Your search keyword '"Authorization"' showing total 11,378 results

101. Protecting Cyber-Physical System Testbeds from Red-Teaming/Blue-Teaming Experiments Gone Awry

Author

Talukder, Md Rakibul Hasan, Amin, Md Al, Ray, Indrajit, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Su, Chunhua, editor, Gritzalis, Dimitris, editor, and Piuri, Vincenzo, editor

Published

2022

102. Physical Layer Security Challenges and Solutions for Beyond 5G Fog Computing Networks

Author

Brighente, Alessandro, Conti, Mauro, Mohammadnia, Foroogh, Fortino, Giancarlo, Series Editor, Liotta, Antonio, Series Editor, Bhatt, Chintan, editor, Wu, Yulei, editor, Harous, Saad, editor, and Villari, Massimo, editor

Published

2022

103. A Survey on Designing a Secure Smart Healthcare System with Blockchain

Author

Chauhan, Neelam, Dwivedi, Rajendra Kumar, Xhafa, Fatos, Series Editor, Shakya, Subarna, editor, Ntalianis, Klimis, editor, and Kamel, Khaled A., editor

Published

2022

104. Dynamic Offline TrustZone Virtual Credit Card Generator for Financial Transactions

Author

Salman, Ammar S., Du, Wenliang Kevin, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, and Arai, Kohei, editor

Published

2022

105. Transparent Blockchain-Based Electronic Voting System: A Smart Voting Using Ethereum

Author

Islam, Md. Tarequl, Hasan, Md. Sabbir, Sikder, Abu Sayed, Hossain, Md. Selim, Azad, Mir Mohammad, Xhafa, Fatos, Series Editor, Raj, Jennifer S., editor, Kamel, Khaled, editor, and Lafata, Pavel, editor

Published

2022

106. Attribute-Based Access Control Policy Review in Permissioned Blockchain

Author

Lawal, Sherifdeen, Krishnan, Ram, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Krishnan, Ram, editor, Rao, H. Raghav, editor, Sahay, Sanjay K., editor, Samtani, Sagar, editor, and Zhao, Ziming, editor

Published

2022

107. Granularity and Usability in Authorization Policies

Author

Zhang, Boyun, Gill, Puneet, Mihai, Nelu, Tripunitara, Mahesh, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Meng, Weizhi, editor, and Katsikas, Sokratis K., editor

Published

2022

108. Rethinking Access Control Mechanism for Ubiquitous Computing

Author

Mhetre, Nalini, Deshpande, A. V., Mahalle, Parikshit N., Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Tuba, Milan, editor, Akashe, Shyam, editor, and Joshi, Amit, editor

Published

2022

109. Cloud Security: The Future of Data Storage

Author

Bajaj, Parv, Arora, Ritika, Khurana, Mehak, Mahajan, Shilpa, Xhafa, Fatos, Series Editor, Khanna, Kavita, editor, Estrela, Vania Vieira, editor, and Rodrigues, Joel José Puga Coelho, editor

Published

2022

110. Security in Embedded Systems

Author

Murti, KCS, Chakrabarti, Amlan, Series Editor, and Murti, KCS

Published

2022

111. The Challenges of Prosumers

Author

Attila Szora TAMAȘ, Ramona-Ionela HARAGUȘ, Dan Mihai MUREȘAN, and Marian IRIMIA

Subjects

economic activity, independent natural person, income tax, authorization, vat, Finance, HG1-9999

Abstract

In response to the difficulties and disruptions in the world energy market caused by Russia's invasion of Ukraine, the European Commission presented the REPowerEU plan ”. REPowerEU is a plan to: saving energy; production of clean energy; diversification of our energy sources. It is backed by financial and legal measures to build the new infrastructure and energy system that Europe needs .This proposal includes a legal obligation to install solar panels on new buildings and encourages countries to cut red tape, provide incentives and inform citizens about how they can become prosumers. It is truly a revolutionary proposition . On the national level, "Taking into account the new AFM Green House Photovoltaic 2021 program, assuming the maintenance of the growth trend recorded in 2021 in the number of prosumers, it is forecasted for the end of 2022 the existence of about 30,000 prosumers", stated the representatives of the National Authority of Energy Regulation (ANRE). The growth enjoyed by the market of small energy consumers who have made the leap to their own small-scale production is astonishing.

Published

2022

112. Temporary Imprisonment Sentence for the Debtor Claiming Insolvency from the Perspective of Iranian Jurisprudence and Law

Author

Mohammad Reza Rezvan Talab, Davood Darrehshiri, and Seyyed Moein Javadi

Subjects

debtor, insolvency, imprisonment, authorization, detention, dowry, Islamic law, KBP1-4860

Abstract

The possibility of using criminal tools in legal affairs is a matter of dispute between jurists. If a person is accused of committing a crime, the possibility of his arrest has been accepted in some cases, but the use of such punitive measures in legal matters requires the examination of its authorization or prohibition from a jurisprudential and legal perspective. The conflict of rights between creditors and debtors has led to disagreements in this regard. Considering that the principle in initial treatment of individuals is that their actions are based on integrity and innocence, it seems that if the debtor claims insolvency, it will not be possible to detain him until the truth or falsity of his claim is proven. Imami and Sunni jurists have also examined this matter- an examination of the evidence of their rulings will also demonstrate that it is not possible to order the arrest of a debtor claiming insolvency. In this article, the correct ruling in this case will be determined through the epistemology of this important point of view from perspectives of the jurists of both sects and judging the proposed opinions. Noting the correct theory in jurisprudence, we will provide a detail interpretation of the relevant laws applicable to the debtor claiming insolvency.

