. The "best" cross-layer designs to achieve optimal QoS are established by applying the general theory of martingale representations to the parameterized multivariate point processes (MVPPs) for discrete random events occurring in the WSN. Adaptive control of network behavior through the cross-layer design is realized through the parametric factorization of the stochastic conditional rates of the MVPPs. The cross-layer protocol parameters for optimal QoS are determined in terms of solutions to stochastic dynamic programming conditions derived from models of transient flows for heterogeneous sensor data and aggregate information over a finite time horizon. Markov state processes, embedded within the complex combinatorial history of WSN events, are more computationally

  6. Analyzing comprehensive QoS with security constraints for services composition applications in wireless sensor networks.

    PubMed

    Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

    2014-12-01

    Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique-vector universal generating function (VUGF)-which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs.

  7. Analyzing Comprehensive QoS with Security Constraints for Services Composition Applications in Wireless Sensor Networks

    PubMed Central

    Xiong, Naixue; Wu, Zhao; Huang, Yannong; Xu, Degang

    2014-01-01

    Services composition is fundamental to software development in multi-service wireless sensor networks (WSNs). The quality of service (QoS) of services composition applications (SCAs) are confronted with severe challenges due to the open, dynamic, and complex natures of WSNs. Most previous research separated various QoS indices into different fields and studied them individually due to the computational complexity. This approach ignores the mutual influence between these QoS indices, and leads to a non-comprehensive and inaccurate analysis result. The universal generating function (UGF) shows the speediness and precision in QoS analysis. However, only one QoS index at a time can be analyzed by the classic UGF. In order to efficiently analyze the comprehensive QoS of SCAs, this paper proposes an improved UGF technique—vector universal generating function (VUGF)—which considers the relationship between multiple QoS indices, including security, and can simultaneously analyze multiple QoS indices. The numerical examples demonstrate that it can be used for the evaluation of the comprehensive QoS of SCAs subjected to the security constraint in WSNs. Therefore, it can be effectively applied to the optimal design of multi-service WSNs. PMID:25470488

  8. An Efficient and QoS Supported Multichannel MAC Protocol for Vehicular Ad Hoc Networks

    PubMed Central

    Tan, Guozhen; Yu, Chao

    2017-01-01

    Vehicular Ad Hoc Networks (VANETs) employ multichannel to provide a variety of safety and non-safety (transport efficiency and infotainment) applications, based on the IEEE 802.11p and IEEE 1609.4 protocols. Different types of applications require different levels Quality-of-Service (QoS) support. Recently, transport efficiency and infotainment applications (e.g., electronic map download and Internet access) have received more and more attention, and this kind of applications is expected to become a big market driver in a near future. In this paper, we propose an Efficient and QoS supported Multichannel Medium Access Control (EQM-MAC) protocol for VANETs in a highway environment. The EQM-MAC protocol utilizes the service channel resources for non-safety message transmissions during the whole synchronization interval, and it dynamically adjusts minimum contention window size for different non-safety services according to the traffic conditions. Theoretical model analysis and extensive simulation results show that the EQM-MAC protocol can support QoS services, while ensuring the high saturation throughput and low transmission delay for non-safety applications. PMID:28991217

  9. Secure Transaction Protocol for CEPS Compliant EPS in Limited Connectivity Environment

    NASA Astrophysics Data System (ADS)

    Devane, Satish; Phatak, Deepak

    Common Electronic Purse Specification (CEPS) used by European countries, elaborately defines the transaction between customer’s CEP card and merchant’s point of sales (POS) terminal. However it merely defines the specification to transfer the transactions between the Merchant and Merchant Acquirer (MA). This paper proposes a novel approach by introducing an entity, mobile merchant acquirer (MMA) which is a trusted agent of MA and principally works on man in middle concept, but facilitates remote two fold mutual authentication and secure transaction transfer between Merchant and MA through MMA. This approach removes the bottle-neck of connectivity issues between Merchant and MA in limited connectivity environment. The proposed protocol ensures the confidentiality, integrity and money atomicity of transaction batch. The proposed protocol has been verified for correctness by Spin, a model checker and security properties of the protocol have been verified by avispa.

  10. A Secure Cluster-Based Multipath Routing Protocol for WMSNs

    PubMed Central

    Almalkawi, Islam T.; Zapata, Manel Guerrero; Al-Karaki, Jamal N.

    2011-01-01

    The new characteristics of Wireless Multimedia Sensor Network (WMSN) and its design issues brought by handling different traffic classes of multimedia content (video streams, audio, and still images) as well as scalar data over the network, make the proposed routing protocols for typical WSNs not directly applicable for WMSNs. Handling real-time multimedia data requires both energy efficiency and QoS assurance in order to ensure efficient utility of different capabilities of sensor resources and correct delivery of collected information. In this paper, we propose a Secure Cluster-based Multipath Routing protocol for WMSNs, SCMR, to satisfy the requirements of delivering different data types and support high data rate multimedia traffic. SCMR exploits the hierarchical structure of powerful cluster heads and the optimized multiple paths to support timeliness and reliable high data rate multimedia communication with minimum energy dissipation. Also, we present a light-weight distributed security mechanism of key management in order to secure the communication between sensor nodes and protect the network against different types of attacks. Performance evaluation from simulation results demonstrates a significant performance improvement comparing with existing protocols (which do not even provide any kind of security feature) in terms of average end-to-end delay, network throughput, packet delivery ratio, and energy consumption. PMID:22163854

  11. A secure cluster-based multipath routing protocol for WMSNs.

    PubMed

    Almalkawi, Islam T; Zapata, Manel Guerrero; Al-Karaki, Jamal N

    2011-01-01

    The new characteristics of Wireless Multimedia Sensor Network (WMSN) and its design issues brought by handling different traffic classes of multimedia content (video streams, audio, and still images) as well as scalar data over the network, make the proposed routing protocols for typical WSNs not directly applicable for WMSNs. Handling real-time multimedia data requires both energy efficiency and QoS assurance in order to ensure efficient utility of different capabilities of sensor resources and correct delivery of collected information. In this paper, we propose a Secure Cluster-based Multipath Routing protocol for WMSNs, SCMR, to satisfy the requirements of delivering different data types and support high data rate multimedia traffic. SCMR exploits the hierarchical structure of powerful cluster heads and the optimized multiple paths to support timeliness and reliable high data rate multimedia communication with minimum energy dissipation. Also, we present a light-weight distributed security mechanism of key management in order to secure the communication between sensor nodes and protect the network against different types of attacks. Performance evaluation from simulation results demonstrates a significant performance improvement comparing with existing protocols (which do not even provide any kind of security feature) in terms of average end-to-end delay, network throughput, packet delivery ratio, and energy consumption.

  12. Energy star compliant voice over internet protocol (VoIP) telecommunications network including energy star compliant VoIP devices

    DOEpatents

    Kouchri, Farrokh Mohammadzadeh

    2012-11-06

    A Voice over Internet Protocol (VoIP) communications system, a method of managing a communications network in such a system and a program product therefore. The system/network includes an ENERGY STAR (E-star) aware softswitch and E-star compliant communications devices at system endpoints. The E-star aware softswitch allows E-star compliant communications devices to enter and remain in power saving mode. The E-star aware softswitch spools messages and forwards only selected messages (e.g., calls) to the devices in power saving mode. When the E-star compliant communications devices exit power saving mode, the E-star aware softswitch forwards spooled messages.

  13. RACOON: a multiuser QoS design for mobile wireless body area networks.

    PubMed

    Cheng, Shihheng; Huang, Chingyao; Tu, Chun Chen

    2011-10-01

    In this study, Random Contention-based Resource Allocation (RACOON) medium access control (MAC) protocol is proposed to support the quality of service (QoS) for multi-user mobile wireless body area networks (WBANs). Different from existing QoS designs that focus on a single WBAN, a multiuser WBAN QoS should further consider both inter-WBAN interference and inter-WBAN priorities. Similar problems have been studied in both overlapped wireless local area networks (WLANs) and Bluetooth piconets that need QoS supports. However, these solutions are designed for non-medical transmissions that do not consider any priority scheme for medical applications. Most importantly, these studies focus on only static or low mobility networks. Network mobility of WBANs will introduce unnecessary inter-network collisions and energy waste, which are not considered by these solutions. The proposed multiuser-QoS protocol, RACOON, simultaneously satisfies the inter WBAN QoS requirements and overcomes the performance degradation caused by WBAN mobility. Simulation results verify that RACOON provides better latency and energy control, as compared with WBAN QoS protocols without considering the inter-WBAN requirements.

  14. McMAC: Towards a MAC Protocol with Multi-Constrained QoS Provisioning for Diverse Traffic in Wireless Body Area Networks

    PubMed Central

    Monowar, Muhammad Mostafa; Hassan, Mohammad Mehedi; Bajaber, Fuad; Al-Hussein, Musaed; Alamri, Atif

    2012-01-01

    The emergence of heterogeneous applications with diverse requirements for resource-constrained Wireless Body Area Networks (WBANs) poses significant challenges for provisioning Quality of Service (QoS) with multi-constraints (delay and reliability) while preserving energy efficiency. To address such challenges, this paper proposes McMAC, a MAC protocol with multi-constrained QoS provisioning for diverse traffic classes in WBANs. McMAC classifies traffic based on their multi-constrained QoS demands and introduces a novel superframe structure based on the “transmit-whenever-appropriate” principle, which allows diverse periods for diverse traffic classes according to their respective QoS requirements. Furthermore, a novel emergency packet handling mechanism is proposed to ensure packet delivery with the least possible delay and the highest reliability. McMAC is also modeled analytically, and extensive simulations were performed to evaluate its performance. The results reveal that McMAC achieves the desired delay and reliability guarantee according to the requirements of a particular traffic class while achieving energy efficiency. PMID:23202224

  15. On Designing Thermal-Aware Localized QoS Routing Protocol for in-vivo Sensor Nodes in Wireless Body Area Networks.

    PubMed

    Monowar, Muhammad Mostafa; Bajaber, Fuad

    2015-06-15

    In this paper, we address the thermal rise and Quality-of-Service (QoS) provisioning issue for an intra-body Wireless Body Area Network (WBAN) having in-vivo sensor nodes. We propose a thermal-aware QoS routing protocol, called TLQoS, that facilitates the system in achieving desired QoS in terms of delay and reliability for diverse traffic types, as well as avoids the formation of highly heated nodes known as hotspot(s), and keeps the temperature rise along the network to an acceptable level. TLQoS exploits modular architecture wherein different modules perform integrated operations in providing multiple QoS service with lower temperature rise. To address the challenges of highly dynamic wireless environment inside the human body. TLQoS implements potential-based localized routing that requires only local neighborhood information. TLQoS avoids routing loop formation as well as reduces the number of hop traversal exploiting hybrid potential, and tuning a configurable parameter. We perform extensive simulations of TLQoS, and the results show that TLQoS has significant performance improvements over state-of-the-art approaches.

  16. On Designing Thermal-Aware Localized QoS Routing Protocol for in-vivo Sensor Nodes in Wireless Body Area Networks

    PubMed Central

    Monowar, Muhammad Mostafa; Bajaber, Fuad

    2015-01-01

    In this paper, we address the thermal rise and Quality-of-Service (QoS) provisioning issue for an intra-body Wireless Body Area Network (WBAN) having in-vivo sensor nodes. We propose a thermal-aware QoS routing protocol, called TLQoS, that facilitates the system in achieving desired QoS in terms of delay and reliability for diverse traffic types, as well as avoids the formation of highly heated nodes known as hotspot(s), and keeps the temperature rise along the network to an acceptable level. TLQoS exploits modular architecture wherein different modules perform integrated operations in providing multiple QoS service with lower temperature rise. To address the challenges of highly dynamic wireless environment inside the human body. TLQoS implements potential-based localized routing that requires only local neighborhood information. TLQoS avoids routing loop formation as well as reduces the number of hop traversal exploiting hybrid potential, and tuning a configurable parameter. We perform extensive simulations of TLQoS, and the results show that TLQoS has significant performance improvements over state-of-the-art approaches. PMID:26083228

  17. QoS mapping algorithm for ETE QoS provisioning

    NASA Astrophysics Data System (ADS)

    Wu, Jian J.; Foster, Gerry

    2002-08-01

    End-to-End (ETE) Quality of Service (QoS) is critical for next generation wireless multimedia communication systems. To meet the ETE QoS requirements, Universal Mobile Telecommunication System (UMTS) requires not only meeting the 3GPP QoS requirements [1-2] but also mapping external network QoS classes to UMTS QoS classes. There are four Quality of Services (QoS) classes in UMTS; they are Conversational, Streaming, Interactive and Background. There are eight QoS classes for LAN in IEEE 802.1 (one reserved). ATM has four QoS categories. They are Constant Bit Rate (CBR) - highest priority, short queue for strict Cell Delay Variation (CDV), Variable Bit Rate (VBR) - second highest priority, short queues for real time, longer queues for non-real time, Guaranteed Frame Rate (GFR)/ Unspecified Bit Rate (UBR) with Minimum Desired Cell Rate (MDCR) - intermediate priority, dependent on service provider UBR/ Available Bit Rate (ABR) - lowest priority, long queues, large delay variation. DiffServ (DS) has six-bit DS codepoint (DSCP) available to determine the datagram's priority relative to other datagrams and therefore, up to 64 QoS classes are available from the IPv4 and IPv6 DSCP. Different organisations have tried to solve the QoS issues from their own perspective. However, none of them has a full picture for end-to-end QoS classes and how to map them among all QoS classes. Therefore, a universal QoS needs to be created and a new set of QoS classes to enable end-to-end (ETE) QoS provisioning is required. In this paper, a new set of ETE QoS classes is proposed and a mappings algorithm for different QoS classes that are proposed by different organisations is given. With our proposal, ETE QoS mapping and control can be implemented.

  18. Intelligent QoS routing algorithm based on improved AODV protocol for Ad Hoc networks

    NASA Astrophysics Data System (ADS)

    Huibin, Liu; Jun, Zhang

    2016-04-01

    Mobile Ad Hoc Networks were playing an increasingly important part in disaster reliefs, military battlefields and scientific explorations. However, networks routing difficulties are more and more outstanding due to inherent structures. This paper proposed an improved cuckoo searching-based Ad hoc On-Demand Distance Vector Routing protocol (CSAODV). It elaborately designs the calculation methods of optimal routing algorithm used by protocol and transmission mechanism of communication-package. In calculation of optimal routing algorithm by CS Algorithm, by increasing QoS constraint, the found optimal routing algorithm can conform to the requirements of specified bandwidth and time delay, and a certain balance can be obtained among computation spending, bandwidth and time delay. Take advantage of NS2 simulation software to take performance test on protocol in three circumstances and validate the feasibility and validity of CSAODV protocol. In results, CSAODV routing protocol is more adapt to the change of network topological structure than AODV protocol, which improves package delivery fraction of protocol effectively, reduce the transmission time delay of network, reduce the extra burden to network brought by controlling information, and improve the routing efficiency of network.

  19. Cross-Layer Algorithms for QoS Enhancement in Wireless Multimedia Sensor Networks

    NASA Astrophysics Data System (ADS)

    Saxena, Navrati; Roy, Abhishek; Shin, Jitae

    A lot of emerging applications like advanced telemedicine and surveillance systems, demand sensors to deliver multimedia content with precise level of QoS enhancement. Minimizing energy in sensor networks has been a much explored research area but guaranteeing QoS over sensor networks still remains an open issue. In this letter we propose a cross-layer approach combining Network and MAC layers, for QoS enhancement in wireless multimedia sensor networks. In the network layer a statistical estimate of sensory QoS parameters is performed and a nearoptimal genetic algorithmic solution is proposed to solve the NP-complete QoS-routing problem. On the other hand the objective of the proposed MAC algorithm is to perform the QoS-based packet classification and automatic adaptation of the contention window. Simulation results demonstrate that the proposed protocol is capable of providing lower delay and better throughput, at the cost of reasonable energy consumption, in comparison with other existing sensory QoS protocols.

  20. IP access networks with QoS support

    NASA Astrophysics Data System (ADS)

    Sargento, Susana; Valadas, Rui J. M. T.; Goncalves, Jorge; Sousa, Henrique

    2001-07-01

    The increasing demand of new services and applications is pushing for drastic changes on the design of access networks targeted mainly for residential and SOHO users. Future access networks will provide full service integration (including multimedia), resource sharing at the packet level and QoS support. It is expected that using IP as the base technology, the ideal plug-and-play scenario, where the management actions of the access network operator are kept to a minimum, will be achieved easily. This paper proposes an architecture for access networks based on layer 2 or layer 3 multiplexers that allows a number of simplifications in the network elements and protocols (e.g. in the routing and addressing functions). We discuss two possible steps in the evolution of access networks towards a more efficient support of IP based services. The first one still provides no QoS support and was designed with the goal of reusing as much as possible current technologies; it is based on tunneling to transport PPP sessions. The second one introduces QoS support through the use of emerging technologies and protocols. We illustrate the different phases of a multimedia Internet access session, when using SIP for session initiation, COPS for the management of QoS policies including the AAA functions and RSVP for resource reservation.

  1. Security Verification of Secure MANET Routing Protocols

    DTIC Science & Technology

    2012-03-22

    SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS THESIS Matthew F. Steele, Captain, USAF AFIT/GCS/ ENG /12-03 DEPARTMENT OF THE AIR FORCE AIR...States AFIT/GCS/ ENG /12-03 SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS THESIS Presented to the Faculty Department of Electrical and Computer...DISTRIBUTION UNLIMITED AFIT/GCS/ ENG /12-03 SECURITY VERIFICATION OF SECURE MANET ROUTING PROTOCOLS Matthew F. Steele, B.S.E.E. Captain, USAF

  2. TD-LTE Wireless Private Network QoS Transmission Protection

    NASA Astrophysics Data System (ADS)

    Zhang, Jianming; Cheng, Chao; Wu, Zanhong

    With the commencement of construction of the smart grid, the demand power business for reliability and security continues to improve, the reliability transmission of power TD-LTE Wireless Private Network are more and more attention. For TD-LTE power private network, it can provide different QoS services according to the user's business type, to protect the reliable transmission of business. This article describes in detail the AF module of PCC in the EPC network, specifically introduces set up AF module station and QoS mechanisms in the EPS load, fully considers the business characteristics of the special power network, establishing a suitable architecture for mapping QoS parameters, ensuring the implementation of each QoS business. Through using radio bearer management, we can achieve the reliable transmission of each business on physical channel.

  3. mHealth data security: the need for HIPAA-compliant standardization.

    PubMed

    Luxton, David D; Kayl, Robert A; Mishkind, Matthew C

    2012-05-01

    The rise in the use of mobile devices, such as smartphones, tablet personal computers, and wireless medical devices, as well as the wireless networks that enable their use, has raised new concerns for data security and integrity. Standardized Health Insurance Portability and Accountability Act of 1996 (HIPAA)-compliant electronic data security that will allow ubiquitous use of mobile health technologies is needed. The lack of standardized data security to assure privacy, to allow interoperability, and to maximize the full capabilities of mobile devices presents a significant barrier to care. The purpose of this article is to provide an overview of the issue and to encourage discussion of this important topic. Current security needs, standards, limitations, and recommendations for how to address this barrier to care are discussed.

  4. CCSDS Advanced Orbiting Systems Virtual Channel Access Service for QoS MACHETE Model

    NASA Technical Reports Server (NTRS)

    Jennings, Esther H.; Segui, John S.

    2011-01-01

    To support various communications requirements imposed by different missions, interplanetary communication protocols need to be designed, validated, and evaluated carefully. Multimission Advanced Communications Hybrid Environment for Test and Evaluation (MACHETE), described in "Simulator of Space Communication Networks" (NPO-41373), NASA Tech Briefs, Vol. 29, No. 8 (August 2005), p. 44, combines various tools for simulation and performance analysis of space networks. The MACHETE environment supports orbital analysis, link budget analysis, communications network simulations, and hardware-in-the-loop testing. By building abstract behavioral models of network protocols, one can validate performance after identifying the appropriate metrics of interest. The innovators have extended the MACHETE model library to include a generic link-layer Virtual Channel (VC) model supporting quality-of-service (QoS) controls based on IP streams. The main purpose of this generic Virtual Channel model addition was to interface fine-grain flow-based QoS (quality of service) between the network and MAC layers of the QualNet simulator, a commercial component of MACHETE. This software model adds the capability of mapping IP streams, based on header fields, to virtual channel numbers, allowing extended QoS handling at link layer. This feature further refines the QoS v existing at the network layer. QoS at the network layer (e.g. diffserv) supports few QoS classes, so data from one class will be aggregated together; differentiating between flows internal to a class/priority is not supported. By adding QoS classification capability between network and MAC layers through VC, one maps multiple VCs onto the same physical link. Users then specify different VC weights, and different queuing and scheduling policies at the link layer. This VC model supports system performance analysis of various virtual channel link-layer QoS queuing schemes independent of the network-layer QoS systems.

  5. Achieving QoS for Aeronautical Telecommunication Networks Over Differentiated Services

    NASA Technical Reports Server (NTRS)

    Bai, Haowei; Atiquzzaman, Mohammed; Ivanic, William

    2001-01-01

    Aeronautical Telecommunication Network (ATN) has been developed by the International Civil Aviation Organization to integrate Air-Ground and Ground-Ground data communication for aeronautical applications into a single network serving Air Traffic Control and Aeronautical Operational Communications. To carry time critical information required for aeronautical applications, ATN provides different Quality of Services (QoS) to applications. ATN has therefore, been designed as a stand alone network which implies building an expensive separate network for ATN However, the cost of operating ATN can be reduced if it can be run over a public network such as the Internet. Although the current Internet does not provide QoS the next generation Internet is expected to provide QoS to applications. The objective of this paper is to investigate the possibility of providing QoS to ATN applications when it is run over the next generation Internet. Differentiated Services (DiffServ), one of the protocols proposed for the next generation Internet, will allow network service providers to offer different QoS to customers. Our results show that it is possible to provide QoS to ATN applications when they run over a DiffServ backbone.

  6. Achieving QoS for Aeronautical Telecommunication Networks over Differentiated Services

    NASA Technical Reports Server (NTRS)

    Bai, Haowei; Atiquzzaman, Mohammed; Ivancic, William

    2001-01-01

    Aeronautical Telecommunication Network (ATN) has been developed by the International Civil Aviation Organization to integrate Air-Ground and Ground-Ground data communication for aeronautical applications into a single network serving Air Traffic Control and Aeronautical Operational Communications. To carry time critical information required for aeronautical applications, ATN provides different Quality of Services (QoS) to applications. ATN has therefore, been designed as a standalone network which implies building an expensive separate network for ATN. However, the cost of operating ATN can be reduced if it can be run over a public network such as the Internet. Although the current Internet does not provide QoS, the next generation Internet is expected to provide QoS to applications. The objective of this paper is to investigate the possibility of providing QoS to ATN applications when it is run over the next generation Internet. Differentiated Services (DiffServ), one of the protocols proposed for the next generation Internet, will allow network service providers to offer different QoS to customers. Our results show that it is possible to provide QoS to ATN applications when they run over a DiffServ backbone.

  7. Two Phase Admission Control for QoS Mobile Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Chen, Chien-Sheng; Su, Yi-Wen; Liu, Wen-Hsiung; Chi, Ching-Lung

    In this paper a novel and effective two phase admission control (TPAC) for QoS mobile ad hoc networks is proposed that satisfies the real-time traffic requirements in mobile ad hoc networks. With a limited amount of extra overhead, TPAC can avoid network congestions by a simple and precise admission control which blocks most of the overloading flow-requests in the route discovery process. When compared with previous QoS routing schemes such as QoS-aware routing protocol and CACP protocols, it is shown from system simulations that the proposed scheme can increase the system throughput and reduce both the dropping rate and the end-to-end delay. Therefore, TPAC is surely an effective QoS-guarantee protocol to provide for real-time traffic.

  8. Evaluation of QoS supported in Network Mobility NEMO environments

    NASA Astrophysics Data System (ADS)

    Hussien, L. F.; Abdalla, A. H.; Habaebi, M. H.; Khalifa, O. O.; Hassan, W. H.

    2013-12-01

    Network mobility basic support (NEMO BS) protocol is an entire network, roaming as a unit which changes its point of attachment to the Internet and consequently its reachability in the network topology. NEMO BS doesn't provide QoS guarantees to its users same as traditional Internet IP and Mobile IPv6 as well. Typically, all the users will have same level of services without considering about their application requirements. This poses a problem to real-time applications that required QoS guarantees. To gain more effective control of the network, incorporated QoS is needed. Within QoS-enabled network the traffic flow can be distributed to various priorities. Also, the network bandwidth and resources can be allocated to different applications and users. Internet Engineering Task Force (IETF) working group has proposed several QoS solutions for static network such as IntServ, DiffServ and MPLS. These QoS solutions are designed in the context of a static environment (i.e. fixed hosts and networks). However, they are not fully adapted to mobile environments. They essentially demands to be extended and adjusted to meet up various challenges involved in mobile environments. With existing QoS mechanisms many proposals have been developed to provide QoS for individual mobile nodes (i.e. host mobility). In contrary, research based on the movement of the whole mobile network in IPv6 is still undertaking by the IETF working groups (i.e. network mobility). Few researches have been done in the area of providing QoS for roaming networks. Therefore, this paper aims to review and investigate (previous /and current) related works that have been developed to provide QoS in mobile network. Consequently, a new proposed scheme will be introduced to enhance QoS within NEMO environment, achieving by which seamless mobility to users of mobile network node (MNN).

  9. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

    PubMed Central

    Rahayu, Triana Mugia; Lee, Sang-Gon; Lee, Hoon-Jae

    2015-01-01

    The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both. PMID:26131669

  10. A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation.

    PubMed

    Rahayu, Triana Mugia; Lee, Sang-Gon; Lee, Hoon-Jae

    2015-06-26

    The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

  11. A Security Analysis of the 802.11s Wireless Mesh Network Routing Protocol and Its Secure Routing Protocols

    PubMed Central

    Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

    2013-01-01

    Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP. PMID:24002231

  12. A security analysis of the 802.11s wireless mesh network routing protocol and its secure routing protocols.

    PubMed

    Tan, Whye Kit; Lee, Sang-Gon; Lam, Jun Huy; Yoo, Seong-Moo

    2013-09-02

    Wireless mesh networks (WMNs) can act as a scalable backbone by connecting separate sensor networks and even by connecting WMNs to a wired network. The Hybrid Wireless Mesh Protocol (HWMP) is the default routing protocol for the 802.11s WMN. The routing protocol is one of the most important parts of the network, and it requires protection, especially in the wireless environment. The existing security protocols, such as the Broadcast Integrity Protocol (BIP), Counter with cipher block chaining message authentication code protocol (CCMP), Secure Hybrid Wireless Mesh Protocol (SHWMP), Identity Based Cryptography HWMP (IBC-HWMP), Elliptic Curve Digital Signature Algorithm HWMP (ECDSA-HWMP), and Watchdog-HWMP aim to protect the HWMP frames. In this paper, we have analyzed the vulnerabilities of the HWMP and developed security requirements to protect these identified vulnerabilities. We applied the security requirements to analyze the existing secure schemes for HWMP. The results of our analysis indicate that none of these protocols is able to satisfy all of the security requirements. We also present a quantitative complexity comparison among the protocols and an example of a security scheme for HWMP to demonstrate how the result of our research can be utilized. Our research results thus provide a tool for designing secure schemes for the HWMP.

  13. Towards Internet QoS provisioning based on generic distributed QoS adaptive routing engine.

    PubMed

    Haikal, Amira Y; Badawy, M; Ali, Hesham A

    2014-01-01

    Increasing efficiency and quality demands of modern Internet technologies drive today's network engineers to seek to provide quality of service (QoS). Internet QoS provisioning gives rise to several challenging issues. This paper introduces a generic distributed QoS adaptive routing engine (DQARE) architecture based on OSPFxQoS. The innovation of the proposed work in this paper is its undependability on the used QoS architectures and, moreover, splitting of the control strategy from data forwarding mechanisms, so we guarantee a set of absolute stable mechanisms on top of which Internet QoS can be built. DQARE architecture is furnished with three relevant traffic control schemes, namely, service differentiation, QoS routing, and traffic engineering. The main objective of this paper is to (i) provide a general configuration guideline for service differentiation, (ii) formalize the theoretical properties of different QoS routing algorithms and then introduce a QoS routing algorithm (QOPRA) based on dynamic programming technique, and (iii) propose QoS multipath forwarding (QMPF) model for paths diversity exploitation. NS2-based simulations proved the DQARE superiority in terms of delay, packet delivery ratio, throughput, and control overhead. Moreover, extensive simulations are used to compare the proposed QOPRA algorithm and QMPF model with their counterparts in the literature.

  14. Towards Internet QoS Provisioning Based on Generic Distributed QoS Adaptive Routing Engine

    PubMed Central

    Haikal, Amira Y.; Badawy, M.; Ali, Hesham A.

    2014-01-01

    Increasing efficiency and quality demands of modern Internet technologies drive today's network engineers to seek to provide quality of service (QoS). Internet QoS provisioning gives rise to several challenging issues. This paper introduces a generic distributed QoS adaptive routing engine (DQARE) architecture based on OSPFxQoS. The innovation of the proposed work in this paper is its undependability on the used QoS architectures and, moreover, splitting of the control strategy from data forwarding mechanisms, so we guarantee a set of absolute stable mechanisms on top of which Internet QoS can be built. DQARE architecture is furnished with three relevant traffic control schemes, namely, service differentiation, QoS routing, and traffic engineering. The main objective of this paper is to (i) provide a general configuration guideline for service differentiation, (ii) formalize the theoretical properties of different QoS routing algorithms and then introduce a QoS routing algorithm (QOPRA) based on dynamic programming technique, and (iii) propose QoS multipath forwarding (QMPF) model for paths diversity exploitation. NS2-based simulations proved the DQARE superiority in terms of delay, packet delivery ratio, throughput, and control overhead. Moreover, extensive simulations are used to compare the proposed QOPRA algorithm and QMPF model with their counterparts in the literature. PMID:25309955

  15. A dynamic access control method based on QoS requirement

    NASA Astrophysics Data System (ADS)

    Li, Chunquan; Wang, Yanwei; Yang, Baoye; Hu, Chunyang

    2013-03-01

    A dynamic access control method is put forward to ensure the security of the sharing service in Cloud Manufacturing, according to the application characteristics of cloud manufacturing collaborative task. The role-based access control (RBAC) model is extended according to the characteristics of cloud manufacturing in this method. The constraints are considered, which are from QoS requirement of the task context to access control, based on the traditional static authorization. The fuzzy policy rules are established about the weighted interval value of permissions. The access control authorities of executable service by users are dynamically adjusted through the fuzzy reasoning based on the QoS requirement of task. The main elements of the model are described. The fuzzy reasoning algorithm of weighted interval value based QoS requirement is studied. An effective method is provided to resolve the access control of cloud manufacturing.

  16. ATM QoS Experiments Using TCP Applications: Performance of TCP/IP Over ATM in a Variety of Errored Links

    NASA Technical Reports Server (NTRS)

    Frantz, Brian D.; Ivancic, William D.

    2001-01-01

    Asynchronous Transfer Mode (ATM) Quality of Service (QoS) experiments using the Transmission Control Protocol/Internet Protocol (TCP/IP) were performed for various link delays. The link delay was set to emulate a Wide Area Network (WAN) and a Satellite Link. The purpose of these experiments was to evaluate the ATM QoS requirements for applications that utilize advance TCP/IP protocols implemented with large windows and Selective ACKnowledgements (SACK). The effects of cell error, cell loss, and random bit errors on throughput were reported. The detailed test plan and test results are presented herein.

  17. The extended TRIP supporting VoIP routing reservation with distributed QoS

    NASA Astrophysics Data System (ADS)

    Wang, Furong; Wu, Ye

    2004-04-01

    In this paper, an existing protocol, i.e. TRIP (Telephony Routing over IP) is developed to provide distributed QoS when making resource reservations for VoIP services such as H.323, SIP. Enhanced LSs (location servers) are deployed in ITADs (IP Telephony Administrative Domains) to take in charge of intra-domain routing policy because of small propagation price. It is an easy way to find an IP telephone route for intra-domain VoIP media association and simultaneously possess intra-domain load balancing features. For those routing reservations bridging domains, inter-domain routing policy is responsible for finding the shortest inter-domain route with enough resources. I propose the routing preference policy based on QoS price when the session traffic is shaped by a token bucket, related QoS messages, and message cooperation.

  18. Joint Cross-Layer Design for Wireless QoS Content Delivery

    NASA Astrophysics Data System (ADS)

    Chen, Jie; Lv, Tiejun; Zheng, Haitao

    2005-12-01

    In this paper, we propose a joint cross-layer design for wireless quality-of-service (QoS) content delivery. Central to our proposed cross-layer design is the concept of adaptation. Adaptation represents the ability to adjust protocol stacks and applications to respond to channel variations. We focus our cross-layer design especially on the application, media access control (MAC), and physical layers. The network is designed based on our proposed fast frequency-hopping orthogonal frequency division multiplex (OFDM) technique. We also propose a QoS-awareness scheduler and a power adaptation transmission scheme operating at both the base station and mobile sides. The proposed MAC scheduler coordinates the transmissions of an IP base station and mobile nodes. The scheduler also selects appropriate transmission formats and packet priorities for individual users based on current channel conditions and the users' QoS requirements. The test results show that our cross-layer design provides an excellent framework for wireless QoS content delivery.

  19. Hybrid architecture for building secure sensor networks

    NASA Astrophysics Data System (ADS)

    Owens, Ken R., Jr.; Watkins, Steve E.

    2012-04-01

    Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

  20. Providing end-to-end QoS for multimedia applications in 3G wireless networks

    NASA Astrophysics Data System (ADS)

    Guo, Katherine; Rangarajan, Samapth; Siddiqui, M. A.; Paul, Sanjoy

    2003-11-01

    As the usage of wireless packet data services increases, wireless carriers today are faced with the challenge of offering multimedia applications with QoS requirements within current 3G data networks. End-to-end QoS requires support at the application, network, link and medium access control (MAC) layers. We discuss existing CDMA2000 network architecture and show its shortcomings that prevent supporting multiple classes of traffic at the Radio Access Network (RAN). We then propose changes in RAN within the standards framework that enable support for multiple traffic classes. In addition, we discuss how Session Initiation Protocol (SIP) can be augmented with QoS signaling for supporting end-to-end QoS. We also review state of the art scheduling algorithms at the base station and provide possible extensions to these algorithms to support different classes of traffic as well as different classes of users.

  1. Three-step semiquantum secure direct communication protocol

    NASA Astrophysics Data System (ADS)

    Zou, XiangFu; Qiu, DaoWen

    2014-09-01

    Quantum secure direct communication is the direct communication of secret messages without need for establishing a shared secret key first. In the existing schemes, quantum secure direct communication is possible only when both parties are quantum. In this paper, we construct a three-step semiquantum secure direct communication (SQSDC) protocol based on single photon sources in which the sender Alice is classical. In a semiquantum protocol, a person is termed classical if he (she) can measure, prepare and send quantum states only with the fixed orthogonal quantum basis {|0>, |1>}. The security of the proposed SQSDC protocol is guaranteed by the complete robustness of semiquantum key distribution protocols and the unconditional security of classical one-time pad encryption. Therefore, the proposed SQSDC protocol is also completely robust. Complete robustness indicates that nonzero information acquired by an eavesdropper Eve on the secret message implies the nonzero probability that the legitimate participants can find errors on the bits tested by this protocol. In the proposed protocol, we suggest a method to check Eves disturbing in the doves returning phase such that Alice does not need to announce publicly any position or their coded bits value after the photons transmission is completed. Moreover, the proposed SQSDC protocol can be implemented with the existing techniques. Compared with many quantum secure direct communication protocols, the proposed SQSDC protocol has two merits: firstly the sender only needs classical capabilities; secondly to check Eves disturbing after the transmission of quantum states, no additional classical information is needed.

  2. A Lightweight Protocol for Secure Video Streaming.

    PubMed

    Venčkauskas, Algimantas; Morkevicius, Nerijus; Bagdonas, Kazimieras; Damaševičius, Robertas; Maskeliūnas, Rytis

    2018-05-14

    The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing "Fog Node-End Device" layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard.

  3. A Lightweight Protocol for Secure Video Streaming

    PubMed Central

    Morkevicius, Nerijus; Bagdonas, Kazimieras

    2018-01-01

    The Internet of Things (IoT) introduces many new challenges which cannot be solved using traditional cloud and host computing models. A new architecture known as fog computing is emerging to address these technological and security gaps. Traditional security paradigms focused on providing perimeter-based protections and client/server point to point protocols (e.g., Transport Layer Security (TLS)) are no longer the best choices for addressing new security challenges in fog computing end devices, where energy and computational resources are limited. In this paper, we present a lightweight secure streaming protocol for the fog computing “Fog Node-End Device” layer. This protocol is lightweight, connectionless, supports broadcast and multicast operations, and is able to provide data source authentication, data integrity, and confidentiality. The protocol is based on simple and energy efficient cryptographic methods, such as Hash Message Authentication Codes (HMAC) and symmetrical ciphers, and uses modified User Datagram Protocol (UDP) packets to embed authentication data into streaming data. Data redundancy could be added to improve reliability in lossy networks. The experimental results summarized in this paper confirm that the proposed method efficiently uses energy and computational resources and at the same time provides security properties on par with the Datagram TLS (DTLS) standard. PMID:29757988

  4. A model based security testing method for protocol implementation.

    PubMed

    Fu, Yu Long; Xin, Xiao Long

    2014-01-01

    The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation.

  5. A Model Based Security Testing Method for Protocol Implementation

    PubMed Central

    Fu, Yu Long; Xin, Xiao Long

    2014-01-01

    The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation. PMID:25105163

  6. Security and SCADA protocols

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Igure, V. M.; Williams, R. D.

    2006-07-01

    Supervisory control and data acquisition (SCADA) networks have replaced discrete wiring for many industrial processes, and the efficiency of the network alternative suggests a trend toward more SCADA networks in the future. This paper broadly considers SCADA to include distributed control systems (DCS) and digital control systems. These networks offer many advantages, but they also introduce potential vulnerabilities that can be exploited by adversaries. Inter-connectivity exposes SCADA networks to many of the same threats that face the public internet and many of the established defenses therefore show promise if adapted to the SCADA differences. This paper provides an overview ofmore » security issues in SCADA networks and ongoing efforts to improve the security of these networks. Initially, a few samples from the range of threats to SCADA network security are offered. Next, attention is focused on security assessment of SCADA communication protocols. Three challenges must be addressed to strengthen SCADA networks. Access control mechanisms need to be introduced or strengthened, improvements are needed inside of the network to enhance security and network monitoring, and SCADA security management improvements and policies are needed. This paper discusses each of these challenges. This paper uses the Profibus protocol as an example to illustrate some of the vulnerabilities that arise within SCADA networks. The example Profibus security assessment establishes a network model and an attacker model before proceeding to a list of example attacks. (authors)« less

  7. Analysis of QoS Requirements for e-Health Services and Mapping to Evolved Packet System QoS Classes

    PubMed Central

    Skorin-Kapov, Lea; Matijasevic, Maja

    2010-01-01

    E-Health services comprise a broad range of healthcare services delivered by using information and communication technology. In order to support existing as well as emerging e-Health services over converged next generation network (NGN) architectures, there is a need for network QoS control mechanisms that meet the often stringent requirements of such services. In this paper, we evaluate the QoS support for e-Health services in the context of the Evolved Packet System (EPS), specified by the Third Generation Partnership Project (3GPP) as a multi-access all-IP NGN. We classify heterogeneous e-Health services based on context and network QoS requirements and propose a mapping to existing 3GPP QoS Class Identifiers (QCIs) that serve as a basis for the class-based QoS concept of the EPS. The proposed mapping aims to provide network operators with guidelines for meeting heterogeneous e-Health service requirements. As an example, we present the QoS requirements for a prototype e-Health service supporting tele-consultation between a patient and a doctor and illustrate the use of the proposed mapping to QCIs in standardized QoS control procedures. PMID:20976301

  8. Multiantenna Relay Beamforming Design for QoS Discrimination in Two-Way Relay Networks

    PubMed Central

    Xiong, Ke; Zhang, Yu; Li, Dandan; Zhong, Zhangdui

    2013-01-01

    This paper investigates the relay beamforming design for quality of service (QoS) discrimination in two-way relay networks. The purpose is to keep legitimate two-way relay users exchange their information via a helping multiantenna relay with QoS guarantee while avoiding the exchanged information overhearing by unauthorized receiver. To this end, we propose a physical layer method, where the relay beamforming is jointly designed with artificial noise (AN) which is used to interfere in the unauthorized user's reception. We formulate the joint beamforming and AN (BFA) design into an optimization problem such that the received signal-to-interference-ratio (SINR) at the two legitimate users is over a predefined QoS threshold while limiting the received SINR at the unauthorized user which is under a certain secure threshold. The objective of the optimization problem is to seek the optimal AN and beamforming vectors to minimize the total power consumed by the relay node. Since the optimization problem is nonconvex, we solve it by using semidefinite program (SDP) relaxation. For comparison, we also study the optimal relay beamforming without using AN (BFO) under the same QoS discrimination constraints. Simulation results show that both the proposed BFA and BFO can achieve the QoS discrimination of the two-way transmission. However, the proposed BFA yields significant power savings and lower infeasible rates compared with the BFO method. PMID:24391459

  9. Toward Synthesis, Analysis, and Certification of Security Protocols

    NASA Technical Reports Server (NTRS)

    Schumann, Johann

    2004-01-01

    Implemented security protocols are basically pieces of software which are used to (a) authenticate the other communication partners, (b) establish a secure communication channel between them (using insecure communication media), and (c) transfer data between the communication partners in such a way that these data only available to the desired receiver, but not to anyone else. Such an implementation usually consists of the following components: the protocol-engine, which controls in which sequence the messages of the protocol are sent over the network, and which controls the assembly/disassembly and processing (e.g., decryption) of the data. the cryptographic routines to actually encrypt or decrypt the data (using given keys), and t,he interface to the operating system and to the application. For a correct working of such a security protocol, all of these components must work flawlessly. Many formal-methods based techniques for the analysis of a security protocols have been developed. They range from using specific logics (e.g.: BAN-logic [4], or higher order logics [12] to model checking [2] approaches. In each approach, the analysis tries to prove that no (or at least not a modeled intruder) can get access to secret data. Otherwise, a scenario illustrating the &tack may be produced. Despite the seeming simplicity of security protocols ("only" a few messages are sent between the protocol partners in order to ensure a secure communication), many flaws have been detected. Unfortunately, even a perfect protocol engine does not guarantee flawless working of a security protocol, as incidents show. Many break-ins and security vulnerabilities are caused by exploiting errors in the implementation of the protocol engine or the underlying operating system. Attacks using buffer-overflows are a very common class of such attacks. Errors in the implementation of exception or error handling can open up additional vulnerabilities. For example, on a website with a log-in screen

  10. Design and Implementation of a Secure Modbus Protocol

    NASA Astrophysics Data System (ADS)

    Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

    The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

  11. Secure authentication protocol for Internet applications over CATV network

    NASA Astrophysics Data System (ADS)

    Chin, Le-Pond

    1998-02-01

    An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

  12. SLA-aware differentiated QoS in elastic optical networks

    NASA Astrophysics Data System (ADS)

    Agrawal, Anuj; Vyas, Upama; Bhatia, Vimal; Prakash, Shashi

    2017-07-01

    The quality of service (QoS) offered by optical networks can be improved by accurate provisioning of service level specifications (SLSs) included in the service level agreement (SLA). A large number of users coexisting in the network require different services. Thus, a pragmatic network needs to offer a differentiated QoS to a variety of users according to the SLA contracted for different services at varying costs. In conventional wavelength division multiplexed (WDM) optical networks, service differentiation is feasible only for a limited number of users because of its fixed-grid structure. Newly introduced flex-grid based elastic optical networks (EONs) are more adaptive to traffic requirements as compared to the WDM networks because of the flexibility in their grid structure. Thus, we propose an efficient SLA provisioning algorithm with improved QoS for these flex-grid EONs empowered by optical orthogonal frequency division multiplexing (O-OFDM). The proposed algorithm, called SLA-aware differentiated QoS (SADQ), employs differentiation at the level of routing, spectrum allocation, and connection survivability. The proposed SADQ aims to accurately provision the SLA using such multilevel differentiation with an objective to improve the spectrum utilization from the network operator's perspective. SADQ is evaluated for three different CoSs under various traffic demand patterns and for different ratios of the number of requests belonging to the three considered CoSs. We propose two new SLA metrics for the improvement of functional QoS requirements, namely, security, confidentiality and survivability of high class of service (CoS) traffic. Since, to the best of our knowledge, the proposed SADQ is the first scheme in optical networks to employ exhaustive differentiation at the levels of routing, spectrum allocation, and survivability in a single algorithm, we first compare the performance of SADQ in EON and currently deployed WDM networks to assess the

  13. Quantum And Relativistic Protocols For Secure Multi-Party Computation

    NASA Astrophysics Data System (ADS)

    Colbeck, Roger

    2009-11-01

    After a general introduction, the thesis is divided into four parts. In the first, we discuss the task of coin tossing, principally in order to highlight the effect different physical theories have on security in a straightforward manner, but, also, to introduce a new protocol for non-relativistic strong coin tossing. This protocol matches the security of the best protocol known to date while using a conceptually different approach to achieve the task. In the second part variable bias coin tossing is introduced. This is a variant of coin tossing in which one party secretly chooses one of two biased coins to toss. It is shown that this can be achieved with unconditional security for a specified range of biases, and with cheat-evident security for any bias. We also discuss two further protocols which are conjectured to be unconditionally secure for any bias. The third section looks at other two-party secure computations for which, prior to our work, protocols and no-go theorems were unknown. We introduce a general model for such computations, and show that, within this model, a wide range of functions are impossible to compute securely. We give explicit cheating attacks for such functions. In the final chapter we discuss the task of expanding a private random string, while dropping the usual assumption that the protocol's user trusts her devices. Instead we assume that all quantum devices are supplied by an arbitrarily malicious adversary. We give two protocols that we conjecture securely perform this task. The first allows a private random string to be expanded by a finite amount, while the second generates an arbitrarily large expansion of such a string.

  14. Simple proof of security of the BB84 quantum key distribution protocol

    PubMed

    Shor; Preskill

    2000-07-10

    We prove that the 1984 protocol of Bennett and Brassard (BB84) for quantum key distribution is secure. We first give a key distribution protocol based on entanglement purification, which can be proven secure using methods from Lo and Chau's proof of security for a similar protocol. We then show that the security of this protocol implies the security of BB84. The entanglement purification based protocol uses Calderbank-Shor-Steane codes, and properties of these codes are used to remove the use of quantum computation from the Lo-Chau protocol.

  15. Security of six-state quantum key distribution protocol with threshold detectors

    PubMed Central

    Kato, Go; Tamaki, Kiyoshi

    2016-01-01

    The security of quantum key distribution (QKD) is established by a security proof, and the security proof puts some assumptions on the devices consisting of a QKD system. Among such assumptions, security proofs of the six-state protocol assume the use of photon number resolving (PNR) detector, and as a result the bit error rate threshold for secure key generation for the six-state protocol is higher than that for the BB84 protocol. Unfortunately, however, this type of detector is demanding in terms of technological level compared to the standard threshold detector, and removing the necessity of such a detector enhances the feasibility of the implementation of the six-state protocol. Here, we develop the security proof for the six-state protocol and show that we can use the threshold detector for the six-state protocol. Importantly, the bit error rate threshold for the key generation for the six-state protocol (12.611%) remains almost the same as the one (12.619%) that is derived from the existing security proofs assuming the use of PNR detectors. This clearly demonstrates feasibility of the six-state protocol with practical devices. PMID:27443610

  16. Unconditional security of a three state quantum key distribution protocol.

    PubMed

    Boileau, J-C; Tamaki, K; Batuwantudawe, J; Laflamme, R; Renes, J M

    2005-02-04

    Quantum key distribution (QKD) protocols are cryptographic techniques with security based only on the laws of quantum mechanics. Two prominent QKD schemes are the Bennett-Brassard 1984 and Bennett 1992 protocols that use four and two quantum states, respectively. In 2000, Phoenix et al. proposed a new family of three-state protocols that offers advantages over the previous schemes. Until now, an error rate threshold for security of the symmetric trine spherical code QKD protocol has been shown only for the trivial intercept-resend eavesdropping strategy. In this Letter, we prove the unconditional security of the trine spherical code QKD protocol, demonstrating its security up to a bit error rate of 9.81%. We also discuss how this proof applies to a version of the trine spherical code QKD protocol where the error rate is evaluated from the number of inconclusive events.

  17. Genomics-Based Security Protocols: From Plaintext to Cipherprotein

    NASA Technical Reports Server (NTRS)

    Shaw, Harry; Hussein, Sayed; Helgert, Hermann

    2011-01-01

    The evolving nature of the internet will require continual advances in authentication and confidentiality protocols. Nature provides some clues as to how this can be accomplished in a distributed manner through molecular biology. Cryptography and molecular biology share certain aspects and operations that allow for a set of unified principles to be applied to problems in either venue. A concept for developing security protocols that can be instantiated at the genomics level is presented. A DNA (Deoxyribonucleic acid) inspired hash code system is presented that utilizes concepts from molecular biology. It is a keyed-Hash Message Authentication Code (HMAC) capable of being used in secure mobile Ad hoc networks. It is targeted for applications without an available public key infrastructure. Mechanics of creating the HMAC are presented as well as a prototype HMAC protocol architecture. Security concepts related to the implementation differences between electronic domain security and genomics domain security are discussed.

  18. An eCK-Secure Authenticated Key Exchange Protocol without Random Oracles

    NASA Astrophysics Data System (ADS)

    Moriyama, Daisuke; Okamoto, Tatsuaki

    This paper presents a (PKI-based) two-pass authenticated key exchange (AKE) protocol that is secure in the extended Canetti-Krawczyk (eCK) security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and relies on no implementation techniques such as a trick by LaMacchia, Lauter and Mityagin (so-called the NAXOS trick). Since an AKE protocol that is eCK-secure under a NAXOS-like implementation trick will be no more eCK-secure if some realistic information leakage occurs through side-channel attacks, it has been an important open problem how to realize an eCK-secure AKE protocol without using the NAXOS tricks (and without random oracles).

  19. Security of a single-state semi-quantum key distribution protocol

    NASA Astrophysics Data System (ADS)

    Zhang, Wei; Qiu, Daowen; Mateus, Paulo

    2018-06-01

    Semi-quantum key distribution protocols are allowed to set up a secure secret key between two users. Compared with their full quantum counterparts, one of the two users is restricted to perform some "classical" or "semi-quantum" operations, which potentially makes them easily realizable by using less quantum resource. However, the semi-quantum key distribution protocols mainly rely on a two-way quantum channel. The eavesdropper has two opportunities to intercept the quantum states transmitted in the quantum communication stage. It may allow the eavesdropper to get more information and make the security analysis more complicated. In the past ten years, many semi-quantum key distribution protocols have been proposed and proved to be robust. However, there are few works concerning their unconditional security. It is doubted that how secure the semi-quantum ones are and how much noise they can tolerate to establish a secure secret key. In this paper, we prove the unconditional security of a single-state semi-quantum key distribution protocol proposed by Zou et al. (Phys Rev A 79:052312, 2009). We present a complete proof from information theory aspect by deriving a lower bound of the protocol's key rate in the asymptotic scenario. Using this bound, we figure out an error threshold value such that for all error rates that are less than this threshold value, the secure secret key can be established between the legitimate users definitely. Otherwise, the users should abort the protocol. We make an illustration of the protocol under the circumstance that the reverse quantum channel is a depolarizing one with parameter q. Additionally, we compare the error threshold value with some full quantum protocols and several existing semi-quantum ones whose unconditional security proofs have been provided recently.

  20. Distance bounded energy detecting ultra-wideband impulse radio secure protocol.

    PubMed

    Hedin, Daniel S; Kollmann, Daniel T; Gibson, Paul L; Riehle, Timothy H; Seifert, Gregory J

    2014-01-01

    We present a demonstration of a novel protocol for secure transmissions on a Ultra-wideband impulse radio that includes distance bounding. Distance bounding requires radios to be within a certain radius to communicate. This new protocol can be used in body area networks for medical devices where security is imperative. Many current wireless medical devices were not designed with security as a priority including devices that can be life threatening if controlled by a hacker. This protocol provides multiple levels of security including encryption and a distance bounding test to prevent long distance attacks.

  1. Provably-Secure (Chinese Government) SM2 and Simplified SM2 Key Exchange Protocols

    PubMed Central

    Nam, Junghyun; Kim, Moonseong

    2014-01-01

    We revisit the SM2 protocol, which is widely used in Chinese commercial applications and by Chinese government agencies. Although it is by now standard practice for protocol designers to provide security proofs in widely accepted security models in order to assure protocol implementers of their security properties, the SM2 protocol does not have a proof of security. In this paper, we prove the security of the SM2 protocol in the widely accepted indistinguishability-based Bellare-Rogaway model under the elliptic curve discrete logarithm problem (ECDLP) assumption. We also present a simplified and more efficient version of the SM2 protocol with an accompanying security proof. PMID:25276863

  2. Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice.

    PubMed

    Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

    2016-06-15

    Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities.

  3. Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice

    PubMed Central

    Javed, Muhammad Awais; Ben Hamida, Elyes; Znaidi, Wassim

    2016-01-01

    Connecting vehicles securely and reliably is pivotal to the implementation of next generation ITS applications of smart cities. With continuously growing security threats, vehicles could be exposed to a number of service attacks that could put their safety at stake. To address this concern, both US and European ITS standards have selected Elliptic Curve Cryptography (ECC) algorithms to secure vehicular communications. However, there is still a lack of benchmarking studies on existing security standards in real-world settings. In this paper, we first analyze the security architecture of the ETSI ITS standard. We then implement the ECC based digital signature and encryption procedures using an experimental test-bed and conduct an extensive benchmark study to assess their performance which depends on factors such as payload size, processor speed and security levels. Using network simulation models, we further evaluate the impact of standard compliant security procedures in dense and realistic smart cities scenarios. Obtained results suggest that existing security solutions directly impact the achieved quality of service (QoS) and safety awareness of vehicular applications, in terms of increased packet inter-arrival delays, packet and cryptographic losses, and reduced safety awareness in safety applications. Finally, we summarize the insights gained from the simulation results and discuss open research challenges for efficient working of security in ITS applications of smart cities. PMID:27314358

  4. Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

    PubMed Central

    Paramasivan, B.; Kaliappan, M.

    2014-01-01

    Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP. PMID:25143986

  5. Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

    PubMed

    Paramasivan, B; Kaliappan, M

    2014-01-01

    Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

  6. Secure password-based authenticated key exchange for web services

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Liang, Fang; Meder, Samuel; Chevassut, Olivier

    This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options inmore » the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.« less

  7. Achieving QoS for TCP Traffic in Satellite Networks with Differentiated Services

    NASA Technical Reports Server (NTRS)

    Durresi, Arjan; Kota, Sastri; Goyal, Mukul; Jain, Raj; Bharani, Venkata

    2001-01-01

    Satellite networks play an indispensable role in providing global Internet access and electronic connectivity. To achieve such a global communications, provisioning of quality of service (QoS) within the advanced satellite systems is the main requirement. One of the key mechanisms of implementing the quality of service is traffic management. Traffic management becomes a crucial factor in the case of satellite network because of the limited availability of their resources. Currently, Internet Protocol (IP) only has minimal traffic management capabilities and provides best effort services. In this paper, we presented a broadband satellite network QoS model and simulated performance results. In particular, we discussed the TCP flow aggregates performance for their good behavior in the presence of competing UDP flow aggregates in the same assured forwarding. We identified several factors that affect the performance in the mixed environments and quantified their effects using a full factorial design of experiment methodology.

