938 resultados para Cryptographic key
Resumo:
This chapter presents a comparative survey of recent key management (key distribution, discovery, establishment and update) solutions for wireless sensor networks. We consider both distributed and hierarchical sensor network architectures where unicast, multicast and broadcast types of communication take place. Probabilistic, deterministic and hybrid key management solutions are presented, and we determine a set of metrics to quantify their security properties and resource usage such as processing, storage and communication overheads. We provide a taxonomy of solutions, and identify trade-offs in these schemes to conclude that there is no one-size-fits-all solution.
Resumo:
Key distribution is one of the most challenging security issues in wireless sensor networks where sensor nodes are randomly scattered over a hostile territory. In such a sensor deployment scenario, there will be no prior knowledge of post deployment configuration. For security solutions requiring pairwise keys, it is impossible to decide how to distribute key pairs to sensor nodes before the deployment. Existing approaches to this problem are to assign more than one key, namely a key-chain, to each node. Key-chains are randomly drawn from a key-pool. Either two neighboring nodes have a key in common in their key-chains, or there is a path, called key-path, among these two nodes where each pair of neighboring nodes on this path has a key in common. Problem in such a solution is to decide on the key-chain size and key-pool size so that every pair of nodes can establish a session key directly or through a path with high probability. The size of the key-path is the key factor for the efficiency of the design. This paper presents novel, deterministic and hybrid approaches based on Combinatorial Design for key distribution. In particular, several block design techniques are considered for generating the key-chains and the key-pools.
Resumo:
To protect the health information security, cryptography plays an important role to establish confidentiality, authentication, integrity and non-repudiation. Keys used for encryption/decryption and digital signing must be managed in a safe, secure, effective and efficient fashion. The certificate-based Public Key Infrastructure (PKI) scheme may seem to be a common way to support information security; however, so far, there is still a lack of successful large-scale certificate-based PKI deployment in the world. In addressing the limitations of the certificate-based PKI scheme, this paper proposes a non-certificate-based key management scheme for a national e-health implementation. The proposed scheme eliminates certificate management and complex certificate validation procedures while still maintaining security. It is also believed that this study will create a new dimension to the provision of security for the protection of health information in a national e-health environment.
Resumo:
Secure communications between large number of sensor nodes that are randomly scattered over a hostile territory, necessitate efficient key distribution schemes. However, due to limited resources at sensor nodes such schemes cannot be based on post deployment computations. Instead, pairwise (symmetric) keys are required to be pre-distributed by assigning a list of keys, (a.k.a. key-chain), to each sensor node. If a pair of nodes does not have a common key after deployment then they must find a key-path with secured links. The objective is to minimize the keychain size while (i) maximizing pairwise key sharing probability and resilience, and (ii) minimizing average key-path length. This paper presents a deterministic key distribution scheme based on Expander Graphs. It shows how to map the parameters (e.g., degree, expansion, and diameter) of a Ramanujan Expander Graph to the desired properties of a key distribution scheme for a physical network topology.
Resumo:
Sustainability, safety and smartness are three key elements of a modern transportation system. This study illustrates various policy directions and initiatives of Singapore to address how its transportation system is progressing in light of these three components. Sustainability targets economical efficiency, environmental justice and social equity by including policies for integrating land use and transport planning, ensuring adequate transport supply measures, managing travel demand efficiently, and incorporating environment-friendly strategies. Safety initiatives of its transportation system aim to minimize injuries and incidents of all users including motorists, public transport commuters, pedestrians, and bicyclists. Smartness incorporates qualities like real time sensing, fast processing and decision making, and automated action-taking into its control, monitoring, information management and revenue collection systems. Various policy implications and technology applications along these three directions reveal that smart technologies facilitate implementation of policies promoting sustainability and safety. The Singapore experience could serve as a good reference for other cities in promoting a transportation system that is sustainable, safe and smart.
