Security and Communication Networks

In this paper, we propose a fine-grained user revocation scheme without affecting any non-revoked users who share the same attributes in ciphertext-policy ABE. The proposed scheme improves the efficiency compared with previous revocable schemes and enhances the security in terms of the backward/forward secrecy on any membership changes in the ciphertext-policy ABE system.

In this paper, we utilize a secure collaborative framework to reduce the risk for central data mining and improve the efficiency of the current generic secure multi-party computation solutions. The collaborative framework is reliable and more flexible regardless of the number of parties involved. Our solution allows all parties to perform concurrent operations and is able to detect and prevent malicious activities such as the man-in-the-middle attack. We demonstrate our method to deal with frequent itemsets mining problem.

CLC protocol is a typical 3PAKE scheme which need not store the security-sensitive table on the server side. However, we find the leakage of verification values will make a man-in-the-middle attack. We describe this attack and present a new improved protocol with lower computational cost.

Before converting a ring signature into an ordinary signature, the proposed scheme allows the real signer to reveal the identity of non-signers gradually. By revealing n-1 non-signers in a 1-out-of-n ring signature, then the ring signature comes to an ordinary signature without signer anonymity.

It has been shown that most of the early proposed ultra-lightweight authentication protocols can be easily broken, so it turned out that designing such protocols is a much deeper task than presumed. This study analyzes a modified version of the stable lightweight mutual authentication protocol denoted by SLMAP*. After exploiting an unnoticed flaw in its design rationale, it is shown that some of the freshly produced variables can be assigned to different values for the reader and the tag that presumably causes a desynchronization vulnerability.

In this paper, we proposed the threat scenario-based SRA method, which can create SRA reports using use case diagrams and threat-scenario templates, and manage security risk directly in ISs. This starts with use case modeling, which can capture and analyze security risk in a simple manner.

We present a robust and adaptive-capacity watermarking algorithm for agglutinative languages. All processes, including the selection of sentences to be watermarked, watermark embedding, and watermark extraction, are based on syntactic dependency trees. We show that it is more robust to use syntactic dependency trees than the surface forms of sentences in text watermarking.

A trust mechanism based task scheduling model for cloud computing is provided. Trust relationship is built among computing nodes by utilizing the Bayesian cognitive method. The trust dynamic level scheduling algorithm can efficiently meet the requirement of cloud computing workloads in trust and assuring the execution of tasks in a secure way.

In convergence networks, the different technologies are integrated to offer the pervasive networking. Although it is able to provide better networking ability, the technical differentiation makes the management be more difficult. Especially when the secure issues are considered, it is significant to develop some proper mechanisms for the convergence environment. In this paper, we proposed a secure authentication mechanism for 3G and WLAN integrated network. The proposal is based on TS 33.234, and improves the security with RFID tags.

Our improvement makes use of both the user's and the server's secrecy to achieve mutual authentication. This results in a two-pass multi-server authentication scheme. We have analyzed the scheme's security regarding several factors such as mutual authentication, perfect forward and backward secrecy, and prevention of smart-card-lost attack and shown it can not only prevent password guessing attack if the smart card is lost but also let the user can choose and change his or her password at will.