  8. A secured authentication protocol for wireless sensor networks using elliptic curves cryptography.

    PubMed

    Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

    2011-01-01

    User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das' protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

  9. A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

    PubMed Central

    Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

    2011-01-01

    User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das’ protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs. PMID:22163874

  10. Analysis of Security Protocols for Mobile Healthcare.

    PubMed

    Wazid, Mohammad; Zeadally, Sherali; Das, Ashok Kumar; Odelu, Vanga

    2016-11-01

    Mobile Healthcare (mHealth) continues to improve because of significant improvements and the decreasing costs of Information Communication Technologies (ICTs). mHealth is a medical and public health practice, which is supported by mobile devices (for example, smartphones) and, patient monitoring devices (for example, various types of wearable sensors, etc.). An mHealth system enables healthcare experts and professionals to have ubiquitous access to a patient's health data along with providing any ongoing medical treatment at any time, any place, and from any device. It also helps the patient requiring continuous medical monitoring to stay in touch with the appropriate medical staff and healthcare experts remotely. Thus, mHealth has become a major driving force in improving the health of citizens today. First, we discuss the security requirements, issues and threats to the mHealth system. We then present a taxonomy of recently proposed security protocols for mHealth system based on features supported and possible attacks, computation cost and communication cost. Our detailed taxonomy demonstrates the strength and weaknesses of recently proposed security protocols for the mHealth system. Finally, we identify some of the challenges in the area of security protocols for mHealth systems that still need to be addressed in the future to enable cost-effective, secure and robust mHealth systems.

  11. Framework for experimenting with QoS for multimedia services

    NASA Astrophysics Data System (ADS)

    Chen, Deming; Colwell, Regis; Gelman, Herschel; Chrysanthis, Panos K.; Mosse, Daniel

    1996-03-01

    It has been recognized that an effective support for multimedia applications must provide Quality of Service (QoS) guarantees. Current methods propose to provide such QoS guarantees through coordinated network resource reservations. In our approach, we extend this idea providing system-wide QoS guarantees that consider the data manipulation and transformations needed in the intermediate and end sites of the network. Given a user's QoS requirements, multisegment virtual channels are established with the necessary communication and computation resources reserved for the timely, synchronized, and reliable delivery of the different datatypes. Such data originate in several distributed data repositories, are transformed at intermediate service stations into suitable formats for transportation and presentation, and are delivered to a viewing unit. In this paper, we first review NETWORLD, an architecture that provides such QoS guarantees and an interface for the specification and negotiation of user-level QoS requirements. Our user interface supports both expert and non- expert modes. We then describe how to map user-level QoS requirements into low-level system parameters, leading into a contract between the application and the network. The mapping considers various characteristics of the architectures (such as the hardware and software available at each source, destination, or intermediate site) as well as cost constraints.

  12. Providing QoS guarantee in 3G wireless networks

    NASA Astrophysics Data System (ADS)

    Chuah, MooiChoo; Huang, Min; Kumar, Suresh

    2001-07-01

    The third generation networks and services present opportunities to offer multimedia applications and services that meet end-to-end quality of service requirements. In this article, we present UMTS QoS architecture and its requirements. This includes the definition of QoS parameters, traffic classes, the end-to-end data delivery model, and the mapping of end-to-end services to the services provided by the network elements of the UMTS. End-to-end QoS of a user flow is achieved by the combination of the QoS control over UMTS Domain and the IP core Network. In the Third Generation Wireless network, UMTS bearer service manager is responsible to manage radio and transport resources to QoS-enabled applications. The UMTS bearer service consists of the Radio Access Bearer Service between Mobile Terminal and SGSN and Core Network bearer service between SGSN and GGSN. The Radio Access Bearer Service is further realized by the Radio Bearer Service (mostly air interface) and Iu bearer service. For the 3G air interface, one can provide differentiated QoS via intelligent burst allocation scheme, adaptive spreading factor control and weighted fair queueing scheduling algorithms. Next, we discuss the requirements for the transport technologies in the radio access network to provide differentiated QoS to multiple classes of traffic. We discuss both ATM based and IP based transport solutions. Last but not least, we discuss how QoS mechanism is provided in the core network to ensure e2e quality of service requirements. We discuss how mobile terminals that use RSVP as QoS signaling mechanisms can be are supported in the 3G network which may implement only IETF diffserv mechanism. . We discuss how one can map UMTS QoS classes with IETF diffserv code points. We also discuss 2G/3G handover scenarios and how the 2G/3G QoS parameters can be mapped.

  13. Bundle Security Protocol for ION

    NASA Technical Reports Server (NTRS)

    Burleigh, Scott C.; Birrane, Edward J.; Krupiarz, Christopher

    2011-01-01

    This software implements bundle authentication, conforming to the Delay-Tolerant Networking (DTN) Internet Draft on Bundle Security Protocol (BSP), for the Interplanetary Overlay Network (ION) implementation of DTN. This is the only implementation of BSP that is integrated with ION.

  14. Satellite-Friendly Protocols and Standards

    NASA Astrophysics Data System (ADS)

    Koudelka, O.; Schmidt, M.; Ebert, J.; Schlemmer, H.; Kastner, S.; Riedler, W.

    2002-01-01

    We are currently observing a development unprecedented with other services, the enormous growth of the Internet. Video, voice and data applications can be supported via this network in high quality. Multi-media applications require high bandwidth which may not be available in many areas. When making proper use of the broadcast feature of a communications satellite, the performance of the satellite-based system can compare favourably to terrestrial solutions. Internet applications are in many cases highly asymmetric, making them very well suited to applications using small and inexpensive terminals. Data from one source may be used simultaneously by a large number of users. The Internet protocol suite has become the de-facto standard. But this protocol family in its original form has not been designed to support guaranteed quality of service, a prerequisite for real-time, high quality traffic. The Internet Protocol has to be adapted for the satellite environment, because long roundtrip delays and the error behaviour of the channel could make it inefficient over a GEO satellite. Another requirement is to utilise the satellite bandwidth as efficiently as possible. This can be achieved by adapting the access system to the nature of IP frames, which are variable in length. In the framework of ESA's ARTES project a novel satellite multimedia system was developed which utilises Multi-Frequency TDMA in a meshed network topology. The system supports Quality of Service (QoS) by reserving capacity with different QoS requirements. The system is centrally controlled by a master station with the implementation of a demand assignment (DAMA) system. A lean internal signalling system has been adopted. Network management is based on the SNMP protocol and industry-standard network management platforms, making interfaces to standard accounting and billing systems easy. Modern communication systems will have to be compliant to different standards in a very flexible manner. The

  15. A Secure Authenticated Key Exchange Protocol for Credential Services

    NASA Astrophysics Data System (ADS)

    Shin, Seonghan; Kobara, Kazukuni; Imai, Hideki

    In this paper, we propose a leakage-resilient and proactive authenticated key exchange (called LRP-AKE) protocol for credential services which provides not only a higher level of security against leakage of stored secrets but also secrecy of private key with respect to the involving server. And we show that the LRP-AKE protocol is provably secure in the random oracle model with the reduction to the computational Difie-Hellman problem. In addition, we discuss about some possible applications of the LRP-AKE protocol.

  16. Bidirectional QoS support for novelty detection applications based on hierarchical wireless sensor network model

    NASA Astrophysics Data System (ADS)

    Edwards, Mark; Hu, Fei; Kumar, Sunil

    2004-10-01

    The research on the Novelty Detection System (NDS) (called as VENUS) at the authors' universities has generated exciting results. For example, we can detect an abnormal behavior (such as cars thefts from the parking lot) from a series of video frames based on the cognitively motivated theory of habituation. In this paper, we would like to describe the implementation strategies of lower layer protocols for using large-scale Wireless Sensor Networks (WSN) to NDS with Quality-of-Service (QoS) support. Wireless data collection framework, consisting of small and low-power sensor nodes, provides an alternative mechanism to observe the physical world, by using various types of sensing capabilities that include images (and even videos using Panoptos), sound and basic physical measurements such as temperature. We do not want to lose any 'data query command' packets (in the downstream direction: sink-to-sensors) or have any bit-errors in them since they are so important to the whole sensor network. In the upstream direction (sensors-to-sink), we may tolerate the loss of some sensing data packets. But the 'interested' sensing flow should be assigned a higher priority in terms of multi-hop path choice, network bandwidth allocation, and sensing data packet generation frequency (we hope to generate more sensing data packet for that novel event in the specified network area). The focus of this paper is to investigate MAC-level Quality of Service (QoS) issue in Wireless Sensor Networks (WSN) for Novelty Detection applications. Although QoS has been widely studied in other types of networks including wired Internet, general ad hoc networks and mobile cellular networks, we argue that QoS in WSN has its own characteristics. In wired Internet, the main QoS parameters include delay, jitter and bandwidth. In mobile cellular networks, two most common QoS metrics are: handoff call dropping probability and new call blocking probability. Since the main task of WSN is to detect and report

  17. Study on Cloud Security Based on Trust Spanning Tree Protocol

    NASA Astrophysics Data System (ADS)

    Lai, Yingxu; Liu, Zenghui; Pan, Qiuyue; Liu, Jing

    2015-09-01

    Attacks executed on Spanning Tree Protocol (STP) expose the weakness of link layer protocols and put the higher layers in jeopardy. Although the problems have been studied for many years and various solutions have been proposed, many security issues remain. To enhance the security and credibility of layer-2 network, we propose a trust-based spanning tree protocol aiming at achieving a higher credibility of LAN switch with a simple and lightweight authentication mechanism. If correctly implemented in each trusted switch, the authentication of trust-based STP can guarantee the credibility of topology information that is announced to other switch in the LAN. To verify the enforcement of the trusted protocol, we present a new trust evaluation method of the STP using a specification-based state model. We implement a prototype of trust-based STP to investigate its practicality. Experiment shows that the trusted protocol can achieve security goals and effectively avoid STP attacks with a lower computation overhead and good convergence performance.

  18. Data-centric multiobjective QoS-aware routing protocol for body sensor networks.

    PubMed

    Razzaque, Md Abdur; Hong, Choong Seon; Lee, Sungwon

    2011-01-01

    In this paper, we address Quality-of-Service (QoS)-aware routing issue for Body Sensor Networks (BSNs) in delay and reliability domains. We propose a data-centric multiobjective QoS-Aware routing protocol, called DMQoS, which facilitates the system to achieve customized QoS services for each traffic category differentiated according to the generated data types. It uses modular design architecture wherein different units operate in coordination to provide multiple QoS services. Their operation exploits geographic locations and QoS performance of the neighbor nodes and implements a localized hop-by-hop routing. Moreover, the protocol ensures (almost) a homogeneous energy dissipation rate for all routing nodes in the network through a multiobjective Lexicographic Optimization-based geographic forwarding. We have performed extensive simulations of the proposed protocol, and the results show that DMQoS has significant performance improvements over several state-of-the-art approaches.

  19. Secure SCADA communication by using a modified key management scheme.

    PubMed

    Rezai, Abdalhossein; Keshavarzi, Parviz; Moravej, Zahra

    2013-07-01

    This paper presents and evaluates a new cryptographic key management scheme which increases the efficiency and security of the Supervisory Control And Data Acquisition (SCADA) communication. In the proposed key management scheme, two key update phases are used: session key update and master key update. In the session key update phase, session keys are generated in the master station. In the master key update phase, the Elliptic Curve Diffie-Hellman (ECDH) protocol is used. The Poisson process is also used to model the Security Index (SI) and Quality of Service (QoS). Our analysis shows that the proposed key management not only supports the required speed in the MODBUS implementation but also has several advantages compared to other key management schemes for secure communication in SCADA networks. Copyright © 2013 ISA. Published by Elsevier Ltd. All rights reserved.

  20. A Secure and Efficient Handover Authentication Protocol for Wireless Networks

    PubMed Central

    Wang, Weijia; Hu, Lei

    2014-01-01

    Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an efficient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable efficiency features of PairHand, but enjoys the provable security in the random oracle model. PMID:24971471

  1. Multi-party quantum key agreement protocol secure against collusion attacks

    NASA Astrophysics Data System (ADS)

    Wang, Ping; Sun, Zhiwei; Sun, Xiaoqiang

    2017-07-01

    The fairness of a secure multi-party quantum key agreement (MQKA) protocol requires that all involved parties are entirely peer entities and can equally influence the outcome of the protocol to establish a shared key wherein no one can decide the shared key alone. However, it is found that parts of the existing MQKA protocols are sensitive to collusion attacks, i.e., some of the dishonest participants can collaborate to predetermine the final key without being detected. In this paper, a multi-party QKA protocol resisting collusion attacks is proposed. Different from previous QKA protocol resisting N-1 coconspirators or resisting 1 coconspirators, we investigate the general circle-type MQKA protocol which can be secure against t dishonest participants' cooperation. Here, t < N. We hope the results of the presented paper will be helpful for further research on fair MQKA protocols.

  2. Security of Y-00 and Similar Quantum Cryptographic Protocols

    DTIC Science & Technology

    2004-11-16

    security of Y-00 type protocols is clarified. Key words: Quantum cryptography PACS: 03.67.Dd Anew approach to quantum cryptog- raphy called KCQ, ( keyed ...classical- noise key generation [2] or the well known BB84 quantum protocol [3]. A special case called αη (or Y-00 in Japan) has been experimentally in... quantum noise for typical op- erating parameters. It weakens both the data and key security , possibly information-theoretically and cer- tainly

  3. Security of modified Ping-Pong protocol in noisy and lossy channel

    PubMed Central

    Han, Yun-Guang; Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Wang, Shuang; Guo, Guang-Can; Han, Zheng-Fu

    2014-01-01

    The “Ping-Pong” (PP) protocol is a two-way quantum key protocol based on entanglement. In this protocol, Bob prepares one maximally entangled pair of qubits, and sends one qubit to Alice. Then, Alice performs some necessary operations on this qubit and sends it back to Bob. Although this protocol was proposed in 2002, its security in the noisy and lossy channel has not been proven. In this report, we add a simple and experimentally feasible modification to the original PP protocol, and prove the security of this modified PP protocol against collective attacks when the noisy and lossy channel is taken into account. Simulation results show that our protocol is practical. PMID:24816899

  4. Security of modified Ping-Pong protocol in noisy and lossy channel.

    PubMed

    Han, Yun-Guang; Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Wang, Shuang; Guo, Guang-Can; Han, Zheng-Fu

    2014-05-12

    The "Ping-Pong" (PP) protocol is a two-way quantum key protocol based on entanglement. In this protocol, Bob prepares one maximally entangled pair of qubits, and sends one qubit to Alice. Then, Alice performs some necessary operations on this qubit and sends it back to Bob. Although this protocol was proposed in 2002, its security in the noisy and lossy channel has not been proven. In this report, we add a simple and experimentally feasible modification to the original PP protocol, and prove the security of this modified PP protocol against collective attacks when the noisy and lossy channel is taken into account. Simulation results show that our protocol is practical.

  5. Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

    NASA Astrophysics Data System (ADS)

    Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

    2017-12-01

    Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

  6. Simple protocols for oblivious transfer and secure identification in the noisy-quantum-storage model

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Schaffner, Christian

    2010-09-15

    We present simple protocols for oblivious transfer and password-based identification which are secure against general attacks in the noisy-quantum-storage model as defined in R. Koenig, S. Wehner, and J. Wullschleger [e-print arXiv:0906.1030]. We argue that a technical tool from Koenig et al. suffices to prove security of the known protocols. Whereas the more involved protocol for oblivious transfer from Koenig et al. requires less noise in storage to achieve security, our ''canonical'' protocols have the advantage of being simpler to implement and the security error is easier control. Therefore, our protocols yield higher OT rates for many realistic noise parameters.more » Furthermore, a proof of security of a direct protocol for password-based identification against general noisy-quantum-storage attacks is given.« less

  7. A Secured Authentication Protocol for SIP Using Elliptic Curves Cryptography

    NASA Astrophysics Data System (ADS)

    Chen, Tien-Ho; Yeh, Hsiu-Lien; Liu, Pin-Chuan; Hsiang, Han-Chen; Shih, Wei-Kuan

    Session initiation protocol (SIP) is a technology regularly performed in Internet Telephony, and Hyper Text Transport Protocol (HTTP) as digest authentication is one of the major methods for SIP authentication mechanism. In 2005, Yang et al. pointed out that HTTP could not resist server spoofing attack and off-line guessing attack and proposed a secret authentication with Diffie-Hellman concept. In 2009, Tsai proposed a nonce based authentication protocol for SIP. In this paper, we demonstrate that their protocol could not resist the password guessing attack and insider attack. Furthermore, we propose an ECC-based authentication mechanism to solve their issues and present security analysis of our protocol to show that ours is suitable for applications with higher security requirement.

  8. A secure RFID mutual authentication protocol for healthcare environments using elliptic curve cryptography.

    PubMed

    Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Zhao, Jining

    2015-03-01

    Radio Frequency Identification(RFID) is an automatic identification technology, which can be widely used in healthcare environments to locate and track staff, equipment and patients. However, potential security and privacy problems in RFID system remain a challenge. In this paper, we design a mutual authentication protocol for RFID based on elliptic curve cryptography(ECC). We use pre-computing method within tag's communication, so that our protocol can get better efficiency. In terms of security, our protocol can achieve confidentiality, unforgeability, mutual authentication, tag's anonymity, availability and forward security. Our protocol also can overcome the weakness in the existing protocols. Therefore, our protocol is suitable for healthcare environments.

  9. Protecting Privacy and Securing the Gathering of Location Proofs - The Secure Location Verification Proof Gathering Protocol

    NASA Astrophysics Data System (ADS)

    Graham, Michelle; Gray, David

    As wireless networks become increasingly ubiquitous, the demand for a method of locating a device has increased dramatically. Location Based Services are now commonplace but there are few methods of verifying or guaranteeing a location provided by a user without some specialised hardware, especially in larger scale networks. We propose a system for the verification of location claims, using proof gathered from neighbouring devices. In this paper we introduce a protocol to protect this proof gathering process, protecting the privacy of all involved parties and securing it from intruders and malicious claiming devices. We present the protocol in stages, extending the security of this protocol to allow for flexibility within its application. The Secure Location Verification Proof Gathering Protocol (SLVPGP) has been designed to function within the area of Vehicular Networks, although its application could be extended to any device with wireless & cryptographic capabilities.

  10. A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem.

    PubMed

    Zhao, Zhenguo

    2014-05-01

    With the fast advancement of the wireless communication technology and the widespread use of medical systems, the radio frequency identification (RFID) technology has been widely used in healthcare environments. As the first important protocol for ensuring secure communication in healthcare environment, the RFID authentication protocols derive more and more attentions. Most of RFID authentication protocols are based on hash function or symmetric cryptography. To get more security properties, elliptic curve cryptosystem (ECC) has been used in the design of RFID authentication protocol. Recently, Liao and Hsiao proposed a new RFID authentication protocol using ECC and claimed their protocol could withstand various attacks. In this paper, we will show that their protocol suffers from the key compromise problem, i.e. an adversary could get the private key stored in the tag. To enhance the security, we propose a new RFID authentication protocol using ECC. Detailed analysis shows the proposed protocol not only could overcome weaknesses in Liao and Hsiao's protocol but also has the same performance. Therefore, it is more suitable for healthcare environments.

  11. QoS for Real Time Applications over Next Generation Data Networks

    NASA Technical Reports Server (NTRS)

    Ivancic, William; Atiquzzaman, Mohammed; Bai, Haowei; Su, Hongjun; Chitri, Jyotsna; Ahamed, Faruque

    2001-01-01

    Viewgraphs on Qualtity of Service (QOS) for real time applications over next generation data networks are presented. The progress to date include: Task 1: QoS in Integrated Services over DiffServ networks (UD); Task 2: Interconnecting ATN with the next generation Internet (UD); Task 3: QoS in DiffServ over ATM (UD); Task 4: Improving Explicit Congestion Notification with the Mark-Front Strategy (OSU); Task 5: Multiplexing VBR over VBR (OSU); and Task 6: Achieving QoS for TCP traffic in Satellite Networks with Differentiated Services (OSU).

  12. Proposal of Secure VoIP System Using Attribute Certificate

    NASA Astrophysics Data System (ADS)

    Kim, Jin-Mook; Jeong, Young-Ae; Hong, Seong-Sik

    VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

  13. SPAR: a security- and power-aware routing protocol for wireless ad hoc and sensor networks

    NASA Astrophysics Data System (ADS)

    Oberoi, Vikram; Chigan, Chunxiao

    2005-05-01

    Wireless Ad Hoc and Sensor Networks (WAHSNs) are vulnerable to extensive attacks as well as severe resource constraints. To fulfill the security needs, many security enhancements have been proposed. Like wise, from resource constraint perspective, many power aware schemes have been proposed to save the battery power. However, we observe that for the severely resource limited and extremely vulnerable WAHSNs, taking security or power (or any other resource) alone into consideration for protocol design is rather inadequate toward the truly "secure-and-useful" WAHSNs. For example, from resource constraint perspective, we identify one of the potential problems, the Security-Capable-Congestion (SCC) behavior, for the WAHSNs routing protocols where only the security are concerned. On the other hand, the design approach where only scarce resource is concerned, such as many power-aware WAHSNs protocols, leaves security unconsidered and is undesirable to many WAHSNs application scenarios. Motivated by these observations, we propose a co-design approach, where both the high security and effective resource consumption are targeted for WAHSNs protocol design. Specifically, we propose a novel routing protocol, Security- and Power- Aware Routing (SPAR) protocol based on this co-design approach. In SPAR, the routing decisions are made based on both security and power as routing criteria. The idea of the SPAR mechanism is routing protocol independent and therefore can be broadly integrated into any of the existing WAHSNs routing protocols. The simulation results show that SPAR outperforms the WAHSNs routing protocols where security or power alone is considered, significantly. This research finding demonstrates the proposed security- and resource- aware co-design approach is promising towards the truly "secure-and-useful" WAHSNs.

  14. A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

    PubMed

    Amin, Ruhul; Biswas, G P

    2015-08-01

    Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

  15. Digital Photograph Security: What Plastic Surgeons Need to Know.

    PubMed

    Thomas, Virginia A; Rugeley, Patricia B; Lau, Frank H

    2015-11-01

    Sharing and storing digital patient photographs occur daily in plastic surgery. Two major risks associated with the practice, data theft and Health Insurance Portability and Accountability Act (HIPAA) violations, have been dramatically amplified by high-speed data connections and digital camera ubiquity. The authors review what plastic surgeons need to know to mitigate those risks and provide recommendations for implementing an ideal, HIPAA-compliant solution for plastic surgeons' digital photography needs: smartphones and cloud storage. Through informal discussions with plastic surgeons, the authors identified the most common photograph sharing and storage methods. For each method, a literature search was performed to identify the risks of data theft and HIPAA violations. HIPAA violation risks were confirmed by the second author (P.B.R.), a compliance liaison and privacy officer. A comprehensive review of HIPAA-compliant cloud storage services was performed. When possible, informal interviews with cloud storage services representatives were conducted. The most common sharing and storage methods are not HIPAA compliant, and several are prone to data theft. The authors' review of cloud storage services identified six HIPAA-compliant vendors that have strong to excellent security protocols and policies. These options are reasonably priced. Digital photography and technological advances offer major benefits to plastic surgeons but are not without risks. A proper understanding of data security and HIPAA regulations needs to be applied to these technologies to safely capture their benefits. Cloud storage services offer efficient photograph sharing and storage with layers of security to ensure HIPAA compliance and mitigate data theft risk.

  16. Compliant flooring to prevent fall-related injuries: a scoping review protocol

    PubMed Central

    Lachance, Chantelle C; Jurkowski, Michal P; Dymarz, Ania C; Mackey, Dawn C

    2016-01-01

    Introduction Fall-related injuries can have serious consequences for older adults, including increased risk of dependence in daily activities and mortality. Compliant flooring is a passive intervention that may reduce the incidence and severity of fall-related injuries in healthcare settings, including acute and long-term care, but few sites have implemented compliant flooring, in part because synthesised evidence about key performance aspects has not been available. Methods and analysis We will conduct a scoping review to address the question: what is presented about the biomechanical efficacy, clinical effectiveness, cost-effectiveness, and workplace safety associated with compliant flooring systems that aim to prevent fall-related injuries? We will conduct a comprehensive and systematic literature search of academic databases (AgeLine, CINAHL, EBM Reviews, MEDLINE (Ovid), SportDiscus and Web of Science) and grey literature (clinical trial registries, theses/dissertations, abstracts/conference proceedings and relevant websites). 2 team members will independently screen records (first titles and abstracts, then full text) and extract data from included records. Numerical and narrative analyses will be presented by theme (biomechanical efficacy, clinical effectiveness, cost-effectiveness, workplace safety). Ethics and dissemination This scoping review responds to the information needs of healthcare decision-makers tasked with preventing fall-related injuries. This review will summarise evidence about compliant flooring as a potential intervention for preventing fall-related injuries in older adults and identify gaps in evidence and new avenues for research. Results will be especially useful in long-term care, but also applicable in acute care, assisted living and home care. We will disseminate the review's findings via open-access publications, conference presentations, a webinar, a Stakeholder Symposium and a Knowledge-to-Action Report. PMID:27531731

  17. Security proof of a three-state quantum-key-distribution protocol without rotational symmetry

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Fung, C.-H.F.; Lo, H.-K.

    2006-10-15

    Standard security proofs of quantum-key-distribution (QKD) protocols often rely on symmetry arguments. In this paper, we prove the security of a three-state protocol that does not possess rotational symmetry. The three-state QKD protocol we consider involves three qubit states, where the first two states |0{sub z}> and |1{sub z}> can contribute to key generation, and the third state |+>=(|0{sub z}>+|1{sub z}>)/{radical}(2) is for channel estimation. This protocol has been proposed and implemented experimentally in some frequency-based QKD systems where the three states can be prepared easily. Thus, by founding on the security of this three-state protocol, we prove that thesemore » QKD schemes are, in fact, unconditionally secure against any attacks allowed by quantum mechanics. The main task in our proof is to upper bound the phase error rate of the qubits given the bit error rates observed. Unconditional security can then be proved not only for the ideal case of a single-photon source and perfect detectors, but also for the realistic case of a phase-randomized weak coherent light source and imperfect threshold detectors. Our result in the phase error rate upper bound is independent of the loss in the channel. Also, we compare the three-state protocol with the Bennett-Brassard 1984 (BB84) protocol. For the single-photon source case, our result proves that the BB84 protocol strictly tolerates a higher quantum bit error rate than the three-state protocol, while for the coherent-source case, the BB84 protocol achieves a higher key generation rate and secure distance than the three-state protocol when a decoy-state method is used.« less

  18. iQOS: evidence of pyrolysis and release of a toxicant from plastic.

    PubMed

    Davis, Barbara; Williams, Monique; Talbot, Prue

    2018-03-13

    To evaluate performance of the I quit original smoking (iQOS) heat-not-burn system as a function of cleaning and puffing topography, investigate the validity of manufacturer's claims that this device does not burn tobacco and determine if the polymer-film filter is potentially harmful. iQOS performance was evaluated using five running conditions incorporating two different cleaning protocols. Heatsticks were visually and stereomicroscopically inspected preuse and postuse to determine the extent of tobacco plug charring (from pyrolysis) and polymer-film filter melting, and to elucidate the effects of cleaning on charring. Gas chromatography-mass spectrometry headspace analysis was conducted on unused polymer-film filters to determine if potentially toxic chemicals are emitted from the filter during heating. For all testing protocols, pressure drop decreased as puff number increased. Changes in testing protocols did not affect aerosol density. Charring due to pyrolysis (a form of organic matter thermochemical decomposition) was observed in the tobacco plug after use. When the manufacturer's cleaning instructions were followed, both charring of the tobacco plug and melting of the polymer-film filter increased. Headspace analysis of the polymer-film filter revealed the release of formaldehyde cyanohydrin at 90°C, which is well below the maximum temperature reached during normal usage. Device usage limitations may contribute to decreases in interpuff intervals, potentially increasing user's intake of nicotine and other harmful chemicals. This study found that the tobacco plug does char and that charring increases when the device is not cleaned between heatsticks. Release of formaldehyde cyanohydrin is a concern as it is highly toxic at very low concentrations. © Article author(s) (or their employer(s) unless otherwise stated in the text of the article) 2018. All rights reserved. No commercial use is permitted unless otherwise expressly granted.

  19. QoS-aware integrated fiber-wireless standard compliant architecture based on XGPON and EDCA

    NASA Astrophysics Data System (ADS)

    Kaur, Ravneet; Srivastava, Anand

    2018-01-01

    Converged Fiber-Wireless (FiWi) broadband access network proves to be a promising candidate that is reliable, robust, cost efficient, ubiquitous and capable of providing huge amount of bandwidth. To meet the ever-increasing bandwidth requirements, it has become very crucial to investigate the performance issues that arise with the deployment of next-generation Passive Optical Network (PON) and its integration with various wireless technologies. Apart from providing high speed internet access for mass use, this combined architecture aims to enable delivery of high quality and effective e-services in different categories including health, education, finance, banking, agriculture and e-government. In this work, we present an integrated architecture of 10-Gigabit-capable PON (XG-PON) and Enhanced Distributed Channel Access (EDCA) that combines the benefits of both technologies to meet the QoS demands of subscribers. Performance evaluation of the standards-compliant hybrid network is done using discrete-event Network Simulator-3 (NS-3) and results are reported in terms of throughput, average delay, average packet loss rate and fairness index. Per-class throughput signifies effectiveness of QoS distribution whereas aggregate throughput indicates effective utilization of wireless channel. This work has not been reported so far to the best of our knowledge.

  20. Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

    PubMed Central

    Choi, Younsung; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Nam, Junghyun; Won, Dongho

    2014-01-01

    Wireless sensor networks (WSNs) consist of sensors, gateways and users. Sensors are widely distributed to monitor various conditions, such as temperature, sound, speed and pressure but they have limited computational ability and energy. To reduce the resource use of sensors and enhance the security of WSNs, various user authentication protocols have been proposed. In 2011, Yeh et al. first proposed a user authentication protocol based on elliptic curve cryptography (ECC) for WSNs. However, it turned out that Yeh et al.'s protocol does not provide mutual authentication, perfect forward secrecy, and key agreement between the user and sensor. Later in 2013, Shi et al. proposed a new user authentication protocol that improves both security and efficiency of Yeh et al.'s protocol. However, Shi et al.'s improvement introduces other security weaknesses. In this paper, we show that Shi et al.'s improved protocol is vulnerable to session key attack, stolen smart card attack, and sensor energy exhausting attack. In addition, we propose a new, security-enhanced user authentication protocol using ECC for WSNs. PMID:24919012

  1. Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography.

    PubMed

    Choi, Younsung; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Nam, Junghyun; Won, Dongho

    2014-06-10

    Wireless sensor networks (WSNs) consist of sensors, gateways and users. Sensors are widely distributed to monitor various conditions, such as temperature, sound, speed and pressure but they have limited computational ability and energy. To reduce the resource use of sensors and enhance the security of WSNs, various user authentication protocols have been proposed. In 2011, Yeh et al. first proposed a user authentication protocol based on elliptic curve cryptography (ECC) for WSNs. However, it turned out that Yeh et al.'s protocol does not provide mutual authentication, perfect forward secrecy, and key agreement between the user and sensor. Later in 2013, Shi et al. proposed a new user authentication protocol that improves both security and efficiency of Yeh et al.'s protocol. However, Shi et al.'s improvement introduces other security weaknesses. In this paper, we show that Shi et al.'s improved protocol is vulnerable to session key attack, stolen smart card attack, and sensor energy exhausting attack. In addition, we propose a new, security-enhanced user authentication protocol using ECC for WSNs.

  2. VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance

    PubMed Central

    Watzlaf, Valerie J.M.; Moeini, Sohrab; Firouzan, Patti

    2010-01-01

    Voice over the Internet Protocol (VoIP) systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR) therapy that can provide voice and video teleconferencing between patients and therapists. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR. PMID:25945172

  3. VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance.

    PubMed

    Watzlaf, Valerie J M; Moeini, Sohrab; Firouzan, Patti

    2010-01-01

    Voice over the Internet Protocol (VoIP) systems such as Adobe ConnectNow, Skype, ooVoo, etc. may include the use of software applications for telerehabilitation (TR) therapy that can provide voice and video teleconferencing between patients and therapists. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by information technologists, providers of care and other health care entities. This paper develops a privacy and security checklist that can be used within a VoIP system to determine if it meets privacy and security procedures and whether it is HIPAA compliant. Based on this analysis, specific HIPAA criteria that therapists and health care facilities should follow are outlined and discussed, and therapists must weigh the risks and benefits when deciding to use VoIP software for TR.

  4. A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System.

    PubMed

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2015-08-01

    Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to reduce malpractices and ensure patient privacy, in 2015, Srivastava et al. proposed a hash based RFID tag authentication protocol in TMIS. Their protocol uses lightweight hash operation and synchronized secret value shared between back-end server and tag, which is more secure and efficient than other related RFID authentication protocols. Unfortunately, in this paper, we demonstrate that Srivastava et al.'s tag authentication protocol has a serious security problem in that an adversary may use the stolen/lost reader to connect to the medical back-end server that store information associated with tagged objects and this privacy damage causing the adversary could reveal medical data obtained from stolen/lost readers in a malicious way. Therefore, we propose a secure and efficient RFID tag authentication protocol to overcome security flaws and improve the system efficiency. Compared with Srivastava et al.'s protocol, the proposed protocol not only inherits the advantages of Srivastava et al.'s authentication protocol for TMIS but also provides better security with high system efficiency.

  5. Compliant flooring to prevent fall-related injuries: a scoping review protocol.

    PubMed

    Lachance, Chantelle C; Jurkowski, Michal P; Dymarz, Ania C; Mackey, Dawn C

    2016-08-16

    Fall-related injuries can have serious consequences for older adults, including increased risk of dependence in daily activities and mortality. Compliant flooring is a passive intervention that may reduce the incidence and severity of fall-related injuries in healthcare settings, including acute and long-term care, but few sites have implemented compliant flooring, in part because synthesised evidence about key performance aspects has not been available. We will conduct a scoping review to address the question: what is presented about the biomechanical efficacy, clinical effectiveness, cost-effectiveness, and workplace safety associated with compliant flooring systems that aim to prevent fall-related injuries? We will conduct a comprehensive and systematic literature search of academic databases (AgeLine, CINAHL, EBM Reviews, MEDLINE (Ovid), SportDiscus and Web of Science) and grey literature (clinical trial registries, theses/dissertations, abstracts/conference proceedings and relevant websites). 2 team members will independently screen records (first titles and abstracts, then full text) and extract data from included records. Numerical and narrative analyses will be presented by theme (biomechanical efficacy, clinical effectiveness, cost-effectiveness, workplace safety). This scoping review responds to the information needs of healthcare decision-makers tasked with preventing fall-related injuries. This review will summarise evidence about compliant flooring as a potential intervention for preventing fall-related injuries in older adults and identify gaps in evidence and new avenues for research. Results will be especially useful in long-term care, but also applicable in acute care, assisted living and home care. We will disseminate the review's findings via open-access publications, conference presentations, a webinar, a Stakeholder Symposium and a Knowledge-to-Action Report. Published by the BMJ Publishing Group Limited. For permission to use (where not

  6. Impersonation attack on a quantum secure direct communication and authentication protocol with improvement

    NASA Astrophysics Data System (ADS)

    Amerimehr, Ali; Hadain Dehkordi, Massoud

    2018-03-01

    We analyze the security of a quantum secure direct communication and authentication protocol based on single photons. We first give an impersonation attack on the protocol. The cryptanalysis shows that there is a gap in the authentication procedure of the protocol so that an opponent can reveal the secret information by an undetectable attempt. We then propose an improvement for the protocol and show it closes the gap by applying a mutual authentication procedure. In the improved protocol single photons are transmitted once in a session, so it is easy to implement as the primary protocol. Furthermore, we use a novel technique for secret order rearrangement of photons by which not only quantum storage is eliminated also a secret key can be reused securely. So the new protocol is applicable in practical approaches like embedded system devices.

  7. Security of the arbitrated quantum signature protocols revisited

    NASA Astrophysics Data System (ADS)

    Kejia, Zhang; Dan, Li; Qi, Su

    2014-01-01

    Recently, much attention has been paid to the study of arbitrated quantum signature (AQS). Among these studies, the cryptanalysis of some AQS protocols and a series of improved ideas have been proposed. Compared with the previous analysis, we present a security criterion, which can judge whether an AQS protocol is able to prevent the receiver (i.e. one participant in the signature protocol) from forging a legal signature. According to our results, it can be seen that most AQS protocols which are based on the Zeng and Keitel (ZK) model are susceptible to a forgery attack. Furthermore, we present an improved idea of the ZK protocol. Finally, some supplement discussions and several interesting topics are provided.

  8. Probabilistic QoS Analysis In Wireless Sensor Networks

    DTIC Science & Technology

    2012-04-01

    and A.O. Fapojuwo. TDMA scheduling with optimized energy efficiency and minimum delay in clustered wireless sensor networks . IEEE Trans. on Mobile...Research Computer Science and Engineering, Department of 5-1-2012 Probabilistic QoS Analysis in Wireless Sensor Networks Yunbo Wang University of...Wang, Yunbo, "Probabilistic QoS Analysis in Wireless Sensor Networks " (2012). Computer Science and Engineering: Theses, Dissertations, and Student

  9. An implementation of a security infrastructure compliant with the Italian Personal Data Protection Code in a web-based cooperative work system.

    PubMed

    Eccher, Claudio; Eccher, Lorenzo; Izzo, Umberto

    2005-01-01

    In this poster we describe the security solutions implemented in a web-based cooperative work frame-work for managing heart failure patients among different health care professionals involved in the care process. The solution, developed in close collaboration with the Law Department of the University of Trento, is compliant with the new Italian Personal Data Protection Code, issued in 2003, that regulates also the storing and processing of health data.

  10. Secure satellite communication using multi-photon tolerant quantum communication protocol

    NASA Astrophysics Data System (ADS)

    Darunkar, Bhagyashri; Punekar, Nikhil; Verma, Pramode K.

    2015-09-01

    This paper proposes and analyzes the potential of a multi-photon tolerant quantum communication protocol to secure satellite communication. For securing satellite communication, quantum cryptography is the only known unconditionally secure method. A number of recent experiments have shown feasibility of satellite-aided global quantum key distribution (QKD) using different methods such as: Use of entangled photon pairs, decoy state methods, and entanglement swapping. The use of single photon in these methods restricts the distance and speed over which quantum cryptography can be applied. Contemporary quantum cryptography protocols like the BB84 and its variants suffer from the limitation of reaching the distances of only Low Earth Orbit (LEO) at the data rates of few kilobits per second. This makes it impossible to develop a general satellite-based secure global communication network using the existing protocols. The method proposed in this paper allows secure communication at the heights of the Medium Earth Orbit (MEO) and Geosynchronous Earth Orbit (GEO) satellites. The benefits of the proposed method are two-fold: First it enables the realization of a secure global communication network based on satellites and second it provides unconditional security for satellite networks at GEO heights. The multi-photon approach discussed in this paper ameliorates the distance and speed issues associated with quantum cryptography through the use of contemporary laser communication (lasercom) devices. This approach can be seen as a step ahead towards global quantum communication.

  11. Security analysis of standards-driven communication protocols for healthcare scenarios.

    PubMed

    Masi, Massimiliano; Pugliese, Rosario; Tiezzi, Francesco

    2012-12-01

    The importance of the Electronic Health Record (EHR), that stores all healthcare-related data belonging to a patient, has been recognised in recent years by governments, institutions and industry. Initiatives like the Integrating the Healthcare Enterprise (IHE) have been developed for the definition of standard methodologies for secure and interoperable EHR exchanges among clinics and hospitals. Using the requisites specified by these initiatives, many large scale projects have been set up for enabling healthcare professionals to handle patients' EHRs. The success of applications developed in these contexts crucially depends on ensuring such security properties as confidentiality, authentication, and authorization. In this paper, we first propose a communication protocol, based on the IHE specifications, for authenticating healthcare professionals and assuring patients' safety. By means of a formal analysis carried out by using the specification language COWS and the model checker CMC, we reveal a security flaw in the protocol thus demonstrating that to simply adopt the international standards does not guarantee the absence of such type of flaws. We then propose how to emend the IHE specifications and modify the protocol accordingly. Finally, we show how to tailor our protocol for application to more critical scenarios with no assumptions on the communication channels. To demonstrate feasibility and effectiveness of our protocols we have fully implemented them.

  12. On the security of a simple three-party key exchange protocol without server's public keys.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Park, Minkyu; Paik, Juryon; Won, Dongho

    2014-01-01

    Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

  13. On the Security of a Simple Three-Party Key Exchange Protocol without Server's Public Keys

    PubMed Central

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Park, Minkyu; Paik, Juryon; Won, Dongho

    2014-01-01

    Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol. PMID:25258723

  14. Compliant cantilevered micromold

    DOEpatents

    Morales, Alfredo Martin [Pleasanton, CA; Domeier, Linda A [Danville, CA; Gonzales, Marcela G [Seattle, WA; Keifer, Patrick N [Livermore, CA; Garino, Terry Joseph [Albuquerque, NM

    2006-08-15

    A compliant cantilevered three-dimensional micromold is provided. The compliant cantilevered micromold is suitable for use in the replication of cantilevered microparts and greatly simplifies the replication of such cantilevered parts. The compliant cantilevered micromold may be used to fabricate microparts using casting or electroforming techniques. When the compliant micromold is used to fabricate electroformed cantilevered parts, the micromold will also comprise an electrically conducting base formed by a porous metal substrate that is embedded within the compliant cantilevered micromold. Methods for fabricating the compliant cantilevered micromold as well as methods of replicating cantilevered microparts using the compliant cantilevered micromold are also provided.

  15. A QoS adaptive multimedia transport system: design, implementation and experiences

    NASA Astrophysics Data System (ADS)

    Campbell, Andrew; Coulson, Geoff

    1997-03-01

    The long awaited `new environment' of high speed broadband networks and multimedia applications is fast becoming a reality. However, few systems in existence today, whether they be large scale pilots or small scale test-beds in research laboratories, offer a fully integrated and flexible environment where multimedia applications can maximally exploit the quality of service (QoS) capabilities of supporting networks and end-systems. In this paper we describe the implementation of an adaptive transport system that incorporates a QoS oriented API and a range of mechanisms to assist applications in exploiting QoS and adapting to fluctuations in QoS. The system, which is an instantiation of the Lancaster QoS Architecture, is implemented in a multi ATM switch network environment with Linux based PC end systems and continuous media file servers. A performance evaluation of the system configured to support video-on-demand application scenario is presented and discussed. Emphasis is placed on novel features of the system and on their integration into a complete prototype. The most prominent novelty of our design is a `distributed QoS adaptation' scheme which allows applications to delegate to the system responsibility for augmenting and reducing the perceptual quality of video and audio flows when resource availability increases or decreases.

  16. A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks.

    PubMed

    Baig, Ahmed Fraz; Hassan, Khwaja Mansoor Ul; Ghani, Anwar; Chaudhry, Shehzad Ashraf; Khan, Imran; Ashraf, Muhammad Usman

    2018-01-01

    Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.'s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols.

  17. A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks

    PubMed Central

    2018-01-01

    Global Mobility Networks(GLOMONETs) in wireless communication permits the global roaming services that enable a user to leverage the mobile services in any foreign country. Technological growth in wireless communication is also accompanied by new security threats and challenges. A threat-proof authentication protocol in wireless communication may overcome the security flaws by allowing only legitimate users to access a particular service. Recently, Lee et al. found Mun et al. scheme vulnerable to different attacks and proposed an advanced secure scheme to overcome the security flaws. However, this article points out that Lee et al. scheme lacks user anonymity, inefficient user authentication, vulnerable to replay and DoS attacks and Lack of local password verification. Furthermore, this article presents a more robust anonymous authentication scheme to handle the threats and challenges found in Lee et al.’s protocol. The proposed protocol is formally verified with an automated tool(ProVerif). The proposed protocol has superior efficiency in comparison to the existing protocols. PMID:29702675

  18. Seamless interworking architecture for WBAN in heterogeneous wireless networks with QoS guarantees.

    PubMed

    Khan, Pervez; Ullah, Niamat; Ullah, Sana; Kwak, Kyung Sup

    2011-10-01

    The IEEE 802.15.6 standard is a communication standard optimized for low-power and short-range in-body/on-body nodes to serve a variety of medical, consumer electronics and entertainment applications. Providing high mobility with guaranteed Quality of Service (QoS) to a WBAN user in heterogeneous wireless networks is a challenging task. A WBAN uses a Personal Digital Assistant (PDA) to gather data from body sensors and forwards it to a remote server through wide range wireless networks. In this paper, we present a coexistence study of WBAN with Wireless Local Area Networks (WLAN) and Wireless Wide Area Networks (WWANs). The main issue is interworking of WBAN in heterogenous wireless networks including seamless handover, QoS, emergency services, cooperation and security. We propose a Seamless Interworking Architecture (SIA) for WBAN in heterogenous wireless networks based on a cost function. The cost function is based on power consumption and data throughput costs. Our simulation results show that the proposed scheme outperforms typical approaches in terms of throughput, delay and packet loss rate.

  19. Fairness of QoS supporting in optical burst switching

    NASA Astrophysics Data System (ADS)

    Xuan, Xuelei; Liu, Hua; Chen, Chunfeng; Zhang, Zhizhong

    2004-04-01

    In this paper we investigate the fairness problem of offset-time-based quality of service (QoS) scheme proposed by Qiao and Dixit in optical burst switching (OBS) networks. In the proposed schemes, QoS relies on the fact that the requests for reservation further into the future, but for practical, benchmark offset-time of data bursts at the intermediate nodes is not equal to each other. Here, a new offset-time-based QoS scheme is introduced, where data bursts are classified according to their offset-time and isolated in the wavelength domain or time domain to achieve the parallel reservation. Through simulation, it is found that this scheme achieves fairness among data bursts with different priority.

  20. Two RFID standard-based security protocols for healthcare environments.

    PubMed

    Picazo-Sanchez, Pablo; Bagheri, Nasour; Peris-Lopez, Pedro; Tapiador, Juan E

    2013-10-01

    Radio Frequency Identification (RFID) systems are widely used in access control, transportation, real-time inventory and asset management, automated payment systems, etc. Nevertheless, the use of this technology is almost unexplored in healthcare environments, where potential applications include patient monitoring, asset traceability and drug administration systems, to mention just a few. RFID technology can offer more intelligent systems and applications, but privacy and security issues have to be addressed before its adoption. This is even more dramatical in healthcare applications where very sensitive information is at stake and patient safety is paramount. In Wu et al. (J. Med. Syst. 37:19, 43) recently proposed a new RFID authentication protocol for healthcare environments. In this paper we show that this protocol puts location privacy of tag holders at risk, which is a matter of gravest concern and ruins the security of this proposal. To facilitate the implementation of secure RFID-based solutions in the medical sector, we suggest two new applications (authentication and secure messaging) and propose solutions that, in contrast to previous proposals in this field, are fully based on ISO Standards and NIST Security Recommendations.

  1. A Source Anonymity-Based Lightweight Secure AODV Protocol for Fog-Based MANET

    PubMed Central

    Fang, Weidong; Zhang, Wuxiong; Xiao, Jinchao; Yang, Yang; Chen, Wei

    2017-01-01

    Fog-based MANET (Mobile Ad hoc networks) is a novel paradigm of a mobile ad hoc network with the advantages of both mobility and fog computing. Meanwhile, as traditional routing protocol, ad hoc on-demand distance vector (AODV) routing protocol has been applied widely in fog-based MANET. Currently, how to improve the transmission performance and enhance security are the two major aspects in AODV’s research field. However, the researches on joint energy efficiency and security seem to be seldom considered. In this paper, we propose a source anonymity-based lightweight secure AODV (SAL-SAODV) routing protocol to meet the above requirements. In SAL-SAODV protocol, source anonymous and secure transmitting schemes are proposed and applied. The scheme involves the following three parts: the source anonymity algorithm is employed to achieve the source node, without being tracked and located; the improved secure scheme based on the polynomial of CRC-4 is applied to substitute the RSA digital signature of SAODV and guarantee the data integrity, in addition to reducing the computation and energy consumption; the random delayed transmitting scheme (RDTM) is implemented to separate the check code and transmitted data, and achieve tamper-proof results. The simulation results show that the comprehensive performance of the proposed SAL-SAODV is a trade-off of the transmission performance, energy efficiency, and security, and better than AODV and SAODV. PMID:28629142

  2. A Source Anonymity-Based Lightweight Secure AODV Protocol for Fog-Based MANET.

    PubMed

    Fang, Weidong; Zhang, Wuxiong; Xiao, Jinchao; Yang, Yang; Chen, Wei

    2017-06-17

    Fog-based MANET (Mobile Ad hoc networks) is a novel paradigm of a mobile ad hoc network with the advantages of both mobility and fog computing. Meanwhile, as traditional routing protocol, ad hoc on-demand distance vector (AODV) routing protocol has been applied widely in fog-based MANET. Currently, how to improve the transmission performance and enhance security are the two major aspects in AODV's research field. However, the researches on joint energy efficiency and security seem to be seldom considered. In this paper, we propose a source anonymity-based lightweight secure AODV (SAL-SAODV) routing protocol to meet the above requirements. In SAL-SAODV protocol, source anonymous and secure transmitting schemes are proposed and applied. The scheme involves the following three parts: the source anonymity algorithm is employed to achieve the source node, without being tracked and located; the improved secure scheme based on the polynomial of CRC-4 is applied to substitute the RSA digital signature of SAODV and guarantee the data integrity, in addition to reducing the computation and energy consumption; the random delayed transmitting scheme (RDTM) is implemented to separate the check code and transmitted data, and achieve tamper-proof results. The simulation results show that the comprehensive performance of the proposed SAL-SAODV is a trade-off of the transmission performance, energy efficiency, and security, and better than AODV and SAODV.

  3. A QoS scheme for a congestion core network based on dissimilar QoS structures in smart-phone environments.

    PubMed

    Hong, Sung-Ryong; Na, Wonshik; Kang, Jang-Mook

    2010-01-01

    This study suggests an approach to effective transmission of multimedia content in a rapidly changing Internet environment including smart-phones. Guaranteeing QoS in networks is currently an important research topic. When transmitting Assured Forwarding (AF) packets in a Multi-DiffServ network environment, network A may assign priority in an order AF1, AF2, AF3 and AF4; on the other hand, network B may reverse the order to a priority AF4, AF3, AF2 and AF1. In this case, the AF1 packets that received the best quality of service in network A will receive the lowest in network B, which may result in dropping of packets in network B and vice versa. This study suggests a way to guarantee QoS between hosts by minimizing the loss of AF packet class when one network transmits AF class packets to another network with differing principles. It is expected that QoS guarantees and their experimental value may be utilized as principles which can be applied to various mobile-web environments based on smart-phones.

  4. A QoS Scheme for a Congestion Core Network Based on Dissimilar QoS Structures in Smart-Phone Environments

    PubMed Central

    Hong, Sung-Ryong; Na, Wonshik; Kang, Jang-Mook

    2010-01-01

    This study suggests an approach to effective transmission of multimedia content in a rapidly changing Internet environment including smart-phones. Guaranteeing QoS in networks is currently an important research topic. When transmitting Assured Forwarding (AF) packets in a Multi-DiffServ network environment, network A may assign priority in an order AF1, AF2, AF3 and AF4; on the other hand, network B may reverse the order to a priority AF4, AF3, AF2 and AF1. In this case, the AF1 packets that received the best quality of service in network A will receive the lowest in network B, which may result in dropping of packets in network B and vice versa. This study suggests a way to guarantee QoS between hosts by minimizing the loss of AF packet class when one network transmits AF class packets to another network with differing principles. It is expected that QoS guarantees and their experimental value may be utilized as principles which can be applied to various mobile-web environments based on smart-phones. PMID:22163453

  5. A secure RFID authentication protocol adopting error correction code.

    PubMed

    Chen, Chien-Ming; Chen, Shuai-Min; Zheng, Xinying; Chen, Pei-Yu; Sun, Hung-Min

    2014-01-01

    RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance.

  6. A Secure RFID Authentication Protocol Adopting Error Correction Code

    PubMed Central

    Zheng, Xinying; Chen, Pei-Yu

    2014-01-01

    RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance. PMID:24959619

  7. An Efficient and Secure Arbitrary N-Party Quantum Key Agreement Protocol Using Bell States

    NASA Astrophysics Data System (ADS)

    Liu, Wen-Jie; Xu, Yong; Yang, Ching-Nung; Gao, Pei-Pei; Yu, Wen-Bin

    2018-01-01

    Two quantum key agreement protocols using Bell states and Bell measurement were recently proposed by Shukla et al. (Quantum Inf. Process. 13(11), 2391-2405, 2014). However, Zhu et al. pointed out that there are some security flaws and proposed an improved version (Quantum Inf. Process. 14(11), 4245-4254, 2015). In this study, we will show Zhu et al.'s improvement still exists some security problems, and its efficiency is not high enough. For solving these problems, we utilize four Pauli operations { I, Z, X, Y} to encode two bits instead of the original two operations { I, X} to encode one bit, and then propose an efficient and secure arbitrary N-party quantum key agreement protocol. In the protocol, the channel checking with decoy single photons is introduced to avoid the eavesdropper's flip attack, and a post-measurement mechanism is used to prevent against the collusion attack. The security analysis shows the present protocol can guarantee the correctness, security, privacy and fairness of quantum key agreement.

  8. Integration of LDSE and LTVS logs with HIPAA compliant auditing system (HCAS)

    NASA Astrophysics Data System (ADS)

    Zhou, Zheng; Liu, Brent J.; Huang, H. K.; Guo, Bing; Documet, Jorge; King, Nelson

    2006-03-01

    The deadline of HIPAA (Health Insurance Portability and Accountability Act) Security Rules has passed on February 2005; therefore being HIPAA compliant becomes extremely critical to healthcare providers. HIPAA mandates healthcare providers to protect the privacy and integrity of the health data and have the ability to demonstrate examples of mechanisms that can be used to accomplish this task. It is also required that a healthcare institution must be able to provide audit trails on image data access on demand for a specific patient. For these reasons, we have developed a HIPAA compliant auditing system (HCAS) for image data security in a PACS by auditing every image data access. The HCAS was presented in 2005 SPIE. This year, two new components, LDSE (Lossless Digital Signature Embedding) and LTVS (Patient Location Tracking and Verification System) logs, have been added to the HCAS. The LDSE can assure medical image integrity in a PACS, while the LTVS can provide access control for a PACS by creating a security zone in the clinical environment. By integrating the LDSE and LTVS logs with the HCAS, the privacy and integrity of image data can be audited as well. Thus, a PACS with the HCAS installed can become HIPAA compliant in image data privacy and integrity, access control, and audit control.

  9. Security of a semi-quantum protocol where reflections contribute to the secret key

    NASA Astrophysics Data System (ADS)

    Krawec, Walter O.

    2016-05-01

    In this paper, we provide a proof of unconditional security for a semi-quantum key distribution protocol introduced in a previous work. This particular protocol demonstrated the possibility of using X basis states to contribute to the raw key of the two users (as opposed to using only direct measurement results) even though a semi-quantum participant cannot directly manipulate such states. In this work, we provide a complete proof of security by deriving a lower bound of the protocol's key rate in the asymptotic scenario. Using this bound, we are able to find an error threshold value such that for all error rates less than this threshold, it is guaranteed that A and B may distill a secure secret key; for error rates larger than this threshold, A and B should abort. We demonstrate that this error threshold compares favorably to several fully quantum protocols. We also comment on some interesting observations about the behavior of this protocol under certain noise scenarios.

  10. Improving security of the ping-pong protocol

    NASA Astrophysics Data System (ADS)

    Zawadzki, Piotr

    2013-01-01

    A security layer for the asymptotically secure ping-pong protocol is proposed and analyzed in the paper. The operation of the improvement exploits inevitable errors introduced by the eavesdropping in the control and message modes. Its role is similar to the privacy amplification algorithms known from the quantum key distribution schemes. Messages are processed in blocks which guarantees that an eavesdropper is faced with a computationally infeasible problem as long as the system parameters are within reasonable limits. The introduced additional information preprocessing does not require quantum memory registers and confidential communication is possible without prior key agreement or some shared secret.