Resumo:
Purpose – Integrated supplier management (ISM), new product development (NPD) and knowledge sharing (KS) practices are three primary business activities utilised to enhance manufacturers' business performance (BP). The purpose of this paper is to empirically investigate the relationships between these three business activities (i.e. ISM, NPD, KS) and BP in a Taiwanese electronics manufacturing context. Design/methodology/approach – A questionnaire survey is first administered to a sample of electronic manufacturing companies operating in Taiwan to elicit the opinions of technical and managerial professionals regarding business activities and BP within their companies. A total of 170 respondents from 83 companies respond to the survey. Factor, correlation and path analysis are undertaken on this quantitative data set to derive the key factors which leverage business outcomes in these companies. Following empirical analysis, six semi-structured interviews are undertaken with manufacturing executives to provide qualitative insights into the underlying reasons why certain business activity factors are the strongest predictors of BP. Findings – The investigation shows that the ISM, NPD and KS constructs all play an important role in the success of company operations and creating business outcomes. Specifically, the key factors within these constructs which influenced BP are: supplier evaluation and selection; design simplification and modular design; information technology infrastructure and systems and open communication. Accordingly, sufficient financial and human resources should be allocated to these important activities to derive accelerated rates of improved BP. These findings are supported by the qualitative interviews with manufacturing executives. Originality/value – The paper depicts the pathways to improved manufacturing BP, through targeting efforts into the above-mentioned factors within the ISM, NPD and KS constructs. Based on the empirical path model, and the specific insights derived from the explanatory interviews with manufacturing executives, the paper also provides a number of practical implications for manufacturing companies seeking to enhance their BP through improved operational activities.
Resumo:
In the modern connected world, pervasive computing has become reality. Thanks to the ubiquity of mobile computing devices and emerging cloud-based services, the users permanently stay connected to their data. This introduces a slew of new security challenges, including the problem of multi-device key management and single-sign-on architectures. One solution to this problem is the utilization of secure side-channels for authentication, including the visual channel as vicinity proof. However, existing approaches often assume confidentiality of the visual channel, or provide only insufficient means of mitigating a man-in-the-middle attack. In this work, we introduce QR-Auth, a two-step, 2D barcode based authentication scheme for mobile devices which aims specifically at key management and key sharing across devices in a pervasive environment. It requires minimal user interaction and therefore provides better usability than most existing schemes, without compromising its security. We show how our approach fits in existing authorization delegation and one-time-password generation schemes, and that it is resilient to man-in-the-middle attacks.
Resumo:
Purpose: Within the context of high global competitiveness, knowledge management (KM) has proven to be one of the major factors contributing to enhanced business outcomes. Furthermore, knowledge sharing (KS) is one of the most critical of all KM activities. From a manufacturing industry perspective, supply chain management (SCM) and product development process (PDP) activities, require a high proportion of company resources such as budget and manpower. Therefore, manufacturing companies are striving to strengthen SCM, PDP and KS activities in order to accelerate rates of manufacturing process improvement, ultimately resulting in higher levels of business performance (BP). A theoretical framework along with a number of hypotheses are proposed and empirically tested through correlation, factor and path analyses. Design/methodology/approach: A questionnaire survey was administered to a sample of electronic manufacturing companies operating in Taiwan to facilitate testing the proposed relationships. More than 170 respondents from 83 organisations responded to the survey. The study identified top management commitment and employee empowerment, supplier evaluation and selection, and design simplification and modular design as the key business activities that are strongly associated with the business performance. Findings: The empirical study supports that key manufacturing business activities (i.e., SCM, PDP, and KS) are positively associated with BP. The findings also evealed that some specific business activities such as SCMF1,PDPF2, and KSF1 have the strongest influencing power on particular business outcomes (i.e., BPF1 and BPF2) within the context of electronic manufacturing companies operating in Taiwan. Practical implications: The finding regarding the relationship between SCM and BP identified the essential role of supplier evaluation and selection in improving business competitiveness and long term performance. The process of forming knowledge in companies, such as creation, storage/retrieval, and transfer do not necessarily lead to enhanced business performance; only through effectively applying knowledge to the right person at the right time does. Originality/value: Based on this finding it is recommended that companies should involve suppliers in partnerships to continuously improve operations and enhance product design efforts, which would ultimately enhance business performance. Business performance depends more on an employee’s ability to turn knowledge into effective action.
Resumo:
Advances in technology introduce new application areas for sensor networks. Foreseeable wide deployment of mission critical sensor networks creates concerns on security issues. Security of large scale densely deployed and infrastructure less wireless networks of resource limited sensor nodes requires efficient key distribution and management mechanisms. We consider distributed and hierarchical wireless sensor networks where unicast, multicast and broadcast type of communications can take place. We evaluate deterministic, probabilistic and hybrid type of key pre-distribution and dynamic key generation algorithms for distributing pair-wise, group-wise and network-wise keys.
