Secure and Prepared Newsletter, January 2016, Vol. 12, no. 1

A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.

Secure and Prepared Newsletter, February 2016, Vol. 12, no. 2

A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.

Secure and Prepared Newsletter, March 2016, Vol. 12, no. 3

A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.

Secure and Prepared Newsletter, April 2016, Vol. 12, no. 4

A bi-weekly newsletter for those involved in the fields of homeland security and/or emergency management.

Promoting the development of secure mobile agent applications

Peer-reviewed

Towards secure mobile P2P applications using JXME

Mobile devices have become ubiquitous, allowing the integration of new information from a large range of devices. However, the development of new applications requires a powerful framework which simplifies their construction. JXME is the JXTA implementation for mobile devices using J2ME, its main value being its simplicity when creating peer-to-peer (P2P) applications on limited devices. On that regard, an issue that is becoming veryimportant in the recent times is being able to provide a security baseline to such applications. This paper analyzes the currentstate of security in JXME and proposes a simple security mechanism in order to protect JXME applications against a broad range of vulnerabilities.

A Secure and Anonymous Cooperative Sensing Protocol for Cognitive Radio Networks

Spectrum is an essential resource for the provision of mobile services. In order to control and delimit its use, governmental agencies set up regulatory policies. Unfortunately, such policies have led to a deficiency of spectrum as only few frequency bands are left unlicensed, and these are used for the majority of new emerging wireless applications. One promising way to alleviate the spectrum shortage problem is adopting a spectrum sharing paradigm in which frequency bands are used opportunistically. Cognitive radio is the key technology to enable this shift of paradigm.Cognitive radio networks are self-organized systems in which devices cooperate to use those spectrum ranges that are not occupied by licensed users. They carry out spectrum sensing in order to detect vacant channels that can be used for communication. Even though spectrum sensing is an active area of research, an important issue remains unsolved: the secure authentication of sensing reports. Not providing security enables the input of false data in the system thus empowering false results. This paper presents a distributed protocol based on wireless physical layer security, symmetric cryptography and one-way functions that allows determining a final sensing decision from multiple sources in a quick and secure way, as well as it preserves users¿ privacy.

VoIP: Making Secure Calls and Maintaining High Call Quality

Modern multimedia communication tools must have high security, high availability and high quality of service (QoS). Any security implementation will directly impact on QoS. This paper will investigate how end-to-end security impacts on QoS in Voice over Internet Protocol (VoIP). The QoS is measured in terms of lost packet ratio, latency and jitter using different encryption algorithms, no security and just the use of IP firewalls in Local and Wide Area Networks (LAN and WAN). The results of laboratory tests indicate that the impact on the overall performance of VoIP depends upon the bandwidth availability and encryption algorithm used. The implementation of any encryption algorithm in low bandwidth environments degrades the voice quality due to increased loss packets and packet latency, but as bandwidth increases encrypted VoIP calls provided better service compared to an unsecured environment.

A Secure Cooperative Sensing Protocol for Cognitive Radio Networks

Cognitive radio networks sense spectrum occupancyand manage themselves to operate in unused bands without disturbing licensed users. Spectrum sensing is more accurate if jointly performed by several reliable nodes. Even though cooperative sensing is an active area of research, the secureauthentication of local sensing reports remains unsolved, thus empowering false results. This paper presents a distributed protocol based on digital signatures and hash functions, and ananalysis of its security features. The system allows determining a final sensing decision from multiple sources in a quick and secure way.

A Secure Mobile-based Authentication System

Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable.We propose a challengeresponse based one-time password (OTP) scheme that uses symmetriccryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks.Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their owntrusted computers.

Secure Dynamic MANET On-demand (SEDYMO) Routing Protocol

This paper describes the state of the art of secure ad hoc routing protocols and presents SEDYMO, a mechanism to secure a dynamic multihop ad hoc routing protocol. The proposed solution defeats internal and external attacks usinga trustworthiness model based on a distributed certification authority. Digital signatures and hash chains are used to ensure the correctness of the protocol. The protocol is compared with other alternatives in terms of security strength, energy efficiency and time delay. Both computational and transmission costs are considered and it is shown that the secure protocol overhead is not a critical factor compared to the high network interface cost.

Product Standardization of Shell and Tube Heat Exchangers

Diplomityön tavoitteena oli selvittää, kuinka kohdeyrityksessä nykyhetkellä pitkältiräätälöitynä tuotetut putkilämmönvaihtimet voitaisiin standardisoida, jotta pystyttäisiin kohdistamaan resursseja oikein ja parantamaan siten yrityksen taloudellista suorituskykyä. Tutkimuksen edetessä määräävimmäksi tekijäksi työn tuloksia ajatellen nousi taloudellinen standardisointiaste, jonka perusteeksi kohdeyrityksen putkilämmönvaihtimissa valittiin standardisoitu suunnitteluohjeisto. Suunnitteluohjeiston lisäksi tuotestandardiin liitettiin ehdotus toimintapojen automatisoimisesta parametrisen valintataulukon sekä sähköisen manuaalin avulla. Työssä tuotestandardisointia tarkastellaan rationalisointi-investointina ja sen kannattavuutta on tarkasteltu investointilaskelmien sekä herkkyys analyysin avulla. Alkuarvot investointilaskelmissa perustuvat työssä yhdelle putkilämmönvaihtimelletoteutettuun tuotestandardisointitapaan, jos tätä tapaa käytettäisiin jatkossa kaikkiin kyseisen yksikön putkilämmönvaihtimiin.