  11. A QoS Framework with Traffic Request in Wireless Mesh Network

    NASA Astrophysics Data System (ADS)

    Fu, Bo; Huang, Hejiao

    In this paper, we consider major issues in ensuring greater Quality-of-Service (QoS) in Wireless Mesh Networks (WMNs), specifically with regard to reliability and delay. To this end, we use traffic request to record QoS requirements of data flows. In order to achieve required QoS for all data flows efficiently and with high portability, we develop Network State Update Algorithm. All assumptions, definitions, and algorithms are made exclusively with WMNs in mind, guaranteeing the portability of our framework to various environments in WMNs. The simulation results in proof that our framework is correct.

  12. Privacy Preserved and Secured Reliable Routing Protocol for Wireless Mesh Networks.

    PubMed

    Meganathan, Navamani Thandava; Palanichamy, Yogesh

    2015-01-01

    Privacy preservation and security provision against internal attacks in wireless mesh networks (WMNs) are more demanding than in wired networks due to the open nature and mobility of certain nodes in the network. Several schemes have been proposed to preserve privacy and provide security in WMNs. To provide complete privacy protection in WMNs, the properties of unobservability, unlinkability, and anonymity are to be ensured during route discovery. These properties can be achieved by implementing group signature and ID-based encryption schemes during route discovery. Due to the characteristics of WMNs, it is more vulnerable to many network layer attacks. Hence, a strong protection is needed to avoid these attacks and this can be achieved by introducing a new Cross-Layer and Subject Logic based Dynamic Reputation (CLSL-DR) mechanism during route discovery. In this paper, we propose a new Privacy preserved and Secured Reliable Routing (PSRR) protocol for WMNs. This protocol incorporates group signature, ID-based encryption schemes, and CLSL-DR mechanism to ensure strong privacy, security, and reliability in WMNs. Simulation results prove this by showing better performance in terms of most of the chosen parameters than the existing protocols.

  13. QOS-aware error recovery in wireless body sensor networks using adaptive network coding.

    PubMed

    Razzaque, Mohammad Abdur; Javadi, Saeideh S; Coulibaly, Yahaya; Hira, Muta Tah

    2014-12-29

    Wireless body sensor networks (WBSNs) for healthcare and medical applications are real-time and life-critical infrastructures, which require a strict guarantee of quality of service (QoS), in terms of latency, error rate and reliability. Considering the criticality of healthcare and medical applications, WBSNs need to fulfill users/applications and the corresponding network's QoS requirements. For instance, for a real-time application to support on-time data delivery, a WBSN needs to guarantee a constrained delay at the network level. A network coding-based error recovery mechanism is an emerging mechanism that can be used in these systems to support QoS at very low energy, memory and hardware cost. However, in dynamic network environments and user requirements, the original non-adaptive version of network coding fails to support some of the network and user QoS requirements. This work explores the QoS requirements of WBSNs in both perspectives of QoS. Based on these requirements, this paper proposes an adaptive network coding-based, QoS-aware error recovery mechanism for WBSNs. It utilizes network-level and user-/application-level information to make it adaptive in both contexts. Thus, it provides improved QoS support adaptively in terms of reliability, energy efficiency and delay. Simulation results show the potential of the proposed mechanism in terms of adaptability, reliability, real-time data delivery and network lifetime compared to its counterparts.

  14. On using multiple routing metrics with destination sequenced distance vector protocol for MultiHop wireless ad hoc networks

    NASA Astrophysics Data System (ADS)

    Mehic, M.; Fazio, P.; Voznak, M.; Partila, P.; Komosny, D.; Tovarek, J.; Chmelikova, Z.

    2016-05-01

    A mobile ad hoc network is a collection of mobile nodes which communicate without a fixed backbone or centralized infrastructure. Due to the frequent mobility of nodes, routes connecting two distant nodes may change. Therefore, it is not possible to establish a priori fixed paths for message delivery through the network. Because of its importance, routing is the most studied problem in mobile ad hoc networks. In addition, if the Quality of Service (QoS) is demanded, one must guarantee the QoS not only over a single hop but over an entire wireless multi-hop path which may not be a trivial task. In turns, this requires the propagation of QoS information within the network. The key to the support of QoS reporting is QoS routing, which provides path QoS information at each source. To support QoS for real-time traffic one needs to know not only minimum delay on the path to the destination but also the bandwidth available on it. Therefore, throughput, end-to-end delay, and routing overhead are traditional performance metrics used to evaluate the performance of routing protocol. To obtain additional information about the link, most of quality-link metrics are based on calculation of the lost probabilities of links by broadcasting probe packets. In this paper, we address the problem of including multiple routing metrics in existing routing packets that are broadcasted through the network. We evaluate the efficiency of such approach with modified version of DSDV routing protocols in ns-3 simulator.

  15. Towards secure quantum key distribution protocol for wireless LANs: a hybrid approach

    NASA Astrophysics Data System (ADS)

    Naik, R. Lalu; Reddy, P. Chenna

    2015-12-01

    The primary goals of security such as authentication, confidentiality, integrity and non-repudiation in communication networks can be achieved with secure key distribution. Quantum mechanisms are highly secure means of distributing secret keys as they are unconditionally secure. Quantum key distribution protocols can effectively prevent various attacks in the quantum channel, while classical cryptography is efficient in authentication and verification of secret keys. By combining both quantum cryptography and classical cryptography, security of communications over networks can be leveraged. Hwang, Lee and Li exploited the merits of both cryptographic paradigms for provably secure communications to prevent replay, man-in-the-middle, and passive attacks. In this paper, we propose a new scheme with the combination of quantum cryptography and classical cryptography for 802.11i wireless LANs. Since quantum cryptography is premature in wireless networks, our work is a significant step forward toward securing communications in wireless networks. Our scheme is known as hybrid quantum key distribution protocol. Our analytical results revealed that the proposed scheme is provably secure for wireless networks.

  16. Fuzzy Logic Control Based QoS Management in Wireless Sensor/Actuator Networks

    PubMed Central

    Xia, Feng; Zhao, Wenhong; Sun, Youxian; Tian, Yu-Chu

    2007-01-01

    Wireless sensor/actuator networks (WSANs) are emerging rapidly as a new generation of sensor networks. Despite intensive research in wireless sensor networks (WSNs), limited work has been found in the open literature in the field of WSANs. In particular, quality-of-service (QoS) management in WSANs remains an important issue yet to be investigated. As an attempt in this direction, this paper develops a fuzzy logic control based QoS management (FLC-QM) scheme for WSANs with constrained resources and in dynamic and unpredictable environments. Taking advantage of the feedback control technology, this scheme deals with the impact of unpredictable changes in traffic load on the QoS of WSANs. It utilizes a fuzzy logic controller inside each source sensor node to adapt sampling period to the deadline miss ratio associated with data transmission from the sensor to the actuator. The deadline miss ratio is maintained at a pre-determined desired level so that the required QoS can be achieved. The FLC-QM has the advantages of generality, scalability, and simplicity. Simulation results show that the FLC-QM can provide WSANs with QoS support. PMID:28903288

  17. Providing QoS through machine-learning-driven adaptive multimedia applications.

    PubMed

    Ruiz, Pedro M; Botía, Juan A; Gómez-Skarmeta, Antonio

    2004-06-01

    We investigate the optimization of the quality of service (QoS) offered by real-time multimedia adaptive applications through machine learning algorithms. These applications are able to adapt in real time their internal settings (i.e., video sizes, audio and video codecs, among others) to the unpredictably changing capacity of the network. Traditional adaptive applications just select a set of settings to consume less than the available bandwidth. We propose a novel approach in which the selected set of settings is the one which offers a better user-perceived QoS among all those combinations which satisfy the bandwidth restrictions. We use a genetic algorithm to decide when to trigger the adaptation process depending on the network conditions (i.e., loss-rate, jitter, etc.). Additionally, the selection of the new set of settings is done according to a set of rules which model the user-perceived QoS. These rules are learned using the SLIPPER rule induction algorithm over a set of examples extracted from scores provided by real users. We will demonstrate that the proposed approach guarantees a good user-perceived QoS even when the network conditions are constantly changing.

  18. A GMP-compliant protocol to expand and transfect cancer patient T cells with mRNA encoding a tumor-specific chimeric antigen receptor.

    PubMed

    Krug, Christian; Wiesinger, Manuel; Abken, Hinrich; Schuler-Thurner, Beatrice; Schuler, Gerold; Dörrie, Jan; Schaft, Niels

    2014-10-01

    Chimeric antigen receptors (CARs), which combine an antibody-derived binding domain (single chain fragment variable) with T-cell-activating signaling domains, have become a promising tool in the adoptive cellular therapy of cancer. Retro- and lenti-viral transductions are currently the standard methods to equip T cells with a CAR; permanent CAR expression, however, harbors several risks like uncontrolled auto-reactivity. Modification of T cells by electroporation with CAR-encoding RNA to achieve transient expression likely circumvents these difficulties. We here present a GMP-compliant protocol to activate and expand T cells for clinical application. The protocol is optimized in particular to produce CAR-modified T cells in clinically sufficient numbers under full GMP-compliance from late-stage cancer patients. This protocol allows the generation of 6.7 × 10(8) CAR-expressing T cells from one patient leukapheresis. The CAR-engineered T cells produced pro-inflammatory cytokines after stimulation with antigen-bearing tumor cells and lysed tumor cells in an antigen-specific manner. This functional capacity was maintained after cryopreservation. Taken together, we provide a clinically applicable protocol to transiently engineer sufficient numbers of antigen-specific patient T cells for use in adoptive cell therapy of cancer.

  19. Quantum cryptography with finite resources: unconditional security bound for discrete-variable protocols with one-way postprocessing.

    PubMed

    Scarani, Valerio; Renner, Renato

    2008-05-23

    We derive a bound for the security of quantum key distribution with finite resources under one-way postprocessing, based on a definition of security that is composable and has an operational meaning. While our proof relies on the assumption of collective attacks, unconditional security follows immediately for standard protocols such as Bennett-Brassard 1984 and six-states protocol. For single-qubit implementations of such protocols, we find that the secret key rate becomes positive when at least N approximately 10(5) signals are exchanged and processed. For any other discrete-variable protocol, unconditional security can be obtained using the exponential de Finetti theorem, but the additional overhead leads to very pessimistic estimates.

  20. Using software security analysis to verify the secure socket layer (SSL) protocol

    NASA Technical Reports Server (NTRS)

    Powell, John D.

    2004-01-01

    nal Aeronautics and Space Administration (NASA) have tens of thousands of networked computer systems and applications. Software Security vulnerabilities present risks such as lost or corrupted data, information the3, and unavailability of critical systems. These risks represent potentially enormous costs to NASA. The NASA Code Q research initiative 'Reducing Software Security Risk (RSSR) Trough an Integrated Approach '' offers, among its capabilities, formal verification of software security properties, through the use of model based verification (MBV) to address software security risks. [1,2,3,4,5,6] MBV is a formal approach to software assurance that combines analysis of software, via abstract models, with technology, such as model checkers, that provide automation of the mechanical portions of the analysis process. This paper will discuss: The need for formal analysis to assure software systems with respect to software and why testing alone cannot provide it. The means by which MBV with a Flexible Modeling Framework (FMF) accomplishes the necessary analysis task. An example of FMF style MBV in the verification of properties over the Secure Socket Layer (SSL) communication protocol as a demonstration.

  1. Security Analysis of DTN Architecture and Bundle Protocol Specification for Space-Based Networks

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2009-01-01

    A Delay-Tolerant Network (DTN) Architecture (Request for Comment, RFC-4838) and Bundle Protocol Specification, RFC-5050, have been proposed for space and terrestrial networks. Additional security specifications have been provided via the Bundle Security Specification (currently a work in progress as an Internet Research Task Force internet-draft) and, for link-layer protocols applicable to Space networks, the Licklider Transport Protocol Security Extensions. This document provides a security analysis of the current DTN RFCs and proposed security related internet drafts with a focus on space-based communication networks, which is a rather restricted subset of DTN networks. Note, the original focus and motivation of DTN work was for the Interplanetary Internet . This document does not address general store-and-forward network overlays, just the current work being done by the Internet Research Task Force (IRTF) and the Consultative Committee for Space Data Systems (CCSDS) Space Internetworking Services Area (SIS) - DTN working group under the DTN and Bundle umbrellas. However, much of the analysis is relevant to general store-and-forward overlays.

  2. A Hybrid Analysis for Security Protocols with State

    DTIC Science & Technology

    2014-07-16

    Approved for Public Release; Distribution Unlimited. 14-1013. A Hybrid Analysis for Security Protocols with State∗ John D. Ramsdell Daniel J ...their consequences in the anno - tated protocol theory Tannot(Π, ) use only the limited vocabulary of Tbnd(Π); we call them bridge lemmas. Lemma 3 is a...and we proved it using pvs. Lemma 1 (Prefix Boot Extend). ∀π ∈ path, t :>, i, k ∈ N. i ≤ k ∧ π(k) has t ⊃ subterm(π(i), π(k)) ∨ ∃ j ∈ N. i ≤ j < k ∧ π

  3. A Spectrum Access Based on Quality of Service (QoS) in Cognitive Radio Networks.

    PubMed

    Zhai, Linbo; Wang, Hua; Gao, Chuangen

    2016-01-01

    The quality of service (QoS) is important issue for cognitive radio networks. In the cognitive radio system, the licensed users, also called primary users (PUs), are authorized to utilize the wireless spectrum, while unlicensed users, also called secondary users (SUs), are not authorized to use the wireless spectrum. SUs access the wireless spectrum opportunistically when the spectrum is idle. While SUs use an idle channel, the instance that PUs come back makes SUs terminate their communications and leave the current channel. Therefore, quality of service (QoS) is difficult to be ensured for SUs. In this paper, we first propose an analysis model to obtain QoS for cognitive radio networks such as blocking probability, completed traffic and termination probability of SUs. When the primary users use the channels frequently, QoS of SUs is difficult to be ensured, especially the termination probability. Then, we propose a channel reservation scheme to improve QoS of SUs. The scheme makes the terminated SUs move to the reserved channels and keep on communications. Simulation results show that our scheme can improve QoS of SUs especially the termination probability with a little cost of blocking probability in dynamic environment.

  4. A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security

    PubMed Central

    Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

    2008-01-01

    This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding innetwork processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks. PMID:27873963

  5. A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security.

    PubMed

    Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

    2008-12-04

    This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

  6. FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks.

    PubMed

    Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A; Zulkarnain, Zuriati A

    2016-06-22

    Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol's semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery.

  7. A secure distributed logistic regression protocol for the detection of rare adverse drug events.

    PubMed

    El Emam, Khaled; Samet, Saeed; Arbuckle, Luk; Tamblyn, Robyn; Earle, Craig; Kantarcioglu, Murat

    2013-05-01

    There is limited capacity to assess the comparative risks of medications after they enter the market. For rare adverse events, the pooling of data from multiple sources is necessary to have the power and sufficient population heterogeneity to detect differences in safety and effectiveness in genetic, ethnic and clinically defined subpopulations. However, combining datasets from different data custodians or jurisdictions to perform an analysis on the pooled data creates significant privacy concerns that would need to be addressed. Existing protocols for addressing these concerns can result in reduced analysis accuracy and can allow sensitive information to leak. To develop a secure distributed multi-party computation protocol for logistic regression that provides strong privacy guarantees. We developed a secure distributed logistic regression protocol using a single analysis center with multiple sites providing data. A theoretical security analysis demonstrates that the protocol is robust to plausible collusion attacks and does not allow the parties to gain new information from the data that are exchanged among them. The computational performance and accuracy of the protocol were evaluated on simulated datasets. The computational performance scales linearly as the dataset sizes increase. The addition of sites results in an exponential growth in computation time. However, for up to five sites, the time is still short and would not affect practical applications. The model parameters are the same as the results on pooled raw data analyzed in SAS, demonstrating high model accuracy. The proposed protocol and prototype system would allow the development of logistic regression models in a secure manner without requiring the sharing of personal health information. This can alleviate one of the key barriers to the establishment of large-scale post-marketing surveillance programs. We extended the secure protocol to account for correlations among patients within sites through

  8. Adequate Security Protocols Adopt in a Conceptual Model in Identity Management for the Civil Registry of Ecuador

    NASA Astrophysics Data System (ADS)

    Toapanta, Moisés; Mafla, Enrique; Orizaga, Antonio

    2017-08-01

    We analyzed the problems of security of the information of the civil registries and identification at world level that are considered strategic. The objective is to adopt the appropriate security protocols in a conceptual model in the identity management for the Civil Registry of Ecuador. In this phase, the appropriate security protocols were determined in a Conceptual Model in Identity Management with Authentication, Authorization and Auditing (AAA). We used the deductive method and exploratory research to define the appropriate security protocols to be adopted in the identity model: IPSec, DNSsec, Radius, SSL, TLS, IEEE 802.1X EAP, Set. It was a prototype of the location of the security protocols adopted in the logical design of the technological infrastructure considering the conceptual model for Identity, Authentication, Authorization, and Audit management. It was concluded that the adopted protocols are appropriate for a distributed database and should have a direct relationship with the algorithms, which allows vulnerability and risk mitigation taking into account confidentiality, integrity and availability (CIA).

  9. An Improved Protocol for Controlled Deterministic Secure Quantum Communication Using Five-Qubit Entangled State

    NASA Astrophysics Data System (ADS)

    Kao, Shih-Hung; Lin, Jason; Tsai, Chia-Wei; Hwang, Tzonelih

    2018-03-01

    In early 2009, Xiu et al. (Opt. Commun. 282(2) 333-337 2009) presented a controlled deterministic secure quantum communication (CDSQC) protocol via a newly constructed five-qubit entangled quantum state. Later, Qin et al. (Opt. Commun. 282(13), 2656-2658 2009) pointed out two security loopholes in Xiu et al.'s protocol: (1) A correlation-elicitation (CE) attack can reveal the entire secret message; (2) A leakage of partial information for the receiver is noticed. Then, Xiu et al. (Opt. Commun. 283(2), 344-347 2010) presented a revised CDSQC protocol to remedy the CE attack problem. However, the information leakage problem still remains open. This work proposes a new CDSQC protocol using the same five-qubit entangled state which can work without the above mentioned security problems. Moreover, the Trojan Horse attacks can be automatically avoided without using detecting devices in the new CDSQC.

  10. An Improved Protocol for Controlled Deterministic Secure Quantum Communication Using Five-Qubit Entangled State

    NASA Astrophysics Data System (ADS)

    Kao, Shih-Hung; Lin, Jason; Tsai, Chia-Wei; Hwang, Tzonelih

    2018-06-01

    In early 2009, Xiu et al. (Opt. Commun. 282(2) 333-337 2009) presented a controlled deterministic secure quantum communication (CDSQC) protocol via a newly constructed five-qubit entangled quantum state. Later, Qin et al. (Opt. Commun. 282(13), 2656-2658 2009) pointed out two security loopholes in Xiu et al.'s protocol: (1) A correlation-elicitation (CE) attack can reveal the entire secret message; (2) A leakage of partial information for the receiver is noticed. Then, Xiu et al. (Opt. Commun. 283(2), 344-347 2010) presented a revised CDSQC protocol to remedy the CE attack problem. However, the information leakage problem still remains open. This work proposes a new CDSQC protocol using the same five-qubit entangled state which can work without the above mentioned security problems. Moreover, the Trojan Horse attacks can be automatically avoided without using detecting devices in the new CDSQC.

  11. Protocols development for security and privacy of radio frequency identification systems

    NASA Astrophysics Data System (ADS)

    Sabbagha, Fatin

    There are benefits to adopting radio frequency identification (RFID) technology, although there are methods of attack that can compromise the system. This research determined how that may happen and what possible solutions can keep that from happening. Protocols were developed to implement better security. In addition, new topologies were developed to handle the problems of the key management. Previously proposed protocols focused on providing mutual authentication and privacy between readers and tags. However, those protocols are still vulnerable to be attacked. These protocols were analyzed and the disadvantages shown for each one. Previous works assumed that the channels between readers and the servers were secure. In the proposed protocols, a compromised reader is considered along with how to prevent tags from being read by that reader. The new protocols provide mutual authentication between readers and tags and, at the same time, remove the compromised reader from the system. Three protocols are proposed. In the first protocol, a mutual authentication is achieved and a compromised reader is not allowed in the network. In the second protocol, the number of times a reader contacts the server is reduced. The third protocol provides authentication and privacy between tags and readers using a trusted third party. The developed topology is implemented using python language and simulates work to check the efficiency regarding the processing time. The three protocols are implemented by writing codes in C language and then compiling them in MSP430. IAR Embedded workbench is used, which is an integrated development environment with the C/C++ compiler to generate a faster code and to debug the microcontroller. In summary, the goal of this research is to find solutions for the problems on previously proposed protocols, handle a compromised reader, and solve key management problems.

  12. Three-pass protocol scheme for bitmap image security by using vernam cipher algorithm

    NASA Astrophysics Data System (ADS)

    Rachmawati, D.; Budiman, M. A.; Aulya, L.

    2018-02-01

    Confidentiality, integrity, and efficiency are the crucial aspects of data security. Among the other digital data, image data is too prone to abuse of operation like duplication, modification, etc. There are some data security techniques, one of them is cryptography. The security of Vernam Cipher cryptography algorithm is very dependent on the key exchange process. If the key is leaked, security of this algorithm will collapse. Therefore, a method that minimizes key leakage during the exchange of messages is required. The method which is used, is known as Three-Pass Protocol. This protocol enables message delivery process without the key exchange. Therefore, the sending messages process can reach the receiver safely without fear of key leakage. The system is built by using Java programming language. The materials which are used for system testing are image in size 200×200 pixel, 300×300 pixel, 500×500 pixel, 800×800 pixel and 1000×1000 pixel. The result of experiments showed that Vernam Cipher algorithm in Three-Pass Protocol scheme could restore the original image.

  13. 3D Digital Legos for Teaching Security Protocols

    ERIC Educational Resources Information Center

    Yu, Li; Harrison, L.; Lu, Aidong; Li, Zhiwei; Wang, Weichao

    2011-01-01

    We have designed and developed a 3D digital Lego system as an education tool for teaching security protocols effectively in Information Assurance courses (Lego is a trademark of the LEGO Group. Here, we use it only to represent the pieces of a construction set.). Our approach applies the pedagogical methods learned from toy construction sets by…

  14. End-to-End QoS for Differentiated Services and ATM Internetworking

    NASA Technical Reports Server (NTRS)

    Su, Hongjun; Atiquzzaman, Mohammed

    2001-01-01

    The Internet was initially design for non real-time data communications and hence does not provide any Quality of Service (QoS). The next generation Internet will be characterized by high speed and QoS guarantee. The aim of this paper is to develop a prioritized early packet discard (PEPD) scheme for ATM switches to provide service differentiation and QoS guarantee to end applications running over next generation Internet. The proposed PEPD scheme differs from previous schemes by taking into account the priority of packets generated from different application. We develop a Markov chain model for the proposed scheme and verify the model with simulation. Numerical results show that the results from the model and computer simulation are in close agreement. Our PEPD scheme provides service differentiation to the end-to-end applications.

  15. Bio-Inspired Distributed Transmission Power Control Considering QoS Fairness in Wireless Body Area Sensor Networks

    PubMed Central

    2017-01-01

    Recently, the development of wireless body area sensor network (WBASN) has accelerated due to the rapid development of wireless technology. In the WBASN environment, many WBASNs coexist where communication ranges overlap with each other, resulting in the possibility of interference. Although nodes in a WBASN typically operate at a low power level, to avoid adversely affecting the human body, high transmission rates may be required to support some applications. In addition to this, since many varieties of applications exist in the WBASN environment, each prospective user may have different quality of service (QoS) requirements. Hence, the following issues should be considered in the WBASN environment: (1) interference between adjacent WBASNs, which influences the performance of a specific system, and (2) the degree of satisfaction on the QoS of each user, i.e., the required QoS such as user throughput should be considered to ensure that all users in the network are provided with a fair QoS satisfaction. Thus, in this paper, we propose a transmission power adjustment algorithm that addresses interference problems and guarantees QoS fairness between users. First, we use a new utility function to measure the degree of the satisfaction on the QoS for each user. Then, the transmission power of each sensor node is calculated using the Cucker–Smale model, and the QoS satisfaction of each user is synchronized dispersively. The results of simulations show that the proposed algorithm performs better than existing algorithms, with respect to QoS fairness and energy efficiency. PMID:29036924

  16. Bio-Inspired Distributed Transmission Power Control Considering QoS Fairness in Wireless Body Area Sensor Networks.

    PubMed

    Lee, Chan-Jae; Jung, Ji-Young; Lee, Jung-Ryun

    2017-10-14

    Recently, the development of wireless body area sensor network (WBASN) has accelerated due to the rapid development of wireless technology. In the WBASN environment, many WBASNs coexist where communication ranges overlap with each other, resulting in the possibility of interference. Although nodes in a WBASN typically operate at a low power level, to avoid adversely affecting the human body, high transmission rates may be required to support some applications. In addition to this, since many varieties of applications exist in the WBASN environment, each prospective user may have different quality of service (QoS) requirements. Hence, the following issues should be considered in the WBASN environment: (1) interference between adjacent WBASNs, which influences the performance of a specific system, and (2) the degree of satisfaction on the QoS of each user, i.e., the required QoS such as user throughput should be considered to ensure that all users in the network are provided with a fair QoS satisfaction. Thus, in this paper, we propose a transmission power adjustment algorithm that addresses interference problems and guarantees QoS fairness between users. First, we use a new utility function to measure the degree of the satisfaction on the QoS for each user. Then, the transmission power of each sensor node is calculated using the Cucker-Smale model, and the QoS satisfaction of each user is synchronized dispersively. The results of simulations show that the proposed algorithm performs better than existing algorithms, with respect to QoS fairness and energy efficiency.

  17. Cross-layer protocols optimized for real-time multimedia services in energy-constrained mobile ad hoc networks

    NASA Astrophysics Data System (ADS)

    Hortos, William S.

    2003-07-01

    Mobile ad hoc networking (MANET) supports self-organizing, mobile infrastructures and enables an autonomous network of mobile nodes that can operate without a wired backbone. Ad hoc networks are characterized by multihop, wireless connectivity via packet radios and by the need for efficient dynamic protocols. All routers are mobile and can establish connectivity with other nodes only when they are within transmission range. Importantly, ad hoc wireless nodes are resource-constrained, having limited processing, memory, and battery capacity. Delivery of high quality-ofservice (QoS), real-time multimedia services from Internet-based applications over a MANET is a challenge not yet achieved by proposed Internet Engineering Task Force (IETF) ad hoc network protocols in terms of standard performance metrics such as end-to-end throughput, packet error rate, and delay. In the distributed operations of route discovery and maintenance, strong interaction occurs across MANET protocol layers, in particular, the physical, media access control (MAC), network, and application layers. The QoS requirements are specified for the service classes by the application layer. The cross-layer design must also satisfy the battery-limited energy constraints, by minimizing the distributed power consumption at the nodes and of selected routes. Interactions across the layers are modeled in terms of the set of concatenated design parameters including associated energy costs. Functional dependencies of the QoS metrics are described in terms of the concatenated control parameters. New cross-layer designs are sought that optimize layer interdependencies to achieve the "best" QoS available in an energy-constrained, time-varying network. The protocol design, based on a reactive MANET protocol, adapts the provisioned QoS to dynamic network conditions and residual energy capacities. The cross-layer optimization is based on stochastic dynamic programming conditions derived from time-dependent models of

  18. A secure distributed logistic regression protocol for the detection of rare adverse drug events

    PubMed Central

    El Emam, Khaled; Samet, Saeed; Arbuckle, Luk; Tamblyn, Robyn; Earle, Craig; Kantarcioglu, Murat

    2013-01-01

    Background There is limited capacity to assess the comparative risks of medications after they enter the market. For rare adverse events, the pooling of data from multiple sources is necessary to have the power and sufficient population heterogeneity to detect differences in safety and effectiveness in genetic, ethnic and clinically defined subpopulations. However, combining datasets from different data custodians or jurisdictions to perform an analysis on the pooled data creates significant privacy concerns that would need to be addressed. Existing protocols for addressing these concerns can result in reduced analysis accuracy and can allow sensitive information to leak. Objective To develop a secure distributed multi-party computation protocol for logistic regression that provides strong privacy guarantees. Methods We developed a secure distributed logistic regression protocol using a single analysis center with multiple sites providing data. A theoretical security analysis demonstrates that the protocol is robust to plausible collusion attacks and does not allow the parties to gain new information from the data that are exchanged among them. The computational performance and accuracy of the protocol were evaluated on simulated datasets. Results The computational performance scales linearly as the dataset sizes increase. The addition of sites results in an exponential growth in computation time. However, for up to five sites, the time is still short and would not affect practical applications. The model parameters are the same as the results on pooled raw data analyzed in SAS, demonstrating high model accuracy. Conclusion The proposed protocol and prototype system would allow the development of logistic regression models in a secure manner without requiring the sharing of personal health information. This can alleviate one of the key barriers to the establishment of large-scale post-marketing surveillance programs. We extended the secure protocol to account for

  19. Design and Analysis of Secure Routing Protocol for Wireless Sensor Networks

    NASA Astrophysics Data System (ADS)

    Wang, Jiong; Zhang, Hua

    2017-09-01

    In recent years, with the development of science and technology and the progress of the times, China's wireless network technology has become increasingly prosperous and it plays an important role in social production and life. In this context, in order to further to enhance the stability of wireless network data transmission and security enhancements, the staff need to focus on routing security and carry out related work. Based on this, this paper analyzes the design of wireless sensor based on secure routing protocol.

  20. On the security of semi-device-independent QKD protocols

    NASA Astrophysics Data System (ADS)

    Chaturvedi, Anubhav; Ray, Maharshi; Veynar, Ryszard; Pawłowski, Marcin

    2018-06-01

    While fully device-independent security in (BB84-like) prepare-and-measure quantum key distribution (QKD) is impossible, it can be guaranteed against individual attacks in a semi-device-independent (SDI) scenario, wherein no assumptions are made on the characteristics of the hardware used except for an upper bound on the dimension of the communicated system. Studying security under such minimal assumptions is especially relevant in the context of the recent quantum hacking attacks wherein the eavesdroppers can not only construct the devices used by the communicating parties but are also able to remotely alter their behavior. In this work, we study the security of a SDIQKD protocol based on the prepare-and-measure quantum implementation of a well-known cryptographic primitive, the random access code (RAC). We consider imperfect detectors and establish the critical values of the security parameters (the observed success probability of the RAC and the detection efficiency) required for guaranteeing security against eavesdroppers with and without quantum memory. Furthermore, we suggest a minimal characterization of the preparation device in order to lower the requirements for establishing a secure key.

  1. Domain Name Server Security (DNSSEC) Protocol Deployment

    DTIC Science & Technology

    2014-10-01

    all the time. For mobile devices, end-system validation is much more difficult due to the state of their networks, many of which do not allow...way to distribute keying information than the current public-key infrastructure (PKI) allows. In addition, it will take work to convince CDNs and...Control Protocol (TCP) or even DNS over Secure Sockets Layer (SSL). One of the important outcomes of our work is the realization that that a " mobile

  2. A Secure Region-Based Geographic Routing Protocol (SRBGR) for Wireless Sensor Networks

    PubMed Central

    Adnan, Ali Idarous; Hanapi, Zurina Mohd; Othman, Mohamed; Zukarnain, Zuriati Ahmad

    2017-01-01

    Due to the lack of dependency for routing initiation and an inadequate allocated sextant on responding messages, the secure geographic routing protocols for Wireless Sensor Networks (WSNs) have attracted considerable attention. However, the existing protocols are more likely to drop packets when legitimate nodes fail to respond to the routing initiation messages while attackers in the allocated sextant manage to respond. Furthermore, these protocols are designed with inefficient collection window and inadequate verification criteria which may lead to a high number of attacker selections. To prevent the failure to find an appropriate relay node and undesirable packet retransmission, this paper presents Secure Region-Based Geographic Routing Protocol (SRBGR) to increase the probability of selecting the appropriate relay node. By extending the allocated sextant and applying different message contention priorities more legitimate nodes can be admitted in the routing process. Moreover, the paper also proposed the bound collection window for a sufficient collection time and verification cost for both attacker identification and isolation. Extensive simulation experiments have been performed to evaluate the performance of the proposed protocol in comparison with other existing protocols. The results demonstrate that SRBGR increases network performance in terms of the packet delivery ratio and isolates attacks such as Sybil and Black hole. PMID:28121992

  3. A Secure Region-Based Geographic Routing Protocol (SRBGR) for Wireless Sensor Networks.

    PubMed

    Adnan, Ali Idarous; Hanapi, Zurina Mohd; Othman, Mohamed; Zukarnain, Zuriati Ahmad

    2017-01-01

    Due to the lack of dependency for routing initiation and an inadequate allocated sextant on responding messages, the secure geographic routing protocols for Wireless Sensor Networks (WSNs) have attracted considerable attention. However, the existing protocols are more likely to drop packets when legitimate nodes fail to respond to the routing initiation messages while attackers in the allocated sextant manage to respond. Furthermore, these protocols are designed with inefficient collection window and inadequate verification criteria which may lead to a high number of attacker selections. To prevent the failure to find an appropriate relay node and undesirable packet retransmission, this paper presents Secure Region-Based Geographic Routing Protocol (SRBGR) to increase the probability of selecting the appropriate relay node. By extending the allocated sextant and applying different message contention priorities more legitimate nodes can be admitted in the routing process. Moreover, the paper also proposed the bound collection window for a sufficient collection time and verification cost for both attacker identification and isolation. Extensive simulation experiments have been performed to evaluate the performance of the proposed protocol in comparison with other existing protocols. The results demonstrate that SRBGR increases network performance in terms of the packet delivery ratio and isolates attacks such as Sybil and Black hole.

  4. A new scheduling algorithm to provide proportional QoS in optical burst switching networks

    NASA Astrophysics Data System (ADS)

    Tan, Wei; Luo, Yunhan; Wang, Sheng; Xu, Du; Pan, Yonghong; Li, Lemin

    2005-02-01

    A new scheduling algorithm, which aims to provide proportional and controllable QoS in terms of burst loss probability for OBS (optical burst switching) networks, is proposed on the basis of a summary of current QoS schemes in OBS. With simulations, performance analyses and comparisons are studied in detail. The results show that, in the proposed scheme, burst loss probabilities are proportional to the given factors and the control of QoS performance can be achieved with better performance. This scheme will be beneficial to the OBS network management and the tariff policy making.

  5. Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks

    PubMed Central

    2017-01-01

    In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities’ authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol. PMID:28946633

  6. Secure and Lightweight Cloud-Assisted Video Reporting Protocol over 5G-Enabled Vehicular Networks.

    PubMed

    Nkenyereye, Lewis; Kwon, Joonho; Choi, Yoon-Ho

    2017-09-23

    In the vehicular networks, the real-time video reporting service is used to send the recorded videos in the vehicle to the cloud. However, when facilitating the real-time video reporting service in the vehicular networks, the usage of the fourth generation (4G) long term evolution (LTE) was proved to suffer from latency while the IEEE 802.11p standard does not offer sufficient scalability for a such congested environment. To overcome those drawbacks, the fifth-generation (5G)-enabled vehicular network is considered as a promising technology for empowering the real-time video reporting service. In this paper, we note that security and privacy related issues should also be carefully addressed to boost the early adoption of 5G-enabled vehicular networks. There exist a few research works for secure video reporting service in 5G-enabled vehicular networks. However, their usage is limited because of public key certificates and expensive pairing operations. Thus, we propose a secure and lightweight protocol for cloud-assisted video reporting service in 5G-enabled vehicular networks. Compared to the conventional public key certificates, the proposed protocol achieves entities' authorization through anonymous credential. Also, by using lightweight security primitives instead of expensive bilinear pairing operations, the proposed protocol minimizes the computational overhead. From the evaluation results, we show that the proposed protocol takes the smaller computation and communication time for the cryptographic primitives than that of the well-known Eiza-Ni-Shi protocol.

  7. Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks.

    PubMed

    Saleem, Kashif; Derhab, Abdelouahid; Orgun, Mehmet A; Al-Muhtadi, Jalal; Rodrigues, Joel J P C; Khalil, Mohammed Sayim; Ali Ahmed, Adel

    2016-03-31

    The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs) composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP) involves an artificial immune system (AIS) that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP) that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2) and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks.

  8. Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks

    PubMed Central

    Saleem, Kashif; Derhab, Abdelouahid; Orgun, Mehmet A.; Al-Muhtadi, Jalal; Rodrigues, Joel J. P. C.; Khalil, Mohammed Sayim; Ali Ahmed, Adel

    2016-01-01

    The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs) composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP) involves an artificial immune system (AIS) that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP) that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2) and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks. PMID:27043572

  9. Securing the Global Airspace System Via Identity-Based Security

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  10. Improved Wireless Security through Physical Layer Protocol Manipulation and Radio Frequency Fingerprinting

    DTIC Science & Technology

    2014-09-18

    radios in a cognitive radio network using a radio frequency fingerprinting based method. In IEEE International Conference on Communications (ICC...IMPROVEDWIRELESS SECURITY THROUGH PHYSICAL LAYER PROTOCOL MANIPULATION AND RADIO FREQUENCY FINGERPRINTING DISSERTATION Benjamin W. Ramsey, Captain...PHYSICAL LAYER PROTOCOL MANIPULATION AND RADIO FREQUENCY FINGERPRINTING DISSERTATION Presented to the Faculty Graduate School of Engineering and

  11. Achieving End-to-End QoS in the Next Generation Internet: Integrated Services Over Differentiated Service Networks

    NASA Technical Reports Server (NTRS)

    Bai, Haowei; Atiquzzaman, Mohammed; Ivancic, William

    2001-01-01

    Currently there are two approaches to provide Quality of Service (QoS) in the next generation Internet: An early one is the Integrated Services (IntServ) with the goal of allowing end-to-end QoS to be provided to applications; the other one is the Differentiated Services (DiffServ) architecture providing QoS in the backbone. In this context, a DiffServ network may be viewed as a network element in the total end-to-end path. The objective of this paper is to investigate the possibility of providing end-to-end QoS when IntServ runs over DiffServ backbone in the next generation Internet. Our results show that the QoS requirements of IntServ applications can be successfully achieved when IntServ traffic is mapped to the DiffServ domain in next generation Internet.

  12. Achieving End-to-End QoS in the Next Generation Internet: Integrated Services over Differentiated Service Networks

    NASA Technical Reports Server (NTRS)

    Bai, Haowei; Atiquzzaman, Mohammed; Ivancic, William

    2001-01-01

    Currently there are two approaches to provide Quality of Service (QoS) in the next generation Internet: An early one is the Integrated Services (IntServ) with the goal of allowing end-to-end QoS to be provided to applications; the other one is the Differentiated Services (DiffServ) architecture providing QoS in the backbone. In this context, a DiffServ network may be viewed as a network element in the total end-to-end path. The objective of this paper is to investigate the possibility of providing end-to-end QoS when IntServ runs over DiffServ backbone in the next generation Internet. Our results show that the QoS requirements of IntServ applications can be successfully achieved when IntServ traffic is mapped to the DiffServ domain in next generation Internet.

  13. FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks

    PubMed Central

    Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A.; Zulkarnain, Zuriati A.

    2016-01-01

    Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol’s semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery. PMID:27338411

  14. Healthcare Blockchain System Using Smart Contracts for Secure Automated Remote Patient Monitoring.

    PubMed

    Griggs, Kristen N; Ossipova, Olya; Kohlios, Christopher P; Baccarini, Alessandro N; Howson, Emily A; Hayajneh, Thaier

    2018-06-06

    As Internet of Things (IoT) devices and other remote patient monitoring systems increase in popularity, security concerns about the transfer and logging of data transactions arise. In order to handle the protected health information (PHI) generated by these devices, we propose utilizing blockchain-based smart contracts to facilitate secure analysis and management of medical sensors. Using a private blockchain based on the Ethereum protocol, we created a system where the sensors communicate with a smart device that calls smart contracts and writes records of all events on the blockchain. This smart contract system would support real-time patient monitoring and medical interventions by sending notifications to patients and medical professionals, while also maintaining a secure record of who has initiated these activities. This would resolve many security vulnerabilities associated with remote patient monitoring and automate the delivery of notifications to all involved parties in a HIPAA compliant manner.

  15. HIPAA-compliant automatic monitoring system for RIS-integrated PACS operation

    NASA Astrophysics Data System (ADS)

    Jin, Jin; Zhang, Jianguo; Chen, Xiaomeng; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Feng, Jie; Sheng, Liwei; Huang, H. K.

    2006-03-01

    As a governmental regulation, Health Insurance Portability and Accountability Act (HIPAA) was issued to protect the privacy of health information that identifies individuals who are living or deceased. HIPAA requires security services supporting implementation features: Access control; Audit controls; Authorization control; Data authentication; and Entity authentication. These controls, which proposed in HIPAA Security Standards, are Audit trails here. Audit trails can be used for surveillance purposes, to detect when interesting events might be happening that warrant further investigation. Or they can be used forensically, after the detection of a security breach, to determine what went wrong and who or what was at fault. In order to provide security control services and to achieve the high and continuous availability, we design the HIPAA-Compliant Automatic Monitoring System for RIS-Integrated PACS operation. The system consists of two parts: monitoring agents running in each PACS component computer and a Monitor Server running in a remote computer. Monitoring agents are deployed on all computer nodes in RIS-Integrated PACS system to collect the Audit trail messages defined by the Supplement 95 of the DICOM standard: Audit Trail Messages. Then the Monitor Server gathers all audit messages and processes them to provide security information in three levels: system resources, PACS/RIS applications, and users/patients data accessing. Now the RIS-Integrated PACS managers can monitor and control the entire RIS-Integrated PACS operation through web service provided by the Monitor Server. This paper presents the design of a HIPAA-compliant automatic monitoring system for RIS-Integrated PACS Operation, and gives the preliminary results performed by this monitoring system on a clinical RIS-integrated PACS.

  16. Metro Optical Networks for Homeland Security

    NASA Astrophysics Data System (ADS)

    Bechtel, James H.

    Metro optical networks provide an enticing opportunity for strengthening homeland security. Many existing and emerging fiber-optic networks can be adapted for enhanced security applications. Applications include airports, theme parks, sports venues, and border surveillance systems. Here real-time high-quality video and captured images can be collected, transported, processed, and stored for security applications. Video and data collection are important also at correctional facilities, courts, infrastructure (e.g., dams, bridges, railroads, reservoirs, power stations), and at military and other government locations. The scaling of DWDM-based networks allows vast amounts of data to be collected and transported including biometric features of individuals at security check points. Here applications will be discussed along with potential solutions and challenges. Examples of solutions to these problems are given. This includes a discussion of metropolitan aggregation platforms for voice, video, and data that are SONET compliant for use in SONET networks and the use of DWDM technology for scaling and transporting a variety of protocols. Element management software allows not only network status monitoring, but also provides optimized allocation of network resources through the use of optical switches or electrical cross connects.

  17. Economic model for QoS guarantee on the Internet

    NASA Astrophysics Data System (ADS)

    Zhang, Chi; Wei, Jiaolong

    2001-09-01

    This paper describes a QoS guarantee architecture suited for best-effort environments, based on ideas from microeconomics and non-cooperative game theory. First, an analytic model is developed for the study of the resource allocation in the Internet. Then we show that with a simple pricing mechanism (from network implementation and users' points-of-view), we were able to provide QoS guarantee at per flow level without resource allocation or complicated scheduling mechanisms or maintaining per flow state in the core network. Unlike the previous work on this area, we extend the basic model to support inelastic applications which require minimum bandwidth guarantees for a given time period by introducing derivative market.

  18. Secure Control Systems for the Energy Sector

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Smith, Rhett; Campbell, Jack; Hadley, Mark

    2012-03-31

    Schweitzer Engineering Laboratories (SEL) will conduct the Hallmark Project to address the need to reduce the risk of energy disruptions because of cyber incidents on control systems. The goals is to develop solutions that can be both applied to existing control systems and designed into new control systems to add the security measures needed to mitigate energy network vulnerabilities. The scope of the Hallmark Project contains four primary elements: 1. Technology transfer of the Secure Supervisory Control and Data Acquisition (SCADA) Communications Protocol (SSCP) from Pacific Northwest National Laboratories (PNNL) to Schweitzer Engineering Laboratories (SEL). The project shall use thismore » technology to develop a Federal Information Processing Standard (FIPS) 140-2 compliant original equipment manufacturer (OEM) module to be called a Cryptographic Daughter Card (CDC) with the ability to directly connect to any PC enabling that computer to securely communicate across serial to field devices. Validate the OEM capabilities with another vendor. 2. Development of a Link Authenticator Module (LAM) using the FIPS 140-2 validated Secure SCADA Communications Protocol (SSCP) CDC module with a central management software kit. 3. Validation of the CDC and Link Authenticator modules via laboratory and field tests. 4. Creation of documents that record the impact of the Link Authenticator to the operators of control systems and on the control system itself. The information in the documents can assist others with technology deployment and maintenance.« less

  19. Security Enhanced EMV-Based Mobile Payment Protocol

    PubMed Central

    2014-01-01

    Near field communication has enabled customers to put their credit cards into a smartphone and use the phone for credit card transaction. But EMV contactless payment allows unauthorized readers to access credit cards. Besides, in offline transaction, a merchant's reader cannot verify whether a card has been revoked. Therefore, we propose an EMV-compatible payment protocol to mitigate the transaction risk. And our modifications to the EMV standard are transparent to merchants and users. We also encrypt the communications between a card and a reader to prevent eavesdropping on sensitive data. The protocol is able to resist impersonation attacks and to avoid the security threats in EMV. In offline transactions, our scheme requires a user to apply for a temporary offline certificate in advance. With the certificate, banks no longer need to lower customer's credits for risk control, and users can have online-equivalent credits in offline transactions. PMID:25302334

  20. Security enhanced EMV-based mobile payment protocol.

    PubMed

    Yang, Ming-Hour

    2014-01-01

    Near field communication has enabled customers to put their credit cards into a smartphone and use the phone for credit card transaction. But EMV contactless payment allows unauthorized readers to access credit cards. Besides, in offline transaction, a merchant's reader cannot verify whether a card has been revoked. Therefore, we propose an EMV-compatible payment protocol to mitigate the transaction risk. And our modifications to the EMV standard are transparent to merchants and users. We also encrypt the communications between a card and a reader to prevent eavesdropping on sensitive data. The protocol is able to resist impersonation attacks and to avoid the security threats in EMV. In offline transactions, our scheme requires a user to apply for a temporary offline certificate in advance. With the certificate, banks no longer need to lower customer's credits for risk control, and users can have online-equivalent credits in offline transactions.

  1. Can the use of the Leggett-Garg inequality enhance security of the BB84 protocol?

    NASA Astrophysics Data System (ADS)

    Shenoy H., Akshata; Aravinda, S.; Srikanth, R.; Home, Dipankar

    2017-08-01

    Prima facie, there are good reasons to answer in the negative the question posed in the title: the Bennett-Brassard 1984 (BB84) protocol is provably secure subject to the assumption of trusted devices, while the Leggett-Garg-type inequality (LGI) does not seem to be readily adaptable to the device independent (DI) or semi-DI scenario. Nevertheless, interestingly, here we identify a specific device attack, which has been shown to render the standard BB84 protocol completely insecure, but against which our formulated LGI-assisted BB84 protocol (based on an appropriate form of LGI) is secure.

  2. Performance evaluation of reactive and proactive routing protocol in IEEE 802.11 ad hoc network

    NASA Astrophysics Data System (ADS)

    Hamma, Salima; Cizeron, Eddy; Issaka, Hafiz; Guédon, Jean-Pierre

    2006-10-01

    Wireless technology based on the IEEE 802.11 standard is widely deployed. This technology is used to support multiple types of communication services (data, voice, image) with different QoS requirements. MANET (Mobile Adhoc NETwork) does not require a fixed infrastructure. Mobile nodes communicate through multihop paths. The wireless communication medium has variable and unpredictable characteristics. Furthermore, node mobility creates a continuously changing communication topology in which paths break and new one form dynamically. The routing table of each router in an adhoc network must be kept up-to-date. MANET uses Distance Vector or Link State algorithms which insure that the route to every host is always known. However, this approach must take into account the adhoc networks specific characteristics: dynamic topologies, limited bandwidth, energy constraints, limited physical security, ... Two main routing protocols categories are studied in this paper: proactive protocols (e.g. Optimised Link State Routing - OLSR) and reactive protocols (e.g. Ad hoc On Demand Distance Vector - AODV, Dynamic Source Routing - DSR). The proactive protocols are based on periodic exchanges that update the routing tables to all possible destinations, even if no traffic goes through. The reactive protocols are based on on-demand route discoveries that update routing tables only for the destination that has traffic going through. The present paper focuses on study and performance evaluation of these categories using NS2 simulations. We have considered qualitative and quantitative criteria. The first one concerns distributed operation, loop-freedom, security, sleep period operation. The second are used to assess performance of different routing protocols presented in this paper. We can list end-to-end data delay, jitter, packet delivery ratio, routing load, activity distribution. Comparative study will be presented with number of networking context consideration and the results show

  3. Performance evaluation of secured DICOM image communication with next generation internet protocol IPv6

    NASA Astrophysics Data System (ADS)

    Yu, Fenghai; Zhang, Jianguo; Chen, Xiaomeng; Huang, H. K.

    2005-04-01

    Next Generation Internet (NGI) technology with new communication protocol IPv6 emerges as a potential solution for low-cost and high-speed networks for image data transmission. IPv6 is designed to solve many of the problems of the current version of IP (known as IPv4) with regard to address depletion, security, autoconfiguration, extensibility, and more. We choose CTN (Central Test Node) DICOM software developed by The Mallinckrodt Institute of Radiology to implement IPv6/IPv4 enabled DICOM communication software on different operating systems (Windows/Linux), and used this DICOM software to evaluate the performance of the IPv6/IPv4 enabled DICOM image communication with different security setting and environments. We compared the security communications of IPsec with SSL/TLS on different TCP/IP protocols (IPv6/IPv4), and find that there are some trade-offs to choose security solution between IPsec and SSL/TLS in the security implementation of IPv6/IPv4 communication networks.

  4. [A security protocol for the exchange of personal medical data via Internet: monitoring treatment and drug effects].

    PubMed

    Viviani, R; Fischer, J; Spitzer, M; Freudenmann, R W

    2004-04-01

    We present a security protocol for the exchange of medical data via the Internet, based on the type/domain model. We discuss two applications of the protocol: in a system for the exchange of data for quality assurance, and in an on-line database of adverse reactions to drug use. We state that a type/domain security protocol can successfully comply with the complex requirements for data privacy and accessibility typical of such applications.

  5. A secure medical data exchange protocol based on cloud environment.

    PubMed

    Chen, Chin-Ling; Yang, Tsai-Tung; Shih, Tzay-Farn

    2014-09-01

    In recent years, health care technologies already became matured such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concern issue. In spite of many literatures discussed about medical systems, but these literatures should face many security challenges. The most important issue is patients' privacy. Therefore, we propose a secure medical data exchange protocol based on cloud environment. In our scheme, we use mobile device's characteristics, allowing peoples use medical resources on the cloud environment to seek medical advice conveniently.

  6. A security analysis of version 2 of the Network Time Protocol (NTP): A report to the privacy and security research group

    NASA Technical Reports Server (NTRS)

    Bishop, Matt

    1991-01-01

    The Network Time Protocol is being used throughout the Internet to provide an accurate time service. The security requirements are examined of such a service, version 2 of the NTP protocol is analyzed to determine how well it meets these requirements, and improvements are suggested where appropriate.

  7. Efficiency and security problems of anonymous key agreement protocol based on chaotic maps

    NASA Astrophysics Data System (ADS)

    Yoon, Eun-Jun

    2012-07-01

    In 2011, Niu-Wang proposed an anonymous key agreement protocol based on chaotic maps in [Niu Y, Wang X. An anonymous key agreement protocol based on chaotic maps. Commun Nonlinear Sci Simulat 2011;16(4):1986-92]. Niu-Wang's protocol not only achieves session key agreement between a server and a user, but also allows the user to anonymously interact with the server. Nevertheless, this paper points out that Niu-Wang's protocol has the following efficiency and security problems: (1) The protocol has computational efficiency problem when a trusted third party decrypts the user sending message. (2) The protocol is vulnerable to Denial of Service (DoS) attack based on illegal message modification by an attacker.

  8. A Personalized QoS Prediction Approach for CPS Service Recommendation Based on Reputation and Location-Aware Collaborative Filtering.

    PubMed

    Kuang, Li; Yu, Long; Huang, Lan; Wang, Yin; Ma, Pengju; Li, Chuanbin; Zhu, Yujia

    2018-05-14

    With the rapid development of cyber-physical systems (CPS), building cyber-physical systems with high quality of service (QoS) has become an urgent requirement in both academia and industry. During the procedure of building Cyber-physical systems, it has been found that a large number of functionally equivalent services exist, so it becomes an urgent task to recommend suitable services from the large number of services available in CPS. However, since it is time-consuming, and even impractical, for a single user to invoke all of the services in CPS to experience their QoS, a robust QoS prediction method is needed to predict unknown QoS values. A commonly used method in QoS prediction is collaborative filtering, however, it is hard to deal with the data sparsity and cold start problem, and meanwhile most of the existing methods ignore the data credibility issue. Thence, in order to solve both of these challenging problems, in this paper, we design a framework of QoS prediction for CPS services, and propose a personalized QoS prediction approach based on reputation and location-aware collaborative filtering. Our approach first calculates the reputation of users by using the Dirichlet probability distribution, so as to identify untrusted users and process their unreliable data, and then it digs out the geographic neighborhood in three levels to improve the similarity calculation of users and services. Finally, the data from geographical neighbors of users and services are fused to predict the unknown QoS values. The experiments using real datasets show that our proposed approach outperforms other existing methods in terms of accuracy, efficiency, and robustness.

  9. A Personalized QoS Prediction Approach for CPS Service Recommendation Based on Reputation and Location-Aware Collaborative Filtering

    PubMed Central

    Huang, Lan; Wang, Yin; Ma, Pengju; Li, Chuanbin; Zhu, Yujia

    2018-01-01

    With the rapid development of cyber-physical systems (CPS), building cyber-physical systems with high quality of service (QoS) has become an urgent requirement in both academia and industry. During the procedure of building Cyber-physical systems, it has been found that a large number of functionally equivalent services exist, so it becomes an urgent task to recommend suitable services from the large number of services available in CPS. However, since it is time-consuming, and even impractical, for a single user to invoke all of the services in CPS to experience their QoS, a robust QoS prediction method is needed to predict unknown QoS values. A commonly used method in QoS prediction is collaborative filtering, however, it is hard to deal with the data sparsity and cold start problem, and meanwhile most of the existing methods ignore the data credibility issue. Thence, in order to solve both of these challenging problems, in this paper, we design a framework of QoS prediction for CPS services, and propose a personalized QoS prediction approach based on reputation and location-aware collaborative filtering. Our approach first calculates the reputation of users by using the Dirichlet probability distribution, so as to identify untrusted users and process their unreliable data, and then it digs out the geographic neighborhood in three levels to improve the similarity calculation of users and services. Finally, the data from geographical neighbors of users and services are fused to predict the unknown QoS values. The experiments using real datasets show that our proposed approach outperforms other existing methods in terms of accuracy, efficiency, and robustness. PMID:29757995

  10. Research on the business QoS and trustworthy and controllable strategies mechanism for energy internet

    NASA Astrophysics Data System (ADS)

    Zhang, Geng; Lu, Meiling; Zhang, Dahua; Zhou, Liang; Li, Likang

    2017-01-01

    Energy internet is a kind of power sharing network, which can realize the bidirectional flow of energy information on the basis of the existing power grid. It puts forward higher requirements for reliability and controllability of information communication, and all kinds of business QoS of the backbone network. So the research of business QoS and trustworthy and controllable strategies mechanism have an important significance for the development of energy internet. This paper mainly studies how to use the software defined network (SDN) to achieve business QoS, and provide QoS support for all kinds of business of the energy internet. Combined with the current development situation of the energy internet in our country, this paper researches the trustworthy and controllable strategies mechanism for energy internet, and proposes the transition scheme of the IPv6 credible network architecture based on SDN. This coordinates the contradiction between the growing demand for energy internet applications and the limitations of the energy internet technology itself.

  11. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols

    PubMed Central

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-01-01

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network. PMID:27314351

  12. A New Cellular Architecture for Information Retrieval from Sensor Networks through Embedded Service and Security Protocols.