Resumo:
Key distribution is one of the most challenging security issues in wireless sensor networks where sensor nodes are randomly scattered over a hostile territory. In such a sensor deployment scenario, there will be no prior knowledge of post deployment configuration. For security solutions requiring pair wise keys, it is impossible to decide how to distribute key pairs to sensor nodes before the deployment. Existing approaches to this problem are to assign more than one key, namely a key-chain, to each node. Key-chains are randomly drawn from a key-pool. Either two neighbouring nodes have a key in common in their key-chains, or there is a path, called key-path, among these two nodes where each pair of neighbouring nodes on this path has a key in common. Problem in such a solution is to decide on the key-chain size and key-pool size so that every pair of nodes can establish a session key directly or through a path with high probability. The size of the key-path is the key factor for the efficiency of the design. This paper presents novel, deterministic and hybrid approaches based on Combinatorial Design for key distribution. In particular, several block design techniques are considered for generating the key-chains and the key-pools. Comparison to probabilistic schemes shows that our combinatorial approach produces better connectivity with smaller key-chain sizes.
Resumo:
Secure communications in distributed Wireless Sensor Networks (WSN) operating under adversarial conditions necessitate efficient key management schemes. In the absence of a priori knowledge of post-deployment network configuration and due to limited resources at sensor nodes, key management schemes cannot be based on post-deployment computations. Instead, a list of keys, called a key-chain, is distributed to each sensor node before the deployment. For secure communication, either two nodes should have a key in common in their key-chains, or they should establish a key through a secure-path on which every link is secured with a key. We first provide a comparative survey of well known key management solutions for WSN. Probabilistic, deterministic and hybrid key management solutions are presented, and they are compared based on their security properties and re-source usage. We provide a taxonomy of solutions, and identify trade-offs in them to conclude that there is no one size-fits-all solution. Second, we design and analyze deterministic and hybrid techniques to distribute pair-wise keys to sensor nodes before the deployment. We present novel deterministic and hybrid approaches based on combinatorial design theory and graph theory for deciding how many and which keys to assign to each key-chain before the sensor network deployment. Performance and security of the proposed schemes are studied both analytically and computationally. Third, we address the key establishment problem in WSN which requires key agreement algorithms without authentication are executed over a secure-path. The length of the secure-path impacts the power consumption and the initialization delay for a WSN before it becomes operational. We formulate the key establishment problem as a constrained bi-objective optimization problem, break it into two sub-problems, and show that they are both NP-Hard and MAX-SNP-Hard. Having established inapproximability results, we focus on addressing the authentication problem that prevents key agreement algorithms to be used directly over a wireless link. We present a fully distributed algorithm where each pair of nodes can establish a key with authentication by using their neighbors as the witnesses.
Resumo:
Australian and international evidence suggests that, in the work-related driving context, road crashes account for a substantial number of occupational incidents. In the attempt to reduce injury and improve safety, organisations may implement an array of strategies and interventions ranging from policy development and implementation, vehicle selection and incident monitoring through to education and awareness-raising. This conceptual paper discusses aspects relating to the latter collection of interventions and, in particular, the role, and some key considerations with respect to the content and dissemination, of advertising campaigns and educational awareness workshops. In relation to advertising campaigns, this paper discusses how some of the overarching principles associated with advertising in the broader general community road safety strategy also apply within the work-related road safety context. Specifically, advertising campaigns/materials should be viewed as a key component within a dedicated organisational approach to road (driver) safety. This dedicated approach would need to comprise of a number, and varied array, of strategies. In addition, the content of, and medium/s (e.g., posters) by which to deliver such advertising campaigns, cannot be addressed by a one-size-fits all approach but, rather, requires careful consideration of the needs as well as characteristics of specific organisations and their driver fleet. The paper provides a summary of some key considerations when devising an advertising campaign, including the nature of campaign/message content as well as the processes by which to devise and refine such content. In relation to driver education awareness workshops, this paper outlines the key considerations for delivering a series of workshops specifically aimed at occupational driving within the organisational context. A case study approach will be utilised to demonstrate the manner in which educational awareness workshops can compliment successful advertising campaigns promoting safer work related driving through better risk management practice. Research underpinning the development of driver behaviour modification tools incorporated within the workshops will also be discussed along with the mechanisms utilised to encourage improvements in driver monitoring and behaviour. In an effort to assist organisations with their continual search for cost-effective approaches which may, ultimately, contribute to improvements in driver behaviour and safety, the current paper offers some clear and practical suggestions in relation to the development and dissemination of two types of interventions, advertising campaigns and education awareness workshops.
Resumo:
Mesenchymal stem cells (MSCs) are multi-potent cells that can differentiate into various cell types and have been used widely in tissue engineering application. In tissue engineering, a scaffold, MSCs and growth factors are used as essential components and their interactions have been regarded to be important for regeneration of tissues. A critical problem for MSCs in tissue engineering is their low survival ability and functionality. Most MSCs are going to be apoptotic after transplantation. Therefore, increasing MSC survival ability and functionalities is the key for potential applications of MSCs. Several approaches have been studied to increase MSC tissue forming capacity including application of growth factors, overexpression of stem cell regulatory genes and improvement of biomaterials for scaffolds. The effects of these approaches on MSCs have been associated with the activation of the PI3K/Akt signaling pathway. The pathway plays central regulatory roles in MSC survival, proliferation, migration, angiogenesis, cytokine production and differentiation. In this review, we summarize and discuss the literatures related to the roles of the PI3K/Akt pathway in the functionalities of MSCs and the involvement of the pathway in biomaterials-increased MSC functinalities. Biomaterials have been modified in their properties, surface structure and loaded with growth factors to increase MSC functionalities. Several studies demonstrated that the biomaterials-increased MSC functionalities are mediated by the activation of the PI3K/Akt pathway.
Resumo:
In the construction industry, contractors have to improve the efficiency of markup decision-making to survive from fierce business competition. The effect of client type on markup decision has been aware in previous studies and contractors are advocated to take account of decision factors properly when they are confronted with different types of projects. Nevertheless, the rationales behind the inclusion of different factors in markup decision-making for different projects sustain unknown. In this study, fifty-three factors were identified after extensive literature review and interviews with professionals. The identified factors were afterwards grouped under the headings of nine attributes and compiled in a questionnaire for survey in China. Using the Hotelling’s T-square test, it is found that three attributes (i.e., project characteristic, client characteristic, and macro condition) can explain the effect of client type on contractors’ markup decision. The research findings provide useful insights into the cognition of bid pricing as well as the improvement of bidding efficiency. While the research works were situated in China, contractors in other countries could benefit from the research findings in a similar vein.
Resumo:
Authenticated Encryption (AE) is the cryptographic process of providing simultaneous confidentiality and integrity protection to messages. This approach is more efficient than applying a two-step process of providing confidentiality for a message by encrypting the message, and in a separate pass providing integrity protection by generating a Message Authentication Code (MAC). AE using symmetric ciphers can be provided by either stream ciphers with built in authentication mechanisms or block ciphers using appropriate modes of operation. However, stream ciphers have the potential for higher performance and smaller footprint in hardware and/or software than block ciphers. This property makes stream ciphers suitable for resource constrained environments, where storage and computational power are limited. There have been several recent stream cipher proposals that claim to provide AE. These ciphers can be analysed using existing techniques that consider confidentiality or integrity separately; however currently there is no existing framework for the analysis of AE stream ciphers that analyses these two properties simultaneously. This thesis introduces a novel framework for the analysis of AE using stream cipher algorithms. This thesis analyzes the mechanisms for providing confidentiality and for providing integrity in AE algorithms using stream ciphers. There is a greater emphasis on the analysis of the integrity mechanisms, as there is little in the public literature on this, in the context of authenticated encryption. The thesis has four main contributions as follows. The first contribution is the design of a framework that can be used to classify AE stream ciphers based on three characteristics. The first classification applies Bellare and Namprempre's work on the the order in which encryption and authentication processes take place. The second classification is based on the method used for accumulating the input message (either directly or indirectly) into the into the internal states of the cipher to generate a MAC. The third classification is based on whether the sequence that is used to provide encryption and authentication is generated using a single key and initial vector, or two keys and two initial vectors. The second contribution is the application of an existing algebraic method to analyse the confidentiality algorithms of two AE stream ciphers; namely SSS and ZUC. The algebraic method is based on considering the nonlinear filter (NLF) of these ciphers as a combiner with memory. This method enables us to construct equations for the NLF that relate the (inputs, outputs and memory of the combiner) to the output keystream. We show that both of these ciphers are secure from this type of algebraic attack. We conclude that using a keydependent SBox in the NLF twice, and using two different SBoxes in the NLF of ZUC, prevents this type of algebraic attack. The third contribution is a new general matrix based model for MAC generation where the input message is injected directly into the internal state. This model describes the accumulation process when the input message is injected directly into the internal state of a nonlinear filter generator. We show that three recently proposed AE stream ciphers can be considered as instances of this model; namely SSS, NLSv2 and SOBER-128. Our model is more general than a previous investigations into direct injection. Possible forgery attacks against this model are investigated. It is shown that using a nonlinear filter in the accumulation process of the input message when either the input message or the initial states of the register is unknown prevents forgery attacks based on collisions. The last contribution is a new general matrix based model for MAC generation where the input message is injected indirectly into the internal state. This model uses the input message as a controller to accumulate a keystream sequence into an accumulation register. We show that three current AE stream ciphers can be considered as instances of this model; namely ZUC, Grain-128a and Sfinks. We establish the conditions under which the model is susceptible to forgery and side-channel attacks.