Performance Analysis of Novel Randomly Shifted Certification Authority Authentication Protocol for MANETs

The provision of security in mobile ad hoc networks is of paramount importance due to their wireless nature. However, when conducting research into security protocols for ad hoc networks it is necessary to consider these in the context of the overall system. For example, communicational delay associated with the underlying MAC layer needs to be taken into account. Nodes in mobile ad hoc networks must strictly obey the rules of the underlying MAC when transmitting security-related messages while still maintaining a certain quality of service. In this paper a novel authentication protocol, RASCAAL, is described and its performance is analysed by investigating both the communicational-related effects of the underlying IEEE 802.11 MAC and the computational-related effects of the cryptographic algorithms employed. To the best of the authors' knowledge, RASCAAL is the first authentication protocol which proposes the concept of dynamically formed short-lived random clusters with no prior knowledge of the cluster head. The performance analysis demonstrates that the communication losses outweigh the computation losses with respect to energy and delay. MAC-related communicational effects account for 99% of the total delay and total energy consumption incurred by the RASCAAL protocol. The results also show that a saving in communicational energy of up to 12.5% can be achieved by changing the status of the wireless nodes during the course of operation. Copyright (C) 2009 G. A. Safdar and M. P. O'Neill (nee McLoone).

ASICS : authenticated key exchange security incorporating certification systems

Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority (CA) and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope of these models. We provide the first systematic analysis of AKE security incorporating certification systems (ASICS). We define a family of security models that, in addition to allowing different sets of standard AKE adversary queries, also permit the adversary to register arbitrary bitstrings as keys. For this model family we prove generic results that enable the design and verification of protocols that achieve security even if some keys have been produced maliciously. Our approach is applicable to a wide range of models and protocols; as a concrete illustration of its power, we apply it to the CMQV protocol in the natural strengthening of the eCK model to the ASICS setting.

X.509v3 Certificates for Secure Shell authentication

X.509 public key certificates use a signature by a trusted certification authority to bind a given public key to a given digital identity. This document specifies how to use X.509 version 3 public key certificates in public key algorithms in the Secure Shell protocol.

PKI - advantages and obstacles

Electronic communications have become the most important kind of communications in business. However, trust, privacy and security have become the great challenges for business and governments around the globe. The Public Key Infrastructure (PKI) model tries to solve these issues and make the Internet more secure. This paper explains the main purposes of PKI and addresses some of the major issues and obstacles that face PKI technology today.

On data-centric misbehavior detection in VANETs

Detecting misbehavior (such as transmissions of false information) in vehicular ad hoc networks (VANETs) is a very important problem with wide range of implications, including safety related and congestion avoidance applications. We discuss several limitations of existing misbehavior detection schemes (MDS) designed for VANETs. Most MDS are concerned with detection of malicious nodes. In most situations, vehicles would send wrong information because of selfish reasons of their owners, e.g. for gaining access to a particular lane. It is therefore more important to detect false information than to identify misbehaving nodes. We introduce the concept of data-centric misbehavior detection and propose algorithms which detect false alert messages and misbehaving nodes by observing their actions after sending out the alert messages. With the data-centric MDS, each node can decide whether an information received is correct or false. The decision is based on the consistency of recent messages and new alerts with reported and estimated vehicle positions. No voting or majority decisions is needed, making our MDS resilient to Sybil attacks. After misbehavior is detected, we do not revoke all the secret credentials of misbehaving nodes, as done in most schemes. Instead, we impose fines on misbehaving nodes (administered by the certification authority), discouraging them to act selfishly. This reduces the computation and communication costs involved in revoking all the secret credentials of misbehaving nodes. © 2011 IEEE.

Nature et impacts juridiques de la certification dans le commerce électronique sur Internet