    PubMed

    Shahzad, Aamir; Landry, René; Lee, Malrey; Xiong, Naixue; Lee, Jongho; Lee, Changhoon

    2016-06-14

    Substantial changes have occurred in the Information Technology (IT) sectors and with these changes, the demand for remote access to field sensor information has increased. This allows visualization, monitoring, and control through various electronic devices, such as laptops, tablets, i-Pads, PCs, and cellular phones. The smart phone is considered as a more reliable, faster and efficient device to access and monitor industrial systems and their corresponding information interfaces anywhere and anytime. This study describes the deployment of a protocol whereby industrial system information can be securely accessed by cellular phones via a Supervisory Control And Data Acquisition (SCADA) server. To achieve the study goals, proprietary protocol interconnectivity with non-proprietary protocols and the usage of interconnectivity services are considered in detail. They support the visualization of the SCADA system information, and the related operations through smart phones. The intelligent sensors are configured and designated to process real information via cellular phones by employing information exchange services between the proprietary protocol and non-proprietary protocols. SCADA cellular access raises the issue of security flaws. For these challenges, a cryptography-based security method is considered and deployed, and it could be considered as a part of a proprietary protocol. Subsequently, transmission flows from the smart phones through a cellular network.

  13. Provision of QoS for Multimedia Services in IEEE 802.11 Wireless Network

    DTIC Science & Technology

    2006-10-01

    Provision of QoS for Multimedia Services in IEEE 802.11 Wireless Network. In Dynamic Communications Management (pp. 10-1 – 10-16). Meeting Proceedings...mechanisms have been used for managing a limited bandwidth link within the IPv6 military narrowband network. The detailed description of these...confirms that implemented video rate adaptation mechanism enables improvement of qaulity of video transfer. Provision of QoS for Multimedia Services in

  14. A Novel QKD-based Secure Edge Router Architecture Design for Burst Confidentiality in Optical Burst Switched Networks

    NASA Astrophysics Data System (ADS)

    Balamurugan, A. M.; Sivasubramanian, A.

    2014-06-01

    The Optical Burst Switching (OBS) is an emergent result to the technology issue that could achieve a viable network in future. They have the ability to meet the bandwidth requisite of those applications that call for intensive bandwidth. The field of optical transmission has undergone numerous advancements and is still being researched mainly due to the fact that optical data transmission can be done at enormous speeds. The concept of OBS is still far from perfection facing issues in case of security threat. The transfer of optical switching paradigm to optical burst switching faces serious downfall in the fields of burst aggregation, routing, authentication, dispute resolution and quality of service (QoS). This paper proposes a framework based on QKD based secure edge router architecture design to provide burst confidentiality. The QKD protocol offers high level of confidentiality as it is indestructible. The design architecture was implemented in FPGA using diverse models and the results were taken. The results show that the proposed model is suitable for real time secure routing applications of the Optical burst switched networks.

  15. Backup key generation model for one-time password security protocol

    NASA Astrophysics Data System (ADS)

    Jeyanthi, N.; Kundu, Sourav

    2017-11-01

    The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications’user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token.

  16. Method for providing a compliant cantilevered micromold

    DOEpatents

    Morales, Alfredo M.; Domeier, Linda A.; Gonzales, Marcela G.; Keifer, Patrick N.; Garino, Terry J.

    2008-12-16

    A compliant cantilevered three-dimensional micromold is provided. The compliant cantilevered micromold is suitable for use in the replication of cantilevered microparts and greatly simplifies the replication of such cantilevered parts. The compliant cantilevered micromold may be used to fabricate microparts using casting or electroforming techniques. When the compliant micromold is used to fabricate electroformed cantilevered parts, the micromold will also comprise an electrically conducting base formed by a porous metal substrate that is embedded within the compliant cantilevered micromold. Methods for fabricating the compliant cantilevered micromold as well as methods of replicating cantilevered microparts using the compliant cantilevered micromold are also provided.

  17. Controlling QoS in a collaborative multimedia environment

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Alfano, M.; Sigle, R.

    1996-12-31

    A collaborative multimedia environment allows users to work remotely on common projects by sharing applications (e.g., CAD tools, text editors, white boards) and simultaneously communicate audiovisually. Several dedicated applications (e.g., MBone tools) exist for transmitting video, audio and data between users. Due to the fact that they have been developed for the Internet which does not provide any Quality of Service (QoS) guarantee, these applications do not or only partially support specification of QoS requirements by the user. In addition, they all come with different user interfaces. In this paper we first discuss the problems that we experienced both atmore » the host and network levels when executing a multimedia application and varying its resource requirements. We then present the architectural details of a collaborative multimedia environment (CME) that we have been developing in order to help a user to set up and control a collaborative multimedia session.« less

  18. Modeling and Simulation of a Novel Relay Node Based Secure Routing Protocol Using Multiple Mobile Sink for Wireless Sensor Networks.

    PubMed

    Perumal, Madhumathy; Dhandapani, Sivakumar

    2015-01-01

    Data gathering and optimal path selection for wireless sensor networks (WSN) using existing protocols result in collision. Increase in collision further increases the possibility of packet drop. Thus there is a necessity to eliminate collision during data aggregation. Increasing the efficiency is the need of the hour with maximum security. This paper is an effort to come up with a reliable and energy efficient WSN routing and secure protocol with minimum delay. This technique is named as relay node based secure routing protocol for multiple mobile sink (RSRPMS). This protocol finds the rendezvous point for optimal transmission of data using a "splitting tree" technique in tree-shaped network topology and then to determine all the subsequent positions of a sink the "Biased Random Walk" model is used. In case of an event, the sink gathers the data from all sources, when they are in the sensing range of rendezvous point. Otherwise relay node is selected from its neighbor to transfer packets from rendezvous point to sink. A symmetric key cryptography is used for secure transmission. The proposed relay node based secure routing protocol for multiple mobile sink (RSRPMS) is experimented and simulation results are compared with Intelligent Agent-Based Routing (IAR) protocol to prove that there is increase in the network lifetime compared with other routing protocols.

  19. A security proof of the round-robin differential phase shift quantum key distribution protocol based on the signal disturbance

    NASA Astrophysics Data System (ADS)

    Sasaki, Toshihiko; Koashi, Masato

    2017-06-01

    The round-robin differential phase shift (RRDPS) quantum key distribution (QKD) protocol is a unique QKD protocol whose security has not been understood through an information-disturbance trade-off relation, and a sufficient amount of privacy amplification was given independently of signal disturbance. Here, we discuss the security of the RRDPS protocol in the asymptotic regime when a good estimate of the bit error rate is available as a measure of signal disturbance. The uniqueness of the RRDPS protocol shows up as a peculiar form of information-disturbance trade-off curve. When the length of a block of pulses used for encoding and the signal disturbance are both small, it provides a significantly better key rate than that from the original security proof. On the other hand, when the block length is large, the use of the signal disturbance makes little improvement in the key rate. Our analysis will bridge a gap between the RRDPS protocol and the conventional QKD protocols.

  20. Establishing rational networking using the DL04 quantum secure direct communication protocol

    NASA Astrophysics Data System (ADS)

    Qin, Huawang; Tang, Wallace K. S.; Tso, Raylin

    2018-06-01

    The first rational quantum secure direct communication scheme is proposed, in which we use the game theory with incomplete information to model the rational behavior of the participant, and give the strategy space and utility function. The rational participant can get his maximal utility when he performs the protocol faithfully, and then the Nash equilibrium of the protocol can be achieved. Compared to the traditional schemes, our scheme will be more practical in the presence of rational participant.

  1. An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System.

    PubMed

    You, Ilsun; Kwon, Soonhyun; Choudhary, Gaurav; Sharma, Vishal; Seo, Jung Taek

    2018-06-08

    The Internet of Things (IoT) utilizes algorithms to facilitate intelligent applications across cities in the form of smart-urban projects. As the majority of devices in IoT are battery operated, their applications should be facilitated with a low-power communication setup. Such facility is possible through the Low-Power Wide-Area Network (LPWAN), but at a constrained bit rate. For long-range communication over LPWAN, several approaches and protocols are adopted. One such protocol is the Long-Range Wide Area Network (LoRaWAN), which is a media access layer protocol for long-range communication between the devices and the application servers via LPWAN gateways. However, LoRaWAN comes with fewer security features as a much-secured protocol consumes more battery because of the exorbitant computational overheads. The standard protocol fails to support end-to-end security and perfect forward secrecy while being vulnerable to the replay attack that makes LoRaWAN limited in supporting applications where security (especially end-to-end security) is important. Motivated by this, an enhanced LoRaWAN security protocol is proposed, which not only provides the basic functions of connectivity between the application server and the end device, but additionally averts these listed security issues. The proposed protocol is developed with two options, the Default Option (DO) and the Security-Enhanced Option (SEO). The protocol is validated through Burrows⁻Abadi⁻Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The proposed protocol is also analyzed for overheads through system-based and low-power device-based evaluations. Further, a case study on a smart factory-enabled parking system is considered for its practical application. The results, in terms of network latency with reliability fitting and signaling overheads, show paramount improvements and better performance for the proposed protocol compared with the two

  2. Mixed integer nonlinear programming model of wireless pricing scheme with QoS attribute of bandwidth and end-to-end delay

    NASA Astrophysics Data System (ADS)

    Irmeilyana, Puspita, Fitri Maya; Indrawati

    2016-02-01

    The pricing for wireless networks is developed by considering linearity factors, elasticity price and price factors. Mixed Integer Nonlinear Programming of wireless pricing model is proposed as the nonlinear programming problem that can be solved optimally using LINGO 13.0. The solutions are expected to give some information about the connections between the acceptance factor and the price. Previous model worked on the model that focuses on bandwidth as the QoS attribute. The models attempt to maximize the total price for a connection based on QoS parameter. The QoS attributes used will be the bandwidth and the end to end delay that affect the traffic. The maximum goal to maximum price is achieved when the provider determine the requirement for the increment or decrement of price change due to QoS change and amount of QoS value.

  3. Derivation of vascular endothelial cells from human embryonic stem cells under GMP-compliant conditions: towards clinical studies in ischaemic disease.

    PubMed

    Kaupisch, A; Kennedy, L; Stelmanis, V; Tye, B; Kane, N M; Mountford, J C; Courtney, A; Baker, A H

    2012-10-01

    Revascularisation of ischaemic tissue remains an area of substantial unmet clinical need in cardiovascular disease. Strategies to induce therapeutic angiogenesis are therefore attractive. Our recent focus has been on human embryonic stem cell (hESC) strategies since hESC can be maintained in a pluripotent state or differentiated into any desired cell type, including endothelial cells (EC), under defined differentiation culture conditions. We recently published a protocol for non-good manufacturing practice (GMP) feeder- and serum-free hESC-EC-directed monolayer differentiation to vascular EC demonstrating the potential to generate hESC-derived EC in a GMP-compliant manner suitable for use in clinical trials. In this study we modified that laboratory protocol to GMP compliance. EC production was confirmed by flow cytometry, qRT-PCR and production of vascular structures in Matrigel®, yielding approximately 30 % mature VE-cadherin(+)/PECAM-1(+) cells using the GMP-compliant hESC line RC13. In conclusion, we have successfully demonstrated the production of vascular EC under GMP-compliant conditions suitable for clinical evaluation.

  4. A Generalized-Compliant-Motion Primitive

    NASA Technical Reports Server (NTRS)

    Backes, Paul G.

    1993-01-01

    Computer program bridges gap between planning and execution of compliant robotic motions developed and installed in control system of telerobot. Called "generalized-compliant-motion primitive," one of several task-execution-primitive computer programs, which receives commands from higher-level task-planning programs and executes commands by generating required trajectories and applying appropriate control laws. Program comprises four parts corresponding to nominal motion, compliant motion, ending motion, and monitoring. Written in C language.

  5. An efficient and secure certificateless authentication protocol for healthcare system on wireless medical sensor networks.

    PubMed

    Guo, Rui; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua

    2013-01-01

    Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks.

  6. An Efficient and Secure Certificateless Authentication Protocol for Healthcare System on Wireless Medical Sensor Networks

    PubMed Central

    Guo, Rui; Wen, Qiaoyan; Jin, Zhengping; Zhang, Hua

    2013-01-01

    Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks. PMID:23710147

  7. Automating Security Protocol Analysis

    DTIC Science & Technology

    2004-03-01

    language that allows easy representation of pattern interaction. Using CSP, Lowe tests whether a protocol achieves authentication. In the case of...only to correctly code whatever protocol they intend to evaluate. The tool, OCaml 3.04 [1], translates the protocol into Horn clauses and then...model protocol transactions. One example of automated modeling software is Maude [19]. Maude was the intended language for this research, but Java

  8. QoS Challenges and Opportunities in Wireless Sensor/Actuator Networks

    PubMed Central

    Xia, Feng

    2008-01-01

    A wireless sensor/actuator network (WSAN) is a group of sensors and actuators that are geographically distributed and interconnected by wireless networks. Sensors gather information about the state of physical world. Actuators react to this information by performing appropriate actions. WSANs thus enable cyber systems to monitor and manipulate the behavior of the physical world. WSANs are growing at a tremendous pace, just like the exploding evolution of Internet. Supporting quality of service (QoS) will be of critical importance for pervasive WSANs that serve as the network infrastructure of diverse applications. To spark new research and development interests in this field, this paper examines and discusses the requirements, critical challenges, and open research issues on QoS management in WSANs. A brief overview of recent progress is given. PMID:27879755

  9. QoS Negotiation in Real-Time Systems and its Application to Automated Flight Control

    DTIC Science & Technology

    2000-11-01

    QoS Negotiation in Real - Time Systems and Its Application to Automated Flight Control Tarek F. Abdelzaher, Member, IEEE, Ella M. Atkins, Member, IEEE...been committed to those that arrived earlier. In hard- real - time systems , a static analysis may be performed to guarantee a priori that all requests be...DATE 2000 2. REPORT TYPE 3. DATES COVERED 00-00-2000 to 00-00-2000 4. TITLE AND SUBTITLE QoS Negotiation in Real - Time Systems and its

  10. Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment.

    PubMed

    Das, Ashok Kumar; Wazid, Mohammad; Kumar, Neeraj; Khan, Muhammad Khurram; Choo, Kim-Kwang Raymond; Park, YoungHo

    2017-09-18

    Wearable devices are used in various applications to collect information including step information, sleeping cycles, workout statistics, and health related information. Due to the nature and richness of the data collected by such devices, it is important to ensure the security of the collected data. This paper presents a new lightweight authentication scheme suitable for wearable device deployment. The scheme allows a user to mutually authenticate his/her wearable device(s) and the mobile terminal (e.g., Android and iOS device) and establish a session key among these devices (worn and carried by the same user) for secure communication between the wearable device and the mobile terminal. The security of the proposed scheme is then demonstrated through the broadly-accepted Real-Or-Random model, as well as using the popular formal security verification tool, known as the Automated Validation of Internet Security Protocols and Applications (AVISPA). Finally, we present a comparative summary of the proposed scheme in terms of the overheads such as computation and communication costs, security and functionality features of the proposed scheme and related schemes, and also the evaluation findings from the NS2 simulation.

  11. Mapping of multiple parameter m-health scenarios to mobile WiMAX QoS variables.

    PubMed

    Alinejad, Ali; Philip, N; Istepanian, R S H

    2011-01-01

    Multiparameter m-health scenarios with bandwidth demanding requirements will be one of key applications in future 4 G mobile communication systems. These applications will potentially require specific spectrum allocations with higher quality of service requirements. Furthermore, one of the key 4 G technologies targeting m-health will be medical applications based on WiMAX systems. Hence, it is timely to evaluate such multiple parametric m-health scenarios over mobile WiMAX networks. In this paper, we address the preliminary performance analysis of mobile WiMAX network for multiparametric telemedical scenarios. In particular, we map the medical QoS to typical WiMAX QoS parameters to optimise the performance of these parameters in typical m-health scenario. Preliminary performance analyses of the proposed multiparametric scenarios are evaluated to provide essential information for future medical QoS requirements and constraints in these telemedical network environments.

  12. Controlled quantum secure communication protocol with single photons in both polarization and spatial-mode degrees of freedom

    NASA Astrophysics Data System (ADS)

    Wang, Lili; Ma, Wenping

    2016-02-01

    In this paper, we propose a new controlled quantum secure direct communication (CQSDC) protocol with single photons in both polarization and spatial-mode degrees of freedom. Based on the defined local collective unitary operations, the sender’s secret messages can be transmitted directly to the receiver through encoding secret messages on the particles. Only with the help of the third side, the receiver can reconstruct the secret messages. Each single photon in two degrees of freedom can carry two bits of information, so the cost of our protocol is less than others using entangled qubits. Moreover, the security of our QSDC network protocol is discussed comprehensively. It is shown that our new CQSDC protocol cannot only defend the outsider eavesdroppers’ several sorts of attacks but also the inside attacks. Besides, our protocol is feasible since the preparation and the measurement of single photon quantum states in both the polarization and the spatial-mode degrees of freedom are available with current quantum techniques.

  13. A secure protocol for protecting the identity of providers when disclosing data for disease surveillance

    PubMed Central

    Hu, Jun; Mercer, Jay; Peyton, Liam; Kantarcioglu, Murat; Malin, Bradley; Buckeridge, David; Samet, Saeed; Earle, Craig

    2011-01-01

    Background Providers have been reluctant to disclose patient data for public-health purposes. Even if patient privacy is ensured, the desire to protect provider confidentiality has been an important driver of this reluctance. Methods Six requirements for a surveillance protocol were defined that satisfy the confidentiality needs of providers and ensure utility to public health. The authors developed a secure multi-party computation protocol using the Paillier cryptosystem to allow the disclosure of stratified case counts and denominators to meet these requirements. The authors evaluated the protocol in a simulated environment on its computation performance and ability to detect disease outbreak clusters. Results Theoretical and empirical assessments demonstrate that all requirements are met by the protocol. A system implementing the protocol scales linearly in terms of computation time as the number of providers is increased. The absolute time to perform the computations was 12.5 s for data from 3000 practices. This is acceptable performance, given that the reporting would normally be done at 24 h intervals. The accuracy of detection disease outbreak cluster was unchanged compared with a non-secure distributed surveillance protocol, with an F-score higher than 0.92 for outbreaks involving 500 or more cases. Conclusion The protocol and associated software provide a practical method for providers to disclose patient data for sentinel, syndromic or other indicator-based surveillance while protecting patient privacy and the identity of individual providers. PMID:21486880

  14. Data port security lock

    DOEpatents

    Quinby, Joseph D [Albuquerque, NM; Hall, Clarence S [Albuquerque, NM

    2008-06-24

    In a security apparatus for securing an electrical connector, a plug may be fitted for insertion into a connector receptacle compliant with a connector standard. The plug has at least one aperture adapted to engage at least one latch in the connector receptacle. An engagement member is adapted to partially extend through at least one aperture and lock to at least one structure within the connector receptacle.

  15. Simple algorithm for improved security in the FDDI protocol

    NASA Astrophysics Data System (ADS)

    Lundy, G. M.; Jones, Benjamin

    1993-02-01

    We propose a modification to the Fiber Distributed Data Interface (FDDI) protocol based on a simple algorithm which will improve confidential communication capability. This proposed modification provides a simple and reliable system which exploits some of the inherent security properties in a fiber optic ring network. This method differs from conventional methods in that end to end encryption can be facilitated at the media access control sublayer of the data link layer in the OSI network model. Our method is based on a variation of the bit stream cipher method. The transmitting station takes the intended confidential message and uses a simple modulo two addition operation against an initialization vector. The encrypted message is virtually unbreakable without the initialization vector. None of the stations on the ring will have access to both the encrypted message and the initialization vector except the transmitting and receiving stations. The generation of the initialization vector is unique for each confidential transmission and thus provides a unique approach to the key distribution problem. The FDDI protocol is of particular interest to the military in terms of LAN/MAN implementations. Both the Army and the Navy are considering the standard as the basis for future network systems. A simple and reliable security mechanism with the potential to support realtime communications is a necessary consideration in the implementation of these systems. The proposed method offers several advantages over traditional methods in terms of speed, reliability, and standardization.

  16. Secured Communication for Business Process Outsourcing Using Optimized Arithmetic Cryptography Protocol Based on Virtual Parties

    NASA Astrophysics Data System (ADS)

    Pathak, Rohit; Joshi, Satyadhar

    Within a span of over a decade, India has become one of the most favored destinations across the world for Business Process Outsourcing (BPO) operations. India has rapidly achieved the status of being the most preferred destination for BPO for companies located in the US and Europe. Security and privacy are the two major issues needed to be addressed by the Indian software industry to have an increased and long-term outsourcing contract from the US. Another important issue is about sharing employee’s information to ensure that data and vital information of an outsourcing company is secured and protected. To ensure that the confidentiality of a client’s information is maintained, BPOs need to implement some data security measures. In this paper, we propose a new protocol for specifically for BPO Secure Multi-Party Computation (SMC). As there are many computations and surveys which involve confidential data from many parties or organizations and the concerned data is property of the organization, preservation and security of this data is of prime importance for such type of computations. Although the computation requires data from all the parties, but none of the associated parties would want to reveal their data to the other parties. We have proposed a new efficient and scalable protocol to perform computation on encrypted information. The information is encrypted in a manner that it does not affect the result of the computation. It uses modifier tokens which are distributed among virtual parties, and finally used in the computation. The computation function uses the acquired data and modifier tokens to compute right result from the encrypted data. Thus without revealing the data, right result can be computed and privacy of the parties is maintained. We have given a probabilistic security analysis of hacking the protocol and shown how zero hacking security can be achieved. Also we have analyzed the specific case of Indian BPO.

  17. Generic framework for the secure Yuen 2000 quantum-encryption protocol employing the wire-tap channel approach

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Mihaljevic, Miodrag J.

    2007-05-15

    It is shown that the security, against known-plaintext attacks, of the Yuen 2000 (Y00) quantum-encryption protocol can be considered via the wire-tap channel model assuming that the heterodyne measurement yields the sample for security evaluation. Employing the results reported on the wire-tap channel, a generic framework is proposed for developing secure Y00 instantiations. The proposed framework employs a dedicated encoding which together with inherent quantum noise at the attacker's side provides Y00 security.

  18. Design and Analysis of Optimization Algorithms to Minimize Cryptographic Processing in BGP Security Protocols.

    PubMed

    Sriram, Vinay K; Montgomery, Doug

    2017-07-01

    The Internet is subject to attacks due to vulnerabilities in its routing protocols. One proposed approach to attain greater security is to cryptographically protect network reachability announcements exchanged between Border Gateway Protocol (BGP) routers. This study proposes and evaluates the performance and efficiency of various optimization algorithms for validation of digitally signed BGP updates. In particular, this investigation focuses on the BGPSEC (BGP with SECurity extensions) protocol, currently under consideration for standardization in the Internet Engineering Task Force. We analyze three basic BGPSEC update processing algorithms: Unoptimized, Cache Common Segments (CCS) optimization, and Best Path Only (BPO) optimization. We further propose and study cache management schemes to be used in conjunction with the CCS and BPO algorithms. The performance metrics used in the analyses are: (1) routing table convergence time after BGPSEC peering reset or router reboot events and (2) peak-second signature verification workload. Both analytical modeling and detailed trace-driven simulation were performed. Results show that the BPO algorithm is 330% to 628% faster than the unoptimized algorithm for routing table convergence in a typical Internet core-facing provider edge router.

  19. Effectiveness of AODV Protocol under Hidden Node Environment

    NASA Astrophysics Data System (ADS)

    Garg, Ruchi; Sharma, Himanshu; Kumar, Sumit

    IEEE 802.11 is a standard for mobile ad hoc networks (MANET), implemented with various different protocols. Ad Hoc on Demand Distance Vector Routing (AODV) is one of the several protocols of IEEE 802.11, intended to provide various Quality of Service (QOS) parameters under acceptable range. To avoid the collision and interference the MAC protocol has only two solutions, one, to sense the physical carrier and second, to use the RTS/CTS handshake mechanism. But with the help of these methods AODV is not free from the problem of hidden nodes like other several protocols. Under the hidden node environment, performance of AODV depends upon various factors. The position of receiver and sender among the other nodes is very crucial and it affects the performance. Under the various situations the AODV is simulated with the help of NS2 and the outcomes are discussed.

  20. Compliant walker

    NASA Technical Reports Server (NTRS)

    Kerley, James J. (Inventor); Eklund, Wayne D. (Inventor); Crane, J. Allen (Inventor)

    1992-01-01

    A compliant walker is provided for humans having limited use of their legs and lower back. It includes an upright wheel frame which at least partially surrounds an upright user wearing a partial body harness. It is attached to the frame by means of cable compliant apparatus consisting of sets of cable segments and angle bracket members connected between opposite side members of the frame and adjacent side portions of the harness. Novelty is believed to exist in the combination of a wheeled frame including a side support structure, a body harness, and compliance means connecting the body harness to the side support structure for flexibility holding and supporting a person in a substantially upright position when the user sags in the frame when taking weight off the lower extremities.

  1. Energy Efficient and QoS sensitive Routing Protocol for Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Saeed Tanoli, Tariq; Khalid Khan, Muhammad

    2013-12-01

    Efficient routing is an important part of wireless ad hoc networks. Since in ad hoc networks we have limited resources, there are many limitations like bandwidth, battery consumption, and processing cycle etc. Reliability is also necessary since there is no allowance for invalid or incomplete information (and expired data is useless). There are various protocols that perform routing by considering one parameter but ignoring other parameters. In this paper we present a protocol that finds route on the basis of bandwidth, energy and mobility of the nodes participating in the communication.

  2. Optimizing Multiple QoS for Workflow Applications using PSO and Min-Max Strategy

    NASA Astrophysics Data System (ADS)

    Umar Ambursa, Faruku; Latip, Rohaya; Abdullah, Azizol; Subramaniam, Shamala

    2017-08-01

    Workflow scheduling under multiple QoS constraints is a complicated optimization problem. Metaheuristic techniques are excellent approaches used in dealing with such problem. Many metaheuristic based algorithms have been proposed, that considers various economic and trustworthy QoS dimensions. However, most of these approaches lead to high violation of user-defined QoS requirements in tight situation. Recently, a new Particle Swarm Optimization (PSO)-based QoS-aware workflow scheduling strategy (LAPSO) is proposed to improve performance in such situations. LAPSO algorithm is designed based on synergy between a violation handling method and a hybrid of PSO and min-max heuristic. Simulation results showed a great potential of LAPSO algorithm to handling user requirements even in tight situations. In this paper, the performance of the algorithm is anlysed further. Specifically, the impact of the min-max strategy on the performance of the algorithm is revealed. This is achieved by removing the violation handling from the operation of the algorithm. The results show that LAPSO based on only the min-max method still outperforms the benchmark, even though the LAPSO with the violation handling performs more significantly better.

  3. Security of a discretely signaled continuous variable quantum key distribution protocol for high rate systems.

    PubMed

    Zhang, Zheshen; Voss, Paul L

    2009-07-06

    We propose a continuous variable based quantum key distribution protocol that makes use of discretely signaled coherent light and reverse error reconciliation. We present a rigorous security proof against collective attacks with realistic lossy, noisy quantum channels, imperfect detector efficiency, and detector electronic noise. This protocol is promising for convenient, high-speed operation at link distances up to 50 km with the use of post-selection.

  4. Finite-key security analyses on passive decoy-state QKD protocols with different unstable sources.

    PubMed

    Song, Ting-Ting; Qin, Su-Juan; Wen, Qiao-Yan; Wang, Yu-Kun; Jia, Heng-Yue

    2015-10-16

    In quantum communication, passive decoy-state QKD protocols can eliminate many side channels, but the protocols without any finite-key analyses are not suitable for in practice. The finite-key securities of passive decoy-state (PDS) QKD protocols with two different unstable sources, type-II parametric down-convention (PDC) and phase randomized weak coherent pulses (WCPs), are analyzed in our paper. According to the PDS QKD protocols, we establish an optimizing programming respectively and obtain the lower bounds of finite-key rates. Under some reasonable values of quantum setup parameters, the lower bounds of finite-key rates are simulated. The simulation results show that at different transmission distances, the affections of different fluctuations on key rates are different. Moreover, the PDS QKD protocol with an unstable PDC source can resist more intensity fluctuations and more statistical fluctuation.

  5. Finite-key security analyses on passive decoy-state QKD protocols with different unstable sources

    PubMed Central

    Song, Ting-Ting; Qin, Su-Juan; Wen, Qiao-Yan; Wang, Yu-Kun; Jia, Heng-Yue

    2015-01-01

    In quantum communication, passive decoy-state QKD protocols can eliminate many side channels, but the protocols without any finite-key analyses are not suitable for in practice. The finite-key securities of passive decoy-state (PDS) QKD protocols with two different unstable sources, type-II parametric down-convention (PDC) and phase randomized weak coherent pulses (WCPs), are analyzed in our paper. According to the PDS QKD protocols, we establish an optimizing programming respectively and obtain the lower bounds of finite-key rates. Under some reasonable values of quantum setup parameters, the lower bounds of finite-key rates are simulated. The simulation results show that at different transmission distances, the affections of different fluctuations on key rates are different. Moreover, the PDS QKD protocol with an unstable PDC source can resist more intensity fluctuations and more statistical fluctuation. PMID:26471947

  6. A Provably Secure RFID Authentication Protocol Based on Elliptic Curve for Healthcare Environments.

    PubMed

    Farash, Mohammad Sabzinejad; Nawaz, Omer; Mahmood, Khalid; Chaudhry, Shehzad Ashraf; Khan, Muhammad Khurram

    2016-07-01

    To enhance the quality of healthcare in the management of chronic disease, telecare medical information systems have increasingly been used. Very recently, Zhang and Qi (J. Med. Syst. 38(5):47, 32), and Zhao (J. Med. Syst. 38(5):46, 33) separately proposed two authentication schemes for telecare medical information systems using radio frequency identification (RFID) technology. They claimed that their protocols achieve all security requirements including forward secrecy. However, this paper demonstrates that both Zhang and Qi's scheme, and Zhao's scheme could not provide forward secrecy. To augment the security, we propose an efficient RFID authentication scheme using elliptic curves for healthcare environments. The proposed RFID scheme is secure under common random oracle model.

  7. Hand forces exerted by long-term care staff when pushing wheelchairs on compliant and non-compliant flooring.

    PubMed

    Lachance, Chantelle C; Korall, Alexandra M B; Russell, Colin M; Feldman, Fabio; Robinovitch, Stephen N; Mackey, Dawn C

    2018-09-01

    Purpose-designed compliant flooring and carpeting have been promoted as a means for reducing fall-related injuries in high-risk environments, such as long-term care. However, it is not known whether these surfaces influence the forces that long-term care staff exert when pushing residents in wheelchairs. We studied 14 direct-care staff who pushed a loaded wheelchair instrumented with a triaxial load cell to test the effects on hand force of flooring overlay (vinyl versus carpet) and flooring subfloor (concrete versus compliant rubber [brand: SmartCells]). During straight-line pushing, carpet overlay increased initial and sustained hand forces compared to vinyl overlay by 22-49% over a concrete subfloor and by 8-20% over a compliant subfloor. Compliant subflooring increased initial and sustained hand forces compared to concrete subflooring by 18-31% when under a vinyl overlay. In contrast, compliant flooring caused no change in initial or sustained hand forces compared to concrete subflooring when under a carpet overlay. Copyright © 2018 Elsevier Ltd. All rights reserved.

  8. An Adaptive QoS Routing Solution for MANET Based Multimedia Communications in Emergency Cases

    NASA Astrophysics Data System (ADS)

    Ramrekha, Tipu Arvind; Politis, Christos

    The Mobile Ad hoc Networks (MANET) is a wireless network deprived of any fixed central authoritative routing entity. It relies entirely on collaborating nodes forwarding packets from source to destination. This paper describes the design, implementation and performance evaluation of CHAMELEON, an adaptive Quality of Service (QoS) routing solution, with improved delay and jitter performances, enabling multimedia communication for MANETs in extreme emergency situations such as forest fire and terrorist attacks as defined in the PEACE project. CHAMELEON is designed to adapt its routing behaviour according to the size of a MANET. The reactive Ad Hoc on-Demand Distance Vector Routing (AODV) and proactive Optimized Link State Routing (OLSR) protocols are deemed appropriate for CHAMELEON through their performance evaluation in terms of delay and jitter for different MANET sizes in a building fire emergency scenario. CHAMELEON is then implemented in NS-2 and evaluated similarly. The paper concludes with a summary of findings so far and intended future work.

  9. Live chat alternative security protocol

    NASA Astrophysics Data System (ADS)

    Rahman, J. P. R.; Nugraha, E.; Febriany, A.

    2018-05-01

    Indonesia is one of the largest e-commerce markets in Southeast Asia, as many as 5 million people do transactions in e-commerce, therefore more and more people use live chat service to communicate with customer service. In live chat, the customer service often asks customers’ data such as, full name, address, e-mail, transaction id, which aims to verify the purchase of the product. One of the risks that will happen is sniffing which will lead to the theft of confidential information that will cause huge losses to the customer. The anticipation that will be done is build an alternative security protocol for user interaction in live chat by using a cryptographic algorithm that is useful for protecting confidential messages. Live chat requires confidentiality and data integration with encryption and hash functions. The used algorithm are Rijndael 256 bits, RSA, and SHA256. To increase the complexity, the Rijndael algorithm will be modified in the S-box and ShiftRow sections based on the shannon principle rule, the results show that all pass the Randomness test, but the modification in Shiftrow indicates a better avalanche effect. Therefore the message will be difficult to be stolen or changed.

  10. IDMA-Based MAC Protocol for Satellite Networks with Consideration on Channel Quality

    PubMed Central

    2014-01-01

    In order to overcome the shortcomings of existing medium access control (MAC) protocols based on TDMA or CDMA in satellite networks, interleave division multiple access (IDMA) technique is introduced into satellite communication networks. Therefore, a novel wide-band IDMA MAC protocol based on channel quality is proposed in this paper, consisting of a dynamic power allocation algorithm, a rate adaptation algorithm, and a call admission control (CAC) scheme. Firstly, the power allocation algorithm combining the technique of IDMA SINR-evolution and channel quality prediction is developed to guarantee high power efficiency even in terrible channel conditions. Secondly, the effective rate adaptation algorithm, based on accurate channel information per timeslot and by the means of rate degradation, can be realized. What is more, based on channel quality prediction, the CAC scheme, combining the new power allocation algorithm, rate scheduling, and buffering strategies together, is proposed for the emerging IDMA systems, which can support a variety of traffic types, and offering quality of service (QoS) requirements corresponding to different priority levels. Simulation results show that the new wide-band IDMA MAC protocol can make accurate estimation of available resource considering the effect of multiuser detection (MUD) and QoS requirements of multimedia traffic, leading to low outage probability as well as high overall system throughput. PMID:25126592

  11. A Near-Optimal Distributed QoS Constrained Routing Algorithm for Multichannel Wireless Sensor Networks

    PubMed Central

    Lin, Frank Yeong-Sung; Hsiao, Chiu-Han; Yen, Hong-Hsu; Hsieh, Yu-Jen

    2013-01-01

    One of the important applications in Wireless Sensor Networks (WSNs) is video surveillance that includes the tasks of video data processing and transmission. Processing and transmission of image and video data in WSNs has attracted a lot of attention in recent years. This is known as Wireless Visual Sensor Networks (WVSNs). WVSNs are distributed intelligent systems for collecting image or video data with unique performance, complexity, and quality of service challenges. WVSNs consist of a large number of battery-powered and resource constrained camera nodes. End-to-end delay is a very important Quality of Service (QoS) metric for video surveillance application in WVSNs. How to meet the stringent delay QoS in resource constrained WVSNs is a challenging issue that requires novel distributed and collaborative routing strategies. This paper proposes a Near-Optimal Distributed QoS Constrained (NODQC) routing algorithm to achieve an end-to-end route with lower delay and higher throughput. A Lagrangian Relaxation (LR)-based routing metric that considers the “system perspective” and “user perspective” is proposed to determine the near-optimal routing paths that satisfy end-to-end delay constraints with high system throughput. The empirical results show that the NODQC routing algorithm outperforms others in terms of higher system throughput with lower average end-to-end delay and delay jitter. In this paper, for the first time, the algorithm shows how to meet the delay QoS and at the same time how to achieve higher system throughput in stringently resource constrained WVSNs.

  12. Compliant Interfacial Layers in Thermoelectric Devices

    NASA Technical Reports Server (NTRS)

    Firdosy, Samad A. (Inventor); Li, Billy Chun-Yip (Inventor); Ravi, Vilupanur A. (Inventor); Fleurial, Jean-Pierre (Inventor); Caillat, Thierry (Inventor); Anjunyan, Harut (Inventor)

    2017-01-01

    A thermoelectric power generation device is disclosed using one or more mechanically compliant and thermally and electrically conductive layers at the thermoelectric material interfaces to accommodate high temperature differentials and stresses induced thereby. The compliant material may be metal foam or metal graphite composite (e.g. using nickel) and is particularly beneficial in high temperature thermoelectric generators employing Zintl thermoelectric materials. The compliant material may be disposed between the thermoelectric segments of the device or between a thermoelectric segment and the hot or cold side interconnect of the device.

  13. Dynamic quality of service model for improving performance of multimedia real-time transmission in industrial networks.

    PubMed

    Gopalakrishnan, Ravichandran C; Karunakaran, Manivannan

    2014-01-01

    Nowadays, quality of service (QoS) is very popular in various research areas like distributed systems, multimedia real-time applications and networking. The requirements of these systems are to satisfy reliability, uptime, security constraints and throughput as well as application specific requirements. The real-time multimedia applications are commonly distributed over the network and meet various time constraints across networks without creating any intervention over control flows. In particular, video compressors make variable bit-rate streams that mismatch the constant-bit-rate channels typically provided by classical real-time protocols, severely reducing the efficiency of network utilization. Thus, it is necessary to enlarge the communication bandwidth to transfer the compressed multimedia streams using Flexible Time Triggered- Enhanced Switched Ethernet (FTT-ESE) protocol. FTT-ESE provides automation to calculate the compression level and change the bandwidth of the stream. This paper focuses on low-latency multimedia transmission over Ethernet with dynamic quality-of-service (QoS) management. This proposed framework deals with a dynamic QoS for multimedia transmission over Ethernet with FTT-ESE protocol. This paper also presents distinct QoS metrics based both on the image quality and network features. Some experiments with recorded and live video streams show the advantages of the proposed framework. To validate the solution we have designed and implemented a simulator based on the Matlab/Simulink, which is a tool to evaluate different network architecture using Simulink blocks.

  14. Deterministic Secure Quantum Communication and Authentication Protocol based on Extended GHZ-W State and Quantum One-time Pad

    NASA Astrophysics Data System (ADS)

    Li, Na; Li, Jian; Li, Lei-Lei; Wang, Zheng; Wang, Tao

    2016-08-01

    A deterministic secure quantum communication and authentication protocol based on extended GHZ-W state and quantum one-time pad is proposed. In the protocol, state | φ -> is used as the carrier. One photon of | φ -> state is sent to Alice, and Alice obtains a random key by measuring photons with bases determined by ID. The information of bases is secret to others except Alice and Bob. Extended GHZ-W states are used as decoy photons, the positions of which in information sequence are encoded with identity string ID of the legal user, and the eavesdropping detection rate reaches 81%. The eavesdropping detection based on extended GHZ-W state combines with authentication and the secret ID ensures the security of the protocol.

  15. Environmentally Compliant Coating Remover Evaluation

    DTIC Science & Technology

    2012-08-30

    22 9 Total of 491 products evaluated 7 Background • Many DoD depainting operations currently use environmentally compliant peroxide -assisted... benzyl alcohol strippers • These strippers have acceptable coating removal rates with minimal physical damage to metallic substrates • However, several...Coatings • Environmentally compliant benzyl alcohol product • Passed corrosion testing conducted by SMI in 2011 11 Laboratory Testing Scope

  16. GUI implementation of image encryption and decryption using Open CV-Python script on secured TFTP protocol

    NASA Astrophysics Data System (ADS)

    Reddy, K. Rasool; Rao, Ch. Madhava

    2018-04-01

    Currently safety is one of the primary concerns in the transmission of images due to increasing the use of images within the industrial applications. So it's necessary to secure the image facts from unauthorized individuals. There are various strategies are investigated to secure the facts. In that encryption is certainly one of maximum distinguished method. This paper gives a sophisticated Rijndael (AES) algorithm to shield the facts from unauthorized humans. Here Exponential Key Change (EKE) concept is also introduced to exchange the key between client and server. The things are exchange in a network among client and server through a simple protocol is known as Trivial File Transfer Protocol (TFTP). This protocol is used mainly in embedded servers to transfer the data and also provide protection to the data if protection capabilities are integrated. In this paper, implementing a GUI environment for image encryption and decryption. All these experiments carried out on Linux environment the usage of Open CV-Python script.

  17. Dynamic Hop Service Differentiation Model for End-to-End QoS Provisioning in Multi-Hop Wireless Networks

    NASA Astrophysics Data System (ADS)

    Youn, Joo-Sang; Seok, Seung-Joon; Kang, Chul-Hee

    This paper presents a new QoS model for end-to-end service provisioning in multi-hop wireless networks. In legacy IEEE 802.11e based multi-hop wireless networks, the fixed assignment of service classes according to flow's priority at every node causes priority inversion problem when performing end-to-end service differentiation. Thus, this paper proposes a new QoS provisioning model called Dynamic Hop Service Differentiation (DHSD) to alleviate the problem and support effective service differentiation between end-to-end nodes. Many previous works for QoS model through the 802.11e based service differentiation focus on packet scheduling on several service queues with different service rate and service priority. Our model, however, concentrates on a dynamic class selection scheme, called Per Hop Class Assignment (PHCA), in the node's MAC layer, which selects a proper service class for each packet, in accordance with queue states and service requirement, in every node along the end-to-end route of the packet. The proposed QoS solution is evaluated using the OPNET simulator. The simulation results show that the proposed model outperforms both best-effort and 802.11e based strict priority service models in mobile ad hoc environments.

  18. Reducing software security risk through an integrated approach research initiative model based verification of the Secure Socket Layer (SSL) Protocol

    NASA Technical Reports Server (NTRS)

    Powell, John D.

    2003-01-01

    This document discusses the verification of the Secure Socket Layer (SSL) communication protocol as a demonstration of the Model Based Verification (MBV) portion of the verification instrument set being developed under the Reducing Software Security Risk (RSSR) Trough an Integrated Approach research initiative. Code Q of the National Aeronautics and Space Administration (NASA) funds this project. The NASA Goddard Independent Verification and Validation (IV&V) facility manages this research program at the NASA agency level and the Assurance Technology Program Office (ATPO) manages the research locally at the Jet Propulsion Laboratory (California institute of Technology) where the research is being carried out.

  19. DICOM image secure communications with Internet protocols IPv6 and IPv4.

    PubMed

    Zhang, Jianguo; Yu, Fenghai; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen

    2007-01-01

    Image-data transmission from one site to another through public network is usually characterized in term of privacy, authenticity, and integrity. In this paper, we first describe a general scenario about how image is delivered from one site to another through a wide-area network (WAN) with security features of data privacy, integrity, and authenticity. Second, we give the common implementation method of the digital imaging and communication in medicine (DICOM) image communication software library with IPv6/IPv4 for high-speed broadband Internet by using open-source software. Third, we discuss two major security-transmission methods, the IP security (IPSec) and the secure-socket layer (SSL) or transport-layer security (TLS), being used currently in medical-image-data communication with privacy support. Fourth, we describe a test schema of multiple-modality DICOM-image communications through TCP/IPv4 and TCP/IPv6 with different security methods, different security algorithms, and operating systems, and evaluate the test results. We found that there are tradeoff factors between choosing the IPsec and the SSL/TLS-based security implementation of IPv6/IPv4 protocols. If the WAN networks only use IPv6 such as in high-speed broadband Internet, the choice is IPsec-based security. If the networks are IPv4 or the combination of IPv6 and IPv4, it is better to use SSL/TLS security. The Linux platform has more security algorithms implemented than the Windows (XP) platform, and can achieve better performance in most experiments of IPv6 and IPv4-based DICOM-image communications. In teleradiology or enterprise-PACS applications, the Linux operating system may be the better choice as peer security gateways for both the IPsec and the SSL/TLS-based secure DICOM communications cross public networks.

  20. Protocol and the post-human performativity of security techniques.

    PubMed

    O'Grady, Nathaniel

    2016-07-01

    This article explores the deployment of exercises by the United Kingdom Fire and Rescue Service. Exercises stage, simulate and act out potential future emergencies and in so doing help the Fire and Rescue Service prepare for future emergencies. Specifically, exercises operate to assess and develop protocol; sets of guidelines which plan out the actions undertaken by the Fire and Rescue Service in responding to a fire. In the article I outline and assess the forms of knowledge and technologies, what I call the 'aesthetic forces', by which the exercise makes present and imagines future emergencies. By critically engaging with Karen Barad's notion of post-human performativity, I argue that exercises provide a site where such forces can entangle with one another; creating a bricolage through which future emergencies are evoked sensually and representatively, ultimately making it possible to experience emergencies in the present. This understanding of exercises allows also for critical appraisal of protocol both as phenomena that are produced through the enmeshing of different aesthetic forces and as devices which premise the operation of the security apparatus on contingency.

  1. Security Implications of OPC, OLE, DCOM, and RPC in Control Systems

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Not Available

    2006-01-01

    OPC is a collection of software programming standards and interfaces used in the process control industry. It is intended to provide open connectivity and vendor equipment interoperability. The use of OPC technology simplifies the development of control systems that integrate components from multiple vendors and support multiple control protocols. OPC-compliant products are available from most control system vendors, and are widely used in the process control industry. OPC was originally known as OLE for Process Control; the first standards for OPC were based on underlying services in the Microsoft Windows computing environment. These underlying services (OLE [Object Linking and Embedding],more » DCOM [Distributed Component Object Model], and RPC [Remote Procedure Call]) have been the source of many severe security vulnerabilities. It is not feasible to automatically apply vendor patches and service packs to mitigate these vulnerabilities in a control systems environment. Control systems using the original OPC data access technology can thus inherit the vulnerabilities associated with these services. Current OPC standardization efforts are moving away from the original focus on Microsoft protocols, with a distinct trend toward web-based protocols that are independent of any particular operating system. However, the installed base of OPC equipment consists mainly of legacy implementations of the OLE for Process Control protocols.« less

  2. How to measure the QoS of a web-based EHRs system: development of an instrument.

    PubMed

    de la Torre-Díez, Isabel; López-Coronado, Miguel; Rodrigues, Joel J P C

    2012-12-01

    The quality of service (QoS) can be treated as a set of concepts whose satisfaction/dissatisfaction generates a global positive/negative vision about the service provided by any application. The different nature of the services and its features require an analysis of the factors that have the greatest influence on the users' opinion and, therefore, measuring the quality of service in each application requires a specific instrument. This paper will introduce an instrument to measure the QoS offered to users by a general Web application for Electronic Health Records (EHRs). The collection of opinions from a pilot sample and the performance of an explanatory factor analysis will bring together the factors that best sum up the quality of an EHRs application. Subsequently, a confirmatory factor analysis will be performed to make the study reliable and, as its name suggests, to confirm that indeed the structure of the instrument developed measures the QoS in accordance with the requirements of the users.

  3. Double C-NOT attack and counterattack on `Three-step semi-quantum secure direct communication protocol'

    NASA Astrophysics Data System (ADS)

    Gu, Jun; Lin, Po-hua; Hwang, Tzonelih

    2018-07-01

    Recently, Zou and Qiu (Sci China Phys Mech Astron 57:1696-1702, 2014) proposed a three-step semi-quantum secure direct communication protocol allowing a classical participant who does not have a quantum register to securely send his/her secret message to a quantum participant. However, this study points out that an eavesdropper can use the double C-NOT attack to obtain the secret message. To solve this problem, a modification is proposed.

  4. Design of 3D-Printed Titanium Compliant Mechanisms

    NASA Technical Reports Server (NTRS)

    Merriam, Ezekiel G.; Jones, Jonathan E.; Howell, Larry L.

    2014-01-01

    This paper describes 3D-printed titanium compliant mechanisms for aerospace applications. It is meant as a primer to help engineers design compliant, multi-axis, printed parts that exhibit high performance. Topics covered include brief introductions to both compliant mechanism design and 3D printing in titanium, material and geometry considerations for 3D printing, modeling techniques, and case studies of both successful and unsuccessful part geometries. Key findings include recommended flexure geometries, minimum thicknesses, and general design guidelines for compliant printed parts that may not be obvious to the first time designer.

  5. Drag reduction through self-texturing compliant bionic materials

    PubMed Central

    Liu, Eryong; Li, Longyang; Wang, Gang; Zeng, Zhixiang; Zhao, Wenjie; Xue, Qunji

    2017-01-01

    Compliant fish skin is effectively in reducing drag, thus the design and application of compliant bionic materials may be a good choice for drag reduction. Here we consider the drag reduction of compliant bionic materials. First, ZnO and PDMS mesh modified with n-octadecane were prepared, the drag reduction of self-texturing compliant n-octadecane were studied. The results show that the mesh modified by ZnO and PDMS possess excellent lipophilic and hydrophobic, thus n-octadecane at solid, semisolid and liquid state all have good adhesion with modified mesh. The states of n-octadecane changed with temperature, thus, the surface contact angle and adhesive force all varies obviously at different state. The contact angle decreases with temperature, the adhesive force shows a lower value at semisolid state. Furthermore, the drag testing results show that the compliant n-octadecane film is more effectively in drag reduction than superhydrophobic ZnO/PDMS film, indicating that the drag reduction mechanism of n-octadecane is significantly different with superhydrophobic film. Further research shows that the water flow leads to self-texturing of semisolid state n-octadecane, which is similar with compliant fish skin. Therefore, the compliant bionic materials of semisolid state n-octadecane with regular bulge plays a major role in the drag reduction. PMID:28053309

  6. Drag reduction through self-texturing compliant bionic materials.

    PubMed

    Liu, Eryong; Li, Longyang; Wang, Gang; Zeng, Zhixiang; Zhao, Wenjie; Xue, Qunji

    2017-01-05

    Compliant fish skin is effectively in reducing drag, thus the design and application of compliant bionic materials may be a good choice for drag reduction. Here we consider the drag reduction of compliant bionic materials. First, ZnO and PDMS mesh modified with n-octadecane were prepared, the drag reduction of self-texturing compliant n-octadecane were studied. The results show that the mesh modified by ZnO and PDMS possess excellent lipophilic and hydrophobic, thus n-octadecane at solid, semisolid and liquid state all have good adhesion with modified mesh. The states of n-octadecane changed with temperature, thus, the surface contact angle and adhesive force all varies obviously at different state. The contact angle decreases with temperature, the adhesive force shows a lower value at semisolid state. Furthermore, the drag testing results show that the compliant n-octadecane film is more effectively in drag reduction than superhydrophobic ZnO/PDMS film, indicating that the drag reduction mechanism of n-octadecane is significantly different with superhydrophobic film. Further research shows that the water flow leads to self-texturing of semisolid state n-octadecane, which is similar with compliant fish skin. Therefore, the compliant bionic materials of semisolid state n-octadecane with regular bulge plays a major role in the drag reduction.

  7. Drag reduction through self-texturing compliant bionic materials

    NASA Astrophysics Data System (ADS)

    Liu, Eryong; Li, Longyang; Wang, Gang; Zeng, Zhixiang; Zhao, Wenjie; Xue, Qunji

    2017-01-01

    Compliant fish skin is effectively in reducing drag, thus the design and application of compliant bionic materials may be a good choice for drag reduction. Here we consider the drag reduction of compliant bionic materials. First, ZnO and PDMS mesh modified with n-octadecane were prepared, the drag reduction of self-texturing compliant n-octadecane were studied. The results show that the mesh modified by ZnO and PDMS possess excellent lipophilic and hydrophobic, thus n-octadecane at solid, semisolid and liquid state all have good adhesion with modified mesh. The states of n-octadecane changed with temperature, thus, the surface contact angle and adhesive force all varies obviously at different state. The contact angle decreases with temperature, the adhesive force shows a lower value at semisolid state. Furthermore, the drag testing results show that the compliant n-octadecane film is more effectively in drag reduction than superhydrophobic ZnO/PDMS film, indicating that the drag reduction mechanism of n-octadecane is significantly different with superhydrophobic film. Further research shows that the water flow leads to self-texturing of semisolid state n-octadecane, which is similar with compliant fish skin. Therefore, the compliant bionic materials of semisolid state n-octadecane with regular bulge plays a major role in the drag reduction.

  8. Molecules for security measures: from keypad locks to advanced communication protocols.

    PubMed

    Andréasson, J; Pischel, U

    2018-04-03

    The idea of using molecules in the context of information security has sparked the interest of researchers from many scientific disciplines. This is clearly manifested in the diversity of the molecular platforms and the analytical techniques used for this purpose, some of which we highlight in this Tutorial Review. Moreover, those molecular systems can be used to emulate a broad spectrum of security measures. For a long time, molecular keypad locks enjoyed a clear preference and the review starts off with a description of how these devices developed. In the last few years, however, the field has evolved into something larger. Examples include more complex authentication protocols (multi-factor authentication and one-time passwords), the recognition of erroneous procedures in data transmission (parity devices), as well as steganographic and cryptographic protection.

  9. A new method of enhancing telecommand security: the application of GCM in TC protocol

    NASA Astrophysics Data System (ADS)

    Zhang, Lei; Tang, Chaojing; Zhang, Quan

    2007-11-01

    In recent times, security has grown to a topic of major importance for the space missions. Many space agencies have been engaged in research on the selection of proper algorithms for ensuring Telecommand security according to the space communication environment, especially in regard to the privacy and authentication. Since space missions with high security levels need to ensure both privacy and authentication, Authenticated Encryption with Associated Data schemes (AEAD) be integrated into normal Telecommand protocols. This paper provides an overview of the Galois Counter Mode (GCM) of operation, which is one of the available two-pass AEAD schemes, and some preliminary considerations and analyses about its possible application to Telecommand frames specified by CCSDS.

  10. QoS Differential Scheduling in Cognitive-Radio-Based Smart Grid Networks: An Adaptive Dynamic Programming Approach.

    PubMed

    Yu, Rong; Zhong, Weifeng; Xie, Shengli; Zhang, Yan; Zhang, Yun

    2016-02-01

    As the next-generation power grid, smart grid will be integrated with a variety of novel communication technologies to support the explosive data traffic and the diverse requirements of quality of service (QoS). Cognitive radio (CR), which has the favorable ability to improve the spectrum utilization, provides an efficient and reliable solution for smart grid communications networks. In this paper, we study the QoS differential scheduling problem in the CR-based smart grid communications networks. The scheduler is responsible for managing the spectrum resources and arranging the data transmissions of smart grid users (SGUs). To guarantee the differential QoS, the SGUs are assigned to have different priorities according to their roles and their current situations in the smart grid. Based on the QoS-aware priority policy, the scheduler adjusts the channels allocation to minimize the transmission delay of SGUs. The entire transmission scheduling problem is formulated as a semi-Markov decision process and solved by the methodology of adaptive dynamic programming. A heuristic dynamic programming (HDP) architecture is established for the scheduling problem. By the online network training, the HDP can learn from the activities of primary users and SGUs, and adjust the scheduling decision to achieve the purpose of transmission delay minimization. Simulation results illustrate that the proposed priority policy ensures the low transmission delay of high priority SGUs. In addition, the emergency data transmission delay is also reduced to a significantly low level, guaranteeing the differential QoS in smart grid.

