Security and Communication Networks

Cover image for Vol. 8 Issue 4

Early View (Online Version of Record published before inclusion in an issue)

Edited By: Hsiao-Hwa Chen and Hamid R. Sharif

Impact Factor: 0.433

ISI Journal Citation Reports © Ranking: 2013: 66/78 (Telecommunications); 116/135 (Computer Science Information Systems)

Online ISSN: 1939-0122

  1. Research Articles

    1. Attribute-based signature for threshold predicates from lattices

      Qingbin Wang and Shaozhen Chen

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1038

      Thumbnail image of graphical abstract

      This paper presents an attribute-based signature scheme for the case of threshold predicates from lattices. This scheme is existentially unforgeable against selective predicate and static chosen message attacks in the standard model, with respect to the hardness of the small integer solution problem. To the best of our knowledge, this work constitutes the first attribute-based signature scheme based on lattices.

    2. Making air traffic surveillance more reliable: a new authentication framework for automatic dependent surveillance-broadcast (ADS-B) based on online/offline identity-based signature

      Joonsang Baek, Young-ji Byon, Eman Hableel and Mahmoud Al-Qutayri

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1021

      Thumbnail image of graphical abstract

      In this paper, we propose an authentication framework for automatic dependent surveillance-broadcast system for the future e-enabled aircrafts. The proposed framework is based on our new online/offline identity-based signature scheme. This scheme resolves the public-key infrastructure management issue by using the identities of aircrafts as public keys and makes it possible to frequently sign automatic dependent surveillance-broadcast messages exchanged between aircrafts and ground controllers through online/offline signature generation.

    3. A fault recovery-based scheduling algorithm for cloud service reliability

      Ping Qi and Longshu Li

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1017

      Thumbnail image of graphical abstract

      Considered the unreliable and dynamic characteristics of cloud computing, cloud service failures are inevitable, which have an adverse effect on task execution and scheduling. To improve cloud service reliability, we first analyze the fault recovery mechanism, and then, cloud failures considered in this paper are classified into two categories: unrecoverable failures and recoverable failures. By integrating the existing dynamic level scheduling (DLS) algorithm, a novel scheduling algorithm based on fault recovery mechanism named fault recovery-based DLS algorithm is proposed to reduce the failure probability of task assignments. The experimental results confirm that fault recovery mechanism can meet the reliability requirements of cloud computing infrastructures and the proposed algorithm can effectively ensure trustworthy execution of tasks.

    4. Mahalanobis distance similarity measure based distinguisher for template attack

      Hailong Zhang, Yongbin Zhou and Dengguo Feng

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1033

      Thumbnail image of graphical abstract

      In this paper, we propose the Mahalanobis distance similarity measure based template attack (MDSM-based TA). We show the relationship between MDSM-based TA and maximum likelihood principle based TA. Experimental results verify that, in the same attack scenario, the key-recovery efficiency of MDSM-based TA can be higher than that of maximum likelihood principle based TA.

  2. Special Issue Papers

    1. Location-preserved contention-based routing in vehicular ad hoc networks

      Qing Yang, Alvin Lim, Xiaojun Ruan, Xiao Qin and Dongjin Kim

      Article first published online: 11 APR 2014 | DOI: 10.1002/sec.1008

      Thumbnail image of graphical abstract

      Using pseudonyms and dummy distance to destination information, the proposed location preserved contention based routing protocol can achieve 11.7% improvement on network performance and a higher level of location privacy protection compared with the second best protocol-contention-based forwarding active selection.

    2. Single authentication through in convergence space using collaborative smart cameras

      Geon Woo Kim, Jong Wook Han, Deok Gyu Lee and Sang Wook Kim

      Article first published online: 4 APR 2014 | DOI: 10.1002/sec.1007

      Thumbnail image of graphical abstract

      In this paper, we suggest a single authentication through, a scheme to access any ubiquitous service with single authentication at initial stage for efficiently identifying an object moving multiple convergences spaces. This is performed by enabling distributed smart cameras to deliver identifiers temporarily generated during the object's handover.