Le sujet sur lequel porte la présente étude est inspiré de la problématique à la base du développement du commerce électronique : la confiance. En effet, l’accroissement exponentiel du nombre d’internautes et des sites Web commerciaux pose un sérieux problème à ce niveau. Ces sites présentent au public une information et des services divers, mais peu vérifiables. Ainsi, le principal obstacle au développement du commerce électronique avec les particuliers est le manque de confiance qu’inspirent les lieux visités. En effet, comment savoir si l’entreprise existe, quelles sont ses politiques concernant la sécurité ou la gestion des renseignements personnels, etc. La vérification et la certification des sites apparaissent comme une solution de plus en plus attrayante et utilisée pour ajouter cet élément de confiance. Déjà, de nombreux sceaux de qualité sont apparus sur les sites commerciaux. Certains sceaux portent sur la confidentialité tandis que d’autres ciblent la protection des consommateurs. La certification peut provenir de la compagnie même, d’un tiers certificateur ou d’un organisme public. Ces éléments constituent des balises et repères importants pour le consommateur sur Internet. Toutefois, les incidences légales sont multiples et certains concepts demeurent flous. Pour apporter une réponse à ces questions, nous définirons le concept de certification des sites Web et ses enjeux dont plus particulièrement la problématique de la confiance des consommateurs. Les différents objets de la certification seront analysés, tant au niveau de l’entité, du contenu du site que de la dimension transactionnelle de celui-ci. Les processus possibles et les impacts de la certification occupent la seconde partie du travail. Il s’agit d’examiner successivement les étapes menant à la certification, soit l’établissement des standards, de l’évaluation de l’entité et de la certification elle-même. L’analyse des impacts de la certification, tant sur le plan de la portée, de la responsabilité légale et des effets sur la concurrence de la certification constitue quant à eux, l’aboutissement de la recherche, soit de savoir quel est l’impact juridique d’un tel mécanisme. Le but de la recherche est de permettre au lecteur de mieux cerner ce phénomène de l’utilisation de la certification sur Internet avec ses avantages et ses limites. Certes, cet outil peut s’avérer très utile pour bâtir la confiance des consommateurs, promouvoir l’essor du commerce électronique et constituer une forme d’autoréglementation. Toutefois, mal utilisé ou mal encadré, il peut engendrer l’effet inverse et détruire cette confiance si fragile à construire dans un environnement dématérialisé.

The role of the Hellenic food safety authority in Greece: implementation strategies

During the last 15 years, a series of food scares and crises (BSE, dioxin. foot and mouth disease) have seriously under-mined public confidence in food producers and operators and their capacity to produce safe food. As a result, food safety has become a top priority of the European legislative authorities and systems of national food control have been tightened up and have included the establishment of the European Food Safety Authority. In Greece a law creating the Hellenic Food Safety Authority has been approved. The main objectives of this Authority are to promote the food security to consumers and inform them of any changes or any development in the food and health sector. The paper reviews the general structure of the current food control system in Greece. It describes the structure and the mission of the Hellenic Food Safety Authority and explains the strategy to carry out inspections and the analysis of the preliminary results of such inspections. Details are also given of the personnel training and certification and accreditation standards to be met by the Authority by the end of 2004. (c) 2005 Elsevier Ltd. All rights reserved.

De-colonising Shakespeare? : Agency and (masculine) authority in Gregory Rogers's The Boy, The Bear, The Baron, The Bard

Underlying social space are territories, lands,geographical domains, the actual geographical underpinnings of the imperial, and also the cultural contest. To think about distant places, to colonize them, to populate or depopulate them: all of this occurs on, about, or because of land. […] Imperialism and the culture associated with it affirm both the primacy of geography and an ideology about control of territory.

Teaching cause-of-death certification : lessons from international experience

The accuracy of cause-of-death statistics substantially depends on the quality of cause-of-death information in death certificates, primarily completed by medical doctors. Deficiencies in cause-of-death certification have been observed across the world, and over time. Despite educational interventions targeting to improve the quality of death certification, their intended impacts are rarely evaluated. This review aims to provide empirical evidence that could guide the modification of existing educational programs, or the development of new interventions, which are necessary to improve the capacity of certifiers as well as the quality of cause-of-death certification, and thereby, the quality of mortality statistics.