  11. Security of two-state and four-state practical quantum bit-commitment protocols

    NASA Astrophysics Data System (ADS)

    Loura, Ricardo; Arsenović, Dušan; Paunković, Nikola; Popović, Duška B.; Prvanović, Slobodan

    2016-12-01

    We study cheating strategies against a practical four-state quantum bit-commitment protocol [A. Danan and L. Vaidman, Quant. Info. Proc. 11, 769 (2012)], 10.1007/s11128-011-0284-4 and its two-state variant [R. Loura et al., Phys. Rev. A 89, 052336 (2014)], 10.1103/PhysRevA.89.052336 when the underlying quantum channels are noisy and the cheating party is constrained to using single-qubit measurements only. We show that simply inferring the transmitted photons' states by using the Breidbart basis, optimal for ambiguous (minimum-error) state discrimination, does not directly produce an optimal cheating strategy for this bit-commitment protocol. We introduce a strategy, based on certain postmeasurement processes and show it to have better chances at cheating than the direct approach. We also study to what extent sending forged geographical coordinates helps a dishonest party in breaking the binding security requirement. Finally, we investigate the impact of imperfect single-photon sources in the protocols. Our study shows that, in terms of the resources used, the four-state protocol is advantageous over the two-state version. The analysis performed can be straightforwardly generalized to any finite-qubit measurement, with the same qualitative results.

  12. Secure Publish-Subscribe Protocols for Heterogeneous Medical Wireless Body Area Networks

    PubMed Central

    Picazo-Sanchez, Pablo; Tapiador, Juan E.; Peris-Lopez, Pedro; Suarez-Tangil, Guillermo

    2014-01-01

    Security and privacy issues in medical wireless body area networks (WBANs) constitute a major unsolved concern because of the challenges posed by the scarcity of resources in WBAN devices and the usability restrictions imposed by the healthcare domain. In this paper, we describe a WBAN architecture based on the well-known publish-subscribe paradigm. We present two protocols for publishing data and sending commands to a sensor that guarantee confidentiality and fine-grained access control. Both protocols are based on a recently proposed ciphertext policy attribute-based encryption (CP-ABE) scheme that is lightweight enough to be embedded into wearable sensors. We show how sensors can implement lattice-based access control (LBAC) policies using this scheme, which are highly appropriate for the eHealth domain. We report experimental results with a prototype implementation demonstrating the suitability of our proposed solution. PMID:25460814

  13. A Compliant Casing for Transonic Axial Compressors

    NASA Technical Reports Server (NTRS)

    Bloch, Gregory S.; Hah, Chunill

    2003-01-01

    A viewgraph presentation on the concept of compliant casing for transonic axial compressors is shown. The topics include: 1) Concept for compliant casing; 2) Rig and facility details; 3) Experimental results; and 4) Numerical results.

  14. An MBS-Assisted Femtocell Transmit Power Control Scheme with Mobile User QoS Guarantee in 2-Tier Heterogeneous Femtocell Networks

    PubMed Central

    Yang, Chih-Cheng; Sheu, Shiann-Tsong

    2013-01-01

    This study investigates how to adjust the transmit power of femto base station (FBS) to mitigate interference problems between the FBSs and mobile users (MUs) in the 2-tier heterogeneous femtocell networks. A common baseline of deploying the FBS to increase the indoor access bandwidth requires that the FBS operation will not affect outdoor MUs operation with their quality-of-service (QoS) requirements. To tackle this technical problem, an FBS transmit power adjustment (FTPA) algorithm is proposed to adjust the FBS transmit power (FTP) to avoid unwanted cochannel interference (CCI) with the neighboring MUs in downlink transmission. FTPA reduces the FTP to serve its femto users (FUs) according to the QoS requirements of the nearest neighboring MUs to the FBS so that the MU QoS requirement is guaranteed. Simulation results demonstrate that FTPA can achieve a low MU outage probability as well as serve FUs without violating the MU QoS requirements. Simulation results also reveal that FTPA has better performance on voice and video services which are the major trend of future multimedia communication in the NGN. PMID:24391461

  15. An MBS-assisted femtocell transmit power control scheme with mobile user QoS guarantee in 2-tier heterogeneous femtocell networks.

    PubMed

    Chen, Jenhui; Yang, Chih-Cheng; Sheu, Shiann-Tsong

    2013-01-01

    This study investigates how to adjust the transmit power of femto base station (FBS) to mitigate interference problems between the FBSs and mobile users (MUs) in the 2-tier heterogeneous femtocell networks. A common baseline of deploying the FBS to increase the indoor access bandwidth requires that the FBS operation will not affect outdoor MUs operation with their quality-of-service (QoS) requirements. To tackle this technical problem, an FBS transmit power adjustment (FTPA) algorithm is proposed to adjust the FBS transmit power (FTP) to avoid unwanted cochannel interference (CCI) with the neighboring MUs in downlink transmission. FTPA reduces the FTP to serve its femto users (FUs) according to the QoS requirements of the nearest neighboring MUs to the FBS so that the MU QoS requirement is guaranteed. Simulation results demonstrate that FTPA can achieve a low MU outage probability as well as serve FUs without violating the MU QoS requirements. Simulation results also reveal that FTPA has better performance on voice and video services which are the major trend of future multimedia communication in the NGN.

  16. QoS support for end users of I/O-intensive applications using shared storage systems

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Davis, Marion Kei; Zhang, Xuechen; Jiang, Song

    2011-01-19

    I/O-intensive applications are becoming increasingly common on today's high-performance computing systems. While performance of compute-bound applications can be effectively guaranteed with techniques such as space sharing or QoS-aware process scheduling, it remains a challenge to meet QoS requirements for end users of I/O-intensive applications using shared storage systems because it is difficult to differentiate I/O services for different applications with individual quality requirements. Furthermore, it is difficult for end users to accurately specify performance goals to the storage system using I/O-related metrics such as request latency or throughput. As access patterns, request rates, and the system workload change in time,more » a fixed I/O performance goal, such as bounds on throughput or latency, can be expensive to achieve and may not lead to a meaningful performance guarantees such as bounded program execution time. We propose a scheme supporting end-users QoS goals, specified in terms of program execution time, in shared storage environments. We automatically translate the users performance goals into instantaneous I/O throughput bounds using a machine learning technique, and use dynamically determined service time windows to efficiently meet the throughput bounds. We have implemented this scheme in the PVFS2 parallel file system and have conducted an extensive evaluation. Our results show that this scheme can satisfy realistic end-user QoS requirements by making highly efficient use of the I/O resources. The scheme seeks to balance programs attainment of QoS requirements, and saves as much of the remaining I/O capacity as possible for best-effort programs.« less

  17. Protocol and the post-human performativity of security techniques

    PubMed Central

    O’Grady, Nathaniel

    2015-01-01

    This article explores the deployment of exercises by the United Kingdom Fire and Rescue Service. Exercises stage, simulate and act out potential future emergencies and in so doing help the Fire and Rescue Service prepare for future emergencies. Specifically, exercises operate to assess and develop protocol; sets of guidelines which plan out the actions undertaken by the Fire and Rescue Service in responding to a fire. In the article I outline and assess the forms of knowledge and technologies, what I call the ‘aesthetic forces’, by which the exercise makes present and imagines future emergencies. By critically engaging with Karen Barad’s notion of post-human performativity, I argue that exercises provide a site where such forces can entangle with one another; creating a bricolage through which future emergencies are evoked sensually and representatively, ultimately making it possible to experience emergencies in the present. This understanding of exercises allows also for critical appraisal of protocol both as phenomena that are produced through the enmeshing of different aesthetic forces and as devices which premise the operation of the security apparatus on contingency. PMID:29708110

  18. SEAODV: A Security Enhanced AODV Routing Protocol for Wireless Mesh Networks

    NASA Astrophysics Data System (ADS)

    Li, Celia; Wang, Zhuang; Yang, Cungang

    In this paper, we propose a Security Enhanced AODV routing protocol (SEAODV) for wireless mesh networks (WMN). SEAODV employs Blom's key pre-distribution scheme to compute the pairwise transient key (PTK) through the flooding of enhanced HELLO message and subsequently uses the established PTK to distribute the group transient key (GTK). PTK and GTK authenticate unicast and broadcast routing messages respectively. In WMN, a unique PTK is shared by each pair of nodes, while GTK is shared secretly between the node and all its one-hop neighbours. A message authentication code (MAC) is attached as the extension to the original AODV routing message to guarantee the message's authenticity and integrity in a hop-by-hop fashion. Security analysis and performance evaluation show that SEAODV is more effective in preventing identified routing attacks and outperforms ARAN and SAODV in terms of computation cost and route acquisition latency.

  19. Compliant walking appears metabolically advantageous at extreme step lengths.

    PubMed

    Kim, Jaehoon; Bertram, John E A

    2018-05-19

    Humans alter gait in response to unusual gait circumstances to accomplish the task of walking. For instance, subjects spontaneously increase leg compliance at a step length threshold as step length increases. Here we test the hypothesis that this transition occurs based on the level of energy expenditure, where compliant walking becomes less energetically demanding at long step lengths. To map and compare the metabolic cost of normal and compliant walking as step length increases. 10 healthy individuals walked on a treadmill using progressively increasing step lengths (100%, 120%, 140% and 160% of preferred step length), in both normal and compliant leg walking as energy expenditure was recorded via indirect calorimetry. Leg compliance was controlled by lowering the center-of-mass trajectory during stance, forcing the leg to flex and extend as the body moved over the foot contact. For normal step lengths, compliant leg walking was more costly than normal walking gait, but compliant leg walking energetic cost did not increase as rapidly for longer step lengths. This led to an intersection between normal and compliant walking cost curves at 114% relative step length (regression analysis; r 2  = 0.92 for normal walking; r 2  = 0.65 for compliant walking). Compliant leg walking is less energetically demanding at longer step lengths where a spontaneous shift to compliant walking has been observed, suggesting the human motor control system is sensitive to energetic requirements and will employ alternate movement patterns if advantageous strategies are available. The transition could be attributed to the interplay between (i) leg work controlling body travel during single stance and (ii) leg work to control energy loss in the step-to-step transition. Compliant leg walking requires more stance leg work at normal step lengths, but involves less energy loss at the step-to-step transition for very long steps. Copyright © 2018 Elsevier B.V. All rights reserved.

  20. Compliant Walker

    NASA Technical Reports Server (NTRS)

    Kerley, James J.; Eklund, Wayne; Crane, Alan

    1992-01-01

    Walker supports person with limited use of legs and back. Enables person to stand upright, move with minimum load, and rest at will taking weight off legs. Consists of wheeled frame with body harness connected compliantly to side structures. Harness supports wearer upright when wearer relaxes and takes weight off lower extremities. Assumes partial to full body weight at user's discretion.

  1. Secure Multi-party Computation Protocol for Defense Applications in Military Operations Using Virtual Cryptography

    NASA Astrophysics Data System (ADS)

    Pathak, Rohit; Joshi, Satyadhar

    With the advent into the 20th century whole world has been facing the common dilemma of Terrorism. The suicide attacks on US twin towers 11 Sept. 2001, Train bombings in Madrid Spain 11 Mar. 2004, London bombings 7 Jul. 2005 and Mumbai attack 26 Nov. 2008 were some of the most disturbing, destructive and evil acts by terrorists in the last decade which has clearly shown their evil intent that they can go to any extent to accomplish their goals. Many terrorist organizations such as al Quaida, Harakat ul-Mujahidin, Hezbollah, Jaish-e-Mohammed, Lashkar-e-Toiba, etc. are carrying out training camps and terrorist operations which are accompanied with latest technology and high tech arsenal. To counter such terrorism our military is in need of advanced defense technology. One of the major issues of concern is secure communication. It has to be made sure that communication between different military forces is secure so that critical information is not leaked to the adversary. Military forces need secure communication to shield their confidential data from terrorist forces. Leakage of concerned data can prove hazardous, thus preservation and security is of prime importance. There may be a need to perform computations that require data from many military forces, but in some cases the associated forces would not want to reveal their data to other forces. In such situations Secure Multi-party Computations find their application. In this paper, we propose a new highly scalable Secure Multi-party Computation (SMC) protocol and algorithm for Defense applications which can be used to perform computation on encrypted data. Every party encrypts their data in accordance with a particular scheme. This encrypted data is distributed among some created virtual parties. These Virtual parties send their data to the TTP through an Anonymizer layer. TTP performs computation on encrypted data and announces the result. As the data sent was encrypted its actual value can’t be known by TTP

  2. Fuzzy Logic-based Intelligent Scheme for Enhancing QoS of Vertical Handover Decision in Vehicular Ad-hoc Networks

    NASA Astrophysics Data System (ADS)

    Azzali, F.; Ghazali, O.; Omar, M. H.

    2017-08-01

    The design of next generation networks in various technologies under the “Anywhere, Anytime” paradigm offers seamless connectivity across different coverage. A conventional algorithm such as RSSThreshold algorithm, that only uses the received strength signal (RSS) as a metric, will decrease handover performance regarding handover latency, delay, packet loss, and handover failure probability. Moreover, the RSS-based algorithm is only suitable for horizontal handover decision to examine the quality of service (QoS) compared to the vertical handover decision in advanced technologies. In the next generation network, vertical handover can be started based on the user’s convenience or choice rather than connectivity reasons. This study proposes a vertical handover decision algorithm that uses a Fuzzy Logic (FL) algorithm, to increase QoS performance in heterogeneous vehicular ad-hoc networks (VANET). The study uses network simulator 2.29 (NS 2.29) along with the mobility traffic network and generator to implement simulation scenarios and topologies. This helps the simulation to achieve a realistic VANET mobility scenario. The required analysis on the performance of QoS in the vertical handover can thus be conducted. The proposed Fuzzy Logic algorithm shows improvement over the conventional algorithm (RSSThreshold) in the average percentage of handover QoS whereby it achieves 20%, 21% and 13% improvement on handover latency, delay, and packet loss respectively. This is achieved through triggering a process in layer two and three that enhances the handover performance.

  3. Framework for analysis of guaranteed QOS systems

    NASA Astrophysics Data System (ADS)

    Chaudhry, Shailender; Choudhary, Alok

    1997-01-01

    Multimedia data is isochronous in nature and entails managing and delivering high volumes of data. Multiprocessors with their large processing power, vast memory, and fast interconnects, are an ideal candidate for the implementation of multimedia applications. Initially, multiprocessors were designed to execute scientific programs and thus their architecture was optimized to provide low message latency and efficiently support regular communication patterns. Hence, they have a regular network topology and most use wormhole routing. The design offers the benefits of a simple router, small buffer size, and network latency that is almost independent of path length. Among the various multimedia applications, video on demand (VOD) server is well-suited for implementation using parallel multiprocessors. Logical models for VOD servers are presently mapped onto multiprocessors. Our paper provides a framework for calculating bounds on utilization of system resources with which QoS parameters for each isochronous stream can be guaranteed. Effects of the architecture of multiprocessors, and efficiency of various local models and mapping on particular architectures can be investigated within our framework. Our framework is based on rigorous proofs and provides tight bounds. The results obtained may be used as the basis for admission control tests. To illustrate the versatility of our framework, we provide bounds on utilization for various logical models applied to mesh connected architectures for a video on demand server. Our results show that worm hole routing can lead to packets waiting for transmission of other packets that apparently share no common resources. This situation is analogous to head-of-the-line blocking. We find that the provision of multiple VCs per link and multiple flit buffers improves utilization (even under guaranteed QoS parameters). This analogous to parallel iterative matching.

  4. Secure and QoS-Managed Information Exchange Between Enterprise and Constrained Environments

    DTIC Science & Technology

    2014-01-01

    systems and enterprise services during mission operation can enable greater situational awareness and empowerment for the tactical user . For example...April 01, 2007. [17] Robbins, D., Unmanned Aircraft Operational Integration using MITRE’s Cursor on Target, The Edge, Volume 10, Number 2, MITRE...appropriate level of security protection and quality of service (QoS) for the tactical users is one possibility. Such an approach is not cost ef

  5. Compliant displacement-multiplying apparatus for microelectromechanical systems

    DOEpatents

    Kota, Sridhar; Rodgers, M. Steven; Hetrick, Joel A.

    2001-01-01

    A pivotless compliant structure is disclosed that can be used to increase the geometric advantage or mechanical advantage of a microelectromechanical (MEM) actuator such as an electrostatic comb actuator, a capacitive-plate electrostatic actuator, or a thermal actuator. The compliant structure, based on a combination of interconnected flexible beams and cross-beams formed of one or more layers of polysilicon or silicon nitride, can provide a geometric advantage of from about 5:1 to about 60:1 to multiply a 0.25-3 .mu.m displacement provided by a short-stroke actuator so that such an actuator can be used to generate a displacement stroke of about 10-34 .mu.m to operate a ratchet-driven MEM device or a microengine. The compliant structure has less play than conventional displacement-multiplying devices based on lever arms and pivoting joints, and is expected to be more reliable than such devices. The compliant structure and an associated electrostatic or thermal actuator can be formed on a common substrate (e.g. silicon) using surface micromachining.

  6. Stiffness modeling of compliant parallel mechanisms and applications in the performance analysis of a decoupled parallel compliant stage

    NASA Astrophysics Data System (ADS)

    Jiang, Yao; Li, Tie-Min; Wang, Li-Ping

    2015-09-01

    This paper investigates the stiffness modeling of compliant parallel mechanism (CPM) based on the matrix method. First, the general compliance matrix of a serial flexure chain is derived. The stiffness modeling of CPMs is next discussed in detail, considering the relative positions of the applied load and the selected displacement output point. The derived stiffness models have simple and explicit forms, and the input, output, and coupling stiffness matrices of the CPM can easily be obtained. The proposed analytical model is applied to the stiffness modeling and performance analysis of an XY parallel compliant stage with input and output decoupling characteristics. Then, the key geometrical parameters of the stage are optimized to obtain the minimum input decoupling degree. Finally, a prototype of the compliant stage is developed and its input axial stiffness, coupling characteristics, positioning resolution, and circular contouring performance are tested. The results demonstrate the excellent performance of the compliant stage and verify the effectiveness of the proposed theoretical model. The general stiffness models provided in this paper will be helpful for performance analysis, especially in determining coupling characteristics, and the structure optimization of the CPM.

  7. Security of two quantum cryptography protocols using the same four qubit states

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Branciard, Cyril; Ecole Nationale Superieure des Telecommunications, 46, rue Barrault, 75013 Paris; Gisin, Nicolas

    2005-09-15

    The first quantum cryptography protocol, proposed by Bennett and Brassard in 1984 (BB84), has been widely studied in recent years. This protocol uses four states (more precisely, two complementary bases) for the encoding of the classical bit. Recently, it has been noticed that by using the same four states, but a different encoding of information, one can define a protocol which is more robust in practical implementations, specifically when attenuated laser pulses are used instead of single-photon sources [V. Scarani et al., Phys. Rev. Lett. 92, 057901 (2004), referred to as the SARG04 protocol]. We present a detailed study ofmore » SARG04 in two different regimes. In the first part, we consider an implementation with a single-photon source: we derive bounds on the error rate Q for security against all possible attacks by the eavesdropper. The lower and the upper bound obtained for SARG04 (Q < or approx. 10.95% and Q > or approx. 14.9%, respectively) are close to those obtained for BB84 (Q < or approx. 12.4% and Q > or approx. 14.6%, respectively). In the second part, we consider a realistic source consisting of an attenuated laser and improve on previous analysis by allowing Alice to optimize the mean number of photons as a function of the distance. The SARG04 protocol is found to perform better than BB84, both in secret-key rate and in maximal achievable distance, for a wide class of Eve's attacks.« less

  8. Impact of the codec and various QoS methods on the final quality of the transferred voice in an IP network

    NASA Astrophysics Data System (ADS)

    Slavata, Oldřich; Holub, Jan

    2015-02-01

    This paper deals with an analysis of the relation between the codec that is used, the QoS method, and the final voice transmission quality. The Cisco 2811 router is used for adjusting QoS. VoIP client Linphone is used for adjusting the codec. The criterion for transmission quality is the MOS parameter investigated with the ITU-T P.862 PESQ and P.863 POLQA algorithms.

  9. Preliminary Assessment of a Compliant Gait Exoskeleton.

    PubMed

    Cestari, Manuel; Sanz-Merodio, Daniel; Garcia, Elena

    2017-06-01

    Current commercial wearable gait exoskeletons contain joints with stiff actuators that cannot adapt to unpredictable environments. These actuators consume a significant amount of energy, and their stiffness may not be appropriate for safe human-machine interactions. Adjustable compliant actuators are being designed and implemented because of their ability to minimize large forces due to shocks, to safely interact with the user, and to store and release energy in passive elastic elements. Introduction of such compliant actuation in gait exoskeletons, however, has been limited by the larger power-to-weight and volume ratio requirement. This article presents a preliminary assessment of the first compliant exoskeleton for children. Compliant actuation systems developed by our research group were integrated into the ATLAS exoskeleton prototype. The resulting device is a compliant exoskeleton, the ATLAS-C prototype. The exoskeleton is coupled with a special standing frame to provide balance while allowing a semi-natural gait. Experiments show that when comparing the behavior of the joints under different stiffness conditions, the inherent compliance of the implemented actuators showed natural adaptability during the gait cycle and in regions of shock absorption. Torque tracking of the joint is achieved, identifying the areas of loading response. The implementation of a state machine in the control of knee motion allowed reutilization of the stored energy during deflection at the end of the support phase to partially propel the leg and achieve a more natural and free swing.

  10. Development of A General Principle Solution Forisoagrinet Compliant Networking System Components in Animal Husbandry

    NASA Astrophysics Data System (ADS)

    Kuhlmann, Arne; Herd, Daniel; Röβler, Benjamin; Gallmann, Eva; Jungbluth, Thomas

    In pig production software and electronic systems are widely used for process control and management. Unfortunately most devices on farms are proprietary solutions and autonomically working. To unify data communication of devices in agricultural husbandry, the international standard ISOagriNET (ISO 17532:2007) was developed. It defines data formats and exchange protocols, to link up devices like climate controls, feeding systems and sensors, but also management software. The aim of the research project, "Information and Data Collection in Livestock Systems" is to develop an ISOagriNET compliant IT system, a so called Farming Cell. It integrates all electronic components to acquire the available data and information for pig fattening. That way, an additional benefit to humans, animals and the environment regarding process control and documentation, can be generated. Developing the Farming Cell is very complex; in detail it is very difficult and long-winded to integrate hardware and software by various vendors into an ISOagriNET compliant IT system. This ISOagriNET prototype shows as a test environment the potential of this new standard.

  11. FPGA implementation cost and performance evaluation of IEEE 802.11 protocol encryption security schemes

    NASA Astrophysics Data System (ADS)

    Sklavos, N.; Selimis, G.; Koufopavlou, O.

    2005-01-01

    The explosive growth of internet and consumer demand for mobility has fuelled the exponential growth of wireless communications and networks. Mobile users want access to services and information, from both internet and personal devices, from a range of locations without the use of a cable medium. IEEE 802.11 is one of the most widely used wireless standards of our days. The amount of access and mobility into wireless networks requires a security infrastructure that protects communication within that network. The security of this protocol is based on the wired equivalent privacy (WEP) scheme. Currently, all the IEEE 802.11 market products support WEP. But recently, the 802.11i working group introduced the advanced encryption standard (AES), as the security scheme for the future IEEE 802.11 applications. In this paper, the hardware integrations of WEP and AES are studied. A field programmable gate array (FPGA) device has been used as the hardware implementation platform, for a fair comparison between the two security schemes. Measurements for the FPGA implementation cost, operating frequency, power consumption and performance are given.

  12. A QoS Optimization Approach in Cognitive Body Area Networks for Healthcare Applications.

    PubMed

    Ahmed, Tauseef; Le Moullec, Yannick

    2017-04-06

    Wireless body area networks are increasingly featuring cognitive capabilities. This work deals with the emerging concept of cognitive body area networks. In particular, the paper addresses two important issues, namely spectrum sharing and interferences. We propose methods for channel and power allocation. The former builds upon a reinforcement learning mechanism, whereas the latter is based on convex optimization. Furthermore, we also propose a mathematical channel model for off-body communication links in line with the IEEE 802.15.6 standard. Simulation results for a nursing home scenario show that the proposed approach yields the best performance in terms of throughput and QoS for dynamic environments. For example, in a highly demanding scenario our approach can provide throughput up to 7 Mbps, while giving an average of 97.2% of time QoS satisfaction in terms of throughput. Simulation results also show that the power optimization algorithm enables reducing transmission power by approximately 4.5 dBm, thereby sensibly and significantly reducing interference.

  13. QoS measurement of workflow-based web service compositions using Colored Petri net.

    PubMed

    Nematzadeh, Hossein; Motameni, Homayun; Mohamad, Radziah; Nematzadeh, Zahra

    2014-01-01

    Workflow-based web service compositions (WB-WSCs) is one of the main composition categories in service oriented architecture (SOA). Eflow, polymorphic process model (PPM), and business process execution language (BPEL) are the main techniques of the category of WB-WSCs. Due to maturity of web services, measuring the quality of composite web services being developed by different techniques becomes one of the most important challenges in today's web environments. Business should try to provide good quality regarding the customers' requirements to a composed web service. Thus, quality of service (QoS) which refers to nonfunctional parameters is important to be measured since the quality degree of a certain web service composition could be achieved. This paper tried to find a deterministic analytical method for dependability and performance measurement using Colored Petri net (CPN) with explicit routing constructs and application of theory of probability. A computer tool called WSET was also developed for modeling and supporting QoS measurement through simulation.

  14. Turbine airfoil with a compliant outer wall

    DOEpatents

    Campbell, Christian X [Oviedo, FL; Morrison, Jay A [Oviedo, FL

    2012-04-03

    A turbine airfoil usable in a turbine engine with a cooling system and a compliant dual wall configuration configured to enable thermal expansion between inner and outer layers while eliminating stress formation in the outer layer is disclosed. The compliant dual wall configuration may be formed a dual wall formed from inner and outer layers separated by a support structure. The outer layer may be a compliant layer configured such that the outer layer may thermally expand and thereby reduce the stress within the outer layer. The outer layer may be formed from a nonplanar surface configured to thermally expand. In another embodiment, the outer layer may be planar and include a plurality of slots enabling unrestricted thermal expansion in a direction aligned with the outer layer.

  15. Generalized constitutive equations for piezo-actuated compliant mechanism

    NASA Astrophysics Data System (ADS)

    Cao, Junyi; Ling, Mingxiang; Inman, Daniel J.; Lin, Jin

    2016-09-01

    This paper formulates analytical models to describe the static displacement and force interactions between generic serial-parallel compliant mechanisms and their loads by employing the matrix method. In keeping with the familiar piezoelectric constitutive equations, the generalized constitutive equations of compliant mechanism represent the input-output displacement and force relations in the form of a generalized Hooke’s law and as analytical functions of physical parameters. Also significantly, a new model of output displacement for compliant mechanism interacting with piezo-stacks and elastic loads is deduced based on the generalized constitutive equations. Some original findings differing from the well-known constitutive performance of piezo-stacks are also given. The feasibility of the proposed models is confirmed by finite element analysis and by experiments under various elastic loads. The analytical models can be an insightful tool for predicting and optimizing the performance of a wide class of compliant mechanisms that simultaneously consider the influence of loads and piezo-stacks.

  16. Mitigating Cyber Security Risk in Satellite Ground Systems

    DTIC Science & Technology

    2015-04-01

    because cyber security in government remains shrouded in secrecy. However, using the Defense Operational Test and Evaluation Office’s (DOT& E ) FY14...report on cybersecurity one grasps the seriousness of the problem. DOT& E reported only 85% of networks in DoD were compliant with the cyber...security regulations discussed later in this paper. Not until compliance is near 100% could DOT& E conceive with confidence that DoD networks were safe

  17. A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

    PubMed

    Mehmood, Zahid; Chen, Gongliang; Li, Jianhua; Li, Linsen; Alzahrani, Bander

    2017-01-01

    Over the past few years, Session Initiation Protocol (SIP) is found as a substantial application-layer protocol for the multimedia services. It is extensively used for managing, altering, terminating and distributing the multimedia sessions. Authentication plays a pivotal role in SIP environment. Currently, Lu et al. presented an authentication protocol for SIP and profess that newly proposed protocol is protected against all the familiar attacks. However, the detailed analysis describes that the Lu et al.'s protocol is exposed against server masquerading attack and user's masquerading attack. Moreover, it also fails to protect the user's identity as well as it possesses incorrect login and authentication phase. In order to establish a suitable and efficient protocol, having ability to overcome all these discrepancies, a robust ECC-based novel mutual authentication mechanism with anonymity for SIP is presented in this manuscript. The improved protocol contains an explicit parameter for user to cope the issues of security and correctness and is found to be more secure and relatively effective to protect the user's privacy, user's masquerading and server masquerading as it is verified through the comprehensive formal and informal security analysis.

  18. DNA origami compliant nanostructures with tunable mechanical properties.

    PubMed

    Zhou, Lifeng; Marras, Alexander E; Su, Hai-Jun; Castro, Carlos E

    2014-01-28

    DNA origami enables fabrication of precise nanostructures by programming the self-assembly of DNA. While this approach has been used to make a variety of complex 2D and 3D objects, the mechanical functionality of these structures is limited due to their rigid nature. We explore the fabrication of deformable, or compliant, objects to establish a framework for mechanically functional nanostructures. This compliant design approach is used in macroscopic engineering to make devices including sensors, actuators, and robots. We build compliant nanostructures by utilizing the entropic elasticity of single-stranded DNA (ssDNA) to locally bend bundles of double-stranded DNA into bent geometries whose curvature and mechanical properties can be tuned by controlling the length of ssDNA strands. We demonstrate an ability to achieve a wide range of geometries by adjusting a few strands in the nanostructure design. We further developed a mechanical model to predict both geometry and mechanical properties of our compliant nanostructures that agrees well with experiments. Our results provide a basis for the design of mechanically functional DNA origami devices and materials.

  19. Secure and lightweight network admission and transmission protocol for body sensor networks.

    PubMed

    He, Daojing; Chen, Chun; Chan, Sammy; Bu, Jiajun; Zhang, Pingxin

    2013-05-01

    A body sensor network (BSN) is a wireless network of biosensors and a local processing unit, which is commonly referred to as the personal wireless hub (PWH). Personal health information (PHI) is collected by biosensors and delivered to the PWH before it is forwarded to the remote healthcare center for further processing. In a BSN, it is critical to only admit eligible biosensors and PWH into the network. Also, securing the transmission from each biosensor to PWH is essential not only for ensuring safety of PHI delivery, but also for preserving the privacy of PHI. In this paper, we present the design, implementation, and evaluation of a secure network admission and transmission subsystem based on a polynomial-based authentication scheme. The procedures in this subsystem to establish keys for each biosensor are communication efficient and energy efficient. Moreover, based on the observation that an adversary eavesdropping in a BSN faces inevitable channel errors, we propose to exploit the adversary's uncertainty regarding the PHI transmission to update the individual key dynamically and improve key secrecy. In addition to the theoretical analysis that demonstrates the security properties of our system, this paper also reports the experimental results of the proposed protocol on resource-limited sensor platforms, which show the efficiency of our system in practice.

  20. Secure polarization-independent subcarrier quantum key distribution in optical fiber channel using BB84 protocol with a strong reference.

    PubMed

    Gleim, A V; Egorov, V I; Nazarov, Yu V; Smirnov, S V; Chistyakov, V V; Bannik, O I; Anisimov, A A; Kynev, S M; Ivanova, A E; Collins, R J; Kozlov, S A; Buller, G S

    2016-02-08

    A quantum key distribution system based on the subcarrier wave modulation method has been demonstrated which employs the BB84 protocol with a strong reference to generate secure bits at a rate of 16.5 kbit/s with an error of 0.5% over an optical channel of 10 dB loss, and 18 bits/s with an error of 0.75% over 25 dB of channel loss. To the best of our knowledge, these results represent the highest channel loss reported for secure quantum key distribution using the subcarrier wave approach. A passive unidirectional scheme has been used to compensate for the polarization dependence of the phase modulators in the receiver module, which resulted in a high visibility of 98.8%. The system is thus fully insensitive to polarization fluctuations and robust to environmental changes, making the approach promising for use in optical telecommunication networks. Further improvements in secure key rate and transmission distance can be achieved by implementing the decoy states protocol or by optimizing the mean photon number used in line with experimental parameters.

  1. Optimal route discovery for soft QOS provisioning in mobile ad hoc multimedia networks

    NASA Astrophysics Data System (ADS)

    Huang, Lei; Pan, Feng

    2007-09-01

    In this paper, we propose an optimal routing discovery algorithm for ad hoc multimedia networks whose resource keeps changing, First, we use stochastic models to measure the network resource availability, based on the information about the location and moving pattern of the nodes, as well as the link conditions between neighboring nodes. Then, for a certain multimedia packet flow to be transmitted from a source to a destination, we formulate the optimal soft-QoS provisioning problem as to find the best route that maximize the probability of satisfying its desired QoS requirements in terms of the maximum delay constraints. Based on the stochastic network resource model, we developed three approaches to solve the formulated problem: A centralized approach serving as the theoretical reference, a distributed approach that is more suitable to practical real-time deployment, and a distributed dynamic approach that utilizes the updated time information to optimize the routing for each individual packet. Examples of numerical results demonstrated that using the route discovered by our distributed algorithm in a changing network environment, multimedia applications could achieve better QoS statistically.

  2. Comparison of two MAC protocols based on LEO satellite networks

    NASA Astrophysics Data System (ADS)

    Guan, Mingxiang; Wang, Ruichun

    2009-12-01

    With the development of LEO satellite communication, it is the basic requirement that various kinds of services will be provided. Considering that weak channel collision detection ability, long propagation delay and heavy load in LEO satellite communication system, a valid adaptive access control protocol APRMA is proposed. Different access probability functions for different services are obtained and appropriate access probabilities for voice and data users are updated slot by slot based on the estimation of the voice traffic and the channel status. Finally simulation results demonstrate that the performance of system is improved by the APRMA compared with the conventional PRMA, with an acceptable trade-off between QoS of voice and delay of data. Also the APRMA protocol will be suitable for HAPS (high altitude platform station) with the characters of weak channel collision detection ability, long propagation delay and heavy load.

  3. A secure 3-way routing protocols for intermittently connected mobile ad hoc networks.

    PubMed

    Sekaran, Ramesh; Parasuraman, Ganesh Kumar

    2014-01-01

    The mobile ad hoc network may be partially connected or it may be disconnected in nature and these forms of networks are termed intermittently connected mobile ad hoc network (ICMANET). The routing in such disconnected network is commonly an arduous task. Many routing protocols have been proposed for routing in ICMANET since decades. The routing techniques in existence for ICMANET are, namely, flooding, epidemic, probabilistic, copy case, spray and wait, and so forth. These techniques achieve an effective routing with minimum latency, higher delivery ratio, lesser overhead, and so forth. Though these techniques generate effective results, in this paper, we propose novel routing algorithms grounded on agent and cryptographic techniques, namely, location dissemination service (LoDiS) routing with agent AES, A-LoDiS with agent AES routing, and B-LoDiS with agent AES routing, ensuring optimal results with respect to various network routing parameters. The algorithm along with efficient routing ensures higher degree of security. The security level is cited testing with respect to possibility of malicious nodes into the network. This paper also aids, with the comparative results of proposed algorithms, for secure routing in ICMANET.

  4. A Secure 3-Way Routing Protocols for Intermittently Connected Mobile Ad Hoc Networks

    PubMed Central

    Parasuraman, Ganesh Kumar

    2014-01-01

    The mobile ad hoc network may be partially connected or it may be disconnected in nature and these forms of networks are termed intermittently connected mobile ad hoc network (ICMANET). The routing in such disconnected network is commonly an arduous task. Many routing protocols have been proposed for routing in ICMANET since decades. The routing techniques in existence for ICMANET are, namely, flooding, epidemic, probabilistic, copy case, spray and wait, and so forth. These techniques achieve an effective routing with minimum latency, higher delivery ratio, lesser overhead, and so forth. Though these techniques generate effective results, in this paper, we propose novel routing algorithms grounded on agent and cryptographic techniques, namely, location dissemination service (LoDiS) routing with agent AES, A-LoDiS with agent AES routing, and B-LoDiS with agent AES routing, ensuring optimal results with respect to various network routing parameters. The algorithm along with efficient routing ensures higher degree of security. The security level is cited testing with respect to possibility of malicious nodes into the network. This paper also aids, with the comparative results of proposed algorithms, for secure routing in ICMANET. PMID:25136697

  5. Secure quantum communication using classical correlated channel

    NASA Astrophysics Data System (ADS)

    Costa, D.; de Almeida, N. G.; Villas-Boas, C. J.

    2016-10-01

    We propose a secure protocol to send quantum information from one part to another without a quantum channel. In our protocol, which resembles quantum teleportation, a sender (Alice) and a receiver (Bob) share classical correlated states instead of EPR ones, with Alice performing measurements in two different bases and then communicating her results to Bob through a classical channel. Our secure quantum communication protocol requires the same amount of classical bits as the standard quantum teleportation protocol. In our scheme, as in the usual quantum teleportation protocol, once the classical channel is established in a secure way, a spy (Eve) will never be able to recover the information of the unknown quantum state, even if she is aware of Alice's measurement results. Security, advantages, and limitations of our protocol are discussed and compared with the standard quantum teleportation protocol.

  6. A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

    NASA Astrophysics Data System (ADS)

    Saito, Takamichi

    Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

  7. Faithful deterministic secure quantum communication and authentication protocol based on hyperentanglement against collective noise

    NASA Astrophysics Data System (ADS)

    Chang, Yan; Zhang, Shi-Bin; Yan, Li-Li; Han, Gui-Hua

    2015-08-01

    Higher channel capacity and security are difficult to reach in a noisy channel. The loss of photons and the distortion of the qubit state are caused by noise. To solve these problems, in our study, a hyperentangled Bell state is used to design faithful deterministic secure quantum communication and authentication protocol over collective-rotation and collective-dephasing noisy channel, which doubles the channel capacity compared with using an ordinary Bell state as a carrier; a logical hyperentangled Bell state immune to collective-rotation and collective-dephasing noise is constructed. The secret message is divided into several parts to transmit, however the identity strings of Alice and Bob are reused. Unitary operations are not used. Project supported by the National Natural Science Foundation of China (Grant No. 61402058), the Science and Technology Support Project of Sichuan Province, China (Grant No. 2013GZX0137), the Fund for Young Persons Project of Sichuan Province, China (Grant No. 12ZB017), and the Foundation of Cyberspace Security Key Laboratory of Sichuan Higher Education Institutions, China (Grant No. szjj2014-074).

  8. QoS and energy aware cooperative routing protocol for wildfire monitoring wireless sensor networks.

    PubMed

    Maalej, Mohamed; Cherif, Sofiane; Besbes, Hichem

    2013-01-01

    Wireless sensor networks (WSN) are presented as proper solution for wildfire monitoring. However, this application requires a design of WSN taking into account the network lifetime and the shadowing effect generated by the trees in the forest environment. Cooperative communication is a promising solution for WSN which uses, at each hop, the resources of multiple nodes to transmit its data. Thus, by sharing resources between nodes, the transmission quality is enhanced. In this paper, we use the technique of reinforcement learning by opponent modeling, optimizing a cooperative communication protocol based on RSSI and node energy consumption in a competitive context (RSSI/energy-CC), that is, an energy and quality-of-service aware-based cooperative communication routing protocol. Simulation results show that the proposed algorithm performs well in terms of network lifetime, packet delay, and energy consumption.

  9. Dry compliant seal for phosphoric acid fuel cell

    DOEpatents

    Granata, Jr., Samuel J.; Woodle, Boyd M.

    1990-01-01

    A dry compliant overlapping seal for a phosphoric acid fuel cell preformed f non-compliant Teflon to make an anode seal frame that encircles an anode assembly, a cathode seal frame that encircles a cathode assembly and a compliant seal frame made of expanded Teflon, generally encircling a matrix assembly. Each frame has a thickness selected to accommodate various tolerances of the fuel cell elements and are either bonded to one of the other frames or to a bipolar or end plate. One of the non-compliant frames is wider than the other frames forming an overlap of the matrix over the wider seal frame, which cooperates with electrolyte permeating the matrix to form a wet seal within the fuel cell that prevents process gases from intermixing at the periphery of the fuel cell and a dry seal surrounding the cell to keep electrolyte from the periphery thereof. The frames may be made in one piece, in L-shaped portions or in strips and have an outer perimeter which registers with the outer perimeter of bipolar or end plates to form surfaces upon which flanges of pan shaped, gas manifolds can be sealed.

  10. Planning Considerations for Secure Network Protocols

    DTIC Science & Technology

    1999-03-01

    distribution / management ) requirements needed to support network security services are examined. The thesis concludes by identifying tactical user network requirements and suggests security issues to be considered in concert with network

  11. On shaky ground - A study of security vulnerabilities in control protocols

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Byres, E. J.; Huffman, D.; Kube, N.

    2006-07-01

    The recent introduction of information technologies such as Ethernet R into nuclear industry control devices has resulted in significantly less isolation from the outside world. This raises the question of whether these systems could be attacked by malware, network hackers or professional criminals to cause disruption to critical operations in a manner similar to the impacts now felt in the business world. To help answer this question, a study was undertaken to test a representative control protocol to determine if it had vulnerabilities that could be exploited. A framework was created in which a test could express a large numbermore » of test cases in very compact formal language. This in turn, allowed for the economical automation of both the generation of selectively malformed protocol traffic and the measurement of device under test's (DUT) behavior in response to this traffic. Approximately 5000 protocol conformance tests were run against two major brands of industrial controller. More than 60 categories of errors were discovered, the majority of which were in the form of incorrect error responses to malformed traffic. Several malformed packets however, caused the device to respond or communicate in inappropriate ways. These would be relatively simple for an attacker to inject into a system and could result in the plant operator losing complete view or control of the control device. Based on this relatively small set of devices, we believe that the nuclear industry urgently needs to adopt better security robustness testing of control devices as standard practice. (authors)« less

  12. Trust-Enhanced Cloud Service Selection Model Based on QoS Analysis.

    PubMed

    Pan, Yuchen; Ding, Shuai; Fan, Wenjuan; Li, Jing; Yang, Shanlin

    2015-01-01

    Cloud computing technology plays a very important role in many areas, such as in the construction and development of the smart city. Meanwhile, numerous cloud services appear on the cloud-based platform. Therefore how to how to select trustworthy cloud services remains a significant problem in such platforms, and extensively investigated owing to the ever-growing needs of users. However, trust relationship in social network has not been taken into account in existing methods of cloud service selection and recommendation. In this paper, we propose a cloud service selection model based on the trust-enhanced similarity. Firstly, the direct, indirect, and hybrid trust degrees are measured based on the interaction frequencies among users. Secondly, we estimate the overall similarity by combining the experience usability measured based on Jaccard's Coefficient and the numerical distance computed by Pearson Correlation Coefficient. Then through using the trust degree to modify the basic similarity, we obtain a trust-enhanced similarity. Finally, we utilize the trust-enhanced similarity to find similar trusted neighbors and predict the missing QoS values as the basis of cloud service selection and recommendation. The experimental results show that our approach is able to obtain optimal results via adjusting parameters and exhibits high effectiveness. The cloud services ranking by our model also have better QoS properties than other methods in the comparison experiments.

  13. Trust-Enhanced Cloud Service Selection Model Based on QoS Analysis

    PubMed Central

    Pan, Yuchen; Ding, Shuai; Fan, Wenjuan; Li, Jing; Yang, Shanlin

    2015-01-01

    Cloud computing technology plays a very important role in many areas, such as in the construction and development of the smart city. Meanwhile, numerous cloud services appear on the cloud-based platform. Therefore how to how to select trustworthy cloud services remains a significant problem in such platforms, and extensively investigated owing to the ever-growing needs of users. However, trust relationship in social network has not been taken into account in existing methods of cloud service selection and recommendation. In this paper, we propose a cloud service selection model based on the trust-enhanced similarity. Firstly, the direct, indirect, and hybrid trust degrees are measured based on the interaction frequencies among users. Secondly, we estimate the overall similarity by combining the experience usability measured based on Jaccard’s Coefficient and the numerical distance computed by Pearson Correlation Coefficient. Then through using the trust degree to modify the basic similarity, we obtain a trust-enhanced similarity. Finally, we utilize the trust-enhanced similarity to find similar trusted neighbors and predict the missing QoS values as the basis of cloud service selection and recommendation. The experimental results show that our approach is able to obtain optimal results via adjusting parameters and exhibits high effectiveness. The cloud services ranking by our model also have better QoS properties than other methods in the comparison experiments. PMID:26606388

  14. Robust quantum secure direct communication and authentication protocol against decoherence noise based on six-qubit DF state

    NASA Astrophysics Data System (ADS)

    Chang, Yan; Zhang, Shi-Bin; Yan, Li-Li; Han, Gui-Hua

    2015-05-01

    By using six-qubit decoherence-free (DF) states as quantum carriers and decoy states, a robust quantum secure direct communication and authentication (QSDCA) protocol against decoherence noise is proposed. Four six-qubit DF states are used in the process of secret transmission, however only the |0‧⟩ state is prepared. The other three six-qubit DF states can be obtained by permuting the outputs of the setup for |0‧⟩. By using the |0‧⟩ state as the decoy state, the detection rate and the qubit error rate reach 81.3%, and they will not change with the noise level. The stability and security are much higher than those of the ping-pong protocol both in an ideal scenario and a decoherence noise scenario. Even if the eavesdropper measures several qubits, exploiting the coherent relationship between these qubits, she can gain one bit of secret information with probability 0.042. Project supported by the National Natural Science Foundation of China (Grant No. 61402058), the Science and Technology Support Project of Sichuan Province of China (Grant No. 2013GZX0137), the Fund for Young Persons Project of Sichuan Province of China (Grant No. 12ZB017), and the Foundation of Cyberspace Security Key Laboratory of Sichuan Higher Education Institutions, China (Grant No. szjj2014-074).

  15. An Authentication Protocol for Future Sensor Networks.

    PubMed

    Bilal, Muhammad; Kang, Shin-Gak

    2017-04-28

    Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN

  16. An Authentication Protocol for Future Sensor Networks

    PubMed Central

    Bilal, Muhammad; Kang, Shin-Gak

    2017-01-01

    Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN

  17. Potential of Wake-Up Radio-Based MAC Protocols for Implantable Body Sensor Networks (IBSN)-A Survey.

    PubMed

    Karuppiah Ramachandran, Vignesh Raja; Ayele, Eyuel D; Meratnia, Nirvana; Havinga, Paul J M

    2016-11-29

    With the advent of nano-technology, medical sensors and devices are becoming highly miniaturized. Consequently, the number of sensors and medical devices being implanted to accurately monitor and diagnose a disease is increasing. By measuring the symptoms and controlling a medical device as close as possible to the source, these implantable devices are able to save lives. A wireless link between medical sensors and implantable medical devices is essential in the case of closed-loop medical devices, in which symptoms of the diseases are monitored by sensors that are not placed in close proximity of the therapeutic device. Medium Access Control (MAC) is crucial to make it possible for several medical devices to communicate using a shared wireless medium in such a way that minimum delay, maximum throughput, and increased network life-time are guaranteed. To guarantee this Quality of Service (QoS), the MAC protocols control the main sources of limited resource wastage, namely the idle-listening, packet collisions, over-hearing, and packet loss. Traditional MAC protocols designed for body sensor networks are not directly applicable to Implantable Body Sensor Networks (IBSN) because of the dynamic nature of the radio channel within the human body and the strict QoS requirements of IBSN applications. Although numerous MAC protocols are available in the literature, the majority of them are designed for Body Sensor Network (BSN) and Wireless Sensor Network (WSN). To the best of our knowledge, there is so far no research paper that explores the impact of these MAC protocols specifically for IBSN. MAC protocols designed for implantable devices are still in their infancy and one of their most challenging objectives is to be ultra-low-power. One of the technological solutions to achieve this objective so is to integrate the concept of Wake-up radio (WuR) into the MAC design. In this survey, we present a taxonomy of MAC protocols based on their use of WuR technology and identify

  18. Framework for Managing Metadata Security Tags as the Basis for Making Security Decisions.

    DTIC Science & Technology

    2002-12-01

    and Performance,” D.H. Associates, Inc., Sep 2001. [3] Deitel , H. M., and Deitel , P. J., Java How to Program , 3rd Edition, Prentice Hall Inc...1999. [4] Deitel , H. M., Deitel , P. J., and Nieto, T. R., Internet and The World Wide Web: How to Program , 2nd Edition, 2002. [5] Grohn, M. J., A...words) This thesis presents an analysis of a capability to employ CAPCO (Controlled Access Program Coordination Office) compliant Metadata security

  19. A Low Cost Key Agreement Protocol Based on Binary Tree for EPCglobal Class 1 Generation 2 RFID Protocol

    NASA Astrophysics Data System (ADS)

    Jeng, Albert; Chang, Li-Chung; Chen, Sheng-Hui

    There are many protocols proposed for protecting Radio Frequency Identification (RFID) system privacy and security. A number of these protocols are designed for protecting long-term security of RFID system using symmetric key or public key cryptosystem. Others are designed for protecting user anonymity and privacy. In practice, the use of RFID technology often has a short lifespan, such as commodity check out, supply chain management and so on. Furthermore, we know that designing a long-term security architecture to protect the security and privacy of RFID tags information requires a thorough consideration from many different aspects. However, any security enhancement on RFID technology will jack up its cost which may be detrimental to its widespread deployment. Due to the severe constraints of RFID tag resources (e. g., power source, computing power, communication bandwidth) and open air communication nature of RFID usage, it is a great challenge to secure a typical RFID system. For example, computational heavy public key and symmetric key cryptography algorithms (e. g., RSA and AES) may not be suitable or over-killed to protect RFID security or privacy. These factors motivate us to research an efficient and cost effective solution for RFID security and privacy protection. In this paper, we propose a new effective generic binary tree based key agreement protocol (called BKAP) and its variations, and show how it can be applied to secure the low cost and resource constraint RFID system. This BKAP is not a general purpose key agreement protocol rather it is a special purpose protocol to protect privacy, un-traceability and anonymity in a single RFID closed system domain.

  20. Agents Based e-Commerce and Securing Exchanged Information

    NASA Astrophysics Data System (ADS)

    Al-Jaljouli, Raja; Abawajy, Jemal

    Mobile agents have been implemented in e-Commerce to search and filter information of interest from electronic markets. When the information is very sensitive and critical, it is important to develop a novel security protocol that can efficiently protect the information from malicious tampering as well as unauthorized disclosure or at least detect any malicious act of intruders. In this chapter, we describe robust security techniques that ensure a sound security of information gathered throughout agent’s itinerary against various security attacks, as well as truncation attacks. A sound security protocol is described, which implements the various security techniques that would jointly prevent or at least detect any malicious act of intruders. We reason about the soundness of the protocol usingSymbolic Trace Analyzer (STA), a formal verification tool that is based on symbolic techniques. We analyze the protocol in key configurations and show that it is free of flaws. We also show that the protocol fulfils the various security requirements of exchanged information in MAS, including data-integrity, data-confidentiality, data-authenticity, origin confidentiality and data non-repudiability.

  1. Security Services Discovery by ATM Endsystems

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Sholander, Peter; Tarman, Thomas

    This contribution proposes strawman techniques for Security Service Discovery by ATM endsystems in ATM networks. Candidate techniques include ILMI extensions, ANS extensions and new ATM anycast addresses. Another option is a new protocol based on an IETF service discovery protocol, such as Service Location Protocol (SLP). Finally, this contribution provides strawman requirements for Security-Based Routing in ATM networks.

  2. Adaptive Traffic Route Control in QoS Provisioning for Cognitive Radio Technology with Heterogeneous Wireless Systems

    NASA Astrophysics Data System (ADS)

    Yamamoto, Toshiaki; Ueda, Tetsuro; Obana, Sadao

    As one of the dynamic spectrum access technologies, “cognitive radio technology,” which aims to improve the spectrum efficiency, has been studied. In cognitive radio networks, each node recognizes radio conditions, and according to them, optimizes its wireless communication routes. Cognitive radio systems integrate the heterogeneous wireless systems not only by switching over them but also aggregating and utilizing them simultaneously. The adaptive control of switchover use and concurrent use of various wireless systems will offer a stable and flexible wireless communication. In this paper, we propose the adaptive traffic route control scheme that provides high quality of service (QoS) for cognitive radio technology, and examine the performance of the proposed scheme through the field trials and computer simulations. The results of field trials show that the adaptive route control according to the radio conditions improves the user IP throughput by more than 20% and reduce the one-way delay to less than 1/6 with the concurrent use of IEEE802.16 and IEEE802.11 wireless media. Moreover, the simulation results assuming hundreds of mobile terminals reveal that the number of users receiving the required QoS of voice over IP (VoIP) service and the total network throughput of FTP users increase by more than twice at the same time with the proposed algorithm. The proposed adaptive traffic route control scheme can enhance the performances of the cognitive radio technologies by providing the appropriate communication routes for various applications to satisfy their required QoS.

  3. Analytical approach to cross-layer protocol optimization in wireless sensor networks

    NASA Astrophysics Data System (ADS)

    Hortos, William S.

    2008-04-01

    In the distributed operations of route discovery and maintenance, strong interaction occurs across mobile ad hoc network (MANET) protocol layers. Quality of service (QoS) requirements of multimedia service classes must be satisfied by the cross-layer protocol, along with minimization of the distributed power consumption at nodes and along routes to battery-limited energy constraints. In previous work by the author, cross-layer interactions in the MANET protocol are modeled in terms of a set of concatenated design parameters and associated resource levels by multivariate point processes (MVPPs). Determination of the "best" cross-layer design is carried out using the optimal control of martingale representations of the MVPPs. In contrast to the competitive interaction among nodes in a MANET for multimedia services using limited resources, the interaction among the nodes of a wireless sensor network (WSN) is distributed and collaborative, based on the processing of data from a variety of sensors at nodes to satisfy common mission objectives. Sensor data originates at the nodes at the periphery of the WSN, is successively transported to other nodes for aggregation based on information-theoretic measures of correlation and ultimately sent as information to one or more destination (decision) nodes. The "multimedia services" in the MANET model are replaced by multiple types of sensors, e.g., audio, seismic, imaging, thermal, etc., at the nodes; the QoS metrics associated with MANETs become those associated with the quality of fused information flow, i.e., throughput, delay, packet error rate, data correlation, etc. Significantly, the essential analytical approach to MANET cross-layer optimization, now based on the MVPPs for discrete random events occurring in the WSN, can be applied to develop the stochastic characteristics and optimality conditions for cross-layer designs of sensor network protocols. Functional dependencies of WSN performance metrics are described in

  4. Compliant Robot Wrist

    NASA Technical Reports Server (NTRS)

    Voellmer, George

    1992-01-01

    Compliant element for robot wrist accepts small displacements in one direction only (to first approximation). Three such elements combined to obtain translational compliance along three orthogonal directions, without rotational compliance along any of them. Element is double-blade flexure joint in which two sheets of spring steel attached between opposing blocks, forming rectangle. Blocks moved parallel to each other in one direction only. Sheets act as double cantilever beams deforming in S-shape, keeping blocks parallel.

  5. Potential of Wake-Up Radio-Based MAC Protocols for Implantable Body Sensor Networks (IBSN)—A Survey

    PubMed Central

    Karuppiah Ramachandran, Vignesh Raja; Ayele, Eyuel D.; Meratnia, Nirvana; Havinga, Paul J. M.

    2016-01-01

    With the advent of nano-technology, medical sensors and devices are becoming highly miniaturized. Consequently, the number of sensors and medical devices being implanted to accurately monitor and diagnose a disease is increasing. By measuring the symptoms and controlling a medical device as close as possible to the source, these implantable devices are able to save lives. A wireless link between medical sensors and implantable medical devices is essential in the case of closed-loop medical devices, in which symptoms of the diseases are monitored by sensors that are not placed in close proximity of the therapeutic device. Medium Access Control (MAC) is crucial to make it possible for several medical devices to communicate using a shared wireless medium in such a way that minimum delay, maximum throughput, and increased network life-time are guaranteed. To guarantee this Quality of Service (QoS), the MAC protocols control the main sources of limited resource wastage, namely the idle-listening, packet collisions, over-hearing, and packet loss. Traditional MAC protocols designed for body sensor networks are not directly applicable to Implantable Body Sensor Networks (IBSN) because of the dynamic nature of the radio channel within the human body and the strict QoS requirements of IBSN applications. Although numerous MAC protocols are available in the literature, the majority of them are designed for Body Sensor Network (BSN) and Wireless Sensor Network (WSN). To the best of our knowledge, there is so far no research paper that explores the impact of these MAC protocols specifically for IBSN. MAC protocols designed for implantable devices are still in their infancy and one of their most challenging objectives is to be ultra-low-power. One of the technological solutions to achieve this objective so is to integrate the concept of Wake-up radio (WuR) into the MAC design. In this survey, we present a taxonomy of MAC protocols based on their use of WuR technology and identify

  6. Analytical Models of Cross-Layer Protocol Optimization in Real-Time Wireless Sensor Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Hortos, William S.

