Instytut Podstawowych Problemów Techniki

Streszczenie:

Broadcasting is a message-transferring method characteristic for majority of sensor networks. Broadcast encryption (BE) is broadcasting encrypted messages in such a way that only legitimate nodes of a network can decrypt them. It has many potential applications in distributed wireless sensor networks (WSNs) but perfect deploying of that method is very difficult. This is because of a WSN is a very dynamic network which includes nodes with limited computational, storage, and communication capabilities. Furthermore, an attacker in this environment is powerful. He can eavesdrop, modify, and inject messages or even capture a large number of nodes, so the solutions must be both secure and efficient. This paper describes several BE schemes from the point of view of WSNs. We present in details the schemes called onetime, and we show how these methods can be applied in distributed sensor networks. We mainly focus on data origin authentication and rekeying processes, crucial for security in such a hostile environment. An analysis and evaluations of proposed schemes are also provided.

Afiliacje autorów:

Streszczenie:

This paper concerns the applicability of reputations systems for assessing Quality of Experience (QoE) for web services in the Future Internet. Reputation systems provide mechanisms to manage subjective opinions in societies and yield a general scoring of a particular behavior. Thus, they are likely to become an important ingredient of the Future Internet. Parameters under evaluation by a reputation system may vary greatly and, particularly, may be chosen to assess the users’ satisfaction with (composite) web services. Currently, this satisfaction is usually expressed by QoE, which represents subjective users’ opinions. The goal of this paper is to present a novel framework of web services where a reputation system is incorporated for tracking and predicting of users’ satisfaction. This approach is a beneficial tool which enables providers to facilitate service adaptation according to users’ expectations and maintain QoE at a satisfactory level. Presented reputation systems operate in an environment of composite services that integrate client and server-side. This approach is highly suitable for effective QoE differentiating and maximizing user experience for specific customer profiles as even the service and network resources are shared.

Słowa kluczowe:

Reputation systems, Quality of Experience (QoE), Web services, Service composition, Future Internet

Afiliacje autorów:

Streszczenie:

In this paper we propose a new optimality measure for Wireless Sensor Network-based structural monitoring systems. First, we present the results of experiments showing the reasons for random effects in Wireless Sensor Network (WSN) functioning. Then, the formulas for calculating a network’s reputation measure are given. Finally, we conclude with arguments for the application of the reputation-based optimality measure in WSNs. We propose significantly new recommendations for the design and usage of WSNs.

Słowa kluczowe:

Optimal sensors’ location, Wireless Sensor Network, Reputation system, Structural monitoring

Afiliacje autorów:

Streszczenie:

Symmetric block ciphers are usually used in WSN for security services. This paper puts forward the idea of using advanced modes of operation of symmetric block ciphers to achieve confidentiality and authentication in one cryptographic operation. The modes of operation approved by NIST that is CMAC, CCM, GCM/GMAC are applied here. The benchmarks of these approaches in the terms of efficiency of nodes in WSN are presented.

Słowa kluczowe:

Wireless sensor network, Cryptographic protocols, Block cipher modes, Sensor's security, Utilization efficiency

Afiliacje autorów:

Streszczenie:

In the paper we present the specific conditions that appear in structures' monitoring by means of Wireless Sensor Networks (WSN). First, we introduce the problem of optimal sensors' location for structures monitoring and its specific constraints if one uses WSN. We formulate the conditions that must be taken into account during optimization. Then, we give an example of temperature measurements and formulate the procedure that leads to finding optimal wireless sensors locations. Finally, we present the experimental observations of wireless sensors in the network that strongly affect on the temperature estimation on a basis of the collected measurements. We conclude with remarks concerning WSN practical design for permanent structures' monitoring to obtain exact and reliable results.

Afiliacje autorów:

Streszczenie:

Electronic services in dynamic environment (e.g. e-government, e-banking, e-commerce, etc.), meet many different barriers reducing their efficient applicability. One of them is the requirement of information security when it is transmitted, transformed, and stored in an electronic service. It is possible to provide the appropriate level of security by applying the present-day information technology. However, the level of protection of information is often much higher than it is necessary to meet potential threats. Since the level of security strongly affects the performance of the whole system, the excessive protection decreases its reliability and availability and, as a result, its global security. In this paper we present a mechanism of adaptable security for, digital information transmission systems (being usually the crucial part of e-service). It makes it possible to guarantee the adequate level of protection for actual level of threats dynamically changing in the environment. In our model the basic element of the security is the Public Key Infrastructure (PKI) is enriched with specific cryptographic modules.

Słowa kluczowe:

Network security, Information security, Cryptographic protocol, Cryptography, Risk management, Scalable security

Afiliacje autorów:

Streszczenie:

In the paper we propose a general, abstract framework for Automatic Secret Generation and Sharing (ASGS) that should be independent of underlying Secret Sharing Scheme (SSS). ASGS allows to prevent the Dealer from knowing the secret. The Basic Property Conjecture (BPC) forms the base of the framework. Due to the level of abstraction, results are portable into the realm of quantum computing.

Two situations are discussed. First concerns simultaneous generation and sharing of the random, prior nonexistent secret. Such a secret remains unknown until it is reconstructed. Next, we propose the framework for automatic sharing of a known secret. In this case the Dealer does not know the secret and the secret Owner does not know the shares. We present opportunities for joining ASGS with other extended capabilities, with special emphasis on PVSS and pre-positioned secret sharing. Finally, we illustrate framework with practical implementation.