Published

2022

113. Temporary Imprisonment Sentence for the Debtor Claiming Insolvency from the Perspective of Iranian Jurisprudence and Law

Author

Ali Rashidi, Maryam Aqai Bejestani, and mohamad rohani mogadm

Subjects

debtor, insolvency, imprisonment, authorization, detention, dowry, Islamic law, KBP1-4860

Abstract

The possibility of using criminal tools in legal affairs is a matter of dispute between jurists. If a person is accused of committing a crime, the possibility of his arrest has been accepted in some cases, but the use of such punitive measures in legal matters requires the examination of its authorization or prohibition from a jurisprudential and legal perspective. The conflict of rights between creditors and debtors has led to disagreements in this regard. Considering that the principle in initial treatment of individuals is that their actions are based on integrity and innocence, it seems that if the debtor claims insolvency, it will not be possible to detain him until the truth or falsity of his claim is proven. Imami and Sunni jurists have also examined this matter- an examination of the evidence of their rulings will also demonstrate that it is not possible to order the arrest of a debtor claiming insolvency. In this article, the correct ruling in this case will be determined through the epistemology of this important point of view from perspectives of the jurists of both sects and judging the proposed opinions. Noting the correct theory in jurisprudence, we will provide a detail interpretation of the relevant laws applicable to the debtor claiming insolvency.

Published

2022

114. THE PROBLEM OF ACCESS TO PRIVATELY OWNED LANDS DURING THE EXERCISE OF THE RIGHT TO HUNTING

Author

Grigore ARDELEAN

Subjects

environment, game fund, hunting, property right, economic activity, authorization, wildlife., Private international law. Conflict of laws, K7000-7720, Jurisprudence. Philosophy and theory of law, K201-487

Abstract

It has always been known to each of us that since the appearance of the human being, the most important and first source of existence for the primitive people was the food acquired by hunting. What is true, it has turned with time out of human necessity into their occupation, an activity called - hunting, and nowadays it has reduced to the status of a leisure occupation, a hobby, a fashionable occupation of rich people. Obviously, taking into account the importance of the fauna of hunting interest for the environment and society, the need for legal regulation of the hunting field was felt, where clear rules are established for the subjects interested in this activity, and as a consequence, also specific competences for those who were to supervise the observance of the legislation in hunting matters. Although initially, regarding the lands that are the object of the hunting fund, the issue of ownership over them was not discussed, later it was found by some that passing through privately owned lands for the purpose of hunting, is a violation of the rights and interests of the owners. Respectively, whether or not this is a violation of the rights of the land owners or maybe it is an obstruction of the rights of the hunters, remains an open problem in front of doctrinaires and practitioners who require complex research.

Published

2022

115. A Privacy-Preserving System Design for Digital Presence Protection.

Author

Yocam, Eric, Alomari, Ahmad, Gawanmeh, Amjad, and Mansoor, Wathiq

Subjects

SYSTEMS design, DATA privacy, ACCESS control, DIGITAL preservation, FACIAL expression

Abstract

A person’s privacy has become a growing concern, given the nature of an expansive reliance on real-time video activities with video capture, stream, and storage. This paper presents an innovative system design based on a privacy-preserving model. The proposed system design is implemented by employing an enhanced capability that overcomes today’s single parameterbased access control protection mechanism for digital privacy preservation. The enhanced capability combines multiple access control parameters: facial expression, resource, environment, location, and time. The proposed system design demonstrated that a person’s facial expressions combined with a set of access control rules can achieve a person’s privacy-preserving preferences. The findings resulted in different facial expressions successfully triggering a person’s face to be blurred and a person’s privacy when using a real-time video conferencing service captured from a webcam or virtual webcam. A comparison analysis of capabilities between existing designs and the proposed system design shows enhancement of the capabilities of the proposed system. A series of experiments exercising the enhanced, real-time multi-parameterbased system was shown as a viable path forward for preserving a person’s privacy while using a webcam or virtual webcam to capture, stream, and store videos. [ABSTRACT FROM AUTHOR]

Published

2023

116. DIdM-EIoTD: Distributed Identity Management for Edge Internet of Things (IoT) Devices.

Author

Sadique, Kazi Masum, Rahmani, Rahim, and Johannesson, Paul

Subjects

*INTERNET of things, *IDENTITY management systems, *BLOCKCHAINS, *DATA privacy, *SMART devices

Abstract

The Internet of Things (IoT) paradigm aims to enhance human society and living standards with the vast deployment of smart and autonomous devices, which requires seamless collaboration. The number of connected devices increases daily, introducing identity management requirements for edge IoT devices. Due to IoT devices' heterogeneity and resource-constrained configuration, traditional identity management systems are not feasible. As a result, identity management for IoT devices is still an open issue. Distributed Ledger Technology (DLT) and blockchain-based security solutions are becoming popular in different application domains. This paper presents a novel DLT-based distributed identity management architecture for edge IoT devices. The model can be adapted with any IoT solution for secure and trustworthy communication between devices. We have comprehensively reviewed popular consensus mechanisms used in DLT implementations and their connection to IoT research, specifically identity management for Edge IoT devices. Our proposed location-based identity management model is generic, distributed, and decentralized. The proposed model is verified using the Scyther formal verification tool for security performance measurement. SPIN model checker is employed for different state verification of our proposed model. The open-source simulation tool FobSim is used for fog and edge/user layer DTL deployment performance analysis. The results and discussion section represents how our proposed decentralized identity management solution should enhance user data privacy and secure and trustworthy communication in IoT. [ABSTRACT FROM AUTHOR]

Published

2023

117. Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study.