    The real-time interactions among the nodes of a wireless sensor network (WSN) to cooperatively process data from multiple sensors are modeled. Quality-of-service (QoS) metrics are associated with the quality of fused information: throughput, delay, packet error rate, etc. Multivariate point process (MVPP) models of discrete random events in WSNs establish stochastic characteristics of optimal cross-layer protocols. Discrete-event, cross-layer interactions in mobile ad hoc network (MANET) protocols have been modeled using a set of concatenated design parameters and associated resource levels by the MVPPs. Characterization of the "best" cross-layer designs for a MANET is formulated by applying the general theory of martingale representations to controlled MVPPs. Performance is described in terms of concatenated protocol parameters and controlled through conditional rates of the MVPPs. Modeling limitations to determination of closed-form solutions versus explicit iterative solutions for ad hoc WSN controls are examined.

  7. MPEG-2 Over Asynchronous Transfer Mode (ATM) Over Satellite Quality of Service (QoS) Experiments: Laboratory Tests

    NASA Technical Reports Server (NTRS)

    Ivancic, William D.; Frantz, Brian D.; Spells, Marcus J.

    1998-01-01

    Asynchronous transfer mode (ATM) quality of service (QoS) experiments were performed using MPEG-2 (ATM application layer 5, AAL5) over ATM over an emulated satellite link. The purpose of these experiments was to determine the free-space link quality necessary to transmit high-quality multimedia information by using the ATM protocol. The detailed test plan and test configuration are described herein as are the test results. MPEG-2 transport streams were baselined in an errored environment, followed by a series of tests using, MPEG-2 over ATM. Errors were created both digitally as well as in an IF link by using a satellite modem and commercial gaussian noise test set for two different MPEG-2 decoder implementations. The results show that ITU-T Recommendation 1.356 Class 1, stringent ATM applications will require better link quality than currently specified; in particular, cell loss ratios of better than 1.0 x 10(exp -8) and cell error ratios of better than 1.0 x 10(exp -7) are needed. These tests were conducted at the NASA Lewis Research Center in support of satellite-ATM interoperability research.

  8. Quantum Secure Group Communication.

    PubMed

    Li, Zheng-Hong; Zubairy, M Suhail; Al-Amri, M

    2018-03-01

    We propose a quantum secure group communication protocol for the purpose of sharing the same message among multiple authorized users. Our protocol can remove the need for key management that is needed for the quantum network built on quantum key distribution. Comparing with the secure quantum network based on BB84, we show our protocol is more efficient and securer. Particularly, in the security analysis, we introduce a new way of attack, i.e., the counterfactual quantum attack, which can steal information by "invisible" photons. This invisible photon can reveal a single-photon detector in the photon path without triggering the detector. Moreover, the photon can identify phase operations applied to itself, thereby stealing information. To defeat this counterfactual quantum attack, we propose a quantum multi-user authorization system. It allows us to precisely control the communication time so that the attack can not be completed in time.

  9. Implementation of QoSS (Quality-of-Security Service) for NoC-Based SoC Protection

    NASA Astrophysics Data System (ADS)

    Sepúlveda, Johanna; Pires, Ricardo; Strum, Marius; Chau, Wang Jiang

    Many of the current electronic systems embedded in a SoC (System-on-Chip) are used to capture, store, manipulate and access critical data, as well as to perform other key functions. In such a scenario, security is considered as an important issue. The Network-on-chip (NoC), as the foreseen communication structure of next-generation SoC devices, can be used to efficiently incorporate security. Our work proposes the implementation of QoSS (Quality of Security Service) to overcome present SoC vulnerabilities. QoSS is a novel concept for data protection that introduces security as a dimension of QoS. In this paper, we present the implementation of two security services (access control and authentication), that may be configured to assume one from several possible levels, the implementation of a technique to avoid denial-of-service (DoS) attacks, evaluate their effectiveness and estimate their impact on NoC performance.

  10. EPA Administrative Order on Consent (AOC) with ERP Compliant Coke, LLC

    EPA Pesticide Factsheets

    This Administrative Order on Consent with ERP Compliant Coke was effective August 2016. The Walter Coke facility located in North Birmingham was purchased by ERP Compliant Coke, LLC in February 2016 out of bankruptcy proceedings.

  11. Adaptive Reliable Routing Protocol Using Combined Link Stability Estimation for Mobile Ad hoc Networks

    NASA Astrophysics Data System (ADS)

    Vadivel, R.; Bhaskaran, V. Murali

    2010-10-01

    The main reason for packet loss in ad hoc networks is the link failure or node failure. In order to increase the path stability, it is essential to distinguish and moderate the failures. By knowing individual link stability along a path, path stability can be identified. In this paper, we develop an adaptive reliable routing protocol using combined link stability estimation for mobile ad hoc networks. The main objective of this protocol is to determine a Quality of Service (QoS) path along with prolonging the network life time and to reduce the packet loss. We calculate a combined metric for a path based on the parameters Link Expiration Time, Node Remaining Energy and Node Velocity and received signal strength to predict the link stability or lifetime. Then, a bypass route is established to retransmit the lost data, when a link failure occurs. By simulation results, we show that the proposed reliable routing protocol achieves high delivery ratio with reduced delay and packet drop.

  12. Security of counterfactual quantum cryptography

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Yin Zhenqiang; Li Hongwei; Chen Wei

    2010-10-15

    Recently, a 'counterfactual' quantum-key-distribution scheme was proposed by T.-G. Noh [Phys. Rev. Lett. 103, 230501 (2009)]. In this scheme, two legitimate distant peers may share secret keys even when the information carriers are not traveled in the quantum channel. We find that this protocol is equivalent to an entanglement distillation protocol. According to this equivalence, a strict security proof and the asymptotic key bit rate are both obtained when a perfect single-photon source is applied and a Trojan horse attack can be detected. We also find that the security of this scheme is strongly related to not only the bitmore » error rate but also the yields of photons. And our security proof may shed light on the security of other two-way protocols.« less

  13. A Unified Approach to Intra-Domain Security

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Shue, Craig A; Kalafut, Andrew J.; Gupta, Prof. Minaxi

    2009-01-01

    While a variety of mechanisms have been developed for securing individual intra-domain protocols, none address the issue in a holistic manner. We develop a unified framework to secure prominent networking protocols within a single domain. We begin with a secure version of the DHCP protocol, which has the additional feature of providing each host with a certificate. We then leverage these certificates to secure ARP, prevent spoofing within the domain, and secure SSH and VPN connections between the domain and hosts which have previously interacted with it locally. In doing so, we also develop an incrementally deployable public key infrastructuremore » which can later be leveraged to support inter-domain authentication.« less

  14. Security of quantum key distribution with multiphoton components

    PubMed Central

    Yin, Hua-Lei; Fu, Yao; Mao, Yingqiu; Chen, Zeng-Bing

    2016-01-01

    Most qubit-based quantum key distribution (QKD) protocols extract the secure key merely from single-photon component of the attenuated lasers. However, with the Scarani-Acin-Ribordy-Gisin 2004 (SARG04) QKD protocol, the unconditionally secure key can be extracted from the two-photon component by modifying the classical post-processing procedure in the BB84 protocol. Employing the merits of SARG04 QKD protocol and six-state preparation, one can extract secure key from the components of single photon up to four photons. In this paper, we provide the exact relations between the secure key rate and the bit error rate in a six-state SARG04 protocol with single-photon, two-photon, three-photon, and four-photon sources. By restricting the mutual information between the phase error and bit error, we obtain a higher secure bit error rate threshold of the multiphoton components than previous works. Besides, we compare the performances of the six-state SARG04 with other prepare-and-measure QKD protocols using decoy states. PMID:27383014

  15. GMP-Compliant Expansion of Clinical-Grade Human Mesenchymal Stromal/Stem Cells Using a Closed Hollow Fiber Bioreactor.

    PubMed

    Barckhausen, Christina; Rice, Brent; Baila, Stefano; Sensebé, Luc; Schrezenmeier, Hubert; Nold, Philipp; Hackstein, Holger; Rojewski, Markus Thomas

    2016-01-01

    This chapter describes a method for GMP-compliant expansion of human mesenchymal stromal/stem cells (hMSC) from bone marrow aspirates, using the Quantum(®) Cell Expansion System from Terumo BCT. The Quantum system is a functionally closed, automated hollow fiber bioreactor system designed to reproducibly grow cells in either GMP or research laboratory environments. The chapter includes protocols for preparation of media, setup of the Quantum system, coating of the hollow fiber bioreactor, as well as loading, feeding, and harvesting of cells. We suggest a panel of quality controls for the starting material, the interim product, as well as the final product.

  16. Designing area optimized application-specific network-on-chip architectures while providing hard QoS guarantees.

    PubMed

    Khawaja, Sajid Gul; Mushtaq, Mian Hamza; Khan, Shoab A; Akram, M Usman; Jamal, Habib Ullah

    2015-01-01

    With the increase of transistors' density, popularity of System on Chip (SoC) has increased exponentially. As a communication module for SoC, Network on Chip (NoC) framework has been adapted as its backbone. In this paper, we propose a methodology for designing area-optimized application specific NoC while providing hard Quality of Service (QoS) guarantees for real time flows. The novelty of the proposed system lies in derivation of a Mixed Integer Linear Programming model which is then used to generate a resource optimal Network on Chip (NoC) topology and architecture while considering traffic and QoS requirements. We also present the micro-architectural design features used for enabling traffic and latency guarantees and discuss how the solution adapts for dynamic variations in the application traffic. The paper highlights the effectiveness of proposed method by generating resource efficient NoC solutions for both industrial and benchmark applications. The area-optimized results are generated in few seconds by proposed technique, without resorting to heuristics, even for an application with 48 traffic flows.

  17. Designing Area Optimized Application-Specific Network-On-Chip Architectures while Providing Hard QoS Guarantees

    PubMed Central

    Khawaja, Sajid Gul; Mushtaq, Mian Hamza; Khan, Shoab A.; Akram, M. Usman; Jamal, Habib ullah

    2015-01-01

    With the increase of transistors' density, popularity of System on Chip (SoC) has increased exponentially. As a communication module for SoC, Network on Chip (NoC) framework has been adapted as its backbone. In this paper, we propose a methodology for designing area-optimized application specific NoC while providing hard Quality of Service (QoS) guarantees for real time flows. The novelty of the proposed system lies in derivation of a Mixed Integer Linear Programming model which is then used to generate a resource optimal Network on Chip (NoC) topology and architecture while considering traffic and QoS requirements. We also present the micro-architectural design features used for enabling traffic and latency guarantees and discuss how the solution adapts for dynamic variations in the application traffic. The paper highlights the effectiveness of proposed method by generating resource efficient NoC solutions for both industrial and benchmark applications. The area-optimized results are generated in few seconds by proposed technique, without resorting to heuristics, even for an application with 48 traffic flows. PMID:25898016

  18. An economic and feasible Quantum Sealed-bid Auction protocol

    NASA Astrophysics Data System (ADS)

    Zhang, Rui; Shi, Run-hua; Qin, Jia-qi; Peng, Zhen-wan

    2018-02-01

    We present an economic and feasible Quantum Sealed-bid Auction protocol using quantum secure direct communication based on single photons in both the polarization and the spatial-mode degrees of freedom, where each single photon can carry two bits of classical information. Compared with previous protocols, our protocol has higher efficiency. In addition, we propose a secure post-confirmation mechanism without quantum entanglement to guarantee the security and the fairness of the auction.

  19. Quantum key distribution with delayed privacy amplification and its application to the security proof of a two-way deterministic protocol

    NASA Astrophysics Data System (ADS)

    Fung, Chi-Hang Fred; Ma, Xiongfeng; Chau, H. F.; Cai, Qing-Yu

    2012-03-01

    Privacy amplification (PA) is an essential postprocessing step in quantum key distribution (QKD) for removing any information an eavesdropper may have on the final secret key. In this paper, we consider delaying PA of the final key after its use in one-time pad encryption and prove its security. We prove that the security and the key generation rate are not affected by delaying PA. Delaying PA has two applications: it serves as a tool for significantly simplifying the security proof of QKD with a two-way quantum channel, and also it is useful in QKD networks with trusted relays. To illustrate the power of the delayed PA idea, we use it to prove the security of a qubit-based two-way deterministic QKD protocol which uses four states and four encoding operations.

  20. Smarter hospital communication: secure smartphone text messaging improves provider satisfaction and perception of efficacy, workflow.

    PubMed

    Przybylo, Jennifer A; Wang, Ange; Loftus, Pooja; Evans, Kambria H; Chu, Isabella; Shieh, Lisa

    2014-09-01

    Though current hospital paging systems are neither efficient (callbacks disrupt workflow), nor secure (pagers are not Health Insurance Portability and Accountability Act [HIPAA]-compliant), they are routinely used to communicate patient information. Smartphone-based text messaging is a potentially more convenient and efficient mobile alternative; however, commercial cellular networks are also not secure. To determine if augmenting one-way pagers with Medigram, a secure, HIPAA-compliant group messaging (HCGM) application for smartphones, could improve hospital team communication. Eight-week prospective, cluster-randomized, controlled trial Stanford Hospital Three inpatient medicine teams used the HCGM application in addition to paging, while two inpatient medicine teams used paging only for intra-team communication. Baseline and post-study surveys were collected from 22 control and 41 HCGM team members. When compared with paging, HCGM was rated significantly (P < 0.05) more effective in: (1) allowing users to communicate thoughts clearly (P = 0.010) and efficiently (P = 0.009) and (2) integrating into workflow during rounds (P = 0.018) and patient discharge (P = 0.012). Overall satisfaction with HCGM was significantly higher (P = 0.003). 85% of HCGM team respondents said they would recommend using an HCGM system on the wards. Smartphone-based, HIPAA-compliant group messaging applications improve provider perception of in-hospital communication, while providing the information security that paging and commercial cellular networks do not. © 2014 The Authors Journal of Hospital Medicine published by Wiley Periodicals, Inc. on behalf of Society of Hospital Medicine.

  1. Continuous-variable quantum-key-distribution protocols with a non-Gaussian modulation

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Leverrier, Anthony; Grangier, Philippe; Laboratoire Charles Fabry, Institut d'Optique, CNRS, Univ. Paris-Sud, Campus Polytechnique, RD 128, F-91127 Palaiseau Cedex

    2011-04-15

    In this paper, we consider continuous-variable quantum-key-distribution (QKD) protocols which use non-Gaussian modulations. These specific modulation schemes are compatible with very efficient error-correction procedures, hence allowing the protocols to outperform previous protocols in terms of achievable range. In their simplest implementation, these protocols are secure for any linear quantum channels (hence against Gaussian attacks). We also show how the use of decoy states makes the protocols secure against arbitrary collective attacks, which implies their unconditional security in the asymptotic limit.

  2. Data security in genomics: A review of Australian privacy requirements and their relation to cryptography in data storage.

    PubMed

    Schlosberg, Arran

    2016-01-01

    The advent of next-generation sequencing (NGS) brings with it a need to manage large volumes of patient data in a manner that is compliant with both privacy laws and long-term archival needs. Outside of the realm of genomics there is a need in the broader medical community to store data, and although radiology aside the volume may be less than that of NGS, the concepts discussed herein are similarly relevant. The relation of so-called "privacy principles" to data protection and cryptographic techniques is explored with regards to the archival and backup storage of health data in Australia, and an example implementation of secure management of genomic archives is proposed with regards to this relation. Readers are presented with sufficient detail to have informed discussions - when implementing laboratory data protocols - with experts in the fields.

  3. Data security in genomics: A review of Australian privacy requirements and their relation to cryptography in data storage

    PubMed Central

    Schlosberg, Arran

    2016-01-01

    The advent of next-generation sequencing (NGS) brings with it a need to manage large volumes of patient data in a manner that is compliant with both privacy laws and long-term archival needs. Outside of the realm of genomics there is a need in the broader medical community to store data, and although radiology aside the volume may be less than that of NGS, the concepts discussed herein are similarly relevant. The relation of so-called “privacy principles” to data protection and cryptographic techniques is explored with regards to the archival and backup storage of health data in Australia, and an example implementation of secure management of genomic archives is proposed with regards to this relation. Readers are presented with sufficient detail to have informed discussions – when implementing laboratory data protocols – with experts in the fields. PMID:26955504

  4. Modeling and performance analysis of QoS data

    NASA Astrophysics Data System (ADS)

    Strzeciwilk, Dariusz; Zuberek, Włodzimierz M.

    2016-09-01

    The article presents the results of modeling and analysis of data transmission performance on systems that support quality of service. Models are designed and tested, taking into account multiservice network architecture, i.e. supporting the transmission of data related to different classes of traffic. Studied were mechanisms of traffic shaping systems, which are based on the Priority Queuing with an integrated source of data and the various sources of data that is generated. Discussed were the basic problems of the architecture supporting QoS and queuing systems. Designed and built were models based on Petri nets, supported by temporal logics. The use of simulation tools was to verify the mechanisms of shaping traffic with the applied queuing algorithms. It is shown that temporal models of Petri nets can be effectively used in the modeling and analysis of the performance of computer networks.

  5. Development of a multistage compliant mechanism with new boundary constraint

    NASA Astrophysics Data System (ADS)

    Ling, Mingxiang; Cao, Junyi; Jiang, Zhou; Li, Qisheng

    2018-01-01

    This paper presents a piezo-actuated compliant mechanism with a new boundary constraint to provide concurrent large workspace and high dynamic frequency for precision positioning or other flexible manipulation applications. A two-stage rhombus-type displacement amplifier with the "sliding-sliding" boundary constraint is presented to maximize the dynamic frequency while retaining a large output displacement. The vibration mode is also improved by the designed boundary constraint. A theoretical kinematic model of the compliant mechanism is established to optimize the geometric parameters, and a prototype is fabricated with a compact dimension of 60 mm × 60 mm × 12 mm. The experimental testing shows that the maximum stroke is approximately 0.6 mm and the output stiffness is 1.1 N/μm with the fundamental frequency of larger than 2.2 kHz. Lastly, the excellent performance of the presented compliant mechanism is compared with several mechanisms in the previous literature. As a conclusion, the presented boundary constraint strategy provides a new way to balance the trade-off between the frequency response and the stroke range widely existed in compliant mechanisms.

  6. Security of counterfactual quantum cryptography

    NASA Astrophysics Data System (ADS)

    Yin, Zhen-Qiang; Li, Hong-Wei; Chen, Wei; Han, Zheng-Fu; Guo, Guang-Can

    2010-10-01

    Recently, a “counterfactual” quantum-key-distribution scheme was proposed by T.-G. Noh [Phys. Rev. Lett.PRLTAO0031-900710.1103/PhysRevLett.103.230501 103, 230501 (2009)]. In this scheme, two legitimate distant peers may share secret keys even when the information carriers are not traveled in the quantum channel. We find that this protocol is equivalent to an entanglement distillation protocol. According to this equivalence, a strict security proof and the asymptotic key bit rate are both obtained when a perfect single-photon source is applied and a Trojan horse attack can be detected. We also find that the security of this scheme is strongly related to not only the bit error rate but also the yields of photons. And our security proof may shed light on the security of other two-way protocols.

  7. How Secure Is Your Radiology Department? Mapping Digital Radiology Adoption and Security Worldwide.

    PubMed

    Stites, Mark; Pianykh, Oleg S

    2016-04-01

    Despite the long history of digital radiology, one of its most critical aspects--information security--still remains extremely underdeveloped and poorly standardized. To study the current state of radiology security, we explored the worldwide security of medical image archives. Using the DICOM data-transmitting standard, we implemented a highly parallel application to scan the entire World Wide Web of networked computers and devices, locating open and unprotected radiology servers. We used only legal and radiology-compliant tools. Our security-probing application initiated a standard DICOM handshake to remote computer or device addresses, and then assessed their security posture on the basis of handshake replies. The scan discovered a total of 2774 unprotected radiology or DICOM servers worldwide. Of those, 719 were fully open to patient data communications. Geolocation was used to analyze and rank our findings according to country utilization. As a result, we built maps and world ranking of clinical security, suggesting that even the most radiology-advanced countries have hospitals with serious security gaps. Despite more than two decades of active development and implementation, our radiology data still remains insecure. The results provided should be applied to raise awareness and begin an earnest dialogue toward elimination of the problem. The application we designed and the novel scanning approach we developed can be used to identify security breaches and to eliminate them before they are compromised.

  8. Compliant tactile sensor that delivers a force vector

    NASA Technical Reports Server (NTRS)

    Torres-Jara, Eduardo (Inventor)

    2010-01-01

    Tactile Sensor. The sensor includes a compliant convex surface disposed above a sensor array, the sensor array adapted to respond to deformation of the convex surface to generate a signal related to an applied force vector. The applied force vector has three components to establish the direction and magnitude of an applied force. The compliant convex surface defines a dome with a hollow interior and has a linear relation between displacement and load including a magnet disposed substantially at the center of the dome above a sensor array that responds to magnetic field intensity.

  9. Dual-Arm Generalized Compliant Motion With Shared Control

    NASA Technical Reports Server (NTRS)

    Backes, Paul G.

    1994-01-01

    Dual-Arm Generalized Compliant Motion (DAGCM) primitive computer program implementing improved unified control scheme for two manipulator arms cooperating in task in which both grasp same object. Provides capabilities for autonomous, teleoperation, and shared control of two robot arms. Unifies cooperative dual-arm control with multi-sensor-based task control and makes complete task-control capability available to higher-level task-planning computer system via large set of input parameters used to describe desired force and position trajectories followed by manipulator arms. Some concepts discussed in "A Generalized-Compliant-Motion Primitive" (NPO-18134).

  10. Design and Development of Layered Security: Future Enhancements and Directions in Transmission

    PubMed Central

    Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

    2016-01-01

    Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack. PMID:26751443

  11. Design and Development of Layered Security: Future Enhancements and Directions in Transmission.

    PubMed

    Shahzad, Aamir; Lee, Malrey; Kim, Suntae; Kim, Kangmin; Choi, Jae-Young; Cho, Younghwa; Lee, Keun-Kwang

    2016-01-06

    Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

  12. Quantum-key-distribution protocol with pseudorandom bases

    NASA Astrophysics Data System (ADS)

    Trushechkin, A. S.; Tregubov, P. A.; Kiktenko, E. O.; Kurochkin, Y. V.; Fedorov, A. K.

    2018-01-01

    Quantum key distribution (QKD) offers a way for establishing information-theoretical secure communications. An important part of QKD technology is a high-quality random number generator for the quantum-state preparation and for post-processing procedures. In this work, we consider a class of prepare-and-measure QKD protocols, utilizing additional pseudorandomness in the preparation of quantum states. We study one of such protocols and analyze its security against the intercept-resend attack. We demonstrate that, for single-photon sources, the considered protocol gives better secret key rates than the BB84 and the asymmetric BB84 protocols. However, the protocol strongly requires single-photon sources.

  13. Eavesdropping on the improved three-party quantum secret sharing protocol

    NASA Astrophysics Data System (ADS)

    Gao, Gan

    2011-02-01

    Lin et al. [Song Lin, Fei Gao, Qiao-yan Wen, Fu-chen Zhu, Opt. Commun. 281 (2008) 4553] pointed out that the multiparty quantum secret sharing protocol [Zhan-jun Zhang, Gan Gao, Xin Wang, Lian-fang Han, Shou-hua Shi, Opt. Commun. 269 (2007) 418] is not secure and proposed an improved three-party quantum secret sharing protocol. In this paper, we study the security of the improved three-party quantum secret sharing protocol and find that it is still not secure. Finally, a further improved three-party quantum secret sharing protocol is proposed.

  14. Open Mobile Alliance Secure Content Exchange: Introducing Key Management Constructs and Protocols for Compromise-Resilient Easing of DRM Restrictions

    NASA Astrophysics Data System (ADS)

    Kravitz, David William

    This paper presents an insider's view of the rationale and the cryptographic mechanics of some principal elements of the Open Mobile Alliance (OMA) Secure Content Exchange (SCE) Technical Specifications. A primary goal is to enable implementation of a configurable methodology that quarantines the effects that unknown-compromised entities have on still-compliant entities in the system, while allowing import from upstream protection systems and multi-client reuse of Rights Objects that grant access to plaintext content. This has to be done without breaking compatibility with the underlying legacy OMA DRM v2.0/v2.1 Technical Specifications. It is also required that legacy devices can take at least partial advantage of the new import functionality, and can request the creation of SCE-compatible Rights Objects and utilize Rights Objects created upon request of SCE-conformant devices. This must be done in a way that the roles played by newly defined entities unrecognizable by legacy devices remain hidden.

  15. On the theory of compliant wall drag reduction in turbulent boundary layers

    NASA Technical Reports Server (NTRS)

    Ash, R. L.

    1974-01-01

    A theoretical model has been developed which can explain how the motion of a compliant wall reduces turbulent skin friction drag. Available experimental evidence at low speeds has been used to infer that a compliant surface selectively removes energy from the upper frequency range of the energy containing eddies and through resulting surface motions can produce locally negative Reynolds stresses at the wall. The theory establishes a preliminary amplitude and frequency criterion as the basis for designing effective drag reducing compliant surfaces.

  16. Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

    NASA Astrophysics Data System (ADS)

    Hortos, William S.

    2007-09-01

    A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node

  17. Standard requirements for GCP-compliant data management in multinational clinical trials

    PubMed Central

    2011-01-01

    Background A recent survey has shown that data management in clinical trials performed by academic trial units still faces many difficulties (e.g. heterogeneity of software products, deficits in quality management, limited human and financial resources and the complexity of running a local computer centre). Unfortunately, no specific, practical and open standard for both GCP-compliant data management and the underlying IT-infrastructure is available to improve the situation. For that reason the "Working Group on Data Centres" of the European Clinical Research Infrastructures Network (ECRIN) has developed a standard specifying the requirements for high quality GCP-compliant data management in multinational clinical trials. Methods International, European and national regulations and guidelines relevant to GCP, data security and IT infrastructures, as well as ECRIN documents produced previously, were evaluated to provide a starting point for the development of standard requirements. The requirements were produced by expert consensus of the ECRIN Working group on Data Centres, using a structured and standardised process. The requirements were divided into two main parts: an IT part covering standards for the underlying IT infrastructure and computer systems in general, and a Data Management (DM) part covering requirements for data management applications in clinical trials. Results The standard developed includes 115 IT requirements, split into 15 separate sections, 107 DM requirements (in 12 sections) and 13 other requirements (2 sections). Sections IT01 to IT05 deal with the basic IT infrastructure while IT06 and IT07 cover validation and local software development. IT08 to IT015 concern the aspects of IT systems that directly support clinical trial management. Sections DM01 to DM03 cover the implementation of a specific clinical data management application, i.e. for a specific trial, whilst DM04 to DM12 address the data management of trials across the unit. Section

  18. Standard requirements for GCP-compliant data management in multinational clinical trials.

    PubMed

    Ohmann, Christian; Kuchinke, Wolfgang; Canham, Steve; Lauritsen, Jens; Salas, Nader; Schade-Brittinger, Carmen; Wittenberg, Michael; McPherson, Gladys; McCourt, John; Gueyffier, Francois; Lorimer, Andrea; Torres, Ferràn

    2011-03-22

    A recent survey has shown that data management in clinical trials performed by academic trial units still faces many difficulties (e.g. heterogeneity of software products, deficits in quality management, limited human and financial resources and the complexity of running a local computer centre). Unfortunately, no specific, practical and open standard for both GCP-compliant data management and the underlying IT-infrastructure is available to improve the situation. For that reason the "Working Group on Data Centres" of the European Clinical Research Infrastructures Network (ECRIN) has developed a standard specifying the requirements for high quality GCP-compliant data management in multinational clinical trials. International, European and national regulations and guidelines relevant to GCP, data security and IT infrastructures, as well as ECRIN documents produced previously, were evaluated to provide a starting point for the development of standard requirements. The requirements were produced by expert consensus of the ECRIN Working group on Data Centres, using a structured and standardised process. The requirements were divided into two main parts: an IT part covering standards for the underlying IT infrastructure and computer systems in general, and a Data Management (DM) part covering requirements for data management applications in clinical trials. The standard developed includes 115 IT requirements, split into 15 separate sections, 107 DM requirements (in 12 sections) and 13 other requirements (2 sections). Sections IT01 to IT05 deal with the basic IT infrastructure while IT06 and IT07 cover validation and local software development. IT08 to IT015 concern the aspects of IT systems that directly support clinical trial management. Sections DM01 to DM03 cover the implementation of a specific clinical data management application, i.e. for a specific trial, whilst DM04 to DM12 address the data management of trials across the unit. Section IN01 is dedicated to

  19. Compliant mechanism road bicycle brake: a rigid-body replacement case study

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Olsen, Brian M; Howell, Larry L; Magleby, Spencer P

    2011-01-19

    The design of high-performance bicycle brakes is complicated by the competing design objectives of increased performance and low weight. But this challenge also provides a good case study to demonstrate the design of compliant mechanisms to replace current rigid-link mechanisms. This paper briefly reviews current road brake designs, demonstrates the use of rigid-body replacement synthesis to design a compliant mechanism, and illustrates the combination of compliant mechanism design tools. The resulting concept was generated from the modified dual-pivot brake design and is a partially compliant mechanism where one pin has the dual role of a joint and a mounting pin.more » The pseudo-rigid-body model, finite element analysis, and optimization algorithms are used to generate design dimensions, and designs are considered for both titanium and E-glass flexures. The resulting design has the potential of reducing the part count and overall weight while maintaining a performance similar to the benchmark.« less

  20. A high performance totally ordered multicast protocol

    NASA Technical Reports Server (NTRS)

    Montgomery, Todd; Whetten, Brian; Kaplan, Simon

    1995-01-01

    This paper presents the Reliable Multicast Protocol (RMP). RMP provides a totally ordered, reliable, atomic multicast service on top of an unreliable multicast datagram service such as IP Multicasting. RMP is fully and symmetrically distributed so that no site bears un undue portion of the communication load. RMP provides a wide range of guarantees, from unreliable delivery to totally ordered delivery, to K-resilient, majority resilient, and totally resilient atomic delivery. These QoS guarantees are selectable on a per packet basis. RMP provides many communication options, including virtual synchrony, a publisher/subscriber model of message delivery, an implicit naming service, mutually exclusive handlers for messages, and mutually exclusive locks. It has commonly been held that a large performance penalty must be paid in order to implement total ordering -- RMP discounts this. On SparcStation 10's on a 1250 KB/sec Ethernet, RMP provides totally ordered packet delivery to one destination at 842 KB/sec throughput and with 3.1 ms packet latency. The performance stays roughly constant independent of the number of destinations. For two or more destinations on a LAN, RMP provides higher throughput than any protocol that does not use multicast or broadcast.

  1. Joint terminals and relay optimization for two-way power line information exchange systems with QoS constraints

    NASA Astrophysics Data System (ADS)

    Wu, Xiaolin; Rong, Yue

    2015-12-01

    The quality-of-service (QoS) criteria (measured in terms of the minimum capacity requirement in this paper) are very important to practical indoor power line communication (PLC) applications as they greatly affect the user experience. With a two-way multicarrier relay configuration, in this paper we investigate the joint terminals and relay power optimization for the indoor broadband PLC environment, where the relay node works in the amplify-and-forward (AF) mode. As the QoS-constrained power allocation problem is highly non-convex, the globally optimal solution is computationally intractable to obtain. To overcome this challenge, we propose an alternating optimization (AO) method to decompose this problem into three convex/quasi-convex sub-problems. Simulation results demonstrate the fast convergence of the proposed algorithm under practical PLC channel conditions. Compared with the conventional bidirectional direct transmission (BDT) system, the relay-assisted two-way information exchange (R2WX) scheme can meet the same QoS requirement with less total power consumption.

  2. Finalizing the CCSDS Space-Data Link Layer Security Protocol: Setup and Execution of the Interoperability Testing

    NASA Technical Reports Server (NTRS)

    Fischer, Daniel; Aguilar-Sanchez, Ignacio; Saba, Bruno; Moury, Gilles; Biggerstaff, Craig; Bailey, Brandon; Weiss, Howard; Pilgram, Martin; Richter, Dorothea

    2015-01-01

    The protection of data transmitted over the space-link is an issue of growing importance also for civilian space missions. Through the Consultative Committee for Space Data Systems (CCSDS), space agencies have reacted to this need by specifying the Space Data-Link Layer Security (SDLS) protocol which provides confidentiality and integrity services for the CCSDS Telemetry (TM), Telecommand (TC) and Advanced Orbiting Services (AOS) space data-link protocols. This paper describes the approach of the CCSDS SDLS working group to specify and execute the necessary interoperability tests. It first details the individual SDLS implementations that have been produced by ESA, NASA, and CNES and then the overall architecture that allows the interoperability tests between them. The paper reports on the results of the interoperability tests and identifies relevant aspects for the evolution of the test environment.

  3. An algorithm for continuum modeling of rocks with multiple embedded nonlinearly-compliant joints [Continuum modeling of elasto-plastic media with multiple embedded nonlinearly-compliant joints

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Hurley, R. C.; Vorobiev, O. Y.; Ezzedine, S. M.

    Here, we present a numerical method for modeling the mechanical effects of nonlinearly-compliant joints in elasto-plastic media. The method uses a series of strain-rate and stress update algorithms to determine joint closure, slip, and solid stress within computational cells containing multiple “embedded” joints. This work facilitates efficient modeling of nonlinear wave propagation in large spatial domains containing a large number of joints that affect bulk mechanical properties. We implement the method within the massively parallel Lagrangian code GEODYN-L and provide verification and examples. We highlight the ability of our algorithms to capture joint interactions and multiple weakness planes within individualmore » computational cells, as well as its computational efficiency. We also discuss the motivation for developing the proposed technique: to simulate large-scale wave propagation during the Source Physics Experiments (SPE), a series of underground explosions conducted at the Nevada National Security Site (NNSS).« less

  4. An algorithm for continuum modeling of rocks with multiple embedded nonlinearly-compliant joints [Continuum modeling of elasto-plastic media with multiple embedded nonlinearly-compliant joints

    DOE PAGES

    Hurley, R. C.; Vorobiev, O. Y.; Ezzedine, S. M.

    2017-04-06

    Here, we present a numerical method for modeling the mechanical effects of nonlinearly-compliant joints in elasto-plastic media. The method uses a series of strain-rate and stress update algorithms to determine joint closure, slip, and solid stress within computational cells containing multiple “embedded” joints. This work facilitates efficient modeling of nonlinear wave propagation in large spatial domains containing a large number of joints that affect bulk mechanical properties. We implement the method within the massively parallel Lagrangian code GEODYN-L and provide verification and examples. We highlight the ability of our algorithms to capture joint interactions and multiple weakness planes within individualmore » computational cells, as well as its computational efficiency. We also discuss the motivation for developing the proposed technique: to simulate large-scale wave propagation during the Source Physics Experiments (SPE), a series of underground explosions conducted at the Nevada National Security Site (NNSS).« less

  5. Quantum key distribution protocol based on contextuality monogamy

    NASA Astrophysics Data System (ADS)

    Singh, Jaskaran; Bharti, Kishor; Arvind

    2017-06-01

    The security of quantum key distribution (QKD) protocols hinges upon features of physical systems that are uniquely quantum in nature. We explore the role of quantumness, as qualified by quantum contextuality, in a QKD scheme. A QKD protocol based on the Klyachko-Can-Binicioğlu-Shumovsky (KCBS) contextuality scenario using a three-level quantum system is presented. We explicitly show the unconditional security of the protocol by a generalized contextuality monogamy relationship based on the no-disturbance principle. This protocol provides a new framework for QKD which has conceptual and practical advantages over other protocols.

  6. From Auto- to Allotransplantation: Immunomodulatory Protocol for Hand and Arm Transplantation.

    PubMed

    Lee, W P Andrew; Shores, Jaimie T; Brandacher, Gerald

    2018-05-18

     To achieve a favorable risk-benefit balance for hand transplantation, an immunomodulatory protocol was developed in the laboratory and translated to clinical application.  Following donor bone marrow infusion into transplant recipients, hand and arm allografts have been maintained on low-dose tacrolimus monotherapy.  Good-to-excellent functional recovery has been achieved in patients compliant with medication and therapy, thus restoring autonomous and productive lives.  The risk-benefit balance can be tilted in favor of the hand transplant recipients by using an immunomodulatory protocol with minimum immunosuppression. Thieme Medical Publishers 333 Seventh Avenue, New York, NY 10001, USA.

  7. Comment on "flexible protocol for quantum private query based on B92 protocol"

    NASA Astrophysics Data System (ADS)

    Chang, Yan; Zhang, Shi-Bin; Zhu, Jing-Min

    2017-03-01

    In a recent paper (Quantum Inf Process 13:805-813, 2014), a flexible quantum private query (QPQ) protocol based on B92 protocol is presented. Here we point out that the B92-based QPQ protocol is insecure in database security when the channel has loss, that is, the user (Alice) will know more records in Bob's database compared with she has bought.

  8. Semantic Network Adaptation Based on QoS Pattern Recognition for Multimedia Streams

    NASA Astrophysics Data System (ADS)

    Exposito, Ernesto; Gineste, Mathieu; Lamolle, Myriam; Gomez, Jorge

    This article proposes an ontology based pattern recognition methodology to compute and represent common QoS properties of the Application Data Units (ADU) of multimedia streams. The use of this ontology by mechanisms located at different layers of the communication architecture will allow implementing fine per-packet self-optimization of communication services regarding the actual application requirements. A case study showing how this methodology is used by error control mechanisms in the context of wireless networks is presented in order to demonstrate the feasibility and advantages of this approach.

  9. Lemnos interoperable security project.

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Halbgewachs, Ronald D.

    2010-03-01

    With the Lemnos framework, interoperability of control security equipment is straightforward. To obtain interoperability between proprietary security appliance units, one or both vendors must now write cumbersome 'translation code.' If one party changes something, the translation code 'breaks.' The Lemnos project is developing and testing a framework that uses widely available security functions and protocols like IPsec - to form a secure communications channel - and Syslog, to exchange security log messages. Using this model, security appliances from two or more different vendors can clearly and securely exchange information, helping to better protect the total system. Simplify regulatory compliance inmore » a complicated security environment by leveraging the Lemnos framework. As an electric utility, are you struggling to implement the NERC CIP standards and other regulations? Are you weighing the misery of multiple management interfaces against committing to a ubiquitous single-vendor solution? When vendors build their security appliances to interoperate using the Lemnos framework, it becomes practical to match best-of-breed offerings from an assortment of vendors to your specific control systems needs. The Lemnos project is developing and testing a framework that uses widely available open-source security functions and protocols like IPsec and Syslog to create a secure communications channel between appliances in order to exchange security data.« less

  10. Device Centric Throughput and QoS Optimization for IoTsin a Smart Building Using CRN-Techniques

    PubMed Central

    Aslam, Saleem; Hasan, Najam Ul; Shahid, Adnan; Jang, Ju Wook; Lee, Kyung-Geun

    2016-01-01

    The Internet of Things (IoT) has gained an incredible importance in the communication and networking industry due to its innovative solutions and advantages in diverse domains. The IoT’ network is a network of smart physical objects: devices, vehicles, buildings, etc. The IoT has a number of applications ranging from smart home, smart surveillance to smart healthcare systems. Since IoT consists of various heterogeneous devices that exhibit different traffic patterns and expect different quality of service (QoS) in terms of data rate, bit error rate and the stability index of the channel, therefore, in this paper, we formulated an optimization problem to assign channels to heterogeneous IoT devices within a smart building for the provisioning of their desired QoS. To solve this problem, a novel particle swarm optimization-based algorithm is proposed. Then, exhaustive simulations are carried out to evaluate the performance of the proposed algorithm. Simulation results demonstrate the supremacy of our proposed algorithm over the existing ones in terms of throughput, bit error rate and the stability index of the channel. PMID:27782057

  11. Power-efficient distributed resource allocation under goodput QoS constraints for heterogeneous networks

    NASA Astrophysics Data System (ADS)

    Andreotti, Riccardo; Del Fiorentino, Paolo; Giannetti, Filippo; Lottici, Vincenzo

    2016-12-01

    This work proposes a distributed resource allocation (RA) algorithm for packet bit-interleaved coded OFDM transmissions in the uplink of heterogeneous networks (HetNets), characterized by small cells deployed over a macrocell area and sharing the same band. Every user allocates its transmission resources, i.e., bits per active subcarrier, coding rate, and power per subcarrier, to minimize the power consumption while both guaranteeing a target quality of service (QoS) and accounting for the interference inflicted by other users transmitting over the same band. The QoS consists of the number of information bits delivered in error-free packets per unit of time, or goodput (GP), estimated at the transmitter by resorting to an efficient effective SNR mapping technique. First, the RA problem is solved in the point-to-point case, thus deriving an approximate yet accurate closed-form expression for the power allocation (PA). Then, the interference-limited HetNet case is examined, where the RA problem is described as a non-cooperative game, providing a solution in terms of generalized Nash equilibrium. Thanks to the closed-form of the PA, the solution analysis is based on the best response concept. Hence, sufficient conditions for existence and uniqueness of the solution are analytically derived, along with a distributed algorithm capable of reaching the game equilibrium.

  12. Can compliant fault zones be used to measure absolute stresses in the upper crust?

    NASA Astrophysics Data System (ADS)

    Hearn, E. H.; Fialko, Y.

    2009-04-01

    Geodetic and seismic observations reveal long-lived zones with reduced elastic moduli along active crustal faults. These fault zones localize strain from nearby earthquakes, consistent with the response of a compliant, elastic layer. Fault zone trapped wave studies documented a small reduction in P and S wave velocities along the Johnson Valley Fault caused by the 1999 Hector Mine earthquake. This reduction presumably perturbed a permanent compliant structure associated with the fault. The inferred changes in the fault zone compliance may produce a measurable deformation in response to background (tectonic) stresses. This deformation should have the same sense as the background stress, rather than the coseismic stress change. Here we investigate how the observed deformation of compliant zones in the Mojave Desert can be used to constrain the fault zone structure and stresses in the upper crust. We find that gravitational contraction of the coseismically softened zones should cause centimeters of coseismic subsidence of both the compliant zones and the surrounding region, unless the compliant fault zones are shallow and narrow, or essentially incompressible. We prefer the latter interpretation because profiles of line of sight displacements across compliant zones cannot be fit by a narrow, shallow compliant zone. Strain of the Camp Rock and Pinto Mountain fault zones during the Hector Mine and Landers earthquakes suggests that background deviatoric stresses are broadly consistent with Mohr-Coulomb theory in the Mojave upper crust (with μ ≥ 0.7). Large uncertainties in Mojave compliant zone properties and geometry preclude more precise estimates of crustal stresses in this region. With improved imaging of the geometry and elastic properties of compliant zones, and with precise measurements of their strain in response to future earthquakes, the modeling approach we describe here may eventually provide robust estimates of absolute crustal stress.

  13. Grandfathered, Grandmothered, And ACA-Compliant Health Plans Have Equivalent Premiums.

    PubMed

    Whitmore, Heidi; Gabel, Jon R; Satorius, Jennifer L; Green, Matthew

    2017-02-01

    Many small employers offer employees health plans that are not fully compliant with Affordable Care Act (ACA) provisions such as covering preventive services without cost sharing. These "grandfathered" and "grandmothered" plans accounted for about 65 percent of enrollment in the small-group market in 2014. Premium costs for these and ACA-compliant plans were equivalent. Project HOPE—The People-to-People Health Foundation, Inc.

  14. MR efficiency using automated MRI-desktop eProtocol

    NASA Astrophysics Data System (ADS)

    Gao, Fei; Xu, Yanzhe; Panda, Anshuman; Zhang, Min; Hanson, James; Su, Congzhe; Wu, Teresa; Pavlicek, William; James, Judy R.

    2017-03-01

    MRI protocols are instruction sheets that radiology technologists use in routine clinical practice for guidance (e.g., slice position, acquisition parameters etc.). In Mayo Clinic Arizona (MCA), there are over 900 MR protocols (ranging across neuro, body, cardiac, breast etc.) which makes maintaining and updating the protocol instructions a labor intensive effort. The task is even more challenging given different vendors (Siemens, GE etc.). This is a universal problem faced by all the hospitals and/or medical research institutions. To increase the efficiency of the MR practice, we designed and implemented a web-based platform (eProtocol) to automate the management of MRI protocols. It is built upon a database that automatically extracts protocol information from DICOM compliant images and provides a user-friendly interface to the technologists to create, edit and update the protocols. Advanced operations such as protocol migrations from scanner to scanner and capability to upload Multimedia content were also implemented. To the best of our knowledge, eProtocol is the first MR protocol automated management tool used clinically. It is expected that this platform will significantly improve the radiology operations efficiency including better image quality and exam consistency, fewer repeat examinations and less acquisition errors. These protocols instructions will be readily available to the technologists during scans. In addition, this web-based platform can be extended to other imaging modalities such as CT, Mammography, and Interventional Radiology and different vendors for imaging protocol management.

  15. A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System.

    PubMed

    Mohit, Prerna; Amin, Ruhul; Karati, Arijit; Biswas, G P; Khan, Muhammad Khurram

    2017-04-01

    Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

  16. Digital Imagery Compression Best Practices Guide - A Motion Imagery Standards Profile (MISP) Compliant Architecture

    DTIC Science & Technology

    2012-06-01

    MISP) COMPLIANT ARCHITECTURE WHITE SANDS MISSILE RANGE REAGAN TEST SITE YUMA PROVING GROUND DUGWAY PROVING GROUND ABERDEEN TEST CENTER...DIGITAL MOTION IMAGERY COMPRESSION BEST PRACTICES GUIDE – A MOTION IMAGERY STANDARDS PROFILE (MISP) COMPLIANT ARCHITECTURE ...delivery, and archival purposes. These practices are based on a Motion Imagery Standards Profile (MISP) compliant architecture , which has been defined

  17. Attitude and subjective wellbeing of non-compliant mothers to childhood oral polio vaccine supplemental immunization in Northern Nigeria.

    PubMed

    Umeh, Gregory C; Nomhwange, Terna Ignatius; Shamang, Anthony F; Zakari, Furera; Musa, Audu I; Dogo, Paul M; Gugong, Victor; Iliyasu, Neyu

    2018-02-08

    Attitude and subjective well-being are important factors in mothers accepting or rejecting Oral Polio Vaccine (OPV) supplemental immunization. The purpose of the study was to determine the role of mothers' attitude and subjective wellbeing on non-compliance to OPV supplemental immunization in Northern Nigeria. The study utilized a cross-sectional design to assess attitude and subjective well-being of mothers using previously validated VACSATC (Vaccine Safety, Attitudes, Training and Communication-10 items) & SUBI (Subjective Well-being Inventory-40 items) measures. A total of 396 participants (equal number of non-compliant and compliant mothers) from 94 non-compliant settlements were interviewed, after informed consent. T-test was run to assess difference in mean scores between the non-compliant and compliant mothers on VACSATC and SUBI measures. The research showed a significant difference in mean scores between the non-compliant and compliant groups on VACSATC measure of mothers' attitude (M = 18.9 non-compliant, compared to 26.5 compliant; p < 0.05). On subjective well-being, the study showed there was no significant difference in the mean scores of the SUBI measure (M = 77.4 non-compliant, compared to 78.0 compliant; p > 0.05). The research has shown that negative attitude is more commonly present in non-compliant mothers and may be a factor in vaccine refusal in Northern Nigeria.

  18. Performance of a non-tapered 3D morphing wing with integrated compliant ribs

    NASA Astrophysics Data System (ADS)

    Previtali, F.; Ermanni, P.

    2012-05-01

    Morphing wings have a high potential for improving the performance and reducing the fuel consumption of modern aircraft. Thanks to its simplicity, the compliant belt-rib concept is regarded by the authors as a promising solution. Using the compliant rib designed by Hasse and Campanile as a starting point, a compliant morphing wing made of composite materials is designed. Innovative methods for optimal placing of the actuation and for the quantification of the morphing are used. The performance of the compliant morphing wing in terms of three-dimensional (3D) structural behaviour and aerodynamic properties, both two- and three-dimensional, is presented and discussed. The fundamental importance of considering 3D coupling effects in the determination of the performance of morphing aerofoils is shown.

  19. Technical Analysis of SSP-21 Protocol

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Bromberger, S.

    As part of the California Energy Systems for the Twenty-First Century (CES-21) program, in December 2016 San Diego Gas and Electric (SDG&E) contracted with Lawrence Livermore National Laboratory (LLNL) to perform an independent verification and validation (IV&V) of a white paper describing their Secure SCADA Protocol for the Twenty-First Century (SSP-21) in order to analyze the effectiveness and propriety of cryptographic protocol use within the SSP-21 specification. SSP-21 is designed to use cryptographic protocols to provide (optional) encryption, authentication, and nonrepudiation, among other capabilities. The cryptographic protocols to be used reflect current industry standards; future versions of SSP-21 will usemore » other advanced technologies to provide a subset of security services.« less

  20. Klebanoff (K-) modes in boundary layers (BLs) over compliant surfaces

    NASA Astrophysics Data System (ADS)

    Ali, Reza; Carpenter, Peter

    2002-11-01

    We investigate the effect of wall compliance on K-modes. These are associated with streaks observed in the transitional BL, generated by spanwise modulation of the streamwise velocity, and are thought to be the mechanism for bypass transition. They have been widely studied over flat-plate, rigid surfaces but not compliant surfaces. A novel velocity-vorticity formulation is adopted for the numerical simulations, and a freestream spanwise body force is used to generate the streaks. We find compliant walls are less receptive than rigid walls, i.e. freestream turbulence generates weaker disturbances over compliant walls. This effect intensifies with increasing compliance. Where a compliant panel is embedded into a rigid surface, the leading and trailing edges of the panel can introduce a stabilising or destabilising disturbance on the streaks depending on the Reynolds number. It is therefore possible to optimise the wall to suppress streaks and hence bypass. K-modes can also act as a theoretical model for the near-wall structures that generate the high skin-friction drag in turbulent BLs. In this scenario, increasing compliance increases the spanwise spacing and weakens the streak. This explains experimental observations that wall compliance reduces skin-friction drag and turbulence levels in turbulent BLs.

  1. A Weak Value Based QKD Protocol Robust Against Detector Attacks

    NASA Astrophysics Data System (ADS)

    Troupe, James

    2015-03-01

    We propose a variation of the BB84 quantum key distribution protocol that utilizes the properties of weak values to insure the validity of the quantum bit error rate estimates used to detect an eavesdropper. The protocol is shown theoretically to be secure against recently demonstrated attacks utilizing detector blinding and control and should also be robust against all detector based hacking. Importantly, the new protocol promises to achieve this additional security without negatively impacting the secure key generation rate as compared to that originally promised by the standard BB84 scheme. Implementation of the weak measurements needed by the protocol should be very feasible using standard quantum optical techniques.

  2. Systems and Methods for Implementing Bulk Metallic Glass-Based Macroscale Compliant Mechanisms

    NASA Technical Reports Server (NTRS)

    Hofmann, Douglas C. (Inventor); Agnes, Gregory (Inventor)

    2017-01-01

    Systems and methods in accordance with embodiments of the invention implement bulk metallic glass-based macroscale compliant mechanisms. In one embodiment, a bulk metallic glass-based macroscale compliant mechanism includes: a flexible member that is strained during the normal operation of the compliant mechanism; where the flexible member has a thickness of 0.5 mm; where the flexible member comprises a bulk metallic glass-based material; and where the bulk metallic glass-based material can survive a fatigue test that includes 1000 cycles under a bending loading mode at an applied stress to ultimate strength ratio of 0.25.

  3. Assuring image authenticity within a data grid using lossless digital signature embedding and a HIPAA-compliant auditing system

    NASA Astrophysics Data System (ADS)

    Lee, Jasper C.; Ma, Kevin C.; Liu, Brent J.

    2008-03-01

    A Data Grid for medical images has been developed at the Image Processing and Informatics Laboratory, USC to provide distribution and fault-tolerant storage of medical imaging studies across Internet2 and public domain. Although back-up policies and grid certificates guarantee privacy and authenticity of grid-access-points, there still lacks a method to guarantee the sensitive DICOM images have not been altered or corrupted during transmission across a public domain. This paper takes steps toward achieving full image transfer security within the Data Grid by utilizing DICOM image authentication and a HIPAA-compliant auditing system. The 3-D lossless digital signature embedding procedure involves a private 64 byte signature that is embedded into each original DICOM image volume, whereby on the receiving end the signature can to be extracted and verified following the DICOM transmission. This digital signature method has also been developed at the IPILab. The HIPAA-Compliant Auditing System (H-CAS) is required to monitor embedding and verification events, and allows monitoring of other grid activity as well. The H-CAS system federates the logs of transmission and authentication events at each grid-access-point and stores it into a HIPAA-compliant database. The auditing toolkit is installed at the local grid-access-point and utilizes Syslog [1], a client-server standard for log messaging over an IP network, to send messages to the H-CAS centralized database. By integrating digital image signatures and centralized logging capabilities, DICOM image integrity within the Medical Imaging and Informatics Data Grid can be monitored and guaranteed without loss to any image quality.

  4. Network Security via Biometric Recognition of Patterns of Gene Expression

    NASA Technical Reports Server (NTRS)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT (Information Technology) organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time assays of gene expression products.

  5. Network Security via Biometric Recognition of Patterns of Gene Expression

    NASA Technical Reports Server (NTRS)

    Shaw, Harry C.

    2016-01-01

    Molecular biology provides the ability to implement forms of information and network security completely outside the bounds of legacy security protocols and algorithms. This paper addresses an approach which instantiates the power of gene expression for security. Molecular biology provides a rich source of gene expression and regulation mechanisms, which can be adopted to use in the information and electronic communication domains. Conventional security protocols are becoming increasingly vulnerable due to more intensive, highly capable attacks on the underlying mathematics of cryptography. Security protocols are being undermined by social engineering and substandard implementations by IT organizations. Molecular biology can provide countermeasures to these weak points with the current security approaches. Future advances in instruments for analyzing assays will also enable this protocol to advance from one of cryptographic algorithms to an integrated system of cryptographic algorithms and real-time expression and assay of gene expression products.

  6. A new hybrid piezo-actuated compliant mechanism with self-tuned flexure arm

    NASA Astrophysics Data System (ADS)

    Ling, Mingxiang; Cao, Junyi

    2017-04-01

    Recent interests and demands for developing video-rate atomic force microscopes, high-throughput probe-based nanofabrication and high-frequency vibration generator for assisted-machining are increasingly posing new challenges for designing high-bandwidth and large-range piezo-actuated compliant mechanisms. The previous studies mainly focused on making the trade-off between natural frequency and motion range by designing a proper topology. Differing from the previous works, this paper attempts to break the deadlock by employing both piezo-stacks and piezoelectric patches to actuate compliant mechanisms. In this method, piezo-stacks provide an actuating force similar to the traditional way, while piezoelectric patches are bonded on the surface of the flexure arms in compliant mechanisms. These `active' laminaes are used to further actuate the hosting flexural beam by inducing strains on the interface and then give additional bending moments to the flexural arms, which enlarge the output displacement of the compliant mechanism while without the sacrifice of natural frequency. An analytical formulation is established to illustrate the new driving principle and the compound static behaviour of a specific hybrid piezo-actuated multistage compliant mechanism. Initial prototype is also manufactured and experimentally testing is conducted to verify the feasibility of the method.

  7. Applications of Multi-Channel Safety Authentication Protocols in Wireless Networks.

    PubMed

    Chen, Young-Long; Liau, Ren-Hau; Chang, Liang-Yu

    2016-01-01

    People can use their web browser or mobile devices to access web services and applications which are built into these servers. Users have to input their identity and password to login the server. The identity and password may be appropriated by hackers when the network environment is not safe. The multiple secure authentication protocol can improve the security of the network environment. Mobile devices can be used to pass the authentication messages through Wi-Fi or 3G networks to serve as a second communication channel. The content of the message number is not considered in a multiple secure authentication protocol. The more excessive transmission of messages would be easier to collect and decode by hackers. In this paper, we propose two schemes which allow the server to validate the user and reduce the number of messages using the XOR operation. Our schemes can improve the security of the authentication protocol. The experimental results show that our proposed authentication protocols are more secure and effective. In regard to applications of second authentication communication channels for a smart access control system, identity identification and E-wallet, our proposed authentication protocols can ensure the safety of person and property, and achieve more effective security management mechanisms.