    3. Towards secure identity management for the smart grid

      Todd Baumeister and Yingfei Dong

      Article first published online: 3 APR 2014 | DOI: 10.1002/sec.996

      Thumbnail image of graphical abstract

      The emerging smart grid incorporates modern information systems with traditional power delivery systems to achieve better control, efficiency, and reliability. However, it also brings potential cyber security risks into the essential power system. Therefore, we need a large-scale framework to address the basic security issues such as identity management in the smart grid. While public key infrastructures (PKIs) have been developed for large-scale distributed information systems, the existing PKI solutions cannot meet the unique requirements of the electrical power grid.

    4. Optimisation-based collaborative determination of component trustworthiness in service compositions

      Hisain Elshaafi and Dmitri Botvich

      Article first published online: 17 MAR 2014 | DOI: 10.1002/sec.985

      Thumbnail image of graphical abstract

      The paper describes an optimisation-based approach for the determination of component service trustworthiness based on the trustworthiness attributes of collaborating composite services. The approach can identify untrustworthy components and detect the trustworthiness of candidate components to be selected for new compositions. The composite services jointly invoke distributed component services. The paper covers some of the important attributes of trustworthy services that are service reliability, reputation and response time.

    5. Server-based code obfuscation scheme for APK tamper detection

      Yuxue Piao, Jin-Hyuk Jung and Jeong Hyun Yi

      Article first published online: 10 MAR 2014 | DOI: 10.1002/sec.936

      Thumbnail image of graphical abstract

      We propose an obfuscation technique based on a client/server model with one-time secret key delivery using SMS or network protocol. The main concept is to store the core execute class file through obfuscation on the server, so when a program needs to execute core routines, it must request these routines from the server. In this way, we can protect Android apps from reverse engineering.

    6. Performance evaluation of collision avoidance schemes in ad hoc networks

      Suryakant Bhandare, Taha Ben Brahim, Saad Biaz and Prathima Agrawal

      Article first published online: 10 MAR 2014 | DOI: 10.1002/sec.959

      Thumbnail image of graphical abstract

      This paper surveys, evaluates, and compares representative schemes aimed to improve IEEE 802.11 distributed coordination function fairness in the presence of hidden and exposed terminals.

    7. Robust three-factor remote user authentication scheme with key agreement for multimedia systems

      Xiong Li, Jianwei Niu, Muhammad Khurram Khan, Junguo Liao and Xiaoke Zhao

      Article first published online: 5 MAR 2014 | DOI: 10.1002/sec.961

      Thumbnail image of graphical abstract

      In this paper, we analyzed the security weaknesses of a biometric-based authentication scheme, which is proposed by An, where An's scheme vulnerable to denial-of-service attack and forgery attack cannot detect unauthorized login quickly and does not provide session key agreement. Then, in order to provide high levels of security for multimedia systems, we design a robust three-factor remote user authentication scheme with key agreement using elliptic curve cryptosystem.

    8. A histogram-based method for efficient detection of rewriting attacks in simple object access protocol messages

      Aziz Nasridinov, Young-Sik Jeong, Jeong-Yong Byun and Young-Ho Park

      Article first published online: 4 MAR 2014 | DOI: 10.1002/sec.934

      Thumbnail image of graphical abstract

      In order to secure the content of simple object access protocol (SOAP) messages in Web services, several security standards of Web service security, such as XML digital signature, are used. However, the content of a SOAP message, protected with XML digital signature, can be altered without invalidating the signature. This is the so-called XML rewriting attack, and it can occur because XML digital signature does not protect the location of the signed element within the SOAP message tree. In this paper, we propose an efficient method for detecting XML rewriting attacks on SOAP message using a histogram.

    9. Cloud-based privacy-preserving aggregation architecture in multi-domain wireless networks

      Weiwei Jia, Haojin Zhu, Suguo Du, Xiaolei Dong and Zhenfu Cao

      Article first published online: 17 JAN 2014 | DOI: 10.1002/sec.950

      Thumbnail image of graphical abstract

      In this paper, we present a novel hybrid cloud-based privacy-preserving outsourced data aggregation framework. Under this framework, we present the protocols to realize the privacy-preserving aggregation and resist the malicious data mining attack. The detailed performance simulations are given to demonstrate the security, effectiveness, and efficiency of the proposed protocols.

  3. SPECIAL ISSUE PAPER

    1. Vulnerability-constrained multiple minimum cost paths for multi-source wireless sensor networks

      Wei An, Song Ci, Haiyan Luo, Yanni Han, Tao Lin, Ding Tang and Ying Qi

      Article first published online: 16 JAN 2014 | DOI: 10.1002/sec.932

      Thumbnail image of graphical abstract

      This paper proposes the link and node vulnerabilities as metrics for characterizing the degree of link and node sharing among paths, develops two polynomial-time algorithms for deriving the node and link vulnerability-constrained minimum cost paths, and analyzes the necessary condition for the solution existence, the optimality of the proposed algorithms, and the related properties of tree network theoretically.

  4. SPECIAL ISSUE PAPERS

    1. Quality of service-aware and security-aware dynamic spectrum management in cyber-physical surveillance systems for transportation

      Pengbo Si, Jia Liu, Yanhua Sun and Yanhua Zhang

      Article first published online: 8 JAN 2014 | DOI: 10.1002/sec.928

      Thumbnail image of graphical abstract

      Taking into account the application layer quality of service and wireless link security, a dynamic spectrum management scheme is proposed to minimize the system cost of cyber-physical surveillance system for transportation. Video distortion is considered as the application layer quality of service metric, and the system cost is defined as a combination of distortion and security cost. The problem is formulated as a restless bandit system to utilize the current and historical information for system optimization.

  5. SPECIAL ISSUE PAPER

    1. A mobile phone-based physical-social location proof system for mobile social network service

      Xudong Ni, Junzhou Luo, Boying Zhang, Jin Teng, Xiaole Bai, Bo Liu and Dong Xuan

      Article first published online: 8 JAN 2014 | DOI: 10.1002/sec.926

      Thumbnail image of graphical abstract

      Location-related mobile social network services rely on people's self-report location claims, which can be easily cheated by malicious users who transmit fake location to access restricted resource. To address this problem, we propose a mobile phone based physical-social location proof system. The core idea is using a set of selective physical encountered people serving as “witnesses” who are co-located in that area. Our experimental results show our system can achieve high accuracy and good performance.

  6. Research Articles

    1. A privacy enhanced device access protocol for an IoT context

      G.M. Køien

      Article first published online: 28 NOV 2013 | DOI: 10.1002/sec.880

      Thumbnail image of graphical abstract

      We increasingly inhabit a world of massively distributed Internet-of-Things devices, but ubiquitous access also means ubiquitous privacy exposure. In this paper, we outline a lightweight and efficient device access protocol that will allow secure and privacy enhanced access to Internet-of-Things devices. We use a novel convoluted scheme together with randomized temporary identities to achieve strong security and credible user privacy.

  7. Special Issue Papers

    1. TCP-polite rate control based on cooperative measurement

      Wen-Yong Wang, Li-Sheng Huang, Chang-Chun Li and Xin Wang

      Article first published online: 18 NOV 2013 | DOI: 10.1002/sec.901

      Thumbnail image of graphical abstract

      A new cooperative transmission control mechanism, called TCP-polite rate control (TPRC), is proposed. In this scheme, the congestion metric of network is obtained with cooperative measurement and feeds back to rate-based pacing mechanism, thus keeping the transmission rate at the lower bound of available bandwidth.

    2. An enhanced security framework for reliable Android operating system

      Jong Hyuk Park, Dohyun Kim, Ji Soo Park and Sangjin Lee

      Article first published online: 13 NOV 2013 | DOI: 10.1002/sec.908

      Thumbnail image of graphical abstract

      In order to provide reliability on Android OS, there is a need to analyze and address these malwares and recover the modified data. In this paper, we propose an enhanced security framework for a reliable Android OS. The framework provides means to prevent influx of malware by examining the Android OS and file system. In addition, it recovers data once deleted by security breaches.

    3. Enforcing mobile security with location-aware role-based access control

      Nils Ulltveit-Moe and Vladimir Oleshchuk

      Article first published online: 13 NOV 2013 | DOI: 10.1002/sec.879

      Thumbnail image of graphical abstract

      This paper describes how location-aware Role-Based Access Control (RBAC) can be implemented on top of Geospatial eXtensible Access Control Markup Language (GeoXACML), in order to provide location-dependent access control and security enhancements for mobile devices, such as location-dependent device locking, firewall, intrusion prevention or payment anti-fraud systems. This solution allows for physical instead of logical addressing of locations, which facilitates easy deployment of location-aware authorisation policies.

SEARCH

SEARCH BY CITATION