Author

Rahaman, Md Shahidur, Tisha, Sadia Nasrin, Song, Eunjee, and Cerny, Tomas

Subjects

*ACCESS control, *DESIGN services, *SOFTWARE architecture

Abstract

Protecting the resources of a cloud-native application is essential to meet an organization's security goals. Cloud-native applications manage thousands of user requests, and an organization must employ a proper access control mechanism. However, unfortunately, developers sometimes grumble when designing and enforcing access decisions for a gigantic scalable application. It is sometimes complicated to choose the potential access control model for the system. Cloud-native software architecture has become an integral part of the industry to manage and maintain customer needs. A microservice is a combination of small independent services that might have hundreds of parts, where the developers must protect the individual services. An efficient access control model can defend the respective services and consistency. This study intends to comprehensively analyze the current access control mechanism and techniques utilized in cloud-native architecture. For this, we present a systematic mapping study that extracts current approaches, categorizes access control patterns, and provides developers guidance to meet security principles. In addition, we have gathered 234 essential articles, of which 29 have been chosen as primary studies. Our comprehensive analysis will guide practitioners to identify proper access control mechanisms applicable to ensuring security goals in cloud-native architectures. [ABSTRACT FROM AUTHOR]

Published

2023

118. Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History.

Author

Bucko, Ahmet, Vishi, Kamer, Krasniqi, Bujar, and Rexha, Blerim

Subjects

WEB-based user interfaces, BIOMETRIC identification, INTERNET protocol address, DATABASES, PROGRAMMING languages, TRUST

Abstract

The rapid growth of the web has transformed our daily lives and the need for secure user authentication and authorization has become a crucial aspect of web-based services. JSON Web Tokens (JWT), based on RFC 7519, are widely used as a standard for user authentication and authorization. However, these tokens do not store information about the user's behavior history. To address this issue, this paper presents a solution to enhance the trustworthiness of user authentication in web applications based on their behavior history. The solution considers factors such as the number of password attempts, IP address consistency, and user agent type and assigns a weight or percentage to each. These weights are summed up and stored in the user's account, and updated after each transaction. The proposed approach was implemented using the.NET framework, C# programming language, and PostgreSQL database. The results show that the proposed solution effectively increases the level of trust in user authentication. The paper concludes by highlighting the strengths and limitations of the proposed solution. [ABSTRACT FROM AUTHOR]

Published

2023

119. Regulatory Requirements for Exporting Cosmetic Products to Extra-EU Countries.

Author

Morel, Silvia, Sapino, Simona, Peira, Elena, Chirio, Daniela, and Gallarate, Marina

Subjects

COSMETICS, ANIMAL experimentation, INTERNATIONAL trade, BORDER trade

Abstract

In this study, an overview of the regulations in force in some extra-EU states belonging to different geoeconomic areas is provided, starting from the current EU legislation on cosmetic products. We focused on their legislative frameworks and the location of the relevant regulatory documentation. Furthermore, for each state considered, our analysis examined the notification/authorization processes, approaches to animal testing, and allowed/prohibited ingredient lists, as these aspects are considered to be among the primary restrictions hindering the cosmetic market. It can be observed that many states are working towards standardising their regulations to promote greater international trade. However, it is essential to recognize that different countries belonging to distinct geoeconomic areas may have unique requirements, and harmonization may not necessarily be the best solution. It is crucial to consider different needs and preferences when approaching the global regulation of the cosmetic industry. [ABSTRACT FROM AUTHOR]

Published

2023

120. NACDA: Naming-Based Access Control and Decentralized Authorization for Secure Many-to-Many Data Sharing.

Author

Li, Minghui, Xue, Jingfeng, Wang, Yong, Ma, Rui, and Huo, Wei

Subjects

INFORMATION sharing, ACCESS control, WEARABLE technology, PERSONALLY identifiable information, COMMUNICATION models

Abstract

The rapid development of wearable technology has facilitated the collection and sharing of health data, allowing patients to benefit from caretakers and medical research. However, these personal health data often contain sensitive information and it is typically not known in advance with whom the information will be shared. Therefore, messages must be encrypted and shared while adhering to the decoupled communication model. This paper presents NACDA, a secure many-to-many data-sharing service on the Named Data Network (NDN). NACDA uses Identity-Based Encryption with Wildcard Key Derivation (WKD-IBE) to allow naming-based access control, enabling data subjects to share data securely and flexibly regardless of the data processor. In addition, NACDA supplements a decentralized authorization mechanism with blockchain to ensure data subjects' data ownership and enforce access policies. We developed an NDN-based prototype and performed a security analysis to demonstrate NACDA's feasibility. [ABSTRACT FROM AUTHOR]

Published

2023

121. DAuth—Delegated Authorization Framework for Secured Serverless Cloud Computing.

Author

Padma, P. and Srinivasan, S.

Subjects

CLOUD computing, OPERATING costs

Abstract

Serverless computing which is known as Function as a service becomes a new form of cloud computing. In recent days it enables the components of cloud applications to run on multiple servers in order to provide various functionalities. However, the performance of such applications depends on various modules including the control mechanism of the application. There is a significant reduction in the response time and the ensuing operating costs as the functions are consumed based on need. The most common authorization standards used in Cloud Computing Services nowadays are Open Authorization (commonly referred to as OAuth), OpenID and Security Assertion Markup language. But, the above identity management mechanisms cause additional security vulnerabilities because of their open nature of identity federation. In order to eliminate such vulnerabilities, we have proposed in this paper a novel access named D-Auth which provides both authentication and authorization for serverless computing by introducing Server based with OTP and token authentication in serverless platform by generating D-Auth Tokens and cross sectional Comparative analysis is done between existing and proposed solution to validate the improvement in the protection of Identity management. It considerably reduces security threads by offloading the Identity management to in-premise servers. It enables the organization to implement their own security policies depending on their requirements. [ABSTRACT FROM AUTHOR]