  8. Optimal JPWL Forward Error Correction Rate Allocation for Robust JPEG 2000 Images and Video Streaming over Mobile Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Agueh, Max; Diouris, Jean-François; Diop, Magaye; Devaux, François-Olivier; De Vleeschouwer, Christophe; Macq, Benoit

    2008-12-01

    Based on the analysis of real mobile ad hoc network (MANET) traces, we derive in this paper an optimal wireless JPEG 2000 compliant forward error correction (FEC) rate allocation scheme for a robust streaming of images and videos over MANET. The packet-based proposed scheme has a low complexity and is compliant to JPWL, the 11th part of the JPEG 2000 standard. The effectiveness of the proposed method is evaluated using a wireless Motion JPEG 2000 client/server application; and the ability of the optimal scheme to guarantee quality of service (QoS) to wireless clients is demonstrated.

  9. Effect of Compliant Walls on Secondary Instabilities in Boundary-Layer Transition

    NASA Technical Reports Server (NTRS)

    Joslin, Ronald D.; Morris, Philip J.

    1991-01-01

    For aerodynamic and hydrodynamic vehicles, it is highly desirable to reduce drag and noise levels. A reduction in drag leads to fuel savings. In particular for submersible vehicles, a decrease in noise levels inhibits detection. A suggested means to obtain these reduction goals is by delaying the transition from laminar to turbulent flow in external boundary layers. For hydrodynamic applications, a passive device which shows promise for transition delays is the compliant coating. In previous studies with a simple mechanical model representing the compliant wall, coatings were found that provided transition delays as predicted from the semi-empirical e(sup n) method. Those studies were concerned with the linear stage of transition where the instability of concern is referred to as the primary instability. For the flat-plate boundary layer, the Tollmien-Schlichting (TS) wave is the primary instability. In one of those studies, it was shown that three-dimensional (3-D) primary instabilities, or oblique waves, could dominate transition over the coatings considered. From the primary instability, the stretching and tilting of vorticity in the shear flow leads to a secondary instability mechanism. This has been theoretical described by Herbert based on Floquet theory. In the present study, Herbert's theory is used to predict the development of secondary instabilities over isotropic and non-isotropic compliant walls. Since oblique waves may be dominant over compliant walls, a secondary theory extention is made to allow for these 3-D primary instabilities. The effect of variations in primary amplitude, spanwise wavenumber, and Reynolds number on the secondary instabilities are examined. As in the rigid wall case, over compliant walls the subharmonic mode of secondary instability dominates for low-amplitude primary disturbances. Both isotropic and non-isotropic compliant walls lead to reduced secondary growth rates compared to the rigid wall results. For high frequencies

  10. The SHIP: A SIP to HTTP Interaction Protocol

    NASA Astrophysics Data System (ADS)

    Zeiß, Joachim; Gabner, Rene; Bessler, Sandford; Happenhofer, Marco

    IMS is capable of providing a wide range of services. As a result, terminal software becomes more and more complex to deliver network intelligence to user applications. Currently mobile terminal software needs to be permanently updated so that the latest network services and functionality can be delivered to the user. In the Internet, browser based user interfaces assure that an interface is made available to the user which offers the latest services in the net immediately. Our approach combines the benefits of the Session Initiation Protocol (SIP) and those of the HTTP protocol to bring the same type of user interfacing to IMS. SIP (IMS) realizes authentication, session management, charging and Quality of Service (QoS), HTTP provides access to Internet services and allows the user interface of an application to run on a mobile terminal while processing and orchestration is done on the server. A SHIP enabled IMS client only needs to handle data transport and session management via SIP, HTTP and RTP and render streaming media, HTML and Javascript. SHIP allows new kinds of applications, which combine audio, video and data within a single multimedia session.

  11. Secure multiparty computation of a comparison problem.

    PubMed

    Liu, Xin; Li, Shundong; Liu, Jian; Chen, Xiubo; Xu, Gang

    2016-01-01

    Private comparison is fundamental to secure multiparty computation. In this study, we propose novel protocols to privately determine [Formula: see text], or [Formula: see text] in one execution. First, a 0-1-vector encoding method is introduced to encode a number into a vector, and the Goldwasser-Micali encryption scheme is used to compare integers privately. Then, we propose a protocol by using a geometric method to compare rational numbers privately, and the protocol is information-theoretical secure. Using the simulation paradigm, we prove the privacy-preserving property of our protocols in the semi-honest model. The complexity analysis shows that our protocols are more efficient than previous solutions.

  12. On the Composition of Public-Coin Zero-Knowledge Protocols

    DTIC Science & Technology

    2011-05-31

    only languages in BPP have public-coin black-box zero-knowledge protocols that are secure under an unbounded (polynomial) number of parallel...only languages in BPP have public-coin black-box zero-knowledge protocols that are secure under an unbounded (polynomial) number of parallel repetitions...and Krawczyk [GK96b] show that only languages in BPP have constant-round public-coin (stand-alone) black-box ZK protocols with negligible soundness

  13. Interference Drop Scheme: Enhancing QoS Provision in Multi-Hop Ad Hoc Networks

    NASA Astrophysics Data System (ADS)

    Luo, Chang-Yi; Komuro, Nobuyoshi; Takahashi, Kiyoshi; Kasai, Hiroyuki; Ueda, Hiromi; Tsuboi, Toshinori

    Ad hoc networking uses wireless technologies to construct networks with no physical infrastructure and so are expected to provide instant networking in areas such as disaster recovery sites and inter-vehicle communication. Unlike conventional wired networks services, services in ad hoc networks are easily disrupted by the frequent changes in traffic and topology. Therefore, solutions to assure the Quality of Services (QoS) in ad hoc networks are different from the conventional ones used in wired networks. In this paper, we propose a new queue management scheme, Interference Drop Scheme (IDS) for ad hoc networks. In the conventional queue management approaches such as FIFO (First-in First-out) and RED (Random Early Detection), a queue is usually managed by a queue length limit. FIFO discards packets according to the queue limit, and RED discards packets in an early and random fashion. IDS, on the other hand, manages the queue according to wireless interference time, which increases as the number of contentions in the MAC layer increases. When there are many MAC contentions, IDS discards TCP data packets. By observing the interference time and discarding TCP data packets, our simulation results show that IDS improves TCP performance and reduces QoS violations in UDP in ad hoc networks with chain, grid, and random topologies. Our simulation results also demonstrate that wireless interference time is a better metric than queue length limit for queue management in multi-hop ad hoc networks.

  14. Breaking Megrelishvili protocol using matrix diagonalization

    NASA Astrophysics Data System (ADS)

    Arzaki, Muhammad; Triantoro Murdiansyah, Danang; Adi Prabowo, Satrio

    2018-03-01

    In this article we conduct a theoretical security analysis of Megrelishvili protocol—a linear algebra-based key agreement between two participants. We study the computational complexity of Megrelishvili vector-matrix problem (MVMP) as a mathematical problem that strongly relates to the security of Megrelishvili protocol. In particular, we investigate the asymptotic upper bounds for the running time and memory requirement of the MVMP that involves diagonalizable public matrix. Specifically, we devise a diagonalization method for solving the MVMP that is asymptotically faster than all of the previously existing algorithms. We also found an important counterintuitive result: the utilization of primitive matrix in Megrelishvili protocol makes the protocol more vulnerable to attacks.

  15. Fault recovery in the reliable multicast protocol

    NASA Technical Reports Server (NTRS)

    Callahan, John R.; Montgomery, Todd L.; Whetten, Brian

    1995-01-01

    The Reliable Multicast Protocol (RMP) provides a unique, group-based model for distributed programs that need to handle reconfiguration events at the application layer. This model, called membership views, provides an abstraction in which events such as site failures, network partitions, and normal join-leave events are viewed as group reformations. RMP provides access to this model through an application programming interface (API) that notifies an application when a group is reformed as the result of a some event. RMP provides applications with reliable delivery of messages using an underlying IP Multicast (12, 5) media to other group members in a distributed environment even in the case of reformations. A distributed application can use various Quality of Service (QoS) levels provided by RMP to tolerate group reformations. This paper explores the implementation details of the mechanisms in RMP that provide distributed applications with membership view information and fault recovery capabilities.

  16. SPOT: Optimization Tool for Network Adaptable Security

    NASA Astrophysics Data System (ADS)

    Ksiezopolski, Bogdan; Szalachowski, Pawel; Kotulski, Zbigniew

    Recently we have observed the growth of the intelligent application especially with its mobile character, called e-anything. The implementation of these applications provides guarantee of security requirements of the cryptographic protocols which are used in the application. Traditionally the protocols have been configured with the strongest possible security mechanisms. Unfortunately, when the application is used by means of the mobile devices, the strongest protection can lead to the denial of services for them. The solution of this problem is introducing the quality of protection models which will scale the protection level depending on the actual threat level. In this article we would like to introduce the application which manages the protection level of the processes in the mobile environment. The Security Protocol Optimizing Tool (SPOT) optimizes the cryptographic protocol and defines the protocol version appropriate to the actual threat level. In this article the architecture of the SPOT is presented with a detailed description of the included modules.

  17. Password-only authenticated three-party key exchange proven secure against insider dictionary attacks.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Paik, Juryon; Won, Dongho

    2014-01-01

    While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.

  18. Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks

    PubMed Central

    Nam, Junghyun; Choo, Kim-Kwang Raymond

    2014-01-01

    While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol. PMID:25309956

  19. A novel quantum solution to secure two-party distance computation

    NASA Astrophysics Data System (ADS)

    Peng, Zhen-wan; Shi, Run-hua; Wang, Pan-hong; Zhang, Shun

    2018-06-01

    Secure Two-Party Distance Computation is an important primitive of Secure Multiparty Computational Geometry that it involves two parties, where each party has a private point, and the two parties want to jointly compute the distance between their points without revealing anything about their respective private information. Secure Two-Party Distance Computation has very important and potential applications in settings of high secure requirements, such as privacy-preserving Determination of Spatial Location-Relation, Determination of Polygons Similarity, and so on. In this paper, we present a quantum protocol for Secure Two-Party Distance Computation by using QKD-based Quantum Private Query. The security of the protocol is based on the physical principles of quantum mechanics, instead of difficulty assumptions, and therefore, it can ensure higher security than the classical related protocols.

  20. Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems.

    PubMed

    Li, Chun-Ta; Shih, Dong-Her; Wang, Chun-Cheng

    2018-04-01

     With the rapid development of wireless communication technologies and the growing prevalence of smart devices, telecare medical information system (TMIS) allows patients to receive medical treatments from the doctors via Internet technology without visiting hospitals in person. By adopting mobile device, cloud-assisted platform and wireless body area network, the patients can collect their physiological conditions and upload them to medical cloud via their mobile devices, enabling caregivers or doctors to provide patients with appropriate treatments at anytime and anywhere. In order to protect the medical privacy of the patient and guarantee reliability of the system, before accessing the TMIS, all system participants must be authenticated.  Mohit et al. recently suggested a lightweight authentication protocol for cloud-based health care system. They claimed their protocol ensures resilience of all well-known security attacks and has several important features such as mutual authentication and patient anonymity. In this paper, we demonstrate that Mohit et al.'s authentication protocol has various security flaws and we further introduce an enhanced version of their protocol for cloud-assisted TMIS, which can ensure patient anonymity and patient unlinkability and prevent the security threats of report revelation and report forgery attacks.  The security analysis proves that our enhanced protocol is secure against various known attacks as well as found in Mohit et al.'s protocol. Compared with existing related protocols, our enhanced protocol keeps the merits of all desirable security requirements and also maintains the efficiency in terms of computation costs for cloud-assisted TMIS.  We propose a more secure mutual authentication and privacy preservation protocol for cloud-assisted TMIS, which fixes the mentioned security weaknesses found in Mohit et al.'s protocol. According to our analysis, our authentication protocol satisfies most functionality features

  1. Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

    NASA Technical Reports Server (NTRS)

    Baras, John S. (Inventor); Roy-Chowdhury, Ayan (Inventor)

    2014-01-01

    A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

  2. Compliant high temperature seals for dissimilar materials

    DOEpatents

    Rynders, Steven Walton; Minford, Eric; Tressler, Richard Ernest; Taylor, Dale M.

    2001-01-01

    A high temperature, gas-tight seal is formed by utilizing one or more compliant metallic toroidal ring sealing elements, where the applied pressure serves to activate the seal, thus improving the quality of the seal. The compliant nature of the sealing element compensates for differences in thermal expansion between the materials to be sealed, and is particularly useful in sealing a metallic member and a ceramic tube art elevated temperatures. The performance of the seal may be improved by coating the sealing element with a soft or flowable coating such as silver or gold and/or by backing the sealing element with a bed of fine powder. The material of the sealing element is chosen such that the element responds to stress elastically, even at elevated temperatures, permitting the seal to operate through multiple thermal cycles.

  3. A Systematic Comprehensive Computational Model for Stake Estimation in Mission Assurance: Applying Cyber Security Econometrics System (CSES) to Mission Assurance Analysis Protocol (MAAP)

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Abercrombie, Robert K; Sheldon, Frederick T; Grimaila, Michael R

    2010-01-01

    In earlier works, we presented a computational infrastructure that allows an analyst to estimate the security of a system in terms of the loss that each stakeholder stands to sustain as a result of security breakdowns. In this paper, we discuss how this infrastructure can be used in the subject domain of mission assurance as defined as the full life-cycle engineering process to identify and mitigate design, production, test, and field support deficiencies of mission success. We address the opportunity to apply the Cyberspace Security Econometrics System (CSES) to Carnegie Mellon University and Software Engineering Institute s Mission Assurance Analysismore » Protocol (MAAP) in this context.« less

  4. Continuous-variable protocol for oblivious transfer in the noisy-storage model.

    PubMed

    Furrer, Fabian; Gehring, Tobias; Schaffner, Christian; Pacher, Christoph; Schnabel, Roman; Wehner, Stephanie

    2018-04-13

    Cryptographic protocols are the backbone of our information society. This includes two-party protocols which offer protection against distrustful players. Such protocols can be built from a basic primitive called oblivious transfer. We present and experimentally demonstrate here a quantum protocol for oblivious transfer for optical continuous-variable systems, and prove its security in the noisy-storage model. This model allows us to establish security by sending more quantum signals than an attacker can reliably store during the protocol. The security proof is based on uncertainty relations which we derive for continuous-variable systems, that differ from the ones used in quantum key distribution. We experimentally demonstrate in a proof-of-principle experiment the proposed oblivious transfer protocol for various channel losses by using entangled two-mode squeezed states measured with balanced homodyne detection. Our work enables the implementation of arbitrary two-party quantum cryptographic protocols with continuous-variable communication systems.

  5. Collision forces for compliant projectiles

    NASA Technical Reports Server (NTRS)

    Grady, Joseph E.

    1990-01-01

    Force histories resulting from the impact of compliant projectiles were determined experimentally. A long instrumented rod was used as the target, and the impact force was calculated directly from the measured strain response. Results from a series of tests on several different sized impactors were used to define four dimensionless parameters that determine, for a specified impactor velocity and size, the amplitude, duration, shape, and impulse of the impact force history.

  6. Compliant leg behaviour explains basic dynamics of walking and running

    PubMed Central

    Geyer, Hartmut; Seyfarth, Andre; Blickhan, Reinhard

    2006-01-01

    The basic mechanics of human locomotion are associated with vaulting over stiff legs in walking and rebounding on compliant legs in running. However, while rebounding legs well explain the stance dynamics of running, stiff legs cannot reproduce that of walking. With a simple bipedal spring–mass model, we show that not stiff but compliant legs are essential to obtain the basic walking mechanics; incorporating the double support as an essential part of the walking motion, the model reproduces the characteristic stance dynamics that result in the observed small vertical oscillation of the body and the observed out-of-phase changes in forward kinetic and gravitational potential energies. Exploring the parameter space of this model, we further show that it not only combines the basic dynamics of walking and running in one mechanical system, but also reveals these gaits to be just two out of the many solutions to legged locomotion offered by compliant leg behaviour and accessed by energy or speed. PMID:17015312

  7. IPv6 Security

    NASA Astrophysics Data System (ADS)

    Babik, M.; Chudoba, J.; Dewhurst, A.; Finnern, T.; Froy, T.; Grigoras, C.; Hafeez, K.; Hoeft, B.; Idiculla, T.; Kelsey, D. P.; López Muñoz, F.; Martelli, E.; Nandakumar, R.; Ohrenberg, K.; Prelz, F.; Rand, D.; Sciabà, A.; Tigerstedt, U.; Traynor, D.; Wartel, R.

    2017-10-01

    IPv4 network addresses are running out and the deployment of IPv6 networking in many places is now well underway. Following the work of the HEPiX IPv6 Working Group, a growing number of sites in the Worldwide Large Hadron Collider Computing Grid (WLCG) are deploying dual-stack IPv6/IPv4 services. The aim of this is to support the use of IPv6-only clients, i.e. worker nodes, virtual machines or containers. The IPv6 networking protocols while they do contain features aimed at improving security also bring new challenges for operational IT security. The lack of maturity of IPv6 implementations together with the increased complexity of some of the protocol standards raise many new issues for operational security teams. The HEPiX IPv6 Working Group is producing guidance on best practices in this area. This paper considers some of the security concerns for WLCG in an IPv6 world and presents the HEPiX IPv6 working group guidance for the system administrators who manage IT services on the WLCG distributed infrastructure, for their related site security and networking teams and for developers and software engineers working on WLCG applications.

  8. Security Issues for Mobile Medical Imaging: A Primer.

    PubMed

    Choudhri, Asim F; Chatterjee, Arindam R; Javan, Ramin; Radvany, Martin G; Shih, George

    2015-10-01

    The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager-controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field. © RSNA, 2015.

  9. Wireless networking for the dental office: current wireless standards and security protocols.

    PubMed

    Mupparapu, Muralidhar; Arora, Sarika

    2004-11-15

    Digital radiography has gained immense popularity in dentistry today in spite of the early difficulty for the profession to embrace the technology. The transition from film to digital has been happening at a faster pace in the fields of Orthodontics, Oral Surgery, Endodontics, Periodontics, and other specialties where the radiographic images (periapical, bitewing, panoramic, cephalometric, and skull radiographs) are being acquired digitally, stored within a server locally, and eventually accessed for diagnostic purposes, along with the rest of the patient data via the patient management software (PMS). A review of the literature shows the diagnostic performance of digital radiography is at least comparable to or even better than that of conventional radiography. Similarly, other digital diagnostic tools like caries detectors, cephalometric analysis software, and digital scanners were used for many years for the diagnosis and treatment planning purposes. The introduction of wireless charged-coupled device (CCD) sensors in early 2004 (Schick Technologies, Long Island City, NY) has moved digital radiography a step further into the wireless era. As with any emerging technology, there are concerns that should be looked into before adapting to the wireless environment. Foremost is the network security involved in the installation and usage of these wireless networks. This article deals with the existing standards and choices in wireless technologies that are available for implementation within a contemporary dental office. The network security protocols that protect the patient data and boost the efficiency of modern day dental clinics are enumerated.

  10. An efficient RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography.

    PubMed

    Zhang, Zezhong; Qi, Qingqing

    2014-05-01

    Medication errors are very dangerous even fatal since it could cause serious even fatal harm to patients. In order to reduce medication errors, automated patient medication systems using the Radio Frequency Identification (RFID) technology have been used in many hospitals. The data transmitted in those medication systems is very important and sensitive. In the past decade, many security protocols have been proposed to ensure its secure transition attracted wide attention. Due to providing mutual authentication between the medication server and the tag, the RFID authentication protocol is considered as the most important security protocols in those systems. In this paper, we propose a RFID authentication protocol to enhance patient medication safety using elliptic curve cryptography (ECC). The analysis shows the proposed protocol could overcome security weaknesses in previous protocols and has better performance. Therefore, the proposed protocol is very suitable for automated patient medication systems.

  11. Design and Analysis of an Enhanced Patient-Server Mutual Authentication Protocol for Telecare Medical Information System.

    PubMed

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Obaidat, Mohammad S

    2015-11-01

    In order to access remote medical server, generally the patients utilize smart card to login to the server. It has been observed that most of the user (patient) authentication protocols suffer from smart card stolen attack that means the attacker can mount several common attacks after extracting smart card information. Recently, Lu et al.'s proposes a session key agreement protocol between the patient and remote medical server and claims that the same protocol is secure against relevant security attacks. However, this paper presents several security attacks on Lu et al.'s protocol such as identity trace attack, new smart card issue attack, patient impersonation attack and medical server impersonation attack. In order to fix the mentioned security pitfalls including smart card stolen attack, this paper proposes an efficient remote mutual authentication protocol using smart card. We have then simulated the proposed protocol using widely-accepted AVISPA simulation tool whose results make certain that the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. Moreover, the rigorous security analysis proves that the proposed protocol provides strong security protection on the relevant security attacks including smart card stolen attack. We compare the proposed scheme with several related schemes in terms of computation cost and communication cost as well as security functionalities. It has been observed that the proposed scheme is comparatively better than related existing schemes.

  12. Secure Skyline Queries on Cloud Platform.

    PubMed

    Liu, Jinfei; Yang, Juncheng; Xiong, Li; Pei, Jian

    2017-04-01

    Outsourcing data and computation to cloud server provides a cost-effective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and efficient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multi-criteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semantically-secure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of efficiency and scalability under different parameter settings, verifying the feasibility of our proposed solutions.

  13. Secure Skyline Queries on Cloud Platform

    PubMed Central

    Liu, Jinfei; Yang, Juncheng; Xiong, Li; Pei, Jian

    2017-01-01

    Outsourcing data and computation to cloud server provides a cost-effective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and efficient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multi-criteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semantically-secure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of efficiency and scalability under different parameter settings, verifying the feasibility of our proposed solutions. PMID:28883710

  14. The effect of compliant prisms on subduction zone earthquakes and tsunamis

    NASA Astrophysics Data System (ADS)

    Lotto, Gabriel C.; Dunham, Eric M.; Jeppson, Tamara N.; Tobin, Harold J.

    2017-01-01

    Earthquakes generate tsunamis by coseismically deforming the seafloor, and that deformation is largely controlled by the shallow rupture process. Therefore, in order to better understand how earthquakes generate tsunamis, one must consider the material structure and frictional properties of the shallowest part of the subduction zone, where ruptures often encounter compliant sedimentary prisms. Compliant prisms have been associated with enhanced shallow slip, seafloor deformation, and tsunami heights, particularly in the context of tsunami earthquakes. To rigorously quantify the role compliant prisms play in generating tsunamis, we perform a series of numerical simulations that directly couple dynamic rupture on a dipping thrust fault to the elastodynamic response of the Earth and the acoustic response of the ocean. Gravity is included in our simulations in the context of a linearized Eulerian description of the ocean, which allows us to model tsunami generation and propagation, including dispersion and related nonhydrostatic effects. Our simulations span a three-dimensional parameter space of prism size, prism compliance, and sub-prism friction - specifically, the rate-and-state parameter b - a that determines velocity-weakening or velocity-strengthening behavior. We find that compliant prisms generally slow rupture velocity and, for larger prisms, generate tsunamis more efficiently than subduction zones without prisms. In most but not all cases, larger, more compliant prisms cause greater amounts of shallow slip and larger tsunamis. Furthermore, shallow friction is also quite important in determining overall slip; increasing sub-prism b - a enhances slip everywhere along the fault. Counterintuitively, we find that in simulations with large prisms and velocity-strengthening friction at the base of the prism, increasing prism compliance reduces rather than enhances shallow slip and tsunami wave height.

  15. Graduated driver license compliant teens involved in fatal motor vehicle crashes.

    PubMed

    Pressley, Joyce C; Addison, Diane; Dawson, Patrick; Nelson, Sharifa S

    2015-09-01

    Significant reductions in motor vehicle injury mortality have been reported for teen drivers after passage of graduated driver licensing (GDL), seat belt, and no tolerance alcohol and drug laws. Despite this, teen drivers remain a vulnerable population with elevated fatal crash involvement. This study examines driver, vehicle, and crash characteristics of GDL-compliant, belted, and unimpaired teen drivers with the goal of identifying areas where further improvements might be realized. The Fatality Analysis Reporting System (FARS) for 2007 to 2009 was used to examine and classify driver violations/errors in compliant teen drivers (n = 1,571) of passenger vehicles involved in a fatal collision. Teens driving unbelted, non-GDL compliant, or impaired by alcohol or drugs were excluded. Statistical analysis used χ, Fisher's exact and multivariable logistic regression. Odds ratios are reported with 95% confidence intervals. Significance was defined as p < 0.05. Nearly one third (n = 1,571) of teen drivers involved in a fatal motor vehicle crash were GDL compliant, unimpaired, and belted. The majority held an intermediate GDL license (90.6%). Crash-related factors were identified for 63.1% of fatal crashes. Age- and sex-adjusted odds identified overcorrecting, speeding, lane errors, school morning crashes, distractions, and driving on slippery surfaces as having increased odds of fatality for the teen driver as well as newer vehicle models and heavier vehicle weight as protective. Among compliant drivers, weekday crashes before and after school and committing a driving violation at the time of crash were associated with increased risk of driver death and higher incidence of incapacitating injury in surviving drivers. Therapeutic study, level V.

  16. Practical secure quantum communications

    NASA Astrophysics Data System (ADS)

    Diamanti, Eleni

    2015-05-01

    We review recent advances in the field of quantum cryptography, focusing in particular on practical implementations of two central protocols for quantum network applications, namely key distribution and coin flipping. The former allows two parties to share secret messages with information-theoretic security, even in the presence of a malicious eavesdropper in the communication channel, which is impossible with classical resources alone. The latter enables two distrustful parties to agree on a random bit, again with information-theoretic security, and with a cheating probability lower than the one that can be reached in a classical scenario. Our implementations rely on continuous-variable technology for quantum key distribution and on a plug and play discrete-variable system for coin flipping, and necessitate a rigorous security analysis adapted to the experimental schemes and their imperfections. In both cases, we demonstrate the protocols with provable security over record long distances in optical fibers and assess the performance of our systems as well as their limitations. The reported advances offer a powerful toolbox for practical applications of secure communications within future quantum networks.

  17. A new quantum sealed-bid auction protocol with secret order in post-confirmation

    NASA Astrophysics Data System (ADS)

    Wang, Jing-Tao; Chen, Xiu-Bo; Xu, Gang; Meng, Xiang-Hua; Yang, Yi-Xian

    2015-10-01

    A new security protocol for quantum sealed-bid auction is proposed to resist the collusion attack from some malicious bidders. The most significant feature of this protocol is that bidders prepare their particles with secret order in post-confirmation for encoding bids. In addition, a new theorem and its proof are given based on the theory of combinatorial mathematics, which can be used as evaluation criteria for the collusion attack. It is shown that the new protocol is immune to the collusion attack and meets the demand for a secure auction. Compared with those previous protocols, the security, efficiency and availability of the proposed protocol are largely improved.

  18. New Capabilities in Security and QoS Using the Updated MANET Routing Protocol OLSRv2

    DTIC Science & Technology

    2010-09-01

    integrity, by the authentication of packets or messages, and confidentiality. These are discussed in the following sections. Issues of availability...fully specified, in [2] is the addition of a TLV including a cryptographic signature that will allow the authentication of the received information...The objective is to ensure the integrity of the ad hoc network, that only authorised routers can join the network because unauthorised routers will

  19. Dual watermarking scheme for secure buyer-seller watermarking protocol

    NASA Astrophysics Data System (ADS)

    Mehra, Neelesh; Shandilya, Madhu

    2012-04-01

    A buyer-seller watermarking protocol utilize watermarking along with cryptography for copyright and copy protection for the seller and meanwhile it also preserve buyers rights for privacy. It enables a seller to successfully identify a malicious seller from a pirated copy, while preventing the seller from framing an innocent buyer and provide anonymity to buyer. Up to now many buyer-seller watermarking protocols have been proposed which utilize more and more cryptographic scheme to solve many common problems such as customer's rights, unbinding problem, buyer's anonymity problem and buyer's participation in the dispute resolution. But most of them are infeasible since the buyer may not have knowledge of cryptography. Another issue is the number of steps to complete the protocols are large, a buyer needs to interact with different parties many times in these protocols, which is very inconvenient for buyer. To overcome these drawbacks, in this paper we proposed dual watermarking scheme in encrypted domain. Since neither of watermark has been generated by buyer so a general layman buyer can use the protocol.

  20. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks

    PubMed Central

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-01-01

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes’ resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach. PMID:27077866

  1. An Outline of Data Aggregation Security in Heterogeneous Wireless Sensor Networks.

    PubMed

    Boubiche, Sabrina; Boubiche, Djallel Eddine; Bilami, Azzedine; Toral-Cruz, Homero

    2016-04-12

    Data aggregation processes aim to reduce the amount of exchanged data in wireless sensor networks and consequently minimize the packet overhead and optimize energy efficiency. Securing the data aggregation process is a real challenge since the aggregation nodes must access the relayed data to apply the aggregation functions. The data aggregation security problem has been widely addressed in classical homogeneous wireless sensor networks, however, most of the proposed security protocols cannot guarantee a high level of security since the sensor node resources are limited. Heterogeneous wireless sensor networks have recently emerged as a new wireless sensor network category which expands the sensor nodes' resources and capabilities. These new kinds of WSNs have opened new research opportunities where security represents a most attractive area. Indeed, robust and high security level algorithms can be used to secure the data aggregation at the heterogeneous aggregation nodes which is impossible in classical homogeneous WSNs. Contrary to the homogeneous sensor networks, the data aggregation security problem is still not sufficiently covered and the proposed data aggregation security protocols are numberless. To address this recent research area, this paper describes the data aggregation security problem in heterogeneous wireless sensor networks and surveys a few proposed security protocols. A classification and evaluation of the existing protocols is also introduced based on the adopted data aggregation security approach.

  2. Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobile Ad Hoc Networks

    DTIC Science & Technology

    2010-09-01

    secure ad-hoc networks of mobile sensors deployed in a hostile environment . These sensors are normally small 86 and resource...Communications Magazine, 51, 2008. 45. Kumar, S.A. “Classification and Review of Security Schemes in Mobile Comput- ing”. Wireless Sensor Network , 2010... Networks ”. Wireless /Mobile Network Security , 2008. 85. Xiao, Y. “Accountability for Wireless LANs, Ad Hoc Networks , and Wireless

  3. Pulsatile flow in a compliant stenosed asymmetric model

    NASA Astrophysics Data System (ADS)

    Usmani, Abdullah Y.; Muralidhar, K.

    2016-12-01

    Time-varying velocity field in an asymmetric constricted tube is experimentally studied using a two-dimensional particle image velocimetry system. The geometry resembles a vascular disease which is characterized by arterial narrowing due to plaque deposition. The present study compares the nature of flow patterns in rigid and compliant asymmetric constricted tubes for a range of dimensionless parameters appearing in a human artery. A blood analogue fluid is employed along with a pump that mimics cardioflow conditions. The peak Reynolds number range is Re 300-800, while the Womersley number range considered in experiments is Wo 6-8. These values are based on the peak velocity in a straight rigid tube connected to the model, over a pulsation frequency range of 1.2-2.4 Hz. The medial-plane velocity distribution is used to investigate the nature of flow patterns. Temporal distribution of stream traces and hemodynamic factors including WSS, TAWSS and OSI at important phases of the pulsation cycle are discussed. The flow patterns obtained from PIV are compared to a limited extent against numerical simulation. Results show that the region downstream of the constriction is characterized by a high-velocity jet at the throat, while a recirculation zone, attached to the wall, evolves in time. Compliant models reveal large flow disturbances upstream during the retrograde flow. Wall shear stress values are lower in a compliant model as compared to the rigid. Cross-plane flow structures normal to the main flow direction are visible at select phases of the cycle. Positive values of largest Lyapunov exponent are realized for wall movement and are indicative of chaotic motion transferred from the flow to the wall. These exponents increase with Reynolds number as well as compliance. Period doubling is observed in wall displacement of highly compliant models, indicating possible triggering of hemodynamic events in a real artery that may cause fissure in the plaque deposits.

  4. Coefficient of restitution in fractional viscoelastic compliant impacts using fractional Chebyshev collocation

    NASA Astrophysics Data System (ADS)

    Dabiri, Arman; Butcher, Eric A.; Nazari, Morad

    2017-02-01

    Compliant impacts can be modeled using linear viscoelastic constitutive models. While such impact models for realistic viscoelastic materials using integer order derivatives of force and displacement usually require a large number of parameters, compliant impact models obtained using fractional calculus, however, can be advantageous since such models use fewer parameters and successfully capture the hereditary property. In this paper, we introduce the fractional Chebyshev collocation (FCC) method as an approximation tool for numerical simulation of several linear fractional viscoelastic compliant impact models in which the overall coefficient of restitution for the impact is studied as a function of the fractional model parameters for the first time. Other relevant impact characteristics such as hysteresis curves, impact force gradient, penetration and separation depths are also studied.

  5. Compliant Robotic Structures. Part 2

    DTIC Science & Technology

    1986-07-01

    Nonaxially Homogeneous Stresses and Strains 44 Parametric Studies 52 % References 65 III. LARGE DEFLECTIONS OF CONTINUOUS ELASTIC ’- STRUCTURES 66...APPENDIX C: Computer Program for the Element String 133 -° SUMMARY This is the second year report which is a part of a three- year study on compliant...ratios as high as 10/1 for laboratory-scale models and up to 3/1 for full-scale prototype arms. The first two years of this study have involved the

  6. An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy.

    PubMed

    Qiu, Shuming; Xu, Guoai; Ahmad, Haseeb; Guo, Yanhui

    2018-01-01

    The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash's scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash's protocol. We point out that Farash's protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.'s scheme. We prove that the proposed protocol not only overcomes the issues in Farash's scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure.

  7. An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy

    PubMed Central

    2018-01-01

    The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash’s protocol. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure. PMID:29547619

  8. Securing your Site in Development and Beyond

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Akopov, Mikhail S.

    Why wait until production deployment, or even staging and testing deployment to identify security vulnerabilities? Using tools like Burp Suite, you can find security vulnerabilities before they creep up on you. Prevent cross-site scripting attacks, and establish a firmer trust between your website and your client. Verify that Apache/Nginx have the correct SSL Ciphers set. We explore using these tools and more to validate proper Apache/Nginx configurations, and to be compliant with modern configuration standards as part of the development cycle. Your clients can use tools like https://securityheaders.io and https://ssllabs.com to get a graded report on your level of compliancemore » with OWASP Secure Headers Project and SSLLabs recommendations. Likewise, you should always use the same sites to validate your configurations. Burp Suite will find common misconfigurations and will also perform more thorough security testing of your applications. In this session you will see examples of vulnerabilities that were detected early on, as well has how to integrate these practices into your daily workflow.« less

  9. Training Children with Autism Spectrum Disorders to Be Compliant with an Oral Assessment

    ERIC Educational Resources Information Center

    Cuvo, Anthony J.; Godard, Anna; Huckfeldt, Rachel; DeMattei, Ronda

    2010-01-01

    Little research has been conducted on teaching children with autism spectrum disorders to be compliant with dental procedures. This study evaluated a behavioral package to train children with autism spectrum disorders to be compliant with an 8 component oral assessment. After a dental hygienist performed an assessment pretest, noncompliance on…

  10. Graphene-Mesoporous Si Nanocomposite as a Compliant Substrate for Heteroepitaxy.

    PubMed

    Boucherif, Abderrahim Rahim; Boucherif, Abderraouf; Kolhatkar, Gitanjali; Ruediger, Andreas; Arès, Richard

    2017-05-01

    The ultimate performance of a solid state device is limited by the restricted number of crystalline substrates that are available for epitaxial growth. As a result, only a small fraction of semiconductors are usable. This study describes a novel concept for a tunable compliant substrate for epitaxy, based on a graphene-porous silicon nanocomposite, which extends the range of available lattice constants for epitaxial semiconductor alloys. The presence of graphene and its effect on the strain of the porous layer lattice parameter are discussed in detail and new remarkable properties are demonstrated. These include thermal stability up to 900 °C, lattice tuning up to 0.9 % mismatch, and compliance under stress for virtual substrate thicknesses of several micrometers. A theoretical model is proposed to define the compliant substrate design rules. These advances lay the foundation for the fabrication of a compliant substrate that could unlock the lattice constant restrictions for defect-free new epitaxial semiconductor alloys and devices. © 2017 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

  11. Automated monitoring of medical protocols: a secure and distributed architecture.

    PubMed

    Alsinet, T; Ansótegui, C; Béjar, R; Fernández, C; Manyà, F

    2003-03-01

    The control of the right application of medical protocols is a key issue in hospital environments. For the automated monitoring of medical protocols, we need a domain-independent language for their representation and a fully, or semi, autonomous system that understands the protocols and supervises their application. In this paper we describe a specification language and a multi-agent system architecture for monitoring medical protocols. We model medical services in hospital environments as specialized domain agents and interpret a medical protocol as a negotiation process between agents. A medical service can be involved in multiple medical protocols, and so specialized domain agents are independent of negotiation processes and autonomous system agents perform monitoring tasks. We present the detailed architecture of the system agents and of an important domain agent, the database broker agent, that is responsible of obtaining relevant information about the clinical history of patients. We also describe how we tackle the problems of privacy, integrity and authentication during the process of exchanging information between agents.

  12. Loss-tolerant quantum secure positioning with weak laser sources

    NASA Astrophysics Data System (ADS)

    Lim, Charles Ci Wen; Xu, Feihu; Siopsis, George; Chitambar, Eric; Evans, Philip G.; Qi, Bing

    2016-09-01

    Quantum position verification (QPV) is the art of verifying the geographical location of an untrusted party. Recently, it has been shown that the widely studied Bennett & Brassard 1984 (BB84) QPV protocol is insecure after the 3 dB loss point assuming local operations and classical communication (LOCC) adversaries. Here, we propose a time-reversed entanglement swapping QPV protocol (based on measurement-device-independent quantum cryptography) that is highly robust against quantum channel loss. First, assuming ideal qubit sources, we show that the protocol is secure against LOCC adversaries for any quantum channel loss, thereby overcoming the 3 dB loss limit. Then, we analyze the security of the protocol in a more practical setting involving weak laser sources and linear optics. In this setting, we find that the security only degrades by an additive constant and the protocol is able to verify positions up to 47 dB channel loss.

  13. New Results on Unconditionally Secure Multi-receiver Manual Authentication

    NASA Astrophysics Data System (ADS)

    Wang, Shuhong; Safavi-Naini, Reihaneh

    Manual authentication is a recently proposed model of communication motivated by the settings where the only trusted infrastructure is a low bandwidth authenticated channel, possibly realized by the aid of a human, that connects the sender and the receiver who are otherwise connected through an insecure channel and do not have any shared key or public key infrastructure. A good example of such scenarios is pairing of devices in Bluetooth. Manual authentication systems are studied in computational and information theoretic security model and protocols with provable security have been proposed. In this paper we extend the results in information theoretic model in two directions. Firstly, we extend a single receiver scenario to multireceiver case where the sender wants to authenticate the same message to a group of receivers. We show new attacks (compared to single receiver case) that can launched in this model and demonstrate that the single receiver lower bound 2log(1/ɛ) + O(1) on the bandwidth of manual channel stays valid in the multireceiver scenario. We further propose a protocol that achieves this bound and provides security, in the sense that we define, if up to c receivers are corrupted. The second direction is the study of non-interactive protocols in unconditionally secure model. We prove that unlike computational security framework, without interaction a secure authentication protocol requires the bandwidth of the manual channel to be at least the same as the message size, hence non-trivial protocols do not exist.

  14. Turbine airfoil with dual wall formed from inner and outer layers separated by a compliant structure

    DOEpatents

    Campbell,; Christian X. , Morrison; Jay, A [Oviedo, FL

    2011-12-20

    A turbine airfoil usable in a turbine engine with a cooling system and a compliant dual wall configuration configured to enable thermal expansion between inner and outer layers while eliminating stress formation is disclosed. The compliant dual wall configuration may be formed a dual wall formed from inner and outer layers separated by a compliant structure. The compliant structure may be configured such that the outer layer may thermally expand without limitation by the inner layer. The compliant structure may be formed from a plurality of pedestals positioned generally parallel with each other. The pedestals may include a first foot attached to a first end of the pedestal and extending in a first direction aligned with the outer layer, and may include a second foot attached to a second end of the pedestal and extending in a second direction aligned with the inner layer.

  15. A novel quantum scheme for secure two-party distance computation

    NASA Astrophysics Data System (ADS)

    Peng, Zhen-wan; Shi, Run-hua; Zhong, Hong; Cui, Jie; Zhang, Shun

    2017-12-01

    Secure multiparty computational geometry is an essential field of secure multiparty computation, which computes a computation geometric problem without revealing any private information of each party. Secure two-party distance computation is a primitive of secure multiparty computational geometry, which computes the distance between two points without revealing each point's location information (i.e., coordinate). Secure two-party distance computation has potential applications with high secure requirements in military, business, engineering and so on. In this paper, we present a quantum solution to secure two-party distance computation by subtly using quantum private query. Compared to the classical related protocols, our quantum protocol can ensure higher security and better privacy protection because of the physical principle of quantum mechanics.

  16. SU-F-T-485: Independent Remote Audits for TG51 NonCompliant Photon Beams Performed by the IROC Houston QA Center

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Alvarez, P; Molineu, A; Lowenstein, J

    Purpose: IROC-H conducts external audits for output check verification of photon and electron beams. Many of these beams can meet the geometric requirements of the TG 51 calibration protocol. For those photon beams that are non TG 51 compliant like Elekta GammaKnife, Accuray CyberKnife and TomoTherapy, IROC-H has specific audit tools to monitor the reference calibration. Methods: IROC-H used its TLD and OSLD remote monitoring systems to verify the output of machines with TG 51 non compliant beams. Acrylic OSLD miniphantoms are used for the CyberKnife. Special TLD phantoms are used for TomoTherapy and GammaKnife machines to accommodate the specificmore » geometry of each machine. These remote audit tools are sent to institutions to be irradiated and returned to IROC-H for analysis. Results: The average IROC-H/institution ratios for 480 GammaKnife, 660 CyberKnife and 907 rotational TomoTherapy beams are 1.000±0.021, 1.008±0.019, 0.974±0.023, respectively. In the particular case of TomoTherapy, the overall ratio is 0.977±0.022 for HD units. The standard deviations of all results are consistent with values determined for TG 51 compliant photon beams. These ratios have shown some changes compared to values presented in 2008. The GammaKnife results were corrected by an experimentally determined scatter factor of 1.025 in 2013. The TomoTherapy helical beam results are now from a rotational beam whereas in 2008 the results were from a static beam. The decision to change modality was based on recommendations from the users. Conclusion: External audits of beam outputs is a valuable tool to confirm the calibrations of photon beams regardless of whether the machine is TG 51 or TG 51 non compliant. The difference found for TomoTherapy units is under investigation. This investigation was supported by IROC grant CA180803 awarded by the NCI.« less

  17. Asynchronous Object Storage with QoS for Scientific and Commercial Big Data

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Brim, Michael J; Dillow, David A; Oral, H Sarp

    2013-01-01

    This paper presents our design for an asynchronous object storage system intended for use in scientific and commercial big data workloads. Use cases from the target workload do- mains are used to motivate the key abstractions used in the application programming interface (API). The architecture of the Scalable Object Store (SOS), a prototype object stor- age system that supports the API s facilities, is presented. The SOS serves as a vehicle for future research into scalable and resilient big data object storage. We briefly review our research into providing efficient storage servers capable of providing quality of service (QoS) contractsmore » relevant for big data use cases.« less

  18. 15 CFR 781.2 - Purposes of the Additional Protocol and APR.

    Code of Federal Regulations, 2010 CFR

    2010-01-01

    ... Trade (Continued) BUREAU OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE ADDITIONAL PROTOCOL... and less any information to which the U.S. Government applies the national security exclusion, is... 15 Commerce and Foreign Trade 2 2010-01-01 2010-01-01 false Purposes of the Additional Protocol...

  19. An MPI-1 Compliant Thread-Based Implementation

    NASA Astrophysics Data System (ADS)

    Díaz Martín, J. C.; Rico Gallego, J. A.; Álvarez Llorente, J. M.; Perogil Duque, J. F.

    This work presents AzequiaMPI, the first full compliant implementation of the MPI-1 standard where the MPI node is a thread. Performance comparisons with MPICH2-Nemesis show that thread-based implementations exploit adequately the multicore architectures under oversubscription, what could make MPI competitive with OpenMP-like solutions.

  20. VoIP for Telerehabilitation: A Pilot Usability Study for HIPAA Compliance

    PubMed Central

    Watzlaf, Valerie R.; Ondich, Briana

    2012-01-01

    Consumer-based, free Voice and video over the Internet Protocol (VoIP) software systems such as Skype and others are used by health care providers to deliver telerehabilitation and other health-related services to clients. Privacy and security applications as well as HIPAA compliance within these protocols have been questioned by practitioners, health information managers, and other healthcare entities. This pilot usability study examined whether four respondents who used the top three, free consumer-based, VoIP software systems perceived these VoIP technologies to be private, secure, and HIPAA compliant; most did not. While the pilot study limitations include the number of respondents and systems assessed, the protocol can be applied to future research and replicated for instructional purposes. Recommendations are provided for VoIP companies, providers, and clients/consumers. PMID:25945194

  1. Experimental eavesdropping attack against Ekert's protocol based on Wigner's inequality

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Bovino, F. A.; Colla, A. M.; Castagnoli, G.

    2003-09-01

    We experimentally implemented an eavesdropping attack against the Ekert protocol for quantum key distribution based on the Wigner inequality. We demonstrate a serious lack of security of this protocol when the eavesdropper gains total control of the source. In addition we tested a modified Wigner inequality which should guarantee a secure quantum key distribution.

  2. Secure Infrastructure-Less Network (SINET)

    DTIC Science & Technology

    2017-06-01

    Protocol CNSA Commercial National Security Algorithm COMSEC Communications Security COTS Commercial off the Shelf CSfC Commercial Solutions for...ABSTRACT (maximum 200 words) Military leaders and first responders desire the familiarity of commercial -off-the-shelf lightweight mobile devices while...since they lack reliable or secure communication infrastructure. Routine and simple mobile information-sharing tasks become a challenge over the

  3. Compliant seal development

    NASA Technical Reports Server (NTRS)

    Hendricks, Robert C.

    1993-01-01

    The compliant metallic seal combines the noncontact feature of the labyrinth seal, the low leakage of a mechanical seal, and the compliant nature of the brush seal. It consists of several thin metallic elements or leaves mounted within a ring which is press fit into the housing, and in form, sort of resembles a lip seal sections wiping the shaft. A second set of overlapping cover leaves are placed on top of the shaft riding leaves which reduces leakage and provides stiffness. The leaves can be straight or angle cut. The shaft riding fingers are designed with mismatched curvature to provide lift off similar to the Rayleigh lift pads in mechanical seals with leading edge clearances nearly twice those of the trailing edge as as shown by Fleming to be optimal for gas flows in convergent seal passages. Leading edge clearances range from 300 to 500 microinches. Balance pockets beneath the leaves provide fluid film feed to the 'Rayleigh lift' surface and the proper balance ratio (mechanical seal) when combined with the static pressure and film pressure. The leaves flex in the radial direction and accommodate thermomechanical behavior as well as axial motion and angular misalignment. In the static mode, there is a net closing force on the leaves. The seals were tested to 70 psi at speeds to 16,000 rpm or surface speeds to 330 fps and temperatures from ambient to 440 F. A slow cycle through the rig critical at 10,000 rpm induced a radial vibration response of 0.004 to 0.005 inch were accommodated by the seal. Preliminary performance data are encouraging demonstrating hydrodynamic liftoff and noncontacting operation at pressure and speeds typical of gas turbine engines. The leakage performance data are significantly better than commercial labyrinth and brush seals which should be expected as this design incorporates the features of the low leakage face or mechanical seal along with the flexibility of the brush configuration.

  4. Compliant seal development

    NASA Astrophysics Data System (ADS)

    Hendricks, Robert C.

    1993-10-01

    The compliant metallic seal combines the noncontact feature of the labyrinth seal, the low leakage of a mechanical seal, and the compliant nature of the brush seal. It consists of several thin metallic elements or leaves mounted within a ring which is press fit into the housing, and in form, sort of resembles a lip seal sections wiping the shaft. A second set of overlapping cover leaves are placed on top of the shaft riding leaves which reduces leakage and provides stiffness. The leaves can be straight or angle cut. The shaft riding fingers are designed with mismatched curvature to provide lift off similar to the Rayleigh lift pads in mechanical seals with leading edge clearances nearly twice those of the trailing edge as as shown by Fleming to be optimal for gas flows in convergent seal passages. Leading edge clearances range from 300 to 500 microinches. Balance pockets beneath the leaves provide fluid film feed to the 'Rayleigh lift' surface and the proper balance ratio (mechanical seal) when combined with the static pressure and film pressure. The leaves flex in the radial direction and accommodate thermomechanical behavior as well as axial motion and angular misalignment. In the static mode, there is a net closing force on the leaves. The seals were tested to 70 psi at speeds to 16,000 rpm or surface speeds to 330 fps and temperatures from ambient to 440 F. A slow cycle through the rig critical at 10,000 rpm induced a radial vibration response of 0.004 to 0.005 inch were accommodated by the seal. Preliminary performance data are encouraging demonstrating hydrodynamic liftoff and noncontacting operation at pressure and speeds typical of gas turbine engines. The leakage performance data are significantly better than commercial labyrinth and brush seals which should be expected as this design incorporates the features of the low leakage face or mechanical seal along with the flexibility of the brush configuration.

  5. Loss-tolerant quantum secure positioning with weak laser sources

    DOE PAGES

    Lim, Charles Ci Wen; Xu, Feihu; Siopsis, George; ...

    2016-09-14

    Quantum position verification (QPV) is the art of verifying the geographical location of an untrusted party. It has recently been shown that the widely studied Bennett & Brassard 1984 (BB84) QPV protocol is insecure after the 3 dB loss point assuming local operations and classical communication (LOCC) adversaries. Here in this paper, we propose a time-reversed entanglement swapping QPV protocol (based on measurement-device-independent quantum cryptography) that is highly robust against quantum channel loss. First, assuming ideal qubit sources, we show that the protocol is secure against LOCC adversaries for any quantum channel loss, thereby overcoming the 3 dB loss limit.more » Then, we analyze the security of the protocol in a more practical setting involving weak laser sources and linear optics. Lastly, in this setting, we find that the security only degrades by an additive constant and the protocol is able to verify positions up to 47 dB channel loss.« less

  6. Putting the Human Back in the Protocol

    NASA Astrophysics Data System (ADS)

    Christianson, Bruce

    Hello, everyone, and welcome to the 14th International Security Protocols Workshop. I’m going to start with a quotation from someone who, at least in principle, is in charge of a very different security community than ours:

  7. Primary path reservation using enhanced slot assignment in TDMA for session admission.

    PubMed

    Koneri Chandrasekaran, Suresh; Savarimuthu, Prakash; Andi Elumalai, Priya; Ayyaswamy, Kathirvel

    2015-01-01

    Mobile ad hoc networks (MANET) is a self-organized collection of nodes that communicates without any infrastructure. Providing quality of service (QoS) in such networks is a competitive task due to unreliable wireless link, mobility, lack of centralized coordination, and channel contention. The success of many real time applications is purely based on the QoS, which can be achieved by quality aware routing (QAR) and admission control (AC). Recently proposed QoS mechanisms do focus completely on either reservation or admission control but are not better enough. In MANET, high mobility causes frequent path break due to the fact that every time the source node must find the route. In such cases the QoS session is affected. To admit a QoS session, admission control protocols must ensure the bandwidth of the relaying path before transmission starts; reservation of such bandwidth noticeably improves the admission control performance. Many TDMA based reservation mechanisms are proposed but need some improvement over slot reservation procedures. In order to overcome this specific issue, we propose a framework-PRAC (primary path reservation admission control protocol), which achieves improved QoS by making use of backup route combined with resource reservation. A network topology has been simulated and our approach proves to be a mechanism that admits the session effectively.

  8. Common Criteria Related Security Design Patterns for Intelligent Sensors—Knowledge Engineering-Based Implementation

    PubMed Central

    Bialas, Andrzej

    2011-01-01

    Intelligent sensors experience security problems very similar to those inherent to other kinds of IT products or systems. The assurance for these products or systems creation methodologies, like Common Criteria (ISO/IEC 15408) can be used to improve the robustness of the sensor systems in high risk environments. The paper presents the background and results of the previous research on patterns-based security specifications and introduces a new ontological approach. The elaborated ontology and knowledge base were validated on the IT security development process dealing with the sensor example. The contribution of the paper concerns the application of the knowledge engineering methodology to the previously developed Common Criteria compliant and pattern-based method for intelligent sensor security development. The issue presented in the paper has a broader significance in terms that it can solve information security problems in many application domains. PMID:22164064

  9. Common criteria related security design patterns for intelligent sensors--knowledge engineering-based implementation.

    PubMed

    Bialas, Andrzej

    2011-01-01

    Intelligent sensors experience security problems very similar to those inherent to other kinds of IT products or systems. The assurance for these products or systems creation methodologies, like Common Criteria (ISO/IEC 15408) can be used to improve the robustness of the sensor systems in high risk environments. The paper presents the background and results of the previous research on patterns-based security specifications and introduces a new ontological approach. The elaborated ontology and knowledge base were validated on the IT security development process dealing with the sensor example. The contribution of the paper concerns the application of the knowledge engineering methodology to the previously developed Common Criteria compliant and pattern-based method for intelligent sensor security development. The issue presented in the paper has a broader significance in terms that it can solve information security problems in many application domains.

  10. A modify ant colony optimization for the grid jobs scheduling problem with QoS requirements

    NASA Astrophysics Data System (ADS)

    Pu, Xun; Lu, XianLiang

    2011-10-01

    Job scheduling with customers' quality of service (QoS) requirement is challenging in grid environment. In this paper, we present a modify Ant colony optimization (MACO) for the Job scheduling problem in grid. Instead of using the conventional construction approach to construct feasible schedules, the proposed algorithm employs a decomposition method to satisfy the customer's deadline and cost requirements. Besides, a new mechanism of service instances state updating is embedded to improve the convergence of MACO. Experiments demonstrate the effectiveness of the proposed algorithm.

  11. Compliant Turbomachine Sealing

    NASA Technical Reports Server (NTRS)

    Hendricks, R. C.; Braun, M. J.; Deng, D.; Hendricks, J. A.

    2011-01-01

    Sealing interface materials and coatings are sacrificial, giving up their integrity for the benefit of the component. Seals that are compliant while still controlling leakage, dynamics, and coolant flows are sought to enhance turbomachine performance. Herein we investigate the leaf-seal configuration. While the leaf seal is classified as contacting, a ready modification using the leaf-housing arrangement in conjunction with an interface film rider (a bore seal, for example) provides for a film-riding noncontact seal. The leaf housing and leaf elements can be made from a variety of materials from plastic to ceramic. Four simplistic models are used to identify the physics essential to controlling leakage. Corroborated by CFD, these results provide design parameters for applications to within reasonable engineering certainty. Some potential improvements are proposed.

  12. Cognitive Protocol Stack Design

    DTIC Science & Technology

    2015-12-30

    SECURITY CLASSIFICATION OF: In the ARO “ Cognitive Protocol Stack Design" project we proposed cognitive networking solutions published in international...areas related to cognitive networking, opening also new lines of research that was not possible to forecast at the beginning of the project. In a...Distribution Unlimited Final Report: Cognitive Protocol Stack Design The views, opinions and/or findings contained in this report are those of the author(s

  13. Practical and secure telemedicine systems for user mobility.

    PubMed

    Rezaeibagha, Fatemeh; Mu, Yi

    2018-02-01

    The application of wireless devices has led to a significant improvement in the quality delivery of care in telemedicine systems. Patients who live in a remote area are able to communicate with the healthcare provider and benefit from the doctor consultations. However, it has been a challenge to provide a secure telemedicine system, which captures users (patients and doctors) mobility and patient privacy. In this work, we present several secure protocols for telemedicine systems, which ensure the secure communication between patients and doctors who are located in different geographical locations. Our protocols are the first of this kind featured with confidentiality of patient information, mutual authentication, patient anonymity, data integrity, freshness of communication, and mobility. Our protocols are based on symmetric-key schemes and capture all desirable security requirements in order to better serve our objectives of research for secure telemedicine services; therefore, they are very efficient in implementation. A comparison with related works shows that our work contributes first comprehensive solution to capture user mobility and patient privacy for telemedicine systems. Copyright © 2018 Elsevier Inc. All rights reserved.

  14. Multiparty quantum key agreement protocol based on locally indistinguishable orthogonal product states

    NASA Astrophysics Data System (ADS)

    Jiang, Dong-Huan; Xu, Guang-Bao

    2018-07-01

    Based on locally indistinguishable orthogonal product states, we propose a novel multiparty quantum key agreement (QKA) protocol. In this protocol, the private key information of each party is encoded as some orthogonal product states that cannot be perfectly distinguished by local operations and classical communications. To ensure the security of the protocol with small amount of decoy particles, the different particles of each product state are transmitted separately. This protocol not only can make each participant fairly negotiate a shared key, but also can avoid information leakage in the maximum extent. We give a detailed security proof of this protocol. From comparison result with the existing QKA protocols, we can know that the new protocol is more efficient.

  15. A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol.

    PubMed

    Ramsauer, Brigitte; Lotzin, Annett; Mühlhan, Christine; Romer, Georg; Nolte, Tobias; Fonagy, Peter; Powell, Bert

    2014-01-30

    Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and inform hypotheses about which intervention

  16. A randomized controlled trial comparing Circle of Security Intervention and treatment as usual as interventions to increase attachment security in infants of mentally ill mothers: Study Protocol

    PubMed Central

    2014-01-01

    Background Psychopathology in women after childbirth represents a significant risk factor for parenting and infant mental health. Regarding child development, these infants are at increased risk for developing unfavorable attachment strategies to their mothers and for subsequent behavioral, emotional and cognitive impairments throughout childhood. To date, the specific efficacy of an early attachment-based parenting group intervention under standard clinical outpatient conditions, and the moderators and mediators that promote attachment security in infants of mentally ill mothers, have been poorly evaluated. Methods/Design This randomized controlled clinical trial tests whether promoting attachment security in infancy with the Circle of Security (COS) Intervention will result in a higher rate of securely attached children compared to treatment as usual (TAU). Furthermore, we will determine whether the distributions of securely attached children are moderated or mediated by variations in maternal sensitivity, mentalizing, attachment representations, and psychopathology obtained at baseline and at follow-up. We plan to recruit 80 mother-infant dyads when infants are aged 4-9 months with 40 dyads being randomized to each treatment arm. Infants and mothers will be reassessed when the children are 16-18 months of age. Methodological aspects of the study are systematic recruitment and randomization, explicit inclusion and exclusion criteria, research assessors and coders blinded to treatment allocation, advanced statistical analysis, manualized treatment protocols and assessments of treatment adherence and integrity. Discussion The aim of this clinical trial is to determine whether there are specific effects of an attachment-based intervention that promotes attachment security in infants. Additionally, we anticipate being able to utilize data on maternal and child outcome measures to obtain preliminary indications about potential moderators of the intervention and

  17. Evaluation of GMP-compliant culture media for in vitro expansion of human bone marrow mesenchymal stromal cells.

    PubMed

    Wuchter, Patrick; Vetter, Marcel; Saffrich, Rainer; Diehlmann, Anke; Bieback, Karen; Ho, Anthony D; Horn, Patrick

    2016-06-01

    Mesenchymal stromal cells (MSCs) from human bone marrow serve as a resource for cell-based therapies in regenerative medicine. Clinical applications require standardized protocols according to good manufacturing practice (GMP) guidelines. Donor variability as well as the intrinsic heterogeneity of MSC populations must be taken into consideration. The composition of the culture medium is a key factor in successful MSC expansion. The aim of this study was to comparatively assess the efficiency of xeno-free human platelet lysate (HPL)-based cell expansion with two commercially available media-StemPro MSC SFM CTS (for human ex vivo tissue and cell culture processing applications) and MSCGM (non-GMP-compliant, for research only)-in an academic setting as the first optimization step toward GMP-compliant manufacturing. We report the feasibility of MSC expansion up to the yielded cell number with all three media. MSCs exhibited the typical fibroblastoid morphology, with distinct differences in cell size depending on the medium. The differentiation capacity and characteristic immunophenotype were confirmed for all MSC populations. Proliferation was highest using StemPro MSC SFM CTS, whereas HPL medium was more cost-effective and its composition could be adjusted individually according to the respective needs. In summary, we present a comprehensive evaluation of GMP-compatible culture media for MSC expansion. Both StemPro and HPL medium proved to be suitable for clinical application and allowed sufficient cell proliferation. Specific differences were observed and should be considered according to the intended use. This study provides a detailed cost analysis and tools that may be helpful for the establishment of GMP-compliant MSC expansion. Copyright © 2016 ISEH - International Society for Experimental Hematology. Published by Elsevier Inc. All rights reserved.

  18. Robot cable-compliant devices

    NASA Technical Reports Server (NTRS)

    Kerley, James J., Jr. (Inventor)

    1990-01-01

    A cable compliant robotic joint includes two U configuration cross section brackets with their U cross sections lying in different planes, one of their brackets being connected to a robot arm and the other to a tool. Additional angle brackets are displaced from the other brackets at corners of the robotic joint. All the brackets are connected by cable segments which lie in one or more planes which are perpendicular to the direction of tool travel as it approaches a work object. The compliance of the joint is determined by the cable segment characteristics, such as their length, material, angle, stranding, pretwisting, and prestressing.

  19. Internetting tactical security sensor systems

    NASA Astrophysics Data System (ADS)

    Gage, Douglas W.; Bryan, W. D.; Nguyen, Hoa G.

    1998-08-01

    The Multipurpose Surveillance and Security Mission Platform (MSSMP) is a distributed network of remote sensing packages and control stations, designed to provide a rapidly deployable, extended-range surveillance capability for a wide variety of military security operations and other tactical missions. The baseline MSSMP sensor suite consists of a pan/tilt unit with video and FLIR cameras and laser rangefinder. With an additional radio transceiver, MSSMP can also function as a gateway between existing security/surveillance sensor systems such as TASS, TRSS, and IREMBASS, and IP-based networks, to support the timely distribution of both threat detection and threat assessment information. The MSSMP system makes maximum use of Commercial Off The Shelf (COTS) components for sensing, processing, and communications, and of both established and emerging standard communications networking protocols and system integration techniques. Its use of IP-based protocols allows it to freely interoperate with the Internet -- providing geographic transparency, facilitating development, and allowing fully distributed demonstration capability -- and prepares it for integration with the IP-based tactical radio networks that will evolve in the next decade. Unfortunately, the Internet's standard Transport layer protocol, TCP, is poorly matched to the requirements of security sensors and other quasi- autonomous systems in being oriented to conveying a continuous data stream, rather than discrete messages. Also, its canonical 'socket' interface both conceals short losses of communications connectivity and simply gives up and forces the Application layer software to deal with longer losses. For MSSMP, a software applique is being developed that will run on top of User Datagram Protocol (UDP) to provide a reliable message-based Transport service. In addition, a Session layer protocol is being developed to support the effective transfer of control of multiple platforms among multiple control

  20. Handedness in shearing auxetics creates rigid and compliant structures

    NASA Astrophysics Data System (ADS)

    Lipton, Jeffrey Ian; MacCurdy, Robert; Manchester, Zachary; Chin, Lillian; Cellucci, Daniel; Rus, Daniela

    2018-05-01

    In nature, repeated base units produce handed structures that selectively bond to make rigid or compliant materials. Auxetic tilings are scale-independent frameworks made from repeated unit cells that expand under tension. We discovered how to produce handedness in auxetic unit cells that shear as they expand by changing the symmetries and alignments of auxetic tilings. Using the symmetry and alignment rules that we developed, we made handed shearing auxetics that tile planes, cylinders, and spheres. By compositing the handed shearing auxetics in a manner inspired by keratin and collagen, we produce both compliant structures that expand while twisting and deployable structures that can rigidly lock. This work opens up new possibilities in designing chemical frameworks, medical devices like stents, robotic systems, and deployable engineering structures.

  1. Using Taxonomic Indexing Trees to Efficiently Retrieve SCORM-Compliant Documents in e-Learning Grids

    ERIC Educational Resources Information Center

    Shih, Wen-Chung; Tseng, Shian-Shyong; Yang, Chao-Tung

    2008-01-01

    With the flourishing development of e-Learning, more and more SCORM-compliant teaching materials are developed by institutes and individuals in different sites. In addition, the e-Learning grid is emerging as an infrastructure to enhance traditional e-Learning systems. Therefore, information retrieval schemes supporting SCORM-compliant documents…

  2. Ceramic TBS/porous metal compliant layer

    NASA Technical Reports Server (NTRS)

    Tolokan, Robert P.; Jarrabet, G. P.

    1992-01-01

    Technetics Corporation manufactures metal fiber materials and components used in aerospace applications. Our technology base is fiber metal porous sheet material made from sinter bonded metal fibers. Fiber metals have percent densities (metal content by volume) from 10 to 65 percent. Various topics are covered and include the following: fiber metal materials, compliant layer thermal bayer coatings (TBC's), pad properties, ceramic/pad TBC design, thermal shock rig, fabrication, and applications.

  3. Verification of drag-reduction capabilities of stiff compliant coatings in air flow at moderate speeds

    NASA Astrophysics Data System (ADS)

    Boiko, Andrey V.; Kulik, Victor M.; Chun, Ho-Hwan; Lee, Inwon

    2011-12-01

    Skin frictional drag reduction efficiency of "stiff" compliant coating was investigated in a wind tunnel experiment. Flat plate compliant coating inserts were installed in a wind tunnel and the measurements of skin frictional drag and velocity field were carried out. The compliant coatings with varying viscoelastic properties had been prepared using different composition. In order to optimize the coating thickness, the most important design parameter, the dynamic viscoelastic properties had been determined experimentally. The aging of the materials (variation of their properties) during half a year was documented as well. A design procedure proposed by Kulik et al. (2008) was applied to get an optimal value for the coating thickness. Along with the drag measurement using the strain balance, velocity and pressure were measured for different coatings. The compliant coatings with the thickness h = 7mm achieved 4~5% drag reduction within a velocity range 30~40 m/s. The drag reduction mechanism of the attenuation of turbulence velocity fluctuations due to the compliant coating was demonstrated. It is envisioned that larger drag reduction effect is obtainable at higher flow velocities for high speed trains and subsonic aircrafts.

  4. Secure anonymous mutual authentication for star two-tier wireless body area networks.

    PubMed

    Ibrahim, Maged Hamada; Kumari, Saru; Das, Ashok Kumar; Wazid, Mohammad; Odelu, Vanga

    2016-10-01

    Mutual authentication is a very important service that must be established between sensor nodes in wireless body area network (WBAN) to ensure the originality and integrity of the patient's data sent by sensors distributed on different parts of the body. However, mutual authentication service is not enough. An adversary can benefit from monitoring the traffic and knowing which sensor is in transmission of patient's data. Observing the traffic (even without disclosing the context) and knowing its origin, it can reveal to the adversary information about the patient's medical conditions. Therefore, anonymity of the communicating sensors is an important service as well. Few works have been conducted in the area of mutual authentication among sensor nodes in WBAN. However, none of them has considered anonymity among body sensor nodes. Up to our knowledge, our protocol is the first attempt to consider this service in a two-tier WBAN. We propose a new secure protocol to realize anonymous mutual authentication and confidential transmission for star two-tier WBAN topology. The proposed protocol uses simple cryptographic primitives. We prove the security of the proposed protocol using the widely-accepted Burrows-Abadi-Needham (BAN) logic, and also through rigorous informal security analysis. In addition, to demonstrate the practicality of our protocol, we evaluate it using NS-2 simulator. BAN logic and informal security analysis prove that our proposed protocol achieves the necessary security requirements and goals of an authentication service. The simulation results show the impact on the various network parameters, such as end-to-end delay and throughput. The nodes in the network require to store few hundred bits. Nodes require to perform very few hash invocations, which are computationally very efficient. The communication cost of the proposed protocol is few hundred bits in one round of communication. Due to the low computation cost, the energy consumed by the nodes is

  5. Wetting of a partially immersed compliant rod

    NASA Astrophysics Data System (ADS)

    Hui, Chung-Yuen; Jagota, Anand

    2016-11-01

    The force on a solid rod partially immersed in a liquid is commonly used to determine the liquid-vapor surface tension by equating the measured force required to remove the rod from the liquid to the vertical component of the liquid-vapor surface tension. Here, we study how this process is affected when the rod is compliant. For equilibrium, we enforce force and configurational energy balance, including contributions from elastic energy. We show that, in general, the contact angle does not equal that given by Young's equation. If surface stresses are tensile, the strain in the immersed part of the rod is found to be compressive and to depend only on the solid-liquid surface stress. The strain in the dry part of the rod can be either tensile or compressive, depending on a combination of parameters that we identify. We also provide results for compliant plates partially immersed in a liquid under plane strain and plane stress. Our results can be used to extract solid surface stresses from such experiments.

  6. Distributed Network Protocols

    DTIC Science & Technology

    1980-07-01

    MONITORING AGENCY NAME & ADDRESS(II different from Controlting Office) IS. SECURITY CLASS. (of this report) S Office of Naval Research Unclassified...All protocols are extended to networks with changing. topology. S80 8 4 246 DD0I iA 1473 EDITION OF INOV 65 IS OBSOLETE 8 0 24 SECURITY CLASSIFICATION...to the netowrk . f) Each node knows its adjacent links, but not necessarily the identity of its neighbors, i.e. the nodes at the other end of the links

  7. Practical Computer Security through Cryptography

    NASA Technical Reports Server (NTRS)

    McNab, David; Twetev, David (Technical Monitor)

    1998-01-01

    The core protocols upon which the Internet was built are insecure. Weak authentication and the lack of low level encryption services introduce vulnerabilities that propagate upwards in the network stack. Using statistics based on CERT/CC Internet security incident reports, the relative likelihood of attacks via these vulnerabilities is analyzed. The primary conclusion is that the standard UNIX BSD-based authentication system is by far the most commonly exploited weakness. Encryption of Sensitive password data and the adoption of cryptographically-based authentication protocols can greatly reduce these vulnerabilities. Basic cryptographic terminology and techniques are presented, with attention focused on the ways in which technology such as encryption and digital signatures can be used to protect against the most commonly exploited vulnerabilities. A survey of contemporary security software demonstrates that tools based on cryptographic techniques, such as Kerberos, ssh, and PGP, are readily available and effectively close many of the most serious security holes. Nine practical recommendations for improving security are described.

  8. Comparative Study on Various Authentication Protocols in Wireless Sensor Networks.

    PubMed

    Rajeswari, S Raja; Seenivasagam, V

    2016-01-01

    Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated.

  9. Comparative Study on Various Authentication Protocols in Wireless Sensor Networks

    PubMed Central

    Rajeswari, S. Raja; Seenivasagam, V.

    2016-01-01

    Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated. PMID:26881272

  10. Integrated secure solution for electronic healthcare records sharing

    NASA Astrophysics Data System (ADS)

    Yao, Yehong; Zhang, Chenghao; Sun, Jianyong; Jin, Jin; Zhang, Jianguo

    2007-03-01

    The EHR is a secure, real-time, point-of-care, patient-centric information resource for healthcare providers. Many countries and regional districts have set long-term goals to build EHRs, and most of EHRs are usually built based on the integration of different information systems with different information models and platforms. A number of hospitals in Shanghai are also piloting the development of an EHR solution based on IHE XDS/XDS-I profiles with a service-oriented architecture (SOA). The first phase of the project targets the Diagnostic Imaging domain and allows seamless sharing of images and reports across the multiple hospitals. To develop EHRs for regional coordinated healthcare, some factors should be considered in designing architecture, one of which is security issue. In this paper, we present some approaches and policies to improve and strengthen the security among the different hospitals' nodes, which are compliant with the security requirements defined by IHE IT Infrastructure (ITI) Technical Framework. Our security solution includes four components: Time Sync System (TSS), Digital Signature Manage System (DSMS), Data Exchange Control Component (DECC) and Single Sign-On (SSO) System. We give a design method and implementation strategy of these security components, and then evaluate the performance and overheads of the security services or features by integrating the security components into an image-based EHR system.

  11. Approach for Structurally Clearing an Adaptive Compliant Trailing Edge Flap for Flight

    NASA Technical Reports Server (NTRS)

    Miller, Eric J.; Lokos, William A.; Cruz, Josue; Crampton, Glen; Stephens, Craig A.; Kota, Sridhar; Ervin, Gregory; Flick, Pete

    2015-01-01

    The Adaptive Compliant Trailing Edge (ACTE) flap was flown on the National Aeronautics and Space Administration (NASA) Gulfstream GIII testbed at the NASA Armstrong Flight Research Center. This smoothly curving flap replaced the existing Fowler flaps creating a seamless control surface. This compliant structure, developed by FlexSys Inc. in partnership with the Air Force Research Laboratory, supported NASA objectives for airframe structural noise reduction, aerodynamic efficiency, and wing weight reduction through gust load alleviation. A thorough structures airworthiness approach was developed to move this project safely to flight. A combination of industry and NASA standard practice require various structural analyses, ground testing, and health monitoring techniques for showing an airworthy structure. This paper provides an overview of compliant structures design, the structural ground testing leading up to flight, and the flight envelope expansion and monitoring strategy. Flight data will be presented, and lessons learned along the way will be highlighted.

  12. Security bound of cheat sensitive quantum bit commitment.

    PubMed

    He, Guang Ping

    2015-03-23

    Cheat sensitive quantum bit commitment (CSQBC) loosens the security requirement of quantum bit commitment (QBC), so that the existing impossibility proofs of unconditionally secure QBC can be evaded. But here we analyze the common features in all existing CSQBC protocols, and show that in any CSQBC having these features, the receiver can always learn a non-trivial amount of information on the sender's committed bit before it is unveiled, while his cheating can pass the security check with a probability not less than 50%. The sender's cheating is also studied. The optimal CSQBC protocols that can minimize the sum of the cheating probabilities of both parties are found to be trivial, as they are practically useless. We also discuss the possibility of building a fair protocol in which both parties can cheat with equal probabilities.

  13. Security of a sessional blind signature based on quantum cryptograph

    NASA Astrophysics Data System (ADS)

    Wang, Tian-Yin; Cai, Xiao-Qiu; Zhang, Rui-Ling

    2014-08-01

    We analyze the security of a sessional blind signature protocol based on quantum cryptograph and show that there are two security leaks in this protocol. One is that the legal user Alice can change the signed message after she gets a valid blind signature from the signatory Bob, and the other is that an external opponent Eve also can forge a valid blind message by a special attack, which are not permitted for blind signature. Therefore, this protocol is not secure in the sense that it does not satisfy the non-forgeability of blind signatures. We also discuss the methods to prevent the attack strategies in the end.

  14. The research and application of the NDP protocol vulnerability attack and the defense technology based on SEND

    NASA Astrophysics Data System (ADS)

    Xi, Huixing

    2017-05-01

    Neighbor discovery protocol (NDP) is the underlying protocol in the IPv6 protocol, which is mainly used to solve the problem of interconnection between nodes on the same link. But with wide use of IPV6, NDP becomes the main objects of a variety of attacks due to a lack of security mechanism. The paper introduces the working principle of the NDP and methods of how the SEND protocol to enhance NDP security defense. It also analyzes and summarizes the security threats caused by the defects of the protocol itself. On the basis of the SEND protocol, the NDP data packet structure is modified to enhance the security of the SEND. An improved NDP cheating defense technology is put forward to make up the defects of the SEND protocol which can't verify the correctness of the public key and cannot bind the MAC address.

  15. New integrated silicon-PDMS process for compliant micro-mechanisms

    NASA Astrophysics Data System (ADS)

    Haouas, Wissem; Dahmouche, Redwan; Agnus, Joël; Le Fort-Piat, Nadine; Laurent, Guillaume J.

    2017-12-01

    Polydimethylsiloxane (PDMS) elastomers are used for many applications, such as microfluidics and micro-engineering. This paper presents a new process of integrating soft elastomers into a silicon structure without any assembly steps. The novelty of this process is the use of only one deep reactive ion etch (DRIE) instead of two or more as developed in previous works. Thus, this fabrication process allows the use of elastomers that are usually not compatible with some fabrication processes. Compliant flexures with different interference shapes have been designed, simulated, fabricated, and characterized for generic use and notably for micro-robot joints and compliant micro-systems. The experimental results show that the 400 μm  ×  400 μm cross-sectional area samples can be bended more than 60\\circ without delamination.

  16. Secure and interoperable communication infrastructures for PPDR organisations

    NASA Astrophysics Data System (ADS)

    Müller, Wilmuth; Marques, Hugo; Pereira, Luis; Rodriguez, Jonathan; Brouwer, Frank; Bouwers, Bert; Politis, Ilias; Lykourgiotis, Asimakis; Ladas, Alexandros; Adigun, Olayinka; Jelenc, David

    2016-05-01

    The growing number of events affecting public safety and security (PS&S) on a regional scale with potential to grow up to large scale cross border disasters puts an increased pressure on agencies and organisation responsible for PS&S. In order to respond timely and in an adequate manner to such events, Public Protection and Disaster Relief (PPDR) organisations need to cooperate, align their procedures and activities, share the needed information and be interoperable. Existing PPDR/PMR technologies such as TETRA, TETRAPOL or P25, do not currently provide broadband capability nor is expected such technologies to be upgraded in the future. This presents a major limitation in supporting new services and information flows. Furthermore, there is no known standard that addresses interoperability of these technologies. In this contribution the design of a next generation communication infrastructure for PPDR organisations which fulfills the requirements of secure and seamless end-to-end communication and interoperable information exchange within the deployed communication networks is presented. Based on Enterprise Architecture of PPDR organisations, a next generation PPDR network that is backward compatible with legacy communication technologies is designed and implemented, capable of providing security, privacy, seamless mobility, QoS and reliability support for mission-critical Private Mobile Radio (PMR) voice and broadband data services. The designed solution provides a robust, reliable, and secure mobile broadband communications system for a wide variety of PMR applications and services on PPDR broadband networks, including the ability of inter-system, interagency and cross-border operations with emphasis on interoperability between users in PMR and LTE.

  17. Low Duty-Cycling MAC Protocol for Low Data-Rate Medical Wireless Body Area Networks

    PubMed Central

    Zhang, Chongqing; Wang, Yinglong; Liang, Yongquan; Shu, Minglei; Zhang, Jinquan; Ni, Lina

    2017-01-01

    Wireless body area networks (WBANs) are severely energy constrained, and how to improve the energy efficiency so as to prolong the network lifetime as long as possible is one of the most important goals of WBAN research. Low data-rate WBANs are promising to cut down the energy consumption and extend the network lifetime. Considering the characteristics and demands of low data-rate WBANs, a low duty-cycling medium access control (MAC) protocol is specially designed for this kind of WBAN in this paper. Longer superframes are exploited to cut down the energy consumed on the transmissions and receptions of redundant beacon frames. Insertion time slots are embedded into the inactive part of a superframe to deliver the frames and satisfy the quality of service (QoS) requirements. The number of the data subsections in an insertion time slot can be adaptively adjusted so as to accommodate low data-rate WBANs with different traffic. Simulation results show that the proposed MAC protocol performs well under the condition of low data-rate monitoring traffic. PMID:28509849

  18. Network security system for health and medical information using smart IC card

    NASA Astrophysics Data System (ADS)

    Kanai, Yoichi; Yachida, Masuyoshi; Yoshikawa, Hiroharu; Yamaguchi, Masahiro; Ohyama, Nagaaki

    1998-07-01

    A new network security protocol that uses smart IC cards has been designed to assure the integrity and privacy of medical information in communication over a non-secure network. Secure communication software has been implemented as a library based on this protocol, which is called the Integrated Secure Communication Layer (ISCL), and has been incorporated into information systems of the National Cancer Center Hospitals and the Health Service Center of the Tokyo Institute of Technology. Both systems have succeeded in communicating digital medical information securely.

  19. Anti-Noise Bidirectional Quantum Steganography Protocol with Large Payload

    NASA Astrophysics Data System (ADS)

    Qu, Zhiguo; Chen, Siyi; Ji, Sai; Ma, Songya; Wang, Xiaojun

    2018-06-01

    An anti-noise bidirectional quantum steganography protocol with large payload protocol is proposed in this paper. In the new protocol, Alice and Bob enable to transmit classical information bits to each other while teleporting secret quantum states covertly. The new protocol introduces the bidirectional quantum remote state preparation into the bidirectional quantum secure communication, not only to expand secret information from classical bits to quantum state, but also extract the phase and amplitude values of secret quantum state for greatly enlarging the capacity of secret information. The new protocol can also achieve better imperceptibility, since the eavesdropper can hardly detect the hidden channel or even obtain effective secret quantum states. Comparing with the previous quantum steganography achievements, due to its unique bidirectional quantum steganography, the new protocol can obtain higher transmission efficiency and better availability. Furthermore, the new algorithm can effectively resist quantum noises through theoretical analysis. Finally, the performance analysis proves the conclusion that the new protocol not only has good imperceptibility, high security, but also large payload.

  20. Anti-Noise Bidirectional Quantum Steganography Protocol with Large Payload

    NASA Astrophysics Data System (ADS)

    Qu, Zhiguo; Chen, Siyi; Ji, Sai; Ma, Songya; Wang, Xiaojun

    2018-03-01

    An anti-noise bidirectional quantum steganography protocol with large payload protocol is proposed in this paper. In the new protocol, Alice and Bob enable to transmit classical information bits to each other while teleporting secret quantum states covertly. The new protocol introduces the bidirectional quantum remote state preparation into the bidirectional quantum secure communication, not only to expand secret information from classical bits to quantum state, but also extract the phase and amplitude values of secret quantum state for greatly enlarging the capacity of secret information. The new protocol can also achieve better imperceptibility, since the eavesdropper can hardly detect the hidden channel or even obtain effective secret quantum states. Comparing with the previous quantum steganography achievements, due to its unique bidirectional quantum steganography, the new protocol can obtain higher transmission efficiency and better availability. Furthermore, the new algorithm can effectively resist quantum noises through theoretical analysis. Finally, the performance analysis proves the conclusion that the new protocol not only has good imperceptibility, high security, but also large payload.

  1. Comment on "Secure quantum private information retrieval using phase-encoded queries"

    NASA Astrophysics Data System (ADS)

    Shi, Run-hua; Mu, Yi; Zhong, Hong; Zhang, Shun

    2016-12-01

    In this Comment, we reexamine the security of phase-encoded quantum private query (QPQ). We find that the current phase-encoded QPQ protocols, including their applications, are vulnerable to a probabilistic entangle-and-measure attack performed by the owner of the database. Furthermore, we discuss how to overcome this security loophole and present an improved cheat-sensitive QPQ protocol without losing the good features of the original protocol.

  2. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

    PubMed

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

  3. A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy

    PubMed Central

    Goryczka, Slawomir; Xiong, Li

    2016-01-01

    This paper considers the problem of secure data aggregation (mainly summation) in a distributed setting, while ensuring differential privacy of the result. We study secure multiparty addition protocols using well known security schemes: Shamir’s secret sharing, perturbation-based, and various encryptions. We supplement our study with our new enhanced encryption scheme EFT, which is efficient and fault tolerant. Differential privacy of the final result is achieved by either distributed Laplace or Geometric mechanism (respectively DLPA or DGPA), while approximated differential privacy is achieved by diluted mechanisms. Distributed random noise is generated collectively by all participants, which draw random variables from one of several distributions: Gamma, Gauss, Geometric, or their diluted versions. We introduce a new distributed privacy mechanism with noise drawn from the Laplace distribution, which achieves smaller redundant noise with efficiency. We compare complexity and security characteristics of the protocols with different differential privacy mechanisms and security schemes. More importantly, we implemented all protocols and present an experimental comparison on their performance and scalability in a real distributed environment. Based on the evaluations, we identify our security scheme and Laplace DLPA as the most efficient for secure distributed data aggregation with privacy. PMID:28919841

  4. A Comprehensive Comparison of Multiparty Secure Additions with Differential Privacy.

    PubMed

    Goryczka, Slawomir; Xiong, Li

    2017-01-01

    This paper considers the problem of secure data aggregation (mainly summation) in a distributed setting, while ensuring differential privacy of the result. We study secure multiparty addition protocols using well known security schemes: Shamir's secret sharing, perturbation-based, and various encryptions. We supplement our study with our new enhanced encryption scheme EFT, which is efficient and fault tolerant. Differential privacy of the final result is achieved by either distributed Laplace or Geometric mechanism (respectively DLPA or DGPA), while approximated differential privacy is achieved by diluted mechanisms. Distributed random noise is generated collectively by all participants, which draw random variables from one of several distributions: Gamma, Gauss, Geometric, or their diluted versions. We introduce a new distributed privacy mechanism with noise drawn from the Laplace distribution, which achieves smaller redundant noise with efficiency. We compare complexity and security characteristics of the protocols with different differential privacy mechanisms and security schemes. More importantly, we implemented all protocols and present an experimental comparison on their performance and scalability in a real distributed environment. Based on the evaluations, we identify our security scheme and Laplace DLPA as the most efficient for secure distributed data aggregation with privacy.

  5. Parametric studies to determine the effect of compliant layers on metal matrix composite systems

    NASA Technical Reports Server (NTRS)

    Caruso, J. J.; Chamis, C. C.; Brown, H. C.

    1990-01-01

    Computational simulation studies are conducted to identify compliant layers to reduce matrix stresses which result from the coefficient of thermal expansion mismatch and the large temperature range over which the current metal matrix composites will be used. The present study includes variations of compliant layers and their properties to determine their influence on unidirectional composite and constituent response. Two simulation methods are used for these studies. The first approach is based on a three-dimensional linear finite element analysis of a 9 fiber unidirectional composite system. The second approach is a micromechanics based nonlinear computer code developed to determine the behavior of metal matrix composite system for thermal and mechanical loads. The results show that an effective compliant layer for the SCS 6 (SiC)/Ti-24Al-11Nb (Ti3Al + Nb) and SCS 6 (SiC)/Ti-15V-3Cr-3Sn-3Al (Ti-15-3) composite systems should have modulus 15 percent that of the matrix and a coefficient of thermal expansion of the compliant layer roughly equal to that of the composite system without the CL. The matrix stress in the longitudinal and the transverse tangent (loop) direction are tensile for the Ti3Al + Nb and Ti-15-3 composite systems upon cool down from fabrication. The fiber longitudinal stress is compressive from fabrication cool down. Addition of a recommended compliant layer will result in a reduction in the composite modulus.

  6. Secure Multiparty AES

    NASA Astrophysics Data System (ADS)

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  7. Entanglement-secured single-qubit quantum secret sharing

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Scherpelz, P.; Resch, R.; Berryrieser, D.

    In single-qubit quantum secret sharing, a secret is shared between N parties via manipulation and measurement of one qubit at a time. Each qubit is sent to all N parties in sequence; the secret is encoded in the first participant's preparation of the qubit state and the subsequent participants' choices of state rotation or measurement basis. We present a protocol for single-qubit quantum secret sharing using polarization entanglement of photon pairs produced in type-I spontaneous parametric downconversion. We investigate the protocol's security against eavesdropping attack under common experimental conditions: a lossy channel for photon transmission, and imperfect preparation of themore » initial qubit state. A protocol which exploits entanglement between photons, rather than simply polarization correlation, is more robustly secure. We implement the entanglement-based secret-sharing protocol with 87% secret-sharing fidelity, limited by the purity of the entangled state produced by our present apparatus. We demonstrate a photon-number splitting eavesdropping attack, which achieves no success against the entanglement-based protocol while showing the predicted rate of success against a correlation-based protocol.« less

  8. Mojave Compliant Zone Structure and Properties: Constraints from InSAR and Mechanical Models

    NASA Astrophysics Data System (ADS)

    Hearn, E. H.; Fialko, Y.; Finzi, Y.

    2007-12-01

    Long-lived zones with significantly lower elastic strength than their surroundings are associated with active Mojave faults (e.g., Li et al., 1999; Fialko et al., 2002, 2004). In an earthquake these weak features concentrate strain, causing them to show up as anomalous, short length-scale features in SAR interferograms (Fialko et al., 2002). Fault-zone trapped wave studies indicate that the 1999 Hector Mine earthquake caused a small reduction in P- and S-wave velocities in a compliant zone along the Landers earthquake rupture (Vidale and Li, 2003). This suggests that coseismic strain concentration, and the resulting damage, in the compliant zone caused a further reduction in its elastic strength. Even a small coseismic strength drop should make a compliant zone (CZ) deform, in response to the total (not just the coseismic) stress. The strain should be in the sense which is compatible with the orientations and values of the region's principal stresses. However, as indicated by Fialko and co-workers (2002, 2004), the sense of coseismic strain of Mojave compliant zones was consistent with coseismic stress change, not the regional (background) stress. Here we use finite-element models to investigate how InSAR measurements of Mojave compliant zone coseismic strain places limits on their dimensions and on upper crustal stresses. We find that unless the CZ is shallow, narrow, and has a high Poisson's ratio (e.g., 0.4), CZ contraction under lithostatic stress overshadows deformation due to deviatoric background stress or coseismic stress change. We present ranges of CZ dimensions which are compatible with the observed surface deformation and address how these dimensions compare with new results from damage-controlled fault evolution models.

  9. An ethernet/IP security review with intrusion detection applications

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Laughter, S. A.; Williams, R. D.

    2006-07-01

    Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IPmore » networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)« less

  10. Password-only authenticated three-party key exchange with provable security in the standard model.

    PubMed

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  11. Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

    PubMed Central

    Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

  12. Approach for Structurally Clearing an Adaptive Compliant Trailing Edge Flap for Flight

    NASA Technical Reports Server (NTRS)

    Miller, Eric J.; Lokos, William A.; Cruz, Josue; Crampton, Glen; Stephens, Craig A.; Kota, Sridhar; Ervin, Gregory; Flick, Pete

    2015-01-01

    The Adaptive Compliant Trailing Edge (ACTE) flap was flown on the NASA Gulfstream GIII test bed at the NASA Armstrong Flight Research Center. This smoothly curving flap replaced the existing Fowler flaps creating a seamless control surface. This compliant structure, developed by FlexSys Inc. in partnership with Air Force Research Laboratory, supported NASA objectives for airframe structural noise reduction, aerodynamic efficiency, and wing weight reduction through gust load alleviation. A thorough structures airworthiness approach was developed to move this project safely to flight.

  13. Compliant Electrode and Composite Material for Piezoelectric Wind and Mechanical Energy Conversions

    NASA Technical Reports Server (NTRS)

    Chen, Bin (Inventor)

    2015-01-01

    A thin film device for harvesting energy from wind. The thin film device includes one or more layers of a compliant piezoelectric material formed from a composite of a polymer and an inorganic material, such as a ceramic. Electrodes are disposed on a first side and a second side of the piezoelectric material. The electrodes are formed from a compliant material, such as carbon nanotubes or graphene. The thin film device exhibits improved resistance to structural fatigue upon application of large strains and repeated cyclic loadings.

  14. A Security-façade Library for Virtual-observatory Software

    NASA Astrophysics Data System (ADS)

    Rixon, G.

    2009-09-01

    The security-façade library implements, for Java, IVOA's security standards. It supports the authentication mechanisms for SOAP and REST web-services, the sign-on mechanisms (with MyProxy, AstroGrid Accounts protocol or local credential-caches), the delegation protocol, and RFC3820-enabled HTTPS for Apache Tomcat. Using the façade, a developer who is not a security specialist can easily add access control to a virtual-observatory service and call secured services from an application. The library has been an internal part of AstroGrid software for some time and it is now offered for use by other developers.

  15. Reasoning about Probabilistic Security Using Task-PIOAs

    NASA Astrophysics Data System (ADS)

    Jaggard, Aaron D.; Meadows, Catherine; Mislove, Michael; Segala, Roberto

    Task-structured probabilistic input/output automata (Task-PIOAs) are concurrent probabilistic automata that, among other things, have been used to provide a formal framework for the universal composability paradigms of protocol security. One of their advantages is that that they allow one to distinguish high-level nondeterminism that can affect the outcome of the protocol, from low-level choices, which can't. We present an alternative approach to analyzing the structure of Task-PIOAs that relies on ordered sets. We focus on two of the components that are required to define and apply Task-PIOAs: discrete probability theory and automata theory. We believe our development gives insight into the structure of Task-PIOAs and how they can be utilized to model crypto-protocols. We illustrate our approach with an example from anonymity, an area that has not previously been addressed using Task-PIOAs. We model Chaum's Dining Cryptographers Protocol at a level that does not require cryptographic primitives in the analysis. We show via this example how our approach can leverage a proof of security in the case a principal behaves deterministically to prove security when that principal behaves probabilistically.

  16. Compliant deformable mirror approach for wavefront improvement

    NASA Astrophysics Data System (ADS)

    Clark, James H.; Penado, F. Ernesto

    2016-04-01

    We describe a compliant static deformable mirror approach to reduce the wavefront concavity at the Navy Precision Optical Interferometer (NPOI). A single actuator pressing on the back surface of just one of the relay mirrors deforms the front surface in a correcting convex shape. Our design uses the mechanical advantage gained from a force actuator sandwiched between a rear flexure plate and the back surface of the mirror. We superimpose wavefront contour measurements with our finite element deformed mirror model. An example analysis showed improvement from 210-nm concave-concave wavefront to 51-nm concave-concave wavefront. With our present model, a 100-nm actuator increment displaces the mirror surface by 1.1 nm. We describe the need for wavefront improvement that arises from the NPOI reconfigurable array, offer a practical design approach, and analyze the support structure and compliant deformable mirror using the finite element method. We conclude that a 20.3-cm-diameter, 1.9-cm-thick Zerodur® mirror shows that it is possible to deform the reflective surface and cancel out three-fourths of the wavefront deformation without overstressing the material.

  17. Analysis and Improvement of Large Payload Bidirectional Quantum Secure Direct Communication Without Information Leakage

    NASA Astrophysics Data System (ADS)

    Liu, Zhi-Hao; Chen, Han-Wu

    2018-02-01

    As we know, the information leakage problem should be avoided in a secure quantum communication protocol. Unfortunately, it is found that this problem does exist in the large payload bidirectional quantum secure direct communication (BQSDC) protocol (Ye Int. J. Quantum. Inf. 11(5), 1350051 2013) which is based on entanglement swapping between any two Greenberger-Horne-Zeilinger (GHZ) states. To be specific, one half of the information interchanged in this protocol is leaked out unconsciously without any active attack from an eavesdropper. Afterward, this BQSDC protocol is revised to the one without information leakage. It is shown that the improved BQSDC protocol is secure against the general individual attack and has some obvious features compared with the original one.

  18. An Automated End-To Multi-Agent Qos Based Architecture for Selection of Geospatial Web Services

    NASA Astrophysics Data System (ADS)

    Shah, M.; Verma, Y.; Nandakumar, R.

    2012-07-01

    Over the past decade, Service-Oriented Architecture (SOA) and Web services have gained wide popularity and acceptance from researchers and industries all over the world. SOA makes it easy to build business applications with common services, and it provides like: reduced integration expense, better asset reuse, higher business agility, and reduction of business risk. Building of framework for acquiring useful geospatial information for potential users is a crucial problem faced by the GIS domain. Geospatial Web services solve this problem. With the help of web service technology, geospatial web services can provide useful geospatial information to potential users in a better way than traditional geographic information system (GIS). A geospatial Web service is a modular application designed to enable the discovery, access, and chaining of geospatial information and services across the web that are often both computation and data-intensive that involve diverse sources of data and complex processing functions. With the proliferation of web services published over the internet, multiple web services may provide similar functionality, but with different non-functional properties. Thus, Quality of Service (QoS) offers a metric to differentiate the services and their service providers. In a quality-driven selection of web services, it is important to consider non-functional properties of the web service so as to satisfy the constraints or requirements of the end users. The main intent of this paper is to build an automated end-to-end multi-agent based solution to provide the best-fit web service to service requester based on QoS.

  19. Controlled Secure Direct Communication with Seven-Qubit Entangled States

    NASA Astrophysics Data System (ADS)

    Wang, Shu-Kai; Zha, Xin-Wei; Wu, Hao

    2018-01-01

    In this paper, a new controlled secure direct communication protocol based on a maximally seven-qubit entangled state is proposed. the outcomes of measurement is performed by the sender and the controller, the receiver can obtain different secret messages in a deterministic way with unit successful probability.In this scheme,by using entanglement swapping, no qubits carrying secret messages are transmitted.Therefore, the protocol is completely secure.

  20. A secure RFID-based WBAN for healthcare applications.

    PubMed

    Ullah, Sana; Alamri, Atif

    2013-10-01

    A Wireless Body Area Network (WBAN) allows the seamless integration of small and intelligent invasive or non-invasive sensor nodes in, on or around a human body for continuous health monitoring. These nodes are expected to use different power-efficient protocols in order to extend the WBAN lifetime. This paper highlights the power consumption and security issues of WBAN for healthcare applications. Numerous power saving mechanisms are discussed and a secure RFID-based protocol for WBAN is proposed. The performance of the proposed protocol is analyzed and compared with that of IEEE 802.15.6-based CSMA/CA and preamble-based TDMA protocols using extensive simulations. It is shown that the proposed protocol is power-efficient and protects patients' data from adversaries. It is less vulnerable to different attacks compared to that of IEEE 802.15.6-based CSMA/CA and preamble-based TDMA protocols. For a low traffic load and a single alkaline battery of capacity 2.6 Ah, the proposed protocol could extend the WBAN lifetime, when deployed on patients in hospitals or at homes, to approximately five years.

  1. Multiple Object Based RFID System Using Security Level

    NASA Astrophysics Data System (ADS)

    Kim, Jiyeon; Jung, Jongjin; Ryu, Ukjae; Ko, Hoon; Joe, Susan; Lee, Yongjun; Kim, Boyeon; Chang, Yunseok; Lee, Kyoonha

    2007-12-01

    RFID systems are increasingly applied for operational convenience in wide range of industries and individual life. However, it is uneasy for a person to control many tags because common RFID systems have the restriction that a tag used to identify just a single object. In addition, RFID systems can make some serious problems in violation of privacy and security because of their radio frequency communication. In this paper, we propose a multiple object RFID tag which can keep multiple object identifiers for different applications in a same tag. The proposed tag allows simultaneous access for their pair applications. We also propose an authentication protocol for multiple object tag to prevent serious problems of security and privacy in RFID applications. Especially, we focus on efficiency of the authentication protocol by considering security levels of applications. In the proposed protocol, the applications go through different authentication procedures according to security level of the object identifier stored in the tag. We implemented the proposed RFID scheme and made experimental results about efficiency and stability for the scheme.

  2. Cryptanalysis and Improvements for the Quantum Private Comparison Protocol Using EPR Pairs

    NASA Astrophysics Data System (ADS)

    Wang, Cong; Xu, Gang; Yang, Yi-Xian

    2013-07-01

    In this paper, we carry out an in-depth analysis of the quantum private comparison (QPC) protocol with the semi-honest third party (TP). The security of QPC protocol using the EPR pairs is re-examined. Unfortunately, we find that TP can use the fake EPR pairs to steal all the secret information. Furthermore, we give two simple and feasible solutions to improve the original QPC protocol. It is shown that the improved protocol is secure, which can resist various kinds of attacks from both the outside eavesdroppers and the inside participants, even the semi-honest TP.

  3. Quality of Protection Evaluation of Security Mechanisms

    PubMed Central

    Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

    2014-01-01

    Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol. PMID:25136683

  4. Quality of protection evaluation of security mechanisms.

    PubMed

    Ksiezopolski, Bogdan; Zurek, Tomasz; Mokkas, Michail

    2014-01-01

    Recent research indicates that during the design of teleinformatic system the tradeoff between the systems performance and the system protection should be made. The traditional approach assumes that the best way is to apply the strongest possible security measures. Unfortunately, the overestimation of security measures can lead to the unreasonable increase of system load. This is especially important in multimedia systems where the performance has critical character. In many cases determination of the required level of protection and adjustment of some security measures to these requirements increase system efficiency. Such an approach is achieved by means of the quality of protection models where the security measures are evaluated according to their influence on the system security. In the paper, we propose a model for QoP evaluation of security mechanisms. Owing to this model, one can quantify the influence of particular security mechanisms on ensuring security attributes. The methodology of our model preparation is described and based on it the case study analysis is presented. We support our method by the tool where the models can be defined and QoP evaluation can be performed. Finally, we have modelled TLS cryptographic protocol and presented the QoP security mechanisms evaluation for the selected versions of this protocol.

  5. Optimal Resource Allocation under Fair QoS in Multi-tier Server Systems

    NASA Astrophysics Data System (ADS)

    Akai, Hirokazu; Ushio, Toshimitsu; Hayashi, Naoki

    Recent development of network technology realizes multi-tier server systems, where several tiers perform functionally different processing requested by clients. It is an important issue to allocate resources of the systems to clients dynamically based on their current requests. On the other hand, Q-RAM has been proposed for resource allocation in real-time systems. In the server systems, it is important that execution results of all applications requested by clients are the same QoS(quality of service) level. In this paper, we extend Q-RAM to multi-tier server systems and propose a method for optimal resource allocation with fairness of the QoS levels of clients’ requests. We also consider an assignment problem of physical machines to be sleep in each tier sothat the energy consumption is minimized.

  6. 48 CFR 1552.239-103 - Acquisition of Energy Star Compliant Microcomputers, Including Personal Computers, Monitors and...

    Code of Federal Regulations, 2012 CFR

    2012-10-01

    ... Compliant Microcomputers, Including Personal Computers, Monitors and Printers. 1552.239-103 Section 1552.239... Star Compliant Microcomputers, Including Personal Computers, Monitors and Printers. As prescribed in... Personal Computers, Monitors, and Printers (APR 1996) (a) The Contractor shall provide computer products...

  7. 48 CFR 1552.239-103 - Acquisition of Energy Star Compliant Microcomputers, Including Personal Computers, Monitors and...

    Code of Federal Regulations, 2011 CFR

    2011-10-01

    ... Compliant Microcomputers, Including Personal Computers, Monitors and Printers. 1552.239-103 Section 1552.239... Star Compliant Microcomputers, Including Personal Computers, Monitors and Printers. As prescribed in... Personal Computers, Monitors, and Printers (APR 1996) (a) The Contractor shall provide computer products...

  8. 48 CFR 1552.239-103 - Acquisition of Energy Star Compliant Microcomputers, Including Personal Computers, Monitors and...

    Code of Federal Regulations, 2010 CFR

    2010-10-01

    ... Compliant Microcomputers, Including Personal Computers, Monitors and Printers. 1552.239-103 Section 1552.239... Star Compliant Microcomputers, Including Personal Computers, Monitors and Printers. As prescribed in... Personal Computers, Monitors, and Printers (APR 1996) (a) The Contractor shall provide computer products...

  9. Collective attacks and unconditional security in continuous variable quantum key distribution.

    PubMed

    Grosshans, Frédéric

    2005-01-21

    We present here an information theoretic study of Gaussian collective attacks on the continuous variable key distribution protocols based on Gaussian modulation of coherent states. These attacks, overlooked in previous security studies, give a finite advantage to the eavesdropper in the experimentally relevant lossy channel, but are not powerful enough to reduce the range of the reverse reconciliation protocols. Secret key rates are given for the ideal case where Bob performs optimal collective measurements, as well as for the realistic cases where he performs homodyne or heterodyne measurements. We also apply the generic security proof of Christiandl et al. to obtain unconditionally secure rates for these protocols.

  10. Lowering the Barrier for Standards-Compliant and Discoverable Hydrological Data Publication

    NASA Astrophysics Data System (ADS)

    Kadlec, J.

    2013-12-01

    The growing need for sharing and integration of hydrological and climate data across multiple organizations has resulted in the development of distributed, services-based, standards-compliant hydrological data management and data hosting systems. The problem with these systems is complicated set-up and deployment. Many existing systems assume that the data publisher has remote-desktop access to a locally managed server and experience with computer network setup. For corporate websites, shared web hosting services with limited root access provide an inexpensive, dynamic web presence solution using the Linux, Apache, MySQL and PHP (LAMP) software stack. In this paper, we hypothesize that a webhosting service provides an optimal, low-cost solution for hydrological data hosting. We propose a software architecture of a standards-compliant, lightweight and easy-to-deploy hydrological data management system that can be deployed on the majority of existing shared internet webhosting services. The architecture and design is validated by developing Hydroserver Lite: a PHP and MySQL-based hydrological data hosting package that is fully standards-compliant and compatible with the Consortium of Universities for Advancement of Hydrologic Sciences (CUAHSI) hydrologic information system. It is already being used for management of field data collection by students of the McCall Outdoor Science School in Idaho. For testing, the Hydroserver Lite software has been installed on multiple different free and low-cost webhosting sites including Godaddy, Bluehost and 000webhost. The number of steps required to set-up the server is compared with the number of steps required to set-up other standards-compliant hydrologic data hosting systems including THREDDS, IstSOS and MapServer SOS.

  11. An Energy Efficient Protocol For The Internet Of Things

    NASA Astrophysics Data System (ADS)

    Venčkauskas, Algimantas; Jusas, Nerijus; Kazanavičius, Egidijus; Štuikys, Vytautas

    2015-01-01

    The Internet of Things (IoT) is a technological revolution that represents the future of computing and communications. One of the most important challenges of IoT is security: protection of data and privacy. The SSL protocol is the de-facto standard for secure Internet communications. The extra energy cost of encrypting and authenticating of the application data with SSL is around 15%. For IoT devices, where energy resources are limited, the increase in the cost of energy is a very significant factor. In this paper we present the energy efficient SSL protocol which ensures the maximum bandwidth and the required level of security with minimum energy consumption. The proper selection of the security level and CPU multiplier, can save up to 85% of the energy required for data encryption.

  12. Novel Multi-Party Quantum Key Agreement Protocol with G-Like States and Bell States

    NASA Astrophysics Data System (ADS)

    Min, Shi-Qi; Chen, Hua-Ying; Gong, Li-Hua

    2018-03-01

    A significant aspect of quantum cryptography is quantum key agreement (QKA), which ensures the security of key agreement protocols by quantum information theory. The fairness of an absolute security multi-party quantum key agreement (MQKA) protocol demands that all participants can affect the protocol result equally so as to establish a shared key and that nobody can determine the shared key by himself/herself. We found that it is difficult for the existing multi-party quantum key agreement protocol to withstand the collusion attacks. Put differently, it is possible for several cooperated and untruthful participants to determine the final key without being detected. To address this issue, based on the entanglement swapping between G-like state and Bell states, a new multi-party quantum key agreement protocol is put forward. The proposed protocol makes full use of EPR pairs as quantum resources, and adopts Bell measurement and unitary operation to share a secret key. Besides, the proposed protocol is fair, secure and efficient without involving a third party quantum center. It demonstrates that the protocol is capable of protecting users' privacy and meeting the requirement of fairness. Moreover, it is feasible to carry out the protocol with existing technologies.

  13. Novel Multi-Party Quantum Key Agreement Protocol with G-Like States and Bell States

    NASA Astrophysics Data System (ADS)

    Min, Shi-Qi; Chen, Hua-Ying; Gong, Li-Hua

    2018-06-01

    A significant aspect of quantum cryptography is quantum key agreement (QKA), which ensures the security of key agreement protocols by quantum information theory. The fairness of an absolute security multi-party quantum key agreement (MQKA) protocol demands that all participants can affect the protocol result equally so as to establish a shared key and that nobody can determine the shared key by himself/herself. We found that it is difficult for the existing multi-party quantum key agreement protocol to withstand the collusion attacks. Put differently, it is possible for several cooperated and untruthful participants to determine the final key without being detected. To address this issue, based on the entanglement swapping between G-like state and Bell states, a new multi-party quantum key agreement protocol is put forward. The proposed protocol makes full use of EPR pairs as quantum resources, and adopts Bell measurement and unitary operation to share a secret key. Besides, the proposed protocol is fair, secure and efficient without involving a third party quantum center. It demonstrates that the protocol is capable of protecting users' privacy and meeting the requirement of fairness. Moreover, it is feasible to carry out the protocol with existing technologies.

  14. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography

    PubMed Central

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. PMID:27163786

  15. Biometrics based authentication scheme for session initiation protocol.

    PubMed

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

  16. Insecurity of position-based quantum-cryptography protocols against entanglement attacks

    DOE Office of Scientific and Technical Information (OSTI.GOV)

    Lau, Hoi-Kwan; Lo, Hoi-Kwong

    2011-01-15

    Recently, position-based quantum cryptography has been claimed to be unconditionally secure. On the contrary, here we show that the existing proposals for position-based quantum cryptography are, in fact, insecure if entanglement is shared among two adversaries. Specifically, we demonstrate how the adversaries can incorporate ideas of quantum teleportation and quantum secret sharing to compromise the security with certainty. The common flaw to all current protocols is that the Pauli operators always map a codeword to a codeword (up to an irrelevant overall phase). We propose a modified scheme lacking this property in which the same cheating strategy used to underminemore » the previous protocols can succeed with a rate of at most 85%. We prove the modified protocol is secure when the shared quantum resource between the adversaries is a two- or three-level system.« less

  17. A potential application in quantum networks—Deterministic quantum operation sharing schemes with Bell states

    NASA Astrophysics Data System (ADS)

    Zhang, KeJia; Zhang, Long; Song, TingTing; Yang, YingHui

    2016-06-01

    In this paper, we propose certain different design ideas on a novel topic in quantum cryptography — quantum operation sharing (QOS). Following these unique ideas, three QOS schemes, the "HIEC" (The scheme whose messages are hidden in the entanglement correlation), "HIAO" (The scheme whose messages are hidden with the assistant operations) and "HIMB" (The scheme whose messages are hidden in the selected measurement basis), have been presented to share the single-qubit operations determinately on target states in a remote node. These schemes only require Bell states as quantum resources. Therefore, they can be directly applied in quantum networks, since Bell states are considered the basic quantum channels in quantum networks. Furthermore, after analyse on the security and resource consumptions, the task of QOS can be achieved securely and effectively in these schemes.

  18. Autovibration and chaotic motion of an unbalanced rotor in massive non-linear compliant supports

    NASA Astrophysics Data System (ADS)

    Pasynkova, I. A.; Stepanova, P. P.

    2018-05-01

    Stability loss scenarios of an unbalanced rotor with a flexible massless shaft mounted in massive non-linear compliant supports are studied on the example of cylindrical precession. Dyffing type of non-linearity in compliant supports is considered. The system "rotor - supports" has eight degrees of freedom. Internal and external friction are taken into account. Autovibrations and chaotic vibrations are obtained. The results are confirmed by numerical check.

  19. Protocol vulnerability detection based on network traffic analysis and binary reverse engineering.

    PubMed

    Wen, Shameng; Meng, Qingkun; Feng, Chao; Tang, Chaojing

    2017-01-01

    Network protocol vulnerability detection plays an important role in many domains, including protocol security analysis, application security, and network intrusion detection. In this study, by analyzing the general fuzzing method of network protocols, we propose a novel approach that combines network traffic analysis with the binary reverse engineering method. For network traffic analysis, the block-based protocol description language is introduced to construct test scripts, while the binary reverse engineering method employs the genetic algorithm with a fitness function designed to focus on code coverage. This combination leads to a substantial improvement in fuzz testing for network protocols. We build a prototype system and use it to test several real-world network protocol implementations. The experimental results show that the proposed approach detects vulnerabilities more efficiently and effectively than general fuzzing methods such as SPIKE.

  20. Evaluating Library Security Problems and Solutions.

    ERIC Educational Resources Information Center

    Nicely, Chris

    1993-01-01

    Discusses different types of security systems for libraries and explains the differences between electromagnetic, radio-frequency, and microwave technologies. A list of questions to assist in system evaluation is provided; and preventive measures used to curtail theft and protocol for handling situations that trigger security alarms are included.…