Colonising Shakespeare? : agency and authority in Gregory Rogers's Shakespearean picture books

“You need to be able to tell stories. Illustration is a literature, not a pure fine art. It’s the fine art of writing with pictures.” – Gregory Rogers. This paper reads two recent wordless picture books by Australian illustrator Gregory Rogers in order to consider how “Shakespeare” is produced as a complex object of consumption for the implied child reader: The Boy, The Bear, The Baron, The Bard (2004) and Midsummer Knight (2006). In these books other worlds are constructed via time-travel and travel to a fantasy world, and clearly presume reader competence in narrative temporality and structure, and cultural literacy (particularly in reference to Elizabethan London and William Shakespeare), even as they challenge normative concepts via use of the fantastic. Exploring both narrative sequences and individual images reveals a tension in the books between past and present, and real and imagined. Where children’s texts tend to privilege Shakespeare, the man and his works, as inherently valuable, Rogers’s work complicates any sense of cultural value. Even as these picture books depend on a lexicon of Shakespearean images for meaning and coherence, they represent William Shakespeare as both an enemy to children (The Boy), and a national traitor (Midsummer). The protagonists, a boy in the first book and the bear he rescues in the second, effect political change by defeating Shakespeare. However, where these texts might seem to be activating a postcolonial cultural critique, this is complicated both by presumed readerly competence in authorized cultural discourses and by repeated affirmation of monarchies as ideal political systems. Power, then, in these picture books is at once rewarded and withheld, in a dialectic of (possibly postcolonial) agency, and (arguably colonial) subjection, even as they challenge dominant valuations of “Shakespeare” they do not challenge understandings of the “Child”.

The play's the thing? : Hamlet, Slings & Arrows, and the authority of theatrical consumption

This paper reads season 1 of the critically-acclaimed Canadian television series “Slings & Arrows” (2003). This six-episode series is set in a fictionalised version of the Stratford Festival, and tells the story of a plagued production of Shakespeare’s Hamlet. It follows the play’s rehearsal after the death of the festival’s artistic director; Geoffrey Tennant (himself a plagued Hamlet) takes over the role of director, and must face his past in order to produce a Hamlet that will save the festival, redeem his reputation, and repair his interpersonal relationships. Drawing on popular and theatrical understandings of Shakespeare’s play, the series negotiates tropes of metatheatre, filiality, cultural production and consumption, in order to demonstrate the ongoing relevance and legitimacy of “Shakespeare” in the twenty-first century. The “Slings & Arrows” narrative revolves around the doubled-plot of Hamlet and the experiences of the company mounting Hamlet. In quite obvious ways, the show thus thematises ways in which Shakespeare can be used to read one’s own life and world. In the broader sense, however, the show also offers theatre/performance as a catalyst for affect. In doing so, the show functions as a relatively straight adaptation of Hamlet, and a metatheatrical/metafictional commentary on the functions of Hamlet within contemporary culture. In Shakespeare’s play, the production of “The Mouse-Trap” proves, both to Hamlet and the audience, the legitimacy of the ghost’s claims. Similarly, in “Slings & Arrows”, the successful performance of Hamlet legitimises Geoffrey’s position as artistic director of the festival, and affirms for the viewer the value of Shakespearean production in contemporary culture. In each text, theatre/performance enables and legitimises a son carrying out a dead father’s wishes in order to restore or reproduce socio-cultural order. The metatheatrics of these gestures engage the reader/viewer in a self-reflexive process whereby the ‘value’ of theatre is thematised and performed, and the consumer is positioned as the arbiter and agent of that value: complicit in its production even as they are the site of its consumption.

Definition of an airworthiness certification framework for civil unmanned aircraft systems

The development of effective safety regulations for unmanned aircraft systems (UAS) is an issue of paramount concern for industry. The development of this framework is a prerequisite for greater UAS access to civil airspace and, subsequently, the continued growth of the UAS industry. The direct use of the existing conventionally piloted aircraft (CPA) airworthiness certification framework for the regulation of UAS has a number of limitations. The objective of this paper is to present one possible approach for the structuring of airworthiness regulations for civilian UAS. The proposed approach facilitates a more systematic, objective and justifiable method for managing the spectrum of risk associated with the diversity of UAS and their potential operations. A risk matrix is used to guide the development of an airworthiness certification matrix (ACM). The ACM provides a structured categorisation that facilitates the future tailoring of regulations proportionate to the levels of risk associated with the operation of the UAS. As a result, an objective and traceable link may be established between mandated regulations and the overarching objective for an equivalent level of safety to CPA. The ACM also facilitates the systematic consideration of a range of technical and operational mitigation strategies. For these reasons, the ACM is proposed as a suitable method for the structuring of an airworthiness certification framework for civil or commercially operated UAS (i.e., the UAS equivalent in function to the Part 21 regulations for civil CPA) and for the further structuring of requirements on the operation of UAS in un-segregated airspace.