Słowa kluczowe:

Secret sharing, Security protocols, Dependable systems, Authentication management

Afiliacje autorów:

Streszczenie:

The recent developments in the mobile technology (mobile phones, middleware) created a need for new methods of protecting the code transmitted through the network. The oldest and the simplest mechanisms concentrate more on integrity of the code itself and on the detection of unauthorized manipulation. The newer solutions not only secure the compiled program, but also the data, that can be gathered during its journey and even the execution state. Some other approaches base on prevention rather than detection. This paper describes a new idea of securing mobile agents. The presented method protects all: the code, the data and the execution state. The proposal is based on a zero-knowledge proof system and a secure secret sharing scheme, two powerful cryptographic primitives. The paper also includes security analysis of the new method and comparison to currently most widespread solutions.

Słowa kluczowe:

Agent systems, cryptographic protocols, integrity, mobile code

Afiliacje autorów:

Streszczenie:

Pseudorandom number generators are used in many areas of contemporary technology such as modern communication systems and engineering applications. In recent years a new approach to secure transmission of information based on the application of the theory of chaotic dynamical systems has been developed. In this paper we present a method of generating pseudorandom numbers applying discrete chaotic dynamical systems. The idea of construction of chaotic pseudorandom number generators (CPRNG) intrinsically exploits the property of extreme sensitivity of trajectories to small changes of initial conditions, since the generated bits are associated with trajectories in an appropriate way. To ensure good statistical properties of the CPRBG (which determine its quality) we assume that the dynamical systems used are also ergodic or preferably mixing. Finally, since chaotic systems often appear in realistic physical situations, we suggest a physical model of CPRNG.

Afiliacje autorów:

Streszczenie:

In the paper we propose a method of constructing cryptosystems, utilizing a nonpredictability property of discrete chaotic systems. We point out the requirements for such systems to ensure their security. The presented algorithms of encryption and decryption are based on multiple iteration of a certain dynamical chaotic system coming from gas dynamics models. A plaintext message specifies a part of the initial condition of the system (a particle's initial position). A secret key specifies the remaining part of initial condition (the particle's initial angle) as well as a sequence of discrete choices of the pre-images in the encryption procedure. We also discuss problems connected with the practical realization of such chaotic cryptosystems. Finally we demonstrate numerical experiments illustrating the basic properties of the proposed cryptosystem.

Afiliacje autorów:

Streszczenie:

When analysing the problem of the positioning accuracy of robot manipulators it is important to know how far random deviations of the hand may be from the desired position if the joint positioning errors possess a normal distribution. Two methods of determining the ellipses and ellipsoids of probability concentration are compared. The first of them is based on the standard procedure of the probability calculus. The second approximate method consists in finding at first the polygon or polyhedron of the positioning accuracy, and then in finding the ellipse or ellipsoid with principal axes and second order moments coinciding with those of the polygon or polyhedron, respectively. Examples of application demonstrate that these two methods give very close results.

Afiliacje autorów:

Streszczenie:

Cryptographic protocols are secure due to application of security services. The security services applied for their protection can be classified into the three groups: hard, soft and extended. Among the extended ones, we can point out to the availability of the goal of the security protocol, which guarantees that protocols aims are achieved. In the real-time protocols as the video conference, the goal is both secure data transmission and good signal quality. When one of the goals is not ensured, the availability of the goal of the protocol is not guaranteed and the cryptographic protocol can not be realized. In this article we present the methodology of obtaining the balance between the quality of the signal in real-time systems and accomplishment of the required security services. Finally, the case study of video conference secured by VPN connections, is presented.

Afiliacje autorów:

Streszczenie:

A new agent-based scheme for secure electronic voting is proposed in the paper. The scheme is universal and can be realized in a network of stationary and mobile electronic devices. The proposed mechanism supports the implementation of a user interface simulating traditional election cards, semi-mechanical voting devices or utilization purely electronic voting booths. The security mechanisms applied in the system are based on verified cryptographic primitives: the secure secret sharing scheme and Merkle's puzzles. Due to pre-computations during the generation of agent, the voter need not to do computations. The proposed distributed trust architecture makes the crucial stage of sending votes elastic, reliable, and effective.

Słowa kluczowe:

electronic elections, secret sharing scheme, Merkle's puzzles, mixnets, mobile agent security, distributed trust

Afiliacje autorów:

Streszczenie:

In this paper we propose a new, lightweight, no bandwidth consuming authentication and integrity scheme for VoIP service based on SIP as a signalling protocol. It is shared password mechanism and this solution exploits digital watermarking. Nowadays, there are many applications of this technique, such as solving copyright protection problems, but we propose to use it to secure the transmitted audio and signalling protocol that IP Telephony is based on simultaneously. This solution can be the potential answer to the problem VoIP faces today: finding a scalable and universal mechanism for securing VoIP traffic (voice and the signalling protocol messages) at the same time. It can greatly improve, if we combine it with existing security mechanisms, overall IP Telephony system’s security.

Afiliacje autorów:

Streszczenie:

This paper will concern itself with a formulation of a traffic analysis problem for mobile agents. It is an interesting theoretical problem as well as a critical feature when using agents on a massive scale in decision making systems. The decision making systems are applied to demanding and complex environments such as stock markets. The mobile agents used are natural targets for attacks because they provide information for decision making. The resulting information can have a value measured in millions of dollars and information of such a high value attracts potential attacks. An efficient way to attack the user of decision making systems is to learn her strategy and respond in kind. In this respect even passive observation of agents can provide useful data, namely what information they are gathering. A common first defense is to provide anonymity for mobile agents. However, what happens when anonymity is gone? What information then becomes available and what steps will the user take? Yet, the problem has not been previously formulated for such a framework. We formulate it in terms of various factors used for traffic analysis. These factors originate from different side channels that provide information on the operating agents. At the end we state a paradox, which links an excessive use of countermeasures against traffic analysis with weakening system security.

Słowa kluczowe:

Mobile agents security, security protocols, traffic analysis, side channel attacks

Afiliacje autorów: