Earticle

Now days, Data security is very challenging issue that touches many areas including computers and communication. Recently, we came across many attacks on cyber security that have played with the confidentiality of the users. These attacks just broke all the security algorithms and affected the confidentiality, authentication, integrity, availability and identification of user data. Cryptography is one such way to make sure that confidentiality, authentication, integrity, availability and identification of user data can be maintained as well as security and privacy of data can be provided to the user. Encryption is the process of converting normal data or plaintext to something incomprehensible or cipher-text by applying mathematical transformations or formulae. These mathematical transformations or formulae used for encryption processes are called algorithms. We have analysed ten data encryption algorithms DES, Triple DES, RSA, AES, ECC, BLOWFISH, TWOFISH, THREEFISH, RC5 and IDEA etc. Among them DES, Triple DES, AES, RC5, BLOWFISH, TWOFISH, THREEFISH and IDEA are symmetric key cryptographic algorithms. RSA and ECC are asymmetric key cryptographic algorithms. In this paper, we have analysed various encryption algorithms on the basis of different parameters and compared them to choose the best data encryption algorithm so that we can use it in our future work.

VANETs (Vehicular Ad-hoc Networks) are a next-generation networking technology that provides communication between vehicles or between a vehicle and an RSU (Road Side Unit) using wireless communication. A vehicle accident is likely to cause a serious disaster. Therefore, the VANET system provides an essential information exchange protocol for communication between vehicles. However, a key exchange scheme based on the proposed general network for a high-speed communication environment is not suitable for vehicles. In this paper, the first communication from the RSU passes only group keys. Then it updates the key value in the communication with the vehicle using Bloom filters to verify the proposed method. In the proposed scheme in VANET, dispersed operations are carried out in the RSU. By reducing to a minimum the number of keys exchanged, more secure group communication can be realized. In this paper, we proposed a message batch verification scheme using Bloom Filter that can verify multiple messages and handover authentication efficiently even for multiple communications with many vehicles.

Although there are many studies on the adoption intentions for smartphone-based mobile banking, there is no apparent effect on the popularity of it. This is because the smartphone users have a resistance to innovation on mobile banking. The purpose of this study is to identify and analyze the relationship between user resistance and different factors from innovation and user’s characteristics. Thereafter, important factors are identified which mainly affect/determine user resistance to mobile banking. Survey research of this study was conducted around university undergraduates, graduate students, and employees in Henan of China. The results of this study are as follows. Social Influence and Perceived Complexity have positive effect on Perceived Risk, and Trust has negative effect on Perceived Risk, Perceived Security and Perceived Protection of Private information have no effect on Perceived Risk. Perceived Risk has positive effect on User Resistance.

Machiavellianism is deemed as one of the dark personalities. Knowledge hiding refers to employee’s intentional attempt to withhold or conceal knowledge that has been requested by another person, and it is comprised of three related sub-dimensions: playing dumb, evasive hiding, and rationalized hiding. The present research examines the relationship between Machiavellianism and knowledge hiding, as well as the moderating roles of demographic variables (gender, age, and educational level). 360 individual data were used to test our hypotheses. Results show that Machiavellianism is positively related to the overall knowledge hiding, playing dumb, and evasive hiding, but unrelated to rationalized hiding. In addition, employees’ knowledge hiding decreases with age. The moderating effects of demographic variables are not supported in this study. Contributions, limitations, and future directions are discussed at the end.

Many enterprises are adopting Mobile Device Management systems to monitor the status and control the functionalities of smart phones and tablet PCs in order to solve the security problems of confidential enterprise data being leaked whenever a device is misused or lost. However, no criteria have been established as yet to evaluate whether such Mobile Device Management systems correctly provide the basic security functions needed by enterprises and whether such functions have been securely developed. Therefore, this paper proposes security requirements of a Mobile Device Management system by modeling a threat and applying a security requirement engineering methodology based on Common Criteria.

As the USIM technologies are evolving to include high speed CPU, mass storage devices, and high speed serial interfaces, various services are to be available through those technologies. The high capacity USIM card is a combination of IC card and high capacity flash memory. Because the flash memory does not provide security, additional protection technologies need to be incorporated for privacy issues and data protection. In this paper, we defined the security models for each service that can be provided from high capacity USIM card and proposed eligible architectures and security schemes for internal storage of the smartcard. Consequently, the results of this study are expected to be widely applied to development of high capacity USIM and the related commercial services as a foundation technology or references.

In this paper, we propose a model that can effectively select cyber targets when acquiring cyber weapons systems. Cyber target selection is the process of deriving the most vulnerable part of the target system. Cyber target selection is carried out with 3 components such as ‘center of gravity’, ‘target attribute and control characteristics’, and ‘type and characteristics of information communication system’. Gravity refers to the weakest part of the enemy (security holes), and the security holes that cause the most decisive effects when cyber-attacks are happening. The target attributes are classified into the geographical attributes where the target is, the functional attributes which tasks are performed, and the human attributes who uses and who owns them. Control characteristics are the factors that determine how an attack effect on a potential target system occurs by cyber weapons systems or operations. When a cyber-attack target is selected, the final attack target is selected by the form, characteristic, and function by distinguishing the target of the center, the target of the layer, and the list of the information communication system. And then, the main attack points that are targets of actual cyber operations are selected based on the selected cyber targets.

Students’ educational records such as exam score and academic achievement should be considered as sensitive information. According to the federal student privacy law, individual scores should not be posted publicly. If a secure online management system is well-equipped in the school, then it is easy to distribute individual data in a privacy preserving way. However, in general, such a centralized system costs high and is not flexible enough to be used for instant score report after each exam. In this paper, we propose a practical way for an instructor to post students’ individual exam scores online in a single file. By implementing a cryptographic hash function together with score data in an MS Excel file, we demonstrate a score report from which allows each student to retrieve his/her score with his/her own password. Based on our worksheet as a template, it is easy for instructors to write their own score reports without relying on any heavy management systems. Since our score report is implemented in MS Excel worksheets, students find out their scores with Excel program or viewers even in their mobile phones without installing any other programs or apps. Also, it is cryptographically as secure as underlying hash function SHA-256.

Computer network vulnerability analysis is a method of analysis and evaluation of network security beforehand. The attacks method has occurred in the network, the previous network status change as input information, calculated by the model analysis. Forecasting network node may be network attacks given the current security level value network, network security reinforcement measures taken before the danger. Administrators can proactively identify network security issues, to take measures in advance to avoid information leakage, financial losses, ensure the safety of individuals and countries. Therefore, vulnerability analysis computer network is very important. Based on the properties of attack graph shows the method of attack graphs to Bayesian network transformation, using the new algorithm to eliminate loops attribute attack graph optimization, building the Bayesian attribute attack graph model used to evaluate the network itself security situation. In this model, based on Bayes formula for calculating the probability of a new node probability calculation formula and attack paths occur for calculating network vulnerability assessment of the quantitative indicators. The model not only can visually process description of cyber attacks, but also into the Bayesian network probabilistic thinking of possible network attack path prediction and assessment.

This paper proposes a novel watermarking scheme against geometric attacks, combined with the holographic technology and the log-polar transform. In this paper, we first use discrete cosine transform into the original image, then do edge detection for the low frequency part, then do log-polar transform to edge image and make it binarization. We use a key to choose a certain size of the binary image to do holographic processing, then make it binarization and do logical operation with the watermarked image which do Anrold transformation, get the zero-watermarking. Finally, we register it in IPR database to obtain copyright protection. The experimental results show that compared with other zero-watermarking algorithms, this scheme has better robustness. It not only can effectively resist the noise, cropping, JPEG compression and other conventional attacks, but also can effectively resist geometric attacks such as rotation, scaling.