Published

2023

122. Procedura de autorizare a medicamentelor din plante medicinale cu utilizare tradiţională.

Author

Ohîi, Clementina and Blebea, Nicoleta-Mirela

Abstract

The plants have been used since ancient times to prevent and treat diseases. To guarantee the safety, effectiveness and quality of herbal medicines products, European Union legislation regulates this authorization and placement on the market. Herbal medicines with traditional use may benefit from a simplified authorization procedure. This procedure is intended for herbal medicines with a long tradition of medical use, administered orally, externally and/or by inhalation, without the need for medical supervision. Some products may have a long tradition as medicinal products, but do not meet the conditions for authorization through the simplified authorization procedure. In order to protect public health, the basic conditions of the simplified registration procedure should be maintained. [ABSTRACT FROM AUTHOR]

Published

2023

123. A Role-Attribute Based Access Control Model for Dynamic Access Control in Hadoop Ecosystem.

Author

idar, Hafsa Ait, Belhadaoui, Hicham, Filali, Reda, and Malassé, Olaf

Subjects

ACCESS control, DYNAMIC models, BIG data, ELECTRONIC data processing

Abstract

Big Data is a term used to describe large and hard-to-handle amounts of data that overwhelm businesses on a daily basis. Apache Hadoop has emerged as a leading framework for storing and processing Big Data in a timely fashion. Hadoop is used in various sectors that often include private and sensitive data, which must be protected from unauthorized access. This paper proposes a new access control model called the Role-Attribute Based Access Control for Hadoop, referred to as HRABAC, which inherits full advantages of RBAC and ABAC models. This hybrid model enforces access control policies dynamically based on user roles and data attributes. We further outline the necessary modification to XACML authorization policies to meet the security and privacy needs of Hadoop. In addition, we present a real-world use case and application of the H-RABAC model in the banking domain, followed by experimental results that show that the overhead imposed by our framework is minimal and acceptable for enforcing access control policies and protecting sensitive data in Hadoop. [ABSTRACT FROM AUTHOR]

Published

2023

124. Authentication and Authorization of Users and Services in Dynamic Military SOA Environments

Author

Bartosz Jasiul, Joanna Śliwa, Rafał Piotrowski, and Robert Goniacz

Subjects

authentication, authorization, military networks, SOA, web services, Telecommunication, TK5101-6720, Information technology, T58.5-58.64

Abstract

The problem of user authentication and authorization is usually being solved in a single system. Federated environment assumes heterogeneity of systems, which brings the problem of mutual users and services authentication and authorization. In this article the authors presented security requirements for cross domain information exchange in federated environments and a method of secure access to information resources on the basis of web services. Special attentionwas paid to authentication and authorization of users and services. As opportunities, there were presented solutions verified in multinational experimentations and exercises.

Published

2023

125. Blockchain-based cross-domain authorization system for user-centric resource sharing

Author

Yuki Ezawa, Shohei Kakei, Yoshiaki Shiraishi, Masami Mohri, and Masakatu Morii

Subjects

Access control, Authorization, Blockchain, Hyperledger fabric, User-managed access, Information technology, T58.5-58.64

Abstract

User-centric data sharing is essential to encourage citizens' active participation in the digital economy. One key to smart cities, a form of the digital economy, is the promotion of public use of citizen data. Nevertheless, it is not easy to utilize data without citizens’ consent. In this study, we took a technological approach to these issues. User-managed access (UMA) is a well-known framework for delegating resource access rights to others on the Internet. In UMA, authorization mechanisms are designed to be centralized so that resource owners can centrally manage access rights for various resources stored in different domains. However, the lack of transparency in the authorization mechanism is a barrier to its implementation in large-scale systems such as smart cities. In this study, we developed a blockchain-based cross-domain authorization architecture that enables a resource-sharing ecosystem in which organizations that wish to utilize data can freely trade with each other. The proposed architecture solves the transparency problem that conventional authorization systems have had by designing the authorization mechanism on blockchain technology. We implemented the proposed architecture as smart contracts and evaluated its processing performance. The resultant time required for delegating access rights and accessing resources was less than 500 ​ms. Furthermore, we found that the fluctuation in the processing time overhead was small. Based on these results, we concluded that performance degradation with the proposed architecture is minor.

Published

2023

126. President’s Power, Transition, and Good Governance

Author

Zainal Arifin Mochtar and Kardiansyah Afkar

Subjects

authorization, president, transition, good governance, indonesia, Law

Abstract

This study aims to analyze the President's power and the threat attached to it during the transition of the inter-election period and the concept of the legal framework in Indonesia's legal system. It also provides the need to be performed in the future to ensure that the President does not abuse this power. The matter raises a series of problems regarding the government's authority during the election transition period. This research will provide comparative studies with Ghana, Liberia, and the United States to understand the President's power in the Indonesian constitutional system. This research was conducted using doctrinal research methods, or normative legal research. In reviewing a legal issue, a doctrinal research method analyzes positive law, related cases, and other relevant references. The results showed that the President's power during the election transition period needs to be regulated in the constitution. Furthermore, the arrangement has to be enforced technically in the form of a presidential transition law.

Published

2022

127. Characteristics of a resolution authorizing an executive body of a local self-government unit to amend a budget in order to implement tasks related to assistance to Ukrainian citizens in connection with an armed conflict

Author

Piotr Solka

Subjects

local government, act of local law, resolution, authorization, ukraine, Comparative law. International uniform law, K520-5582, Political institutions and public administration (General), JF20-2112

Abstract

This article presents a right introduced to the legal system addressed to decision-making bodies of a local government to authorize wójt (a head of a commune) to change budget in relation to providing help to Ukrainian citizens. Considerations focus on determining the normative nature of a resolution adopted pursuant to Article 111 u.p.o.u. and the delineation of boundaries of matters transferred to the delegation. Particular attention in the article is devoted to a possibility of implementing the aid sub delegation into the local law system, as well as a relationship in which the resolution delegating the right included in the act to the resolution implementing this right in the scope of the activities of the decision-making body remains.

Published

2022

128. Autorizarea produselor medicinale veterinar în contextul noilor reglementari Europene / nationale

Author

Nica Andrei-George

Subjects

a.u.v. drug, authorization, u.e. regulations, Animal culture, SF1-1100, Veterinary medicine, SF600-1100

Abstract

The presentation is an update of the aspects specific to the connection/adoption of the Romanian legislation of the field to that of the EU, respectively EU Regulation 2019/6, of the EU Parliament and of the Council of 11 December 2018, regarding veterinary medicinal products, where they have treated Article 6: Submission of applications for marketing authorizations; Art. 46: Scope of the marketing authorization granted by national procedure, Art. 47: National procedure for granting marketing authorization. It also presents the possible advantages of a national legislative procedure as well as proposals to ease the process of changing the conditions of authorization and variations that require evaluation, as a means of advising small and medium enterprises.

Published

2022

129. SST v1.0.0 with C API: Pluggable security solution for the Internet of Things

Author

Dongha Kim, Yeongbin Jo, Taekyung Kim, and Hokeun Kim

Subjects

Security, Internet of Things, API, Usability, Authorization, Distributed systems, Computer software, QA76.75-76.765

Abstract

The Internet of things (IoT) integrates heterogeneous computing devices, allowing each node to communicate with one another. However, the connected “things” raise security challenges that need protection for IoT devices from network-based attacks. As an integrated solution, Secure Swarm Toolkit (SST) provides authorization infrastructure that addresses the security requirements of IoT devices. The pre-release version of SST primarily provided the Node.js and JavaScript-based API for programming IoT nodes (network entities) using the SST’s infrastructure. This new release introduces easy-to-use C API functions, making SST more usable on bare-metal platforms such as embedded microcontrollers without middleware, including operating systems. In this paper, we release the first official version (v1.0.0) of SST and propose a new set of C API as a pluggable security solution for the IoT. Our new C API is easy to use and supports resource-constrained IoT systems such as bare-metal embedded computers where middleware or operating systems are unavailable. For evaluation, we present an example IoT system using SST in practical IoT environments with WiFi-connected embedded devices, providing essential security processes, authentication, and authorization, of IoT devices with a minimal execution-time overhead of less than 10% and linear communication overhead, compared to the system without any security. Thanks to the proposed C API, we expect SST to be applied to existing IoT software platforms more easily.

Published

2023

130. Access Control for IoT: A Survey of Existing Research, Dynamic Policies and Future Directions.

Author

Ragothaman, Kaushik, Wang, Yong, Rimal, Bhaskar, and Lawrence, Mark

Subjects

*ACCESS control, *INTERNET of things

Abstract

Internet of Things (IoT) provides a wide range of services in domestic and industrial environments. Access control plays a crucial role in granting access rights to users and devices when an IoT device is connected to a network. However, many challenges exist in designing and implementing an ideal access control solution for the IoT due to the characteristics of the IoT including but not limited to the variety of the IoT devices, the resource constraints on the IoT devices, and the heterogeneous nature of the IoT. This paper conducts a comprehensive survey on access control in the IoT, including access control requirements, authorization architecture, access control models, access control policies, access control research challenges, and future directions. It identifies and summarizes key access control requirements in the IoT. The paper further evaluates the existing access control models to fulfill the access control requirements. Access control decisions are governed by access control policies. The existing approaches on dynamic policies' specification are reviewed. The challenges faced by the existing solutions for policies' specification are highlighted. Finally, the paper presents the research challenges and future directions of access control in the IoT. Due to the variety of IoT applications, there is no one-size-fits-all solution for access control in the IoT. Despite the challenges encountered in designing and implementing the access control in the IoT, it is desired to have an access control solution to meet all the identified requirements to secure the IoT. [ABSTRACT FROM AUTHOR]

Published

2023

131. A Secure and Decentralized Authentication Mechanism Based on Web 3.0 and Ethereum Blockchain Technology.

Author

Petcu, Adrian, Pahontu, Bogdan, Frunzete, Madalin, and Stoichescu, Dan Alexandru

Subjects

WORLD Wide Web, BLOCKCHAINS, SOCIAL media, VIRTUAL communities, ONLINE marketplaces

Abstract

Over the past decade, there has been significant evolution in the security field, specifically in the authentication and authorization part. The standard authentication protocol nowadays is OAuth 2.0-based authentication. This method relies on a third-party authentication service provider with complete control over the users' data, which it can filter or modify at will. Blockchain and decentralization have generated much interest in recent years, and the decentralized web is considered the next significant improvement in the world wide web (also known as Web 3.0). Web3 authentication, also known as decentralized authentication, allows for the secure and decentralized authentication of users on the web. The use cases for this technology include online marketplaces, social media platforms, and other online communities that require user authentication. The advantages of Web3 authentication include increased security and privacy for users and the ability for users to have more control over their data. The proposed system implementation uses Ethereum as the blockchain and a modern web stack to enhance user interaction and usability. The solution brings benefits both to the private and the public sector, proving that it has the capability of becoming the preferred authentication mechanism for any decentralized web application. [ABSTRACT FROM AUTHOR]

Published

2023

132. A Blockchain-Based Authentication and Authorization Scheme for Distributed Mobile Cloud Computing Services.

Author

Yu, Linsheng, He, Mingxing, Liang, Hongbin, Xiong, Ling, and Liu, Yang

Subjects

*MOBILE computing, *CLOUD computing, *ACCESS control, *TRUST, *BLOCKCHAINS, *RECORD stores

Abstract

Authentication and authorization constitute the essential security component, access control, for preventing unauthorized access to cloud services in mobile cloud computing (MCC) environments. Traditional centralized access control models relying on third party trust face a critical challenge due to a high trust cost and single point of failure. Blockchain can achieve the distributed trust for access control designs in a mutual untrustworthy scenario, but it also leads to expensive storage overhead. Considering the above issues, this work constructed an authentication and authorization scheme based on blockchain that can provide a dynamic update of access permissions by utilizing the smart contract. Compared with the conventional authentication scheme, the proposed scheme integrates an extra authorization function without additional computation and communication costs in the authentication phase. To improve the storage efficiency and system scalability, only one transaction is required to be stored in blockchain to record a user's access privileges on different service providers (SPs). In addition, mobile users in the proposed scheme are able to register with an arbitrary SP once and then utilize the same credential to access different SPs with different access levels. The security analysis indicates that the proposed scheme is secure under the random oracle model. The performance analysis clearly shows that the proposed scheme possesses superior computation and communication efficiencies and requires a low blockchain storage capacity for accomplishing user registration and updates. [ABSTRACT FROM AUTHOR]

Published

2023

133. Data and Service Security of GNSS Sensors Integrated with Cryptographic Module.

Author

Xu, Changhui, Zhang, Jingkui, Zhang, Zhiyou, Hou, Jianning, and Wen, Xujie

Subjects

GLOBAL Positioning System, IMAGE encryption, DATA security, SECURE Sockets Layer (Computer network protocol), PUBLIC key cryptography, DATA encryption, EMAIL security

Abstract

Navigation and positioning are of increasing importance because they are becoming a new form of infrastructure. To ensure both development and security, this study designed a technical innovation structure to upgrade the GNSS (Global Navigation Satellite System) data transmission and real-time differential correction service system and proposed a new multiple cryptographic fusion algorithm to achieve the encryption and decryption of GNSS data and services. First, a GNSS station encrypts GNSS data with an encryption key and obtains a public key from a GNSS data center to encrypt the GNSS data encryption key. After that, identity authentication of a GNSS station is carried out, and an SSL VPN is established between the GNSS station and a GNSS data center before GNSS data are transmitted to the GNSS data center. Then, the GNSS data center decrypts the received GNSS data. The process of an intelligent terminal for real-time differential corrections is similar to that of the GNSS station and the GNSS data center. A GNSS sensor integrated with a cryptographic module was developed to validate the structure in an open environment. The results showed that the developed GNSS sensor was successful in encrypting the data, and the GNSS data center was able to decrypt the data correctly. For the performance test, a cryptography server was able support the requirements of GNSS applications. However, a cryptography server was optimal in supporting 40~50 GNSS stations simultaneously, whereas a cluster was suggested to be configured if the number of GNSS stations was more than 60. In conclusion, the method was able to ensure the validity, confidentiality, integrity, and non-repudiation of GNSS data and services. The proposed upgrading technology was suitable for coordinating GNSS development and security. [ABSTRACT FROM AUTHOR]

Published

2023

134. Pandemic, Hoaxes and Information Security of Kazakhstan.

Author

Nussipova, Arailym, Aliyarov, Esenzhol, Kabilova, Raushangul, Karymsakova, Katira, and Nuralina, Botakoz

Subjects

INFORMATION technology security, HOAXES, INFORMATION resources management, FALSIFICATION of data, PANDEMICS, DATA integrity

Abstract

The growing share of information technologies in the daily lives of citizens of the Republic of Kazakhstan during the pandemic leads to the fact that various institutions use an increasingly wide range of information elements and mechanisms. The expectations of society are not only to improve the functioning of electronic administration, but also to ensure that all stored data is properly protected from unauthorized access, so that ensuring the security of information processing becomes one of the most important tasks of the State and the public. The purpose of the study is to consider aspects of the functioning of information security in the Republic of Kazakhstan during the pandemic and to identify the factors of reliable information security by state policy in order to distinguish hoaxes from real malicious actions. The methodological approach of the research is institutional, structural–functional, and systemic. Improper management of information security can lead to leakage, loss, or falsification of stored data, paralyzing completely relevant activities. Kazakhstan has made notable advancements in establishing a comprehensive legal framework for cybersecurity, positioning itself ahead of certain Central Asian neighbors. Government agencies develop, install, implement, operate, monitor, and analyze an information security management system, ensuring confidentiality, accessibility, and integrity of information. Information security requires the establishment of comprehensive procedures for all ongoing processes, taking into account the use of personal data. Information is an integral part of society, acting as a strategic resource for creating national security. Kazakhstan has been particularly active in forging collaborations and alliances to bolster their cybersecurity postures. The practical significance lies in the improvement of state measures aimed at protecting information, as well as preventing material, physical, moral, or other damage to the state and society as a result of information activities. [ABSTRACT FROM AUTHOR]

Published

2023

135. Multi-Layer Token Framework for Data Protection in Cloud Computing.

Author

Abrar, M., Bhatti, S. S., and Sheikh, A.

Subjects

CLOUD computing, DATA protection, COMPUTER software testing, DATA privacy, SOFTWARE development tools, CLOUD storage, DATA encryption

Abstract

Today, no one can deny the tremendous effects of cloud computing as it provides access to lot of computing resources including infrastructure, hardware, network, server and applications services to its users. These services are controlled by third party known as Cloud Service Providers. Despite the flexibility and scalability of the cloud computing which has given the business a colossal revolution, privacy is still a major issue which cannot be abolished or ignored. With the development of cloud computing, privacy security issues have become increasingly prominent, which is of concern to industry and academia. Our research progress review the privacy, security and data storage issues of cloud computing. Firstly, we discuss some privacy, security and data storage issues; and then advise an inclusive privacy protection framework by implementing numerous data protection technologies. Secondly, we elaborated the research evolution of some technologies, alike data encryption technique, key and token generation policies at authorization layer, acknowledgement of data at privacy layer and access control and generation of transaction codes at verification layer. Thirdly, we proposed a token generation algorithm. Lastly, we discuss the parameters include in the proposed technique, comparison of token generation base on different attributes, features and strengths and concluded with the possible future research directions. Moreover, PHP language is used for API and RDMS (MySQL) is used as database tool for software development and testing process. Android Studio and Ionic framework was used for frontend development. [ABSTRACT FROM AUTHOR]

Published

2023

136. Michał Głowiński w rozmowie o Kręgach obcości.

Author

BEREŚ, STANISŁAW

Abstract

Copyright of Autobiografia is the property of University of Szczecin Press / Wydawnictwo Naukowe Uniwersytetu Szczecinskiego and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2023

137. Authentication and Authorization in Modern Web Apps for Data Security Using Nodejs and Role of Dark Web.

Author

Pant, Piyush, Rajawat, Anand Singh, Goyal, S.B., Bedi, Pradeep, Verma, Chaman, Raboaca, Maria Simona, and Enescu, Florentina Magda

Subjects

DARKNETS (File sharing), WEB-based user interfaces, DATA security, ARTIFICIAL intelligence, BIOMETRIC identification, BIG data, BANKING industry

Abstract

Authentication and Authorization are the base of security for all the Technologies present in this world today. Starting from your smartphone where a user authenticates himself before he could access the data inside to Entering into the White House, you must authenticate yourself, and based on that you are authorized. In this digital world where every Business, MNC, Government Body, Companies, Users, etc. needs a website to inform the world about their presence on the internet, provide services online and become a "Brand", the risk of leaking user's sensitive information increases. It could be dangerous to the users of the hacked website because their sensitive information like a credit card, bank account details, etc. could be sold in the black market of the "dark web". The role of the dark web is described in the paper and how the data is sold there and what becomes of it. The paper helps to understand how a secure website is developed that promises the user to keep the sensitive information safe, increases the bond of trust between a client and server which results in a long-term relationship. The aim behind developing an authentication system is to keep users' sensitive information safe so that hackers cannot steal and sell the information on the dark web's back market. To perform this, the developer needs to understand how to implement authentication. NodeJS, with the help of its framework expressJS and some other packages, is used to develop the authentication and authorization system of the website by the research. Previous papers on this field covered the authentication topic in general. This paper overcame that by going deeper into the field and being server-side language specific. The common types of authentication methods used in different types of websites are discussed in detail and the best methods are purposed for the developer to be implemented for a more secure website. This research put light on Artificial Intelligence and blockchain as the future of security of big data. [ABSTRACT FROM AUTHOR]

Published

2022

138. FORENSIC FEATURES OF CYBERCRIME.

Author

JITARIUC, Law Vitalie and NASTAS, Law Andrei

Subjects

COMPUTER crimes, INFORMATION technology, FORENSIC sciences

Abstract

At the current stage, the criminalization of the field in which information technologies are applied is experiencing a substantial increase. The mass use of information technology has led to the development of the computer technology market, the rise of the level of professional training of users, the increase in the need to improve data processing technologies, has substantially widened the scope of computers that are increasingly connected to wide access networks. We also record an automated processing of diversified categories of instruments and documents (financial, accounting, tax, etc.). All these moments could not fail to be reflected and not to be found in the criminal activity. Currently, information technology crimes are becoming more widespread. In such circumstances, the presence of the appropriate legislative basis for criminalizing and combating cybercrime is one of the key components of the effective fight against these socially dangerous deeds. However, the imperfection of the legislation favors and facilitates the regeneration and continuous growth of cybercrime. The elaborated study is dedicated to the forensic features of cybercrime, the methodical endowment for their discovery and investigation. The methodical endowment for the investigation of cybercrimes based on the forensic features of these deeds, existing at the moment, does not correspond to the current challenges. The development of particular methods of investigating cybercrime should be based on the initial identification and subsequent characterization (description) of the material elements that represent the structure of these criminal deeds. [ABSTRACT FROM AUTHOR]

Published

2022

139. Audit requirements and expectations, the good and better about mdsap regulations

Author

Sagar, Vidya, Patel, Deepak, Patel, Piyush, Kumar, Anil, Rana, Avni, Trivedi, Bhavin, and Bavisa, Vipul

Published

2022

140. The Role of Regulator-Imposed Post-Approval Studies in Health Technology Assessments for Conditionally Approved Drugs

Author

Rick A. Vreman, Lourens T. Bloem, Stijn van Oirschot, Jarno Hoekman, Menno E. van der Elst, Hubert GM Leufkens, Olaf H. Klungel, Wim G. Goettsch, and Aukje K. Mantel-Teeuwisse

Subjects

conditional, authorization, health technology assessment, post-approval, relative effectiveness, evidence, Public aspects of medicine, RA1-1270

Abstract

BackgroundThe European Medicines Agency (EMA) aims to resolve uncertainties associated with conditionally approved drugs by imposing post-approval studies. Results from these studies may be relevant for health technology assessment (HTA) organizations. This study investigated the role of regulator-imposed post-approval studies within HTA. MethodsFor all conditionally approved drugs up to December 2018, regulator-imposed post-approval studies were identified from EMA’s public assessment reports. The availability for and inclusion of study results in relative effectiveness (re)assessments were analyzed for 4 European HTA organizations: NICE (National Institute for Health and Care Excellence, England/Wales), HAS (Haute Autorité de Santé, France), ZIN (Zorginstituut Nederland, the Netherlands) and the European Network for Health Technology Assessment (EUnetHTA, Europe). When study results became available between an HTA organization’s initial assessment and reassessment, it was evaluated whether and how they affected the assessment and its outcome. ResultsFor 36 conditionally approved drugs, 98 post-approval studies were imposed. In total, 81 initial relative effectiveness assessments (REAs) and 13 reassessments were available, with numbers of drugs (re)assessed varying greatly between jurisdictions. Study results were available for 16 initial REAs (20%) and included in 14 (88%), and available for 10 reassessments (77%) and included in all (100%). Five reassessments had an outcome different from the initial REA, with 4 (2 positive and 2 negative changes) relating directly to the new study results. Reassessments often cited the inability of post-approval studies to resolve the concerns reported in the initial REA. ConclusionResults from regulator-imposed post-approval studies for conditionally approved drugs were not often used in REAs by HTA organizations, because they were often not yet available at the time of initial assessment and because reassessments were scarce. When available, results from post-approval studies were almost always used within HTA, and they have led to changes in conclusions about drugs’ relative effectiveness. Post-approval studies can be relevant within HTA but the current lack of alignment between regulators and HTA organizations limits their potential.

Published

2022

141. IPTV Access Methods with RADIUS-Server Authorization

Author

Maxim Mikhailovich Kovtsur, Ammar Muthanna, Hamza Mohammed Ridha Al-Khafaji, Pavel Karelsky, Alexander Kozmyan, and Grigorii Voroshnin

Subjects

authorization, igmp, ip-tv, multicast, radius, mathematical model, Information resources (General), ZA3040-5185

Abstract

Security is one of the most important aspects of data transmission. To provide controlled access to the network, user authorization and authentication are often used with the help of an AAA server. RADIUS servers provide users with access to data, user authentication, and configuration information. When designing networks with such access control method implementation, it is necessary to understand how the characteristics of the communication channel affect the switching time of IP-TV channels, and therefore the overall quality of IP-TV services. The principles of the main protocols for IP-TV using a RADIUS server are described. The main parameters of the communication channel were identified. The mathematical model and the graphs demonstrate how IP-TV service access time depends on telecommunication channel parameters. The results of a practical experiment are presented to prove the formed mathematical model. The results of a practical experiment and theoretical calculation are compared.

Published

2022

142. Handling Meta Attribute Information in Usage Control Policies (Short Paper)

Author

Dimitrakos, Theo, Dilshener, Tezcan, Kravtsov, Alexander, Marra, Antonio La, Martinelli, Fabio, Rizos, Athanasios, Rosetti, Alessandro, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Saracino, Andrea, editor, and Mori, Paolo, editor

Published

2021

143. Temporal Authorization Graphs: Pros, Cons and Limits

Author

Stojanov, Riste, Popovski, Ognen, Jovanovik, Milos, Zdravevski, Eftim, Lameski, Petre, Trajanov, Dimitar, Akan, Ozgur, Editorial Board Member, Bellavista, Paolo, Editorial Board Member, Cao, Jiannong, Editorial Board Member, Coulson, Geoffrey, Editorial Board Member, Dressler, Falko, Editorial Board Member, Ferrari, Domenico, Editorial Board Member, Gerla, Mario, Editorial Board Member, Kobayashi, Hisashi, Editorial Board Member, Palazzo, Sergio, Editorial Board Member, Sahni, Sartaj, Editorial Board Member, Shen, Xuemin (Sherman), Editorial Board Member, Stan, Mircea, Editorial Board Member, Jia, Xiaohua, Editorial Board Member, Zomaya, Albert Y., Editorial Board Member, Pires, Ivan Miguel, editor, Spinsante, Susanna, editor, Zdravevski, Eftim, editor, and Lameski, Petre, editor

Published

2021

144. Layered Architecture for End-To-End Security, Trust, and Privacy for the Internet of Things

Author

Sadique, Kazi Masum, Johannesson, Paul, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Peng, Sheng-Lung, editor, Hsieh, Sun-Yuan, editor, Gopalakrishnan, Suseendran, editor, and Duraisamy, Balaganesh, editor

Published

2021

145. REACH and CLP: Its Role in Regulatory Toxicology

Author

Aulmann, Walter, Große Hovest, Miriam, Lemm, Davina, Pechacek, Nathan, Reichl, Franz-Xaver, editor, and Schwenk, Michael, editor

Published

2021

146. IoT Honeypot Scanning and Detection System Based on Authorization Mechanism

Author

Li, Ning, Cui, Bo, Liu, Ziyan, Ni, Jinchao, Zhang, Cheng, Kong, Hanzhang, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Zeng, Jianchao, editor, Qin, Pinle, editor, Jing, Weipeng, editor, Song, Xianhua, editor, and Lu, Zeguang, editor

Published

2021

147. Cybersecurity Specialists’ E-learning Problems

Author

Birukov, Svyatoslav, Vasilev, Dmitry, Kokoreva, Lubov, Shmarion, Polina, Nikonovich, Sergey, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Kravets, Alla G., editor, Shcherbakov, Maxim, editor, Parygin, Danila, editor, and Groumpos, Peter P., editor

Published

2021

148. Application of Rules and Authorization Key for Secured Online Training—A Survey

Author

Saxena, Priyanka, Sanyal, Hrithik, Agrawal, Rajneesh, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Shakya, Subarna, editor, Balas, Valentina Emilia, editor, Haoxiang, Wang, editor, and Baig, Zubair, editor

Published

2021

149. Instinctive and Effective Authorization for Internet of Things

Author

Sinha, Nidhi, Sundaram, Meenatchi, Sinha, Abhijit, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Singh, Pradeep Kumar, editor, Wierzchoń, Sławomir T., editor, Tanwar, Sudeep, editor, Ganzha, Maria, editor, and Rodrigues, Joel J. P. C., editor

Published

2021

150. ARCSECURE: Centralized Hub for Securing a Network of IoT Devices

Author

Abeywardena, Kavinga Yapa, Abeykoon, A. M. I. S., Atapattu, A. M. S. P. B., Jayawardhane, H. N., Samarasekara, C. N., Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, and Arai, Kohei, editor

Published

2021